Commit 5093d72a7d for openssl.org
commit 5093d72a7dafa8d3042d0fb87774e57d1c88c0fa
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Feb 12 05:55:51 2026 +1100
New SSL tests for SM2 cert and key exchange
Also some additional tests for other MLKEM hybrids.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
MergeDate: Sat Feb 21 13:26:36 2026
(Merged from https://github.com/openssl/openssl/pull/29953)
diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c
index 98d46a4e54..8b23788aae 100644
--- a/test/helpers/handshake.c
+++ b/test/helpers/handshake.c
@@ -1819,6 +1819,10 @@ err:
if (SSL_get_peer_tmp_key(client.ssl, &tmp_key)) {
ret->tmp_key_type = pkey_type(tmp_key);
EVP_PKEY_free(tmp_key);
+ if (ret->tmp_key_type == EVP_PKEY_KEYMGMT)
+ ret->tmp_key_type = SSL_get_negotiated_group(client.ssl);
+ } else {
+ ret->tmp_key_type = SSL_get_negotiated_group(client.ssl);
}
SSL_get_peer_signature_nid(client.ssl, &ret->server_sign_hash);
diff --git a/test/helpers/ssl_test_ctx.c b/test/helpers/ssl_test_ctx.c
index 075e24551e..ab9ad7b3fa 100644
--- a/test/helpers/ssl_test_ctx.c
+++ b/test/helpers/ssl_test_ctx.c
@@ -18,6 +18,7 @@
#include <openssl/crypto.h>
#include "internal/nelem.h"
+#include "internal/tlsgroups.h"
#include "ssl_test_ctx.h"
#include "../testutil.h"
@@ -539,6 +540,16 @@ __owur static int parse_expected_key_type(int *ptype, const char *value)
nid = OBJ_sn2nid("ED25519");
} else if (strcmp("EC", value) == 0) {
nid = OBJ_sn2nid("id-ecPublicKey");
+ } else if (strcmp("curveSM2", value) == 0) {
+ nid = TLSEXT_nid_unknown | OSSL_TLS_GROUP_ID_curveSM2;
+ } else if (strcmp("X25519MLKEM768", value) == 0) {
+ nid = TLSEXT_nid_unknown | OSSL_TLS_GROUP_ID_X25519MLKEM768;
+ } else if (strcmp("SecP256r1MLKEM768", value) == 0) {
+ nid = TLSEXT_nid_unknown | OSSL_TLS_GROUP_ID_SecP256r1MLKEM768;
+ } else if (strcmp("SecP384r1MLKEM1024", value) == 0) {
+ nid = TLSEXT_nid_unknown | OSSL_TLS_GROUP_ID_SecP384r1MLKEM1024;
+ } else if (strcmp("curveSM2MLKEM768", value) == 0) {
+ nid = TLSEXT_nid_unknown | OSSL_TLS_GROUP_ID_curveSM2MLKEM768;
} else {
nid = OBJ_ln2nid(value);
}
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index bd2d23fb64..2882ce0700 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -73,6 +73,8 @@ my $no_dsa = disabled("dsa");
my $no_ec2m = disabled("ec2m");
my $no_ocsp = disabled("ocsp");
my $no_ml_dsa = disabled("ml-dsa");
+my $no_sm2 = disabled("sm2");
+my $no_ml_kem = disabled("ml-kem");
# Add your test here if the test conf.in generates test cases and/or
# expectations dynamically based on the OpenSSL compile-time config.
@@ -84,12 +86,12 @@ my %conf_dependent_tests = (
"07-dtls-protocol-version.cnf" => !$is_default_dtls || !disabled("sctp"),
"10-resumption.cnf" => !$is_default_tls || $no_ec,
"11-dtls_resumption.cnf" => !$is_default_dtls || !disabled("sctp"),
- "14-curves.cnf" => disabled("tls-deprecated-ec"),
+ "14-curves.cnf" => disabled("tls-deprecated-ec") || $no_ecx || $no_sm2 || $no_ml_kem,
"16-dtls-certstatus.cnf" => !$is_default_dtls || !disabled("sctp"),
"17-renegotiate.cnf" => disabled("tls1_2"),
"18-dtls-renegotiate.cnf" => disabled("dtls1_2") || !disabled("sctp"),
"19-mac-then-encrypt.cnf" => !$is_default_tls,
- "20-cert-select.cnf" => !$is_default_tls || $no_dh || $no_dsa || $no_ml_dsa,
+ "20-cert-select.cnf" => !$is_default_tls || $no_dh || $no_dsa || $no_ml_dsa || $no_sm2,
"22-compression.cnf" => !$is_default_tls,
"25-cipher.cnf" => disabled("poly1305") || disabled("chacha")
|| disabled("sm3") || disabled("sm4")
diff --git a/test/ssl-tests/14-curves.cnf b/test/ssl-tests/14-curves.cnf
index e075a37943..5a215d5b4e 100644
--- a/test/ssl-tests/14-curves.cnf
+++ b/test/ssl-tests/14-curves.cnf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 104
+num_tests = 119
test-0 = 0-curve-prime256v1
test-1 = 1-curve-secp384r1
@@ -15,97 +15,112 @@ test-9 = 9-curve-ffdhe8192
test-10 = 10-curve-brainpoolP256r1tls13
test-11 = 11-curve-brainpoolP384r1tls13
test-12 = 12-curve-brainpoolP512r1tls13
-test-13 = 13-curve-sect233k1
-test-14 = 14-curve-sect233r1
-test-15 = 15-curve-sect283k1
-test-16 = 16-curve-sect283r1
-test-17 = 17-curve-sect409k1
-test-18 = 18-curve-sect409r1
-test-19 = 19-curve-sect571k1
-test-20 = 20-curve-sect571r1
-test-21 = 21-curve-secp224r1
-test-22 = 22-curve-sect163k1
-test-23 = 23-curve-sect163r2
-test-24 = 24-curve-prime192v1
-test-25 = 25-curve-sect163r1
-test-26 = 26-curve-sect193r1
-test-27 = 27-curve-sect193r2
-test-28 = 28-curve-sect239k1
-test-29 = 29-curve-secp160k1
-test-30 = 30-curve-secp160r1
-test-31 = 31-curve-secp160r2
-test-32 = 32-curve-secp192k1
-test-33 = 33-curve-secp224k1
-test-34 = 34-curve-secp256k1
-test-35 = 35-curve-brainpoolP256r1
-test-36 = 36-curve-brainpoolP384r1
-test-37 = 37-curve-brainpoolP512r1
-test-38 = 38-curve-sect233k1-tls12-in-tls13
-test-39 = 39-curve-sect233r1-tls12-in-tls13
-test-40 = 40-curve-sect283k1-tls12-in-tls13
-test-41 = 41-curve-sect283r1-tls12-in-tls13
-test-42 = 42-curve-sect409k1-tls12-in-tls13
-test-43 = 43-curve-sect409r1-tls12-in-tls13
-test-44 = 44-curve-sect571k1-tls12-in-tls13
-test-45 = 45-curve-sect571r1-tls12-in-tls13
-test-46 = 46-curve-secp224r1-tls12-in-tls13
-test-47 = 47-curve-sect163k1-tls12-in-tls13
-test-48 = 48-curve-sect163r2-tls12-in-tls13
-test-49 = 49-curve-prime192v1-tls12-in-tls13
-test-50 = 50-curve-sect163r1-tls12-in-tls13
-test-51 = 51-curve-sect193r1-tls12-in-tls13
-test-52 = 52-curve-sect193r2-tls12-in-tls13
-test-53 = 53-curve-sect239k1-tls12-in-tls13
-test-54 = 54-curve-secp160k1-tls12-in-tls13
-test-55 = 55-curve-secp160r1-tls12-in-tls13
-test-56 = 56-curve-secp160r2-tls12-in-tls13
-test-57 = 57-curve-secp192k1-tls12-in-tls13
-test-58 = 58-curve-secp224k1-tls12-in-tls13
-test-59 = 59-curve-secp256k1-tls12-in-tls13
-test-60 = 60-curve-brainpoolP256r1-tls12-in-tls13
-test-61 = 61-curve-brainpoolP384r1-tls12-in-tls13
-test-62 = 62-curve-brainpoolP512r1-tls12-in-tls13
-test-63 = 63-curve-sect233k1-tls13
-test-64 = 64-curve-sect233r1-tls13
-test-65 = 65-curve-sect283k1-tls13
-test-66 = 66-curve-sect283r1-tls13
-test-67 = 67-curve-sect409k1-tls13
-test-68 = 68-curve-sect409r1-tls13
-test-69 = 69-curve-sect571k1-tls13
-test-70 = 70-curve-sect571r1-tls13
-test-71 = 71-curve-secp224r1-tls13
-test-72 = 72-curve-sect163k1-tls13
-test-73 = 73-curve-sect163r2-tls13
-test-74 = 74-curve-prime192v1-tls13
-test-75 = 75-curve-sect163r1-tls13
-test-76 = 76-curve-sect193r1-tls13
-test-77 = 77-curve-sect193r2-tls13
-test-78 = 78-curve-sect239k1-tls13
-test-79 = 79-curve-secp160k1-tls13
-test-80 = 80-curve-secp160r1-tls13
-test-81 = 81-curve-secp160r2-tls13
-test-82 = 82-curve-secp192k1-tls13
-test-83 = 83-curve-secp224k1-tls13
-test-84 = 84-curve-secp256k1-tls13
-test-85 = 85-curve-brainpoolP256r1-tls13
-test-86 = 86-curve-brainpoolP384r1-tls13
-test-87 = 87-curve-brainpoolP512r1-tls13
-test-88 = 88-curve-ffdhe2048-tls13-in-tls12
-test-89 = 89-curve-ffdhe2048-tls13-in-tls12-2
-test-90 = 90-curve-ffdhe3072-tls13-in-tls12
-test-91 = 91-curve-ffdhe3072-tls13-in-tls12-2
-test-92 = 92-curve-ffdhe4096-tls13-in-tls12
-test-93 = 93-curve-ffdhe4096-tls13-in-tls12-2
-test-94 = 94-curve-ffdhe6144-tls13-in-tls12
-test-95 = 95-curve-ffdhe6144-tls13-in-tls12-2
-test-96 = 96-curve-ffdhe8192-tls13-in-tls12
-test-97 = 97-curve-ffdhe8192-tls13-in-tls12-2
-test-98 = 98-curve-brainpoolP256r1tls13-tls13-in-tls12
-test-99 = 99-curve-brainpoolP256r1tls13-tls13-in-tls12-2
-test-100 = 100-curve-brainpoolP384r1tls13-tls13-in-tls12
-test-101 = 101-curve-brainpoolP384r1tls13-tls13-in-tls12-2
-test-102 = 102-curve-brainpoolP512r1tls13-tls13-in-tls12
-test-103 = 103-curve-brainpoolP512r1tls13-tls13-in-tls12-2
+test-13 = 13-curve-X25519MLKEM768
+test-14 = 14-curve-SecP256r1MLKEM768
+test-15 = 15-curve-SecP384r1MLKEM1024
+test-16 = 16-curve-curveSM2
+test-17 = 17-curve-curveSM2MLKEM768
+test-18 = 18-curve-sect233k1
+test-19 = 19-curve-sect233r1
+test-20 = 20-curve-sect283k1
+test-21 = 21-curve-sect283r1
+test-22 = 22-curve-sect409k1
+test-23 = 23-curve-sect409r1
+test-24 = 24-curve-sect571k1
+test-25 = 25-curve-sect571r1
+test-26 = 26-curve-secp224r1
+test-27 = 27-curve-sect163k1
+test-28 = 28-curve-sect163r2
+test-29 = 29-curve-prime192v1
+test-30 = 30-curve-sect163r1
+test-31 = 31-curve-sect193r1
+test-32 = 32-curve-sect193r2
+test-33 = 33-curve-sect239k1
+test-34 = 34-curve-secp160k1
+test-35 = 35-curve-secp160r1
+test-36 = 36-curve-secp160r2
+test-37 = 37-curve-secp192k1
+test-38 = 38-curve-secp224k1
+test-39 = 39-curve-secp256k1
+test-40 = 40-curve-brainpoolP256r1
+test-41 = 41-curve-brainpoolP384r1
+test-42 = 42-curve-brainpoolP512r1
+test-43 = 43-curve-sect233k1-tls12-in-tls13
+test-44 = 44-curve-sect233r1-tls12-in-tls13
+test-45 = 45-curve-sect283k1-tls12-in-tls13
+test-46 = 46-curve-sect283r1-tls12-in-tls13
+test-47 = 47-curve-sect409k1-tls12-in-tls13
+test-48 = 48-curve-sect409r1-tls12-in-tls13
+test-49 = 49-curve-sect571k1-tls12-in-tls13
+test-50 = 50-curve-sect571r1-tls12-in-tls13
+test-51 = 51-curve-secp224r1-tls12-in-tls13
+test-52 = 52-curve-sect163k1-tls12-in-tls13
+test-53 = 53-curve-sect163r2-tls12-in-tls13
+test-54 = 54-curve-prime192v1-tls12-in-tls13
+test-55 = 55-curve-sect163r1-tls12-in-tls13
+test-56 = 56-curve-sect193r1-tls12-in-tls13
+test-57 = 57-curve-sect193r2-tls12-in-tls13
+test-58 = 58-curve-sect239k1-tls12-in-tls13
+test-59 = 59-curve-secp160k1-tls12-in-tls13
+test-60 = 60-curve-secp160r1-tls12-in-tls13
+test-61 = 61-curve-secp160r2-tls12-in-tls13
+test-62 = 62-curve-secp192k1-tls12-in-tls13
+test-63 = 63-curve-secp224k1-tls12-in-tls13
+test-64 = 64-curve-secp256k1-tls12-in-tls13
+test-65 = 65-curve-brainpoolP256r1-tls12-in-tls13
+test-66 = 66-curve-brainpoolP384r1-tls12-in-tls13
+test-67 = 67-curve-brainpoolP512r1-tls12-in-tls13
+test-68 = 68-curve-sect233k1-tls13
+test-69 = 69-curve-sect233r1-tls13
+test-70 = 70-curve-sect283k1-tls13
+test-71 = 71-curve-sect283r1-tls13
+test-72 = 72-curve-sect409k1-tls13
+test-73 = 73-curve-sect409r1-tls13
+test-74 = 74-curve-sect571k1-tls13
+test-75 = 75-curve-sect571r1-tls13
+test-76 = 76-curve-secp224r1-tls13
+test-77 = 77-curve-sect163k1-tls13
+test-78 = 78-curve-sect163r2-tls13
+test-79 = 79-curve-prime192v1-tls13
+test-80 = 80-curve-sect163r1-tls13
+test-81 = 81-curve-sect193r1-tls13
+test-82 = 82-curve-sect193r2-tls13
+test-83 = 83-curve-sect239k1-tls13
+test-84 = 84-curve-secp160k1-tls13
+test-85 = 85-curve-secp160r1-tls13
+test-86 = 86-curve-secp160r2-tls13
+test-87 = 87-curve-secp192k1-tls13
+test-88 = 88-curve-secp224k1-tls13
+test-89 = 89-curve-secp256k1-tls13
+test-90 = 90-curve-brainpoolP256r1-tls13
+test-91 = 91-curve-brainpoolP384r1-tls13
+test-92 = 92-curve-brainpoolP512r1-tls13
+test-93 = 93-curve-ffdhe2048-tls13-in-tls12
+test-94 = 94-curve-ffdhe2048-tls13-in-tls12-2
+test-95 = 95-curve-ffdhe3072-tls13-in-tls12
+test-96 = 96-curve-ffdhe3072-tls13-in-tls12-2
+test-97 = 97-curve-ffdhe4096-tls13-in-tls12
+test-98 = 98-curve-ffdhe4096-tls13-in-tls12-2
+test-99 = 99-curve-ffdhe6144-tls13-in-tls12
+test-100 = 100-curve-ffdhe6144-tls13-in-tls12-2
+test-101 = 101-curve-ffdhe8192-tls13-in-tls12
+test-102 = 102-curve-ffdhe8192-tls13-in-tls12-2
+test-103 = 103-curve-brainpoolP256r1tls13-tls13-in-tls12
+test-104 = 104-curve-brainpoolP256r1tls13-tls13-in-tls12-2
+test-105 = 105-curve-brainpoolP384r1tls13-tls13-in-tls12
+test-106 = 106-curve-brainpoolP384r1tls13-tls13-in-tls12-2
+test-107 = 107-curve-brainpoolP512r1tls13-tls13-in-tls12
+test-108 = 108-curve-brainpoolP512r1tls13-tls13-in-tls12-2
+test-109 = 109-curve-X25519MLKEM768-tls13-in-tls12
+test-110 = 110-curve-X25519MLKEM768-tls13-in-tls12-2
+test-111 = 111-curve-SecP256r1MLKEM768-tls13-in-tls12
+test-112 = 112-curve-SecP256r1MLKEM768-tls13-in-tls12-2
+test-113 = 113-curve-SecP384r1MLKEM1024-tls13-in-tls12
+test-114 = 114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2
+test-115 = 115-curve-curveSM2-tls13-in-tls12
+test-116 = 116-curve-curveSM2-tls13-in-tls12-2
+test-117 = 117-curve-curveSM2MLKEM768-tls13-in-tls12
+test-118 = 118-curve-curveSM2MLKEM768-tls13-in-tls12-2
# ===========================================================
[0-curve-prime256v1]
@@ -485,28 +500,173 @@ ExpectedTmpKeyType = brainpoolP512r1tls13
# ===========================================================
-[13-curve-sect233k1]
-ssl_conf = 13-curve-sect233k1-ssl
+[13-curve-X25519MLKEM768]
+ssl_conf = 13-curve-X25519MLKEM768-ssl
-[13-curve-sect233k1-ssl]
-server = 13-curve-sect233k1-server
-client = 13-curve-sect233k1-client
+[13-curve-X25519MLKEM768-ssl]
+server = 13-curve-X25519MLKEM768-server
+client = 13-curve-X25519MLKEM768-client
-[13-curve-sect233k1-server]
+[13-curve-X25519MLKEM768-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[13-curve-X25519MLKEM768-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-13]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+ExpectedTmpKeyType = X25519MLKEM768
+
+
+# ===========================================================
+
+[14-curve-SecP256r1MLKEM768]
+ssl_conf = 14-curve-SecP256r1MLKEM768-ssl
+
+[14-curve-SecP256r1MLKEM768-ssl]
+server = 14-curve-SecP256r1MLKEM768-server
+client = 14-curve-SecP256r1MLKEM768-client
+
+[14-curve-SecP256r1MLKEM768-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[14-curve-SecP256r1MLKEM768-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-14]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+ExpectedTmpKeyType = SecP256r1MLKEM768
