20-cert-select.cnf.in 32 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991
  1. # -*- mode: perl; -*-
  2. ## SSL test configurations
  3. use strict;
  4. use warnings;
  5. package ssltests;
  6. use OpenSSL::Test::Utils;
  7. our $fips_mode;
  8. our $no_deflt_libctx;
  9. my $server = {
  10. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  11. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  12. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  13. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  14. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  15. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  16. "MaxProtocol" => "TLSv1.2"
  17. };
  18. my $server_pss = {
  19. "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  20. "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  21. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  22. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  23. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  24. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  25. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  26. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  27. "MaxProtocol" => "TLSv1.2"
  28. };
  29. my $server_pss_only = {
  30. "Certificate" => test_pem("server-pss-cert.pem"),
  31. "PrivateKey" => test_pem("server-pss-key.pem"),
  32. };
  33. my $server_pss_restrict_only = {
  34. "Certificate" => test_pem("server-pss-restrict-cert.pem"),
  35. "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
  36. };
  37. my $server_rsa_all;
  38. if ($no_deflt_libctx) {
  39. $server_rsa_all = {
  40. "Certificate" => test_pem("servercert.pem"),
  41. "PrivateKey" => test_pem("serverkey.pem"),
  42. };
  43. } else {
  44. $server_rsa_all = {
  45. "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  46. "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  47. "Certificate" => test_pem("servercert.pem"),
  48. "PrivateKey" => test_pem("serverkey.pem"),
  49. };
  50. }
  51. our @tests = (
  52. {
  53. name => "ECDSA CipherString Selection",
  54. server => $server,
  55. client => {
  56. "CipherString" => "aECDSA",
  57. "MaxProtocol" => "TLSv1.2",
  58. "RequestCAFile" => test_pem("root-cert.pem"),
  59. },
  60. test => {
  61. "ExpectedServerCertType" =>, "P-256",
  62. "ExpectedServerSignType" =>, "EC",
  63. # Note: certificate_authorities not sent for TLS < 1.3
  64. "ExpectedServerCANames" =>, "empty",
  65. "ExpectedResult" => "Success"
  66. },
  67. },
  68. {
  69. name => "ECDSA CipherString Selection",
  70. server => {
  71. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  72. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  73. "MaxProtocol" => "TLSv1.2",
  74. #Deliberately set supported_groups to one not in the cert. This
  75. #should be tolerated
  76. "Groups" => "P-384"
  77. },
  78. client => {
  79. "CipherString" => "aECDSA",
  80. "MaxProtocol" => "TLSv1.2",
  81. "Groups" => "P-256:P-384",
  82. "RequestCAFile" => test_pem("root-cert.pem"),
  83. },
  84. test => {
  85. "ExpectedServerCertType" =>, "P-256",
  86. "ExpectedServerSignType" =>, "EC",
  87. # Note: certificate_authorities not sent for TLS < 1.3
  88. "ExpectedServerCANames" =>, "empty",
  89. "ExpectedResult" => "Success"
  90. },
  91. },
  92. {
  93. name => "ECDSA CipherString Selection",
  94. server => {
  95. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  96. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  97. "MaxProtocol" => "TLSv1.2",
  98. "Groups" => "P-256:P-384"
  99. },
  100. client => {
  101. "CipherString" => "aECDSA",
  102. "MaxProtocol" => "TLSv1.2",
  103. #Deliberately set groups to not include the certificate group. This
  104. #should fail
  105. "Groups" => "P-384",
  106. "RequestCAFile" => test_pem("root-cert.pem"),
  107. },
  108. test => {
