From eca36f44de3344805707bf126f348ba3b6a290b1 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 11 Jun 2009 11:37:21 +0200
Subject: split openssl scenarios into openssl-ikev1 and openssl-ikev2

---
 .../openssl-ikev1/alg-ecp-high/description.txt     | 17 +++++++++++++++
 .../tests/openssl-ikev1/alg-ecp-high/evaltest.dat  | 13 +++++++++++
 .../alg-ecp-high/hosts/carol/etc/ipsec.conf        | 25 ++++++++++++++++++++++
 .../alg-ecp-high/hosts/carol/etc/strongswan.conf   |  5 +++++
 .../alg-ecp-high/hosts/dave/etc/ipsec.conf         | 25 ++++++++++++++++++++++
 .../alg-ecp-high/hosts/dave/etc/strongswan.conf    |  5 +++++
 .../alg-ecp-high/hosts/moon/etc/ipsec.conf         | 24 +++++++++++++++++++++
 .../alg-ecp-high/hosts/moon/etc/strongswan.conf    |  5 +++++
 .../tests/openssl-ikev1/alg-ecp-high/posttest.dat  |  6 ++++++
 .../tests/openssl-ikev1/alg-ecp-high/pretest.dat   |  9 ++++++++
 testing/tests/openssl-ikev1/alg-ecp-high/test.conf | 21 ++++++++++++++++++
 .../openssl-ikev1/alg-ecp-low/description.txt      | 17 +++++++++++++++
 .../tests/openssl-ikev1/alg-ecp-low/evaltest.dat   | 13 +++++++++++
 .../alg-ecp-low/hosts/carol/etc/ipsec.conf         | 25 ++++++++++++++++++++++
 .../alg-ecp-low/hosts/carol/etc/strongswan.conf    |  5 +++++
 .../alg-ecp-low/hosts/dave/etc/ipsec.conf          | 25 ++++++++++++++++++++++
 .../alg-ecp-low/hosts/dave/etc/strongswan.conf     |  5 +++++
 .../alg-ecp-low/hosts/moon/etc/ipsec.conf          | 24 +++++++++++++++++++++
 .../alg-ecp-low/hosts/moon/etc/strongswan.conf     |  5 +++++
 .../tests/openssl-ikev1/alg-ecp-low/posttest.dat   |  6 ++++++
 .../tests/openssl-ikev1/alg-ecp-low/pretest.dat    |  9 ++++++++
 testing/tests/openssl-ikev1/alg-ecp-low/test.conf  | 21 ++++++++++++++++++
 .../tests/openssl-ikev1/rw-cert/description.txt    | 12 +++++++++++
 testing/tests/openssl-ikev1/rw-cert/evaltest.dat   | 10 +++++++++
 .../rw-cert/hosts/carol/etc/ipsec.conf             | 25 ++++++++++++++++++++++
 .../rw-cert/hosts/carol/etc/strongswan.conf        |  5 +++++
 .../rw-cert/hosts/dave/etc/ipsec.conf              | 25 ++++++++++++++++++++++
 .../rw-cert/hosts/dave/etc/strongswan.conf         |  5 +++++
 .../rw-cert/hosts/moon/etc/ipsec.conf              | 24 +++++++++++++++++++++
 .../rw-cert/hosts/moon/etc/strongswan.conf         |  9 ++++++++
 testing/tests/openssl-ikev1/rw-cert/posttest.dat   |  6 ++++++
 testing/tests/openssl-ikev1/rw-cert/pretest.dat    |  9 ++++++++
 testing/tests/openssl-ikev1/rw-cert/test.conf      | 21 ++++++++++++++++++
 .../openssl-ikev2/alg-blowfish/description.txt     | 11 ++++++++++
 .../tests/openssl-ikev2/alg-blowfish/evaltest.dat  | 16 ++++++++++++++
 .../alg-blowfish/hosts/carol/etc/ipsec.conf        | 25 ++++++++++++++++++++++
 .../alg-blowfish/hosts/carol/etc/strongswan.conf   |  5 +++++
 .../alg-blowfish/hosts/dave/etc/ipsec.conf         | 25 ++++++++++++++++++++++
 .../alg-blowfish/hosts/dave/etc/strongswan.conf    |  5 +++++
 .../alg-blowfish/hosts/moon/etc/ipsec.conf         | 24 +++++++++++++++++++++
 .../alg-blowfish/hosts/moon/etc/strongswan.conf    |  6 ++++++
 .../tests/openssl-ikev2/alg-blowfish/posttest.dat  |  6 ++++++
 .../tests/openssl-ikev2/alg-blowfish/pretest.dat   |  9 ++++++++
 testing/tests/openssl-ikev2/alg-blowfish/test.conf | 21 ++++++++++++++++++
 .../openssl-ikev2/alg-ecp-high/description.txt     | 17 +++++++++++++++
 .../tests/openssl-ikev2/alg-ecp-high/evaltest.dat  | 14 ++++++++++++
 .../alg-ecp-high/hosts/carol/etc/ipsec.conf        | 24 +++++++++++++++++++++
 .../alg-ecp-high/hosts/carol/etc/strongswan.conf   |  5 +++++
 .../alg-ecp-high/hosts/dave/etc/ipsec.conf         | 24 +++++++++++++++++++++
 .../alg-ecp-high/hosts/dave/etc/strongswan.conf    |  5 +++++
 .../alg-ecp-high/hosts/moon/etc/ipsec.conf         | 23 ++++++++++++++++++++
 .../alg-ecp-high/hosts/moon/etc/strongswan.conf    |  5 +++++
 .../tests/openssl-ikev2/alg-ecp-high/posttest.dat  |  6 ++++++
 .../tests/openssl-ikev2/alg-ecp-high/pretest.dat   |  9 ++++++++
 testing/tests/openssl-ikev2/alg-ecp-high/test.conf | 21 ++++++++++++++++++
 .../openssl-ikev2/alg-ecp-low/description.txt      | 17 +++++++++++++++
 .../tests/openssl-ikev2/alg-ecp-low/evaltest.dat   | 14 ++++++++++++
 .../alg-ecp-low/hosts/carol/etc/ipsec.conf         | 24 +++++++++++++++++++++
 .../alg-ecp-low/hosts/carol/etc/strongswan.conf    |  5 +++++
 .../alg-ecp-low/hosts/dave/etc/ipsec.conf          | 24 +++++++++++++++++++++
 .../alg-ecp-low/hosts/dave/etc/strongswan.conf     |  5 +++++
 .../alg-ecp-low/hosts/moon/etc/ipsec.conf          | 23 ++++++++++++++++++++
 .../alg-ecp-low/hosts/moon/etc/strongswan.conf     |  5 +++++
 .../tests/openssl-ikev2/alg-ecp-low/posttest.dat   |  6 ++++++
 .../tests/openssl-ikev2/alg-ecp-low/pretest.dat    |  9 ++++++++
 testing/tests/openssl-ikev2/alg-ecp-low/test.conf  | 21 ++++++++++++++++++
 .../openssl-ikev2/ecdsa-certs/description.txt      | 11 ++++++++++
 .../tests/openssl-ikev2/ecdsa-certs/evaltest.dat   | 14 ++++++++++++
 .../ecdsa-certs/hosts/carol/etc/ipsec.conf         | 24 +++++++++++++++++++++
 .../carol/etc/ipsec.d/cacerts/strongswanCert.pem   | 17 +++++++++++++++
 .../hosts/carol/etc/ipsec.d/certs/carolCert.pem    | 18 ++++++++++++++++
 .../hosts/carol/etc/ipsec.d/private/carolKey.pem   |  8 +++++++
 .../ecdsa-certs/hosts/carol/etc/ipsec.secrets      |  3 +++
 .../ecdsa-certs/hosts/carol/etc/strongswan.conf    |  5 +++++
 .../ecdsa-certs/hosts/dave/etc/ipsec.conf          | 24 +++++++++++++++++++++
 .../dave/etc/ipsec.d/cacerts/strongswanCert.pem    | 17 +++++++++++++++
 .../hosts/dave/etc/ipsec.d/certs/daveCert.pem      | 19 ++++++++++++++++
 .../hosts/dave/etc/ipsec.d/private/daveKey.pem     |  6 ++++++
 .../ecdsa-certs/hosts/dave/etc/ipsec.secrets       |  3 +++
 .../ecdsa-certs/hosts/dave/etc/strongswan.conf     |  5 +++++
 .../ecdsa-certs/hosts/moon/etc/ipsec.conf          | 23 ++++++++++++++++++++
 .../moon/etc/ipsec.d/cacerts/strongswanCert.pem    | 17 +++++++++++++++
 .../hosts/moon/etc/ipsec.d/certs/moonCert.pem      | 20 +++++++++++++++++
 .../hosts/moon/etc/ipsec.d/private/moonKey.pem     |  7 ++++++
 .../ecdsa-certs/hosts/moon/etc/ipsec.secrets       |  3 +++
 .../ecdsa-certs/hosts/moon/etc/strongswan.conf     |  5 +++++
 .../tests/openssl-ikev2/ecdsa-certs/posttest.dat   |  6 ++++++
 .../tests/openssl-ikev2/ecdsa-certs/pretest.dat    |  9 ++++++++
 testing/tests/openssl-ikev2/ecdsa-certs/test.conf  | 21 ++++++++++++++++++
 .../tests/openssl-ikev2/rw-cert/description.txt    | 12 +++++++++++
 testing/tests/openssl-ikev2/rw-cert/evaltest.dat   | 10 +++++++++
 .../rw-cert/hosts/carol/etc/ipsec.conf             | 24 +++++++++++++++++++++
 .../rw-cert/hosts/carol/etc/strongswan.conf        |  5 +++++
 .../rw-cert/hosts/dave/etc/ipsec.conf              | 24 +++++++++++++++++++++
 .../rw-cert/hosts/dave/etc/strongswan.conf         |  5 +++++
 .../rw-cert/hosts/moon/etc/ipsec.conf              | 23 ++++++++++++++++++++
 .../rw-cert/hosts/moon/etc/strongswan.conf         |  6 ++++++
 testing/tests/openssl-ikev2/rw-cert/posttest.dat   |  6 ++++++
 testing/tests/openssl-ikev2/rw-cert/pretest.dat    |  9 ++++++++
 testing/tests/openssl-ikev2/rw-cert/test.conf      | 21 ++++++++++++++++++
 testing/tests/openssl/alg-blowfish/description.txt | 11 ----------
 testing/tests/openssl/alg-blowfish/evaltest.dat    | 16 --------------
 .../alg-blowfish/hosts/carol/etc/ipsec.conf        | 25 ----------------------
 .../alg-blowfish/hosts/carol/etc/strongswan.conf   |  5 -----
 .../openssl/alg-blowfish/hosts/dave/etc/ipsec.conf | 25 ----------------------
 .../alg-blowfish/hosts/dave/etc/strongswan.conf    |  5 -----
 .../openssl/alg-blowfish/hosts/moon/etc/ipsec.conf | 24 ---------------------
 .../alg-blowfish/hosts/moon/etc/strongswan.conf    |  6 ------
 testing/tests/openssl/alg-blowfish/posttest.dat    |  6 ------
