3 ## SSL test configurations
10 use OpenSSL::Test::Utils;
13 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
14 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
15 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
16 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
17 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
18 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
19 "MaxProtocol" => "TLSv1.2"
23 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
24 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
25 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
26 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
27 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
28 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
29 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
30 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
31 "MaxProtocol" => "TLSv1.2"
34 my $server_pss_only = {
35 "Certificate" => test_pem("server-pss-cert.pem"),
36 "PrivateKey" => test_pem("server-pss-key.pem"),
41 name => "ECDSA CipherString Selection",
44 "CipherString" => "aECDSA",
45 "MaxProtocol" => "TLSv1.2",
46 "RequestCAFile" => test_pem("root-cert.pem"),
49 "ExpectedServerCertType" =>, "P-256",
50 "ExpectedServerSignType" =>, "EC",
51 # Note: certificate_authorities not sent for TLS < 1.3
52 "ExpectedServerCANames" =>, "empty",
53 "ExpectedResult" => "Success"
57 name => "ECDSA CipherString Selection",
59 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
60 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
61 "MaxProtocol" => "TLSv1.2",
62 #Deliberately set supported_groups to one not in the cert. This
67 "CipherString" => "aECDSA",
68 "MaxProtocol" => "TLSv1.2",
69 "Groups" => "P-256:P-384",
70 "RequestCAFile" => test_pem("root-cert.pem"),
73 "ExpectedServerCertType" =>, "P-256",
74 "ExpectedServerSignType" =>, "EC",
75 # Note: certificate_authorities not sent for TLS < 1.3
76 "ExpectedServerCANames" =>, "empty",
77 "ExpectedResult" => "Success"
81 name => "ECDSA CipherString Selection",
83 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
84 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
85 "MaxProtocol" => "TLSv1.2",
86 "Groups" => "P-256:P-384"
89 "CipherString" => "aECDSA",
90 "MaxProtocol" => "TLSv1.2",
91 #Deliberately set groups to not include the certificate group. This
94 "RequestCAFile" => test_pem("root-cert.pem"),
97 "ExpectedResult" => "ServerFail"
101 name => "Ed25519 CipherString and Signature Algorithm Selection",
104 "CipherString" => "aECDSA",
105 "MaxProtocol" => "TLSv1.2",
106 "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
107 "RequestCAFile" => test_pem("root-cert.pem"),
110 "ExpectedServerCertType" =>, "Ed25519",
111 "ExpectedServerSignType" =>, "Ed25519",
112 # Note: certificate_authorities not sent for TLS < 1.3
113 "ExpectedServerCANames" =>, "empty",
114 "ExpectedResult" => "Success"
118 name => "Ed448 CipherString and Signature Algorithm Selection",
121 "CipherString" => "aECDSA",
122 "MaxProtocol" => "TLSv1.2",
123 "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
124 "RequestCAFile" => test_pem("root-cert.pem"),
127 "ExpectedServerCertType" =>, "Ed448",
128 "ExpectedServerSignType" =>, "Ed448",
129 # Note: certificate_authorities not sent for TLS < 1.3
130 "ExpectedServerCANames" =>, "empty",
131 "ExpectedResult" => "Success"
135 name => "RSA CipherString Selection",
138 "CipherString" => "aRSA",
139 "MaxProtocol" => "TLSv1.2",
142 "ExpectedServerCertType" =>, "RSA",
143 "ExpectedServerSignType" =>, "RSA-PSS",
144 "ExpectedResult" => "Success"
148 name => "RSA-PSS Certificate CipherString Selection",
149 server => $server_pss,
151 "CipherString" => "aRSA",
152 "MaxProtocol" => "TLSv1.2",