  109. "ExpectedResult" => "ServerFail"
  110. },
  111. },
  112. {
  113. name => "RSA CipherString Selection",
  114. server => $server,
  115. client => {
  116. "CipherString" => "aRSA",
  117. "MaxProtocol" => "TLSv1.2",
  118. },
  119. test => {
  120. "ExpectedServerCertType" =>, "RSA",
  121. "ExpectedServerSignType" =>, "RSA-PSS",
  122. "ExpectedResult" => "Success"
  123. },
  124. },
  125. {
  126. name => "P-256 CipherString and Signature Algorithm Selection",
  127. server => $server,
  128. client => {
  129. "CipherString" => "aECDSA",
  130. "MaxProtocol" => "TLSv1.2",
  131. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  132. },
  133. test => {
  134. "ExpectedServerCertType" => "P-256",
  135. "ExpectedServerSignHash" => "SHA256",
  136. "ExpectedServerSignType" => "EC",
  137. "ExpectedResult" => "Success"
  138. },
  139. },
  140. {
  141. name => "ECDSA CipherString Selection, no ECDSA certificate",
  142. server => {
  143. "MaxProtocol" => "TLSv1.2"
  144. },
  145. client => {
  146. "CipherString" => "aECDSA",
  147. "MaxProtocol" => "TLSv1.2"
  148. },
  149. test => {
  150. "ExpectedResult" => "ServerFail"
  151. },
  152. },
  153. {
  154. name => "ECDSA Signature Algorithm Selection",
  155. server => $server,
  156. client => {
  157. "SignatureAlgorithms" => "ECDSA+SHA256",
  158. },
  159. test => {
  160. "ExpectedServerCertType" => "P-256",
  161. "ExpectedServerSignHash" => "SHA256",
  162. "ExpectedServerSignType" => "EC",
  163. "ExpectedResult" => "Success"
  164. },
  165. },
  166. {
  167. name => "ECDSA Signature Algorithm Selection SHA384",
  168. server => $server,
  169. client => {
  170. "SignatureAlgorithms" => "ECDSA+SHA384",
  171. },
  172. test => {
  173. "ExpectedServerCertType" => "P-256",
  174. "ExpectedServerSignHash" => "SHA384",
  175. "ExpectedServerSignType" => "EC",
  176. "ExpectedResult" => "Success"
  177. },
  178. },
  179. {
  180. name => "ECDSA Signature Algorithm Selection compressed point",
  181. server => {
  182. "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
  183. "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
  184. "MaxProtocol" => "TLSv1.2"
  185. },
  186. client => {
  187. "SignatureAlgorithms" => "ECDSA+SHA256",
  188. },
  189. test => {
  190. "ExpectedServerCertType" => "P-256",
  191. "ExpectedServerSignHash" => "SHA256",
  192. "ExpectedServerSignType" => "EC",
  193. "ExpectedResult" => "Success"
  194. },
  195. },
  196. {
  197. name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
  198. server => {
  199. "MaxProtocol" => "TLSv1.2"
  200. },
  201. client => {
  202. "SignatureAlgorithms" => "ECDSA+SHA256",
  203. },
  204. test => {
  205. "ExpectedResult" => "ServerFail"
  206. },
  207. },
  208. {
  209. name => "RSA Signature Algorithm Selection",
  210. server => $server,
  211. client => {
  212. "SignatureAlgorithms" => "RSA+SHA256",
  213. },
  214. test => {
  215. "ExpectedServerCertType" => "RSA",
  216. "ExpectedServerSignHash" => "SHA256",
  217. "ExpectedServerSignType" => "RSA",
  218. "ExpectedResult" => "Success"
  219. },
  220. },
  221. {
  222. name => "RSA-PSS Signature Algorithm Selection",
  223. server => $server,
  224. client => {
  225. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  226. },
  227. test => {
  228. "ExpectedServerCertType" => "RSA",
  229. "ExpectedServerSignHash" => "SHA256",
  230. "ExpectedServerSignType" => "RSA-PSS",
  231. "ExpectedResult" => "Success"
  232. },
  233. },
  234. {
  235. name => "RSA key exchange with all RSA certificate types",
  236. server => $server_rsa_all,
  237. client => {
  238. "CipherString" => "kRSA",
  239. "MaxProtocol" => "TLSv1.2",
  240. },
  241. test => {
  242. "ExpectedServerCertType" =>, "RSA",
  243. "ExpectedResult" => "Success"
  244. },
  245. },
  246. {
