1# -*- mode: perl; -*- 2 3## SSL test configurations 4 5 6use strict; 7use warnings; 8 9package ssltests; 10use OpenSSL::Test::Utils; 11 12our $fips_mode; 13our $no_deflt_libctx; 14 15my $server = { 16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 17 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 19 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 21 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 22 "MaxProtocol" => "TLSv1.2" 23}; 24 25my $server_pss = { 26 "PSS.Certificate" => test_pem("server-pss-cert.pem"), 27 "PSS.PrivateKey" => test_pem("server-pss-key.pem"), 28 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 29 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 30 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 31 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 32 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 33 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 34 "MaxProtocol" => "TLSv1.2" 35}; 36 37my $server_pss_only = { 38 "Certificate" => test_pem("server-pss-cert.pem"), 39 "PrivateKey" => test_pem("server-pss-key.pem"), 40}; 41 42my $server_pss_restrict_only = { 43 "Certificate" => test_pem("server-pss-restrict-cert.pem"), 44 "PrivateKey" => test_pem("server-pss-restrict-key.pem"), 45}; 46 47my $server_rsa_all; 48 49if ($no_deflt_libctx) { 50 $server_rsa_all = { 51 "Certificate" => test_pem("servercert.pem"), 52 "PrivateKey" => test_pem("serverkey.pem"), 53 }; 54} else { 55 $server_rsa_all = { 56 "PSS.Certificate" => test_pem("server-pss-cert.pem"), 57 "PSS.PrivateKey" => test_pem("server-pss-key.pem"), 58 "Certificate" => test_pem("servercert.pem"), 59 "PrivateKey" => test_pem("serverkey.pem"), 60 }; 61} 62 63our @tests = ( 64 { 65 name => "ECDSA CipherString Selection", 66 server => $server, 67 client => { 68 "CipherString" => "aECDSA", 69 "MaxProtocol" => "TLSv1.2", 70 "RequestCAFile" => test_pem("root-cert.pem"), 71 }, 72 test => { 73 "ExpectedServerCertType" =>, "P-256", 74 "ExpectedServerSignType" =>, "EC", 75 # Note: certificate_authorities not sent for TLS < 1.3 76 "ExpectedServerCANames" =>, "empty", 77 "ExpectedResult" => "Success" 78 }, 79 }, 80 { 81 name => "ECDSA CipherString Selection", 82 server => { 83 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 84 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 85 "MaxProtocol" => "TLSv1.2", 86 #Deliberately set supported_groups to one not in the cert. This 87 #should be tolerated 88 "Groups" => "P-384" 89 }, 90 client => { 91 "CipherString" => "aECDSA", 92 "MaxProtocol" => "TLSv1.2", 93 "Groups" => "P-256:P-384", 94 "RequestCAFile" => test_pem("root-cert.pem"), 95 }, 96 test => { 97 "ExpectedServerCertType" =>, "P-256", 98 "ExpectedServerSignType" =>, "EC", 99 # Note: certificate_authorities not sent for TLS < 1.3 100 "ExpectedServerCANames" =>, "empty", 101 "ExpectedResult" => "Success" 102 }, 103 }, 104 { 105 name => "ECDSA CipherString Selection", 106 server => { 107 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 108 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 109 "MaxProtocol" => "TLSv1.2", 110 "Groups" => "P-256:P-384" 111 }, 112 client => { 113 "CipherString" => "aECDSA", 114 "MaxProtocol" => "TLSv1.2", 115 #Deliberately set groups to not include the certificate group. This 116 #should fail 117 "Groups" => "P-384", 118 "RequestCAFile" => test_pem("root-cert.pem"), 119 }, 120 test => { 121 "ExpectedResult" => "ServerFail" 122 }, 123 }, 124 { 125 name => "RSA CipherString Selection", 126 server => $server, 127 client => { 128 "CipherString" => "aRSA", 129 "MaxProtocol" => "TLSv1.2", 130 }, 131 test => { 132 "ExpectedServerCertType" =>, "RSA", 133 "ExpectedServerSignType" =>, "RSA-PSS", 134 "ExpectedResult" => "Success" 135 }, 136 }, 137 { 138 name => "P-256 CipherString and Signature Algorithm Selection", 139 server => $server, 140 client => { 141 "CipherString" => "aECDSA", 142 "MaxProtocol" => "TLSv1.2", 143 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 144 }, 145 test => { 146 "ExpectedServerCertType" => "P-256", 147 "ExpectedServerSignHash" => "SHA256", 148 "ExpectedServerSignType" => "EC", 149 "ExpectedResult" => "Success" 150 }, 151 }, 152 { 153 name => "ECDSA CipherString Selection, no ECDSA certificate", 154 server => { 155 "MaxProtocol" => "TLSv1.2" 156 }, 157 client => { 158 "CipherString" => "aECDSA", 159 "MaxProtocol" => "TLSv1.2" 160 }, 161 test => { 162 "ExpectedResult" => "ServerFail" 163 }, 164 }, 165 { 166 name => "ECDSA Signature Algorithm Selection", 167 server => $server, 168 client => { 169 "SignatureAlgorithms" => "ECDSA+SHA256", 170 }, 171 test => { 172 "ExpectedServerCertType" => "P-256", 173 "ExpectedServerSignHash" => "SHA256", 174 "ExpectedServerSignType" => "EC", 175 "ExpectedResult" => "Success" 176 }, 177 }, 178 { 179 name => "ECDSA Signature Algorithm Selection SHA384", 180 server => $server, 181 client => { 182 "SignatureAlgorithms" => "ECDSA+SHA384", 183 }, 184 test => { 185 "ExpectedServerCertType" => "P-256", 186 "ExpectedServerSignHash" => "SHA384", 187 "ExpectedServerSignType" => "EC", 188 "ExpectedResult" => "Success" 189 }, 190 }, 191 { 192 name => "ECDSA Signature Algorithm Selection compressed point", 193 server => { 194 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), 195 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), 196 "MaxProtocol" => "TLSv1.2" 197 }, 198 client => { 199 "SignatureAlgorithms" => "ECDSA+SHA256", 200 }, 201 test => { 202 "ExpectedServerCertType" => "P-256", 203 "ExpectedServerSignHash" => "SHA256", 204 "ExpectedServerSignType" => "EC", 205 "ExpectedResult" => "Success" 206 }, 207 }, 208 { 209 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate", 210 server => { 211 "MaxProtocol" => "TLSv1.2" 212 }, 213 client => { 214 "SignatureAlgorithms" => "ECDSA+SHA256", 215 }, 216 test => { 217 "ExpectedResult" => "ServerFail" 218 }, 219 }, 220 { 221 name => "RSA Signature Algorithm Selection", 222 server => $server, 223 client => { 224 "SignatureAlgorithms" => "RSA+SHA256", 225 }, 226 test => { 227 "ExpectedServerCertType" => "RSA", 228 "ExpectedServerSignHash" => "SHA256", 229 "ExpectedServerSignType" => "RSA", 230 "ExpectedResult" => "Success" 231 }, 232 }, 233 { 234 name => "RSA-PSS Signature Algorithm Selection", 235 server => $server, 236 client => { 237 "SignatureAlgorithms" => "RSA-PSS+SHA256", 238 }, 239 test => { 240 "ExpectedServerCertType" => "RSA", 241 "ExpectedServerSignHash" => "SHA256", 242 "ExpectedServerSignType" => "RSA-PSS", 243 "ExpectedResult" => "Success" 244 }, 245 }, 246 { 247 name => "RSA key exchange with all RSA certificate types", 248 server => $server_rsa_all, 249 client => { 250 "CipherString" => "kRSA", 251 "MaxProtocol" => "TLSv1.2", 252 }, 253 test => { 254 "ExpectedServerCertType" =>, "RSA", 255 "ExpectedResult" => "Success" 256 }, 257 }, 258 { 259 name => "Suite B P-256 Hash Algorithm Selection", 260 server => { 261 "ECDSA.Certificate" => test_pem("p256-server-cert.pem"), 262 "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"), 263 "MaxProtocol" => "TLSv1.2", 264 "CipherString" => "SUITEB128" 265 }, 266 client => { 267 "VerifyCAFile" => test_pem("p384-root.pem"), 268 "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256" 269 }, 270 test => { 271 "ExpectedServerCertType" => "P-256", 272 "ExpectedServerSignHash" => "SHA256", 273 "ExpectedServerSignType" => "EC", 274 "ExpectedResult" => "Success" 275 }, 276 }, 277 { 278 name => "Suite B P-384 Hash Algorithm Selection", 279 server => { 280 "ECDSA.Certificate" => test_pem("p384-server-cert.pem"), 281 "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"), 282 "MaxProtocol" => "TLSv1.2", 283 "CipherString" => "SUITEB128" 284 }, 285 client => { 286 "VerifyCAFile" => test_pem("p384-root.pem"), 287 "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384" 288 }, 289 test => { 290 "ExpectedServerCertType" => "P-384", 291 "ExpectedServerSignHash" => "SHA384", 292 "ExpectedServerSignType" => "EC", 293 "ExpectedResult" => "Success" 294 }, 295 }, 296 { 297 name => "Ed25519 CipherString and Signature Algorithm Selection", 298 server => $server, 299 client => { 300 "CipherString" => "aECDSA", 301 "MaxProtocol" => "TLSv1.2", 302 "SignatureAlgorithms" => "ed25519:ECDSA+SHA256", 303 "RequestCAFile" => test_pem("root-cert.pem"), 304 }, 305 test => { 306 "ExpectedServerCertType" =>, "Ed25519", 307 "ExpectedServerSignType" =>, "Ed25519", 308 # Note: certificate_authorities not sent for TLS < 1.3 309 "ExpectedServerCANames" =>, "empty", 310 "ExpectedResult" => "Success" 311 }, 312 }, 313 { 314 name => "Ed448 CipherString and Signature Algorithm Selection", 315 server => $server, 316 client => { 317 "CipherString" => "aECDSA", 318 "MaxProtocol" => "TLSv1.2", 319 "SignatureAlgorithms" => "ed448:ECDSA+SHA256", 320 "RequestCAFile" => test_pem("root-ed448-cert.pem"), 321 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 322 }, 323 test => { 324 "ExpectedServerCertType" =>, "Ed448", 325 "ExpectedServerSignType" =>, "Ed448", 326 # Note: certificate_authorities not sent for TLS < 1.3 327 "ExpectedServerCANames" =>, "empty", 328 "ExpectedResult" => "Success" 329 }, 330 }, 331 { 332 name => "TLS 1.2 Ed25519 Client Auth", 333 server => { 334 "VerifyCAFile" => test_pem("root-cert.pem"), 335 "VerifyMode" => "Require" 336 }, 337 client => { 338 "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"), 339 "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"), 340 "MinProtocol" => "TLSv1.2", 341 "MaxProtocol" => "TLSv1.2" 342 }, 343 test => { 344 "ExpectedClientCertType" => "Ed25519", 345 "ExpectedClientSignType" => "Ed25519", 346 "ExpectedResult" => "Success" 347 }, 348 }, 349 { 350 name => "TLS 1.2 Ed448 Client Auth", 351 server => { 352 "VerifyCAFile" => test_pem("root-cert.pem"), 353 "VerifyMode" => "Require" 354 }, 355 client => { 356 "Ed448.Certificate" => test_pem("client-ed448-cert.pem"), 357 "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"), 358 "MinProtocol" => "TLSv1.2", 359 "MaxProtocol" => "TLSv1.2" 360 }, 361 test => { 362 "ExpectedClientCertType" => "Ed448", 363 "ExpectedClientSignType" => "Ed448", 364 "ExpectedResult" => "Success" 365 }, 366 }, 367); 368 369my @tests_non_fips = ( 370 { 371 name => "ECDSA Signature Algorithm Selection SHA1", 372 server => { 373 "CipherString" => "DEFAULT:\@SECLEVEL=0", 374 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 375 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 376 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 377 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 378 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 379 