155 "ExpectedServerCertType" =>, "RSA-PSS",
156 "ExpectedServerSignType" =>, "RSA-PSS",
157 "ExpectedResult" => "Success"
161 name => "P-256 CipherString and Signature Algorithm Selection",
164 "CipherString" => "aECDSA",
165 "MaxProtocol" => "TLSv1.2",
166 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
169 "ExpectedServerCertType" => "P-256",
170 "ExpectedServerSignHash" => "SHA256",
171 "ExpectedServerSignType" => "EC",
172 "ExpectedResult" => "Success"
176 name => "Ed25519 CipherString and Curves Selection",
179 "CipherString" => "aECDSA",
180 "MaxProtocol" => "TLSv1.2",
181 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
182 # Excluding P-256 from the supported curves list means server
183 # certificate should be Ed25519 and not P-256
187 "ExpectedServerCertType" =>, "Ed25519",
188 "ExpectedServerSignType" =>, "Ed25519",
189 "ExpectedResult" => "Success"
193 name => "Ed448 CipherString and Curves Selection",
196 "CipherString" => "aECDSA",
197 "MaxProtocol" => "TLSv1.2",
198 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
199 # Excluding P-256 from the supported curves list means server
200 # certificate should be Ed25519 and not P-256
204 "ExpectedServerCertType" =>, "Ed448",
205 "ExpectedServerSignType" =>, "Ed448",
206 "ExpectedResult" => "Success"
210 name => "ECDSA CipherString Selection, no ECDSA certificate",
212 "MaxProtocol" => "TLSv1.2"
215 "CipherString" => "aECDSA",
216 "MaxProtocol" => "TLSv1.2"
219 "ExpectedResult" => "ServerFail"
223 name => "ECDSA Signature Algorithm Selection",
226 "SignatureAlgorithms" => "ECDSA+SHA256",
229 "ExpectedServerCertType" => "P-256",
230 "ExpectedServerSignHash" => "SHA256",
231 "ExpectedServerSignType" => "EC",
232 "ExpectedResult" => "Success"
236 name => "ECDSA Signature Algorithm Selection SHA384",
239 "SignatureAlgorithms" => "ECDSA+SHA384",
242 "ExpectedServerCertType" => "P-256",
243 "ExpectedServerSignHash" => "SHA384",
244 "ExpectedServerSignType" => "EC",
245 "ExpectedResult" => "Success"
249 name => "ECDSA Signature Algorithm Selection SHA1",
252 "SignatureAlgorithms" => "ECDSA+SHA1",
255 "ExpectedServerCertType" => "P-256",
256 "ExpectedServerSignHash" => "SHA1",
257 "ExpectedServerSignType" => "EC",
258 "ExpectedResult" => "Success"
262 name => "ECDSA Signature Algorithm Selection compressed point",
264 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
265 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
266 "MaxProtocol" => "TLSv1.2"
269 "SignatureAlgorithms" => "ECDSA+SHA256",
272 "ExpectedServerCertType" => "P-256",
273 "ExpectedServerSignHash" => "SHA256",
274 "ExpectedServerSignType" => "EC",
275 "ExpectedResult" => "Success"
279 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
281 "MaxProtocol" => "TLSv1.2"
284 "SignatureAlgorithms" => "ECDSA+SHA256",
287 "ExpectedResult" => "ServerFail"
291 name => "RSA Signature Algorithm Selection",
294 "SignatureAlgorithms" => "RSA+SHA256",
297 "ExpectedServerCertType" => "RSA",
298 "ExpectedServerSignHash" => "SHA256",
299 "ExpectedServerSignType" => "RSA",
300 "ExpectedResult" => "Success"
304 name => "RSA-PSS Signature Algorithm Selection",
307 "SignatureAlgorithms" => "RSA-PSS+SHA256",
310 "ExpectedServerCertType" => "RSA",
311 "ExpectedServerSignHash" => "SHA256",
312 "ExpectedServerSignType" => "RSA-PSS",
313 "ExpectedResult" => "Success"
317 name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
318 server => $server_pss,
320 "SignatureAlgorithms" => "RSA-PSS+SHA256",
323 "ExpectedServerCertType" => "RSA",
324 "ExpectedServerSignHash" => "SHA256",
325 "ExpectedServerSignType" => "RSA-PSS",
326 "ExpectedResult" => "Success"
330 name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
331 server => $server_pss,
