xref: /freebsd/crypto/openssl/test/ssl-tests/25-cipher.cnf.in (revision f126890ac5386406dadf7c4cfa9566cbb56537c5)
1# -*- mode: perl; -*-
2# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## Test version negotiation
11
12use strict;
13use warnings;
14
15package ssltests;
16use OpenSSL::Test::Utils;
17
18our $fips_mode;
19
20our @tests = (
21    {
22        name => "cipher-server-1",
23        server => {
24            "MaxProtocol" => "TLSv1.2",
25            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
26    },
27        client => {
28            "MaxProtocol" => "TLSv1.2",
29            "CipherString" => "ECDHE-RSA-AES256-SHA384"
30        },
31        test => {
32            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
33        },
34    },
35    {
36        name => "cipher-server-2",
37        server => {
38            "MaxProtocol" => "TLSv1.2",
39            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
40        },
41        client => {
42            "MaxProtocol" => "TLSv1.2",
43            "CipherString" => "ECDHE-RSA-AES128-SHA256"
44        },
45        test => {
46            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
47        },
48    },
49    {
50        name => "cipher-server-client-list",
51        server => {
52            "MaxProtocol" => "TLSv1.2",
53            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
54        },
55        client => {
56            "MaxProtocol" => "TLSv1.2",
57            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
58        },
59        test => {
60            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
61        },
62    },
63    {
64        name => "cipher-server-pref-1",
65        server => {
66            "MaxProtocol" => "TLSv1.2",
67            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
68            "Options" => "ServerPreference",
69        },
70        client => {
71            "MaxProtocol" => "TLSv1.2",
72            "CipherString" => "ECDHE-RSA-AES256-SHA384"
73        },
74        test => {
75            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
76        },
77    },
78    {
79        name => "cipher-server-pref-2",
80        server => {
81            "MaxProtocol" => "TLSv1.2",
82            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
83            "Options" => "ServerPreference",
84        },
85        client => {
86            "MaxProtocol" => "TLSv1.2",
87            "CipherString" => "ECDHE-RSA-AES128-SHA256"
88        },
89        test => {
90            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
91        },
92    },
93    {
94        name => "cipher-server-pref-client-list",
95        server => {
96            "MaxProtocol" => "TLSv1.2",
97            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
98            "Options" => "ServerPreference",
99        },
100        client => {
101            "MaxProtocol" => "TLSv1.2",
102            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
103        },
104        test => {
105            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
106        },
107    },
108    {
109        name => "cipher-server-pref-not-mobile",
110        server => {
111            "MaxProtocol" => "TLSv1.2",
112            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
113            "Options" => "ServerPreference",
114        },
115        client => {
116            "MaxProtocol" => "TLSv1.2",
117            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
118        },
119        test => {
120            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
121        },
122    },
123    {
124        name => "cipher-server-pref-mobile",
125        server => {
126            "MaxProtocol" => "TLSv1.2",
127            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
128            "Options" => "ServerPreference,PrioritizeChaCha",
129        },
130        client => {
131            "MaxProtocol" => "TLSv1.2",
132            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
133        },
134        test => {
135            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
136        },
137    },
138);
139
140my @tests_poly1305 = (
141    {
142        name => "cipher-server-pref-mobile2",
143        server => {
144            "MaxProtocol" => "TLSv1.2",
145            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
146            "Options" => "ServerPreference,PrioritizeChaCha",
147        },
148        client => {
149            "MaxProtocol" => "TLSv1.2",
150            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
151        },
152        test => {
153            "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
154        },
155    },
156);
157
158push @tests, @tests_poly1305
159    unless disabled("poly1305") || disabled("chacha") || $fips_mode;
160