20-cert-select.cnf.in 33 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996
  1. # -*- mode: perl; -*-
  2. ## SSL test configurations
  3. use strict;
  4. use warnings;
  5. package ssltests;
  6. use OpenSSL::Test::Utils;
  7. our $fips_mode;
  8. our $no_deflt_libctx;
  9. my $server = {
  10. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  11. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  12. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  13. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  14. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  15. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  16. "MaxProtocol" => "TLSv1.2"
  17. };
  18. my $server_pss = {
  19. "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  20. "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  21. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  22. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  23. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  24. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  25. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  26. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  27. "MaxProtocol" => "TLSv1.2"
  28. };
  29. my $server_pss_only = {
  30. "Certificate" => test_pem("server-pss-cert.pem"),
  31. "PrivateKey" => test_pem("server-pss-key.pem"),
  32. };
  33. my $server_pss_restrict_only = {
  34. "Certificate" => test_pem("server-pss-restrict-cert.pem"),
  35. "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
  36. };
  37. my $server_rsa_all;
  38. if ($no_deflt_libctx) {
  39. $server_rsa_all = {
  40. "Certificate" => test_pem("servercert.pem"),
  41. "PrivateKey" => test_pem("serverkey.pem"),
  42. };
  43. } else {
  44. $server_rsa_all = {
  45. "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  46. "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  47. "Certificate" => test_pem("servercert.pem"),
  48. "PrivateKey" => test_pem("serverkey.pem"),
  49. };
  50. }
  51. our @tests = (
  52. {
  53. name => "ECDSA CipherString Selection",
  54. server => $server,
  55. client => {
  56. "CipherString" => "aECDSA",
  57. "MaxProtocol" => "TLSv1.2",
  58. "RequestCAFile" => test_pem("root-cert.pem"),
  59. },
  60. test => {
  61. "ExpectedServerCertType" =>, "P-256",
  62. "ExpectedServerSignType" =>, "EC",
  63. # Note: certificate_authorities not sent for TLS < 1.3
  64. "ExpectedServerCANames" =>, "empty",
  65. "ExpectedResult" => "Success"
  66. },
  67. },
  68. {
  69. name => "ECDSA CipherString Selection",
  70. server => {
  71. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  72. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  73. "MaxProtocol" => "TLSv1.2",
  74. #Deliberately set supported_groups to one not in the cert. This
  75. #should be tolerated
  76. "Groups" => "P-384"
  77. },
  78. client => {
  79. "CipherString" => "aECDSA",
  80. "MaxProtocol" => "TLSv1.2",
  81. "Groups" => "P-256:P-384",
  82. "RequestCAFile" => test_pem("root-cert.pem"),
  83. },
  84. test => {
  85. "ExpectedServerCertType" =>, "P-256",
  86. "ExpectedServerSignType" =>, "EC",
  87. # Note: certificate_authorities not sent for TLS < 1.3
  88. "ExpectedServerCANames" =>, "empty",
  89. "ExpectedResult" => "Success"
  90. },
  91. },
  92. {
  93. name => "ECDSA CipherString Selection",
  94. server => {
  95. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  96. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  97. "MaxProtocol" => "TLSv1.2",
  98. "Groups" => "P-256:P-384"
  99. },
  100. client => {
  101. "CipherString" => "aECDSA",
  102. "MaxProtocol" => "TLSv1.2",
  103. #Deliberately set groups to not include the certificate group. This
  104. #should fail
  105. "Groups" => "P-384",
  106. "RequestCAFile" => test_pem("root-cert.pem"),
  107. },
  108. test => {
  109. "ExpectedResult" => "ServerFail"
