openssl/test/ssl-tests/20-cert-select.cnf.in
Matt Caswell 9afc6c5431 Fix the check for suitable groups and TLSv1.3
If we have TLSv1.3 enabled then we must have at least one TLSv1.3 capable
group available. This check was not always working

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14430)
2021-03-08 15:32:04 +00:00

992 lines
32 KiB
Perl

# -*- mode: perl; -*-
## SSL test configurations
use strict;
use warnings;
package ssltests;
use OpenSSL::Test::Utils;
our $fips_mode;
our $no_deflt_libctx;
my $server = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
"Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
"MaxProtocol" => "TLSv1.2"
};
my $server_pss = {
"PSS.Certificate" => test_pem("server-pss-cert.pem"),
"PSS.PrivateKey" => test_pem("server-pss-key.pem"),
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
"Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
"MaxProtocol" => "TLSv1.2"
};
my $server_pss_only = {
"Certificate" => test_pem("server-pss-cert.pem"),
"PrivateKey" => test_pem("server-pss-key.pem"),
};
my $server_pss_restrict_only = {
"Certificate" => test_pem("server-pss-restrict-cert.pem"),
"PrivateKey" => test_pem("server-pss-restrict-key.pem"),
};
my $server_rsa_all;
if ($no_deflt_libctx) {
$server_rsa_all = {
"Certificate" => test_pem("servercert.pem"),
"PrivateKey" => test_pem("serverkey.pem"),
};
} else {
$server_rsa_all = {
"PSS.Certificate" => test_pem("server-pss-cert.pem"),
"PSS.PrivateKey" => test_pem("server-pss-key.pem"),
"Certificate" => test_pem("servercert.pem"),
"PrivateKey" => test_pem("serverkey.pem"),
};
}
our @tests = (
{
name => "ECDSA CipherString Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "P-256",
"ExpectedServerSignType" =>, "EC",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA CipherString Selection",
server => {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"MaxProtocol" => "TLSv1.2",
#Deliberately set supported_groups to one not in the cert. This
#should be tolerated
"Groups" => "P-384"
},
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"Groups" => "P-256:P-384",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "P-256",
"ExpectedServerSignType" =>, "EC",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA CipherString Selection",
server => {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"MaxProtocol" => "TLSv1.2",
"Groups" => "P-256:P-384"
},
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
#Deliberately set groups to not include the certificate group. This
#should fail
"Groups" => "P-384",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "RSA CipherString Selection",
server => $server,
client => {
"CipherString" => "aRSA",
"MaxProtocol" => "TLSv1.2",
},
test => {
"ExpectedServerCertType" =>, "RSA",
"ExpectedServerSignType" =>, "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "P-256 CipherString and Signature Algorithm Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA CipherString Selection, no ECDSA certificate",
server => {
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2"
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "ECDSA Signature Algorithm Selection",
server => $server,
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA Signature Algorithm Selection SHA384",
server => $server,
client => {
"SignatureAlgorithms" => "ECDSA+SHA384",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA384",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA Signature Algorithm Selection compressed point",
server => {
"ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
"MaxProtocol" => "TLSv1.2"
},
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
server => {
"MaxProtocol" => "TLSv1.2"
},
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "RSA Signature Algorithm Selection",
server => $server,
client => {
"SignatureAlgorithms" => "RSA+SHA256",
},
test => {
"ExpectedServerCertType" => "RSA",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Signature Algorithm Selection",
server => $server,
client => {
"SignatureAlgorithms" => "RSA-PSS+SHA256",
},
test => {
"ExpectedServerCertType" => "RSA",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA key exchange with all RSA certificate types",
server => $server_rsa_all,
client => {
"CipherString" => "kRSA",
"MaxProtocol" => "TLSv1.2",
},
test => {
"ExpectedServerCertType" =>, "RSA",
"ExpectedResult" => "Success"
},
},
{
name => "Suite B P-256 Hash Algorithm Selection",
server => {
"ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
"ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
"MaxProtocol" => "TLSv1.2",
"CipherString" => "SUITEB128"
},
client => {
"VerifyCAFile" => test_pem("p384-root.pem"),
"SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "Suite B P-384 Hash Algorithm Selection",
server => {
"ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
"ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
"MaxProtocol" => "TLSv1.2",
"CipherString" => "SUITEB128"
},
client => {
"VerifyCAFile" => test_pem("p384-root.pem"),
"SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
},
test => {
"ExpectedServerCertType" => "P-384",
"ExpectedServerSignHash" => "SHA384",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "Ed25519 CipherString and Signature Algorithm Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "Ed25519",
"ExpectedServerSignType" =>, "Ed25519",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
{
