Add certifcate selection tests: the certificate type is selected by cipher
string and signature algorithm.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2224)
- On VMS, apps/apps.c depends on apps/vms_term_sock.c, so add it to
the build
- On VMS, apps/*.c are compiled with default symbol settings,
i.e. uppercased and truncated symbols, which differs from test
programs. Make sure uitest.c knows that with a few pragmas.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2218)
One of the new tests uses a DH based ciphersuite. That test should be
disabled if DH is disabled.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2217)
It tests both the use of UI_METHOD (through the apps/apps.h API) and
wrapping an older style PEM password callback in a UI_METHOD.
Replace the earlier UI test with a run of this test program
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2204)
Check that signatures actually work, and that an incorrect signature
results in a handshake failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
Previously SKE in TLSProxy only knew about one anonymous ciphersuite so
there was never a signature. Extend that to include a ciphersuite that is
not anonymous. This also fixes a bug where the existing SKE processing was
checking against the wrong anon ciphersuite value. This has a knock on
impact on the sslskewith0p test. The bug meant the test was working...but
entirely by accident!
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
TLSv1.3 introduces PSS based sigalgs. Offering these in a TLSv1.3 client
implies that the client is prepared to accept these sigalgs even in
TLSv1.2.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
A misreading of the TLS1.3 spec meant we were using the handshake hashes
up to and including the Client Finished to calculate the client
application traffic secret. We should be only use up until the Server
Finished.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
Add option ExpectedTmpKeyType to test the temporary key the server
sends is of the correct type.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2191)
We remove the separate CertificateStatus message for TLSv1.3, and instead
send back the response in the appropriate Certificate message extension.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2020)
Also updates TLSProxy to be able to understand the format and parse the
contained extensions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2020)
BIO_seek and BIO_tell can cause problems with evp_test.c on some platforms.
Avoid them by using a temporary memory BIO to store key PEM data.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2183)
These tests depend on there being at least one protocol version below
TLSv1.3 enabled.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2144)
The CT tests in test_sslmessages require EC to be available, therefore
we must skip these if no-ec
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
The previous commit fixed a bug where the EC point formats extensions did
not appear in the ServerHello. This should have been caught by
70-test_sslmessages but that test never tries an EC ciphersuite. This
updates the test to do that.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
In some cases, both client and server end of the test can end up in
SSL_ERROR_WANT_READ and never get out of it, making the test spin.
Detect it and give up instead of waiting endlessly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2096)