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 380 "MaxProtocol" => "TLSv1.2" 381 }, 382 client => { 383 "CipherString" => "DEFAULT:\@SECLEVEL=0", 384 "SignatureAlgorithms" => "ECDSA+SHA1", 385 }, 386 test => { 387 "ExpectedServerCertType" => "P-256", 388 "ExpectedServerSignHash" => "SHA1", 389 "ExpectedServerSignType" => "EC", 390 "ExpectedResult" => "Success" 391 }, 392 }, 393 { 394 name => "ECDSA with brainpool", 395 server => { 396 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 397 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 398 "Groups" => "brainpoolP256r1", 399 }, 400 client => { 401 "MaxProtocol" => "TLSv1.2", 402 "CipherString" => "aECDSA", 403 "RequestCAFile" => test_pem("root-cert.pem"), 404 "Groups" => "brainpoolP256r1", 405 }, 406 test => { 407 "ExpectedServerCertType" =>, "brainpoolP256r1", 408 "ExpectedServerSignType" =>, "EC", 409 # Note: certificate_authorities not sent for TLS < 1.3 410 "ExpectedServerCANames" =>, "empty", 411 "ExpectedResult" => "Success" 412 }, 413 }, 414 { 415 name => "Ed25519 CipherString and Curves Selection", 416 server => $server, 417 client => { 418 "CipherString" => "aECDSA", 419 "MaxProtocol" => "TLSv1.2", 420 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 421 # Excluding P-256 from the supported curves list means server 422 # certificate should be Ed25519 and not P-256 423 "Curves" => "X25519" 424 }, 425 test => { 426 "ExpectedServerCertType" =>, "Ed25519", 427 "ExpectedServerSignType" =>, "Ed25519", 428 "ExpectedResult" => "Success" 429 }, 430 }, 431 { 432 name => "Ed448 CipherString and Curves Selection", 433 server => $server, 434 client => { 435 "CipherString" => "aECDSA", 436 "MaxProtocol" => "TLSv1.2", 437 "SignatureAlgorithms" => "ECDSA+SHA256:ed448", 438 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 439 # Excluding P-256 from the supported curves list means server 440 # certificate should be Ed25519 and not P-256 441 "Curves" => "X448" 442 }, 443 test => { 444 "ExpectedServerCertType" =>, "Ed448", 445 "ExpectedServerSignType" =>, "Ed448", 446 "ExpectedResult" => "Success" 447 }, 448 }, 449); 450 451my @tests_pss = ( 452 { 453 name => "RSA-PSS Certificate CipherString Selection", 454 server => $server_pss, 455 client => { 456 "CipherString" => "aRSA", 457 "MaxProtocol" => "TLSv1.2", 458 }, 459 test => { 460 "ExpectedServerCertType" =>, "RSA-PSS", 461 "ExpectedServerSignType" =>, "RSA-PSS", 462 "ExpectedResult" => "Success" 463 }, 464 }, 465 { 466 name => "RSA-PSS Certificate Legacy Signature Algorithm Selection", 467 server => $server_pss, 468 client => { 469 "SignatureAlgorithms" => "RSA-PSS+SHA256", 470 }, 471 test => { 472 "ExpectedServerCertType" => "RSA", 473 "ExpectedServerSignHash" => "SHA256", 474 "ExpectedServerSignType" => "RSA-PSS", 475 "ExpectedResult" => "Success" 476 }, 477 }, 478 { 479 name => "RSA-PSS Certificate Unified Signature Algorithm Selection", 480 server => $server_pss, 481 client => { 482 "SignatureAlgorithms" => "rsa_pss_pss_sha256", 483 }, 484 test => { 485 "ExpectedServerCertType" => "RSA-PSS", 486 "ExpectedServerSignHash" => "SHA256", 487 "ExpectedServerSignType" => "RSA-PSS", 488 "ExpectedResult" => "Success" 489 }, 490 }, 491 { 492 name => "Only RSA-PSS Certificate", 493 server => $server_pss_only, 494 client => {}, 495 test => { 496 "ExpectedServerCertType" => "RSA-PSS", 497 "ExpectedServerSignHash" => "SHA256", 498 "ExpectedServerSignType" => "RSA-PSS", 499 "ExpectedResult" => "Success" 500 }, 501 }, 502 { 503 name => "Only RSA-PSS Certificate Valid