  110. },
  111. },
  112. {
  113. name => "RSA CipherString Selection",
  114. server => $server,
  115. client => {
  116. "CipherString" => "aRSA",
  117. "MaxProtocol" => "TLSv1.2",
  118. },
  119. test => {
  120. "ExpectedServerCertType" =>, "RSA",
  121. "ExpectedServerSignType" =>, "RSA-PSS",
  122. "ExpectedResult" => "Success"
  123. },
  124. },
  125. {
  126. name => "P-256 CipherString and Signature Algorithm Selection",
  127. server => $server,
  128. client => {
  129. "CipherString" => "aECDSA",
  130. "MaxProtocol" => "TLSv1.2",
  131. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  132. },
  133. test => {
  134. "ExpectedServerCertType" => "P-256",
  135. "ExpectedServerSignHash" => "SHA256",
  136. "ExpectedServerSignType" => "EC",
  137. "ExpectedResult" => "Success"
  138. },
  139. },
  140. {
  141. name => "ECDSA CipherString Selection, no ECDSA certificate",
  142. server => {
  143. "MaxProtocol" => "TLSv1.2"
  144. },
  145. client => {
  146. "CipherString" => "aECDSA",
  147. "MaxProtocol" => "TLSv1.2"
  148. },
  149. test => {
  150. "ExpectedResult" => "ServerFail"
  151. },
  152. },
  153. {
  154. name => "ECDSA Signature Algorithm Selection",
  155. server => $server,
  156. client => {
  157. "SignatureAlgorithms" => "ECDSA+SHA256",
  158. },
  159. test => {
  160. "ExpectedServerCertType" => "P-256",
  161. "ExpectedServerSignHash" => "SHA256",
  162. "ExpectedServerSignType" => "EC",
  163. "ExpectedResult" => "Success"
  164. },
  165. },
  166. {
  167. name => "ECDSA Signature Algorithm Selection SHA384",
  168. server => $server,
  169. client => {
  170. "SignatureAlgorithms" => "ECDSA+SHA384",
  171. },
  172. test => {
  173. "ExpectedServerCertType" => "P-256",
  174. "ExpectedServerSignHash" => "SHA384",
  175. "ExpectedServerSignType" => "EC",
  176. "ExpectedResult" => "Success"
  177. },
  178. },
  179. {
  180. name => "ECDSA Signature Algorithm Selection compressed point",
  181. server => {
  182. "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
  183. "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
  184. "MaxProtocol" => "TLSv1.2"
  185. },
  186. client => {
  187. "SignatureAlgorithms" => "ECDSA+SHA256",
  188. },
  189. test => {
  190. "ExpectedServerCertType" => "P-256",
  191. "ExpectedServerSignHash" => "SHA256",
  192. "ExpectedServerSignType" => "EC",
  193. "ExpectedResult" => "Success"
  194. },
  195. },
  196. {
  197. name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
  198. server => {
  199. "MaxProtocol" => "TLSv1.2"
  200. },
  201. client => {
  202. "SignatureAlgorithms" => "ECDSA+SHA256",
  203. },
  204. test => {
  205. "ExpectedResult" => "ServerFail"
  206. },
  207. },
  208. {
  209. name => "RSA Signature Algorithm Selection",
  210. server => $server,
  211. client => {
  212. "SignatureAlgorithms" => "RSA+SHA256",
  213. },
  214. test => {
  215. "ExpectedServerCertType" => "RSA",
  216. "ExpectedServerSignHash" => "SHA256",
  217. "ExpectedServerSignType" => "RSA",
  218. "ExpectedResult" => "Success"
  219. },
  220. },
  221. {
  222. name => "RSA-PSS Signature Algorithm Selection",
  223. server => $server,
  224. client => {
  225. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  226. },
  227. test => {
  228. "ExpectedServerCertType" => "RSA",
  229. "ExpectedServerSignHash" => "SHA256",
  230. "ExpectedServerSignType" => "RSA-PSS",
  231. "ExpectedResult" => "Success"
  232. },
  233. },
  234. {
  235. name => "RSA key exchange with all RSA certificate types",
  236. server => $server_rsa_all,
  237. client => {
  238. "CipherString" => "kRSA",
  239. "MaxProtocol" => "TLSv1.2",
  240. },
  241. test => {
  242. "ExpectedServerCertType" =>, "RSA",
  243. "ExpectedResult" => "Success"
  244. },
  245. },
  246. {
  247. name => "Suite B P-256 Hash Algorithm Selection",
  248. server => {
