test/ssl-tests/20-cert-select.cnf.in

   1 # -*- mode: perl; -*-
   2
   3 ## SSL test configurations
   4
   5
   6 use strict;
   7 use warnings;
   8
   9 package ssltests;
  10 use OpenSSL::Test::Utils;
  11
  12 our $fips_mode;
  13 our $no_deflt_libctx;
  14
  15 my $server = {
  16     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  17     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  18     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  19     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  20     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  21     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  22     "MaxProtocol" => "TLSv1.2"
  23 };
  24
  25 my $server_pss = {
  26     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  27     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  28     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  29     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  30     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  31     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  32     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  33     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  34     "MaxProtocol" => "TLSv1.2"
  35 };
  36
  37 my $server_pss_only = {
  38     "Certificate" => test_pem("server-pss-cert.pem"),
  39     "PrivateKey" => test_pem("server-pss-key.pem"),
  40 };
  41
  42 my $server_pss_restrict_only = {
  43     "Certificate" => test_pem("server-pss-restrict-cert.pem"),
  44     "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
  45 };
  46
  47 my $server_rsa_all;
  48
  49 if ($no_deflt_libctx) {
  50     $server_rsa_all = {
  51         "Certificate" => test_pem("servercert.pem"),
  52         "PrivateKey" => test_pem("serverkey.pem"),
  53     };
  54 } else {
  55     $server_rsa_all = {
  56         "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  57         "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  58         "Certificate" => test_pem("servercert.pem"),
  59         "PrivateKey" => test_pem("serverkey.pem"),
  60     };
  61 }
  62
  63 our @tests = (
  64     {
  65         name => "ECDSA CipherString Selection",
  66         server => $server,
  67         client => {
  68             "CipherString" => "aECDSA",
  69             "MaxProtocol" => "TLSv1.2",
  70             "RequestCAFile" => test_pem("root-cert.pem"),
  71         },
  72         test   => {
  73             "ExpectedServerCertType" =>, "P-256",
  74             "ExpectedServerSignType" =>, "EC",
  75             # Note: certificate_authorities not sent for TLS < 1.3
  76             "ExpectedServerCANames" =>, "empty",
  77             "ExpectedResult" => "Success"
  78         },
  79     },
  80     {
  81         name => "ECDSA CipherString Selection",
  82         server => {
  83             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  84             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  85             "MaxProtocol" => "TLSv1.2",
  86             #Deliberately set supported_groups to one not in the cert. This
  87             #should be tolerated
  88             "Groups" => "P-384"
  89         },
  90         client => {
  91             "CipherString" => "aECDSA",
  92             "MaxProtocol" => "TLSv1.2",
  93             "Groups" => "P-256:P-384",
  94             "RequestCAFile" => test_pem("root-cert.pem"),
  95         },
  96         test   => {
  97             "ExpectedServerCertType" =>, "P-256",
  98             "ExpectedServerSignType" =>, "EC",
  99             # Note: certificate_authorities not sent for TLS < 1.3
 100             "ExpectedServerCANames" =>, "empty",
 101             "ExpectedResult" => "Success"
 102         },
 103     },
 104     {
 105         name => "ECDSA CipherString Selection",
 106         server => {
 107             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 108             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 109             "MaxProtocol" => "TLSv1.2",
 110             "Groups" => "P-256:P-384"
 111         },
 112         client => {
 113             "CipherString" => "aECDSA",
 114             "MaxProtocol" => "TLSv1.2",
 115             #Deliberately set groups to not include the certificate group. This
 116             #should fail
 117             "Groups" => "P-384",
 118             "RequestCAFile" => test_pem("root-cert.pem"),
 119         },
 120         test   => {
 121             "ExpectedResult" => "ServerFail"
 122         },
 123     },
 124     {
 125         name => "RSA CipherString Selection",
 126         server => $server,
 127         client => {
 128             "CipherString" => "aRSA",
 129             "MaxProtocol" => "TLSv1.2",
 130         },
 131         test   => {
 132             "ExpectedServerCertType" =>, "RSA",
 133             "ExpectedServerSignType" =>, "RSA-PSS",
 134             "ExpectedResult" => "Success"
 135         },
 136     },
 137     {
 138         name => "P-256 CipherString and Signature Algorithm Selection",
 139         server => $server,
 140         client => {
