openssl/test/ssl-tests/25-cipher.cnf.in

# -*- mode: perl; -*-
# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html


## Test version negotiation

use strict;
use warnings;

package ssltests;
use OpenSSL::Test::Utils;

our $fips_mode;

our @tests = (
    {
        name => "cipher-server-1",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
    },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384"
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
        },
    },
    {
        name => "cipher-server-2",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES128-SHA256"
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
        },
    },
    {
        name => "cipher-server-client-list",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
        },
    },
    {
        name => "cipher-server-pref-1",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
            "Options" => "ServerPreference",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384"
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
        },
    },
    {
        name => "cipher-server-pref-2",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
            "Options" => "ServerPreference",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES128-SHA256"
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
        },
    },
    {
        name => "cipher-server-pref-client-list",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
            "Options" => "ServerPreference",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
        },
    },
    {
        name => "cipher-server-pref-not-mobile",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
            "Options" => "ServerPreference",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
        },
    },
    {
        name => "cipher-server-pref-mobile",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
            "Options" => "ServerPreference,PrioritizeChaCha",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
        },
    },
);

my @tests_poly1305 = (
    {
        name => "cipher-server-pref-mobile2",
        server => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
            "Options" => "ServerPreference,PrioritizeChaCha",
        },
        client => {
            "MaxProtocol" => "TLSv1.2",
            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
        },
        test => {
            "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
        },
    },
);

push @tests, @tests_poly1305
    unless disabled("poly1305") || disabled("chacha") || $fips_mode;