3 ## SSL test configurations
10 use OpenSSL::Test::Utils;
16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
17 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
19 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
21 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
22 "MaxProtocol" => "TLSv1.2"
26 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
27 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
28 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
29 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
30 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
31 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
32 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
33 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
34 "MaxProtocol" => "TLSv1.2"
37 my $server_pss_only = {
38 "Certificate" => test_pem("server-pss-cert.pem"),
39 "PrivateKey" => test_pem("server-pss-key.pem"),
42 my $server_pss_restrict_only = {
43 "Certificate" => test_pem("server-pss-restrict-cert.pem"),
44 "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
49 if ($no_deflt_libctx) {
51 "Certificate" => test_pem("servercert.pem"),
52 "PrivateKey" => test_pem("serverkey.pem"),
56 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
57 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
58 "Certificate" => test_pem("servercert.pem"),
59 "PrivateKey" => test_pem("serverkey.pem"),
65 name => "ECDSA CipherString Selection",
68 "CipherString" => "aECDSA",
69 "MaxProtocol" => "TLSv1.2",
70 "RequestCAFile" => test_pem("root-cert.pem"),
73 "ExpectedServerCertType" =>, "P-256",
74 "ExpectedServerSignType" =>, "EC",
75 # Note: certificate_authorities not sent for TLS < 1.3
76 "ExpectedServerCANames" =>, "empty",
77 "ExpectedResult" => "Success"
81 name => "ECDSA CipherString Selection",
83 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
84 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
85 "MaxProtocol" => "TLSv1.2",
86 #Deliberately set supported_groups to one not in the cert. This
91 "CipherString" => "aECDSA",
92 "MaxProtocol" => "TLSv1.2",
93 "Groups" => "P-256:P-384",
94 "RequestCAFile" => test_pem("root-cert.pem"),
97 "ExpectedServerCertType" =>, "P-256",
98 "ExpectedServerSignType" =>, "EC",
99 # Note: certificate_authorities not sent for TLS < 1.3
100 "ExpectedServerCANames" =>, "empty",
101 "ExpectedResult" => "Success"
105 name => "ECDSA CipherString Selection",
107 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
108 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
109 "MaxProtocol" => "TLSv1.2",
110 "Groups" => "P-256:P-384"
113 "CipherString" => "aECDSA",
114 "MaxProtocol" => "TLSv1.2",
115 #Deliberately set groups to not include the certificate group. This
118 "RequestCAFile" => test_pem("root-cert.pem"),
121 "ExpectedResult" => "ServerFail"
125 name => "RSA CipherString Selection",
128 "CipherString" => "aRSA",
129 "MaxProtocol" => "TLSv1.2",
132 "ExpectedServerCertType" =>, "RSA",
133 "ExpectedServerSignType" =>, "RSA-PSS",
134 "ExpectedResult" => "Success"
138 name => "P-256 CipherString and Signature Algorithm Selection",
141 "CipherString" => "aECDSA",
142 "MaxProtocol" => "TLSv1.2",
143 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
146 "ExpectedServerCertType" => "P-256",
147 "ExpectedServerSignHash" => "SHA256",
148 "ExpectedServerSignType" => "EC",
149 "ExpectedResult" => "Success"
153 name => "ECDSA CipherString Selection, no ECDSA certificate",
155 "MaxProtocol" => "TLSv1.2"
158 "CipherString" => "aECDSA",
159 "MaxProtocol" => "TLSv1.2"
162 "ExpectedResult" => "ServerFail"
166 name => "ECDSA Signature Algorithm Selection",
169 "SignatureAlgorithms" => "ECDSA+SHA256",
172 "ExpectedServerCertType" => "P-256",
173 "ExpectedServerSignHash" => "SHA256",
174 "ExpectedServerSignType" => "EC",
175 "ExpectedResult" => "Success"