  247. name => "Suite B P-256 Hash Algorithm Selection",
  248. server => {
  249. "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
  250. "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
  251. "MaxProtocol" => "TLSv1.2",
  252. "CipherString" => "SUITEB128"
  253. },
  254. client => {
  255. "VerifyCAFile" => test_pem("p384-root.pem"),
  256. "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
  257. },
  258. test => {
  259. "ExpectedServerCertType" => "P-256",
  260. "ExpectedServerSignHash" => "SHA256",
  261. "ExpectedServerSignType" => "EC",
  262. "ExpectedResult" => "Success"
  263. },
  264. },
  265. {
  266. name => "Suite B P-384 Hash Algorithm Selection",
  267. server => {
  268. "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
  269. "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
  270. "MaxProtocol" => "TLSv1.2",
  271. "CipherString" => "SUITEB128"
  272. },
  273. client => {
  274. "VerifyCAFile" => test_pem("p384-root.pem"),
  275. "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
  276. },
  277. test => {
  278. "ExpectedServerCertType" => "P-384",
  279. "ExpectedServerSignHash" => "SHA384",
  280. "ExpectedServerSignType" => "EC",
  281. "ExpectedResult" => "Success"
  282. },
  283. },
  284. {
  285. name => "Ed25519 CipherString and Signature Algorithm Selection",
  286. server => $server,
  287. client => {
  288. "CipherString" => "aECDSA",
  289. "MaxProtocol" => "TLSv1.2",
  290. "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
  291. "RequestCAFile" => test_pem("root-cert.pem"),
  292. },
  293. test => {
  294. "ExpectedServerCertType" =>, "Ed25519",
  295. "ExpectedServerSignType" =>, "Ed25519",
  296. # Note: certificate_authorities not sent for TLS < 1.3
  297. "ExpectedServerCANames" =>, "empty",
  298. "ExpectedResult" => "Success"
  299. },
  300. },
  301. {
  302. name => "Ed448 CipherString and Signature Algorithm Selection",
  303. server => $server,
  304. client => {
  305. "CipherString" => "aECDSA",
  306. "MaxProtocol" => "TLSv1.2",
  307. "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
  308. "RequestCAFile" => test_pem("root-ed448-cert.pem"),
  309. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  310. },
  311. test => {
  312. "ExpectedServerCertType" =>, "Ed448",
  313. "ExpectedServerSignType" =>, "Ed448",
  314. # Note: certificate_authorities not sent for TLS < 1.3
  315. "ExpectedServerCANames" =>, "empty",
  316. "ExpectedResult" => "Success"
  317. },
  318. },
  319. {
  320. name => "Ed25519 CipherString and Curves Selection",
  321. server => $server,
  322. client => {
  323. "CipherString" => "aECDSA",
  324. "MaxProtocol" => "TLSv1.2",
  325. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  326. # Excluding P-256 from the supported curves list means server
  327. # certificate should be Ed25519 and not P-256
  328. "Curves" => "X25519"
  329. },
  330. test => {
  331. "ExpectedServerCertType" =>, "Ed25519",
  332. "ExpectedServerSignType" =>, "Ed25519",
  333. "ExpectedResult" => "Success"
  334. },
  335. },
  336. {
  337. name => "Ed448 CipherString and Curves Selection",
  338. server => $server,
  339. client => {
  340. "CipherString" => "aECDSA",
  341. "MaxProtocol" => "TLSv1.2",
  342. "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
  343. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  344. # Excluding P-256 from the supported curves list means server
  345. # certificate should be Ed25519 and not P-256
  346. "Curves" => "X448"
  347. },
  348. test => {
  349. "ExpectedServerCertType" =>, "Ed448",
  350. "ExpectedServerSignType" =>, "Ed448",
  351. "ExpectedResult" => "Success"
  352. },
  353. },
  354. {
  355. name => "TLS 1.2 Ed25519 Client Auth",
  356. server => {
  357. "VerifyCAFile" => test_pem("root-cert.pem"),
  358. "VerifyMode" => "Require"
  359. },
  360. client => {