+
+
+# ===========================================================
+
+[15-curve-SecP384r1MLKEM1024]
+ssl_conf = 15-curve-SecP384r1MLKEM1024-ssl
+
+[15-curve-SecP384r1MLKEM1024-ssl]
+server = 15-curve-SecP384r1MLKEM1024-server
+client = 15-curve-SecP384r1MLKEM1024-client
+
+[15-curve-SecP384r1MLKEM1024-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[15-curve-SecP384r1MLKEM1024-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-15]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+ExpectedTmpKeyType = SecP384r1MLKEM1024
+
+
+# ===========================================================
+
+[16-curve-curveSM2]
+ssl_conf = 16-curve-curveSM2-ssl
+
+[16-curve-curveSM2-ssl]
+server = 16-curve-curveSM2-server
+client = 16-curve-curveSM2-client
+
+[16-curve-curveSM2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[16-curve-curveSM2-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-16]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+ExpectedTmpKeyType = curveSM2
+
+
+# ===========================================================
+
+[17-curve-curveSM2MLKEM768]
+ssl_conf = 17-curve-curveSM2MLKEM768-ssl
+
+[17-curve-curveSM2MLKEM768-ssl]
+server = 17-curve-curveSM2MLKEM768-server
+client = 17-curve-curveSM2MLKEM768-client
+
+[17-curve-curveSM2MLKEM768-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[17-curve-curveSM2MLKEM768-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-17]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+ExpectedTmpKeyType = curveSM2MLKEM768
+
+
+# ===========================================================
+
+[18-curve-sect233k1]
+ssl_conf = 18-curve-sect233k1-ssl
+
+[18-curve-sect233k1-ssl]
+server = 18-curve-sect233k1-server
+client = 18-curve-sect233k1-client
+
+[18-curve-sect233k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[13-curve-sect233k1-client]
+[18-curve-sect233k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-13]
+[test-18]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect233k1
@@ -514,28 +674,28 @@ ExpectedTmpKeyType = sect233k1
# ===========================================================
-[14-curve-sect233r1]
-ssl_conf = 14-curve-sect233r1-ssl
+[19-curve-sect233r1]
+ssl_conf = 19-curve-sect233r1-ssl
-[14-curve-sect233r1-ssl]
-server = 14-curve-sect233r1-server
-client = 14-curve-sect233r1-client
+[19-curve-sect233r1-ssl]
+server = 19-curve-sect233r1-server
+client = 19-curve-sect233r1-client
-[14-curve-sect233r1-server]
+[19-curve-sect233r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[14-curve-sect233r1-client]
+[19-curve-sect233r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-14]
+[test-19]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect233r1
@@ -543,28 +703,28 @@ ExpectedTmpKeyType = sect233r1
# ===========================================================
-[15-curve-sect283k1]
-ssl_conf = 15-curve-sect283k1-ssl
+[20-curve-sect283k1]
+ssl_conf = 20-curve-sect283k1-ssl
-[15-curve-sect283k1-ssl]
-server = 15-curve-sect283k1-server
-client = 15-curve-sect283k1-client
+[20-curve-sect283k1-ssl]
+server = 20-curve-sect283k1-server
+client = 20-curve-sect283k1-client
-[15-curve-sect283k1-server]
+[20-curve-sect283k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[15-curve-sect283k1-client]
+[20-curve-sect283k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-15]
+[test-20]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect283k1
@@ -572,28 +732,28 @@ ExpectedTmpKeyType = sect283k1
# ===========================================================
-[16-curve-sect283r1]
-ssl_conf = 16-curve-sect283r1-ssl
+[21-curve-sect283r1]
+ssl_conf = 21-curve-sect283r1-ssl
-[16-curve-sect283r1-ssl]
-server = 16-curve-sect283r1-server
-client = 16-curve-sect283r1-client
+[21-curve-sect283r1-ssl]
+server = 21-curve-sect283r1-server
+client = 21-curve-sect283r1-client
-[16-curve-sect283r1-server]
+[21-curve-sect283r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[16-curve-sect283r1-client]
+[21-curve-sect283r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-16]
+[test-21]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect283r1
@@ -601,28 +761,28 @@ ExpectedTmpKeyType = sect283r1
# ===========================================================
-[17-curve-sect409k1]
-ssl_conf = 17-curve-sect409k1-ssl
+[22-curve-sect409k1]
+ssl_conf = 22-curve-sect409k1-ssl
-[17-curve-sect409k1-ssl]
-server = 17-curve-sect409k1-server
-client = 17-curve-sect409k1-client
+[22-curve-sect409k1-ssl]
+server = 22-curve-sect409k1-server
+client = 22-curve-sect409k1-client
-[17-curve-sect409k1-server]
+[22-curve-sect409k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[17-curve-sect409k1-client]
+[22-curve-sect409k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-17]
+[test-22]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect409k1
@@ -630,28 +790,28 @@ ExpectedTmpKeyType = sect409k1
# ===========================================================
-[18-curve-sect409r1]
-ssl_conf = 18-curve-sect409r1-ssl
+[23-curve-sect409r1]
+ssl_conf = 23-curve-sect409r1-ssl
-[18-curve-sect409r1-ssl]
-server = 18-curve-sect409r1-server
-client = 18-curve-sect409r1-client
+[23-curve-sect409r1-ssl]
+server = 23-curve-sect409r1-server
+client = 23-curve-sect409r1-client
-[18-curve-sect409r1-server]
+[23-curve-sect409r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[18-curve-sect409r1-client]
+[23-curve-sect409r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-18]
+[test-23]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect409r1
@@ -659,28 +819,28 @@ ExpectedTmpKeyType = sect409r1
# ===========================================================
-[19-curve-sect571k1]
-ssl_conf = 19-curve-sect571k1-ssl
+[24-curve-sect571k1]
+ssl_conf = 24-curve-sect571k1-ssl
-[19-curve-sect571k1-ssl]
-server = 19-curve-sect571k1-server
-client = 19-curve-sect571k1-client
+[24-curve-sect571k1-ssl]
+server = 24-curve-sect571k1-server
+client = 24-curve-sect571k1-client
-[19-curve-sect571k1-server]
+[24-curve-sect571k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[19-curve-sect571k1-client]
+[24-curve-sect571k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-19]
+[test-24]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect571k1
@@ -688,28 +848,28 @@ ExpectedTmpKeyType = sect571k1
# ===========================================================
-[20-curve-sect571r1]
-ssl_conf = 20-curve-sect571r1-ssl
+[25-curve-sect571r1]
+ssl_conf = 25-curve-sect571r1-ssl
-[20-curve-sect571r1-ssl]
-server = 20-curve-sect571r1-server
-client = 20-curve-sect571r1-client
+[25-curve-sect571r1-ssl]
+server = 25-curve-sect571r1-server
+client = 25-curve-sect571r1-client
-[20-curve-sect571r1-server]
+[25-curve-sect571r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[20-curve-sect571r1-client]
+[25-curve-sect571r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-20]
+[test-25]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect571r1
@@ -717,28 +877,28 @@ ExpectedTmpKeyType = sect571r1
# ===========================================================
-[21-curve-secp224r1]
-ssl_conf = 21-curve-secp224r1-ssl
+[26-curve-secp224r1]
+ssl_conf = 26-curve-secp224r1-ssl
-[21-curve-secp224r1-ssl]
-server = 21-curve-secp224r1-server
-client = 21-curve-secp224r1-client
+[26-curve-secp224r1-ssl]
+server = 26-curve-secp224r1-server
+client = 26-curve-secp224r1-client
-[21-curve-secp224r1-server]
+[26-curve-secp224r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[21-curve-secp224r1-client]
+[26-curve-secp224r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-21]
+[test-26]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp224r1
@@ -746,28 +906,28 @@ ExpectedTmpKeyType = secp224r1
# ===========================================================
-[22-curve-sect163k1]
-ssl_conf = 22-curve-sect163k1-ssl
+[27-curve-sect163k1]
+ssl_conf = 27-curve-sect163k1-ssl
-[22-curve-sect163k1-ssl]
-server = 22-curve-sect163k1-server
-client = 22-curve-sect163k1-client
+[27-curve-sect163k1-ssl]
+server = 27-curve-sect163k1-server
+client = 27-curve-sect163k1-client
-[22-curve-sect163k1-server]
+[27-curve-sect163k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-curve-sect163k1-client]
+[27-curve-sect163k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-22]
+[test-27]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect163k1
@@ -775,28 +935,28 @@ ExpectedTmpKeyType = sect163k1
# ===========================================================
-[23-curve-sect163r2]
-ssl_conf = 23-curve-sect163r2-ssl
+[28-curve-sect163r2]
+ssl_conf = 28-curve-sect163r2-ssl
-[23-curve-sect163r2-ssl]
-server = 23-curve-sect163r2-server
-client = 23-curve-sect163r2-client
+[28-curve-sect163r2-ssl]
+server = 28-curve-sect163r2-server
+client = 28-curve-sect163r2-client
-[23-curve-sect163r2-server]
+[28-curve-sect163r2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[23-curve-sect163r2-client]
+[28-curve-sect163r2-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r2
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-23]
+[test-28]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect163r2
@@ -804,28 +964,28 @@ ExpectedTmpKeyType = sect163r2
# ===========================================================
-[24-curve-prime192v1]
-ssl_conf = 24-curve-prime192v1-ssl
+[29-curve-prime192v1]
+ssl_conf = 29-curve-prime192v1-ssl
-[24-curve-prime192v1-ssl]
-server = 24-curve-prime192v1-server
-client = 24-curve-prime192v1-client
+[29-curve-prime192v1-ssl]
+server = 29-curve-prime192v1-server
+client = 29-curve-prime192v1-client
-[24-curve-prime192v1-server]
+[29-curve-prime192v1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = prime192v1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[24-curve-prime192v1-client]
+[29-curve-prime192v1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = prime192v1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-24]
+[test-29]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = prime192v1
@@ -833,28 +993,28 @@ ExpectedTmpKeyType = prime192v1
# ===========================================================
-[25-curve-sect163r1]
-ssl_conf = 25-curve-sect163r1-ssl
+[30-curve-sect163r1]
+ssl_conf = 30-curve-sect163r1-ssl
-[25-curve-sect163r1-ssl]
-server = 25-curve-sect163r1-server
-client = 25-curve-sect163r1-client
+[30-curve-sect163r1-ssl]
+server = 30-curve-sect163r1-server
+client = 30-curve-sect163r1-client
-[25-curve-sect163r1-server]
+[30-curve-sect163r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[25-curve-sect163r1-client]
+[30-curve-sect163r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-25]
+[test-30]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect163r1
@@ -862,28 +1022,28 @@ ExpectedTmpKeyType = sect163r1
# ===========================================================
-[26-curve-sect193r1]
-ssl_conf = 26-curve-sect193r1-ssl
+[31-curve-sect193r1]
+ssl_conf = 31-curve-sect193r1-ssl
-[26-curve-sect193r1-ssl]
-server = 26-curve-sect193r1-server
-client = 26-curve-sect193r1-client
+[31-curve-sect193r1-ssl]
+server = 31-curve-sect193r1-server
+client = 31-curve-sect193r1-client
-[26-curve-sect193r1-server]
+[31-curve-sect193r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[26-curve-sect193r1-client]
+[31-curve-sect193r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-26]
+[test-31]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect193r1
@@ -891,28 +1051,28 @@ ExpectedTmpKeyType = sect193r1
# ===========================================================
-[27-curve-sect193r2]
-ssl_conf = 27-curve-sect193r2-ssl
+[32-curve-sect193r2]
+ssl_conf = 32-curve-sect193r2-ssl
-[27-curve-sect193r2-ssl]
-server = 27-curve-sect193r2-server
-client = 27-curve-sect193r2-client
+[32-curve-sect193r2-ssl]
+server = 32-curve-sect193r2-server
+client = 32-curve-sect193r2-client
-[27-curve-sect193r2-server]
+[32-curve-sect193r2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[27-curve-sect193r2-client]
+[32-curve-sect193r2-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r2
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-27]
+[test-32]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect193r2
@@ -920,28 +1080,28 @@ ExpectedTmpKeyType = sect193r2
# ===========================================================
-[28-curve-sect239k1]
-ssl_conf = 28-curve-sect239k1-ssl
+[33-curve-sect239k1]
+ssl_conf = 33-curve-sect239k1-ssl
-[28-curve-sect239k1-ssl]
-server = 28-curve-sect239k1-server
-client = 28-curve-sect239k1-client
+[33-curve-sect239k1-ssl]
+server = 33-curve-sect239k1-server
+client = 33-curve-sect239k1-client
-[28-curve-sect239k1-server]
+[33-curve-sect239k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect239k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[28-curve-sect239k1-client]
+[33-curve-sect239k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect239k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-28]
+[test-33]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = sect239k1
@@ -949,28 +1109,28 @@ ExpectedTmpKeyType = sect239k1
# ===========================================================
-[29-curve-secp160k1]
-ssl_conf = 29-curve-secp160k1-ssl
+[34-curve-secp160k1]
+ssl_conf = 34-curve-secp160k1-ssl
-[29-curve-secp160k1-ssl]