  249. "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
  250. "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
  251. "MaxProtocol" => "TLSv1.2",
  252. "CipherString" => "SUITEB128"
  253. },
  254. client => {
  255. "VerifyCAFile" => test_pem("p384-root.pem"),
  256. "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
  257. },
  258. test => {
  259. "ExpectedServerCertType" => "P-256",
  260. "ExpectedServerSignHash" => "SHA256",
  261. "ExpectedServerSignType" => "EC",
  262. "ExpectedResult" => "Success"
  263. },
  264. },
  265. {
  266. name => "Suite B P-384 Hash Algorithm Selection",
  267. server => {
  268. "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
  269. "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
  270. "MaxProtocol" => "TLSv1.2",
  271. "CipherString" => "SUITEB128"
  272. },
  273. client => {
  274. "VerifyCAFile" => test_pem("p384-root.pem"),
  275. "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
  276. },
  277. test => {
  278. "ExpectedServerCertType" => "P-384",
  279. "ExpectedServerSignHash" => "SHA384",
  280. "ExpectedServerSignType" => "EC",
  281. "ExpectedResult" => "Success"
  282. },
  283. },
  284. {
  285. name => "Ed25519 CipherString and Signature Algorithm Selection",
  286. server => $server,
  287. client => {
  288. "CipherString" => "aECDSA",
  289. "MaxProtocol" => "TLSv1.2",
  290. "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
  291. "RequestCAFile" => test_pem("root-cert.pem"),
  292. },
  293. test => {
  294. "ExpectedServerCertType" =>, "Ed25519",
  295. "ExpectedServerSignType" =>, "Ed25519",
  296. # Note: certificate_authorities not sent for TLS < 1.3
  297. "ExpectedServerCANames" =>, "empty",
  298. "ExpectedResult" => "Success"
  299. },
  300. },
  301. {
  302. name => "Ed448 CipherString and Signature Algorithm Selection",
  303. server => $server,
  304. client => {
  305. "CipherString" => "aECDSA",
  306. "MaxProtocol" => "TLSv1.2",
  307. "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
  308. "RequestCAFile" => test_pem("root-ed448-cert.pem"),
  309. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  310. },
  311. test => {
  312. "ExpectedServerCertType" =>, "Ed448",
  313. "ExpectedServerSignType" =>, "Ed448",
  314. # Note: certificate_authorities not sent for TLS < 1.3
  315. "ExpectedServerCANames" =>, "empty",
  316. "ExpectedResult" => "Success"
  317. },
  318. },
  319. {
  320. name => "TLS 1.2 Ed25519 Client Auth",
  321. server => {
  322. "VerifyCAFile" => test_pem("root-cert.pem"),
  323. "VerifyMode" => "Require"
  324. },
  325. client => {
  326. "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
  327. "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
  328. "MinProtocol" => "TLSv1.2",
  329. "MaxProtocol" => "TLSv1.2"
  330. },
  331. test => {
  332. "ExpectedClientCertType" => "Ed25519",
  333. "ExpectedClientSignType" => "Ed25519",
  334. "ExpectedResult" => "Success"
  335. },
  336. },
  337. {
  338. name => "TLS 1.2 Ed448 Client Auth",
  339. server => {
  340. "VerifyCAFile" => test_pem("root-cert.pem"),
  341. "VerifyMode" => "Require"
  342. },
  343. client => {
  344. "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
  345. "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
  346. "MinProtocol" => "TLSv1.2",
  347. "MaxProtocol" => "TLSv1.2"
  348. },
  349. test => {
  350. "ExpectedClientCertType" => "Ed448",
  351. "ExpectedClientSignType" => "Ed448",
  352. "ExpectedResult" => "Success"
  353. },
  354. },
  355. );
  356. my @tests_non_fips = (
  357. {
  358. name => "ECDSA Signature Algorithm Selection SHA1",
  359. server => {
  360. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  361. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  362. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  363. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  364. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  365. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  366. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  367. "MaxProtocol" => "TLSv1.2"
