1# -*- mode: perl; -*-
2# Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## SSL test configurations
11
12package ssltests;
13
14use OpenSSL::Test::Utils;
15
16our @tests = ();
17
18my @tests_tls1_2 = (
19    {
20        name => "disable-extended-master-secret-server-sha",
21        server => {
22          "Options" => "-ExtendedMasterSecret",
23        },
24        client => {
25          "CipherString" => "AES128-SHA",
26          "MaxProtocol" => "TLSv1.2"
27        },
28        test   => {
29          "ExpectedResult" => "Success",
30          "FIPSversion" => "<=3.1.0",
31        },
32    },
33    {
34        name => "disable-extended-master-secret-client-sha",
35        server => {
36        },
37        client => {
38          "CipherString" => "AES128-SHA",
39          "Options" => "-ExtendedMasterSecret",
40          "MaxProtocol" => "TLSv1.2"
41        },
42        test   => {
43          "ExpectedResult" => "Success",
44          "FIPSversion" => "<=3.1.0",
45        },
46    },
47    {
48        name => "disable-extended-master-secret-both-sha",
49        server => {
50          "Options" => "-ExtendedMasterSecret",
51        },
52        client => {
53          "CipherString" => "AES128-SHA",
54          "Options" => "-ExtendedMasterSecret",
55          "MaxProtocol" => "TLSv1.2"
56        },
57        test   => {
58          "ExpectedResult" => "Success",
59          "FIPSversion" => "<=3.1.0",
60        },
61    },
62    {
63        name => "disable-extended-master-secret-both-resume",
64        server => {
65          "Options" => "-ExtendedMasterSecret",
66        },
67        resume_server => {
68        },
69        client => {
70          "CipherString" => "AES128-SHA",
71          "Options" => "-ExtendedMasterSecret",
72          "MaxProtocol" => "TLSv1.2"
73        },
74        resume_client => {
75          "CipherString" => "AES128-SHA",
76          "MaxProtocol" => "TLSv1.2"
77        },
78        test   => {
79	  "HandshakeMode" => "Resume",
80          "ExpectedResult" => "Success",
81          "FIPSversion" => "<=3.1.0",
82        },
83    },
84    {
85        name => "disable-extended-master-secret-server-sha2",
86        server => {
87          "Options" => "-ExtendedMasterSecret",
88        },
89        client => {
90          "CipherString" => "AES128-SHA256",
91          "MaxProtocol" => "TLSv1.2"
92        },
93        test   => {
94          "ExpectedResult" => "Success",
95          "FIPSversion" => "<=3.1.0",
96        },
97    },
98    {
99        name => "disable-extended-master-secret-client-sha2",
100        server => {
101        },
102        client => {
103          "CipherString" => "AES128-SHA256",
104          "Options" => "-ExtendedMasterSecret",
105          "MaxProtocol" => "TLSv1.2"
106        },
107        test   => {
108          "ExpectedResult" => "Success",
109          "FIPSversion" => "<=3.1.0",
110        },
111    },
112    {
113        name => "disable-extended-master-secret-both-sha2",
114        server => {
115          "Options" => "-ExtendedMasterSecret",
116        },
117        client => {
118          "CipherString" => "AES128-SHA256",
119          "Options" => "-ExtendedMasterSecret",
120          "MaxProtocol" => "TLSv1.2"
121        },
122        test   => {
123          "ExpectedResult" => "Success",
124          "FIPSversion" => "<=3.1.0",
125        },
126    },
127);
128
129push @tests, @tests_tls1_2 unless disabled("tls1_2");
130