 testing/tests/openssl/alg-blowfish/pretest.dat     |  9 --------
 testing/tests/openssl/alg-blowfish/test.conf       | 21 ------------------
 testing/tests/openssl/ecdsa-certs/description.txt  | 11 ----------
 testing/tests/openssl/ecdsa-certs/evaltest.dat     | 14 ------------
 .../openssl/ecdsa-certs/hosts/carol/etc/ipsec.conf | 24 ---------------------
 .../carol/etc/ipsec.d/cacerts/strongswanCert.pem   | 17 ---------------
 .../hosts/carol/etc/ipsec.d/certs/carolCert.pem    | 18 ----------------
 .../hosts/carol/etc/ipsec.d/private/carolKey.pem   |  8 -------
 .../ecdsa-certs/hosts/carol/etc/ipsec.secrets      |  3 ---
 .../ecdsa-certs/hosts/carol/etc/strongswan.conf    |  5 -----
 .../openssl/ecdsa-certs/hosts/dave/etc/ipsec.conf  | 24 ---------------------
 .../dave/etc/ipsec.d/cacerts/strongswanCert.pem    | 17 ---------------
 .../hosts/dave/etc/ipsec.d/certs/daveCert.pem      | 19 ----------------
 .../hosts/dave/etc/ipsec.d/private/daveKey.pem     |  6 ------
 .../ecdsa-certs/hosts/dave/etc/ipsec.secrets       |  3 ---
 .../ecdsa-certs/hosts/dave/etc/strongswan.conf     |  5 -----
 .../openssl/ecdsa-certs/hosts/moon/etc/ipsec.conf  | 23 --------------------
 .../moon/etc/ipsec.d/cacerts/strongswanCert.pem    | 17 ---------------
 .../hosts/moon/etc/ipsec.d/certs/moonCert.pem      | 20 -----------------
 .../hosts/moon/etc/ipsec.d/private/moonKey.pem     |  7 ------
 .../ecdsa-certs/hosts/moon/etc/ipsec.secrets       |  3 ---
 .../ecdsa-certs/hosts/moon/etc/strongswan.conf     |  5 -----
 testing/tests/openssl/ecdsa-certs/posttest.dat     |  6 ------
 testing/tests/openssl/ecdsa-certs/pretest.dat      |  9 --------
 testing/tests/openssl/ecdsa-certs/test.conf        | 21 ------------------
 .../openssl/ikev1-alg-ecp-high/description.txt     | 17 ---------------
 .../tests/openssl/ikev1-alg-ecp-high/evaltest.dat  | 13 -----------
 .../ikev1-alg-ecp-high/hosts/carol/etc/ipsec.conf  | 25 ----------------------
 .../hosts/carol/etc/strongswan.conf                |  5 -----
 .../ikev1-alg-ecp-high/hosts/dave/etc/ipsec.conf   | 25 ----------------------
 .../hosts/dave/etc/strongswan.conf                 |  5 -----
 .../ikev1-alg-ecp-high/hosts/moon/etc/ipsec.conf   | 24 ---------------------
 .../hosts/moon/etc/strongswan.conf                 |  5 -----
 .../tests/openssl/ikev1-alg-ecp-high/posttest.dat  |  6 ------
 .../tests/openssl/ikev1-alg-ecp-high/pretest.dat   |  9 --------
 testing/tests/openssl/ikev1-alg-ecp-high/test.conf | 21 ------------------
 .../openssl/ikev1-alg-ecp-low/description.txt      | 17 ---------------
 .../tests/openssl/ikev1-alg-ecp-low/evaltest.dat   | 13 -----------
 .../ikev1-alg-ecp-low/hosts/carol/etc/ipsec.conf   | 25 ----------------------
 .../hosts/carol/etc/strongswan.conf                |  5 -----
 .../ikev1-alg-ecp-low/hosts/dave/etc/ipsec.conf    | 25 ----------------------
 .../hosts/dave/etc/strongswan.conf                 |  5 -----
 .../ikev1-alg-ecp-low/hosts/moon/etc/ipsec.conf    | 24 ---------------------
 .../hosts/moon/etc/strongswan.conf                 |  5 -----
 .../tests/openssl/ikev1-alg-ecp-low/posttest.dat   |  6 ------
 .../tests/openssl/ikev1-alg-ecp-low/pretest.dat    |  9 --------
 testing/tests/openssl/ikev1-alg-ecp-low/test.conf  | 21 ------------------
 .../openssl/ikev2-alg-ecp-high/description.txt     | 17 ---------------
 .../tests/openssl/ikev2-alg-ecp-high/evaltest.dat  | 14 ------------
 .../ikev2-alg-ecp-high/hosts/carol/etc/ipsec.conf  | 24 ---------------------
 .../hosts/carol/etc/strongswan.conf                |  5 -----
 .../ikev2-alg-ecp-high/hosts/dave/etc/ipsec.conf   | 24 ---------------------
 .../hosts/dave/etc/strongswan.conf                 |  5 -----
 .../ikev2-alg-ecp-high/hosts/moon/etc/ipsec.conf   | 23 --------------------
 .../hosts/moon/etc/strongswan.conf                 |  5 -----
 .../tests/openssl/ikev2-alg-ecp-high/posttest.dat  |  6 ------
 .../tests/openssl/ikev2-alg-ecp-high/pretest.dat   |  9 --------
 testing/tests/openssl/ikev2-alg-ecp-high/test.conf | 21 ------------------
 .../openssl/ikev2-alg-ecp-low/description.txt      | 17 ---------------
 .../tests/openssl/ikev2-alg-ecp-low/evaltest.dat   | 14 ------------
 .../ikev2-alg-ecp-low/hosts/carol/etc/ipsec.conf   | 24 ---------------------
 .../hosts/carol/etc/strongswan.conf                |  5 -----
 .../ikev2-alg-ecp-low/hosts/dave/etc/ipsec.conf    | 24 ---------------------
 .../hosts/dave/etc/strongswan.conf                 |  5 -----
 .../ikev2-alg-ecp-low/hosts/moon/etc/ipsec.conf    | 23 --------------------
 .../hosts/moon/etc/strongswan.conf                 |  5 -----
 .../tests/openssl/ikev2-alg-ecp-low/posttest.dat   |  6 ------
 .../tests/openssl/ikev2-alg-ecp-low/pretest.dat    |  9 --------
 testing/tests/openssl/ikev2-alg-ecp-low/test.conf  | 21 ------------------
 .../tests/openssl/rw-cert-ikev1/description.txt    | 12 -----------
 testing/tests/openssl/rw-cert-ikev1/evaltest.dat   | 10 ---------
 .../rw-cert-ikev1/hosts/carol/etc/ipsec.conf       | 25 ----------------------
 .../rw-cert-ikev1/hosts/carol/etc/strongswan.conf  |  5 -----
 .../rw-cert-ikev1/hosts/dave/etc/ipsec.conf        | 25 ----------------------
 .../rw-cert-ikev1/hosts/dave/etc/strongswan.conf   |  5 -----
 .../rw-cert-ikev1/hosts/moon/etc/ipsec.conf        | 24 ---------------------
 .../rw-cert-ikev1/hosts/moon/etc/strongswan.conf   |  9 --------
 testing/tests/openssl/rw-cert-ikev1/posttest.dat   |  6 ------
 testing/tests/openssl/rw-cert-ikev1/pretest.dat    |  9 --------
 testing/tests/openssl/rw-cert-ikev1/test.conf      | 21 ------------------
 .../tests/openssl/rw-cert-ikev2/description.txt    | 12 -----------
 testing/tests/openssl/rw-cert-ikev2/evaltest.dat   | 10 ---------
 .../rw-cert-ikev2/hosts/carol/etc/ipsec.conf       | 24 ---------------------
 .../rw-cert-ikev2/hosts/carol/etc/strongswan.conf  |  5 -----
 .../rw-cert-ikev2/hosts/dave/etc/ipsec.conf        | 24 ---------------------
 .../rw-cert-ikev2/hosts/dave/etc/strongswan.conf   |  5 -----
 .../rw-cert-ikev2/hosts/moon/etc/ipsec.conf        | 23 --------------------
 .../rw-cert-ikev2/hosts/moon/etc/strongswan.conf   |  6 ------
 testing/tests/openssl/rw-cert-ikev2/posttest.dat   |  6 ------
 testing/tests/openssl/rw-cert-ikev2/pretest.dat    |  9 --------
 testing/tests/openssl/rw-cert-ikev2/test.conf      | 21 ------------------
 200 files changed, 1350 insertions(+), 1350 deletions(-)
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/description.txt
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/posttest.dat
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/pretest.dat
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-high/test.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/description.txt
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/posttest.dat
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/pretest.dat
 create mode 100644 testing/tests/openssl-ikev1/alg-ecp-low/test.conf
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/description.txt
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/posttest.dat
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/pretest.dat
 create mode 100644 testing/tests/openssl-ikev1/rw-cert/test.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/description.txt
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/posttest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/pretest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-blowfish/test.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/description.txt
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/posttest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/pretest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/test.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/description.txt