  361. "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
  362. "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
  363. "MinProtocol" => "TLSv1.2",
  364. "MaxProtocol" => "TLSv1.2"
  365. },
  366. test => {
  367. "ExpectedClientCertType" => "Ed25519",
  368. "ExpectedClientSignType" => "Ed25519",
  369. "ExpectedResult" => "Success"
  370. },
  371. },
  372. {
  373. name => "TLS 1.2 Ed448 Client Auth",
  374. server => {
  375. "VerifyCAFile" => test_pem("root-cert.pem"),
  376. "VerifyMode" => "Require"
  377. },
  378. client => {
  379. "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
  380. "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
  381. "MinProtocol" => "TLSv1.2",
  382. "MaxProtocol" => "TLSv1.2"
  383. },
  384. test => {
  385. "ExpectedClientCertType" => "Ed448",
  386. "ExpectedClientSignType" => "Ed448",
  387. "ExpectedResult" => "Success"
  388. },
  389. },
  390. );
  391. my @tests_non_fips = (
  392. {
  393. name => "ECDSA Signature Algorithm Selection SHA1",
  394. server => {
  395. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  396. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  397. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  398. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  399. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  400. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  401. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  402. "MaxProtocol" => "TLSv1.2"
  403. },
  404. client => {
  405. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  406. "SignatureAlgorithms" => "ECDSA+SHA1",
  407. },
  408. test => {
  409. "ExpectedServerCertType" => "P-256",
  410. "ExpectedServerSignHash" => "SHA1",
  411. "ExpectedServerSignType" => "EC",
  412. "ExpectedResult" => "Success"
  413. },
  414. },
  415. {
  416. name => "ECDSA with brainpool",
  417. server => {
  418. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  419. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  420. "Groups" => "brainpoolP256r1",
  421. },
  422. client => {
  423. "MaxProtocol" => "TLSv1.2",
  424. "CipherString" => "aECDSA",
  425. "RequestCAFile" => test_pem("root-cert.pem"),
  426. "Groups" => "brainpoolP256r1",
  427. },
  428. test => {
  429. "ExpectedServerCertType" =>, "brainpoolP256r1",
  430. "ExpectedServerSignType" =>, "EC",
  431. # Note: certificate_authorities not sent for TLS < 1.3
  432. "ExpectedServerCANames" =>, "empty",
  433. "ExpectedResult" => "Success"
  434. },
  435. },
  436. );
  437. my @tests_pss = (
  438. {
  439. name => "RSA-PSS Certificate CipherString Selection",
  440. server => $server_pss,
  441. client => {
  442. "CipherString" => "aRSA",
  443. "MaxProtocol" => "TLSv1.2",
  444. },
  445. test => {
  446. "ExpectedServerCertType" =>, "RSA-PSS",
  447. "ExpectedServerSignType" =>, "RSA-PSS",
  448. "ExpectedResult" => "Success"
  449. },
  450. },
  451. {
  452. name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
  453. server => $server_pss,
  454. client => {
  455. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  456. },
  457. test => {
  458. "ExpectedServerCertType" => "RSA",
  459. "ExpectedServerSignHash" => "SHA256",
  460. "ExpectedServerSignType" => "RSA-PSS",
  461. "ExpectedResult" => "Success"
  462. },
  463. },
  464. {
  465. name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
  466. server => $server_pss,
  467. client => {
  468. "SignatureAlgorithms" => "rsa_pss_pss_sha256",
  469. },
  470. test => {
  471. "ExpectedServerCertType" => "RSA-PSS",
  472. "ExpectedServerSignHash" => "SHA256",
  473. "ExpectedServerSignType" => "RSA-PSS",
  474. "ExpectedResult" => "Success"
  475. },
  476. },
  477. {
  478. name => "Only RSA-PSS Certificate",
  479. server => $server_pss_only,
  480. client => {},
  481. test => {
