1# -*- mode: perl; -*- 2 3## SSL test configurations 4 5 6use strict; 7use warnings; 8 9package ssltests; 10use OpenSSL::Test::Utils; 11 12our $fips_mode; 13our $no_deflt_libctx; 14 15my $server = { 16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 17 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 19 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 21 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 22 "MaxProtocol" => "TLSv1.2" 23}; 24 25my $server_pss = { 26 "PSS.Certificate" => test_pem("server-pss-cert.pem"), 27 "PSS.PrivateKey" => test_pem("server-pss-key.pem"), 28 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 29 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 30 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 31 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 32 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 33 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 34 "MaxProtocol" => "TLSv1.2" 35}; 36 37my $server_pss_only = { 38 "Certificate" => test_pem("server-pss-cert.pem"), 39 "PrivateKey" => test_pem("server-pss-key.pem"), 40}; 41 42my $server_pss_restrict_only = { 43 "Certificate" => test_pem("server-pss-restrict-cert.pem"), 44 "PrivateKey" => test_pem("server-pss-restrict-key.pem"), 45}; 46 47my $server_rsa_all; 48 49if ($no_deflt_libctx) { 50 $server_rsa_all = { 51 "Certificate" => test_pem("servercert.pem"), 52 "PrivateKey" => test_pem("serverkey.pem"), 53 }; 54} else { 55 $server_rsa_all = { 56 "PSS.Certificate" => test_pem("server-pss-cert.pem"), 57 "PSS.PrivateKey" => test_pem("server-pss-key.pem"), 58 "Certificate" => test_pem("servercert.pem"), 59 "PrivateKey" => test_pem("serverkey.pem"), 60 }; 61} 62 63our @tests = ( 64 { 65 name => "ECDSA CipherString Selection", 66 server => $server, 67 client => { 68 "CipherString" => "aECDSA", 69 "MaxProtocol" => "TLSv1.2", 70 "RequestCAFile" => test_pem("root-cert.pem"), 71 }, 72 test => { 73 "ExpectedServerCertType" =>, "P-256", 74 "ExpectedServerSignType" =>, "EC", 75 # Note: certificate_authorities not sent for TLS < 1.3 76 "ExpectedServerCANames" =>, "empty", 77 "ExpectedResult" => "Success" 78 }, 79 }, 80 { 81 name => "ECDSA CipherString Selection", 82 server => { 83 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 84 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 85 "MaxProtocol" => "TLSv1.2", 86 #Deliberately set supported_groups to one not in the cert. This 87 #should be tolerated 88 "Groups" => "P-384" 89 }, 90 client => { 91 "CipherString" => "aECDSA", 92 "MaxProtocol" => "TLSv1.2", 93 "Groups" => "P-256:P-384", 94 "RequestCAFile" => test_pem("root-cert.pem"), 95 }, 96 test => { 97 "ExpectedServerCertType" =>, "P-256", 98 "ExpectedServerSignType" =>, "EC", 99 # Note: certificate_authorities not sent for TLS < 1.3 100 "ExpectedServerCANames" =>, "empty", 101 "ExpectedResult" => "Success" 102 }, 103 }, 104 { 105 name => "ECDSA CipherString Selection", 106 server => { 107 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 108 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 109 "MaxProtocol" => "TLSv1.2", 110 "Groups" => "P-256:P-384" 111 }, 112 client => { 113 "CipherString" => "aECDSA", 114 "MaxProtocol" => "TLSv1.2", 115 #Deliberately set groups to not include the certificate group. This 116 #should fail 117 "Groups" => "P-384", 118 "RequestCAFile" => test_pem("root-cert.pem"), 119 }, 120 test => { 121 "ExpectedResult" => "ServerFail" 122 }, 123 }, 124 { 125 name => "RSA CipherString Selection", 126 server => $server, 127 client => { 128 "CipherString" => "aRSA", 129 "MaxProtocol" => "TLSv1.2", 130 }, 131 test => { 132 "ExpectedServerCertType" =>, "RSA", 133 "ExpectedServerSignType" =>, "RSA-PSS", 134 "ExpectedResult" => "Success" 135 }, 136 }, 137 { 138 name => "P-256 CipherString and Signature Algorithm Selection", 139 server => $server, 140 client => { 141 "CipherString" => "aECDSA", 142 "MaxProtocol" => "TLSv1.2", 143 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 144 }, 145 test => { 146 "ExpectedServerCertType" => "P-256", 147 "ExpectedServerSignHash" => "SHA256", 148 "ExpectedServerSignType" => "EC", 149 "ExpectedResult" => "Success" 150 }, 151 }, 152 { 153 name => "ECDSA CipherString Selection, no ECDSA certificate", 154 server => { 155 "MaxProtocol" => "TLSv1.2" 156 }, 157 client => { 158 "CipherString" => "aECDSA", 159 "MaxProtocol" => "TLSv1.2" 160 }, 161 test => { 162 "ExpectedResult" => "ServerFail" 163 }, 164 }, 165 { 166 name => "ECDSA Signature Algorithm Selection", 167 server => $server, 168 client => { 169 "SignatureAlgorithms" => "ECDSA+SHA256", 170 }, 171 test => { 172 "ExpectedServerCertType" => "P-256", 173 "ExpectedServerSignHash" => "SHA256", 174 "ExpectedServerSignType" => "EC", 175 "ExpectedResult" => "Success" 176 }, 177 }, 178 { 179 name => "ECDSA Signature Algorithm Selection SHA384", 180 server => $server, 181 client => { 182 "SignatureAlgorithms" => "ECDSA+SHA384", 183 }, 184 test => { 185 "ExpectedServerCertType" => "P-256", 186 "ExpectedServerSignHash" => "SHA384", 187 "ExpectedServerSignType" => "EC", 188 "ExpectedResult" => "Success" 189 }, 190 }, 191 { 192 name => "ECDSA Signature Algorithm Selection compressed point", 193 server => { 194 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), 195 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), 196 "MaxProtocol" => "TLSv1.2" 197 }, 198 client => { 199 "SignatureAlgorithms" => "ECDSA+SHA256", 200 }, 201 test => { 202 "ExpectedServerCertType" => "P-256", 203 "ExpectedServerSignHash" => "SHA256", 204 "ExpectedServerSignType" => "EC", 205 "ExpectedResult" => "Success" 206 }, 207 }, 208 { 209 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate", 210 server => { 211 "MaxProtocol" => "TLSv1.2" 212 }, 213 client => { 214 "SignatureAlgorithms" => "ECDSA+SHA256", 215 }, 216 test => { 217 "ExpectedResult" => "ServerFail" 218 }, 219 }, 220 { 221 name => "RSA Signature Algorithm Selection", 222 server => $server, 223 client => { 224 "SignatureAlgorithms" => "RSA+SHA256", 225 }, 226 test => { 227 "ExpectedServerCertType" => "RSA", 228 "ExpectedServerSignHash" => "SHA256", 229 "ExpectedServerSignType" => "RSA", 230 "ExpectedResult" => "Success" 231 }, 232 }, 233 { 234 name => "RSA-PSS Signature Algorithm Selection", 235 server => $server, 236 client => { 237 "SignatureAlgorithms" => "RSA-PSS+SHA256", 238 }, 239 test => { 240 "ExpectedServerCertType" => "RSA", 241 "ExpectedServerSignHash" => "SHA256", 242 "ExpectedServerSignType" => "RSA-PSS", 243 "ExpectedResult" => "Success" 244 }, 245 }, 246 { 247 name => "RSA key exchange with all RSA certificate types", 248 server => $server_rsa_all, 249 client => { 250 "CipherString" => "kRSA", 251 "MaxProtocol" => "TLSv1.2", 252 }, 253 test => { 254 "ExpectedServerCertType" =>, "RSA", 255 "ExpectedResult" => "Success" 256 }, 257 }, 258 { 259 name => "Suite B P-256 Hash Algorithm Selection", 260 server => { 261 "ECDSA.Certificate" => test_pem("p256-server-cert.pem"), 262 "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"), 