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/posttest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/pretest.dat
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-low/test.conf
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/description.txt
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.secrets
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.secrets
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.secrets
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/posttest.dat
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/pretest.dat
 create mode 100644 testing/tests/openssl-ikev2/ecdsa-certs/test.conf
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/description.txt
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/evaltest.dat
 create mode 100755 testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/strongswan.conf
 create mode 100755 testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/ipsec.conf
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/posttest.dat
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/pretest.dat
 create mode 100644 testing/tests/openssl-ikev2/rw-cert/test.conf
 delete mode 100644 testing/tests/openssl/alg-blowfish/description.txt
 delete mode 100644 testing/tests/openssl/alg-blowfish/evaltest.dat
 delete mode 100755 testing/tests/openssl/alg-blowfish/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/alg-blowfish/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/alg-blowfish/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/alg-blowfish/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/alg-blowfish/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/alg-blowfish/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/alg-blowfish/posttest.dat
 delete mode 100644 testing/tests/openssl/alg-blowfish/pretest.dat
 delete mode 100644 testing/tests/openssl/alg-blowfish/test.conf
 delete mode 100644 testing/tests/openssl/ecdsa-certs/description.txt
 delete mode 100644 testing/tests/openssl/ecdsa-certs/evaltest.dat
 delete mode 100755 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.secrets
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.secrets
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.secrets
 delete mode 100644 testing/tests/openssl/ecdsa-certs/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/ecdsa-certs/posttest.dat
 delete mode 100644 testing/tests/openssl/ecdsa-certs/pretest.dat
 delete mode 100644 testing/tests/openssl/ecdsa-certs/test.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/description.txt
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/evaltest.dat
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/posttest.dat
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/pretest.dat
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-high/test.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/description.txt
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/evaltest.dat
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/posttest.dat
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/pretest.dat
 delete mode 100644 testing/tests/openssl/ikev1-alg-ecp-low/test.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/description.txt
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/evaltest.dat
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/posttest.dat
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/pretest.dat
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-high/test.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/description.txt
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/evaltest.dat
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/posttest.dat
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/pretest.dat
 delete mode 100644 testing/tests/openssl/ikev2-alg-ecp-low/test.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/description.txt
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/evaltest.dat
 delete mode 100755 testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/posttest.dat
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/pretest.dat
 delete mode 100644 testing/tests/openssl/rw-cert-ikev1/test.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/description.txt
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/evaltest.dat
 delete mode 100755 testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/strongswan.conf
 delete mode 100755 testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/ipsec.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/strongswan.conf
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/posttest.dat
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/pretest.dat
 delete mode 100644 testing/tests/openssl/rw-cert-ikev2/test.conf

(limited to 'testing')

diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/description.txt b/testing/tests/openssl-ikev1/alg-ecp-high/description.txt
new file mode 100644
index 000000000..b8efbe87e
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/description.txt
@@ -0,0 +1,17 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
+the Elliptic Curve Diffie-Hellman groups only.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+<b>carol</b> proposes the DH groups ECP_256 and ECP_384 whereas <b>dave</b> proposes
+ECP_256 and ECP_521. Since <b>moon</b> does not support ECP_256 the roadwarriors
+fall back to ECP_384 and ECP_521, respectively.
+<p>
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/evaltest.dat b/testing/tests/openssl-ikev1/alg-ecp-high/evaltest.dat
new file mode 100644
index 000000000..6a6802780
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/evaltest.dat
@@ -0,0 +1,13 @@
+moon::cat /var/log/auth.log::ECP_256.*refused due to strict flag::YES
+moon::ipsec statusall::IPsec SA established::YES
+carol::ipsec statusall::IPsec SA established::YES
+carol::ipsec statusall::IKE proposal: AES_CBC_192/HMAC_SHA2_384/ECP_384::YES
+dave::ipsec statusall::IPsec SA established::YES
+dave::ipsec statusall::IKE proposal: AES_CBC_256/HMAC_SHA2_512/ECP_521::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..432fa52ea
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes192-sha384-ecp256,aes192-sha384-ecp384!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..c33f54ea5
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..28304eb41
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes256-sha512-ecp256,aes256-sha512-ecp521!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..53af5cf26
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = aes des sha1 sha2 md5 gmp openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..d6737f6e0
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes192-sha384-ecp384,aes256-sha512-ecp521!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..c33f54ea5
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/posttest.dat b/testing/tests/openssl-ikev1/alg-ecp-high/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/pretest.dat b/testing/tests/openssl-ikev1/alg-ecp-high/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev1/alg-ecp-high/test.conf b/testing/tests/openssl-ikev1/alg-ecp-high/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-high/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/description.txt b/testing/tests/openssl-ikev1/alg-ecp-low/description.txt
new file mode 100644
index 000000000..4f043e7d9
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/description.txt
@@ -0,0 +1,17 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
+the Elliptic Curve Diffie-Hellman groups only.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+<b>carol</b> proposes the DH groups ECP_192 and ECP_224 whereas <b>dave</b> proposes
+ECP_192 and ECP_256. Since <b>moon</b> does not support ECP_192 the roadwarriors
+fall back to ECP_224 and ECP_256, respectively.