-server = 29-curve-secp160k1-server
-client = 29-curve-secp160k1-client
+[34-curve-secp160k1-ssl]
+server = 34-curve-secp160k1-server
+client = 34-curve-secp160k1-client
-[29-curve-secp160k1-server]
+[34-curve-secp160k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[29-curve-secp160k1-client]
+[34-curve-secp160k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-29]
+[test-34]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp160k1
@@ -978,28 +1138,28 @@ ExpectedTmpKeyType = secp160k1
# ===========================================================
-[30-curve-secp160r1]
-ssl_conf = 30-curve-secp160r1-ssl
+[35-curve-secp160r1]
+ssl_conf = 35-curve-secp160r1-ssl
-[30-curve-secp160r1-ssl]
-server = 30-curve-secp160r1-server
-client = 30-curve-secp160r1-client
+[35-curve-secp160r1-ssl]
+server = 35-curve-secp160r1-server
+client = 35-curve-secp160r1-client
-[30-curve-secp160r1-server]
+[35-curve-secp160r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[30-curve-secp160r1-client]
+[35-curve-secp160r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-30]
+[test-35]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp160r1
@@ -1007,28 +1167,28 @@ ExpectedTmpKeyType = secp160r1
# ===========================================================
-[31-curve-secp160r2]
-ssl_conf = 31-curve-secp160r2-ssl
+[36-curve-secp160r2]
+ssl_conf = 36-curve-secp160r2-ssl
-[31-curve-secp160r2-ssl]
-server = 31-curve-secp160r2-server
-client = 31-curve-secp160r2-client
+[36-curve-secp160r2-ssl]
+server = 36-curve-secp160r2-server
+client = 36-curve-secp160r2-client
-[31-curve-secp160r2-server]
+[36-curve-secp160r2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[31-curve-secp160r2-client]
+[36-curve-secp160r2-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r2
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-31]
+[test-36]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp160r2
@@ -1036,28 +1196,28 @@ ExpectedTmpKeyType = secp160r2
# ===========================================================
-[32-curve-secp192k1]
-ssl_conf = 32-curve-secp192k1-ssl
+[37-curve-secp192k1]
+ssl_conf = 37-curve-secp192k1-ssl
-[32-curve-secp192k1-ssl]
-server = 32-curve-secp192k1-server
-client = 32-curve-secp192k1-client
+[37-curve-secp192k1-ssl]
+server = 37-curve-secp192k1-server
+client = 37-curve-secp192k1-client
-[32-curve-secp192k1-server]
+[37-curve-secp192k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp192k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[32-curve-secp192k1-client]
+[37-curve-secp192k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp192k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-32]
+[test-37]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp192k1
@@ -1065,28 +1225,28 @@ ExpectedTmpKeyType = secp192k1
# ===========================================================
-[33-curve-secp224k1]
-ssl_conf = 33-curve-secp224k1-ssl
+[38-curve-secp224k1]
+ssl_conf = 38-curve-secp224k1-ssl
-[33-curve-secp224k1-ssl]
-server = 33-curve-secp224k1-server
-client = 33-curve-secp224k1-client
+[38-curve-secp224k1-ssl]
+server = 38-curve-secp224k1-server
+client = 38-curve-secp224k1-client
-[33-curve-secp224k1-server]
+[38-curve-secp224k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[33-curve-secp224k1-client]
+[38-curve-secp224k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-33]
+[test-38]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp224k1
@@ -1094,28 +1254,28 @@ ExpectedTmpKeyType = secp224k1
# ===========================================================
-[34-curve-secp256k1]
-ssl_conf = 34-curve-secp256k1-ssl
+[39-curve-secp256k1]
+ssl_conf = 39-curve-secp256k1-ssl
-[34-curve-secp256k1-ssl]
-server = 34-curve-secp256k1-server
-client = 34-curve-secp256k1-client
+[39-curve-secp256k1-ssl]
+server = 39-curve-secp256k1-server
+client = 39-curve-secp256k1-client
-[34-curve-secp256k1-server]
+[39-curve-secp256k1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp256k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[34-curve-secp256k1-client]
+[39-curve-secp256k1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp256k1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-34]
+[test-39]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = secp256k1
@@ -1123,28 +1283,28 @@ ExpectedTmpKeyType = secp256k1
# ===========================================================
-[35-curve-brainpoolP256r1]
-ssl_conf = 35-curve-brainpoolP256r1-ssl
+[40-curve-brainpoolP256r1]
+ssl_conf = 40-curve-brainpoolP256r1-ssl
-[35-curve-brainpoolP256r1-ssl]
-server = 35-curve-brainpoolP256r1-server
-client = 35-curve-brainpoolP256r1-client
+[40-curve-brainpoolP256r1-ssl]
+server = 40-curve-brainpoolP256r1-server
+client = 40-curve-brainpoolP256r1-client
-[35-curve-brainpoolP256r1-server]
+[40-curve-brainpoolP256r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[35-curve-brainpoolP256r1-client]
+[40-curve-brainpoolP256r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP256r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-35]
+[test-40]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = brainpoolP256r1
@@ -1152,28 +1312,28 @@ ExpectedTmpKeyType = brainpoolP256r1
# ===========================================================
-[36-curve-brainpoolP384r1]
-ssl_conf = 36-curve-brainpoolP384r1-ssl
+[41-curve-brainpoolP384r1]
+ssl_conf = 41-curve-brainpoolP384r1-ssl
-[36-curve-brainpoolP384r1-ssl]
-server = 36-curve-brainpoolP384r1-server
-client = 36-curve-brainpoolP384r1-client
+[41-curve-brainpoolP384r1-ssl]
+server = 41-curve-brainpoolP384r1-server
+client = 41-curve-brainpoolP384r1-client
-[36-curve-brainpoolP384r1-server]
+[41-curve-brainpoolP384r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[36-curve-brainpoolP384r1-client]
+[41-curve-brainpoolP384r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP384r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-36]
+[test-41]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = brainpoolP384r1
@@ -1181,28 +1341,28 @@ ExpectedTmpKeyType = brainpoolP384r1
# ===========================================================
-[37-curve-brainpoolP512r1]
-ssl_conf = 37-curve-brainpoolP512r1-ssl
+[42-curve-brainpoolP512r1]
+ssl_conf = 42-curve-brainpoolP512r1-ssl
-[37-curve-brainpoolP512r1-ssl]
-server = 37-curve-brainpoolP512r1-server
-client = 37-curve-brainpoolP512r1-client
+[42-curve-brainpoolP512r1-ssl]
+server = 42-curve-brainpoolP512r1-server
+client = 42-curve-brainpoolP512r1-client
-[37-curve-brainpoolP512r1-server]
+[42-curve-brainpoolP512r1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[37-curve-brainpoolP512r1-client]
+[42-curve-brainpoolP512r1-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP512r1
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-37]
+[test-42]
ExpectedProtocol = TLSv1.2
ExpectedResult = Success
ExpectedTmpKeyType = brainpoolP512r1
@@ -1210,21 +1370,21 @@ ExpectedTmpKeyType = brainpoolP512r1
# ===========================================================
-[38-curve-sect233k1-tls12-in-tls13]
-ssl_conf = 38-curve-sect233k1-tls12-in-tls13-ssl
+[43-curve-sect233k1-tls12-in-tls13]
+ssl_conf = 43-curve-sect233k1-tls12-in-tls13-ssl
-[38-curve-sect233k1-tls12-in-tls13-ssl]
-server = 38-curve-sect233k1-tls12-in-tls13-server
-client = 38-curve-sect233k1-tls12-in-tls13-client
+[43-curve-sect233k1-tls12-in-tls13-ssl]
+server = 43-curve-sect233k1-tls12-in-tls13-server
+client = 43-curve-sect233k1-tls12-in-tls13-client
-[38-curve-sect233k1-tls12-in-tls13-server]
+[43-curve-sect233k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[38-curve-sect233k1-tls12-in-tls13-client]
+[43-curve-sect233k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233k1:P-256
MaxProtocol = TLSv1.3
@@ -1232,7 +1392,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-38]
+[test-43]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1240,21 +1400,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[39-curve-sect233r1-tls12-in-tls13]
-ssl_conf = 39-curve-sect233r1-tls12-in-tls13-ssl
+[44-curve-sect233r1-tls12-in-tls13]
+ssl_conf = 44-curve-sect233r1-tls12-in-tls13-ssl
-[39-curve-sect233r1-tls12-in-tls13-ssl]
-server = 39-curve-sect233r1-tls12-in-tls13-server
-client = 39-curve-sect233r1-tls12-in-tls13-client
+[44-curve-sect233r1-tls12-in-tls13-ssl]
+server = 44-curve-sect233r1-tls12-in-tls13-server
+client = 44-curve-sect233r1-tls12-in-tls13-client
-[39-curve-sect233r1-tls12-in-tls13-server]
+[44-curve-sect233r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[39-curve-sect233r1-tls12-in-tls13-client]
+[44-curve-sect233r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233r1:P-256
MaxProtocol = TLSv1.3
@@ -1262,7 +1422,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-39]
+[test-44]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1270,21 +1430,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[40-curve-sect283k1-tls12-in-tls13]
-ssl_conf = 40-curve-sect283k1-tls12-in-tls13-ssl
+[45-curve-sect283k1-tls12-in-tls13]
+ssl_conf = 45-curve-sect283k1-tls12-in-tls13-ssl
-[40-curve-sect283k1-tls12-in-tls13-ssl]
-server = 40-curve-sect283k1-tls12-in-tls13-server
-client = 40-curve-sect283k1-tls12-in-tls13-client
+[45-curve-sect283k1-tls12-in-tls13-ssl]
+server = 45-curve-sect283k1-tls12-in-tls13-server
+client = 45-curve-sect283k1-tls12-in-tls13-client
-[40-curve-sect283k1-tls12-in-tls13-server]
+[45-curve-sect283k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[40-curve-sect283k1-tls12-in-tls13-client]
+[45-curve-sect283k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283k1:P-256
MaxProtocol = TLSv1.3
@@ -1292,7 +1452,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-40]
+[test-45]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1300,21 +1460,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[41-curve-sect283r1-tls12-in-tls13]
-ssl_conf = 41-curve-sect283r1-tls12-in-tls13-ssl
+[46-curve-sect283r1-tls12-in-tls13]
+ssl_conf = 46-curve-sect283r1-tls12-in-tls13-ssl
-[41-curve-sect283r1-tls12-in-tls13-ssl]
-server = 41-curve-sect283r1-tls12-in-tls13-server
-client = 41-curve-sect283r1-tls12-in-tls13-client
+[46-curve-sect283r1-tls12-in-tls13-ssl]
+server = 46-curve-sect283r1-tls12-in-tls13-server
+client = 46-curve-sect283r1-tls12-in-tls13-client
-[41-curve-sect283r1-tls12-in-tls13-server]
+[46-curve-sect283r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[41-curve-sect283r1-tls12-in-tls13-client]
+[46-curve-sect283r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283r1:P-256
MaxProtocol = TLSv1.3
@@ -1322,7 +1482,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-41]
+[test-46]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1330,21 +1490,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[42-curve-sect409k1-tls12-in-tls13]
-ssl_conf = 42-curve-sect409k1-tls12-in-tls13-ssl
+[47-curve-sect409k1-tls12-in-tls13]
+ssl_conf = 47-curve-sect409k1-tls12-in-tls13-ssl
-[42-curve-sect409k1-tls12-in-tls13-ssl]
-server = 42-curve-sect409k1-tls12-in-tls13-server
-client = 42-curve-sect409k1-tls12-in-tls13-client
+[47-curve-sect409k1-tls12-in-tls13-ssl]
+server = 47-curve-sect409k1-tls12-in-tls13-server
+client = 47-curve-sect409k1-tls12-in-tls13-client
-[42-curve-sect409k1-tls12-in-tls13-server]
+[47-curve-sect409k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[42-curve-sect409k1-tls12-in-tls13-client]
+[47-curve-sect409k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409k1:P-256
MaxProtocol = TLSv1.3
@@ -1352,7 +1512,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-42]
+[test-47]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1360,21 +1520,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[43-curve-sect409r1-tls12-in-tls13]
-ssl_conf = 43-curve-sect409r1-tls12-in-tls13-ssl
+[48-curve-sect409r1-tls12-in-tls13]
+ssl_conf = 48-curve-sect409r1-tls12-in-tls13-ssl
-[43-curve-sect409r1-tls12-in-tls13-ssl]
-server = 43-curve-sect409r1-tls12-in-tls13-server
-client = 43-curve-sect409r1-tls12-in-tls13-client
+[48-curve-sect409r1-tls12-in-tls13-ssl]
+server = 48-curve-sect409r1-tls12-in-tls13-server
+client = 48-curve-sect409r1-tls12-in-tls13-client
-[43-curve-sect409r1-tls12-in-tls13-server]
+[48-curve-sect409r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[43-curve-sect409r1-tls12-in-tls13-client]
+[48-curve-sect409r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409r1:P-256
MaxProtocol = TLSv1.3
@@ -1382,7 +1542,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-43]
+[test-48]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1390,21 +1550,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[44-curve-sect571k1-tls12-in-tls13]
-ssl_conf = 44-curve-sect571k1-tls12-in-tls13-ssl
+[49-curve-sect571k1-tls12-in-tls13]
+ssl_conf = 49-curve-sect571k1-tls12-in-tls13-ssl
-[44-curve-sect571k1-tls12-in-tls13-ssl]
-server = 44-curve-sect571k1-tls12-in-tls13-server
-client = 44-curve-sect571k1-tls12-in-tls13-client
+[49-curve-sect571k1-tls12-in-tls13-ssl]
+server = 49-curve-sect571k1-tls12-in-tls13-server
+client = 49-curve-sect571k1-tls12-in-tls13-client
-[44-curve-sect571k1-tls12-in-tls13-server]
+[49-curve-sect571k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[44-curve-sect571k1-tls12-in-tls13-client]
+[49-curve-sect571k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571k1:P-256
