1 files changed, 177 insertions, 0 deletions

diff --git a/test/ssl-tests/14-curves.cnf.in b/test/ssl-tests/14-curves.cnf.in
new file mode 100644
index 000000000000..1e003bace0b7
--- /dev/null
+++ b/test/ssl-tests/14-curves.cnf.in
@@ -0,0 +1,177 @@
+# -*- mode: perl; -*-
+
+## SSL test configurations
+
+package ssltests;
+
+use strict;
+use warnings;
+
+use OpenSSL::Test;
+use OpenSSL::Test::Utils qw(anydisabled);
+
+our $fips_mode;
+
+my @curves = ("prime256v1", "secp384r1", "secp521r1", "X25519",
+              "X448");
+
+#Curves *only* suitable for use in TLSv1.3
+my @curves_tls_1_3 = ("ffdhe2048", "ffdhe3072", "ffdhe4096", "ffdhe6144",
+                      "ffdhe8192");
+
+push @curves, @curves_tls_1_3;
+
+my @curves_tls_1_2 = ("sect233k1", "sect233r1",
+              "sect283k1", "sect283r1", "sect409k1", "sect409r1",
+              "sect571k1", "sect571r1", "secp224r1");
+
+my @curves_non_fips = ("sect163k1", "sect163r2", "prime192v1",
+                       "sect163r1", "sect193r1", "sect193r2", "sect239k1",
+                       "secp160k1", "secp160r1", "secp160r2", "secp192k1",
+                       "secp224k1",  "secp256k1", "brainpoolP256r1",
+                       "brainpoolP384r1", "brainpoolP512r1");
+
+push @curves_tls_1_2, @curves_non_fips if !$fips_mode;
+
+our @tests = ();
+
+sub get_key_type {
+    my $group = shift;
+    my $keyType;
+
+    if ($group =~ /ffdhe/) {
+        $keyType = "dhKeyAgreement";
+    } else {
+        $keyType = $group;
+    }
+
+    return $keyType;
+}
+
+sub generate_tests() {
+    foreach (0..$#curves) {
+        my $curve = $curves[$_];
+        push @tests, {
+            name => "curve-${curve}",
+            server => {
+                "Curves" => $curve,
+                "MaxProtocol" => "TLSv1.3"
+            },
+            client => {
+                "CipherString" => "ECDHE",
+                "MaxProtocol" => "TLSv1.3",
+                "Curves" => $curve
+            },
+            test   => {
+                "ExpectedTmpKeyType" => get_key_type($curve),
+                "ExpectedProtocol" => "TLSv1.3",
+                "ExpectedResult" => "Success"
+            },
+        };
+    }
+    foreach (0..$#curves_tls_1_2) {
+        my $curve = $curves_tls_1_2[$_];
+        push @tests, {
+            name => "curve-${curve}",
+            server => {
+                "Curves" => $curve,
+                "MaxProtocol" => "TLSv1.3"
+            },
+            client => {
+                "CipherString" => "ECDHE",
+                "MaxProtocol" => "TLSv1.2",
+                "Curves" => $curve
+            },
+            test   => {
+                "ExpectedTmpKeyType" => get_key_type($curve),
+                "ExpectedProtocol" => "TLSv1.2",
+                "ExpectedResult" => "Success"
+            },
+        };
+    }
+    foreach (0..$#curves_tls_1_2) {
+        my $curve = $curves_tls_1_2[$_];
+        push @tests, {
+            name => "curve-${curve}-tls12-in-tls13",
+            server => {
+                "Curves" => "$curve:P-256",
+                "CipherString" => 'DEFAULT@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.3"
+            },
+            client => {
+                "CipherString" => 'ECDHE@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.3",
+                "MinProtocol" => "TLSv1.3",
+                "Curves" => "$curve:P-256"
+            },
+            test   => {
+                #This curve is not allowed in a TLSv1.3 key_share. We should
+                #succeed but fallback to P-256
+                "ExpectedTmpKeyType" => "P-256",
+                "ExpectedProtocol" => "TLSv1.3",
+                "ExpectedResult" => "Success"
+            },
+        };
+    }
+    foreach (0..$#curves_tls_1_2) {
+        my $curve = $curves_tls_1_2[$_];
+        push @tests, {
+            name => "curve-${curve}-tls13",
+            server => {
+                "Curves" => $curve,
+                "MaxProtocol" => "TLSv1.3"
+            },
+            client => {
+                "CipherString" => "ECDHE",
+                "MinProtocol" => "TLSv1.3",
+                "Curves" => $curve
+            },
+            test   => {
+                "ExpectedResult" => "ClientFail"
+            },
+        };
+    }
+    foreach (0..$#curves_tls_1_3) {
+        my $curve = $curves_tls_1_3[$_];
+        push @tests, {
+            name => "curve-${curve}-tls13-in-tls12",
+            server => {
+                "Curves" => $curve,
+                "CipherString" => 'DEFAULT@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.3"
+            },
+            client => {
+                "CipherString" => 'ECDHE@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.2",
+                "Curves" => $curve
+            },
+            test   => {
+                #These curves are only suitable for TLSv1.3 so we expect the
+                #server to fail because it has no shared groups for TLSv1.2
+                #ECDHE key exchange
+                "ExpectedResult" => "ServerFail"
+            },
+        };
+        push @tests, {
+            name => "curve-${curve}-tls13-in-tls12-2",
+            server => {
+                "Curves" => $curve,
+                "CipherString" => 'DEFAULT@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.2"
+            },
+            client => {
+                "CipherString" => 'DEFAULT@SECLEVEL=1',
+                "MaxProtocol" => "TLSv1.3",
+                "Curves" => $curve
+            },
+            test   => {
+                #These curves are only suitable for TLSv1.3. We expect TLSv1.2
+                #negotiation to succeed because we fall back to some other
+                #ciphersuite
+                "ExpectedResult" => "Success"
+            },
+        };
+    }
+}
+
+generate_tests();