+<p>
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/evaltest.dat b/testing/tests/openssl-ikev1/alg-ecp-low/evaltest.dat
new file mode 100644
index 000000000..3c5ae4138
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/evaltest.dat
@@ -0,0 +1,13 @@
+moon::cat /var/log/auth.log::ECP_192.*refused due to strict flag::YES
+moon::ipsec statusall::IPsec SA established::YES
+carol::ipsec statusall::IPsec SA established::YES
+carol::ipsec statusall::IKE proposal: AES_CBC_128/HMAC_SHA2_256/ECP_224::YES
+dave::ipsec statusall::IPsec SA established::YES
+dave::ipsec statusall::IKE proposal: AES_CBC_128/HMAC_SHA2_256/ECP_256::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..5a4d82699
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes128-sha256-ecp192,aes128-sha256-ecp224!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..90668fdf8
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = openssl random hmac curl 
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..ac828c182
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes128-sha256-ecp192,aes128-sha256-ecp256!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..bd7dc854f
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = aes des sha1 sha2 md5 gmp openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..870271c87
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes128-sha256-ecp224,aes128-sha256-ecp256!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..90668fdf8
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = openssl random hmac curl 
+}
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/posttest.dat b/testing/tests/openssl-ikev1/alg-ecp-low/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/pretest.dat b/testing/tests/openssl-ikev1/alg-ecp-low/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev1/alg-ecp-low/test.conf b/testing/tests/openssl-ikev1/alg-ecp-low/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev1/alg-ecp-low/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev1/rw-cert/description.txt b/testing/tests/openssl-ikev1/rw-cert/description.txt
new file mode 100644
index 000000000..0f721c52b
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/description.txt
@@ -0,0 +1,12 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b>.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev1/rw-cert/evaltest.dat b/testing/tests/openssl-ikev1/rw-cert/evaltest.dat
new file mode 100644
index 000000000..1a9b9159f
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/evaltest.dat
@@ -0,0 +1,10 @@
+moon::ipsec statusall::IPsec SA established::YES
+carol::ipsec statusall::IPsec SA established::YES
+dave::ipsec statusall::IPsec SA established::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..80dae3719
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=3des-sha1-modp1536!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..c33f54ea5
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..73167caad
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes256-sha256-modp2048!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..b914f9a45
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+  load = aes des sha1 sha2 md5 gmp random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..f365b07da
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+	plutodebug=control
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	ike=aes256-sha256-modp2048,3des-sha1-modp1536!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..044a76bfc
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,9 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  dh_exponent_ansi_x9_42 = no
+}
+
+pluto {
+  load = openssl random hmac curl
+}
diff --git a/testing/tests/openssl-ikev1/rw-cert/posttest.dat b/testing/tests/openssl-ikev1/rw-cert/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev1/rw-cert/pretest.dat b/testing/tests/openssl-ikev1/rw-cert/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev1/rw-cert/test.conf b/testing/tests/openssl-ikev1/rw-cert/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev1/rw-cert/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/description.txt b/testing/tests/openssl-ikev2/alg-blowfish/description.txt
new file mode 100644
index 000000000..d30d9d2da
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/description.txt
@@ -0,0 +1,11 @@
+The roadwarriors <b>carol</b> and <b>dave</b> as well as the gateway <b>moon</b>
+use the <b>openssl</b> plugin based on the <b>OpenSSL</b> library for all
+cryptographical functions, thus making the <b>Blowfish</b> available as an IKEv2 cipher.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b> using <b>Blowfish</b> for both IKE and ESP
+encryption.  Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/evaltest.dat b/testing/tests/openssl-ikev2/alg-blowfish/evaltest.dat
new file mode 100644
index 000000000..a1f9f6a8e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/evaltest.dat
@@ -0,0 +1,16 @@
+moon::ipsec statusall::rw.*ESTABLISHED::YES
+carol::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec statusall::IKE proposal: BLOWFISH_CBC_256::YES
+carol::ipsec statusall::BLOWFISH_CBC_192.*,::YES
+carol::ip -s xfrm state::enc cbc(blowfish).*(192 bits)::YES
+dave::ipsec statusall::home.*ESTABLISHED::YES
+dave::ipsec statusall::IKE proposal: BLOWFISH_CBC_128::YES
+dave::ipsec statusall::BLOWFISH_CBC_128.*,::YES
+dave::ip -s xfrm state::enc cbc(blowfish).*(128 bits)::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..62e181012
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=blowfish256-sha512-modp2048!
+	esp=blowfish192-sha256!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..26f3f3a04
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,25 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=blowfish128-sha256-modp1536!
+	esp=blowfish128-sha1!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..31a00f7fb
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=blowfish256-sha512-modp2048,blowfish128-sha256-modp1536!
+	esp=blowfish192-sha256,blowfish128-sha1!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..1887f7607
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,6 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  dh_exponent_ansi_x9_42 = no
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/posttest.dat b/testing/tests/openssl-ikev2/alg-blowfish/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/pretest.dat b/testing/tests/openssl-ikev2/alg-blowfish/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev2/alg-blowfish/test.conf b/testing/tests/openssl-ikev2/alg-blowfish/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-blowfish/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/description.txt b/testing/tests/openssl-ikev2/alg-ecp-high/description.txt
new file mode 100644
index 000000000..b8efbe87e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/description.txt
@@ -0,0 +1,17 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
+the Elliptic Curve Diffie-Hellman groups only.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+<b>carol</b> proposes the DH groups ECP_256 and ECP_384 whereas <b>dave</b> proposes
+ECP_256 and ECP_521. Since <b>moon</b> does not support ECP_256 the roadwarriors
+fall back to ECP_384 and ECP_521, respectively.
+<p>
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/evaltest.dat b/testing/tests/openssl-ikev2/alg-ecp-high/evaltest.dat
new file mode 100644
index 000000000..009936466
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/evaltest.dat
@@ -0,0 +1,14 @@
+carol::cat /var/log/daemon.log::ECP_256.*ECP_384::YES
+dave::cat /var/log/daemon.log::ECP_256.*ECP_521::YES
+moon::ipsec statusall::rw.*ESTABLISHED::YES
+carol::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec statusall::home.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/ECP_384::YES
+dave::ipsec statusall::home.*ESTABLISHED::YES
+dave::ipsec statusall::home.*AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_521::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..0550a09b4
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes192-sha384-ecp256,aes192-sha384-ecp384!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..22026fc36
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes256-sha512-ecp256,aes256-sha512-ecp521!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..7ffdcc204
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl aes des sha1 sha2 md5 gmp openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..ffe13d259
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,23 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes192-sha384-ecp384,aes256-sha512-ecp521!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/posttest.dat b/testing/tests/openssl-ikev2/alg-ecp-high/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/pretest.dat b/testing/tests/openssl-ikev2/alg-ecp-high/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/test.conf b/testing/tests/openssl-ikev2/alg-ecp-high/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/description.txt b/testing/tests/openssl-ikev2/alg-ecp-low/description.txt
new file mode 100644
index 000000000..4f043e7d9
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/description.txt
@@ -0,0 +1,17 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
+the Elliptic Curve Diffie-Hellman groups only.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+<b>carol</b> proposes the DH groups ECP_192 and ECP_224 whereas <b>dave</b> proposes
+ECP_192 and ECP_256. Since <b>moon</b> does not support ECP_192 the roadwarriors
+fall back to ECP_224 and ECP_256, respectively.
+<p>
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/evaltest.dat b/testing/tests/openssl-ikev2/alg-ecp-low/evaltest.dat
new file mode 100644
index 000000000..e2073d9be
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/evaltest.dat
@@ -0,0 +1,14 @@
+carol::cat /var/log/daemon.log::ECP_192.*ECP_224::YES
+dave::cat /var/log/daemon.log::ECP_192.*ECP_256::YES
+moon::ipsec statusall::rw.*ESTABLISHED::YES
+carol::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec statusall::home.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_224::YES
+dave::ipsec statusall::home.*ESTABLISHED::YES
+dave::ipsec statusall::home.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..6a15b3f54
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes128-sha256-ecp192,aes128-sha256-ecp224!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..b4bdf456f
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes128-sha256-ecp192,aes128-sha256-ecp256!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..7ffdcc204
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl aes des sha1 sha2 md5 gmp openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..64ec0f12c
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,23 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes128-sha256-ecp224,aes128-sha256-ecp256!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/posttest.dat b/testing/tests/openssl-ikev2/alg-ecp-low/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/pretest.dat b/testing/tests/openssl-ikev2/alg-ecp-low/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev2/alg-ecp-low/test.conf b/testing/tests/openssl-ikev2/alg-ecp-low/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-low/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/description.txt b/testing/tests/openssl-ikev2/ecdsa-certs/description.txt
new file mode 100644
index 000000000..2c098d898
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/description.txt
@@ -0,0 +1,11 @@
+The hosts <b>carol</b>, <b>dave</b>, and <b>moon</b> use the <b>openssl</b> plugin
+based on the <b>OpenSSL</b> library for all cryptographical functions.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>ECDSA signatures</b>
+using <b>Elliptic Curve certificates</b>.