  482. "ExpectedServerCertType" => "RSA-PSS",
  483. "ExpectedServerSignHash" => "SHA256",
  484. "ExpectedServerSignType" => "RSA-PSS",
  485. "ExpectedResult" => "Success"
  486. },
  487. },
  488. {
  489. name => "Only RSA-PSS Certificate Valid Signature Algorithms",
  490. server => $server_pss_only,
  491. client => {
  492. "SignatureAlgorithms" => "rsa_pss_pss_sha512",
  493. },
  494. test => {
  495. "ExpectedServerCertType" => "RSA-PSS",
  496. "ExpectedServerSignHash" => "SHA512",
  497. "ExpectedServerSignType" => "RSA-PSS",
  498. "ExpectedResult" => "Success"
  499. },
  500. },
  501. {
  502. name => "RSA-PSS Certificate, no PSS signature algorithms",
  503. server => $server_pss_only,
  504. client => {
  505. "SignatureAlgorithms" => "RSA+SHA256",
  506. },
  507. test => {
  508. "ExpectedResult" => "ServerFail"
  509. },
  510. },
  511. {
  512. name => "Only RSA-PSS Restricted Certificate",
  513. server => $server_pss_restrict_only,
  514. client => {},
  515. test => {
  516. "ExpectedServerCertType" => "RSA-PSS",
  517. "ExpectedServerSignHash" => "SHA256",
  518. "ExpectedServerSignType" => "RSA-PSS",
  519. "ExpectedResult" => "Success"
  520. },
  521. },
  522. {
  523. name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
  524. server => $server_pss_restrict_only,
  525. client => {
  526. "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
  527. },
  528. test => {
  529. "ExpectedServerCertType" => "RSA-PSS",
  530. "ExpectedServerSignHash" => "SHA256",
  531. "ExpectedServerSignType" => "RSA-PSS",
  532. "ExpectedResult" => "Success"
  533. },
  534. },
  535. {
  536. name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
  537. server => $server_pss_restrict_only,
  538. client => {
  539. "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
  540. },
  541. test => {
  542. "ExpectedServerCertType" => "RSA-PSS",
  543. "ExpectedServerSignHash" => "SHA256",
  544. "ExpectedServerSignType" => "RSA-PSS",
  545. "ExpectedResult" => "Success"
  546. },
  547. },
  548. {
  549. name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
  550. server => $server_pss_restrict_only,
  551. client => {
  552. "SignatureAlgorithms" => "rsa_pss_pss_sha512",
  553. },
  554. test => {
  555. "ExpectedResult" => "ServerFail"
  556. },
  557. },
  558. {
  559. name => "RSA key exchange with only RSA-PSS certificate",
  560. server => $server_pss_only,
  561. client => {
  562. "CipherString" => "kRSA",
  563. "MaxProtocol" => "TLSv1.2",
  564. },
  565. test => {
  566. "ExpectedResult" => "ServerFail"
  567. },
  568. },
  569. );
  570. my @tests_tls_1_1 = (
  571. {
  572. name => "Only RSA-PSS Certificate, TLS v1.1",
  573. server => $server_pss_only,
  574. client => {
  575. "MaxProtocol" => "TLSv1.1",
  576. },
  577. test => {
  578. "ExpectedResult" => "ServerFail"
  579. },
  580. },
  581. );
  582. push @tests, @tests_non_fips unless $fips_mode;
  583. push @tests, @tests_pss;
  584. push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
  585. my $server_tls_1_3;
  586. if ($fips_mode) {
  587. $server_tls_1_3 = {
  588. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  589. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  590. "MinProtocol" => "TLSv1.3",
  591. "MaxProtocol" => "TLSv1.3"
  592. };
  593. } else {
  594. $server_tls_1_3 = {
  595. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  596. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  597. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  598. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  599. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  600. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  601. "MinProtocol" => "TLSv1.3",
  602. "MaxProtocol" => "TLSv1.3"
  603. };
  604. }
  605. my $client_tls_1_3 = {
  606. "RSA.Certificate" => test_pem("ee-client-chain.pem"),