179 name => "ECDSA Signature Algorithm Selection SHA384",
182 "SignatureAlgorithms" => "ECDSA+SHA384",
185 "ExpectedServerCertType" => "P-256",
186 "ExpectedServerSignHash" => "SHA384",
187 "ExpectedServerSignType" => "EC",
188 "ExpectedResult" => "Success"
192 name => "ECDSA Signature Algorithm Selection compressed point",
194 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
195 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
196 "MaxProtocol" => "TLSv1.2"
199 "SignatureAlgorithms" => "ECDSA+SHA256",
202 "ExpectedServerCertType" => "P-256",
203 "ExpectedServerSignHash" => "SHA256",
204 "ExpectedServerSignType" => "EC",
205 "ExpectedResult" => "Success"
209 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
211 "MaxProtocol" => "TLSv1.2"
214 "SignatureAlgorithms" => "ECDSA+SHA256",
217 "ExpectedResult" => "ServerFail"
221 name => "RSA Signature Algorithm Selection",
224 "SignatureAlgorithms" => "RSA+SHA256",
227 "ExpectedServerCertType" => "RSA",
228 "ExpectedServerSignHash" => "SHA256",
229 "ExpectedServerSignType" => "RSA",
230 "ExpectedResult" => "Success"
234 name => "RSA-PSS Signature Algorithm Selection",
237 "SignatureAlgorithms" => "RSA-PSS+SHA256",
240 "ExpectedServerCertType" => "RSA",
241 "ExpectedServerSignHash" => "SHA256",
242 "ExpectedServerSignType" => "RSA-PSS",
243 "ExpectedResult" => "Success"
247 name => "RSA key exchange with all RSA certificate types",
248 server => $server_rsa_all,
250 "CipherString" => "kRSA",
251 "MaxProtocol" => "TLSv1.2",
254 "ExpectedServerCertType" =>, "RSA",
255 "ExpectedResult" => "Success"
259 name => "Suite B P-256 Hash Algorithm Selection",
261 "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
262 "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
263 "MaxProtocol" => "TLSv1.2",
264 "CipherString" => "SUITEB128"
267 "VerifyCAFile" => test_pem("p384-root.pem"),
268 "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
271 "ExpectedServerCertType" => "P-256",
272 "ExpectedServerSignHash" => "SHA256",
273 "ExpectedServerSignType" => "EC",
274 "ExpectedResult" => "Success"
278 name => "Suite B P-384 Hash Algorithm Selection",
280 "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
281 "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
282 "MaxProtocol" => "TLSv1.2",
283 "CipherString" => "SUITEB128"
286 "VerifyCAFile" => test_pem("p384-root.pem"),
287 "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
290 "ExpectedServerCertType" => "P-384",
291 "ExpectedServerSignHash" => "SHA384",
292 "ExpectedServerSignType" => "EC",
293 "ExpectedResult" => "Success"
297 name => "Ed25519 CipherString and Signature Algorithm Selection",
300 "CipherString" => "aECDSA",
301 "MaxProtocol" => "TLSv1.2",
302 "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
303 "RequestCAFile" => test_pem("root-cert.pem"),
306 "ExpectedServerCertType" =>, "Ed25519",
307 "ExpectedServerSignType" =>, "Ed25519",
308 # Note: certificate_authorities not sent for TLS < 1.3
309 "ExpectedServerCANames" =>, "empty",
310 "ExpectedResult" => "Success"
314 name => "Ed448 CipherString and Signature Algorithm Selection",
317 "CipherString" => "aECDSA",
318 "MaxProtocol" => "TLSv1.2",
319 "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
320 "RequestCAFile" => test_pem("root-ed448-cert.pem"),
321 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
324 "ExpectedServerCertType" =>, "Ed448",
325 "ExpectedServerSignType" =>, "Ed448",
326 # Note: certificate_authorities not sent for TLS < 1.3
327 "ExpectedServerCANames" =>, "empty",
328 "ExpectedResult" => "Success"
332 name => "Ed25519 CipherString and Curves Selection",
335 "CipherString" => "aECDSA",
336 "MaxProtocol" => "TLSv1.2",
337 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
338 # Excluding P-256 from the supported curves list means server
339 # certificate should be Ed25519 and not P-256
343 "ExpectedServerCertType" =>, "Ed25519",