333 "SignatureAlgorithms" => "rsa_pss_pss_sha256",
336 "ExpectedServerCertType" => "RSA-PSS",
337 "ExpectedServerSignHash" => "SHA256",
338 "ExpectedServerSignType" => "RSA-PSS",
339 "ExpectedResult" => "Success"
343 name => "Only RSA-PSS Certificate",
344 server => $server_pss_only,
347 "ExpectedServerCertType" => "RSA-PSS",
348 "ExpectedServerSignHash" => "SHA256",
349 "ExpectedServerSignType" => "RSA-PSS",
350 "ExpectedResult" => "Success"
354 name => "RSA-PSS Certificate, no PSS signature algorithms",
355 server => $server_pss_only,
357 "SignatureAlgorithms" => "RSA+SHA256",
360 "ExpectedResult" => "ServerFail"
364 name => "Suite B P-256 Hash Algorithm Selection",
366 "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
367 "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
368 "MaxProtocol" => "TLSv1.2",
369 "CipherString" => "SUITEB128"
372 "VerifyCAFile" => test_pem("p384-root.pem"),
373 "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
376 "ExpectedServerCertType" => "P-256",
377 "ExpectedServerSignHash" => "SHA256",
378 "ExpectedServerSignType" => "EC",
379 "ExpectedResult" => "Success"
383 name => "Suite B P-384 Hash Algorithm Selection",
385 "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
386 "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
387 "MaxProtocol" => "TLSv1.2",
388 "CipherString" => "SUITEB128"
391 "VerifyCAFile" => test_pem("p384-root.pem"),
392 "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
395 "ExpectedServerCertType" => "P-384",
396 "ExpectedServerSignHash" => "SHA384",
397 "ExpectedServerSignType" => "EC",
398 "ExpectedResult" => "Success"
402 name => "TLS 1.2 Ed25519 Client Auth",
404 "VerifyCAFile" => test_pem("root-cert.pem"),
405 "VerifyMode" => "Require"
408 "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
409 "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
410 "MinProtocol" => "TLSv1.2",
411 "MaxProtocol" => "TLSv1.2"
414 "ExpectedClientCertType" => "Ed25519",
415 "ExpectedClientSignType" => "Ed25519",
416 "ExpectedResult" => "Success"
420 name => "TLS 1.2 Ed448 Client Auth",
422 "VerifyCAFile" => test_pem("root-cert.pem"),
423 "VerifyMode" => "Require"
426 "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
427 "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
428 "MinProtocol" => "TLSv1.2",
429 "MaxProtocol" => "TLSv1.2"
432 "ExpectedClientCertType" => "Ed448",
433 "ExpectedClientSignType" => "Ed448",
434 "ExpectedResult" => "Success"
439 my @tests_tls_1_1 = (
441 name => "Only RSA-PSS Certificate, TLS v1.1",
442 server => $server_pss_only,
444 "MaxProtocol" => "TLSv1.1",
447 "ExpectedResult" => "ServerFail"
452 push @tests, @tests_tls_1_1 unless disabled("tls1_1");
454 my $server_tls_1_3 = {
455 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
456 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
457 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
458 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
459 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
460 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
461 "MinProtocol" => "TLSv1.3",
462 "MaxProtocol" => "TLSv1.3"
465 my $server_tls_1_3_pss = {
466 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
467 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
468 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
469 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
470 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
471 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
472 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
473 "Ed448.PrivateKey" => test_pem("server-ed449-key.pem"),
474 "MinProtocol" => "TLSv1.3",
475 "MaxProtocol" => "TLSv1.3"
478 my $client_tls_1_3 = {