Signature Algorithms", 504 server => $server_pss_only, 505 client => { 506 "SignatureAlgorithms" => "rsa_pss_pss_sha512", 507 }, 508 test => { 509 "ExpectedServerCertType" => "RSA-PSS", 510 "ExpectedServerSignHash" => "SHA512", 511 "ExpectedServerSignType" => "RSA-PSS", 512 "ExpectedResult" => "Success" 513 }, 514 }, 515 { 516 name => "RSA-PSS Certificate, no PSS signature algorithms", 517 server => $server_pss_only, 518 client => { 519 "SignatureAlgorithms" => "RSA+SHA256", 520 }, 521 test => { 522 "ExpectedResult" => "ServerFail" 523 }, 524 }, 525 { 526 name => "Only RSA-PSS Restricted Certificate", 527 server => $server_pss_restrict_only, 528 client => {}, 529 test => { 530 "ExpectedServerCertType" => "RSA-PSS", 531 "ExpectedServerSignHash" => "SHA256", 532 "ExpectedServerSignType" => "RSA-PSS", 533 "ExpectedResult" => "Success" 534 }, 535 }, 536 { 537 name => "RSA-PSS Restricted Certificate Valid Signature Algorithms", 538 server => $server_pss_restrict_only, 539 client => { 540 "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512", 541 }, 542 test => { 543 "ExpectedServerCertType" => "RSA-PSS", 544 "ExpectedServerSignHash" => "SHA256", 545 "ExpectedServerSignType" => "RSA-PSS", 546 "ExpectedResult" => "Success" 547 }, 548 }, 549 { 550 name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm", 551 server => $server_pss_restrict_only, 552 client => { 553 "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256", 554 }, 555 test => { 556 "ExpectedServerCertType" => "RSA-PSS", 557 "ExpectedServerSignHash" => "SHA256", 558 "ExpectedServerSignType" => "RSA-PSS", 559 "ExpectedResult" => "Success" 560 }, 561 }, 562 { 563 name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms", 564 server => $server_pss_restrict_only, 565 client => { 566 "SignatureAlgorithms" => "rsa_pss_pss_sha512", 567 }, 568 test => { 569 "ExpectedResult" => "ServerFail" 570 }, 571 }, 572 { 573 name => "RSA key exchange with only RSA-PSS certificate", 574 server => $server_pss_only, 575 client => { 576 "CipherString" => "kRSA", 577 "MaxProtocol" => "TLSv1.2", 578 }, 579 test => { 580 "ExpectedResult" => "ServerFail" 581 }, 582 }, 583); 584 585my @tests_tls_1_1 = ( 586 { 587 name => "Only RSA-PSS Certificate, TLS v1.1", 588 server => { 589 "CipherString" => "DEFAULT:\@SECLEVEL=0", 590 "Certificate" => test_pem("server-pss-cert.pem"), 591 "PrivateKey" => test_pem("server-pss-key.pem"), 592 }, 593 client => { 594 "MaxProtocol" => "TLSv1.1", 595 "CipherString" => "DEFAULT:\@SECLEVEL=0", 596 }, 597 test => { 598 "ExpectedResult" => "ServerFail" 599 }, 600 }, 601); 602 603push @tests, @tests_non_fips unless $fips_mode; 604push @tests, @tests_pss; 605push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx; 606 607my $server_tls_1_3; 608 609if ($fips_mode) { 610 $server_tls_1_3 = { 611 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 612 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 613 "MinProtocol" => "TLSv1.3", 614 "MaxProtocol" => "TLSv1.3" 615 }; 616} else { 617 $server_tls_1_3 = { 618 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 619 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 620 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 621 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 622 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 623 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 624 "MinProtocol" => "TLSv1.3", 625 "MaxProtocol" => "TLSv1.3" 626 }; 627} 628 629my $client_tls_1_3 = { 630 "RSA.Certificate" => test_pem("ee-client-chain.pem"), 