344 "ExpectedServerSignType" =>, "Ed25519",
345 "ExpectedResult" => "Success"
349 name => "Ed448 CipherString and Curves Selection",
352 "CipherString" => "aECDSA",
353 "MaxProtocol" => "TLSv1.2",
354 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
355 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
356 # Excluding P-256 from the supported curves list means server
357 # certificate should be Ed25519 and not P-256
361 "ExpectedServerCertType" =>, "Ed448",
362 "ExpectedServerSignType" =>, "Ed448",
363 "ExpectedResult" => "Success"
367 name => "TLS 1.2 Ed25519 Client Auth",
369 "VerifyCAFile" => test_pem("root-cert.pem"),
370 "VerifyMode" => "Require"
373 "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
374 "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
375 "MinProtocol" => "TLSv1.2",
376 "MaxProtocol" => "TLSv1.2"
379 "ExpectedClientCertType" => "Ed25519",
380 "ExpectedClientSignType" => "Ed25519",
381 "ExpectedResult" => "Success"
385 name => "TLS 1.2 Ed448 Client Auth",
387 "VerifyCAFile" => test_pem("root-cert.pem"),
388 "VerifyMode" => "Require"
391 "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
392 "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
393 "MinProtocol" => "TLSv1.2",
394 "MaxProtocol" => "TLSv1.2"
397 "ExpectedClientCertType" => "Ed448",
398 "ExpectedClientSignType" => "Ed448",
399 "ExpectedResult" => "Success"
404 my @tests_non_fips = (
406 name => "ECDSA Signature Algorithm Selection SHA1",
408 "CipherString" => "DEFAULT:\@SECLEVEL=0",
409 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
410 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
411 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
412 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
413 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
414 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
415 "MaxProtocol" => "TLSv1.2"
418 "CipherString" => "DEFAULT:\@SECLEVEL=0",
419 "SignatureAlgorithms" => "ECDSA+SHA1",
422 "ExpectedServerCertType" => "P-256",
423 "ExpectedServerSignHash" => "SHA1",
424 "ExpectedServerSignType" => "EC",
425 "ExpectedResult" => "Success"
429 name => "ECDSA with brainpool",
431 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
432 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
433 "Groups" => "brainpoolP256r1",
436 "MaxProtocol" => "TLSv1.2",
437 "CipherString" => "aECDSA",
438 "RequestCAFile" => test_pem("root-cert.pem"),
439 "Groups" => "brainpoolP256r1",
442 "ExpectedServerCertType" =>, "brainpoolP256r1",
443 "ExpectedServerSignType" =>, "EC",
444 # Note: certificate_authorities not sent for TLS < 1.3
445 "ExpectedServerCANames" =>, "empty",
446 "ExpectedResult" => "Success"
453 name => "RSA-PSS Certificate CipherString Selection",
454 server => $server_pss,
456 "CipherString" => "aRSA",
457 "MaxProtocol" => "TLSv1.2",
460 "ExpectedServerCertType" =>, "RSA-PSS",
461 "ExpectedServerSignType" =>, "RSA-PSS",
462 "ExpectedResult" => "Success"
466 name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
467 server => $server_pss,
469 "SignatureAlgorithms" => "RSA-PSS+SHA256",
472 "ExpectedServerCertType" => "RSA",
473 "ExpectedServerSignHash" => "SHA256",
474 "ExpectedServerSignType" => "RSA-PSS",
475 "ExpectedResult" => "Success"
479 name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
480 server => $server_pss,
482 "SignatureAlgorithms" => "rsa_pss_pss_sha256",
485 "ExpectedServerCertType" => "RSA-PSS",
486 "ExpectedServerSignHash" => "SHA256",
487 "ExpectedServerSignType" => "RSA-PSS",
488 "ExpectedResult" => "Success"
492 name => "Only RSA-PSS Certificate",
493 server => $server_pss_only,
496 "ExpectedServerCertType" => "RSA-PSS",
497 "ExpectedServerSignHash" => "SHA256",
498 "ExpectedServerSignType" => "RSA-PSS",
499 "ExpectedResult" => "Success"
503 name => "Only RSA-PSS Certificate Valid Signature Algorithms",