  607. "RSA.PrivateKey" => test_pem("ee-key.pem"),
  608. "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
  609. "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
  610. "MinProtocol" => "TLSv1.3",
  611. "MaxProtocol" => "TLSv1.3"
  612. };
  613. my @tests_tls_1_3 = (
  614. {
  615. name => "TLS 1.3 ECDSA Signature Algorithm Selection",
  616. server => $server_tls_1_3,
  617. client => {
  618. "SignatureAlgorithms" => "ECDSA+SHA256",
  619. },
  620. test => {
  621. "ExpectedServerCertType" => "P-256",
  622. "ExpectedServerSignHash" => "SHA256",
  623. "ExpectedServerSignType" => "EC",
  624. "ExpectedServerCANames" => "empty",
  625. "ExpectedResult" => "Success"
  626. },
  627. },
  628. {
  629. name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
  630. server => {
  631. "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
  632. "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
  633. "MinProtocol" => "TLSv1.3",
  634. "MaxProtocol" => "TLSv1.3"
  635. },
  636. client => {
  637. "SignatureAlgorithms" => "ECDSA+SHA256",
  638. },
  639. test => {
  640. "ExpectedServerCertType" => "P-256",
  641. "ExpectedServerSignHash" => "SHA256",
  642. "ExpectedServerSignType" => "EC",
  643. "ExpectedServerCANames" => "empty",
  644. "ExpectedResult" => "Success"
  645. },
  646. },
  647. {
  648. name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
  649. server => {
  650. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  651. "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  652. "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  653. "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  654. "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  655. "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  656. "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  657. "MinProtocol" => "TLSv1.3",
  658. "MaxProtocol" => "TLSv1.3"
  659. },
  660. client => {
  661. "CipherString" => "DEFAULT:\@SECLEVEL=0",
  662. "SignatureAlgorithms" => "ECDSA+SHA1",
  663. },
  664. test => {
  665. "ExpectedResult" => "ServerFail"
  666. },
  667. },
  668. {
  669. name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
  670. server => $server_tls_1_3,
  671. client => {
  672. "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
  673. "RequestCAFile" => test_pem("root-cert.pem"),
  674. },
  675. test => {
  676. "ExpectedServerCertType" => "P-256",
  677. "ExpectedServerSignHash" => "SHA256",
  678. "ExpectedServerSignType" => "EC",
  679. "ExpectedServerCANames" => test_pem("root-cert.pem"),
  680. "ExpectedResult" => "Success"
  681. },
  682. },
  683. {
  684. name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
  685. server => $server_tls_1_3,
  686. client => {
  687. "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
  688. },
  689. test => {
  690. "ExpectedServerCertType" => "RSA",
  691. "ExpectedServerSignHash" => "SHA384",
  692. "ExpectedServerSignType" => "RSA-PSS",
  693. "ExpectedResult" => "Success"
  694. },
  695. },
  696. {
  697. name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
  698. server => {
  699. "MinProtocol" => "TLSv1.3",
  700. "MaxProtocol" => "TLSv1.3"
  701. },
  702. client => {
  703. "SignatureAlgorithms" => "ECDSA+SHA256",
  704. },
  705. test => {
  706. "ExpectedResult" => "ServerFail"
  707. },
  708. },
  709. {
  710. name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
  711. server => $server_tls_1_3,
  712. client => {
  713. "SignatureAlgorithms" => "RSA+SHA256",
  714. },
  715. test => {
  716. "ExpectedResult" => "ServerFail"
  717. },
  718. },
  719. {
  720. name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
  721. server => $server_tls_1_3,
  722. client => {
  723. "SignatureAlgorithms" => "RSA-PSS+SHA256",
  724. },
  725. test => {