 141             "CipherString" => "aECDSA",
 142             "MaxProtocol" => "TLSv1.2",
 143             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 144         },
 145         test   => {
 146             "ExpectedServerCertType" => "P-256",
 147             "ExpectedServerSignHash" => "SHA256",
 148             "ExpectedServerSignType" => "EC",
 149             "ExpectedResult" => "Success"
 150         },
 151     },
 152     {
 153         name => "ECDSA CipherString Selection, no ECDSA certificate",
 154         server => {
 155             "MaxProtocol" => "TLSv1.2"
 156         },
 157         client => {
 158             "CipherString" => "aECDSA",
 159             "MaxProtocol" => "TLSv1.2"
 160         },
 161         test   => {
 162             "ExpectedResult" => "ServerFail"
 163         },
 164     },
 165     {
 166         name => "ECDSA Signature Algorithm Selection",
 167         server => $server,
 168         client => {
 169             "SignatureAlgorithms" => "ECDSA+SHA256",
 170         },
 171         test   => {
 172             "ExpectedServerCertType" => "P-256",
 173             "ExpectedServerSignHash" => "SHA256",
 174             "ExpectedServerSignType" => "EC",
 175             "ExpectedResult" => "Success"
 176         },
 177     },
 178     {
 179         name => "ECDSA Signature Algorithm Selection SHA384",
 180         server => $server,
 181         client => {
 182             "SignatureAlgorithms" => "ECDSA+SHA384",
 183         },
 184         test   => {
 185             "ExpectedServerCertType" => "P-256",
 186             "ExpectedServerSignHash" => "SHA384",
 187             "ExpectedServerSignType" => "EC",
 188             "ExpectedResult" => "Success"
 189         },
 190     },
 191     {
 192         name => "ECDSA Signature Algorithm Selection compressed point",
 193         server => {
 194             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 195             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 196             "MaxProtocol" => "TLSv1.2"
 197         },
 198         client => {
 199             "SignatureAlgorithms" => "ECDSA+SHA256",
 200         },
 201         test   => {
 202             "ExpectedServerCertType" => "P-256",
 203             "ExpectedServerSignHash" => "SHA256",
 204             "ExpectedServerSignType" => "EC",
 205             "ExpectedResult" => "Success"
 206         },
 207     },
 208     {
 209         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
 210         server => {
 211              "MaxProtocol" => "TLSv1.2"
 212         },
 213         client => {
 214             "SignatureAlgorithms" => "ECDSA+SHA256",
 215         },
 216         test   => {
 217             "ExpectedResult" => "ServerFail"
 218         },
 219     },
 220     {
 221         name => "RSA Signature Algorithm Selection",
 222         server => $server,
 223         client => {
 224             "SignatureAlgorithms" => "RSA+SHA256",
 225         },
 226         test   => {
 227             "ExpectedServerCertType" => "RSA",
 228             "ExpectedServerSignHash" => "SHA256",
 229             "ExpectedServerSignType" => "RSA",
 230             "ExpectedResult" => "Success"
 231         },
 232     },
 233     {
 234         name => "RSA-PSS Signature Algorithm Selection",
 235         server => $server,
 236         client => {
 237             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 238         },
 239         test   => {
 240             "ExpectedServerCertType" => "RSA",
 241             "ExpectedServerSignHash" => "SHA256",
 242             "ExpectedServerSignType" => "RSA-PSS",
 243             "ExpectedResult" => "Success"
 244         },
 245     },
 246     {
 247         name => "RSA key exchange with all RSA certificate types",
 248         server => $server_rsa_all,
 249         client => {
 250             "CipherString" => "kRSA",
 251             "MaxProtocol" => "TLSv1.2",
 252         },
 253         test   => {
 254             "ExpectedServerCertType" =>, "RSA",
 255             "ExpectedResult" => "Success"
 256         },
 257     },
 258     {
 259         name => "Suite B P-256 Hash Algorithm Selection",
 260         server =>  {
 261             "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
 262             "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
 263             "MaxProtocol" => "TLSv1.2",
 264             "CipherString" => "SUITEB128"
 265         },
 266         client => {
 267             "VerifyCAFile" => test_pem("p384-root.pem"),
 268             "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
 269         },
 270         test   => {
 271             "ExpectedServerCertType" => "P-256",
 272             "ExpectedServerSignHash" => "SHA256",
 273             "ExpectedServerSignType" => "EC",
 274             "ExpectedResult" => "Success"
 275         },
 276     },
 277     {
 278         name => "Suite B P-384 Hash Algorithm Selection",
 279         server =>  {
 280             "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
 281             "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
