diff --git a/bfe_tls/handshake_client_test.go b/bfe_tls/handshake_client_test.go index 9a487a67..2e21a142 100644 --- a/bfe_tls/handshake_client_test.go +++ b/bfe_tls/handshake_client_test.go @@ -408,32 +408,6 @@ func TestHandshakeClientCertRSA(t *testing.T) { runClientTestTLS12(t, test) } -func TestHandshakeClientCertECDSA(t *testing.T) { - config := prepareClientConfig() - cert, _ := X509KeyPair([]byte(clientECDSACertificatePEM), []byte(clientECDSAKeyPEM)) - config.Certificates = []Certificate{cert} - - test := &clientTest{ - name: "ClientCert-ECDSA-RSA", - command: []string{"openssl", "s_server", "-cipher", "RC4-SHA", "-verify", "1"}, - config: config, - } - - runClientTestTLS10(t, test) - runClientTestTLS12(t, test) - - test = &clientTest{ - name: "ClientCert-ECDSA-ECDSA", - command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"}, - config: config, - cert: testECDSACertificate, - key: testECDSAPrivateKey, - } - - runClientTestTLS10(t, test) - runClientTestTLS12(t, test) -} - func TestClientResumption(t *testing.T) { serverConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, diff --git a/bfe_tls/handshake_server_test.go b/bfe_tls/handshake_server_test.go index 76057ed2..90554b70 100644 --- a/bfe_tls/handshake_server_test.go +++ b/bfe_tls/handshake_server_test.go @@ -587,22 +587,6 @@ func TestHandshakeServerAESGCM(t *testing.T) { runServerTestTLS12(t, test) } -func TestHandshakeServerECDHEECDSAAES(t *testing.T) { - config := testConfig.Clone() - config.Certificates = make([]Certificate, 1) - config.Certificates[0].Certificate = [][]byte{testECDSACertificate} - config.Certificates[0].PrivateKey = testECDSAPrivateKey - config.BuildNameToCertificate() - - test := &serverTest{ - name: "ECDHE-ECDSA-AES", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-ECDSA-AES256-SHA"}, - config: config, - } - runServerTestTLS10(t, test) - runServerTestTLS12(t, test) -} - func TestHandshakeServerALPN(t *testing.T) { config := testConfig.Clone() config.NextProtos = []string{"proto1", "proto2"} @@ -657,37 +641,6 @@ func TestHandshakeServerSNI(t *testing.T) { runServerTestTLS12(t, test) } -// TestCipherSuiteCertPreference ensures that we select an RSA ciphersuite with -// an RSA certificate and an ECDSA ciphersuite with an ECDSA certificate. -func TestCipherSuiteCertPreferenceECDSA(t *testing.T) { - config := testConfig.Clone() - config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA} - config.PreferServerCipherSuites = true - - test := &serverTest{ - name: "CipherSuiteCertPreferenceRSA", - config: config, - } - runServerTestTLS12(t, test) - - config = testConfig.Clone() - config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA} - config.Certificates = []Certificate{ - { - Certificate: [][]byte{testECDSACertificate}, - PrivateKey: testECDSAPrivateKey, - }, - } - config.BuildNameToCertificate() - config.PreferServerCipherSuites = true - - test = &serverTest{ - name: "CipherSuiteCertPreferenceECDSA", - config: config, - } - runServerTestTLS12(t, test) -} - func TestResumption(t *testing.T) { sessionFilePath := tempFile("") defer os.Remove(sessionFilePath)