  368. },
  369. client => {
  370. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  371. "SignatureAlgorithms" => "ECDSA+SHA1",
  372. },
  373. test => {
  374. "ExpectedServerCertType" => "P-256",
  375. "ExpectedServerSignHash" => "SHA1",
  376. "ExpectedServerSignType" => "EC",
  377. "ExpectedResult" => "Success"
  378. },
  379. },
  380. {
  381. name => "ECDSA with brainpool",
  382. server => {
  383. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  384. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  385. "Groups" => "brainpoolP256r1",
  386. },
  387. client => {
  388. "MaxProtocol" => "TLSv1.2",
  389. "CipherString" => "aECDSA",
  390. "RequestCAFile" => test_pem("root-cert.pem"),
  391. "Groups" => "brainpoolP256r1",
  392. },
  393. test => {
  394. "ExpectedServerCertType" =>, "brainpoolP256r1",
  395. "ExpectedServerSignType" =>, "EC",
  396. # Note: certificate_authorities not sent for TLS < 1.3
  397. "ExpectedServerCANames" =>, "empty",
  398. "ExpectedResult" => "Success"
  399. },
  400. },
  401. {
  402. name => "Ed25519 CipherString and Curves Selection",
  403. server => $server,
  404. client => {
  405. "CipherString" => "aECDSA",
  406. "MaxProtocol" => "TLSv1.2",
  407. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  408. # Excluding P-256 from the supported curves list means server
  409. # certificate should be Ed25519 and not P-256
  410. "Curves" => "X25519"
  411. },
  412. test => {
  413. "ExpectedServerCertType" =>, "Ed25519",
  414. "ExpectedServerSignType" =>, "Ed25519",
  415. "ExpectedResult" => "Success"
  416. },
  417. },
  418. {
  419. name => "Ed448 CipherString and Curves Selection",
  420. server => $server,
  421. client => {
  422. "CipherString" => "aECDSA",
  423. "MaxProtocol" => "TLSv1.2",
  424. "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
  425. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  426. # Excluding P-256 from the supported curves list means server
  427. # certificate should be Ed25519 and not P-256
  428. "Curves" => "X448"
  429. },
  430. test => {
  431. "ExpectedServerCertType" =>, "Ed448",
  432. "ExpectedServerSignType" =>, "Ed448",
  433. "ExpectedResult" => "Success"
  434. },
  435. },
  436. );
  437. my @tests_pss = (
  438. {
  439. name => "RSA-PSS Certificate CipherString Selection",
  440. server => $server_pss,
  441. client => {
  442. "CipherString" => "aRSA",
  443. "MaxProtocol" => "TLSv1.2",
  444. },
  445. test => {
  446. "ExpectedServerCertType" =>, "RSA-PSS",
  447. "ExpectedServerSignType" =>, "RSA-PSS",
  448. "ExpectedResult" => "Success"
  449. },
  450. },
  451. {
  452. name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
  453. server => $server_pss,
  454. client => {
  455. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  456. },
  457. test => {
  458. "ExpectedServerCertType" => "RSA",
  459. "ExpectedServerSignHash" => "SHA256",
  460. "ExpectedServerSignType" => "RSA-PSS",
  461. "ExpectedResult" => "Success"
  462. },
  463. },
  464. {
  465. name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
  466. server => $server_pss,
  467. client => {
  468. "SignatureAlgorithms" => "rsa_pss_pss_sha256",
  469. },
  470. test => {
  471. "ExpectedServerCertType" => "RSA-PSS",
  472. "ExpectedServerSignHash" => "SHA256",
  473. "ExpectedServerSignType" => "RSA-PSS",
  474. "ExpectedResult" => "Success"
  475. },
  476. },
  477. {
  478. name => "Only RSA-PSS Certificate",
  479. server => $server_pss_only,
  480. client => {},
  481. test => {
  482. "ExpectedServerCertType" => "RSA-PSS",
  483. "ExpectedServerSignHash" => "SHA256",
  484. "ExpectedServerSignType" => "RSA-PSS",