MaxProtocol = TLSv1.3
@@ -1412,7 +1572,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-44]
+[test-49]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1420,21 +1580,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[45-curve-sect571r1-tls12-in-tls13]
-ssl_conf = 45-curve-sect571r1-tls12-in-tls13-ssl
+[50-curve-sect571r1-tls12-in-tls13]
+ssl_conf = 50-curve-sect571r1-tls12-in-tls13-ssl
-[45-curve-sect571r1-tls12-in-tls13-ssl]
-server = 45-curve-sect571r1-tls12-in-tls13-server
-client = 45-curve-sect571r1-tls12-in-tls13-client
+[50-curve-sect571r1-tls12-in-tls13-ssl]
+server = 50-curve-sect571r1-tls12-in-tls13-server
+client = 50-curve-sect571r1-tls12-in-tls13-client
-[45-curve-sect571r1-tls12-in-tls13-server]
+[50-curve-sect571r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[45-curve-sect571r1-tls12-in-tls13-client]
+[50-curve-sect571r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571r1:P-256
MaxProtocol = TLSv1.3
@@ -1442,7 +1602,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-45]
+[test-50]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1450,21 +1610,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[46-curve-secp224r1-tls12-in-tls13]
-ssl_conf = 46-curve-secp224r1-tls12-in-tls13-ssl
+[51-curve-secp224r1-tls12-in-tls13]
+ssl_conf = 51-curve-secp224r1-tls12-in-tls13-ssl
-[46-curve-secp224r1-tls12-in-tls13-ssl]
-server = 46-curve-secp224r1-tls12-in-tls13-server
-client = 46-curve-secp224r1-tls12-in-tls13-client
+[51-curve-secp224r1-tls12-in-tls13-ssl]
+server = 51-curve-secp224r1-tls12-in-tls13-server
+client = 51-curve-secp224r1-tls12-in-tls13-client
-[46-curve-secp224r1-tls12-in-tls13-server]
+[51-curve-secp224r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[46-curve-secp224r1-tls12-in-tls13-client]
+[51-curve-secp224r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224r1:P-256
MaxProtocol = TLSv1.3
@@ -1472,7 +1632,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-46]
+[test-51]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1480,21 +1640,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[47-curve-sect163k1-tls12-in-tls13]
-ssl_conf = 47-curve-sect163k1-tls12-in-tls13-ssl
+[52-curve-sect163k1-tls12-in-tls13]
+ssl_conf = 52-curve-sect163k1-tls12-in-tls13-ssl
-[47-curve-sect163k1-tls12-in-tls13-ssl]
-server = 47-curve-sect163k1-tls12-in-tls13-server
-client = 47-curve-sect163k1-tls12-in-tls13-client
+[52-curve-sect163k1-tls12-in-tls13-ssl]
+server = 52-curve-sect163k1-tls12-in-tls13-server
+client = 52-curve-sect163k1-tls12-in-tls13-client
-[47-curve-sect163k1-tls12-in-tls13-server]
+[52-curve-sect163k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[47-curve-sect163k1-tls12-in-tls13-client]
+[52-curve-sect163k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163k1:P-256
MaxProtocol = TLSv1.3
@@ -1502,7 +1662,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-47]
+[test-52]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1510,21 +1670,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[48-curve-sect163r2-tls12-in-tls13]
-ssl_conf = 48-curve-sect163r2-tls12-in-tls13-ssl
+[53-curve-sect163r2-tls12-in-tls13]
+ssl_conf = 53-curve-sect163r2-tls12-in-tls13-ssl
-[48-curve-sect163r2-tls12-in-tls13-ssl]
-server = 48-curve-sect163r2-tls12-in-tls13-server
-client = 48-curve-sect163r2-tls12-in-tls13-client
+[53-curve-sect163r2-tls12-in-tls13-ssl]
+server = 53-curve-sect163r2-tls12-in-tls13-server
+client = 53-curve-sect163r2-tls12-in-tls13-client
-[48-curve-sect163r2-tls12-in-tls13-server]
+[53-curve-sect163r2-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r2:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[48-curve-sect163r2-tls12-in-tls13-client]
+[53-curve-sect163r2-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r2:P-256
MaxProtocol = TLSv1.3
@@ -1532,7 +1692,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-48]
+[test-53]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1540,21 +1700,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[49-curve-prime192v1-tls12-in-tls13]
-ssl_conf = 49-curve-prime192v1-tls12-in-tls13-ssl
+[54-curve-prime192v1-tls12-in-tls13]
+ssl_conf = 54-curve-prime192v1-tls12-in-tls13-ssl
-[49-curve-prime192v1-tls12-in-tls13-ssl]
-server = 49-curve-prime192v1-tls12-in-tls13-server
-client = 49-curve-prime192v1-tls12-in-tls13-client
+[54-curve-prime192v1-tls12-in-tls13-ssl]
+server = 54-curve-prime192v1-tls12-in-tls13-server
+client = 54-curve-prime192v1-tls12-in-tls13-client
-[49-curve-prime192v1-tls12-in-tls13-server]
+[54-curve-prime192v1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = prime192v1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[49-curve-prime192v1-tls12-in-tls13-client]
+[54-curve-prime192v1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = prime192v1:P-256
MaxProtocol = TLSv1.3
@@ -1562,7 +1722,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-49]
+[test-54]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1570,21 +1730,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[50-curve-sect163r1-tls12-in-tls13]
-ssl_conf = 50-curve-sect163r1-tls12-in-tls13-ssl
+[55-curve-sect163r1-tls12-in-tls13]
+ssl_conf = 55-curve-sect163r1-tls12-in-tls13-ssl
-[50-curve-sect163r1-tls12-in-tls13-ssl]
-server = 50-curve-sect163r1-tls12-in-tls13-server
-client = 50-curve-sect163r1-tls12-in-tls13-client
+[55-curve-sect163r1-tls12-in-tls13-ssl]
+server = 55-curve-sect163r1-tls12-in-tls13-server
+client = 55-curve-sect163r1-tls12-in-tls13-client
-[50-curve-sect163r1-tls12-in-tls13-server]
+[55-curve-sect163r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[50-curve-sect163r1-tls12-in-tls13-client]
+[55-curve-sect163r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r1:P-256
MaxProtocol = TLSv1.3
@@ -1592,7 +1752,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-50]
+[test-55]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1600,21 +1760,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[51-curve-sect193r1-tls12-in-tls13]
-ssl_conf = 51-curve-sect193r1-tls12-in-tls13-ssl
+[56-curve-sect193r1-tls12-in-tls13]
+ssl_conf = 56-curve-sect193r1-tls12-in-tls13-ssl
-[51-curve-sect193r1-tls12-in-tls13-ssl]
-server = 51-curve-sect193r1-tls12-in-tls13-server
-client = 51-curve-sect193r1-tls12-in-tls13-client
+[56-curve-sect193r1-tls12-in-tls13-ssl]
+server = 56-curve-sect193r1-tls12-in-tls13-server
+client = 56-curve-sect193r1-tls12-in-tls13-client
-[51-curve-sect193r1-tls12-in-tls13-server]
+[56-curve-sect193r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[51-curve-sect193r1-tls12-in-tls13-client]
+[56-curve-sect193r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r1:P-256
MaxProtocol = TLSv1.3
@@ -1622,7 +1782,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-51]
+[test-56]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1630,21 +1790,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[52-curve-sect193r2-tls12-in-tls13]
-ssl_conf = 52-curve-sect193r2-tls12-in-tls13-ssl
+[57-curve-sect193r2-tls12-in-tls13]
+ssl_conf = 57-curve-sect193r2-tls12-in-tls13-ssl
-[52-curve-sect193r2-tls12-in-tls13-ssl]
-server = 52-curve-sect193r2-tls12-in-tls13-server
-client = 52-curve-sect193r2-tls12-in-tls13-client
+[57-curve-sect193r2-tls12-in-tls13-ssl]
+server = 57-curve-sect193r2-tls12-in-tls13-server
+client = 57-curve-sect193r2-tls12-in-tls13-client
-[52-curve-sect193r2-tls12-in-tls13-server]
+[57-curve-sect193r2-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r2:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[52-curve-sect193r2-tls12-in-tls13-client]
+[57-curve-sect193r2-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r2:P-256
MaxProtocol = TLSv1.3
@@ -1652,7 +1812,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-52]
+[test-57]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1660,21 +1820,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[53-curve-sect239k1-tls12-in-tls13]
-ssl_conf = 53-curve-sect239k1-tls12-in-tls13-ssl
+[58-curve-sect239k1-tls12-in-tls13]
+ssl_conf = 58-curve-sect239k1-tls12-in-tls13-ssl
-[53-curve-sect239k1-tls12-in-tls13-ssl]
-server = 53-curve-sect239k1-tls12-in-tls13-server
-client = 53-curve-sect239k1-tls12-in-tls13-client
+[58-curve-sect239k1-tls12-in-tls13-ssl]
+server = 58-curve-sect239k1-tls12-in-tls13-server
+client = 58-curve-sect239k1-tls12-in-tls13-client
-[53-curve-sect239k1-tls12-in-tls13-server]
+[58-curve-sect239k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect239k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[53-curve-sect239k1-tls12-in-tls13-client]
+[58-curve-sect239k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect239k1:P-256
MaxProtocol = TLSv1.3
@@ -1682,7 +1842,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-53]
+[test-58]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1690,21 +1850,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[54-curve-secp160k1-tls12-in-tls13]
-ssl_conf = 54-curve-secp160k1-tls12-in-tls13-ssl
+[59-curve-secp160k1-tls12-in-tls13]
+ssl_conf = 59-curve-secp160k1-tls12-in-tls13-ssl
-[54-curve-secp160k1-tls12-in-tls13-ssl]
-server = 54-curve-secp160k1-tls12-in-tls13-server
-client = 54-curve-secp160k1-tls12-in-tls13-client
+[59-curve-secp160k1-tls12-in-tls13-ssl]
+server = 59-curve-secp160k1-tls12-in-tls13-server
+client = 59-curve-secp160k1-tls12-in-tls13-client
-[54-curve-secp160k1-tls12-in-tls13-server]
+[59-curve-secp160k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[54-curve-secp160k1-tls12-in-tls13-client]
+[59-curve-secp160k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160k1:P-256
MaxProtocol = TLSv1.3
@@ -1712,7 +1872,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-54]
+[test-59]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1720,21 +1880,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[55-curve-secp160r1-tls12-in-tls13]
-ssl_conf = 55-curve-secp160r1-tls12-in-tls13-ssl
+[60-curve-secp160r1-tls12-in-tls13]
+ssl_conf = 60-curve-secp160r1-tls12-in-tls13-ssl
-[55-curve-secp160r1-tls12-in-tls13-ssl]
-server = 55-curve-secp160r1-tls12-in-tls13-server
-client = 55-curve-secp160r1-tls12-in-tls13-client
+[60-curve-secp160r1-tls12-in-tls13-ssl]
+server = 60-curve-secp160r1-tls12-in-tls13-server
+client = 60-curve-secp160r1-tls12-in-tls13-client
-[55-curve-secp160r1-tls12-in-tls13-server]
+[60-curve-secp160r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[55-curve-secp160r1-tls12-in-tls13-client]
+[60-curve-secp160r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r1:P-256
MaxProtocol = TLSv1.3
@@ -1742,7 +1902,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-55]
+[test-60]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1750,21 +1910,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[56-curve-secp160r2-tls12-in-tls13]
-ssl_conf = 56-curve-secp160r2-tls12-in-tls13-ssl
+[61-curve-secp160r2-tls12-in-tls13]
+ssl_conf = 61-curve-secp160r2-tls12-in-tls13-ssl
-[56-curve-secp160r2-tls12-in-tls13-ssl]
-server = 56-curve-secp160r2-tls12-in-tls13-server
-client = 56-curve-secp160r2-tls12-in-tls13-client
+[61-curve-secp160r2-tls12-in-tls13-ssl]
+server = 61-curve-secp160r2-tls12-in-tls13-server
+client = 61-curve-secp160r2-tls12-in-tls13-client
-[56-curve-secp160r2-tls12-in-tls13-server]
+[61-curve-secp160r2-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r2:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[56-curve-secp160r2-tls12-in-tls13-client]
+[61-curve-secp160r2-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r2:P-256
MaxProtocol = TLSv1.3
@@ -1772,7 +1932,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-56]
+[test-61]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1780,21 +1940,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[57-curve-secp192k1-tls12-in-tls13]
-ssl_conf = 57-curve-secp192k1-tls12-in-tls13-ssl
+[62-curve-secp192k1-tls12-in-tls13]
+ssl_conf = 62-curve-secp192k1-tls12-in-tls13-ssl
-[57-curve-secp192k1-tls12-in-tls13-ssl]
-server = 57-curve-secp192k1-tls12-in-tls13-server
-client = 57-curve-secp192k1-tls12-in-tls13-client
+[62-curve-secp192k1-tls12-in-tls13-ssl]
+server = 62-curve-secp192k1-tls12-in-tls13-server
+client = 62-curve-secp192k1-tls12-in-tls13-client
-[57-curve-secp192k1-tls12-in-tls13-server]
+[62-curve-secp192k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp192k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[57-curve-secp192k1-tls12-in-tls13-client]
+[62-curve-secp192k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp192k1:P-256
MaxProtocol = TLSv1.3
@@ -1802,7 +1962,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-57]
+[test-62]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1810,21 +1970,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[58-curve-secp224k1-tls12-in-tls13]
-ssl_conf = 58-curve-secp224k1-tls12-in-tls13-ssl
+[63-curve-secp224k1-tls12-in-tls13]
+ssl_conf = 63-curve-secp224k1-tls12-in-tls13-ssl
-[58-curve-secp224k1-tls12-in-tls13-ssl]
-server = 58-curve-secp224k1-tls12-in-tls13-server
-client = 58-curve-secp224k1-tls12-in-tls13-client
+[63-curve-secp224k1-tls12-in-tls13-ssl]
+server = 63-curve-secp224k1-tls12-in-tls13-server
+client = 63-curve-secp224k1-tls12-in-tls13-client
-[58-curve-secp224k1-tls12-in-tls13-server]
+[63-curve-secp224k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[58-curve-secp224k1-tls12-in-tls13-client]