 282             "MaxProtocol" => "TLSv1.2",
 283             "CipherString" => "SUITEB128"
 284         },
 285         client => {
 286             "VerifyCAFile" => test_pem("p384-root.pem"),
 287             "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
 288         },
 289         test   => {
 290             "ExpectedServerCertType" => "P-384",
 291             "ExpectedServerSignHash" => "SHA384",
 292             "ExpectedServerSignType" => "EC",
 293             "ExpectedResult" => "Success"
 294         },
 295     },
 296     {
 297         name => "Ed25519 CipherString and Signature Algorithm Selection",
 298         server => $server,
 299         client => {
 300             "CipherString" => "aECDSA",
 301             "MaxProtocol" => "TLSv1.2",
 302             "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
 303             "RequestCAFile" => test_pem("root-cert.pem"),
 304         },
 305         test   => {
 306             "ExpectedServerCertType" =>, "Ed25519",
 307             "ExpectedServerSignType" =>, "Ed25519",
 308             # Note: certificate_authorities not sent for TLS < 1.3
 309             "ExpectedServerCANames" =>, "empty",
 310             "ExpectedResult" => "Success"
 311         },
 312     },
 313     {
 314         name => "Ed448 CipherString and Signature Algorithm Selection",
 315         server => $server,
 316         client => {
 317             "CipherString" => "aECDSA",
 318             "MaxProtocol" => "TLSv1.2",
 319             "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
 320             "RequestCAFile" => test_pem("root-ed448-cert.pem"),
 321             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 322         },
 323         test   => {
 324             "ExpectedServerCertType" =>, "Ed448",
 325             "ExpectedServerSignType" =>, "Ed448",
 326             # Note: certificate_authorities not sent for TLS < 1.3
 327             "ExpectedServerCANames" =>, "empty",
 328             "ExpectedResult" => "Success"
 329         },
 330     },
 331     {
 332         name => "Ed25519 CipherString and Curves Selection",
 333         server => $server,
 334         client => {
 335             "CipherString" => "aECDSA",
 336             "MaxProtocol" => "TLSv1.2",
 337             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 338             # Excluding P-256 from the supported curves list means server
 339             # certificate should be Ed25519 and not P-256
 340             "Curves" => "X25519"
 341         },
 342         test   => {
 343             "ExpectedServerCertType" =>, "Ed25519",
 344             "ExpectedServerSignType" =>, "Ed25519",
 345             "ExpectedResult" => "Success"
 346         },
 347     },
 348     {
 349         name => "Ed448 CipherString and Curves Selection",
 350         server => $server,
 351         client => {
 352             "CipherString" => "aECDSA",
 353             "MaxProtocol" => "TLSv1.2",
 354             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 355             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 356             # Excluding P-256 from the supported curves list means server
 357             # certificate should be Ed25519 and not P-256
 358             "Curves" => "X448"
 359         },
 360         test   => {
 361             "ExpectedServerCertType" =>, "Ed448",
 362             "ExpectedServerSignType" =>, "Ed448",
 363             "ExpectedResult" => "Success"
 364         },
 365     },
 366     {
 367         name => "TLS 1.2 Ed25519 Client Auth",
 368         server => {
 369             "VerifyCAFile" => test_pem("root-cert.pem"),
 370             "VerifyMode" => "Require"
 371         },
 372         client => {
 373             "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
 374             "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
 375             "MinProtocol" => "TLSv1.2",
 376             "MaxProtocol" => "TLSv1.2"
 377         },
 378         test   => {
 379             "ExpectedClientCertType" => "Ed25519",
 380             "ExpectedClientSignType" => "Ed25519",
 381             "ExpectedResult" => "Success"
 382         },
 383     },
 384     {
 385         name => "TLS 1.2 Ed448 Client Auth",
 386         server => {
 387             "VerifyCAFile" => test_pem("root-cert.pem"),
 388             "VerifyMode" => "Require"
 389         },
 390         client => {
 391             "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
 392             "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
 393             "MinProtocol" => "TLSv1.2",
 394             "MaxProtocol" => "TLSv1.2"
 395         },
 396         test   => {
 397             "ExpectedClientCertType" => "Ed448",
 398             "ExpectedClientSignType" => "Ed448",
 399             "ExpectedResult" => "Success"
 400         },
 401     },
 402 );
 403
 404 my @tests_non_fips = (
 405     {
 406         name => "ECDSA Signature Algorithm Selection SHA1",
 407         server => {