name => "Ed448 CipherString and Signature Algorithm Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ed448:ECDSA+SHA256",
"RequestCAFile" => test_pem("root-ed448-cert.pem"),
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "Ed448",
"ExpectedServerSignType" =>, "Ed448",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
{
name => "Ed25519 CipherString and Curves Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
# Excluding P-256 from the supported curves list means server
# certificate should be Ed25519 and not P-256
"Curves" => "X25519"
},
test => {
"ExpectedServerCertType" =>, "Ed25519",
"ExpectedServerSignType" =>, "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "Ed448 CipherString and Curves Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ECDSA+SHA256:ed448",
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
# Excluding P-256 from the supported curves list means server
# certificate should be Ed25519 and not P-256
"Curves" => "X448"
},
test => {
"ExpectedServerCertType" =>, "Ed448",
"ExpectedServerSignType" =>, "Ed448",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.2 Ed25519 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
"MinProtocol" => "TLSv1.2",
"MaxProtocol" => "TLSv1.2"
},
test => {
"ExpectedClientCertType" => "Ed25519",
"ExpectedClientSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.2 Ed448 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
"MinProtocol" => "TLSv1.2",
"MaxProtocol" => "TLSv1.2"
},
test => {
"ExpectedClientCertType" => "Ed448",
"ExpectedClientSignType" => "Ed448",
"ExpectedResult" => "Success"
},
},
);
my @tests_non_fips = (
{
name => "ECDSA Signature Algorithm Selection SHA1",
server => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
"Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
"SignatureAlgorithms" => "ECDSA+SHA1",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA1",
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
{
name => "ECDSA with brainpool",
server => {
"Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
"PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
"Groups" => "brainpoolP256r1",
},
client => {
"MaxProtocol" => "TLSv1.2",
"CipherString" => "aECDSA",
"RequestCAFile" => test_pem("root-cert.pem"),
"Groups" => "brainpoolP256r1",
},
test => {
"ExpectedServerCertType" =>, "brainpoolP256r1",
"ExpectedServerSignType" =>, "EC",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
);
my @tests_pss = (
{
name => "RSA-PSS Certificate CipherString Selection",
server => $server_pss,
client => {
"CipherString" => "aRSA",
"MaxProtocol" => "TLSv1.2",
},
test => {
"ExpectedServerCertType" =>, "RSA-PSS",
"ExpectedServerSignType" =>, "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
server => $server_pss,
client => {
"SignatureAlgorithms" => "RSA-PSS+SHA256",
},
test => {
"ExpectedServerCertType" => "RSA",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
server => $server_pss,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha256",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "Only RSA-PSS Certificate",
server => $server_pss_only,
client => {},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "Only RSA-PSS Certificate Valid Signature Algorithms",
server => $server_pss_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA512",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Certificate, no PSS signature algorithms",
server => $server_pss_only,
client => {
"SignatureAlgorithms" => "RSA+SHA256",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "Only RSA-PSS Restricted Certificate",
server => $server_pss_restrict_only,
client => {},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "RSA key exchange with only RSA-PSS certificate",
server => $server_pss_only,
client => {
"CipherString" => "kRSA",
"MaxProtocol" => "TLSv1.2",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
);
my @tests_tls_1_1 = (
{
name => "Only RSA-PSS Certificate, TLS v1.1",
server => $server_pss_only,
client => {
"MaxProtocol" => "TLSv1.1",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
);
push @tests, @tests_non_fips unless $fips_mode;
push @tests, @tests_pss;
push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
my $server_tls_1_3;
if ($fips_mode) {
$server_tls_1_3 = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
};
} else {
$server_tls_1_3 = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
"Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
};
}
my $client_tls_1_3 = {
"RSA.Certificate" => test_pem("ee-client-chain.pem"),
"RSA.PrivateKey" => test_pem("ee-key.pem"),
"ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
"ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
};
my @tests_tls_1_3 = (
{
name => "TLS 1.3 ECDSA Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedServerCANames" => "empty",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
server => {
"ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedServerCANames" => "empty",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
server => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
"Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
"Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
"Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
client => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
"SignatureAlgorithms" => "ECDSA+SHA1",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedServerCertType" => "P-256",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "EC",
