1# -*- mode: perl; -*-
2# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the OpenSSL license (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## Test version negotiation
11
12use strict;
13use warnings;
14
15package ssltests;
16use OpenSSL::Test::Utils;
17
18our @tests = (
19    {
20        name => "cipher-server-1",
21        server => {
22            "MaxProtocol" => "TLSv1.2",
23            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
24    },
25        client => {
26            "MaxProtocol" => "TLSv1.2",
27            "CipherString" => "ECDHE-RSA-AES256-SHA384"
28        },
29        test => {
30            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
31        },
32    },
33    {
34        name => "cipher-server-2",
35        server => {
36            "MaxProtocol" => "TLSv1.2",
37            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
38        },
39        client => {
40            "MaxProtocol" => "TLSv1.2",
41            "CipherString" => "ECDHE-RSA-AES128-SHA256"
42        },
43        test => {
44            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
45        },
46    },
47    {
48        name => "cipher-server-client-list",
49        server => {
50            "MaxProtocol" => "TLSv1.2",
51            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
52        },
53        client => {
54            "MaxProtocol" => "TLSv1.2",
55            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
56        },
57        test => {
58            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
59        },
60    },
61    {
62        name => "cipher-server-pref-1",
63        server => {
64            "MaxProtocol" => "TLSv1.2",
65            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
66            "Options" => "ServerPreference",
67        },
68        client => {
69            "MaxProtocol" => "TLSv1.2",
70            "CipherString" => "ECDHE-RSA-AES256-SHA384"
71        },
72        test => {
73            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
74        },
75    },
76    {
77        name => "cipher-server-pref-2",
78        server => {
79            "MaxProtocol" => "TLSv1.2",
80            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
81            "Options" => "ServerPreference",
82        },
83        client => {
84            "MaxProtocol" => "TLSv1.2",
85            "CipherString" => "ECDHE-RSA-AES128-SHA256"
86        },
87        test => {
88            "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
89        },
90    },
91    {
92        name => "cipher-server-pref-client-list",
93        server => {
94            "MaxProtocol" => "TLSv1.2",
95            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
96            "Options" => "ServerPreference",
97        },
98        client => {
99            "MaxProtocol" => "TLSv1.2",
100            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
101        },
102        test => {
103            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
104        },
105    },
106    {
107        name => "cipher-server-pref-not-mobile",
108        server => {
109            "MaxProtocol" => "TLSv1.2",
110            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
111            "Options" => "ServerPreference",
112        },
113        client => {
114            "MaxProtocol" => "TLSv1.2",
115            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
116        },
117        test => {
118            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
119        },
120    },
121    {
122        name => "cipher-server-pref-mobile",
123        server => {
124            "MaxProtocol" => "TLSv1.2",
125            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
126            "Options" => "ServerPreference,PrioritizeChaCha",
127        },
128        client => {
129            "MaxProtocol" => "TLSv1.2",
130            "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
131        },
132        test => {
133            "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
134        },
135    },
136);
137
138my @tests_poly1305 = (
139    {
140        name => "cipher-server-pref-mobile2",
141        server => {
142            "MaxProtocol" => "TLSv1.2",
143            "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
144            "Options" => "ServerPreference,PrioritizeChaCha",
145        },
146        client => {
147            "MaxProtocol" => "TLSv1.2",
148            "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
149        },
150        test => {
151            "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
152        },
153    },
154);
155
156push @tests, @tests_poly1305 unless disabled("poly1305") || disabled("chacha");
157