504 server => $server_pss_only,
506 "SignatureAlgorithms" => "rsa_pss_pss_sha512",
509 "ExpectedServerCertType" => "RSA-PSS",
510 "ExpectedServerSignHash" => "SHA512",
511 "ExpectedServerSignType" => "RSA-PSS",
512 "ExpectedResult" => "Success"
516 name => "RSA-PSS Certificate, no PSS signature algorithms",
517 server => $server_pss_only,
519 "SignatureAlgorithms" => "RSA+SHA256",
522 "ExpectedResult" => "ServerFail"
526 name => "Only RSA-PSS Restricted Certificate",
527 server => $server_pss_restrict_only,
530 "ExpectedServerCertType" => "RSA-PSS",
531 "ExpectedServerSignHash" => "SHA256",
532 "ExpectedServerSignType" => "RSA-PSS",
533 "ExpectedResult" => "Success"
537 name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
538 server => $server_pss_restrict_only,
540 "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
543 "ExpectedServerCertType" => "RSA-PSS",
544 "ExpectedServerSignHash" => "SHA256",
545 "ExpectedServerSignType" => "RSA-PSS",
546 "ExpectedResult" => "Success"
550 name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
551 server => $server_pss_restrict_only,
553 "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
556 "ExpectedServerCertType" => "RSA-PSS",
557 "ExpectedServerSignHash" => "SHA256",
558 "ExpectedServerSignType" => "RSA-PSS",
559 "ExpectedResult" => "Success"
563 name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
564 server => $server_pss_restrict_only,
566 "SignatureAlgorithms" => "rsa_pss_pss_sha512",
569 "ExpectedResult" => "ServerFail"
573 name => "RSA key exchange with only RSA-PSS certificate",
574 server => $server_pss_only,
576 "CipherString" => "kRSA",
577 "MaxProtocol" => "TLSv1.2",
580 "ExpectedResult" => "ServerFail"
585 my @tests_tls_1_1 = (
587 name => "Only RSA-PSS Certificate, TLS v1.1",
588 server => $server_pss_only,
590 "MaxProtocol" => "TLSv1.1",
593 "ExpectedResult" => "ServerFail"
598 push @tests, @tests_non_fips unless $fips_mode;
599 push @tests, @tests_pss;
600 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
606 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
607 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
608 "MinProtocol" => "TLSv1.3",
609 "MaxProtocol" => "TLSv1.3"
613 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
614 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
615 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
616 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
617 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
618 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
619 "MinProtocol" => "TLSv1.3",
620 "MaxProtocol" => "TLSv1.3"
624 my $client_tls_1_3 = {
625 "RSA.Certificate" => test_pem("ee-client-chain.pem"),
626 "RSA.PrivateKey" => test_pem("ee-key.pem"),
627 "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
628 "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
629 "MinProtocol" => "TLSv1.3",
630 "MaxProtocol" => "TLSv1.3"
633 my @tests_tls_1_3 = (
635 name => "TLS 1.3 ECDSA Signature Algorithm Selection",
636 server => $server_tls_1_3,
638 "SignatureAlgorithms" => "ECDSA+SHA256",
641 "ExpectedServerCertType" => "P-256",
642 "ExpectedServerSignHash" => "SHA256",
643 "ExpectedServerSignType" => "EC",
644 "ExpectedServerCANames" => "empty",
645 "ExpectedResult" => "Success"
649 name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
651 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
652 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
653 "MinProtocol" => "TLSv1.3",
654 "MaxProtocol" => "TLSv1.3"
657 "SignatureAlgorithms" => "ECDSA+SHA256",
660 "ExpectedServerCertType" => "P-256",
661 "ExpectedServerSignHash" => "SHA256",
662 "ExpectedServerSignType" => "EC",
663 "ExpectedServerCANames" => "empty",
664 "ExpectedResult" => "Success"
668 name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
670 "CipherString" => "DEFAULT:\@SECLEVEL=0",