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/evaltest.dat b/testing/tests/openssl-ikev2/ecdsa-certs/evaltest.dat
new file mode 100644
index 000000000..a7243ce70
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/evaltest.dat
@@ -0,0 +1,14 @@
+moon::cat /var/log/daemon.log::authentication of.*carol@strongswan.org.*with ECDSA-256 signature successful
+moon::cat /var/log/daemon.log::authentication of.*dave@strongswan.org.*with ECDSA-384 signature successful
+carol::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA-521 signature successful
+dave::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA-521 signature successful
+moon::ipsec statusall::rw.*ESTABLISHED::YES
+carol::ipsec statusall::home.*ESTABLISHED::YES
+dave::ipsec statusall::home.*ESTABLISHED::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..4f6fdc567
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	authby=ecdsasig
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
new file mode 100644
index 000000000..3480a434a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
+Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
+BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
+/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
+h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
+t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
+ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
+cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
+3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
new file mode 100644
index 000000000..29709926a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7zCCAlGgAwIBAgIBBDAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYyOTE4WhcNMTMwNjIxMTYyOTE4WjBfMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQgp/Z/GgzvVCDdVcIYqERml0KroZEaVqiF8uy8dlTS
+4mxNs6snDdEWh/LzXTd3NVnCihT2XgHxOk8NrX4hBMMYo4IBFDCCARAwCQYDVR0T
+BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFLdhGhurno1dU2SMx7UGXpa/lgJ9
+MHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25n
+U3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ry
+b25nc3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdz
+d2FuLm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GMADCBiAJCATa+
+sBFW3vCx/JgLyxU85F2QuLO0/zdNBhIU0kN7kr1cYBBr8mpbhuNKm6iFe2DsFJZx
+ii3DQjwvG46is2Njzi4vAkIA72lPodCDtAFpD/2PUxjzo6xTAFazUejobkdDTUXn
+s0f8qIzzeQuTwLbp6pDmR/JGzhAeRvQT82njCo0PJ8Hbz1c=
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
new file mode 100644
index 000000000..5f21c1012
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-128-CBC,F36088B0517117B50C1A436E5C84526E
+
+Zulq4O8x8i4P2I8+Ewe2pPJT8K2kzX9JjGhquFKaZdEG1YmXqIdMz41DA1b9cQjt
+KJstY10Gzc/C6Hv9v/ljfplcnumYBFdFsqvQ/Z0xh/G9u/J1gXjghhrQCUXbFble
+RVSwozA9IcCC9yQdhYyazF+85DR+p8AyQ5w2unOvuOk=
+-----END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.secrets b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.secrets
new file mode 100644
index 000000000..4e53ef91a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.secrets
@@ -0,0 +1,3 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+: ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6"
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..3138458ed
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	authby=ecdsasig
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
new file mode 100644
index 000000000..3480a434a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
+Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
+BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
+/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
+h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
+t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
+ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
+cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
+3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
new file mode 100644
index 000000000..075d8f1e5
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAmygAwIBAgIBAzAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYxMzU5WhcNMTMwNjIxMTYxMzU5WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+Mzg0IGJpdDEcMBoGA1UEAxQTZGF2ZUBzdHJvbmdzd2FuLm9yZzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABPxEg8AaVNAwCXqg0p21Zc7YzPLA3voAWf233CZJpsjb1w3y
+IeTUeIeGU7aLWAyuXgeBsx+lKzWy00LzPELOgK+3ulTHzBZg7s8kMGhwPWfV4JLA
+zrso5+i64+Y4wvRCBaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0G
+A1UdDgQWBBQxJAy8gaP3RNBt1WTD27/IMzANmTB4BgNVHSMEcTBvgBS6XflxthO1
+atHduja3qtLB7o/Y0qFMpEowSDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4
+IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3YW4gRUMgUm9vdCBDQYIJAPai
+dX4i76aJMB4GA1UdEQQXMBWBE2RhdmVAc3Ryb25nc3dhbi5vcmcwPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuX2Vj
+LmNybDAJBgcqhkjOPQQBA4GLADCBhwJCAZaqaroyGwqd7nb5dVVWjTK8glVzDFJH
+ru4F6R+7fDCGEOaFlxf4GRkSrvQQA8vfgo6Md9XjBwq0r+9s3xt5xJjJAkElSo1/
+wyn8KQ3XN07UIaMvPctipq2OgpfteQK/F81CtZ+YCLEQt3xT7NQpriaKwGQxJAQv
+g+Z+grJzTppAqpwRpg==
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
new file mode 100644
index 000000000..f628f88e5
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
@@ -0,0 +1,6 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCF8kl4ftfgcvWH2myFxhc22CUT63uPy28fqUMibnpRS/wf/pfxIrVX
++BhxpUhWS2agBwYFK4EEACKhZANiAAT8RIPAGlTQMAl6oNKdtWXO2MzywN76AFn9
+t9wmSabI29cN8iHk1HiHhlO2i1gMrl4HgbMfpSs1stNC8zxCzoCvt7pUx8wWYO7P
+JDBocD1n1eCSwM67KOfouuPmOML0QgU=
+-----END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.secrets b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.secrets
new file mode 100644
index 000000000..ebd3a2839
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.secrets
@@ -0,0 +1,3 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+: ECDSA daveKey.pem
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..892e0c39b
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,23 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	authby=ecdsasig
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
new file mode 100644
index 000000000..3480a434a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
+Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
+BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
+/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
+h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
+t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
+ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
+cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
+3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
new file mode 100644
index 000000000..5178c7f38
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDMDCCApKgAwIBAgIBATAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTQ0MzA3WhcNMTMwNjIxMTQ0MzA3WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+NTIxIGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzCBmzAQBgcqhkjO
+PQIBBgUrgQQAIwOBhgAEALmnl/PUy9v7Qsc914kdzY+TQ6VY2192oRoa9SkpxXrs
+5GnWSJoz3yinpPHdchH0UknKt/C2Ik2k7izDH/Zau5gNAD1PqBrYWtcP+sLnH1G9
+BTibraniAUSpSaDhiWrfTteRNWqkzZI37a6YfKcBZozQcvYMW1co15EwZTptqykX
+Eepuo4IBEzCCAQ8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDVU
+Hzs47lOG0dHsezm6aFqdwJwfMHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHu
+j9jSoUykSjBIMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dh
+bjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHgYD
+VR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6Athito
+dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAkGByqG
+SM49BAEDgYwAMIGIAkIBDgZs1pXvm8SwT9S1m6nIHwuZsJDsDri/PWM6NXdMUXEt
+l0p8cfq8PbJlK/0+eLz8Ec1zpWuF5vasFHkVhauHdnECQgEVuYTrlry9gAx7G4kH
+mne2yDxTclEDziWxPG4UkZbkGttf9eZlsXmNoX/Z/fojXxMYZaPqM3eOT2h6ezMD
+CI9WpQ==
+-----END CERTIFICATE-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
new file mode 100644
index 000000000..beab0485f
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIBrBxHEGICJRNkhm0HWfARp+dIzm6Lw7eCbQXNM6jSGL4DVNDVCV42
+yOKQqifWEcNWxO+wWtBaz91IF5hz/m4TbOGgBwYFK4EEACOhgYkDgYYABAC5p5fz
+1Mvb+0LHPdeJHc2Pk0OlWNtfdqEaGvUpKcV67ORp1kiaM98op6Tx3XIR9FJJyrfw
+tiJNpO4swx/2WruYDQA9T6ga2FrXD/rC5x9RvQU4m62p4gFEqUmg4Ylq307XkTVq
+pM2SN+2umHynAWaM0HL2DFtXKNeRMGU6baspFxHqbg==
+-----END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.secrets b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.secrets
new file mode 100644
index 000000000..1ef3eccb5
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.secrets
@@ -0,0 +1,3 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+: ECDSA moonKey.pem
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/posttest.dat b/testing/tests/openssl-ikev2/ecdsa-certs/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/pretest.dat b/testing/tests/openssl-ikev2/ecdsa-certs/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/test.conf b/testing/tests/openssl-ikev2/ecdsa-certs/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/ecdsa-certs/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl-ikev2/rw-cert/description.txt b/testing/tests/openssl-ikev2/rw-cert/description.txt
new file mode 100644
index 000000000..0f721c52b
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/description.txt
@@ -0,0 +1,12 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b>.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
diff --git a/testing/tests/openssl-ikev2/rw-cert/evaltest.dat b/testing/tests/openssl-ikev2/rw-cert/evaltest.dat
new file mode 100644
index 000000000..06a0f8cda
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/evaltest.dat
@@ -0,0 +1,10 @@
+moon::ipsec statusall::rw.*ESTABLISHED::YES
+carol::ipsec statusall::home.*ESTABLISHED::YES
+dave::ipsec statusall::home.*ESTABLISHED::YES
+carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/ipsec.conf
new file mode 100755
index 000000000..4a8baa3ae
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=3des-sha1-modp1536!