479 "RSA.Certificate" => test_pem("ee-client-chain.pem"),
480 "RSA.PrivateKey" => test_pem("ee-key.pem"),
481 "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
482 "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
483 "MinProtocol" => "TLSv1.3",
484 "MaxProtocol" => "TLSv1.3"
487 my @tests_tls_1_3 = (
489 name => "TLS 1.3 ECDSA Signature Algorithm Selection",
490 server => $server_tls_1_3,
492 "SignatureAlgorithms" => "ECDSA+SHA256",
495 "ExpectedServerCertType" => "P-256",
496 "ExpectedServerSignHash" => "SHA256",
497 "ExpectedServerSignType" => "EC",
498 "ExpectedServerCANames" => "empty",
499 "ExpectedResult" => "Success"
503 name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
505 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
506 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
507 "MinProtocol" => "TLSv1.3",
508 "MaxProtocol" => "TLSv1.3"
511 "SignatureAlgorithms" => "ECDSA+SHA256",
514 "ExpectedServerCertType" => "P-256",
515 "ExpectedServerSignHash" => "SHA256",
516 "ExpectedServerSignType" => "EC",
517 "ExpectedServerCANames" => "empty",
518 "ExpectedResult" => "Success"
522 name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
523 server => $server_tls_1_3,
525 "SignatureAlgorithms" => "ECDSA+SHA1",
528 "ExpectedResult" => "ServerFail"
532 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
533 server => $server_tls_1_3,
535 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
536 "RequestCAFile" => test_pem("root-cert.pem"),
539 "ExpectedServerCertType" => "P-256",
540 "ExpectedServerSignHash" => "SHA256",
541 "ExpectedServerSignType" => "EC",
542 "ExpectedServerCANames" => test_pem("root-cert.pem"),
543 "ExpectedResult" => "Success"
547 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
548 server => $server_tls_1_3,
550 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
553 "ExpectedServerCertType" => "RSA",
554 "ExpectedServerSignHash" => "SHA384",
555 "ExpectedServerSignType" => "RSA-PSS",
556 "ExpectedResult" => "Success"
560 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
562 "MinProtocol" => "TLSv1.3",
563 "MaxProtocol" => "TLSv1.3"
566 "SignatureAlgorithms" => "ECDSA+SHA256",
569 "ExpectedResult" => "ServerFail"
573 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
574 server => $server_tls_1_3,
576 "SignatureAlgorithms" => "RSA+SHA256",
579 "ExpectedResult" => "ServerFail"
583 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
584 server => $server_tls_1_3,
586 "SignatureAlgorithms" => "RSA-PSS+SHA256",
589 "ExpectedServerCertType" => "RSA",
590 "ExpectedServerSignHash" => "SHA256",
591 "ExpectedServerSignType" => "RSA-PSS",
592 "ExpectedResult" => "Success"
596 name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
597 server => $server_tls_1_3,
599 "SignatureAlgorithms" => "ed25519",
602 "ExpectedServerCertType" => "Ed25519",
603 "ExpectedServerSignType" => "Ed25519",
604 "ExpectedResult" => "Success"
608 name => "TLS 1.3 Ed448 Signature Algorithm Selection",
609 server => $server_tls_1_3,
611 "SignatureAlgorithms" => "ed448",
614 "ExpectedServerCertType" => "Ed448",
615 "ExpectedServerSignType" => "Ed448",
616 "ExpectedResult" => "Success"
620 name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
621 server => $server_tls_1_3,
623 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
624 # Excluding P-256 from the supported groups list should
625 # mean server still uses a P-256 certificate because supported
626 # groups is not used in signature selection for TLS 1.3
630 "ExpectedServerCertType" =>, "P-256",
631 "ExpectedServerSignType" =>, "EC",
632 "ExpectedResult" => "Success"
636 name => "TLS 1.3 Ed448 CipherString and Groups Selection",
637 server => $server_tls_1_3,
639 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
