2
0

30-extended-master-secret.cnf.in 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
  1. # -*- mode: perl; -*-
  2. # Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. #
  4. # Licensed under the Apache License 2.0 (the "License"). You may not use
  5. # this file except in compliance with the License. You can obtain a copy
  6. # in the file LICENSE in the source distribution or at
  7. # https://www.openssl.org/source/license.html
  8. ## SSL test configurations
  9. package ssltests;
  10. use OpenSSL::Test::Utils;
  11. our @tests = ();
  12. my @tests_tls1_2 = (
  13. {
  14. name => "disable-extended-master-secret-server-sha",
  15. server => {
  16. "Options" => "-ExtendedMasterSecret",
  17. },
  18. client => {
  19. "CipherString" => "AES128-SHA",
  20. "MaxProtocol" => "TLSv1.2"
  21. },
  22. test => {
  23. "ExpectedResult" => "Success",
  24. "FIPSversion" => "<=3.1.0",
  25. },
  26. },
  27. {
  28. name => "disable-extended-master-secret-client-sha",
  29. server => {
  30. },
  31. client => {
  32. "CipherString" => "AES128-SHA",
  33. "Options" => "-ExtendedMasterSecret",
  34. "MaxProtocol" => "TLSv1.2"
  35. },
  36. test => {
  37. "ExpectedResult" => "Success",
  38. "FIPSversion" => "<=3.1.0",
  39. },
  40. },
  41. {
  42. name => "disable-extended-master-secret-both-sha",
  43. server => {
  44. "Options" => "-ExtendedMasterSecret",
  45. },
  46. client => {
  47. "CipherString" => "AES128-SHA",
  48. "Options" => "-ExtendedMasterSecret",
  49. "MaxProtocol" => "TLSv1.2"
  50. },
  51. test => {
  52. "ExpectedResult" => "Success",
  53. "FIPSversion" => "<=3.1.0",
  54. },
  55. },
  56. {
  57. name => "disable-extended-master-secret-both-resume",
  58. server => {
  59. "Options" => "-ExtendedMasterSecret",
  60. },
  61. resume_server => {
  62. },
  63. client => {
  64. "CipherString" => "AES128-SHA",
  65. "Options" => "-ExtendedMasterSecret",
  66. "MaxProtocol" => "TLSv1.2"
  67. },
  68. resume_client => {
  69. "CipherString" => "AES128-SHA",
  70. "MaxProtocol" => "TLSv1.2"
  71. },
  72. test => {
  73. "HandshakeMode" => "Resume",
  74. "ExpectedResult" => "Success",
  75. "FIPSversion" => "<=3.1.0",
  76. },
  77. },
  78. {
  79. name => "disable-extended-master-secret-server-sha2",
  80. server => {
  81. "Options" => "-ExtendedMasterSecret",
  82. },
  83. client => {
  84. "CipherString" => "AES128-SHA256",
  85. "MaxProtocol" => "TLSv1.2"
  86. },
  87. test => {
  88. "ExpectedResult" => "Success",
  89. "FIPSversion" => "<=3.1.0",
  90. },
  91. },
  92. {
  93. name => "disable-extended-master-secret-client-sha2",
  94. server => {
  95. },
  96. client => {
  97. "CipherString" => "AES128-SHA256",
  98. "Options" => "-ExtendedMasterSecret",
  99. "MaxProtocol" => "TLSv1.2"
  100. },
  101. test => {
  102. "ExpectedResult" => "Success",
  103. "FIPSversion" => "<=3.1.0",
  104. },
  105. },
  106. {
  107. name => "disable-extended-master-secret-both-sha2",
  108. server => {
  109. "Options" => "-ExtendedMasterSecret",
  110. },
  111. client => {
  112. "CipherString" => "AES128-SHA256",
  113. "Options" => "-ExtendedMasterSecret",
  114. "MaxProtocol" => "TLSv1.2"
  115. },
  116. test => {
  117. "ExpectedResult" => "Success",
  118. "FIPSversion" => "<=3.1.0",
  119. },
  120. },
  121. );
  122. push @tests, @tests_tls1_2 unless disabled("tls1_2");