+[63-curve-secp224k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224k1:P-256
MaxProtocol = TLSv1.3
@@ -1832,7 +1992,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-58]
+[test-63]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1840,21 +2000,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[59-curve-secp256k1-tls12-in-tls13]
-ssl_conf = 59-curve-secp256k1-tls12-in-tls13-ssl
+[64-curve-secp256k1-tls12-in-tls13]
+ssl_conf = 64-curve-secp256k1-tls12-in-tls13-ssl
-[59-curve-secp256k1-tls12-in-tls13-ssl]
-server = 59-curve-secp256k1-tls12-in-tls13-server
-client = 59-curve-secp256k1-tls12-in-tls13-client
+[64-curve-secp256k1-tls12-in-tls13-ssl]
+server = 64-curve-secp256k1-tls12-in-tls13-server
+client = 64-curve-secp256k1-tls12-in-tls13-client
-[59-curve-secp256k1-tls12-in-tls13-server]
+[64-curve-secp256k1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp256k1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[59-curve-secp256k1-tls12-in-tls13-client]
+[64-curve-secp256k1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp256k1:P-256
MaxProtocol = TLSv1.3
@@ -1862,7 +2022,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-59]
+[test-64]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1870,21 +2030,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[60-curve-brainpoolP256r1-tls12-in-tls13]
-ssl_conf = 60-curve-brainpoolP256r1-tls12-in-tls13-ssl
+[65-curve-brainpoolP256r1-tls12-in-tls13]
+ssl_conf = 65-curve-brainpoolP256r1-tls12-in-tls13-ssl
-[60-curve-brainpoolP256r1-tls12-in-tls13-ssl]
-server = 60-curve-brainpoolP256r1-tls12-in-tls13-server
-client = 60-curve-brainpoolP256r1-tls12-in-tls13-client
+[65-curve-brainpoolP256r1-tls12-in-tls13-ssl]
+server = 65-curve-brainpoolP256r1-tls12-in-tls13-server
+client = 65-curve-brainpoolP256r1-tls12-in-tls13-client
-[60-curve-brainpoolP256r1-tls12-in-tls13-server]
+[65-curve-brainpoolP256r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[60-curve-brainpoolP256r1-tls12-in-tls13-client]
+[65-curve-brainpoolP256r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP256r1:P-256
MaxProtocol = TLSv1.3
@@ -1892,7 +2052,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-60]
+[test-65]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1900,21 +2060,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[61-curve-brainpoolP384r1-tls12-in-tls13]
-ssl_conf = 61-curve-brainpoolP384r1-tls12-in-tls13-ssl
+[66-curve-brainpoolP384r1-tls12-in-tls13]
+ssl_conf = 66-curve-brainpoolP384r1-tls12-in-tls13-ssl
-[61-curve-brainpoolP384r1-tls12-in-tls13-ssl]
-server = 61-curve-brainpoolP384r1-tls12-in-tls13-server
-client = 61-curve-brainpoolP384r1-tls12-in-tls13-client
+[66-curve-brainpoolP384r1-tls12-in-tls13-ssl]
+server = 66-curve-brainpoolP384r1-tls12-in-tls13-server
+client = 66-curve-brainpoolP384r1-tls12-in-tls13-client
-[61-curve-brainpoolP384r1-tls12-in-tls13-server]
+[66-curve-brainpoolP384r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[61-curve-brainpoolP384r1-tls12-in-tls13-client]
+[66-curve-brainpoolP384r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP384r1:P-256
MaxProtocol = TLSv1.3
@@ -1922,7 +2082,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-61]
+[test-66]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1930,21 +2090,21 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[62-curve-brainpoolP512r1-tls12-in-tls13]
-ssl_conf = 62-curve-brainpoolP512r1-tls12-in-tls13-ssl
+[67-curve-brainpoolP512r1-tls12-in-tls13]
+ssl_conf = 67-curve-brainpoolP512r1-tls12-in-tls13-ssl
-[62-curve-brainpoolP512r1-tls12-in-tls13-ssl]
-server = 62-curve-brainpoolP512r1-tls12-in-tls13-server
-client = 62-curve-brainpoolP512r1-tls12-in-tls13-client
+[67-curve-brainpoolP512r1-tls12-in-tls13-ssl]
+server = 67-curve-brainpoolP512r1-tls12-in-tls13-server
+client = 67-curve-brainpoolP512r1-tls12-in-tls13-client
-[62-curve-brainpoolP512r1-tls12-in-tls13-server]
+[67-curve-brainpoolP512r1-tls12-in-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1:P-256
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[62-curve-brainpoolP512r1-tls12-in-tls13-client]
+[67-curve-brainpoolP512r1-tls12-in-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP512r1:P-256
MaxProtocol = TLSv1.3
@@ -1952,7 +2112,7 @@ MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-62]
+[test-67]
ExpectedProtocol = TLSv1.3
ExpectedResult = Success
ExpectedTmpKeyType = P-256
@@ -1960,1108 +2120,1378 @@ ExpectedTmpKeyType = P-256
# ===========================================================
-[63-curve-sect233k1-tls13]
-ssl_conf = 63-curve-sect233k1-tls13-ssl
+[68-curve-sect233k1-tls13]
+ssl_conf = 68-curve-sect233k1-tls13-ssl
-[63-curve-sect233k1-tls13-ssl]
-server = 63-curve-sect233k1-tls13-server
-client = 63-curve-sect233k1-tls13-client
+[68-curve-sect233k1-tls13-ssl]
+server = 68-curve-sect233k1-tls13-server
+client = 68-curve-sect233k1-tls13-client
-[63-curve-sect233k1-tls13-server]
+[68-curve-sect233k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[63-curve-sect233k1-tls13-client]
+[68-curve-sect233k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-63]
+[test-68]
ExpectedResult = ClientFail
# ===========================================================
-[64-curve-sect233r1-tls13]
-ssl_conf = 64-curve-sect233r1-tls13-ssl
+[69-curve-sect233r1-tls13]
+ssl_conf = 69-curve-sect233r1-tls13-ssl
-[64-curve-sect233r1-tls13-ssl]
-server = 64-curve-sect233r1-tls13-server
-client = 64-curve-sect233r1-tls13-client
+[69-curve-sect233r1-tls13-ssl]
+server = 69-curve-sect233r1-tls13-server
+client = 69-curve-sect233r1-tls13-client
-[64-curve-sect233r1-tls13-server]
+[69-curve-sect233r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect233r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[64-curve-sect233r1-tls13-client]
+[69-curve-sect233r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect233r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-64]
+[test-69]
ExpectedResult = ClientFail
# ===========================================================
-[65-curve-sect283k1-tls13]
-ssl_conf = 65-curve-sect283k1-tls13-ssl
+[70-curve-sect283k1-tls13]
+ssl_conf = 70-curve-sect283k1-tls13-ssl
-[65-curve-sect283k1-tls13-ssl]
-server = 65-curve-sect283k1-tls13-server
-client = 65-curve-sect283k1-tls13-client
+[70-curve-sect283k1-tls13-ssl]
+server = 70-curve-sect283k1-tls13-server
+client = 70-curve-sect283k1-tls13-client
-[65-curve-sect283k1-tls13-server]
+[70-curve-sect283k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[65-curve-sect283k1-tls13-client]
+[70-curve-sect283k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-65]
+[test-70]
ExpectedResult = ClientFail
# ===========================================================
-[66-curve-sect283r1-tls13]
-ssl_conf = 66-curve-sect283r1-tls13-ssl
+[71-curve-sect283r1-tls13]
+ssl_conf = 71-curve-sect283r1-tls13-ssl
-[66-curve-sect283r1-tls13-ssl]
-server = 66-curve-sect283r1-tls13-server
-client = 66-curve-sect283r1-tls13-client
+[71-curve-sect283r1-tls13-ssl]
+server = 71-curve-sect283r1-tls13-server
+client = 71-curve-sect283r1-tls13-client
-[66-curve-sect283r1-tls13-server]
+[71-curve-sect283r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect283r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[66-curve-sect283r1-tls13-client]
+[71-curve-sect283r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect283r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-66]
+[test-71]
ExpectedResult = ClientFail
# ===========================================================
-[67-curve-sect409k1-tls13]
-ssl_conf = 67-curve-sect409k1-tls13-ssl
+[72-curve-sect409k1-tls13]
+ssl_conf = 72-curve-sect409k1-tls13-ssl
-[67-curve-sect409k1-tls13-ssl]
-server = 67-curve-sect409k1-tls13-server
-client = 67-curve-sect409k1-tls13-client
+[72-curve-sect409k1-tls13-ssl]
+server = 72-curve-sect409k1-tls13-server
+client = 72-curve-sect409k1-tls13-client
-[67-curve-sect409k1-tls13-server]
+[72-curve-sect409k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[67-curve-sect409k1-tls13-client]
+[72-curve-sect409k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-67]
+[test-72]
ExpectedResult = ClientFail
# ===========================================================
-[68-curve-sect409r1-tls13]
-ssl_conf = 68-curve-sect409r1-tls13-ssl
+[73-curve-sect409r1-tls13]
+ssl_conf = 73-curve-sect409r1-tls13-ssl
-[68-curve-sect409r1-tls13-ssl]
-server = 68-curve-sect409r1-tls13-server
-client = 68-curve-sect409r1-tls13-client
+[73-curve-sect409r1-tls13-ssl]
+server = 73-curve-sect409r1-tls13-server
+client = 73-curve-sect409r1-tls13-client
-[68-curve-sect409r1-tls13-server]
+[73-curve-sect409r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect409r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[68-curve-sect409r1-tls13-client]
+[73-curve-sect409r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect409r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-68]
+[test-73]
ExpectedResult = ClientFail
# ===========================================================
-[69-curve-sect571k1-tls13]
-ssl_conf = 69-curve-sect571k1-tls13-ssl
+[74-curve-sect571k1-tls13]
+ssl_conf = 74-curve-sect571k1-tls13-ssl
-[69-curve-sect571k1-tls13-ssl]
-server = 69-curve-sect571k1-tls13-server
-client = 69-curve-sect571k1-tls13-client
+[74-curve-sect571k1-tls13-ssl]
+server = 74-curve-sect571k1-tls13-server
+client = 74-curve-sect571k1-tls13-client
-[69-curve-sect571k1-tls13-server]
+[74-curve-sect571k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[69-curve-sect571k1-tls13-client]
+[74-curve-sect571k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-69]
+[test-74]
ExpectedResult = ClientFail
# ===========================================================
-[70-curve-sect571r1-tls13]
-ssl_conf = 70-curve-sect571r1-tls13-ssl
+[75-curve-sect571r1-tls13]
+ssl_conf = 75-curve-sect571r1-tls13-ssl
-[70-curve-sect571r1-tls13-ssl]
-server = 70-curve-sect571r1-tls13-server
-client = 70-curve-sect571r1-tls13-client
+[75-curve-sect571r1-tls13-ssl]
+server = 75-curve-sect571r1-tls13-server
+client = 75-curve-sect571r1-tls13-client
-[70-curve-sect571r1-tls13-server]
+[75-curve-sect571r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect571r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[70-curve-sect571r1-tls13-client]
+[75-curve-sect571r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect571r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-70]
+[test-75]
ExpectedResult = ClientFail
# ===========================================================
-[71-curve-secp224r1-tls13]
-ssl_conf = 71-curve-secp224r1-tls13-ssl
+[76-curve-secp224r1-tls13]
+ssl_conf = 76-curve-secp224r1-tls13-ssl
-[71-curve-secp224r1-tls13-ssl]
-server = 71-curve-secp224r1-tls13-server
-client = 71-curve-secp224r1-tls13-client
+[76-curve-secp224r1-tls13-ssl]
+server = 76-curve-secp224r1-tls13-server
+client = 76-curve-secp224r1-tls13-client
-[71-curve-secp224r1-tls13-server]
+[76-curve-secp224r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[71-curve-secp224r1-tls13-client]
+[76-curve-secp224r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-71]
+[test-76]
ExpectedResult = ClientFail
# ===========================================================
-[72-curve-sect163k1-tls13]
-ssl_conf = 72-curve-sect163k1-tls13-ssl
+[77-curve-sect163k1-tls13]
+ssl_conf = 77-curve-sect163k1-tls13-ssl
-[72-curve-sect163k1-tls13-ssl]
-server = 72-curve-sect163k1-tls13-server
-client = 72-curve-sect163k1-tls13-client
+[77-curve-sect163k1-tls13-ssl]
+server = 77-curve-sect163k1-tls13-server
+client = 77-curve-sect163k1-tls13-client
-[72-curve-sect163k1-tls13-server]
+[77-curve-sect163k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[72-curve-sect163k1-tls13-client]
+[77-curve-sect163k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-72]
+[test-77]
ExpectedResult = ClientFail
# ===========================================================
-[73-curve-sect163r2-tls13]
-ssl_conf = 73-curve-sect163r2-tls13-ssl
+[78-curve-sect163r2-tls13]
+ssl_conf = 78-curve-sect163r2-tls13-ssl
-[73-curve-sect163r2-tls13-ssl]
-server = 73-curve-sect163r2-tls13-server
-client = 73-curve-sect163r2-tls13-client
+[78-curve-sect163r2-tls13-ssl]
+server = 78-curve-sect163r2-tls13-server
+client = 78-curve-sect163r2-tls13-client
-[73-curve-sect163r2-tls13-server]
+[78-curve-sect163r2-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[73-curve-sect163r2-tls13-client]
+[78-curve-sect163r2-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r2
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-73]
+[test-78]
ExpectedResult = ClientFail
# ===========================================================
-[74-curve-prime192v1-tls13]
-ssl_conf = 74-curve-prime192v1-tls13-ssl
+[79-curve-prime192v1-tls13]
+ssl_conf = 79-curve-prime192v1-tls13-ssl
-[74-curve-prime192v1-tls13-ssl]
-server = 74-curve-prime192v1-tls13-server
-client = 74-curve-prime192v1-tls13-client
+[79-curve-prime192v1-tls13-ssl]
+server = 79-curve-prime192v1-tls13-server
+client = 79-curve-prime192v1-tls13-client
-[74-curve-prime192v1-tls13-server]
+[79-curve-prime192v1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = prime192v1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[74-curve-prime192v1-tls13-client]