640 # Excluding P-256 from the supported groups list should
641 # mean server still uses a P-256 certificate because supported
642 # groups is not used in signature selection for TLS 1.3
646 "ExpectedServerCertType" =>, "P-256",
647 "ExpectedServerSignType" =>, "EC",
648 "ExpectedResult" => "Success"
652 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
654 "ClientSignatureAlgorithms" => "PSS+SHA256",
655 "VerifyCAFile" => test_pem("root-cert.pem"),
656 "VerifyMode" => "Require"
658 client => $client_tls_1_3,
660 "ExpectedClientCertType" => "RSA",
661 "ExpectedClientSignHash" => "SHA256",
662 "ExpectedClientSignType" => "RSA-PSS",
663 "ExpectedClientCANames" => "empty",
664 "ExpectedResult" => "Success"
668 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
670 "ClientSignatureAlgorithms" => "PSS+SHA256",
671 "VerifyCAFile" => test_pem("root-cert.pem"),
672 "RequestCAFile" => test_pem("root-cert.pem"),
673 "VerifyMode" => "Require"
675 client => $client_tls_1_3,
677 "ExpectedClientCertType" => "RSA",
678 "ExpectedClientSignHash" => "SHA256",
679 "ExpectedClientSignType" => "RSA-PSS",
680 "ExpectedClientCANames" => test_pem("root-cert.pem"),
681 "ExpectedResult" => "Success"
685 name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
687 "ClientSignatureAlgorithms" => "ECDSA+SHA256",
688 "VerifyCAFile" => test_pem("root-cert.pem"),
689 "VerifyMode" => "Require"
691 client => $client_tls_1_3,
693 "ExpectedClientCertType" => "P-256",
694 "ExpectedClientSignHash" => "SHA256",
695 "ExpectedClientSignType" => "EC",
696 "ExpectedResult" => "Success"
700 name => "TLS 1.3 Ed25519 Client Auth",
702 "VerifyCAFile" => test_pem("root-cert.pem"),
703 "VerifyMode" => "Require"
706 "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
707 "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
708 "MinProtocol" => "TLSv1.3",
709 "MaxProtocol" => "TLSv1.3"
712 "ExpectedClientCertType" => "Ed25519",
713 "ExpectedClientSignType" => "Ed25519",
714 "ExpectedResult" => "Success"
718 name => "TLS 1.3 Ed448 Client Auth",
720 "VerifyCAFile" => test_pem("root-cert.pem"),
721 "VerifyMode" => "Require"
724 "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
725 "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
726 "MinProtocol" => "TLSv1.3",
727 "MaxProtocol" => "TLSv1.3"
730 "ExpectedClientCertType" => "Ed448",
731 "ExpectedClientSignType" => "Ed448",
732 "ExpectedResult" => "Success"
737 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
739 my @tests_dsa_tls_1_2 = (
741 name => "TLS 1.2 DSA Certificate Test",
743 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
744 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
745 "DHParameters" => test_pem("dhp2048.pem"),
746 "MinProtocol" => "TLSv1.2",
747 "MaxProtocol" => "TLSv1.2",
748 "CipherString" => "ALL",
751 "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
752 "CipherString" => "ALL",
755 "ExpectedResult" => "Success"
760 my @tests_dsa_tls_1_3 = (
762 name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
764 "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
765 "VerifyCAFile" => test_pem("root-cert.pem"),
766 "VerifyMode" => "Request"
770 "ExpectedResult" => "ServerFail"
774 name => "TLS 1.3 DSA Certificate Test",
776 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
777 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
778 "MinProtocol" => "TLSv1.3",
779 "MaxProtocol" => "TLSv1.3",
780 "CipherString" => "ALL",
783 "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
784 "CipherString" => "ALL",
787 "ExpectedResult" => "ServerFail"
792 if (!disabled("dsa")) {
793 push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
794 push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");