671 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
672 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
673 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
674 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
675 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
676 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
677 "MinProtocol" => "TLSv1.3",
678 "MaxProtocol" => "TLSv1.3"
681 "CipherString" => "DEFAULT:\@SECLEVEL=0",
682 "SignatureAlgorithms" => "ECDSA+SHA1",
685 "ExpectedResult" => "ServerFail"
689 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
690 server => $server_tls_1_3,
692 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
693 "RequestCAFile" => test_pem("root-cert.pem"),
696 "ExpectedServerCertType" => "P-256",
697 "ExpectedServerSignHash" => "SHA256",
698 "ExpectedServerSignType" => "EC",
699 "ExpectedServerCANames" => test_pem("root-cert.pem"),
700 "ExpectedResult" => "Success"
704 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
705 server => $server_tls_1_3,
707 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
710 "ExpectedServerCertType" => "RSA",
711 "ExpectedServerSignHash" => "SHA384",
712 "ExpectedServerSignType" => "RSA-PSS",
713 "ExpectedResult" => "Success"
717 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
719 "MinProtocol" => "TLSv1.3",
720 "MaxProtocol" => "TLSv1.3"
723 "SignatureAlgorithms" => "ECDSA+SHA256",
726 "ExpectedResult" => "ServerFail"
730 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
731 server => $server_tls_1_3,
733 "SignatureAlgorithms" => "RSA+SHA256",
736 "ExpectedResult" => "ServerFail"
740 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
741 server => $server_tls_1_3,
743 "SignatureAlgorithms" => "RSA-PSS+SHA256",
746 "ExpectedServerCertType" => "RSA",
747 "ExpectedServerSignHash" => "SHA256",
748 "ExpectedServerSignType" => "RSA-PSS",
749 "ExpectedResult" => "Success"
753 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
755 "ClientSignatureAlgorithms" => "PSS+SHA256",
756 "VerifyCAFile" => test_pem("root-cert.pem"),
757 "VerifyMode" => "Require"
759 client => $client_tls_1_3,
761 "ExpectedClientCertType" => "RSA",
762 "ExpectedClientSignHash" => "SHA256",
763 "ExpectedClientSignType" => "RSA-PSS",
764 "ExpectedClientCANames" => "empty",
765 "ExpectedResult" => "Success"
769 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
771 "ClientSignatureAlgorithms" => "PSS+SHA256",
772 "VerifyCAFile" => test_pem("root-cert.pem"),
773 "RequestCAFile" => test_pem("root-cert.pem"),
774 "VerifyMode" => "Require"
776 client => $client_tls_1_3,
778 "ExpectedClientCertType" => "RSA",
779 "ExpectedClientSignHash" => "SHA256",
780 "ExpectedClientSignType" => "RSA-PSS",
781 "ExpectedClientCANames" => test_pem("root-cert.pem"),
782 "ExpectedResult" => "Success"
786 name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
788 "ClientSignatureAlgorithms" => "ECDSA+SHA256",
789 "VerifyCAFile" => test_pem("root-cert.pem"),
790 "VerifyMode" => "Require"
792 client => $client_tls_1_3,
794 "ExpectedClientCertType" => "P-256",
795 "ExpectedClientSignHash" => "SHA256",
796 "ExpectedClientSignType" => "EC",
797 "ExpectedResult" => "Success"
802 my @tests_tls_1_3_non_fips = (
804 name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
805 server => $server_tls_1_3,
807 "SignatureAlgorithms" => "ed25519",
810 "ExpectedServerCertType" => "Ed25519",
811 "ExpectedServerSignType" => "Ed25519",
812 "ExpectedResult" => "Success"
816 name => "TLS 1.3 Ed448 Signature Algorithm Selection",
817 server => $server_tls_1_3,
819 "SignatureAlgorithms" => "ed448",
820 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
823 "ExpectedServerCertType" => "Ed448",
824 "ExpectedServerSignType" => "Ed448",
825 "ExpectedResult" => "Success"
829 name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