  485. "ExpectedResult" => "Success"
  486. },
  487. },
  488. {
  489. name => "Only RSA-PSS Certificate Valid Signature Algorithms",
  490. server => $server_pss_only,
  491. client => {
  492. "SignatureAlgorithms" => "rsa_pss_pss_sha512",
  493. },
  494. test => {
  495. "ExpectedServerCertType" => "RSA-PSS",
  496. "ExpectedServerSignHash" => "SHA512",
  497. "ExpectedServerSignType" => "RSA-PSS",
  498. "ExpectedResult" => "Success"
  499. },
  500. },
  501. {
  502. name => "RSA-PSS Certificate, no PSS signature algorithms",
  503. server => $server_pss_only,
  504. client => {
  505. "SignatureAlgorithms" => "RSA+SHA256",
  506. },
  507. test => {
  508. "ExpectedResult" => "ServerFail"
  509. },
  510. },
  511. {
  512. name => "Only RSA-PSS Restricted Certificate",
  513. server => $server_pss_restrict_only,
  514. client => {},
  515. test => {
  516. "ExpectedServerCertType" => "RSA-PSS",
  517. "ExpectedServerSignHash" => "SHA256",
  518. "ExpectedServerSignType" => "RSA-PSS",
  519. "ExpectedResult" => "Success"
  520. },
  521. },
  522. {
  523. name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
  524. server => $server_pss_restrict_only,
  525. client => {
  526. "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
  527. },
  528. test => {
  529. "ExpectedServerCertType" => "RSA-PSS",
  530. "ExpectedServerSignHash" => "SHA256",
  531. "ExpectedServerSignType" => "RSA-PSS",
  532. "ExpectedResult" => "Success"
  533. },
  534. },
  535. {
  536. name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
  537. server => $server_pss_restrict_only,
  538. client => {
  539. "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
  540. },
  541. test => {
  542. "ExpectedServerCertType" => "RSA-PSS",
  543. "ExpectedServerSignHash" => "SHA256",
  544. "ExpectedServerSignType" => "RSA-PSS",
  545. "ExpectedResult" => "Success"
  546. },
  547. },
  548. {
  549. name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
  550. server => $server_pss_restrict_only,
  551. client => {
  552. "SignatureAlgorithms" => "rsa_pss_pss_sha512",
  553. },
  554. test => {
  555. "ExpectedResult" => "ServerFail"
  556. },
  557. },
  558. {
  559. name => "RSA key exchange with only RSA-PSS certificate",
  560. server => $server_pss_only,
  561. client => {
  562. "CipherString" => "kRSA",
  563. "MaxProtocol" => "TLSv1.2",
  564. },
  565. test => {
  566. "ExpectedResult" => "ServerFail"
  567. },
  568. },
  569. );
  570. my @tests_tls_1_1 = (
  571. {
  572. name => "Only RSA-PSS Certificate, TLS v1.1",
  573. server => {
  574. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  575. "Certificate" => test_pem("server-pss-cert.pem"),
  576. "PrivateKey" => test_pem("server-pss-key.pem"),
  577. },
  578. client => {
  579. "MaxProtocol" => "TLSv1.1",
  580. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  581. },
  582. test => {
  583. "ExpectedResult" => "ServerFail"
  584. },
  585. },
  586. );
  587. push @tests, @tests_non_fips unless $fips_mode;
  588. push @tests, @tests_pss;
  589. push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
  590. my $server_tls_1_3;
  591. if ($fips_mode) {
  592. $server_tls_1_3 = {
  593. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  594. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  595. "MinProtocol" => "TLSv1.3",
  596. "MaxProtocol" => "TLSv1.3"
  597. };
  598. } else {
  599. $server_tls_1_3 = {
  600. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  601. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  602. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  603. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  604. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  605. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  606. "MinProtocol" => "TLSv1.3",
  607. "MaxProtocol" => "TLSv1.3"
  608. };