 408             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 409             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 410             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 411             "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 412             "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 413             "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 414             "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 415             "MaxProtocol" => "TLSv1.2"
 416         },
 417         client => {
 418             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 419             "SignatureAlgorithms" => "ECDSA+SHA1",
 420         },
 421         test   => {
 422             "ExpectedServerCertType" => "P-256",
 423             "ExpectedServerSignHash" => "SHA1",
 424             "ExpectedServerSignType" => "EC",
 425             "ExpectedResult" => "Success"
 426         },
 427     },
 428     {
 429         name => "ECDSA with brainpool",
 430         server =>  {
 431             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 432             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 433             "Groups" => "brainpoolP256r1",
 434         },
 435         client => {
 436             "MaxProtocol" => "TLSv1.2",
 437             "CipherString" => "aECDSA",
 438             "RequestCAFile" => test_pem("root-cert.pem"),
 439             "Groups" => "brainpoolP256r1",
 440         },
 441         test   => {
 442             "ExpectedServerCertType" =>, "brainpoolP256r1",
 443             "ExpectedServerSignType" =>, "EC",
 444             # Note: certificate_authorities not sent for TLS < 1.3
 445             "ExpectedServerCANames" =>, "empty",
 446             "ExpectedResult" => "Success"
 447         },
 448     },
 449 );
 450
 451 my @tests_pss = (
 452     {
 453         name => "RSA-PSS Certificate CipherString Selection",
 454         server => $server_pss,
 455         client => {
 456             "CipherString" => "aRSA",
 457             "MaxProtocol" => "TLSv1.2",
 458         },
 459         test   => {
 460             "ExpectedServerCertType" =>, "RSA-PSS",
 461             "ExpectedServerSignType" =>, "RSA-PSS",
 462             "ExpectedResult" => "Success"
 463         },
 464     },
 465     {
 466         name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
 467         server => $server_pss,
 468         client => {
 469             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 470         },
 471         test   => {
 472             "ExpectedServerCertType" => "RSA",
 473             "ExpectedServerSignHash" => "SHA256",
 474             "ExpectedServerSignType" => "RSA-PSS",
 475             "ExpectedResult" => "Success"
 476         },
 477     },
 478     {
 479         name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
 480         server => $server_pss,
 481         client => {
 482             "SignatureAlgorithms" => "rsa_pss_pss_sha256",
 483         },
 484         test   => {
 485             "ExpectedServerCertType" => "RSA-PSS",
 486             "ExpectedServerSignHash" => "SHA256",
 487             "ExpectedServerSignType" => "RSA-PSS",
 488             "ExpectedResult" => "Success"
 489         },
 490     },
 491     {
 492         name => "Only RSA-PSS Certificate",
 493         server => $server_pss_only,
 494         client => {},
 495         test   => {
 496             "ExpectedServerCertType" => "RSA-PSS",
 497             "ExpectedServerSignHash" => "SHA256",
 498             "ExpectedServerSignType" => "RSA-PSS",
 499             "ExpectedResult" => "Success"
 500         },
 501     },
 502     {
 503         name => "Only RSA-PSS Certificate Valid Signature Algorithms",
 504         server => $server_pss_only,
 505         client => {
 506             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 507         },
 508         test   => {
 509             "ExpectedServerCertType" => "RSA-PSS",
 510             "ExpectedServerSignHash" => "SHA512",
 511             "ExpectedServerSignType" => "RSA-PSS",
 512             "ExpectedResult" => "Success"
 513         },
 514     },
 515     {
 516         name => "RSA-PSS Certificate, no PSS signature algorithms",
 517         server => $server_pss_only,
 518         client => {
 519             "SignatureAlgorithms" => "RSA+SHA256",
 520         },
 521         test   => {
 522             "ExpectedResult" => "ServerFail"
 523         },
 524     },
 525     {
 526         name => "Only RSA-PSS Restricted Certificate",
 527         server => $server_pss_restrict_only,
 528         client => {},
 529         test   => {
 530             "ExpectedServerCertType" => "RSA-PSS",
 531             "ExpectedServerSignHash" => "SHA256",
 532             "ExpectedServerSignType" => "RSA-PSS",
 533             "ExpectedResult" => "Success"
 534         },
 535     },
 536     {
 537         name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
 538         server => $server_pss_restrict_only,
 539         client => {
 540             "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
 541         },
 542         test   => {
