wolfssl-w32/tests/test-sm2.conf

# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-A ./certs/sm2/client-sm2.pem
-V
# Remove -V when CRL for SM2 certificates available.

# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/client-sm2.pem
-k ./certs/sm2/client-sm2-priv.pem
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
-v 3
-l ECDHE-ECDSA-SM4-GCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
-v 3
-l ECDHE-ECDSA-SM4-GCM-SM3
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
-v 3
-l ECDHE-ECDSA-SM4-CCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
-v 3
-l ECDHE-ECDSA-SM4-CCM-SM3
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-A ./certs/sm2/root-sm2.pem
-C

# server TLSv1.3 TLS13-SM4-CCM-SM3
-v 4
-l TLS13-SM4-CCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-d

# client TLSv1.3 TLS13-SM4-CCM-SM3
-v 4
-l TLS13-SM4-CCM-SM3
-A ./certs/sm2/root-sm2.pem
-C

# Enable when CRL for SM2 certificates available.
# server TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-A ./certs/sm2/client-sm2.pem
-V
# Remove -V when CRL for SM2 certificates available.

# client TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-c ./certs/sm2/client-sm2.pem
-k ./certs/sm2/client-sm2-priv.pem
-A ./certs/sm2/root-sm2.pem
-C

# Enable when CRL for SM2 certificates available.
# server TLSv1.3 TLS13-SM4-CCM-SM3
-v 4
-l TLS13-SM4-CCM-SM3
-c ./certs/sm2/server-sm2.pem
-k ./certs/sm2/server-sm2-priv.pem
-A ./certs/sm2/client-sm2.pem
-V
# Remove -V when CRL for SM2 certificates available.

# client TLSv1.3 TLS13-SM4-CCM-SM3
-v 4
-l TLS13-SM4-CCM-SM3
-c ./certs/sm2/client-sm2.pem
-k ./certs/sm2/client-sm2-priv.pem
-A ./certs/sm2/root-sm2.pem
-C

# GmSSL certificates and keys
# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-d

# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-A ./certs/sm2/self-sm2-cert.pem
-C

# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-A ./certs/sm2/self-sm2-cert.pem
-V

# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
-v 3
-l ECDHE-ECDSA-SM4-CBC-SM3
-A ./certs/sm2/self-sm2-cert.pem
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-C

# server TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-d

# client TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-A ./certs/sm2/self-sm2-cert.pem
-C

# server TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-A ./certs/sm2/self-sm2-cert.pem
-V

# client TLSv1.3 TLS13-SM4-GCM-SM3
-v 4
-l TLS13-SM4-GCM-SM3
-A ./certs/sm2/self-sm2-cert.pem
-c ./certs/sm2/self-sm2-cert.pem
-k ./certs/sm2/self-sm2-priv.pem
-C
Import from wolfssl-5.6.6 Upstream: https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable 2024-03-02 03:59:08 +00:00			`# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-A ./certs/sm2/client-sm2.pem`
			`-V`
			`# Remove -V when CRL for SM2 certificates available.`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/client-sm2.pem`
			`-k ./certs/sm2/client-sm2-priv.pem`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-GCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-GCM-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CCM-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# server TLSv1.3 TLS13-SM4-CCM-SM3`
			`-v 4`
			`-l TLS13-SM4-CCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-d`

			`# client TLSv1.3 TLS13-SM4-CCM-SM3`
			`-v 4`
			`-l TLS13-SM4-CCM-SM3`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# Enable when CRL for SM2 certificates available.`
			`# server TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-A ./certs/sm2/client-sm2.pem`
			`-V`
			`# Remove -V when CRL for SM2 certificates available.`

			`# client TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-c ./certs/sm2/client-sm2.pem`
			`-k ./certs/sm2/client-sm2-priv.pem`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# Enable when CRL for SM2 certificates available.`
			`# server TLSv1.3 TLS13-SM4-CCM-SM3`
			`-v 4`
			`-l TLS13-SM4-CCM-SM3`
			`-c ./certs/sm2/server-sm2.pem`
			`-k ./certs/sm2/server-sm2-priv.pem`
			`-A ./certs/sm2/client-sm2.pem`
			`-V`
			`# Remove -V when CRL for SM2 certificates available.`

			`# client TLSv1.3 TLS13-SM4-CCM-SM3`
			`-v 4`
			`-l TLS13-SM4-CCM-SM3`
			`-c ./certs/sm2/client-sm2.pem`
			`-k ./certs/sm2/client-sm2-priv.pem`
			`-A ./certs/sm2/root-sm2.pem`
			`-C`

			`# GmSSL certificates and keys`
			`# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-d`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-C`

			`# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-V`

			`# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3`
			`-v 3`
			`-l ECDHE-ECDSA-SM4-CBC-SM3`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-C`

			`# server TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-d`

			`# client TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-C`

			`# server TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-V`

			`# client TLSv1.3 TLS13-SM4-GCM-SM3`
			`-v 4`
			`-l TLS13-SM4-GCM-SM3`
			`-A ./certs/sm2/self-sm2-cert.pem`
			`-c ./certs/sm2/self-sm2-cert.pem`
			`-k ./certs/sm2/self-sm2-priv.pem`
			`-C`