  726. "ExpectedServerCertType" => "RSA",
  727. "ExpectedServerSignHash" => "SHA256",
  728. "ExpectedServerSignType" => "RSA-PSS",
  729. "ExpectedResult" => "Success"
  730. },
  731. },
  732. {
  733. name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
  734. server => {
  735. "ClientSignatureAlgorithms" => "PSS+SHA256",
  736. "VerifyCAFile" => test_pem("root-cert.pem"),
  737. "VerifyMode" => "Require"
  738. },
  739. client => $client_tls_1_3,
  740. test => {
  741. "ExpectedClientCertType" => "RSA",
  742. "ExpectedClientSignHash" => "SHA256",
  743. "ExpectedClientSignType" => "RSA-PSS",
  744. "ExpectedClientCANames" => "empty",
  745. "ExpectedResult" => "Success"
  746. },
  747. },
  748. {
  749. name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
  750. server => {
  751. "ClientSignatureAlgorithms" => "PSS+SHA256",
  752. "VerifyCAFile" => test_pem("root-cert.pem"),
  753. "RequestCAFile" => test_pem("root-cert.pem"),
  754. "VerifyMode" => "Require"
  755. },
  756. client => $client_tls_1_3,
  757. test => {
  758. "ExpectedClientCertType" => "RSA",
  759. "ExpectedClientSignHash" => "SHA256",
  760. "ExpectedClientSignType" => "RSA-PSS",
  761. "ExpectedClientCANames" => test_pem("root-cert.pem"),
  762. "ExpectedResult" => "Success"
  763. },
  764. },
  765. {
  766. name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
  767. server => {
  768. "ClientSignatureAlgorithms" => "ECDSA+SHA256",
  769. "VerifyCAFile" => test_pem("root-cert.pem"),
  770. "VerifyMode" => "Require"
  771. },
  772. client => $client_tls_1_3,
  773. test => {
  774. "ExpectedClientCertType" => "P-256",
  775. "ExpectedClientSignHash" => "SHA256",
  776. "ExpectedClientSignType" => "EC",
  777. "ExpectedResult" => "Success"
  778. },
  779. },
  780. );
  781. my @tests_tls_1_3_non_fips = (
  782. {
  783. name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
  784. server => $server_tls_1_3,
  785. client => {
  786. "SignatureAlgorithms" => "ed25519",
  787. },
  788. test => {
  789. "ExpectedServerCertType" => "Ed25519",
  790. "ExpectedServerSignType" => "Ed25519",
  791. "ExpectedResult" => "Success"
  792. },
  793. },
  794. {
  795. name => "TLS 1.3 Ed448 Signature Algorithm Selection",
  796. server => $server_tls_1_3,
  797. client => {
  798. "SignatureAlgorithms" => "ed448",
  799. "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
  800. },
  801. test => {
  802. "ExpectedServerCertType" => "Ed448",
  803. "ExpectedServerSignType" => "Ed448",
  804. "ExpectedResult" => "Success"
  805. },
  806. },
  807. {
  808. name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
  809. server => $server_tls_1_3,
  810. client => {
  811. "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
  812. # Excluding P-256 from the supported groups list should
  813. # mean server still uses a P-256 certificate because supported
  814. # groups is not used in signature selection for TLS 1.3
  815. "Groups" => "X25519"
  816. },
  817. test => {
  818. "ExpectedServerCertType" =>, "P-256",
  819. "ExpectedServerSignType" =>, "EC",
  820. "ExpectedResult" => "Success"
  821. },
  822. },
  823. {
  824. name => "TLS 1.3 Ed448 CipherString and Groups Selection",
  825. server => $server_tls_1_3,
  826. client => {
  827. "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
  828. # Excluding P-256 from the supported groups list should
  829. # mean server still uses a P-256 certificate because supported
  830. # groups is not used in signature selection for TLS 1.3
  831. "Groups" => "X448"
  832. },
  833. test => {
  834. "ExpectedServerCertType" =>, "P-256",
  835. "ExpectedServerSignType" =>, "EC",
  836. "ExpectedResult" => "Success"
  837. },
  838. },
  839. {
  840. name => "TLS 1.3 Ed25519 Client Auth",
  841. server => {
  842. "VerifyCAFile" => test_pem("root-cert.pem"),