830 server => $server_tls_1_3,
832 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
833 # Excluding P-256 from the supported groups list should
834 # mean server still uses a P-256 certificate because supported
835 # groups is not used in signature selection for TLS 1.3
839 "ExpectedServerCertType" =>, "P-256",
840 "ExpectedServerSignType" =>, "EC",
841 "ExpectedResult" => "Success"
845 name => "TLS 1.3 Ed448 CipherString and Groups Selection",
846 server => $server_tls_1_3,
848 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
849 # Excluding P-256 from the supported groups list should
850 # mean server still uses a P-256 certificate because supported
851 # groups is not used in signature selection for TLS 1.3
855 "ExpectedServerCertType" =>, "P-256",
856 "ExpectedServerSignType" =>, "EC",
857 "ExpectedResult" => "Success"
861 name => "TLS 1.3 Ed25519 Client Auth",
863 "VerifyCAFile" => test_pem("root-cert.pem"),
864 "VerifyMode" => "Require"
867 "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
868 "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
869 "MinProtocol" => "TLSv1.3",
870 "MaxProtocol" => "TLSv1.3"
873 "ExpectedClientCertType" => "Ed25519",
874 "ExpectedClientSignType" => "Ed25519",
875 "ExpectedResult" => "Success"
879 name => "TLS 1.3 Ed448 Client Auth",
881 "VerifyCAFile" => test_pem("root-cert.pem"),
882 "VerifyMode" => "Require"
885 "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
886 "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
887 "MinProtocol" => "TLSv1.3",
888 "MaxProtocol" => "TLSv1.3"
891 "ExpectedClientCertType" => "Ed448",
892 "ExpectedClientSignType" => "Ed448",
893 "ExpectedResult" => "Success"
897 name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
899 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
900 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
901 "Groups" => "brainpoolP256r1",
904 "CipherString" => "aECDSA",
905 "RequestCAFile" => test_pem("root-cert.pem"),
906 "Groups" => "brainpoolP256r1",
909 #We only configured brainpoolP256r1 on the client side, but TLSv1.3
910 #is enabled and this group is not allowed in TLSv1.3. Therefore this
912 "ExpectedResult" => "ServerFail"
916 name => "TLS 1.3 ECDSA with brainpool",
918 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
919 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
922 "RequestCAFile" => test_pem("root-cert.pem"),
923 "MinProtocol" => "TLSv1.3",
924 "MaxProtocol" => "TLSv1.3"
927 "ExpectedResult" => "Success"
932 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
933 push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
935 my @tests_dsa_tls_1_2 = (
937 name => "TLS 1.2 DSA Certificate Test",
939 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
940 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
941 "DHParameters" => test_pem("dhp2048.pem"),
942 "MinProtocol" => "TLSv1.2",
943 "MaxProtocol" => "TLSv1.2",
944 "CipherString" => "ALL",
947 "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
948 "CipherString" => "ALL",
951 "ExpectedResult" => "Success"
956 my @tests_dsa_tls_1_3 = (
958 name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
960 "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
961 "VerifyCAFile" => test_pem("root-cert.pem"),
962 "VerifyMode" => "Request"
966 "ExpectedResult" => "ServerFail"
970 name => "TLS 1.3 DSA Certificate Test",
972 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
973 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
974 "MinProtocol" => "TLSv1.3",
975 "MaxProtocol" => "TLSv1.3",
976 "CipherString" => "ALL",
979 "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
980 "CipherString" => "ALL",
983 "ExpectedResult" => "ServerFail"
988 if (!disabled("dsa")) {
989 push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
990 push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");