  609. }
  610. my $client_tls_1_3 = {
  611. "RSA.Certificate" => test_pem("ee-client-chain.pem"),
  612. "RSA.PrivateKey" => test_pem("ee-key.pem"),
  613. "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
  614. "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
  615. "MinProtocol" => "TLSv1.3",
  616. "MaxProtocol" => "TLSv1.3"
  617. };
  618. my @tests_tls_1_3 = (
  619. {
  620. name => "TLS 1.3 ECDSA Signature Algorithm Selection",
  621. server => $server_tls_1_3,
  622. client => {
  623. "SignatureAlgorithms" => "ECDSA+SHA256",
  624. },
  625. test => {
  626. "ExpectedServerCertType" => "P-256",
  627. "ExpectedServerSignHash" => "SHA256",
  628. "ExpectedServerSignType" => "EC",
  629. "ExpectedServerCANames" => "empty",
  630. "ExpectedResult" => "Success"
  631. },
  632. },
  633. {
  634. name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
  635. server => {
  636. "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
  637. "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
  638. "MinProtocol" => "TLSv1.3",
  639. "MaxProtocol" => "TLSv1.3"
  640. },
  641. client => {
  642. "SignatureAlgorithms" => "ECDSA+SHA256",
  643. },
  644. test => {
  645. "ExpectedServerCertType" => "P-256",
  646. "ExpectedServerSignHash" => "SHA256",
  647. "ExpectedServerSignType" => "EC",
  648. "ExpectedServerCANames" => "empty",
  649. "ExpectedResult" => "Success"
  650. },
  651. },
  652. {
  653. name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
  654. server => {
  655. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  656. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  657. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  658. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  659. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  660. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  661. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  662. "MinProtocol" => "TLSv1.3",
  663. "MaxProtocol" => "TLSv1.3"
  664. },
  665. client => {
  666. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  667. "SignatureAlgorithms" => "ECDSA+SHA1",
  668. },
  669. test => {
  670. "ExpectedResult" => "ServerFail"
  671. },
  672. },
  673. {
  674. name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
  675. server => $server_tls_1_3,
  676. client => {
  677. "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
  678. "RequestCAFile" => test_pem("root-cert.pem"),
  679. },
  680. test => {
  681. "ExpectedServerCertType" => "P-256",
  682. "ExpectedServerSignHash" => "SHA256",
  683. "ExpectedServerSignType" => "EC",
  684. "ExpectedServerCANames" => test_pem("root-cert.pem"),
  685. "ExpectedResult" => "Success"
  686. },
  687. },
  688. {
  689. name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
  690. server => $server_tls_1_3,
  691. client => {
  692. "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
  693. },
  694. test => {
  695. "ExpectedServerCertType" => "RSA",
  696. "ExpectedServerSignHash" => "SHA384",
  697. "ExpectedServerSignType" => "RSA-PSS",
  698. "ExpectedResult" => "Success"
  699. },
  700. },
  701. {
  702. name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
  703. server => {
  704. "MinProtocol" => "TLSv1.3",
  705. "MaxProtocol" => "TLSv1.3"
  706. },
  707. client => {
  708. "SignatureAlgorithms" => "ECDSA+SHA256",
  709. },
  710. test => {
  711. "ExpectedResult" => "ServerFail"
  712. },
  713. },
  714. {
  715. name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
  716. server => $server_tls_1_3,
  717. client => {
  718. "SignatureAlgorithms" => "RSA+SHA256",
  719. },
  720. test => {
  721. "ExpectedResult" => "ServerFail"
  722. },
  723. },
  724. {
  725. name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
  726. server => $server_tls_1_3,
  727. client => {