+
+conn home
+	left=PH_IP_CAROL
+	leftcert=carolCert.pem
+	leftid=carol@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e10230384
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/ipsec.conf
new file mode 100755
index 000000000..42f03aab3
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,24 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes256-sha256-modp2048!
+
+conn home
+	left=PH_IP_DAVE
+	leftcert=daveCert.pem
+	leftid=dave@strongswan.org
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightid=@moon.strongswan.org
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..d46082bdd
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/ipsec.conf
new file mode 100755
index 000000000..2e84f2e6a
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/ipsec.conf
@@ -0,0 +1,23 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+        crlcheckinterval=180
+	strictcrlpolicy=no
+	plutostart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev2
+	ike=aes256-sha256-modp2048,3des-sha1-modp1536!
+
+conn rw
+	left=PH_IP_MOON
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftsubnet=10.1.0.0/16
+	leftfirewall=yes
+	right=%any
+	auto=add
diff --git a/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..1887f7607
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,6 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  dh_exponent_ansi_x9_42 = no
+  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
+}
diff --git a/testing/tests/openssl-ikev2/rw-cert/posttest.dat b/testing/tests/openssl-ikev2/rw-cert/posttest.dat
new file mode 100644
index 000000000..7cebd7f25
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/posttest.dat
@@ -0,0 +1,6 @@
+moon::ipsec stop
+carol::ipsec stop
+dave::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null
+dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl-ikev2/rw-cert/pretest.dat b/testing/tests/openssl-ikev2/rw-cert/pretest.dat
new file mode 100644
index 000000000..42e9d7c24
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/pretest.dat
@@ -0,0 +1,9 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+dave::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
+carol::sleep 1
+carol::ipsec up home
+dave::ipsec up home
diff --git a/testing/tests/openssl-ikev2/rw-cert/test.conf b/testing/tests/openssl-ikev2/rw-cert/test.conf
new file mode 100644
index 000000000..70416826e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/rw-cert/test.conf
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/alg-blowfish/description.txt b/testing/tests/openssl/alg-blowfish/description.txt
deleted file mode 100644
index d30d9d2da..000000000
--- a/testing/tests/openssl/alg-blowfish/description.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-The roadwarriors <b>carol</b> and <b>dave</b> as well as the gateway <b>moon</b>
-use the <b>openssl</b> plugin based on the <b>OpenSSL</b> library for all
-cryptographical functions, thus making the <b>Blowfish</b> available as an IKEv2 cipher.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b> using <b>Blowfish</b> for both IKE and ESP
-encryption.  Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/alg-blowfish/evaltest.dat b/testing/tests/openssl/alg-blowfish/evaltest.dat
deleted file mode 100644
index a1f9f6a8e..000000000
--- a/testing/tests/openssl/alg-blowfish/evaltest.dat
+++ /dev/null
@@ -1,16 +0,0 @@
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-carol::ipsec statusall::IKE proposal: BLOWFISH_CBC_256::YES
-carol::ipsec statusall::BLOWFISH_CBC_192.*,::YES
-carol::ip -s xfrm state::enc cbc(blowfish).*(192 bits)::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::IKE proposal: BLOWFISH_CBC_128::YES
-dave::ipsec statusall::BLOWFISH_CBC_128.*,::YES
-dave::ip -s xfrm state::enc cbc(blowfish).*(128 bits)::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/alg-blowfish/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/alg-blowfish/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 62e181012..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=blowfish256-sha512-modp2048!
-	esp=blowfish192-sha256!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/alg-blowfish/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/alg-blowfish/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/alg-blowfish/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/alg-blowfish/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 26f3f3a04..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=blowfish128-sha256-modp1536!
-	esp=blowfish128-sha1!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/alg-blowfish/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/alg-blowfish/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/alg-blowfish/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/alg-blowfish/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 31a00f7fb..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=blowfish256-sha512-modp2048,blowfish128-sha256-modp1536!
-	esp=blowfish192-sha256,blowfish128-sha1!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/alg-blowfish/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/alg-blowfish/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index 1887f7607..000000000
--- a/testing/tests/openssl/alg-blowfish/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  dh_exponent_ansi_x9_42 = no
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/alg-blowfish/posttest.dat b/testing/tests/openssl/alg-blowfish/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/alg-blowfish/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/alg-blowfish/pretest.dat b/testing/tests/openssl/alg-blowfish/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/alg-blowfish/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/alg-blowfish/test.conf b/testing/tests/openssl/alg-blowfish/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/alg-blowfish/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/ecdsa-certs/description.txt b/testing/tests/openssl/ecdsa-certs/description.txt
deleted file mode 100644
index 2c098d898..000000000
--- a/testing/tests/openssl/ecdsa-certs/description.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-The hosts <b>carol</b>, <b>dave</b>, and <b>moon</b> use the <b>openssl</b> plugin
-based on the <b>OpenSSL</b> library for all cryptographical functions.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>ECDSA signatures</b>
-using <b>Elliptic Curve certificates</b>.
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/ecdsa-certs/evaltest.dat b/testing/tests/openssl/ecdsa-certs/evaltest.dat
deleted file mode 100644
index a7243ce70..000000000
--- a/testing/tests/openssl/ecdsa-certs/evaltest.dat
+++ /dev/null
@@ -1,14 +0,0 @@
-moon::cat /var/log/daemon.log::authentication of.*carol@strongswan.org.*with ECDSA-256 signature successful
-moon::cat /var/log/daemon.log::authentication of.*dave@strongswan.org.*with ECDSA-384 signature successful
-carol::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA-521 signature successful
-dave::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with ECDSA-521 signature successful
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 4f6fdc567..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	authby=ecdsasig
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
deleted file mode 100644
index 3480a434a..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
-Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
-YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
-BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
-/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
-h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
-HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
-t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
-ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
-cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
-3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
deleted file mode 100644
index 29709926a..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC7zCCAlGgAwIBAgIBBDAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
-VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
-b3QgQ0EwHhcNMDgwNjIyMTYyOTE4WhcNMTMwNjIxMTYyOTE4WjBfMQswCQYDVQQG
-EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
-MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwWTATBgcqhkjO
-PQIBBggqhkjOPQMBBwNCAAQgp/Z/GgzvVCDdVcIYqERml0KroZEaVqiF8uy8dlTS
-4mxNs6snDdEWh/LzXTd3NVnCihT2XgHxOk8NrX4hBMMYo4IBFDCCARAwCQYDVR0T
-BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFLdhGhurno1dU2SMx7UGXpa/lgJ9
-MHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQG
-EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25n
-U3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ry
-b25nc3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdz
-d2FuLm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GMADCBiAJCATa+
-sBFW3vCx/JgLyxU85F2QuLO0/zdNBhIU0kN7kr1cYBBr8mpbhuNKm6iFe2DsFJZx
-ii3DQjwvG46is2Njzi4vAkIA72lPodCDtAFpD/2PUxjzo6xTAFazUejobkdDTUXn
-s0f8qIzzeQuTwLbp6pDmR/JGzhAeRvQT82njCo0PJ8Hbz1c=
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
deleted file mode 100644
index 5f21c1012..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,F36088B0517117B50C1A436E5C84526E
-
-Zulq4O8x8i4P2I8+Ewe2pPJT8K2kzX9JjGhquFKaZdEG1YmXqIdMz41DA1b9cQjt
-KJstY10Gzc/C6Hv9v/ljfplcnumYBFdFsqvQ/Z0xh/G9u/J1gXjghhrQCUXbFble
-RVSwozA9IcCC9yQdhYyazF+85DR+p8AyQ5w2unOvuOk=
------END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.secrets b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.secrets
deleted file mode 100644
index 4e53ef91a..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6"
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 3138458ed..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	authby=ecdsasig
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
deleted file mode 100644
index 3480a434a..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
-Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
-YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
-BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
-/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
-h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
-HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
-t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
-ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
-cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
-3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
deleted file mode 100644
index 075d8f1e5..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/certs/daveCert.pem
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDCTCCAmygAwIBAgIBAzAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
-VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
-b3QgQ0EwHhcNMDgwNjIyMTYxMzU5WhcNMTMwNjIxMTYxMzU5WjBeMQswCQYDVQQG
-EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