 543             "ExpectedServerCertType" => "RSA-PSS",
 544             "ExpectedServerSignHash" => "SHA256",
 545             "ExpectedServerSignType" => "RSA-PSS",
 546             "ExpectedResult" => "Success"
 547         },
 548     },
 549     {
 550         name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
 551         server => $server_pss_restrict_only,
 552         client => {
 553             "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
 554         },
 555         test   => {
 556             "ExpectedServerCertType" => "RSA-PSS",
 557             "ExpectedServerSignHash" => "SHA256",
 558             "ExpectedServerSignType" => "RSA-PSS",
 559             "ExpectedResult" => "Success"
 560         },
 561     },
 562     {
 563         name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
 564         server => $server_pss_restrict_only,
 565         client => {
 566             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 567         },
 568         test   => {
 569             "ExpectedResult" => "ServerFail"
 570         },
 571     },
 572     {
 573         name => "RSA key exchange with only RSA-PSS certificate",
 574         server => $server_pss_only,
 575         client => {
 576             "CipherString" => "kRSA",
 577             "MaxProtocol" => "TLSv1.2",
 578         },
 579         test   => {
 580             "ExpectedResult" => "ServerFail"
 581         },
 582     },
 583 );
 584
 585 my @tests_tls_1_1 = (
 586     {
 587         name => "Only RSA-PSS Certificate, TLS v1.1",
 588         server => $server_pss_only,
 589         client => {
 590             "MaxProtocol" => "TLSv1.1",
 591         },
 592         test   => {
 593             "ExpectedResult" => "ServerFail"
 594         },
 595     },
 596 );
 597
 598 push @tests, @tests_non_fips unless $fips_mode;
 599 push @tests, @tests_pss;
 600 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
 601
 602 my $server_tls_1_3;
 603
 604 if ($fips_mode) {
 605     $server_tls_1_3 = {
 606         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 607         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 608         "MinProtocol" => "TLSv1.3",
 609         "MaxProtocol" => "TLSv1.3"
 610     };
 611 } else {
 612     $server_tls_1_3 = {
 613         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 614         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 615         "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 616         "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 617         "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 618         "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 619         "MinProtocol" => "TLSv1.3",
 620         "MaxProtocol" => "TLSv1.3"
 621     };
 622 }
 623
 624 my $client_tls_1_3 = {
 625     "RSA.Certificate" => test_pem("ee-client-chain.pem"),
 626     "RSA.PrivateKey" => test_pem("ee-key.pem"),
 627     "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
 628     "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
 629     "MinProtocol" => "TLSv1.3",
 630     "MaxProtocol" => "TLSv1.3"
 631 };
 632
 633 my @tests_tls_1_3 = (
 634     {
 635         name => "TLS 1.3 ECDSA Signature Algorithm Selection",
 636         server => $server_tls_1_3,
 637         client => {
 638             "SignatureAlgorithms" => "ECDSA+SHA256",
 639         },
 640         test   => {
 641             "ExpectedServerCertType" => "P-256",
 642             "ExpectedServerSignHash" => "SHA256",
 643             "ExpectedServerSignType" => "EC",
 644             "ExpectedServerCANames" => "empty",
 645             "ExpectedResult" => "Success"
 646         },
 647     },
 648     {
 649         name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
 650         server => {
 651             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 652             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 653             "MinProtocol" => "TLSv1.3",
 654             "MaxProtocol" => "TLSv1.3"
 655         },
 656         client => {
 657             "SignatureAlgorithms" => "ECDSA+SHA256",
 658         },
 659         test   => {
 660             "ExpectedServerCertType" => "P-256",
 661             "ExpectedServerSignHash" => "SHA256",
 662             "ExpectedServerSignType" => "EC",
 663             "ExpectedServerCANames" => "empty",
 664             "ExpectedResult" => "Success"
 665         },
 666     },
 667     {
 668         name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
 669         server => {
 670             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 671             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 672             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 673             "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 674             "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 675             "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 676             "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 677             "MinProtocol" => "TLSv1.3",