263 "MaxProtocol" => "TLSv1.2", 264 "CipherString" => "SUITEB128" 265 }, 266 client => { 267 "VerifyCAFile" => test_pem("p384-root.pem"), 268 "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256" 269 }, 270 test => { 271 "ExpectedServerCertType" => "P-256", 272 "ExpectedServerSignHash" => "SHA256", 273 "ExpectedServerSignType" => "EC", 274 "ExpectedResult" => "Success" 275 }, 276 }, 277 { 278 name => "Suite B P-384 Hash Algorithm Selection", 279 server => { 280 "ECDSA.Certificate" => test_pem("p384-server-cert.pem"), 281 "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"), 282 "MaxProtocol" => "TLSv1.2", 283 "CipherString" => "SUITEB128" 284 }, 285 client => { 286 "VerifyCAFile" => test_pem("p384-root.pem"), 287 "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384" 288 }, 289 test => { 290 "ExpectedServerCertType" => "P-384", 291 "ExpectedServerSignHash" => "SHA384", 292 "ExpectedServerSignType" => "EC", 293 "ExpectedResult" => "Success" 294 }, 295 }, 296 { 297 name => "Ed25519 CipherString and Signature Algorithm Selection", 298 server => $server, 299 client => { 300 "CipherString" => "aECDSA", 301 "MaxProtocol" => "TLSv1.2", 302 "SignatureAlgorithms" => "ed25519:ECDSA+SHA256", 303 "RequestCAFile" => test_pem("root-cert.pem"), 304 }, 305 test => { 306 "ExpectedServerCertType" =>, "Ed25519", 307 "ExpectedServerSignType" =>, "Ed25519", 308 # Note: certificate_authorities not sent for TLS < 1.3 309 "ExpectedServerCANames" =>, "empty", 310 "ExpectedResult" => "Success" 311 }, 312 }, 313 { 314 name => "Ed448 CipherString and Signature Algorithm Selection", 315 server => $server, 316 client => { 317 "CipherString" => "aECDSA", 318 "MaxProtocol" => "TLSv1.2", 319 "SignatureAlgorithms" => "ed448:ECDSA+SHA256", 320 "RequestCAFile" => test_pem("root-ed448-cert.pem"), 321 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 322 }, 323 test => { 324 "ExpectedServerCertType" =>, "Ed448", 325 "ExpectedServerSignType" =>, "Ed448", 326 # Note: certificate_authorities not sent for TLS < 1.3 327 "ExpectedServerCANames" =>, "empty", 328 "ExpectedResult" => "Success" 329 }, 330 }, 331 { 332 name => "Ed25519 CipherString and Curves Selection", 333 server => $server, 334 client => { 335 "CipherString" => "aECDSA", 336 "MaxProtocol" => "TLSv1.2", 337 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 338 # Excluding P-256 from the supported curves list means server 339 # certificate should be Ed25519 and not P-256 340 "Curves" => "X25519" 341 }, 342 test => { 343 "ExpectedServerCertType" =>, "Ed25519", 344 "ExpectedServerSignType" =>, "Ed25519", 345 "ExpectedResult" => "Success" 346 }, 347 }, 348 { 349 name => "Ed448 CipherString and Curves Selection", 350 server => $server, 351 client => { 352 "CipherString" => "aECDSA", 353 "MaxProtocol" => "TLSv1.2", 354 "SignatureAlgorithms" => "ECDSA+SHA256:ed448", 355 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 356 # Excluding P-256 from the supported curves list means server 357 # certificate should be Ed25519 and not P-256 358 "Curves" => "X448" 359 }, 360 test => { 361 "ExpectedServerCertType" =>, "Ed448", 362 "ExpectedServerSignType" =>, "Ed448", 363 "ExpectedResult" => "Success" 364 }, 365 }, 366 { 367 name => "TLS 1.2 Ed25519 Client Auth", 368 server => { 369 "VerifyCAFile" => test_pem("root-cert.pem"), 370 "VerifyMode" => "Require" 371 }, 372 client => { 373 "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"), 374 "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"), 375 "MinProtocol" => "TLSv1.2", 376 "MaxProtocol" => "TLSv1.2" 377 }, 378 test => { 379 "ExpectedClientCertType" => "Ed25519", 380 "ExpectedClientSignType" => "Ed25519", 381 "ExpectedResult" => "Success" 382 }, 383 }, 384 { 385 name => "TLS 1.2 Ed448 Client Auth", 386 server => { 387 "VerifyCAFile" => test_pem("root-cert.pem"), 388 "VerifyMode" => "Require" 389 }, 390 client => { 391 "Ed448.Certificate" => test_pem("client-ed448-cert.pem"), 392 "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"), 393 "MinProtocol" => "TLSv1.2", 394 "MaxProtocol" => "TLSv1.2" 395 }, 396 test => { 397 "ExpectedClientCertType" => "Ed448", 398 "ExpectedClientSignType" => "Ed448", 399 "ExpectedResult" => "Success" 400 }, 401 }, 402); 403 404my @tests_non_fips = ( 405 { 406 name => "ECDSA Signature Algorithm Selection SHA1", 407 server => { 408 "CipherString" => "DEFAULT:\@SECLEVEL=0", 409 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 410 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 411 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 412 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 413 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 414 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 415 "MaxProtocol" => "TLSv1.2" 416 }, 417 client => { 418 "CipherString" => "DEFAULT:\@SECLEVEL=0", 419 "SignatureAlgorithms" => "ECDSA+SHA1", 420 }, 421 test => { 422 "ExpectedServerCertType" => "P-256", 423 "ExpectedServerSignHash" => "SHA1", 424 "ExpectedServerSignType" => "EC", 425 "ExpectedResult" => "Success" 426 }, 427 }, 428 { 429 name => "ECDSA with brainpool", 430 server => { 431 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 432 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 433 "Groups" => "brainpoolP256r1", 434 }, 435 client => { 436 "MaxProtocol" => "TLSv1.2", 437 "CipherString" => "aECDSA", 438 "RequestCAFile" => test_pem("root-cert.pem"), 439 "Groups" => "brainpoolP256r1", 440 }, 441 test => { 442 "ExpectedServerCertType" =>, "brainpoolP256r1", 443 "ExpectedServerSignType" =>, "EC", 444 # Note: certificate_authorities not sent for TLS < 1.3 445 "ExpectedServerCANames" =>, "empty", 446 "ExpectedResult" => "Success" 447 }, 448 }, 449); 450 451my @tests_pss = ( 452 { 453 name => "RSA-PSS Certificate CipherString Selection", 454 server => $server_pss, 455 client => { 456 "CipherString" => "aRSA", 457 "MaxProtocol" => "TLSv1.2", 458 }, 459 test => { 460 "ExpectedServerCertType" =>, "RSA-PSS", 461 "ExpectedServerSignType" =>, "RSA-PSS", 462 "ExpectedResult" => "Success" 463 }, 464 }, 465 { 466 name => "RSA-PSS Certificate Legacy Signature Algorithm Selection", 467 server => $server_pss, 468 client => { 469 "SignatureAlgorithms" => "RSA-PSS+SHA256", 470 }, 471 test => { 472 "ExpectedServerCertType" => "RSA", 473 "ExpectedServerSignHash" => "SHA256", 474 "ExpectedServerSignType" => "RSA-PSS", 475 "ExpectedResult" => "Success" 476 }, 477 }, 478 { 479 name => "RSA-PSS Certificate Unified Signature Algorithm Selection", 480 server => $server_pss, 481 client => { 482 "SignatureAlgorithms" => "rsa_pss_pss_sha256", 483 }, 484 test => { 485 "ExpectedServerCertType" => "RSA-PSS", 486 "ExpectedServerSignHash" => "SHA256", 487 "ExpectedServerSignType" => "RSA-PSS", 488 "ExpectedResult" => "Success" 489 }, 490 }, 491 { 492 name => "Only RSA-PSS Certificate", 493 server => $server_pss_only, 494 client => {}, 495 test => { 496 "ExpectedServerCertType" => "RSA-PSS", 497 "ExpectedServerSignHash" => "SHA256", 498 "ExpectedServerSignType" => "RSA-PSS", 