-Mzg0IGJpdDEcMBoGA1UEAxQTZGF2ZUBzdHJvbmdzd2FuLm9yZzB2MBAGByqGSM49
-AgEGBSuBBAAiA2IABPxEg8AaVNAwCXqg0p21Zc7YzPLA3voAWf233CZJpsjb1w3y
-IeTUeIeGU7aLWAyuXgeBsx+lKzWy00LzPELOgK+3ulTHzBZg7s8kMGhwPWfV4JLA
-zrso5+i64+Y4wvRCBaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0G
-A1UdDgQWBBQxJAy8gaP3RNBt1WTD27/IMzANmTB4BgNVHSMEcTBvgBS6XflxthO1
-atHduja3qtLB7o/Y0qFMpEowSDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4
-IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3YW4gRUMgUm9vdCBDQYIJAPai
-dX4i76aJMB4GA1UdEQQXMBWBE2RhdmVAc3Ryb25nc3dhbi5vcmcwPAYDVR0fBDUw
-MzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuX2Vj
-LmNybDAJBgcqhkjOPQQBA4GLADCBhwJCAZaqaroyGwqd7nb5dVVWjTK8glVzDFJH
-ru4F6R+7fDCGEOaFlxf4GRkSrvQQA8vfgo6Md9XjBwq0r+9s3xt5xJjJAkElSo1/
-wyn8KQ3XN07UIaMvPctipq2OgpfteQK/F81CtZ+YCLEQt3xT7NQpriaKwGQxJAQv
-g+Z+grJzTppAqpwRpg==
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
deleted file mode 100644
index f628f88e5..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-MIGkAgEBBDCF8kl4ftfgcvWH2myFxhc22CUT63uPy28fqUMibnpRS/wf/pfxIrVX
-+BhxpUhWS2agBwYFK4EEACKhZANiAAT8RIPAGlTQMAl6oNKdtWXO2MzywN76AFn9
-t9wmSabI29cN8iHk1HiHhlO2i1gMrl4HgbMfpSs1stNC8zxCzoCvt7pUx8wWYO7P
-JDBocD1n1eCSwM67KOfouuPmOML0QgU=
------END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.secrets b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.secrets
deleted file mode 100644
index ebd3a2839..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: ECDSA daveKey.pem
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 892e0c39b..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	authby=ecdsasig
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
deleted file mode 100644
index 3480a434a..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
-Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
-YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
-BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
-/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
-h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
-HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
-t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
-CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
-ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
-ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
-cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
-3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
deleted file mode 100644
index 5178c7f38..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDMDCCApKgAwIBAgIBATAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
-VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
-b3QgQ0EwHhcNMDgwNjIyMTQ0MzA3WhcNMTMwNjIxMTQ0MzA3WjBeMQswCQYDVQQG
-EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
-NTIxIGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzCBmzAQBgcqhkjO
-PQIBBgUrgQQAIwOBhgAEALmnl/PUy9v7Qsc914kdzY+TQ6VY2192oRoa9SkpxXrs
-5GnWSJoz3yinpPHdchH0UknKt/C2Ik2k7izDH/Zau5gNAD1PqBrYWtcP+sLnH1G9
-BTibraniAUSpSaDhiWrfTteRNWqkzZI37a6YfKcBZozQcvYMW1co15EwZTptqykX
-Eepuo4IBEzCCAQ8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDVU
-Hzs47lOG0dHsezm6aFqdwJwfMHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHu
-j9jSoUykSjBIMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dh
-bjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHgYD
-VR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6Athito
-dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAkGByqG
-SM49BAEDgYwAMIGIAkIBDgZs1pXvm8SwT9S1m6nIHwuZsJDsDri/PWM6NXdMUXEt
-l0p8cfq8PbJlK/0+eLz8Ec1zpWuF5vasFHkVhauHdnECQgEVuYTrlry9gAx7G4kH
-mne2yDxTclEDziWxPG4UkZbkGttf9eZlsXmNoX/Z/fojXxMYZaPqM3eOT2h6ezMD
-CI9WpQ==
------END CERTIFICATE-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
deleted file mode 100644
index beab0485f..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN EC PRIVATE KEY-----
-MIHcAgEBBEIBrBxHEGICJRNkhm0HWfARp+dIzm6Lw7eCbQXNM6jSGL4DVNDVCV42
-yOKQqifWEcNWxO+wWtBaz91IF5hz/m4TbOGgBwYFK4EEACOhgYkDgYYABAC5p5fz
-1Mvb+0LHPdeJHc2Pk0OlWNtfdqEaGvUpKcV67ORp1kiaM98op6Tx3XIR9FJJyrfw
-tiJNpO4swx/2WruYDQA9T6ga2FrXD/rC5x9RvQU4m62p4gFEqUmg4Ylq307XkTVq
-pM2SN+2umHynAWaM0HL2DFtXKNeRMGU6baspFxHqbg==
------END EC PRIVATE KEY-----
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.secrets b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.secrets
deleted file mode 100644
index 1ef3eccb5..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/ipsec.secrets
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/ipsec.secrets - strongSwan IPsec secrets file
-
-: ECDSA moonKey.pem
diff --git a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ecdsa-certs/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ecdsa-certs/posttest.dat b/testing/tests/openssl/ecdsa-certs/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/ecdsa-certs/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/ecdsa-certs/pretest.dat b/testing/tests/openssl/ecdsa-certs/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/ecdsa-certs/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/ecdsa-certs/test.conf b/testing/tests/openssl/ecdsa-certs/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/ecdsa-certs/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/description.txt b/testing/tests/openssl/ikev1-alg-ecp-high/description.txt
deleted file mode 100644
index b8efbe87e..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/description.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
-the Elliptic Curve Diffie-Hellman groups only.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-<b>carol</b> proposes the DH groups ECP_256 and ECP_384 whereas <b>dave</b> proposes
-ECP_256 and ECP_521. Since <b>moon</b> does not support ECP_256 the roadwarriors
-fall back to ECP_384 and ECP_521, respectively.
-<p>
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/evaltest.dat b/testing/tests/openssl/ikev1-alg-ecp-high/evaltest.dat
deleted file mode 100644
index 6a6802780..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/evaltest.dat
+++ /dev/null
@@ -1,13 +0,0 @@
-moon::cat /var/log/auth.log::ECP_256.*refused due to strict flag::YES
-moon::ipsec statusall::IPsec SA established::YES
-carol::ipsec statusall::IPsec SA established::YES
-carol::ipsec statusall::IKE proposal: AES_CBC_192/HMAC_SHA2_384/ECP_384::YES
-dave::ipsec statusall::IPsec SA established::YES
-dave::ipsec statusall::IKE proposal: AES_CBC_256/HMAC_SHA2_512/ECP_521::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 432fa52ea..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes192-sha384-ecp256,aes192-sha384-ecp384!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index c33f54ea5..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = openssl random hmac curl
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 28304eb41..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes256-sha512-ecp256,aes256-sha512-ecp521!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index 53af5cf26..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = aes des sha1 sha2 md5 gmp openssl random hmac curl
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index d6737f6e0..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes192-sha384-ecp384,aes256-sha512-ecp521!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index c33f54ea5..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = openssl random hmac curl
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/posttest.dat b/testing/tests/openssl/ikev1-alg-ecp-high/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/pretest.dat b/testing/tests/openssl/ikev1-alg-ecp-high/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/ikev1-alg-ecp-high/test.conf b/testing/tests/openssl/ikev1-alg-ecp-high/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-high/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/description.txt b/testing/tests/openssl/ikev1-alg-ecp-low/description.txt
deleted file mode 100644
index 4f043e7d9..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/description.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
-the Elliptic Curve Diffie-Hellman groups only.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-<b>carol</b> proposes the DH groups ECP_192 and ECP_224 whereas <b>dave</b> proposes
-ECP_192 and ECP_256. Since <b>moon</b> does not support ECP_192 the roadwarriors
-fall back to ECP_224 and ECP_256, respectively.
-<p>
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/evaltest.dat b/testing/tests/openssl/ikev1-alg-ecp-low/evaltest.dat
deleted file mode 100644
index 3c5ae4138..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/evaltest.dat
+++ /dev/null
@@ -1,13 +0,0 @@
-moon::cat /var/log/auth.log::ECP_192.*refused due to strict flag::YES
-moon::ipsec statusall::IPsec SA established::YES
-carol::ipsec statusall::IPsec SA established::YES
-carol::ipsec statusall::IKE proposal: AES_CBC_128/HMAC_SHA2_256/ECP_224::YES
-dave::ipsec statusall::IPsec SA established::YES
-dave::ipsec statusall::IKE proposal: AES_CBC_128/HMAC_SHA2_256/ECP_256::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 5a4d82699..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes128-sha256-ecp192,aes128-sha256-ecp224!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index 90668fdf8..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = openssl random hmac curl 
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index ac828c182..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes128-sha256-ecp192,aes128-sha256-ecp256!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index bd7dc854f..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = aes des sha1 sha2 md5 gmp openssl random hmac curl
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 870271c87..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes128-sha256-ecp224,aes128-sha256-ecp256!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index 90668fdf8..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = openssl random hmac curl 
-}
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/posttest.dat b/testing/tests/openssl/ikev1-alg-ecp-low/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/pretest.dat b/testing/tests/openssl/ikev1-alg-ecp-low/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/ikev1-alg-ecp-low/test.conf b/testing/tests/openssl/ikev1-alg-ecp-low/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/ikev1-alg-ecp-low/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/description.txt b/testing/tests/openssl/ikev2-alg-ecp-high/description.txt
deleted file mode 100644
index b8efbe87e..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/description.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
-the Elliptic Curve Diffie-Hellman groups only.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-<b>carol</b> proposes the DH groups ECP_256 and ECP_384 whereas <b>dave</b> proposes
-ECP_256 and ECP_521. Since <b>moon</b> does not support ECP_256 the roadwarriors
-fall back to ECP_384 and ECP_521, respectively.
