diff options
author | Jack Lloyd <[email protected]> | 2017-09-01 07:42:09 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-09-02 05:18:11 -0400 |
commit | 6693454c7cfd40b733520b90f9fbb5737faab069 (patch) | |
tree | e70d700d06ae96f9c2f624493460d17cfd2aad45 /src/tests/data | |
parent | dc672bf97fb3ffa582fe66ba20ab483df05e01ae (diff) |
Add a script for running TLS-Attacker, remove old shell scripts
[ci skip]
Diffstat (limited to 'src/tests/data')
-rw-r--r-- | src/tests/data/tls-policy/compat.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/src/tests/data/tls-policy/compat.txt b/src/tests/data/tls-policy/compat.txt new file mode 100644 index 000000000..1890b12b5 --- /dev/null +++ b/src/tests/data/tls-policy/compat.txt @@ -0,0 +1,29 @@ +# There is no cooresponding type for this text policy but it is useful +# for interop testing and fuzz testing + +# It is based on the default policy, but allows 3DES, SHA-1 signatures, +# static RSA, and reduces the ephemeral key sizes + +allow_tls10 = true +allow_tls11 = true +allow_tls12 = true +allow_dtls10 = false +allow_dtls12 = false +ciphers = ChaCha20Poly1305 AES-256/GCM AES-128/GCM AES-256 AES-128 3DES +macs = AEAD SHA-256 SHA-384 SHA-1 +signature_hashes = SHA-512 SHA-384 SHA-256 SHA-1 +signature_methods = ECDSA RSA +key_exchange_methods = CECPQ1 ECDH DH RSA +ecc_curves = x25519 secp256r1 secp521r1 secp384r1 brainpool256r1 brainpool384r1 brainpool512r1 +allow_insecure_renegotiation = false +include_time_in_hello_random = true +allow_server_initiated_renegotiation = false +hide_unknown_users = false +server_uses_own_ciphersuite_preferences = true +negotiate_encrypt_then_mac = true +session_ticket_lifetime = 86400 +dh_group = modp/ietf/1024 +minimum_dh_group_size = 1024 +minimum_ecdh_group_size = 255 +minimum_rsa_bits = 1024 +minimum_signature_strength = 80 |