499 "ExpectedResult" => "Success" 500 }, 501 }, 502 { 503 name => "Only RSA-PSS Certificate Valid Signature Algorithms", 504 server => $server_pss_only, 505 client => { 506 "SignatureAlgorithms" => "rsa_pss_pss_sha512", 507 }, 508 test => { 509 "ExpectedServerCertType" => "RSA-PSS", 510 "ExpectedServerSignHash" => "SHA512", 511 "ExpectedServerSignType" => "RSA-PSS", 512 "ExpectedResult" => "Success" 513 }, 514 }, 515 { 516 name => "RSA-PSS Certificate, no PSS signature algorithms", 517 server => $server_pss_only, 518 client => { 519 "SignatureAlgorithms" => "RSA+SHA256", 520 }, 521 test => { 522 "ExpectedResult" => "ServerFail" 523 }, 524 }, 525 { 526 name => "Only RSA-PSS Restricted Certificate", 527 server => $server_pss_restrict_only, 528 client => {}, 529 test => { 530 "ExpectedServerCertType" => "RSA-PSS", 531 "ExpectedServerSignHash" => "SHA256", 532 "ExpectedServerSignType" => "RSA-PSS", 533 "ExpectedResult" => "Success" 534 }, 535 }, 536 { 537 name => "RSA-PSS Restricted Certificate Valid Signature Algorithms", 538 server => $server_pss_restrict_only, 539 client => { 540 "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512", 541 }, 542 test => { 543 "ExpectedServerCertType" => "RSA-PSS", 544 "ExpectedServerSignHash" => "SHA256", 545 "ExpectedServerSignType" => "RSA-PSS", 546 "ExpectedResult" => "Success" 547 }, 548 }, 549 { 550 name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm", 551 server => $server_pss_restrict_only, 552 client => { 553 "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256", 554 }, 555 test => { 556 "ExpectedServerCertType" => "RSA-PSS", 557 "ExpectedServerSignHash" => "SHA256", 558 "ExpectedServerSignType" => "RSA-PSS", 559 "ExpectedResult" => "Success" 560 }, 561 }, 562 { 563 name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms", 564 server => $server_pss_restrict_only, 565 client => { 566 "SignatureAlgorithms" => "rsa_pss_pss_sha512", 567 }, 568 test => { 569 "ExpectedResult" => "ServerFail" 570 }, 571 }, 572 { 573 name => "RSA key exchange with only RSA-PSS certificate", 574 server => $server_pss_only, 575 client => { 576 "CipherString" => "kRSA", 577 "MaxProtocol" => "TLSv1.2", 578 }, 579 test => { 580 "ExpectedResult" => "ServerFail" 581 }, 582 }, 583); 584 585my @tests_tls_1_1 = ( 586 { 587 name => "Only RSA-PSS Certificate, TLS v1.1", 588 server => $server_pss_only, 589 client => { 590 "MaxProtocol" => "TLSv1.1", 591 }, 592 test => { 593 "ExpectedResult" => "ServerFail" 594 }, 595 }, 596); 597 598push @tests, @tests_non_fips unless $fips_mode; 599push @tests, @tests_pss; 600push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx; 601 602my $server_tls_1_3; 603 604if ($fips_mode) { 605 $server_tls_1_3 = { 606 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 607 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 608 "MinProtocol" => "TLSv1.3", 609 "MaxProtocol" => "TLSv1.3" 610 }; 611} else { 612 $server_tls_1_3 = { 613 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 614 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 615 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 616 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 617 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 618 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 619 "MinProtocol" => "TLSv1.3", 620 "MaxProtocol" => "TLSv1.3" 621 }; 622} 623 624my $client_tls_1_3 = { 625 "RSA.Certificate" => test_pem("ee-client-chain.pem"), 626 "RSA.PrivateKey" => test_pem("ee-key.pem"), 627 "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"), 628 "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"), 629 "MinProtocol" => "TLSv1.3", 630 "MaxProtocol" => "TLSv1.3" 631}; 632 633my @tests_tls_1_3 = ( 634 { 635 name => "TLS 1.3 ECDSA Signature Algorithm Selection", 636 server => $server_tls_1_3, 637 client => { 638 "SignatureAlgorithms" => "ECDSA+SHA256", 639 }, 640 test => { 641 "ExpectedServerCertType" => "P-256", 642 "ExpectedServerSignHash" => "SHA256", 643 "ExpectedServerSignType" => "EC", 644 "ExpectedServerCANames" => "empty", 645 "ExpectedResult" => "Success" 646 }, 647 }, 648 { 649 name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point", 650 server => { 651 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), 652 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), 653 "MinProtocol" => "TLSv1.3", 654 "MaxProtocol" => "TLSv1.3" 655 }, 656 client => { 657 "SignatureAlgorithms" => "ECDSA+SHA256", 658 }, 659 test => { 660 "ExpectedServerCertType" => "P-256", 661 "ExpectedServerSignHash" => "SHA256", 662 "ExpectedServerSignType" => "EC", 663 "ExpectedServerCANames" => "empty", 664 "ExpectedResult" => "Success" 665 }, 666 }, 667 { 668 name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1", 669 server => { 670 "CipherString" => "DEFAULT:\@SECLEVEL=0", 671 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 672 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 673 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 674 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 675 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 676 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 677 "MinProtocol" => "TLSv1.3", 678 "MaxProtocol" => "TLSv1.3" 679 }, 680 client => { 681 "CipherString" => "DEFAULT:\@SECLEVEL=0", 682 "SignatureAlgorithms" => "ECDSA+SHA1", 683 }, 684 test => { 685 "ExpectedResult" => "ServerFail" 686 }, 687 }, 688 { 689 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS", 690 server => $server_tls_1_3, 691 client => { 692 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256", 693 "RequestCAFile" => test_pem("root-cert.pem"), 694 }, 695 test => { 696 "ExpectedServerCertType" => "P-256", 697 "ExpectedServerSignHash" => "SHA256", 698 "ExpectedServerSignType" => "EC", 699 "ExpectedServerCANames" => test_pem("root-cert.pem"), 700 "ExpectedResult" => "Success" 701 }, 702 }, 703 { 704 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS", 705 server => $server_tls_1_3, 706 client => { 707 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384", 708 }, 709 test => { 710 "ExpectedServerCertType" => "RSA", 711 "ExpectedServerSignHash" => "SHA384", 712 "ExpectedServerSignType" => "RSA-PSS", 713 "ExpectedResult" => "Success" 714 }, 715 }, 716 { 717 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate", 718 server => { 719 "MinProtocol" => "TLSv1.3", 720 "MaxProtocol" => "TLSv1.3" 721 }, 722 client => { 723 "SignatureAlgorithms" => "ECDSA+SHA256", 724 }, 725 test => { 726 "ExpectedResult" => "ServerFail" 727 }, 728 }, 729 { 730 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS", 731 server => $server_tls_1_3, 732 client => { 733 "SignatureAlgorithms" => "RSA+SHA256", 734 }, 735 test => { 736 "ExpectedResult" => "ServerFail" 737 }, 738 }, 739 { 740 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection", 741 server => $server_tls_1_3, 742 client => { 743 "SignatureAlgorithms" => "RSA-PSS+SHA256", 744 }, 745 test => { 746 "ExpectedServerCertType" => "RSA", 747 "ExpectedServerSignHash" => "SHA256", 