  728. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  729. },
  730. test => {
  731. "ExpectedServerCertType" => "RSA",
  732. "ExpectedServerSignHash" => "SHA256",
  733. "ExpectedServerSignType" => "RSA-PSS",
  734. "ExpectedResult" => "Success"
  735. },
  736. },
  737. {
  738. name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
  739. server => {
  740. "ClientSignatureAlgorithms" => "PSS+SHA256",
  741. "VerifyCAFile" => test_pem("root-cert.pem"),
  742. "VerifyMode" => "Require"
  743. },
  744. client => $client_tls_1_3,
  745. test => {
  746. "ExpectedClientCertType" => "RSA",
  747. "ExpectedClientSignHash" => "SHA256",
  748. "ExpectedClientSignType" => "RSA-PSS",
  749. "ExpectedClientCANames" => "empty",
  750. "ExpectedResult" => "Success"
  751. },
  752. },
  753. {
  754. name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
  755. server => {
  756. "ClientSignatureAlgorithms" => "PSS+SHA256",
  757. "VerifyCAFile" => test_pem("root-cert.pem"),
  758. "RequestCAFile" => test_pem("root-cert.pem"),
  759. "VerifyMode" => "Require"
  760. },
  761. client => $client_tls_1_3,
  762. test => {
  763. "ExpectedClientCertType" => "RSA",
  764. "ExpectedClientSignHash" => "SHA256",
  765. "ExpectedClientSignType" => "RSA-PSS",
  766. "ExpectedClientCANames" => test_pem("root-cert.pem"),
  767. "ExpectedResult" => "Success"
  768. },
  769. },
  770. {
  771. name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
  772. server => {
  773. "ClientSignatureAlgorithms" => "ECDSA+SHA256",
  774. "VerifyCAFile" => test_pem("root-cert.pem"),
  775. "VerifyMode" => "Require"
  776. },
  777. client => $client_tls_1_3,
  778. test => {
  779. "ExpectedClientCertType" => "P-256",
  780. "ExpectedClientSignHash" => "SHA256",
  781. "ExpectedClientSignType" => "EC",
  782. "ExpectedResult" => "Success"
  783. },
  784. },
  785. );
  786. my @tests_tls_1_3_non_fips = (
  787. {
  788. name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
  789. server => $server_tls_1_3,
  790. client => {
  791. "SignatureAlgorithms" => "ed25519",
  792. },
  793. test => {
  794. "ExpectedServerCertType" => "Ed25519",
  795. "ExpectedServerSignType" => "Ed25519",
  796. "ExpectedResult" => "Success"
  797. },
  798. },
  799. {
  800. name => "TLS 1.3 Ed448 Signature Algorithm Selection",
  801. server => $server_tls_1_3,
  802. client => {
  803. "SignatureAlgorithms" => "ed448",
  804. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  805. },
  806. test => {
  807. "ExpectedServerCertType" => "Ed448",
  808. "ExpectedServerSignType" => "Ed448",
  809. "ExpectedResult" => "Success"
  810. },
  811. },
  812. {
  813. name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
  814. server => $server_tls_1_3,
  815. client => {
  816. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  817. # Excluding P-256 from the supported groups list should
  818. # mean server still uses a P-256 certificate because supported
  819. # groups is not used in signature selection for TLS 1.3
  820. "Groups" => "X25519"
  821. },
  822. test => {
  823. "ExpectedServerCertType" =>, "P-256",
  824. "ExpectedServerSignType" =>, "EC",
  825. "ExpectedResult" => "Success"
  826. },
  827. },
  828. {
  829. name => "TLS 1.3 Ed448 CipherString and Groups Selection",
  830. server => $server_tls_1_3,
  831. client => {
  832. "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
  833. # Excluding P-256 from the supported groups list should
  834. # mean server still uses a P-256 certificate because supported
  835. # groups is not used in signature selection for TLS 1.3
  836. "Groups" => "X448"
  837. },
  838. test => {
  839. "ExpectedServerCertType" =>, "P-256",
  840. "ExpectedServerSignType" =>, "EC",
  841. "ExpectedResult" => "Success"
  842. },
  843. },
  844. {
  845. name => "TLS 1.3 Ed25519 Client Auth",
  846. server => {
  847. "VerifyCAFile" => test_pem("root-cert.pem"),