631 "RSA.PrivateKey" => test_pem("ee-key.pem"), 632 "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"), 633 "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"), 634 "MinProtocol" => "TLSv1.3", 635 "MaxProtocol" => "TLSv1.3" 636}; 637 638my @tests_tls_1_3 = ( 639 { 640 name => "TLS 1.3 ECDSA Signature Algorithm Selection", 641 server => $server_tls_1_3, 642 client => { 643 "SignatureAlgorithms" => "ECDSA+SHA256", 644 }, 645 test => { 646 "ExpectedServerCertType" => "P-256", 647 "ExpectedServerSignHash" => "SHA256", 648 "ExpectedServerSignType" => "EC", 649 "ExpectedServerCANames" => "empty", 650 "ExpectedResult" => "Success" 651 }, 652 }, 653 { 654 name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point", 655 server => { 656 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), 657 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), 658 "MinProtocol" => "TLSv1.3", 659 "MaxProtocol" => "TLSv1.3" 660 }, 661 client => { 662 "SignatureAlgorithms" => "ECDSA+SHA256", 663 }, 664 test => { 665 "ExpectedServerCertType" => "P-256", 666 "ExpectedServerSignHash" => "SHA256", 667 "ExpectedServerSignType" => "EC", 668 "ExpectedServerCANames" => "empty", 669 "ExpectedResult" => "Success" 670 }, 671 }, 672 { 673 name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1", 674 server => { 675 "CipherString" => "DEFAULT:\@SECLEVEL=0", 676 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 677 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), 678 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 679 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), 680 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 681 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), 682 "MinProtocol" => "TLSv1.3", 683 "MaxProtocol" => "TLSv1.3" 684 }, 685 client => { 686 "CipherString" => "DEFAULT:\@SECLEVEL=0", 687 "SignatureAlgorithms" => "ECDSA+SHA1", 688 }, 689 test => { 690 "ExpectedResult" => "ServerFail" 691 }, 692 }, 693 { 694 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS", 695 server => $server_tls_1_3, 696 client => { 697 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256", 698 "RequestCAFile" => test_pem("root-cert.pem"), 699 }, 700 test => { 701 "ExpectedServerCertType" => "P-256", 702 "ExpectedServerSignHash" => "SHA256", 703 "ExpectedServerSignType" => "EC", 704 "ExpectedServerCANames" => test_pem("root-cert.pem"), 705 "ExpectedResult" => "Success" 706 }, 707 }, 708 { 709 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS", 710 server => $server_tls_1_3, 711 client => { 712 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384", 713 }, 714 test => { 715 "ExpectedServerCertType" => "RSA", 716 "ExpectedServerSignHash" => "SHA384", 717 "ExpectedServerSignType" => "RSA-PSS", 718 "ExpectedResult" => "Success" 719 }, 720 }, 721 { 722 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate", 723 server => { 724 "MinProtocol" => "TLSv1.3", 725 "MaxProtocol" => "TLSv1.3" 726 }, 727 client => { 728 "SignatureAlgorithms" => "ECDSA+SHA256", 729 }, 730 test => { 731 "ExpectedResult" => "ServerFail" 732 }, 733 }, 734 { 735 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS", 736 server => $server_tls_1_3, 737 client => { 738 "SignatureAlgorithms" => "RSA+SHA256", 739 }, 740 test => { 741 "ExpectedResult" => "ServerFail" 742 }, 743 }, 744 { 745 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection", 746 server => $server_tls_1_3, 747 client => { 748 "SignatureAlgorithms" => "RSA-PSS+SHA256", 749 }, 750 test => { 751 "ExpectedServerCertType" => "RSA", 