Add 192-bit Suite B policy

Since 128-bit policy is actually not even allowed since 2015.
author: Jack Lloyd <[email protected]> 2018-06-14 11:59:15 -0400
committer: Jack Lloyd <[email protected]> 2018-06-14 11:59:15 -0400
commit: 6dce31a9c6ea81e594e9239290ccb1c427ee5e29 (patch)
tree: 8538691250c338d22e8d6cfd43870344a10c6711 /src/tests/data/tls-policy
parent: 071d6a9560365fd13dd68af66e84e80b3d7d7e37 (diff)
2 files changed, 22 insertions, 0 deletions
diff --git a/src/tests/data/tls-policy/suiteb.txt b/src/tests/data/tls-policy/suiteb_128.txt
index 90ef68f4a..90ef68f4a 100644
--- a/src/tests/data/tls-policy/suiteb.txt
+++ b/src/tests/data/tls-policy/suiteb_128.txt
diff --git a/src/tests/data/tls-policy/suiteb_192.txt b/src/tests/data/tls-policy/suiteb_192.txt
new file mode 100644
index 000000000..5d80e6481
--- /dev/null
+++ b/src/tests/data/tls-policy/suiteb_192.txt
@@ -0,0 +1,22 @@
+allow_tls10 = false
+allow_tls11 = false
+allow_tls12 = true
+allow_dtls10 = false
+allow_dtls12 = false
+ciphers = AES-256/GCM
+macs = AEAD
+signature_hashes = SHA-384
+signature_methods = ECDSA
+key_exchange_methods = ECDH
+key_exchange_groups = secp384r1
+allow_insecure_renegotiation = false
+include_time_in_hello_random = true
+allow_server_initiated_renegotiation = false
+hide_unknown_users = false
+server_uses_own_ciphersuite_preferences = true
+negotiate_encrypt_then_mac = true
+session_ticket_lifetime = 86400
+minimum_dh_group_size = 2048
+minimum_ecdh_group_size = 255
+minimum_rsa_bits = 2048
+minimum_signature_strength = 192
author	Jack Lloyd <[email protected]>	2018-06-14 11:59:15 -0400
committer	Jack Lloyd <[email protected]>	2018-06-14 11:59:15 -0400
commit	6dce31a9c6ea81e594e9239290ccb1c427ee5e29 (patch)
tree	8538691250c338d22e8d6cfd43870344a10c6711 /src/tests/data/tls-policy
parent	071d6a9560365fd13dd68af66e84e80b3d7d7e37 (diff)