  848. "VerifyMode" => "Require"
  849. },
  850. client => {
  851. "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
  852. "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
  853. "MinProtocol" => "TLSv1.3",
  854. "MaxProtocol" => "TLSv1.3"
  855. },
  856. test => {
  857. "ExpectedClientCertType" => "Ed25519",
  858. "ExpectedClientSignType" => "Ed25519",
  859. "ExpectedResult" => "Success"
  860. },
  861. },
  862. {
  863. name => "TLS 1.3 Ed448 Client Auth",
  864. server => {
  865. "VerifyCAFile" => test_pem("root-cert.pem"),
  866. "VerifyMode" => "Require"
  867. },
  868. client => {
  869. "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
  870. "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
  871. "MinProtocol" => "TLSv1.3",
  872. "MaxProtocol" => "TLSv1.3"
  873. },
  874. test => {
  875. "ExpectedClientCertType" => "Ed448",
  876. "ExpectedClientSignType" => "Ed448",
  877. "ExpectedResult" => "Success"
  878. },
  879. },
  880. {
  881. name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
  882. server => {
  883. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  884. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  885. "Groups" => "brainpoolP256r1",
  886. },
  887. client => {
  888. "CipherString" => "aECDSA",
  889. "RequestCAFile" => test_pem("root-cert.pem"),
  890. "Groups" => "brainpoolP256r1",
  891. },
  892. test => {
  893. #We only configured brainpoolP256r1 on the client side, but TLSv1.3
  894. #is enabled and this group is not allowed in TLSv1.3. Therefore this
  895. #should fail
  896. "ExpectedResult" => "ClientFail"
  897. },
  898. },
  899. {
  900. name => "TLS 1.3 ECDSA with brainpool",
  901. server => {
  902. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  903. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  904. },
  905. client => {
  906. "RequestCAFile" => test_pem("root-cert.pem"),
  907. "MinProtocol" => "TLSv1.3",
  908. "MaxProtocol" => "TLSv1.3"
  909. },
  910. test => {
  911. "ExpectedResult" => "Success"
  912. },
  913. },
  914. );
  915. push @tests, @tests_tls_1_3 unless disabled("tls1_3");
  916. push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
  917. my @tests_dsa_tls_1_2 = (
  918. {
  919. name => "TLS 1.2 DSA Certificate Test",
  920. server => {
  921. "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
  922. "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
  923. "DHParameters" => test_pem("dhp2048.pem"),
  924. "MinProtocol" => "TLSv1.2",
  925. "MaxProtocol" => "TLSv1.2",
  926. "CipherString" => "ALL",
  927. },
  928. client => {
  929. "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
  930. "CipherString" => "ALL",
  931. },
  932. test => {
  933. "ExpectedResult" => "Success"
  934. },
  935. },
  936. );
  937. my @tests_dsa_tls_1_3 = (
  938. {
  939. name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
  940. server => {
  941. "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
  942. "VerifyCAFile" => test_pem("root-cert.pem"),
  943. "VerifyMode" => "Request"
  944. },
  945. client => {},
  946. test => {
  947. "ExpectedResult" => "ServerFail"
  948. },
  949. },
  950. {
  951. name => "TLS 1.3 DSA Certificate Test",
  952. server => {
  953. "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
  954. "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
  955. "MinProtocol" => "TLSv1.3",
  956. "MaxProtocol" => "TLSv1.3",
  957. "CipherString" => "ALL",
  958. },
  959. client => {
  960. "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
  961. "CipherString" => "ALL",
  962. },
  963. test => {
  964. "ExpectedResult" => "ServerFail"
  965. },
  966. },
  967. );
  968. if (!disabled("dsa")) {
  969. push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
  970. push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
  971. }