2
0

28-seclevel.cnf 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
  1. # Generated with generate_ssl_tests.pl
  2. num_tests = 6
  3. test-0 = 0-SECLEVEL 3 with default key
  4. test-1 = 1-SECLEVEL 4 with ED448 key
  5. test-2 = 2-SECLEVEL 5 server with ED448 key
  6. test-3 = 3-SECLEVEL 5 client with ED448 key
  7. test-4 = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE
  8. test-5 = 5-SECLEVEL 3 with ED448 key, TLSv1.2
  9. # ===========================================================
  10. [0-SECLEVEL 3 with default key]
  11. ssl_conf = 0-SECLEVEL 3 with default key-ssl
  12. [0-SECLEVEL 3 with default key-ssl]
  13. server = 0-SECLEVEL 3 with default key-server
  14. client = 0-SECLEVEL 3 with default key-client
  15. [0-SECLEVEL 3 with default key-server]
  16. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  17. CipherString = DEFAULT:@SECLEVEL=3
  18. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  19. [0-SECLEVEL 3 with default key-client]
  20. CipherString = DEFAULT
  21. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  22. VerifyMode = Peer
  23. [test-0]
  24. ExpectedResult = ServerFail
  25. # ===========================================================
  26. [1-SECLEVEL 4 with ED448 key]
  27. ssl_conf = 1-SECLEVEL 4 with ED448 key-ssl
  28. [1-SECLEVEL 4 with ED448 key-ssl]
  29. server = 1-SECLEVEL 4 with ED448 key-server
  30. client = 1-SECLEVEL 4 with ED448 key-client
  31. [1-SECLEVEL 4 with ED448 key-server]
  32. Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
  33. CipherString = DEFAULT:@SECLEVEL=4
  34. PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
  35. [1-SECLEVEL 4 with ED448 key-client]
  36. CipherString = DEFAULT:@SECLEVEL=4
  37. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
  38. VerifyMode = Peer
  39. [test-1]
  40. ExpectedResult = Success
  41. # ===========================================================
  42. [2-SECLEVEL 5 server with ED448 key]
  43. ssl_conf = 2-SECLEVEL 5 server with ED448 key-ssl
  44. [2-SECLEVEL 5 server with ED448 key-ssl]
  45. server = 2-SECLEVEL 5 server with ED448 key-server
  46. client = 2-SECLEVEL 5 server with ED448 key-client
  47. [2-SECLEVEL 5 server with ED448 key-server]
  48. Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
  49. CipherString = DEFAULT:@SECLEVEL=5
  50. PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
  51. [2-SECLEVEL 5 server with ED448 key-client]
  52. CipherString = DEFAULT:@SECLEVEL=4
  53. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
  54. VerifyMode = Peer
  55. [test-2]
  56. ExpectedResult = ServerFail
  57. # ===========================================================
  58. [3-SECLEVEL 5 client with ED448 key]
  59. ssl_conf = 3-SECLEVEL 5 client with ED448 key-ssl
  60. [3-SECLEVEL 5 client with ED448 key-ssl]
  61. server = 3-SECLEVEL 5 client with ED448 key-server
  62. client = 3-SECLEVEL 5 client with ED448 key-client
  63. [3-SECLEVEL 5 client with ED448 key-server]
  64. Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
  65. CipherString = DEFAULT:@SECLEVEL=4
  66. PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
  67. [3-SECLEVEL 5 client with ED448 key-client]
  68. CipherString = DEFAULT:@SECLEVEL=5
  69. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
  70. VerifyMode = Peer
  71. [test-3]
  72. ExpectedResult = ServerFail
  73. # ===========================================================
  74. [4-SECLEVEL 3 with P-384 key, X25519 ECDHE]
  75. ssl_conf = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl
  76. [4-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl]
  77. server = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-server
  78. client = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-client
  79. [4-SECLEVEL 3 with P-384 key, X25519 ECDHE-server]
  80. Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
  81. CipherString = DEFAULT:@SECLEVEL=3
  82. Groups = X25519
  83. PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
  84. [4-SECLEVEL 3 with P-384 key, X25519 ECDHE-client]
  85. CipherString = ECDHE:@SECLEVEL=3
  86. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
  87. VerifyMode = Peer
  88. [test-4]
  89. ExpectedResult = Success
  90. # ===========================================================
  91. [5-SECLEVEL 3 with ED448 key, TLSv1.2]
  92. ssl_conf = 5-SECLEVEL 3 with ED448 key, TLSv1.2-ssl
  93. [5-SECLEVEL 3 with ED448 key, TLSv1.2-ssl]
  94. server = 5-SECLEVEL 3 with ED448 key, TLSv1.2-server
  95. client = 5-SECLEVEL 3 with ED448 key, TLSv1.2-client
  96. [5-SECLEVEL 3 with ED448 key, TLSv1.2-server]
  97. Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
  98. CipherString = DEFAULT:@SECLEVEL=3
  99. MaxProtocol = TLSv1.2
  100. PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
  101. [5-SECLEVEL 3 with ED448 key, TLSv1.2-client]
  102. CipherString = DEFAULT
  103. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
  104. VerifyMode = Peer
  105. [test-5]
  106. ExpectedResult = Success