+[79-curve-prime192v1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = prime192v1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-74]
+[test-79]
ExpectedResult = ClientFail
# ===========================================================
-[75-curve-sect163r1-tls13]
-ssl_conf = 75-curve-sect163r1-tls13-ssl
+[80-curve-sect163r1-tls13]
+ssl_conf = 80-curve-sect163r1-tls13-ssl
-[75-curve-sect163r1-tls13-ssl]
-server = 75-curve-sect163r1-tls13-server
-client = 75-curve-sect163r1-tls13-client
+[80-curve-sect163r1-tls13-ssl]
+server = 80-curve-sect163r1-tls13-server
+client = 80-curve-sect163r1-tls13-client
-[75-curve-sect163r1-tls13-server]
+[80-curve-sect163r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect163r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[75-curve-sect163r1-tls13-client]
+[80-curve-sect163r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect163r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-75]
+[test-80]
ExpectedResult = ClientFail
# ===========================================================
-[76-curve-sect193r1-tls13]
-ssl_conf = 76-curve-sect193r1-tls13-ssl
+[81-curve-sect193r1-tls13]
+ssl_conf = 81-curve-sect193r1-tls13-ssl
-[76-curve-sect193r1-tls13-ssl]
-server = 76-curve-sect193r1-tls13-server
-client = 76-curve-sect193r1-tls13-client
+[81-curve-sect193r1-tls13-ssl]
+server = 81-curve-sect193r1-tls13-server
+client = 81-curve-sect193r1-tls13-client
-[76-curve-sect193r1-tls13-server]
+[81-curve-sect193r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[76-curve-sect193r1-tls13-client]
+[81-curve-sect193r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-76]
+[test-81]
ExpectedResult = ClientFail
# ===========================================================
-[77-curve-sect193r2-tls13]
-ssl_conf = 77-curve-sect193r2-tls13-ssl
+[82-curve-sect193r2-tls13]
+ssl_conf = 82-curve-sect193r2-tls13-ssl
-[77-curve-sect193r2-tls13-ssl]
-server = 77-curve-sect193r2-tls13-server
-client = 77-curve-sect193r2-tls13-client
+[82-curve-sect193r2-tls13-ssl]
+server = 82-curve-sect193r2-tls13-server
+client = 82-curve-sect193r2-tls13-client
-[77-curve-sect193r2-tls13-server]
+[82-curve-sect193r2-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect193r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[77-curve-sect193r2-tls13-client]
+[82-curve-sect193r2-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect193r2
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-77]
+[test-82]
ExpectedResult = ClientFail
# ===========================================================
-[78-curve-sect239k1-tls13]
-ssl_conf = 78-curve-sect239k1-tls13-ssl
+[83-curve-sect239k1-tls13]
+ssl_conf = 83-curve-sect239k1-tls13-ssl
-[78-curve-sect239k1-tls13-ssl]
-server = 78-curve-sect239k1-tls13-server
-client = 78-curve-sect239k1-tls13-client
+[83-curve-sect239k1-tls13-ssl]
+server = 83-curve-sect239k1-tls13-server
+client = 83-curve-sect239k1-tls13-client
-[78-curve-sect239k1-tls13-server]
+[83-curve-sect239k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = sect239k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[78-curve-sect239k1-tls13-client]
+[83-curve-sect239k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = sect239k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-78]
+[test-83]
ExpectedResult = ClientFail
# ===========================================================
-[79-curve-secp160k1-tls13]
-ssl_conf = 79-curve-secp160k1-tls13-ssl
+[84-curve-secp160k1-tls13]
+ssl_conf = 84-curve-secp160k1-tls13-ssl
-[79-curve-secp160k1-tls13-ssl]
-server = 79-curve-secp160k1-tls13-server
-client = 79-curve-secp160k1-tls13-client
+[84-curve-secp160k1-tls13-ssl]
+server = 84-curve-secp160k1-tls13-server
+client = 84-curve-secp160k1-tls13-client
-[79-curve-secp160k1-tls13-server]
+[84-curve-secp160k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[79-curve-secp160k1-tls13-client]
+[84-curve-secp160k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-79]
+[test-84]
ExpectedResult = ClientFail
# ===========================================================
-[80-curve-secp160r1-tls13]
-ssl_conf = 80-curve-secp160r1-tls13-ssl
+[85-curve-secp160r1-tls13]
+ssl_conf = 85-curve-secp160r1-tls13-ssl
-[80-curve-secp160r1-tls13-ssl]
-server = 80-curve-secp160r1-tls13-server
-client = 80-curve-secp160r1-tls13-client
+[85-curve-secp160r1-tls13-ssl]
+server = 85-curve-secp160r1-tls13-server
+client = 85-curve-secp160r1-tls13-client
-[80-curve-secp160r1-tls13-server]
+[85-curve-secp160r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[80-curve-secp160r1-tls13-client]
+[85-curve-secp160r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-80]
+[test-85]
ExpectedResult = ClientFail
# ===========================================================
-[81-curve-secp160r2-tls13]
-ssl_conf = 81-curve-secp160r2-tls13-ssl
+[86-curve-secp160r2-tls13]
+ssl_conf = 86-curve-secp160r2-tls13-ssl
-[81-curve-secp160r2-tls13-ssl]
-server = 81-curve-secp160r2-tls13-server
-client = 81-curve-secp160r2-tls13-client
+[86-curve-secp160r2-tls13-ssl]
+server = 86-curve-secp160r2-tls13-server
+client = 86-curve-secp160r2-tls13-client
-[81-curve-secp160r2-tls13-server]
+[86-curve-secp160r2-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp160r2
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[81-curve-secp160r2-tls13-client]
+[86-curve-secp160r2-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp160r2
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-81]
+[test-86]
ExpectedResult = ClientFail
# ===========================================================
-[82-curve-secp192k1-tls13]
-ssl_conf = 82-curve-secp192k1-tls13-ssl
+[87-curve-secp192k1-tls13]
+ssl_conf = 87-curve-secp192k1-tls13-ssl
-[82-curve-secp192k1-tls13-ssl]
-server = 82-curve-secp192k1-tls13-server
-client = 82-curve-secp192k1-tls13-client
+[87-curve-secp192k1-tls13-ssl]
+server = 87-curve-secp192k1-tls13-server
+client = 87-curve-secp192k1-tls13-client
-[82-curve-secp192k1-tls13-server]
+[87-curve-secp192k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp192k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[82-curve-secp192k1-tls13-client]
+[87-curve-secp192k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp192k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-82]
+[test-87]
ExpectedResult = ClientFail
# ===========================================================
-[83-curve-secp224k1-tls13]
-ssl_conf = 83-curve-secp224k1-tls13-ssl
+[88-curve-secp224k1-tls13]
+ssl_conf = 88-curve-secp224k1-tls13-ssl
-[83-curve-secp224k1-tls13-ssl]
-server = 83-curve-secp224k1-tls13-server
-client = 83-curve-secp224k1-tls13-client
+[88-curve-secp224k1-tls13-ssl]
+server = 88-curve-secp224k1-tls13-server
+client = 88-curve-secp224k1-tls13-client
-[83-curve-secp224k1-tls13-server]
+[88-curve-secp224k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp224k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[83-curve-secp224k1-tls13-client]
+[88-curve-secp224k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp224k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-83]
+[test-88]
ExpectedResult = ClientFail
# ===========================================================
-[84-curve-secp256k1-tls13]
-ssl_conf = 84-curve-secp256k1-tls13-ssl
+[89-curve-secp256k1-tls13]
+ssl_conf = 89-curve-secp256k1-tls13-ssl
-[84-curve-secp256k1-tls13-ssl]
-server = 84-curve-secp256k1-tls13-server
-client = 84-curve-secp256k1-tls13-client
+[89-curve-secp256k1-tls13-ssl]
+server = 89-curve-secp256k1-tls13-server
+client = 89-curve-secp256k1-tls13-client
-[84-curve-secp256k1-tls13-server]
+[89-curve-secp256k1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = secp256k1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[84-curve-secp256k1-tls13-client]
+[89-curve-secp256k1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = secp256k1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-84]
+[test-89]
ExpectedResult = ClientFail
# ===========================================================
-[85-curve-brainpoolP256r1-tls13]
-ssl_conf = 85-curve-brainpoolP256r1-tls13-ssl
+[90-curve-brainpoolP256r1-tls13]
+ssl_conf = 90-curve-brainpoolP256r1-tls13-ssl
-[85-curve-brainpoolP256r1-tls13-ssl]
-server = 85-curve-brainpoolP256r1-tls13-server
-client = 85-curve-brainpoolP256r1-tls13-client
+[90-curve-brainpoolP256r1-tls13-ssl]
+server = 90-curve-brainpoolP256r1-tls13-server
+client = 90-curve-brainpoolP256r1-tls13-client
-[85-curve-brainpoolP256r1-tls13-server]
+[90-curve-brainpoolP256r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[85-curve-brainpoolP256r1-tls13-client]
+[90-curve-brainpoolP256r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP256r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-85]
+[test-90]
ExpectedResult = ClientFail
# ===========================================================
-[86-curve-brainpoolP384r1-tls13]
-ssl_conf = 86-curve-brainpoolP384r1-tls13-ssl
+[91-curve-brainpoolP384r1-tls13]
+ssl_conf = 91-curve-brainpoolP384r1-tls13-ssl
-[86-curve-brainpoolP384r1-tls13-ssl]
-server = 86-curve-brainpoolP384r1-tls13-server
-client = 86-curve-brainpoolP384r1-tls13-client
+[91-curve-brainpoolP384r1-tls13-ssl]
+server = 91-curve-brainpoolP384r1-tls13-server
+client = 91-curve-brainpoolP384r1-tls13-client
-[86-curve-brainpoolP384r1-tls13-server]
+[91-curve-brainpoolP384r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[86-curve-brainpoolP384r1-tls13-client]
+[91-curve-brainpoolP384r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP384r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-86]
+[test-91]
ExpectedResult = ClientFail
# ===========================================================
-[87-curve-brainpoolP512r1-tls13]
-ssl_conf = 87-curve-brainpoolP512r1-tls13-ssl
+[92-curve-brainpoolP512r1-tls13]
+ssl_conf = 92-curve-brainpoolP512r1-tls13-ssl
-[87-curve-brainpoolP512r1-tls13-ssl]
-server = 87-curve-brainpoolP512r1-tls13-server
-client = 87-curve-brainpoolP512r1-tls13-client
+[92-curve-brainpoolP512r1-tls13-ssl]
+server = 92-curve-brainpoolP512r1-tls13-server
+client = 92-curve-brainpoolP512r1-tls13-client
-[87-curve-brainpoolP512r1-tls13-server]
+[92-curve-brainpoolP512r1-tls13-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[87-curve-brainpoolP512r1-tls13-client]
+[92-curve-brainpoolP512r1-tls13-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP512r1
MinProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-87]
+[test-92]
ExpectedResult = ClientFail
# ===========================================================
-[88-curve-ffdhe2048-tls13-in-tls12]
-ssl_conf = 88-curve-ffdhe2048-tls13-in-tls12-ssl
+[93-curve-ffdhe2048-tls13-in-tls12]
+ssl_conf = 93-curve-ffdhe2048-tls13-in-tls12-ssl
-[88-curve-ffdhe2048-tls13-in-tls12-ssl]
-server = 88-curve-ffdhe2048-tls13-in-tls12-server
-client = 88-curve-ffdhe2048-tls13-in-tls12-client
+[93-curve-ffdhe2048-tls13-in-tls12-ssl]
+server = 93-curve-ffdhe2048-tls13-in-tls12-server
+client = 93-curve-ffdhe2048-tls13-in-tls12-client
-[88-curve-ffdhe2048-tls13-in-tls12-server]
+[93-curve-ffdhe2048-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe2048
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[88-curve-ffdhe2048-tls13-in-tls12-client]
+[93-curve-ffdhe2048-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = ffdhe2048
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-88]
+[test-93]
ExpectedResult = ServerFail
# ===========================================================
-[89-curve-ffdhe2048-tls13-in-tls12-2]
-ssl_conf = 89-curve-ffdhe2048-tls13-in-tls12-2-ssl
+[94-curve-ffdhe2048-tls13-in-tls12-2]
+ssl_conf = 94-curve-ffdhe2048-tls13-in-tls12-2-ssl
-[89-curve-ffdhe2048-tls13-in-tls12-2-ssl]
-server = 89-curve-ffdhe2048-tls13-in-tls12-2-server
-client = 89-curve-ffdhe2048-tls13-in-tls12-2-client
+[94-curve-ffdhe2048-tls13-in-tls12-2-ssl]
+server = 94-curve-ffdhe2048-tls13-in-tls12-2-server
+client = 94-curve-ffdhe2048-tls13-in-tls12-2-client
-[89-curve-ffdhe2048-tls13-in-tls12-2-server]
+[94-curve-ffdhe2048-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe2048
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[89-curve-ffdhe2048-tls13-in-tls12-2-client]
+[94-curve-ffdhe2048-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe2048
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-89]
+[test-94]
ExpectedResult = Success
# ===========================================================
-[90-curve-ffdhe3072-tls13-in-tls12]
-ssl_conf = 90-curve-ffdhe3072-tls13-in-tls12-ssl
+[95-curve-ffdhe3072-tls13-in-tls12]
+ssl_conf = 95-curve-ffdhe3072-tls13-in-tls12-ssl
-[90-curve-ffdhe3072-tls13-in-tls12-ssl]
-server = 90-curve-ffdhe3072-tls13-in-tls12-server
-client = 90-curve-ffdhe3072-tls13-in-tls12-client
+[95-curve-ffdhe3072-tls13-in-tls12-ssl]
+server = 95-curve-ffdhe3072-tls13-in-tls12-server
+client = 95-curve-ffdhe3072-tls13-in-tls12-client
-[90-curve-ffdhe3072-tls13-in-tls12-server]
+[95-curve-ffdhe3072-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe3072
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[90-curve-ffdhe3072-tls13-in-tls12-client]
+[95-curve-ffdhe3072-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = ffdhe3072
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-90]
+[test-95]
ExpectedResult = ServerFail