  843. "VerifyMode" => "Require"
  844. },
  845. client => {
  846. "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
  847. "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
  848. "MinProtocol" => "TLSv1.3",
  849. "MaxProtocol" => "TLSv1.3"
  850. },
  851. test => {
  852. "ExpectedClientCertType" => "Ed25519",
  853. "ExpectedClientSignType" => "Ed25519",
  854. "ExpectedResult" => "Success"
  855. },
  856. },
  857. {
  858. name => "TLS 1.3 Ed448 Client Auth",
  859. server => {
  860. "VerifyCAFile" => test_pem("root-cert.pem"),
  861. "VerifyMode" => "Require"
  862. },
  863. client => {
  864. "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
  865. "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
  866. "MinProtocol" => "TLSv1.3",
  867. "MaxProtocol" => "TLSv1.3"
  868. },
  869. test => {
  870. "ExpectedClientCertType" => "Ed448",
  871. "ExpectedClientSignType" => "Ed448",
  872. "ExpectedResult" => "Success"
  873. },
  874. },
  875. {
  876. name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
  877. server => {
  878. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  879. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  880. "Groups" => "brainpoolP256r1",
  881. },
  882. client => {
  883. "CipherString" => "aECDSA",
  884. "RequestCAFile" => test_pem("root-cert.pem"),
  885. "Groups" => "brainpoolP256r1",
  886. },
  887. test => {
  888. #We only configured brainpoolP256r1 on the client side, but TLSv1.3
  889. #is enabled and this group is not allowed in TLSv1.3. Therefore this
  890. #should fail
  891. "ExpectedResult" => "ClientFail"
  892. },
  893. },
  894. {
  895. name => "TLS 1.3 ECDSA with brainpool",
  896. server => {
  897. "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
  898. "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
  899. },
  900. client => {
  901. "RequestCAFile" => test_pem("root-cert.pem"),
  902. "MinProtocol" => "TLSv1.3",
  903. "MaxProtocol" => "TLSv1.3"
  904. },
  905. test => {
  906. "ExpectedResult" => "ServerFail"
  907. },
  908. },
  909. );
  910. push @tests, @tests_tls_1_3 unless disabled("tls1_3");
  911. push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
  912. my @tests_dsa_tls_1_2 = (
  913. {
  914. name => "TLS 1.2 DSA Certificate Test",
  915. server => {
  916. "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
  917. "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
  918. "DHParameters" => test_pem("dhp2048.pem"),
  919. "MinProtocol" => "TLSv1.2",
  920. "MaxProtocol" => "TLSv1.2",
  921. "CipherString" => "ALL",
  922. },
  923. client => {
  924. "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
  925. "CipherString" => "ALL",
  926. },
  927. test => {
  928. "ExpectedResult" => "Success"
  929. },
  930. },
  931. );
  932. my @tests_dsa_tls_1_3 = (
  933. {
  934. name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
  935. server => {
  936. "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
  937. "VerifyCAFile" => test_pem("root-cert.pem"),
  938. "VerifyMode" => "Request"
  939. },
  940. client => {},
  941. test => {
  942. "ExpectedResult" => "ServerFail"
  943. },
  944. },
  945. {
  946. name => "TLS 1.3 DSA Certificate Test",
  947. server => {
  948. "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
  949. "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
  950. "MinProtocol" => "TLSv1.3",
  951. "MaxProtocol" => "TLSv1.3",
  952. "CipherString" => "ALL",
  953. },
  954. client => {
  955. "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
  956. "CipherString" => "ALL",
  957. },
  958. test => {
  959. "ExpectedResult" => "ServerFail"
  960. },
  961. },
  962. );
  963. if (!disabled("dsa")) {
  964. push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
  965. push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
  966. }