 678             "MaxProtocol" => "TLSv1.3"
 679         },
 680         client => {
 681             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 682             "SignatureAlgorithms" => "ECDSA+SHA1",
 683         },
 684         test   => {
 685             "ExpectedResult" => "ServerFail"
 686         },
 687     },
 688     {
 689         name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
 690         server => $server_tls_1_3,
 691         client => {
 692             "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
 693             "RequestCAFile" => test_pem("root-cert.pem"),
 694         },
 695         test   => {
 696             "ExpectedServerCertType" => "P-256",
 697             "ExpectedServerSignHash" => "SHA256",
 698             "ExpectedServerSignType" => "EC",
 699             "ExpectedServerCANames" => test_pem("root-cert.pem"),
 700             "ExpectedResult" => "Success"
 701         },
 702     },
 703     {
 704         name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
 705         server => $server_tls_1_3,
 706         client => {
 707             "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
 708         },
 709         test   => {
 710             "ExpectedServerCertType" => "RSA",
 711             "ExpectedServerSignHash" => "SHA384",
 712             "ExpectedServerSignType" => "RSA-PSS",
 713             "ExpectedResult" => "Success"
 714         },
 715     },
 716     {
 717         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
 718         server => {
 719             "MinProtocol" => "TLSv1.3",
 720             "MaxProtocol" => "TLSv1.3"
 721         },
 722         client => {
 723             "SignatureAlgorithms" => "ECDSA+SHA256",
 724         },
 725         test   => {
 726             "ExpectedResult" => "ServerFail"
 727         },
 728     },
 729     {
 730         name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
 731         server => $server_tls_1_3,
 732         client => {
 733             "SignatureAlgorithms" => "RSA+SHA256",
 734         },
 735         test   => {
 736             "ExpectedResult" => "ServerFail"
 737         },
 738     },
 739     {
 740         name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
 741         server => $server_tls_1_3,
 742         client => {
 743             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 744         },
 745         test   => {
 746             "ExpectedServerCertType" => "RSA",
 747             "ExpectedServerSignHash" => "SHA256",
 748             "ExpectedServerSignType" => "RSA-PSS",
 749             "ExpectedResult" => "Success"
 750         },
 751     },
 752     {
 753         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
 754         server => {
 755             "ClientSignatureAlgorithms" => "PSS+SHA256",
 756             "VerifyCAFile" => test_pem("root-cert.pem"),
 757             "VerifyMode" => "Require"
 758         },
 759         client => $client_tls_1_3,
 760         test   => {
 761             "ExpectedClientCertType" => "RSA",
 762             "ExpectedClientSignHash" => "SHA256",
 763             "ExpectedClientSignType" => "RSA-PSS",
 764             "ExpectedClientCANames" => "empty",
 765             "ExpectedResult" => "Success"
 766         },
 767     },
 768     {
 769         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
 770         server => {
 771             "ClientSignatureAlgorithms" => "PSS+SHA256",
 772             "VerifyCAFile" => test_pem("root-cert.pem"),
 773             "RequestCAFile" => test_pem("root-cert.pem"),
 774             "VerifyMode" => "Require"
 775         },
 776         client => $client_tls_1_3,
 777         test   => {
 778             "ExpectedClientCertType" => "RSA",
 779             "ExpectedClientSignHash" => "SHA256",
 780             "ExpectedClientSignType" => "RSA-PSS",
 781             "ExpectedClientCANames" => test_pem("root-cert.pem"),
 782             "ExpectedResult" => "Success"
 783         },
 784     },
 785     {
 786         name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
 787         server => {
 788             "ClientSignatureAlgorithms" => "ECDSA+SHA256",
 789             "VerifyCAFile" => test_pem("root-cert.pem"),
 790             "VerifyMode" => "Require"
 791         },
 792         client => $client_tls_1_3,
 793         test   => {
 794             "ExpectedClientCertType" => "P-256",
 795             "ExpectedClientSignHash" => "SHA256",
 796             "ExpectedClientSignType" => "EC",
 797             "ExpectedResult" => "Success"
 798         },
 799     },
 800 );
 801
 802 my @tests_tls_1_3_non_fips = (
 803     {
 804         name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
 805         server => $server_tls_1_3,
 806         client => {
 807             "SignatureAlgorithms" => "ed25519",
 808         },
 809         test   => {
 810             "ExpectedServerCertType" => "Ed25519",
 811             "ExpectedServerSignType" => "Ed25519",
 812             "ExpectedResult" => "Success"
 813         },
 814     },
 815     {
 816         name => "TLS 1.3 Ed448 Signature Algorithm Selection",
