wolfssl/tests/test-ecc-cust-curves.conf
Sean Parkinson dc86dad26b ECC key load: fixes
asn.c:
  Return the curve OID sum with alg_id for ECC keys.
ssl_load.c:
Don't permanently strip the PKCS#8 information as it contains the
curve OID.
2024-07-15 15:46:05 +10:00

197 line
4.6 KiB
Text

# ----- secp256k1 ------
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutual auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutal auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutual auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutal auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# ----- bp256r1 ------
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutual auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutal auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutual auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutal auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C
# -- SECP256K1 without OID inside PKCS#8 --
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server2-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-privkey.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/ca-secp256k1-cert.pem
-x
-C