# ===========================================================
-[91-curve-ffdhe3072-tls13-in-tls12-2]
-ssl_conf = 91-curve-ffdhe3072-tls13-in-tls12-2-ssl
+[96-curve-ffdhe3072-tls13-in-tls12-2]
+ssl_conf = 96-curve-ffdhe3072-tls13-in-tls12-2-ssl
-[91-curve-ffdhe3072-tls13-in-tls12-2-ssl]
-server = 91-curve-ffdhe3072-tls13-in-tls12-2-server
-client = 91-curve-ffdhe3072-tls13-in-tls12-2-client
+[96-curve-ffdhe3072-tls13-in-tls12-2-ssl]
+server = 96-curve-ffdhe3072-tls13-in-tls12-2-server
+client = 96-curve-ffdhe3072-tls13-in-tls12-2-client
-[91-curve-ffdhe3072-tls13-in-tls12-2-server]
+[96-curve-ffdhe3072-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe3072
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[91-curve-ffdhe3072-tls13-in-tls12-2-client]
+[96-curve-ffdhe3072-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe3072
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-91]
+[test-96]
ExpectedResult = Success
# ===========================================================
-[92-curve-ffdhe4096-tls13-in-tls12]
-ssl_conf = 92-curve-ffdhe4096-tls13-in-tls12-ssl
+[97-curve-ffdhe4096-tls13-in-tls12]
+ssl_conf = 97-curve-ffdhe4096-tls13-in-tls12-ssl
-[92-curve-ffdhe4096-tls13-in-tls12-ssl]
-server = 92-curve-ffdhe4096-tls13-in-tls12-server
-client = 92-curve-ffdhe4096-tls13-in-tls12-client
+[97-curve-ffdhe4096-tls13-in-tls12-ssl]
+server = 97-curve-ffdhe4096-tls13-in-tls12-server
+client = 97-curve-ffdhe4096-tls13-in-tls12-client
-[92-curve-ffdhe4096-tls13-in-tls12-server]
+[97-curve-ffdhe4096-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe4096
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[92-curve-ffdhe4096-tls13-in-tls12-client]
+[97-curve-ffdhe4096-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = ffdhe4096
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-92]
+[test-97]
ExpectedResult = ServerFail
# ===========================================================
-[93-curve-ffdhe4096-tls13-in-tls12-2]
-ssl_conf = 93-curve-ffdhe4096-tls13-in-tls12-2-ssl
+[98-curve-ffdhe4096-tls13-in-tls12-2]
+ssl_conf = 98-curve-ffdhe4096-tls13-in-tls12-2-ssl
-[93-curve-ffdhe4096-tls13-in-tls12-2-ssl]
-server = 93-curve-ffdhe4096-tls13-in-tls12-2-server
-client = 93-curve-ffdhe4096-tls13-in-tls12-2-client
+[98-curve-ffdhe4096-tls13-in-tls12-2-ssl]
+server = 98-curve-ffdhe4096-tls13-in-tls12-2-server
+client = 98-curve-ffdhe4096-tls13-in-tls12-2-client
-[93-curve-ffdhe4096-tls13-in-tls12-2-server]
+[98-curve-ffdhe4096-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe4096
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[93-curve-ffdhe4096-tls13-in-tls12-2-client]
+[98-curve-ffdhe4096-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe4096
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-93]
+[test-98]
ExpectedResult = Success
# ===========================================================
-[94-curve-ffdhe6144-tls13-in-tls12]
-ssl_conf = 94-curve-ffdhe6144-tls13-in-tls12-ssl
+[99-curve-ffdhe6144-tls13-in-tls12]
+ssl_conf = 99-curve-ffdhe6144-tls13-in-tls12-ssl
-[94-curve-ffdhe6144-tls13-in-tls12-ssl]
-server = 94-curve-ffdhe6144-tls13-in-tls12-server
-client = 94-curve-ffdhe6144-tls13-in-tls12-client
+[99-curve-ffdhe6144-tls13-in-tls12-ssl]
+server = 99-curve-ffdhe6144-tls13-in-tls12-server
+client = 99-curve-ffdhe6144-tls13-in-tls12-client
-[94-curve-ffdhe6144-tls13-in-tls12-server]
+[99-curve-ffdhe6144-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe6144
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[94-curve-ffdhe6144-tls13-in-tls12-client]
+[99-curve-ffdhe6144-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = ffdhe6144
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-94]
+[test-99]
ExpectedResult = ServerFail
# ===========================================================
-[95-curve-ffdhe6144-tls13-in-tls12-2]
-ssl_conf = 95-curve-ffdhe6144-tls13-in-tls12-2-ssl
+[100-curve-ffdhe6144-tls13-in-tls12-2]
+ssl_conf = 100-curve-ffdhe6144-tls13-in-tls12-2-ssl
-[95-curve-ffdhe6144-tls13-in-tls12-2-ssl]
-server = 95-curve-ffdhe6144-tls13-in-tls12-2-server
-client = 95-curve-ffdhe6144-tls13-in-tls12-2-client
+[100-curve-ffdhe6144-tls13-in-tls12-2-ssl]
+server = 100-curve-ffdhe6144-tls13-in-tls12-2-server
+client = 100-curve-ffdhe6144-tls13-in-tls12-2-client
-[95-curve-ffdhe6144-tls13-in-tls12-2-server]
+[100-curve-ffdhe6144-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe6144
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[95-curve-ffdhe6144-tls13-in-tls12-2-client]
+[100-curve-ffdhe6144-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe6144
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-95]
+[test-100]
ExpectedResult = Success
# ===========================================================
-[96-curve-ffdhe8192-tls13-in-tls12]
-ssl_conf = 96-curve-ffdhe8192-tls13-in-tls12-ssl
+[101-curve-ffdhe8192-tls13-in-tls12]
+ssl_conf = 101-curve-ffdhe8192-tls13-in-tls12-ssl
-[96-curve-ffdhe8192-tls13-in-tls12-ssl]
-server = 96-curve-ffdhe8192-tls13-in-tls12-server
-client = 96-curve-ffdhe8192-tls13-in-tls12-client
+[101-curve-ffdhe8192-tls13-in-tls12-ssl]
+server = 101-curve-ffdhe8192-tls13-in-tls12-server
+client = 101-curve-ffdhe8192-tls13-in-tls12-client
-[96-curve-ffdhe8192-tls13-in-tls12-server]
+[101-curve-ffdhe8192-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe8192
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[96-curve-ffdhe8192-tls13-in-tls12-client]
+[101-curve-ffdhe8192-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = ffdhe8192
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-96]
+[test-101]
ExpectedResult = ServerFail
# ===========================================================
-[97-curve-ffdhe8192-tls13-in-tls12-2]
-ssl_conf = 97-curve-ffdhe8192-tls13-in-tls12-2-ssl
+[102-curve-ffdhe8192-tls13-in-tls12-2]
+ssl_conf = 102-curve-ffdhe8192-tls13-in-tls12-2-ssl
-[97-curve-ffdhe8192-tls13-in-tls12-2-ssl]
-server = 97-curve-ffdhe8192-tls13-in-tls12-2-server
-client = 97-curve-ffdhe8192-tls13-in-tls12-2-client
+[102-curve-ffdhe8192-tls13-in-tls12-2-ssl]
+server = 102-curve-ffdhe8192-tls13-in-tls12-2-server
+client = 102-curve-ffdhe8192-tls13-in-tls12-2-client
-[97-curve-ffdhe8192-tls13-in-tls12-2-server]
+[102-curve-ffdhe8192-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe8192
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[97-curve-ffdhe8192-tls13-in-tls12-2-client]
+[102-curve-ffdhe8192-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = ffdhe8192
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-97]
+[test-102]
ExpectedResult = Success
# ===========================================================
-[98-curve-brainpoolP256r1tls13-tls13-in-tls12]
-ssl_conf = 98-curve-brainpoolP256r1tls13-tls13-in-tls12-ssl
+[103-curve-brainpoolP256r1tls13-tls13-in-tls12]
+ssl_conf = 103-curve-brainpoolP256r1tls13-tls13-in-tls12-ssl
-[98-curve-brainpoolP256r1tls13-tls13-in-tls12-ssl]
-server = 98-curve-brainpoolP256r1tls13-tls13-in-tls12-server
-client = 98-curve-brainpoolP256r1tls13-tls13-in-tls12-client
+[103-curve-brainpoolP256r1tls13-tls13-in-tls12-ssl]
+server = 103-curve-brainpoolP256r1tls13-tls13-in-tls12-server
+client = 103-curve-brainpoolP256r1tls13-tls13-in-tls12-client
-[98-curve-brainpoolP256r1tls13-tls13-in-tls12-server]
+[103-curve-brainpoolP256r1tls13-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1tls13
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[98-curve-brainpoolP256r1tls13-tls13-in-tls12-client]
+[103-curve-brainpoolP256r1tls13-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP256r1tls13
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-98]
+[test-103]
ExpectedResult = ServerFail
# ===========================================================
-[99-curve-brainpoolP256r1tls13-tls13-in-tls12-2]
-ssl_conf = 99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-ssl
+[104-curve-brainpoolP256r1tls13-tls13-in-tls12-2]
+ssl_conf = 104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-ssl
-[99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-ssl]
-server = 99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-server
-client = 99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-client
+[104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-ssl]
+server = 104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-server
+client = 104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-client
-[99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-server]
+[104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1tls13
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[99-curve-brainpoolP256r1tls13-tls13-in-tls12-2-client]
+[104-curve-brainpoolP256r1tls13-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP256r1tls13
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-99]
+[test-104]
ExpectedResult = Success
# ===========================================================
-[100-curve-brainpoolP384r1tls13-tls13-in-tls12]
-ssl_conf = 100-curve-brainpoolP384r1tls13-tls13-in-tls12-ssl
+[105-curve-brainpoolP384r1tls13-tls13-in-tls12]
+ssl_conf = 105-curve-brainpoolP384r1tls13-tls13-in-tls12-ssl
-[100-curve-brainpoolP384r1tls13-tls13-in-tls12-ssl]
-server = 100-curve-brainpoolP384r1tls13-tls13-in-tls12-server
-client = 100-curve-brainpoolP384r1tls13-tls13-in-tls12-client
+[105-curve-brainpoolP384r1tls13-tls13-in-tls12-ssl]
+server = 105-curve-brainpoolP384r1tls13-tls13-in-tls12-server
+client = 105-curve-brainpoolP384r1tls13-tls13-in-tls12-client
-[100-curve-brainpoolP384r1tls13-tls13-in-tls12-server]
+[105-curve-brainpoolP384r1tls13-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1tls13
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[100-curve-brainpoolP384r1tls13-tls13-in-tls12-client]
+[105-curve-brainpoolP384r1tls13-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP384r1tls13
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-100]
+[test-105]
ExpectedResult = ServerFail
# ===========================================================
-[101-curve-brainpoolP384r1tls13-tls13-in-tls12-2]
-ssl_conf = 101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-ssl
+[106-curve-brainpoolP384r1tls13-tls13-in-tls12-2]
+ssl_conf = 106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-ssl
-[101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-ssl]
-server = 101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-server
-client = 101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-client
+[106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-ssl]
+server = 106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-server
+client = 106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-client
-[101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-server]
+[106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1tls13
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[101-curve-brainpoolP384r1tls13-tls13-in-tls12-2-client]
+[106-curve-brainpoolP384r1tls13-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP384r1tls13
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-101]
+[test-106]
ExpectedResult = Success
# ===========================================================
-[102-curve-brainpoolP512r1tls13-tls13-in-tls12]
-ssl_conf = 102-curve-brainpoolP512r1tls13-tls13-in-tls12-ssl
+[107-curve-brainpoolP512r1tls13-tls13-in-tls12]
+ssl_conf = 107-curve-brainpoolP512r1tls13-tls13-in-tls12-ssl
-[102-curve-brainpoolP512r1tls13-tls13-in-tls12-ssl]
-server = 102-curve-brainpoolP512r1tls13-tls13-in-tls12-server
-client = 102-curve-brainpoolP512r1tls13-tls13-in-tls12-client
+[107-curve-brainpoolP512r1tls13-tls13-in-tls12-ssl]
+server = 107-curve-brainpoolP512r1tls13-tls13-in-tls12-server
+client = 107-curve-brainpoolP512r1tls13-tls13-in-tls12-client
-[102-curve-brainpoolP512r1tls13-tls13-in-tls12-server]
+[107-curve-brainpoolP512r1tls13-tls13-in-tls12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1tls13
MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[102-curve-brainpoolP512r1tls13-tls13-in-tls12-client]
+[107-curve-brainpoolP512r1tls13-tls13-in-tls12-client]
CipherString = ECDHE@SECLEVEL=1
Curves = brainpoolP512r1tls13
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-102]
+[test-107]
ExpectedResult = ServerFail
# ===========================================================
-[103-curve-brainpoolP512r1tls13-tls13-in-tls12-2]
-ssl_conf = 103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-ssl
+[108-curve-brainpoolP512r1tls13-tls13-in-tls12-2]
+ssl_conf = 108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-ssl
-[103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-ssl]
-server = 103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-server
-client = 103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-client
+[108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-ssl]
+server = 108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-server
+client = 108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-client
-[103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-server]
+[108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1tls13
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[103-curve-brainpoolP512r1tls13-tls13-in-tls12-2-client]
+[108-curve-brainpoolP512r1tls13-tls13-in-tls12-2-client]
CipherString = DEFAULT@SECLEVEL=1
Curves = brainpoolP512r1tls13