-<p>
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/evaltest.dat b/testing/tests/openssl/ikev2-alg-ecp-high/evaltest.dat
deleted file mode 100644
index 009936466..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/evaltest.dat
+++ /dev/null
@@ -1,14 +0,0 @@
-carol::cat /var/log/daemon.log::ECP_256.*ECP_384::YES
-dave::cat /var/log/daemon.log::ECP_256.*ECP_521::YES
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-carol::ipsec statusall::home.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/ECP_384::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_521::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 0550a09b4..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes192-sha384-ecp256,aes192-sha384-ecp384!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 22026fc36..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes256-sha512-ecp256,aes256-sha512-ecp521!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index 7ffdcc204..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 gmp openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index ffe13d259..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes192-sha384-ecp384,aes256-sha512-ecp521!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/posttest.dat b/testing/tests/openssl/ikev2-alg-ecp-high/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/pretest.dat b/testing/tests/openssl/ikev2-alg-ecp-high/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/ikev2-alg-ecp-high/test.conf b/testing/tests/openssl/ikev2-alg-ecp-high/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-high/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/description.txt b/testing/tests/openssl/ikev2-alg-ecp-low/description.txt
deleted file mode 100644
index 4f043e7d9..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/description.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
-the Elliptic Curve Diffie-Hellman groups only.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-<b>carol</b> proposes the DH groups ECP_192 and ECP_224 whereas <b>dave</b> proposes
-ECP_192 and ECP_256. Since <b>moon</b> does not support ECP_192 the roadwarriors
-fall back to ECP_224 and ECP_256, respectively.
-<p>
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/evaltest.dat b/testing/tests/openssl/ikev2-alg-ecp-low/evaltest.dat
deleted file mode 100644
index e2073d9be..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/evaltest.dat
+++ /dev/null
@@ -1,14 +0,0 @@
-carol::cat /var/log/daemon.log::ECP_192.*ECP_224::YES
-dave::cat /var/log/daemon.log::ECP_192.*ECP_256::YES
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-carol::ipsec statusall::home.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_224::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 6a15b3f54..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes128-sha256-ecp192,aes128-sha256-ecp224!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index b4bdf456f..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes128-sha256-ecp192,aes128-sha256-ecp256!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index 7ffdcc204..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 gmp openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 64ec0f12c..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes128-sha256-ecp224,aes128-sha256-ecp256!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/posttest.dat b/testing/tests/openssl/ikev2-alg-ecp-low/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/pretest.dat b/testing/tests/openssl/ikev2-alg-ecp-low/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/ikev2-alg-ecp-low/test.conf b/testing/tests/openssl/ikev2-alg-ecp-low/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/ikev2-alg-ecp-low/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/rw-cert-ikev1/description.txt b/testing/tests/openssl/rw-cert-ikev1/description.txt
deleted file mode 100644
index 0f721c52b..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/description.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b>.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/rw-cert-ikev1/evaltest.dat b/testing/tests/openssl/rw-cert-ikev1/evaltest.dat
deleted file mode 100644
index 1a9b9159f..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/evaltest.dat
+++ /dev/null
@@ -1,10 +0,0 @@
-moon::ipsec statusall::IPsec SA established::YES
-carol::ipsec statusall::IPsec SA established::YES
-dave::ipsec statusall::IPsec SA established::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 80dae3719..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=3des-sha1-modp1536!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index c33f54ea5..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = openssl random hmac curl
-}
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 73167caad..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes256-sha256-modp2048!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index b914f9a45..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-pluto {
-  load = aes des sha1 sha2 md5 gmp random hmac curl
-}
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index f365b07da..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	charonstart=no
-	plutodebug=control
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev1
-	ike=aes256-sha256-modp2048,3des-sha1-modp1536!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index 044a76bfc..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  dh_exponent_ansi_x9_42 = no
-}
-
-pluto {
-  load = openssl random hmac curl
-}
diff --git a/testing/tests/openssl/rw-cert-ikev1/posttest.dat b/testing/tests/openssl/rw-cert-ikev1/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/rw-cert-ikev1/pretest.dat b/testing/tests/openssl/rw-cert-ikev1/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/rw-cert-ikev1/test.conf b/testing/tests/openssl/rw-cert-ikev1/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/rw-cert-ikev1/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
diff --git a/testing/tests/openssl/rw-cert-ikev2/description.txt b/testing/tests/openssl/rw-cert-ikev2/description.txt
deleted file mode 100644
index 0f721c52b..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/description.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
-plugin based on the <b>OpenSSL</b> library for all cryptographical functions
-whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins <b>aes des sha1 sha2 md5 gmp</b>.
-<p>
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
-automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
-In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
-the client <b>alice</b> behind the gateway <b>moon</b>.
-
diff --git a/testing/tests/openssl/rw-cert-ikev2/evaltest.dat b/testing/tests/openssl/rw-cert-ikev2/evaltest.dat
deleted file mode 100644
index 06a0f8cda..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/evaltest.dat
+++ /dev/null
@@ -1,10 +0,0 @@
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
-carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
-moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
-moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 4a8baa3ae..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=3des-sha1-modp1536!
-
-conn home
-	left=PH_IP_CAROL
-	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/strongswan.conf
deleted file mode 100644
index e10230384..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/carol/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/ipsec.conf
deleted file mode 100755
index 42f03aab3..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/ipsec.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes256-sha256-modp2048!
-
-conn home
-	left=PH_IP_DAVE
-	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
-	leftfirewall=yes
-	right=PH_IP_MOON
-	rightid=@moon.strongswan.org
-	rightsubnet=10.1.0.0/16
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/strongswan.conf
deleted file mode 100644
index d46082bdd..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/dave/etc/strongswan.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/ipsec.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 2e84f2e6a..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
-        crlcheckinterval=180
-	strictcrlpolicy=no
-	plutostart=no
-
-conn %default
-	ikelifetime=60m
-	keylife=20m
-	rekeymargin=3m
-	keyingtries=1
-	keyexchange=ikev2
-	ike=aes256-sha256-modp2048,3des-sha1-modp1536!
-
-conn rw
-	left=PH_IP_MOON
-	leftcert=moonCert.pem
-	leftid=@moon.strongswan.org
-	leftsubnet=10.1.0.0/16
-	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/strongswan.conf b/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/strongswan.conf
deleted file mode 100644
index 1887f7607..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon {
-  dh_exponent_ansi_x9_42 = no
-  load = curl openssl random x509 pubkey hmac stroke kernel-netlink updown
-}
diff --git a/testing/tests/openssl/rw-cert-ikev2/posttest.dat b/testing/tests/openssl/rw-cert-ikev2/posttest.dat
deleted file mode 100644
index 7cebd7f25..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/posttest.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
-dave::ipsec stop
-moon::/etc/init.d/iptables stop 2> /dev/null
-carol::/etc/init.d/iptables stop 2> /dev/null
-dave::/etc/init.d/iptables stop 2> /dev/null
diff --git a/testing/tests/openssl/rw-cert-ikev2/pretest.dat b/testing/tests/openssl/rw-cert-ikev2/pretest.dat
deleted file mode 100644
index 42e9d7c24..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/pretest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-moon::/etc/init.d/iptables start 2> /dev/null
-carol::/etc/init.d/iptables start 2> /dev/null
-dave::/etc/init.d/iptables start 2> /dev/null
-moon::ipsec start
-carol::ipsec start
-dave::ipsec start
-carol::sleep 1
-carol::ipsec up home
-dave::ipsec up home
diff --git a/testing/tests/openssl/rw-cert-ikev2/test.conf b/testing/tests/openssl/rw-cert-ikev2/test.conf
deleted file mode 100644
index 70416826e..000000000
--- a/testing/tests/openssl/rw-cert-ikev2/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon carol winnetou dave"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-c-w-d.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol dave"
-- 
cgit v1.2.3