748 "ExpectedServerSignType" => "RSA-PSS", 749 "ExpectedResult" => "Success" 750 }, 751 }, 752 { 753 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection", 754 server => { 755 "ClientSignatureAlgorithms" => "PSS+SHA256", 756 "VerifyCAFile" => test_pem("root-cert.pem"), 757 "VerifyMode" => "Require" 758 }, 759 client => $client_tls_1_3, 760 test => { 761 "ExpectedClientCertType" => "RSA", 762 "ExpectedClientSignHash" => "SHA256", 763 "ExpectedClientSignType" => "RSA-PSS", 764 "ExpectedClientCANames" => "empty", 765 "ExpectedResult" => "Success" 766 }, 767 }, 768 { 769 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names", 770 server => { 771 "ClientSignatureAlgorithms" => "PSS+SHA256", 772 "VerifyCAFile" => test_pem("root-cert.pem"), 773 "RequestCAFile" => test_pem("root-cert.pem"), 774 "VerifyMode" => "Require" 775 }, 776 client => $client_tls_1_3, 777 test => { 778 "ExpectedClientCertType" => "RSA", 779 "ExpectedClientSignHash" => "SHA256", 780 "ExpectedClientSignType" => "RSA-PSS", 781 "ExpectedClientCANames" => test_pem("root-cert.pem"), 782 "ExpectedResult" => "Success" 783 }, 784 }, 785 { 786 name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection", 787 server => { 788 "ClientSignatureAlgorithms" => "ECDSA+SHA256", 789 "VerifyCAFile" => test_pem("root-cert.pem"), 790 "VerifyMode" => "Require" 791 }, 792 client => $client_tls_1_3, 793 test => { 794 "ExpectedClientCertType" => "P-256", 795 "ExpectedClientSignHash" => "SHA256", 796 "ExpectedClientSignType" => "EC", 797 "ExpectedResult" => "Success" 798 }, 799 }, 800); 801 802my @tests_tls_1_3_non_fips = ( 803 { 804 name => "TLS 1.3 Ed25519 Signature Algorithm Selection", 805 server => $server_tls_1_3, 806 client => { 807 "SignatureAlgorithms" => "ed25519", 808 }, 809 test => { 810 "ExpectedServerCertType" => "Ed25519", 811 "ExpectedServerSignType" => "Ed25519", 812 "ExpectedResult" => "Success" 813 }, 814 }, 815 { 816 name => "TLS 1.3 Ed448 Signature Algorithm Selection", 817 server => $server_tls_1_3, 818 client => { 819 "SignatureAlgorithms" => "ed448", 820 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 821 }, 822 test => { 823 "ExpectedServerCertType" => "Ed448", 824 "ExpectedServerSignType" => "Ed448", 825 "ExpectedResult" => "Success" 826 }, 827 }, 828 { 829 name => "TLS 1.3 Ed25519 CipherString and Groups Selection", 830 server => $server_tls_1_3, 831 client => { 832 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 833 # Excluding P-256 from the supported groups list should 834 # mean server still uses a P-256 certificate because supported 835 # groups is not used in signature selection for TLS 1.3 836 "Groups" => "X25519" 837 }, 838 test => { 839 "ExpectedServerCertType" =>, "P-256", 840 "ExpectedServerSignType" =>, "EC", 841 "ExpectedResult" => "Success" 842 }, 843 }, 844 { 845 name => "TLS 1.3 Ed448 CipherString and Groups Selection", 846 server => $server_tls_1_3, 847 client => { 848 "SignatureAlgorithms" => "ECDSA+SHA256:ed448", 849 # Excluding P-256 from the supported groups list should 850 # mean server still uses a P-256 certificate because supported 851 # groups is not used in signature selection for TLS 1.3 852 "Groups" => "X448" 853 }, 854 test => { 855 "ExpectedServerCertType" =>, "P-256", 856 "ExpectedServerSignType" =>, "EC", 857 "ExpectedResult" => "Success" 858 }, 859 }, 860 { 861 name => "TLS 1.3 Ed25519 Client Auth", 862 server => { 863 "VerifyCAFile" => test_pem("root-cert.pem"), 864 "VerifyMode" => "Require" 865 }, 866 client => { 867 "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"), 868 "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"), 869 "MinProtocol" => "TLSv1.3", 870 "MaxProtocol" => "TLSv1.3" 871 }, 872 test => { 873 "ExpectedClientCertType" => "Ed25519", 874 "ExpectedClientSignType" => "Ed25519", 875 "ExpectedResult" => "Success" 876 }, 877 }, 878 { 879 name => "TLS 1.3 Ed448 Client Auth", 880 server => { 881 "VerifyCAFile" => test_pem("root-cert.pem"), 882 "VerifyMode" => "Require" 883 }, 884 client => { 885 "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"), 886 "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"), 887 "MinProtocol" => "TLSv1.3", 888 "MaxProtocol" => "TLSv1.3" 889 }, 890 test => { 891 "ExpectedClientCertType" => "Ed448", 892 "ExpectedClientSignType" => "Ed448", 893 "ExpectedResult" => "Success" 894 }, 895 }, 896 { 897 name => "TLS 1.3 ECDSA with brainpool but no suitable groups", 898 server => { 899 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 900 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 901 "Groups" => "brainpoolP256r1", 902 }, 903 client => { 904 "CipherString" => "aECDSA", 905 "RequestCAFile" => test_pem("root-cert.pem"), 906 "Groups" => "brainpoolP256r1", 907 }, 908 test => { 909 #We only configured brainpoolP256r1 on the client side, but TLSv1.3 910 #is enabled and this group is not allowed in TLSv1.3. Therefore this 911 #should fail 912 "ExpectedResult" => "ClientFail" 913 }, 914 }, 915 { 916 name => "TLS 1.3 ECDSA with brainpool", 917 server => { 918 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 919 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 920 }, 921 client => { 922 "RequestCAFile" => test_pem("root-cert.pem"), 923 "MinProtocol" => "TLSv1.3", 924 "MaxProtocol" => "TLSv1.3" 925 }, 926 test => { 927 "ExpectedResult" => "ServerFail" 928 }, 929 }, 930); 931 932push @tests, @tests_tls_1_3 unless disabled("tls1_3"); 933push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode; 934 935my @tests_dsa_tls_1_2 = ( 936 { 937 name => "TLS 1.2 DSA Certificate Test", 938 server => { 939 "DSA.Certificate" => test_pem("server-dsa-cert.pem"), 940 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), 941 "DHParameters" => test_pem("dhp2048.pem"), 942 "MinProtocol" => "TLSv1.2", 943 "MaxProtocol" => "TLSv1.2", 944 "CipherString" => "ALL", 945 }, 946 client => { 947 "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1", 948 "CipherString" => "ALL", 949 }, 950 test => { 951 "ExpectedResult" => "Success" 952 }, 953 }, 954); 955 956my @tests_dsa_tls_1_3 = ( 957 { 958 name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms", 959 server => { 960 "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256", 961 "VerifyCAFile" => test_pem("root-cert.pem"), 962 "VerifyMode" => "Request" 963 }, 964 client => {}, 965 test => { 966 "ExpectedResult" => "ServerFail" 967 }, 968 }, 969 { 970 name => "TLS 1.3 DSA Certificate Test", 971 server => { 972 "DSA.Certificate" => test_pem("server-dsa-cert.pem"), 973 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), 974 "MinProtocol" => "TLSv1.3", 975 "MaxProtocol" => "TLSv1.3", 976 "CipherString" => "ALL", 977 }, 978 client => { 979 "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256", 980 "CipherString" => "ALL", 981 }, 982 test => { 983 "ExpectedResult" => "ServerFail" 984 }, 985 }, 986); 987 988if (!disabled("dsa")) { 989 push @tests, @tests_dsa_tls_1_2 unless disabled("dh"); 990 push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3"); 991} 992