MaxProtocol = TLSv1.3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-103]
+[test-108]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[109-curve-X25519MLKEM768-tls13-in-tls12]
+ssl_conf = 109-curve-X25519MLKEM768-tls13-in-tls12-ssl
+
+[109-curve-X25519MLKEM768-tls13-in-tls12-ssl]
+server = 109-curve-X25519MLKEM768-tls13-in-tls12-server
+client = 109-curve-X25519MLKEM768-tls13-in-tls12-client
+
+[109-curve-X25519MLKEM768-tls13-in-tls12-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[109-curve-X25519MLKEM768-tls13-in-tls12-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-109]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[110-curve-X25519MLKEM768-tls13-in-tls12-2]
+ssl_conf = 110-curve-X25519MLKEM768-tls13-in-tls12-2-ssl
+
+[110-curve-X25519MLKEM768-tls13-in-tls12-2-ssl]
+server = 110-curve-X25519MLKEM768-tls13-in-tls12-2-server
+client = 110-curve-X25519MLKEM768-tls13-in-tls12-2-client
+
+[110-curve-X25519MLKEM768-tls13-in-tls12-2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[110-curve-X25519MLKEM768-tls13-in-tls12-2-client]
+CipherString = DEFAULT@SECLEVEL=1
+Curves = X25519MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-110]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[111-curve-SecP256r1MLKEM768-tls13-in-tls12]
+ssl_conf = 111-curve-SecP256r1MLKEM768-tls13-in-tls12-ssl
+
+[111-curve-SecP256r1MLKEM768-tls13-in-tls12-ssl]
+server = 111-curve-SecP256r1MLKEM768-tls13-in-tls12-server
+client = 111-curve-SecP256r1MLKEM768-tls13-in-tls12-client
+
+[111-curve-SecP256r1MLKEM768-tls13-in-tls12-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[111-curve-SecP256r1MLKEM768-tls13-in-tls12-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-111]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[112-curve-SecP256r1MLKEM768-tls13-in-tls12-2]
+ssl_conf = 112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-ssl
+
+[112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-ssl]
+server = 112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-server
+client = 112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-client
+
+[112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[112-curve-SecP256r1MLKEM768-tls13-in-tls12-2-client]
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP256r1MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-112]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[113-curve-SecP384r1MLKEM1024-tls13-in-tls12]
+ssl_conf = 113-curve-SecP384r1MLKEM1024-tls13-in-tls12-ssl
+
+[113-curve-SecP384r1MLKEM1024-tls13-in-tls12-ssl]
+server = 113-curve-SecP384r1MLKEM1024-tls13-in-tls12-server
+client = 113-curve-SecP384r1MLKEM1024-tls13-in-tls12-client
+
+[113-curve-SecP384r1MLKEM1024-tls13-in-tls12-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[113-curve-SecP384r1MLKEM1024-tls13-in-tls12-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-113]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2]
+ssl_conf = 114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-ssl
+
+[114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-ssl]
+server = 114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-server
+client = 114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-client
+
+[114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[114-curve-SecP384r1MLKEM1024-tls13-in-tls12-2-client]
+CipherString = DEFAULT@SECLEVEL=1
+Curves = SecP384r1MLKEM1024
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-114]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[115-curve-curveSM2-tls13-in-tls12]
+ssl_conf = 115-curve-curveSM2-tls13-in-tls12-ssl
+
+[115-curve-curveSM2-tls13-in-tls12-ssl]
+server = 115-curve-curveSM2-tls13-in-tls12-server
+client = 115-curve-curveSM2-tls13-in-tls12-client
+
+[115-curve-curveSM2-tls13-in-tls12-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[115-curve-curveSM2-tls13-in-tls12-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-115]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[116-curve-curveSM2-tls13-in-tls12-2]
+ssl_conf = 116-curve-curveSM2-tls13-in-tls12-2-ssl
+
+[116-curve-curveSM2-tls13-in-tls12-2-ssl]
+server = 116-curve-curveSM2-tls13-in-tls12-2-server
+client = 116-curve-curveSM2-tls13-in-tls12-2-client
+
+[116-curve-curveSM2-tls13-in-tls12-2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[116-curve-curveSM2-tls13-in-tls12-2-client]
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-116]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[117-curve-curveSM2MLKEM768-tls13-in-tls12]
+ssl_conf = 117-curve-curveSM2MLKEM768-tls13-in-tls12-ssl
+
+[117-curve-curveSM2MLKEM768-tls13-in-tls12-ssl]
+server = 117-curve-curveSM2MLKEM768-tls13-in-tls12-server
+client = 117-curve-curveSM2MLKEM768-tls13-in-tls12-client
+
+[117-curve-curveSM2MLKEM768-tls13-in-tls12-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[117-curve-curveSM2MLKEM768-tls13-in-tls12-client]
+CipherString = ECDHE@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-117]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[118-curve-curveSM2MLKEM768-tls13-in-tls12-2]
+ssl_conf = 118-curve-curveSM2MLKEM768-tls13-in-tls12-2-ssl
+
+[118-curve-curveSM2MLKEM768-tls13-in-tls12-2-ssl]
+server = 118-curve-curveSM2MLKEM768-tls13-in-tls12-2-server
+client = 118-curve-curveSM2MLKEM768-tls13-in-tls12-2-client
+
+[118-curve-curveSM2MLKEM768-tls13-in-tls12-2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[118-curve-curveSM2MLKEM768-tls13-in-tls12-2-client]
+CipherString = DEFAULT@SECLEVEL=1
+Curves = curveSM2MLKEM768
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-118]
ExpectedResult = Success
diff --git a/test/ssl-tests/14-curves.cnf.in b/test/ssl-tests/14-curves.cnf.in
index e50421d501..abcdb5dc0f 100644
--- a/test/ssl-tests/14-curves.cnf.in
+++ b/test/ssl-tests/14-curves.cnf.in
@@ -12,6 +12,7 @@ use OpenSSL::Test::Utils;
our $fips_mode;
our $fips_3_4;
+our $fips_3_5;
my @curves = ("prime256v1", "secp384r1", "secp521r1");
@@ -45,6 +46,19 @@ push @curves_non_fips,
push @curves_tls_1_2, @curves_non_fips if !$fips_mode;
+my @curves_no_nid = ();
+push @curves_no_nid, qw(X25519MLKEM768)
+ unless (disabled("ml-kem") || disabled("ecx") || ($fips_mode && !$fips_3_5));
+push @curves_no_nid, qw(SecP256r1MLKEM768 SecP384r1MLKEM1024)
+ unless (disabled("ml-kem") || ($fips_mode && !$fips_3_5));
+push @curves_no_nid, qw(curveSM2)
+ unless ($fips_mode || disabled("sm2"));
+push @curves_no_nid, qw(curveSM2MLKEM768)
+ unless ($fips_mode || disabled("sm2") || disabled("ml-kem"));
+
+push @curves_tls_1_3, @curves_no_nid;
+push @curves, @curves_no_nid;
+
our @tests = ();
sub get_key_type {
diff --git a/test/ssl-tests/20-cert-select.cnf b/test/ssl-tests/20-cert-select.cnf
index 12c0de1e79..3e650edf04 100644
--- a/test/ssl-tests/20-cert-select.cnf
+++ b/test/ssl-tests/20-cert-select.cnf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 58
+num_tests = 59
test-0 = 0-ECDSA CipherString Selection
test-1 = 1-ECDSA CipherString Selection
@@ -56,10 +56,11 @@ test-50 = 50-TLS 1.3 Ed25519 Client Auth
test-51 = 51-TLS 1.3 Ed448 Client Auth
test-52 = 52-TLS 1.3 ECDSA with brainpool but no suitable groups
test-53 = 53-TLS 1.3 ECDSA with brainpool
-test-54 = 54-TLS 1.2 DSA Certificate Test
-test-55 = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
-test-56 = 56-TLS 1.3 DSA Certificate Test
-test-57 = 57-TLS 1.3 ML-DSA Certificate Test
+test-54 = 54-TLS 1.3 SM2
+test-55 = 55-TLS 1.2 DSA Certificate Test
+test-56 = 56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
+test-57 = 57-TLS 1.3 DSA Certificate Test
+test-58 = 58-TLS 1.3 ML-DSA Certificate Test
# ===========================================================
[0-ECDSA CipherString Selection]
@@ -1762,14 +1763,39 @@ ExpectedResult = Success
# ===========================================================
-[54-TLS 1.2 DSA Certificate Test]
-ssl_conf = 54-TLS 1.2 DSA Certificate Test-ssl
+[54-TLS 1.3 SM2]
+ssl_conf = 54-TLS 1.3 SM2-ssl
-[54-TLS 1.2 DSA Certificate Test-ssl]
-server = 54-TLS 1.2 DSA Certificate Test-server
-client = 54-TLS 1.2 DSA Certificate Test-client
+[54-TLS 1.3 SM2-ssl]
+server = 54-TLS 1.3 SM2-server
+client = 54-TLS 1.3 SM2-client
-[54-TLS 1.2 DSA Certificate Test-server]
+[54-TLS 1.3 SM2-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/sm2.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/sm2.key
+
+[54-TLS 1.3 SM2-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/sm2-root.crt
+VerifyMode = Peer
+
+[test-54]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[55-TLS 1.2 DSA Certificate Test]
+ssl_conf = 55-TLS 1.2 DSA Certificate Test-ssl
+
+[55-TLS 1.2 DSA Certificate Test-ssl]
+server = 55-TLS 1.2 DSA Certificate Test-server
+client = 55-TLS 1.2 DSA Certificate Test-client
+
+[55-TLS 1.2 DSA Certificate Test-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = ALL
DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
@@ -1779,26 +1805,26 @@ MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[54-TLS 1.2 DSA Certificate Test-client]
+[55-TLS 1.2 DSA Certificate Test-client]
CipherString = ALL
SignatureAlgorithms = DSA+SHA256:DSa+SHA1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-54]
+[test-55]
ExpectedResult = Success
# ===========================================================
-[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
-ssl_conf = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
+[56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
+ssl_conf = 56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
-[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
-server = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
-client = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
+[56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
+server = 56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
+client = 56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
-[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
+[56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ClientSignatureAlgorithms = ecDSA+SHA1:DsA+SHA256:rsA+SHA256
@@ -1806,25 +1832,25 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Request
-[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
+[56-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-55]
+[test-56]
ExpectedResult = ServerFail
# ===========================================================
-[56-TLS 1.3 DSA Certificate Test]
-ssl_conf = 56-TLS 1.3 DSA Certificate Test-ssl
+[57-TLS 1.3 DSA Certificate Test]
+ssl_conf = 57-TLS 1.3 DSA Certificate Test-ssl
-[56-TLS 1.3 DSA Certificate Test-ssl]
-server = 56-TLS 1.3 DSA Certificate Test-server
-client = 56-TLS 1.3 DSA Certificate Test-client
+[57-TLS 1.3 DSA Certificate Test-ssl]
+server = 57-TLS 1.3 DSA Certificate Test-server
+client = 57-TLS 1.3 DSA Certificate Test-client
-[56-TLS 1.3 DSA Certificate Test-server]
+[57-TLS 1.3 DSA Certificate Test-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = ALL
DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
@@ -1833,26 +1859,26 @@ MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[56-TLS 1.3 DSA Certificate Test-client]
+[57-TLS 1.3 DSA Certificate Test-client]
CipherString = ALL
SignatureAlgorithms = dSA+SHA1:DSA+SHA256:ecDsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-56]
+[test-57]
ExpectedResult = ServerFail
# ===========================================================
-[57-TLS 1.3 ML-DSA Certificate Test]
-ssl_conf = 57-TLS 1.3 ML-DSA Certificate Test-ssl
+[58-TLS 1.3 ML-DSA Certificate Test]
+ssl_conf = 58-TLS 1.3 ML-DSA Certificate Test-ssl
-[57-TLS 1.3 ML-DSA Certificate Test-ssl]
-server = 57-TLS 1.3 ML-DSA Certificate Test-server
-client = 57-TLS 1.3 ML-DSA Certificate Test-client
+[58-TLS 1.3 ML-DSA Certificate Test-ssl]
+server = 58-TLS 1.3 ML-DSA Certificate Test-server
+client = 58-TLS 1.3 ML-DSA Certificate Test-client
-[57-TLS 1.3 ML-DSA Certificate Test-server]
+[58-TLS 1.3 ML-DSA Certificate Test-server]
Certificate = ${ENV::TEST_CERTS_DIR}/server-ml-dsa-44-cert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.3
@@ -1860,7 +1886,7 @@ MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ml-dsa-44-key.pem
SignatureAlgorithms = mlDsA44
-[57-TLS 1.3 ML-DSA Certificate Test-client]
+[58-TLS 1.3 ML-DSA Certificate Test-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
@@ -1868,7 +1894,7 @@ SignatureAlgorithms = mlDSa44
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ml-dsa-44-cert.pem
VerifyMode = Peer
-[test-57]
+[test-58]
ExpectedResult = Success
diff --git a/test/ssl-tests/20-cert-select.cnf.in b/test/ssl-tests/20-cert-select.cnf.in
index c3d0062050..9ff185fbb1 100644
--- a/test/ssl-tests/20-cert-select.cnf.in
+++ b/test/ssl-tests/20-cert-select.cnf.in
@@ -949,6 +949,25 @@ my @tests_tls_1_3_non_fips = (
},
},
);
+my @tests_tls_1_3_sm2 = (
+ {
+ name => "TLS 1.3 SM2",
+ server => {
+ "Certificate" => test_pem("sm2.pem"),
+ "PrivateKey" => test_pem("sm2.key"),
+ },
+ client => {
+ "VerifyCAFile" => test_pem("sm2-root.crt"),
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3"
+ },
+ test => {
+ "ExpectedResult" => "Success"
+ },
+ },
+);
+push @tests_tls_1_3_non_fips, @tests_tls_1_3_sm2
+ unless disabled("sm2");
push @tests, @tests_tls_1_3 unless disabled("tls1_3");
push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;