"ExpectedServerCANames" => test_pem("root-cert.pem"),
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
},
test => {
"ExpectedServerCertType" => "RSA",
"ExpectedServerSignHash" => "SHA384",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
server => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
client => {
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "RSA+SHA256",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "RSA-PSS+SHA256",
},
test => {
"ExpectedServerCertType" => "RSA",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
server => {
"ClientSignatureAlgorithms" => "PSS+SHA256",
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => $client_tls_1_3,
test => {
"ExpectedClientCertType" => "RSA",
"ExpectedClientSignHash" => "SHA256",
"ExpectedClientSignType" => "RSA-PSS",
"ExpectedClientCANames" => "empty",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
server => {
"ClientSignatureAlgorithms" => "PSS+SHA256",
"VerifyCAFile" => test_pem("root-cert.pem"),
"RequestCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => $client_tls_1_3,
test => {
"ExpectedClientCertType" => "RSA",
"ExpectedClientSignHash" => "SHA256",
"ExpectedClientSignType" => "RSA-PSS",
"ExpectedClientCANames" => test_pem("root-cert.pem"),
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
server => {
"ClientSignatureAlgorithms" => "ECDSA+SHA256",
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => $client_tls_1_3,
test => {
"ExpectedClientCertType" => "P-256",
"ExpectedClientSignHash" => "SHA256",
"ExpectedClientSignType" => "EC",
"ExpectedResult" => "Success"
},
},
);
my @tests_tls_1_3_non_fips = (
{
name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ed25519",
},
test => {
"ExpectedServerCertType" => "Ed25519",
"ExpectedServerSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed448 Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ed448",
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
test => {
"ExpectedServerCertType" => "Ed448",
"ExpectedServerSignType" => "Ed448",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
# Excluding P-256 from the supported groups list should
# mean server still uses a P-256 certificate because supported
# groups is not used in signature selection for TLS 1.3
"Groups" => "X25519"
},
test => {
"ExpectedServerCertType" =>, "P-256",
"ExpectedServerSignType" =>, "EC",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed448 CipherString and Groups Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ECDSA+SHA256:ed448",
# Excluding P-256 from the supported groups list should
# mean server still uses a P-256 certificate because supported
# groups is not used in signature selection for TLS 1.3
"Groups" => "X448"
},
test => {
"ExpectedServerCertType" =>, "P-256",
"ExpectedServerSignType" =>, "EC",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed25519 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
"EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
test => {
"ExpectedClientCertType" => "Ed25519",
"ExpectedClientSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed448 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
"EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
test => {
"ExpectedClientCertType" => "Ed448",
"ExpectedClientSignType" => "Ed448",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
server => {
"Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
"PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
"Groups" => "brainpoolP256r1",
},
client => {
"CipherString" => "aECDSA",
"RequestCAFile" => test_pem("root-cert.pem"),
"Groups" => "brainpoolP256r1",
},
test => {
#We only configured brainpoolP256r1 on the client side, but TLSv1.3
#is enabled and this group is not allowed in TLSv1.3. Therefore this
#should fail
"ExpectedResult" => "ClientFail"
},
},
{
name => "TLS 1.3 ECDSA with brainpool",
server => {
"Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
"PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
},
client => {
"RequestCAFile" => test_pem("root-cert.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
test => {
"ExpectedResult" => "ServerFail"
},
},
);
push @tests, @tests_tls_1_3 unless disabled("tls1_3");
push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
my @tests_dsa_tls_1_2 = (
{
name => "TLS 1.2 DSA Certificate Test",
server => {
"DSA.Certificate" => test_pem("server-dsa-cert.pem"),
"DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
"DHParameters" => test_pem("dhp2048.pem"),
"MinProtocol" => "TLSv1.2",
"MaxProtocol" => "TLSv1.2",
"CipherString" => "ALL",
},
client => {
"SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
"CipherString" => "ALL",
},
test => {
"ExpectedResult" => "Success"
},
},
);
my @tests_dsa_tls_1_3 = (
{
name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
server => {
"ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Request"
},
client => {},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "TLS 1.3 DSA Certificate Test",
server => {
"DSA.Certificate" => test_pem("server-dsa-cert.pem"),
"DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
"CipherString" => "ALL",
},
client => {
"SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
"CipherString" => "ALL",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
);
if (!disabled("dsa")) {
push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
}