752 "ExpectedServerSignHash" => "SHA256", 753 "ExpectedServerSignType" => "RSA-PSS", 754 "ExpectedResult" => "Success" 755 }, 756 }, 757 { 758 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection", 759 server => { 760 "ClientSignatureAlgorithms" => "PSS+SHA256", 761 "VerifyCAFile" => test_pem("root-cert.pem"), 762 "VerifyMode" => "Require" 763 }, 764 client => $client_tls_1_3, 765 test => { 766 "ExpectedClientCertType" => "RSA", 767 "ExpectedClientSignHash" => "SHA256", 768 "ExpectedClientSignType" => "RSA-PSS", 769 "ExpectedClientCANames" => "empty", 770 "ExpectedResult" => "Success" 771 }, 772 }, 773 { 774 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names", 775 server => { 776 "ClientSignatureAlgorithms" => "PSS+SHA256", 777 "VerifyCAFile" => test_pem("root-cert.pem"), 778 "RequestCAFile" => test_pem("root-cert.pem"), 779 "VerifyMode" => "Require" 780 }, 781 client => $client_tls_1_3, 782 test => { 783 "ExpectedClientCertType" => "RSA", 784 "ExpectedClientSignHash" => "SHA256", 785 "ExpectedClientSignType" => "RSA-PSS", 786 "ExpectedClientCANames" => test_pem("root-cert.pem"), 787 "ExpectedResult" => "Success" 788 }, 789 }, 790 { 791 name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection", 792 server => { 793 "ClientSignatureAlgorithms" => "ECDSA+SHA256", 794 "VerifyCAFile" => test_pem("root-cert.pem"), 795 "VerifyMode" => "Require" 796 }, 797 client => $client_tls_1_3, 798 test => { 799 "ExpectedClientCertType" => "P-256", 800 "ExpectedClientSignHash" => "SHA256", 801 "ExpectedClientSignType" => "EC", 802 "ExpectedResult" => "Success" 803 }, 804 }, 805); 806 807my @tests_tls_1_3_non_fips = ( 808 { 809 name => "TLS 1.3 Ed25519 Signature Algorithm Selection", 810 server => $server_tls_1_3, 811 client => { 812 "SignatureAlgorithms" => "ed25519", 813 }, 814 test => { 815 "ExpectedServerCertType" => "Ed25519", 816 "ExpectedServerSignType" => "Ed25519", 817 "ExpectedResult" => "Success" 818 }, 819 }, 820 { 821 name => "TLS 1.3 Ed448 Signature Algorithm Selection", 822 server => $server_tls_1_3, 823 client => { 824 "SignatureAlgorithms" => "ed448", 825 "VerifyCAFile" => test_pem("root-ed448-cert.pem"), 826 }, 827 test => { 828 "ExpectedServerCertType" => "Ed448", 829 "ExpectedServerSignType" => "Ed448", 830 "ExpectedResult" => "Success" 831 }, 832 }, 833 { 834 name => "TLS 1.3 Ed25519 CipherString and Groups Selection", 835 server => $server_tls_1_3, 836 client => { 837 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", 838 # Excluding P-256 from the supported groups list should 839 # mean server still uses a P-256 certificate because supported 840 # groups is not used in signature selection for TLS 1.3 841 "Groups" => "X25519" 842 }, 843 test => { 844 "ExpectedServerCertType" =>, "P-256", 845 "ExpectedServerSignType" =>, "EC", 846 "ExpectedResult" => "Success" 847 }, 848 }, 849 { 850 name => "TLS 1.3 Ed448 CipherString and Groups Selection", 851 server => $server_tls_1_3, 852 client => { 853 "SignatureAlgorithms" => "ECDSA+SHA256:ed448", 854 # Excluding P-256 from the supported groups list should 855 # mean server still uses a P-256 certificate because supported 856 # groups is not used in signature selection for TLS 1.3 857 "Groups" => "X448" 858 }, 859 test => { 860 "ExpectedServerCertType" =>, "P-256", 861 "ExpectedServerSignType" =>, "EC", 862 "ExpectedResult" => "Success" 863 }, 864 }, 865 { 866 name => "TLS 1.3 Ed25519 Client Auth", 867 server => { 868 "VerifyCAFile" => test_pem("root-cert.pem"), 869 "VerifyMode" => "Require" 870 }, 871 client => { 872 "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"), 873 "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"), 874 "MinProtocol" => "TLSv1.3", 875 "MaxProtocol" => "TLSv1.3" 876 }, 877 test => { 878 "ExpectedClientCertType" => "Ed25519", 879 "ExpectedClientSignType" => "Ed25519", 880 "ExpectedResult" => "Success" 881 }, 882 }, 883 { 884 name => "TLS 1.3 Ed448 Client Auth", 885 server => { 886 "VerifyCAFile" => test_pem("root-cert.pem"), 887 "VerifyMode" => "Require" 888 }, 889 client => { 890 "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"), 891 "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"), 892 "MinProtocol" => "TLSv1.3", 893 "MaxProtocol" => "TLSv1.3" 894 }, 895 test => { 896 "ExpectedClientCertType" => "Ed448", 897 "ExpectedClientSignType" => "Ed448", 898 "ExpectedResult" => "Success" 899 }, 900 }, 901 { 902 name => "TLS 1.3 ECDSA with brainpool but no suitable groups", 903 server => { 904 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 905 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 906 "Groups" => "brainpoolP256r1", 907 }, 908 client => { 909 "CipherString" => "aECDSA", 910 "RequestCAFile" => test_pem("root-cert.pem"), 911 "Groups" => "brainpoolP256r1", 912 }, 913 test => { 914 #We only configured brainpoolP256r1 on the client side, but TLSv1.3 915 #is enabled and this group is not allowed in TLSv1.3. Therefore this 916 #should fail 917 "ExpectedResult" => "ClientFail" 918 }, 919 }, 920 { 921 name => "TLS 1.3 ECDSA with brainpool", 922 server => { 923 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), 924 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), 925 }, 926 client => { 927 "RequestCAFile" => test_pem("root-cert.pem"), 928 "MinProtocol" => "TLSv1.3", 929 "MaxProtocol" => "TLSv1.3" 930 }, 931 test => { 932 "ExpectedResult" => "Success" 933 }, 934 }, 935); 936 937push @tests, @tests_tls_1_3 unless disabled("tls1_3"); 938push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode; 939 940my @tests_dsa_tls_1_2 = ( 941 { 942 name => "TLS 1.2 DSA Certificate Test", 943 server => { 944 "DSA.Certificate" => test_pem("server-dsa-cert.pem"), 945 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), 946 "DHParameters" => test_pem("dhp2048.pem"), 947 "MinProtocol" => "TLSv1.2", 948 "MaxProtocol" => "TLSv1.2", 949 "CipherString" => "ALL", 950 }, 951 client => { 952 "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1", 953 "CipherString" => "ALL", 954 }, 955 test => { 956 "ExpectedResult" => "Success" 957 }, 958 }, 959); 960 961my @tests_dsa_tls_1_3 = ( 962 { 963 name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms", 964 server => { 965 "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256", 966 "VerifyCAFile" => test_pem("root-cert.pem"), 967 "VerifyMode" => "Request" 968 }, 969 client => {}, 970 test => { 971 "ExpectedResult" => "ServerFail" 972 }, 973 }, 974 { 975 name => "TLS 1.3 DSA Certificate Test", 976 server => { 977 "DSA.Certificate" => test_pem("server-dsa-cert.pem"), 978 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), 979 "MinProtocol" => "TLSv1.3", 980 "MaxProtocol" => "TLSv1.3", 981 "CipherString" => "ALL", 982 }, 983 client => { 984 "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256", 985 "CipherString" => "ALL", 986 }, 987 test => { 988 "ExpectedResult" => "ServerFail" 989 }, 990 }, 991); 992 993if (!disabled("dsa")) { 994 push @tests, @tests_dsa_tls_1_2 unless disabled("dh"); 995 push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3"); 996} 997