 817         server => $server_tls_1_3,
 818         client => {
 819             "SignatureAlgorithms" => "ed448",
 820             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 821         },
 822         test   => {
 823             "ExpectedServerCertType" => "Ed448",
 824             "ExpectedServerSignType" => "Ed448",
 825             "ExpectedResult" => "Success"
 826         },
 827     },
 828     {
 829         name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
 830         server => $server_tls_1_3,
 831         client => {
 832             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 833             # Excluding P-256 from the supported groups list should
 834             # mean server still uses a P-256 certificate because supported
 835             # groups is not used in signature selection for TLS 1.3
 836             "Groups" => "X25519"
 837         },
 838         test   => {
 839             "ExpectedServerCertType" =>, "P-256",
 840             "ExpectedServerSignType" =>, "EC",
 841             "ExpectedResult" => "Success"
 842         },
 843     },
 844     {
 845         name => "TLS 1.3 Ed448 CipherString and Groups Selection",
 846         server => $server_tls_1_3,
 847         client => {
 848             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 849             # Excluding P-256 from the supported groups list should
 850             # mean server still uses a P-256 certificate because supported
 851             # groups is not used in signature selection for TLS 1.3
 852             "Groups" => "X448"
 853         },
 854         test   => {
 855             "ExpectedServerCertType" =>, "P-256",
 856             "ExpectedServerSignType" =>, "EC",
 857             "ExpectedResult" => "Success"
 858         },
 859     },
 860     {
 861         name => "TLS 1.3 Ed25519 Client Auth",
 862         server => {
 863             "VerifyCAFile" => test_pem("root-cert.pem"),
 864             "VerifyMode" => "Require"
 865         },
 866         client => {
 867             "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
 868             "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
 869             "MinProtocol" => "TLSv1.3",
 870             "MaxProtocol" => "TLSv1.3"
 871         },
 872         test   => {
 873             "ExpectedClientCertType" => "Ed25519",
 874             "ExpectedClientSignType" => "Ed25519",
 875             "ExpectedResult" => "Success"
 876         },
 877     },
 878     {
 879         name => "TLS 1.3 Ed448 Client Auth",
 880         server => {
 881             "VerifyCAFile" => test_pem("root-cert.pem"),
 882             "VerifyMode" => "Require"
 883         },
 884         client => {
 885             "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
 886             "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
 887             "MinProtocol" => "TLSv1.3",
 888             "MaxProtocol" => "TLSv1.3"
 889         },
 890         test   => {
 891             "ExpectedClientCertType" => "Ed448",
 892             "ExpectedClientSignType" => "Ed448",
 893             "ExpectedResult" => "Success"
 894         },
 895     },
 896     {
 897         name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
 898         server =>  {
 899             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 900             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 901             "Groups" => "brainpoolP256r1",
 902         },
 903         client => {
 904             "CipherString" => "aECDSA",
 905             "RequestCAFile" => test_pem("root-cert.pem"),
 906             "Groups" => "brainpoolP256r1",
 907         },
 908         test   => {
 909             #We only configured brainpoolP256r1 on the client side, but TLSv1.3
 910             #is enabled and this group is not allowed in TLSv1.3. Therefore this
 911             #should fail
 912             "ExpectedResult" => "ServerFail"
 913         },
 914     },
 915     {
 916         name => "TLS 1.3 ECDSA with brainpool",
 917         server =>  {
 918             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 919             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 920         },
 921         client => {
 922             "RequestCAFile" => test_pem("root-cert.pem"),
 923             "MinProtocol" => "TLSv1.3",
 924             "MaxProtocol" => "TLSv1.3"
 925         },
 926         test   => {
 927             "ExpectedResult" => "Success"
 928         },
 929     },
 930 );
 931
 932 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
 933 push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
 934
 935 my @tests_dsa_tls_1_2 = (
 936     {
 937         name => "TLS 1.2 DSA Certificate Test",
 938         server => {
 939             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 940             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 941             "DHParameters" => test_pem("dhp2048.pem"),
 942             "MinProtocol" => "TLSv1.2",
 943             "MaxProtocol" => "TLSv1.2",
 944             "CipherString" => "ALL",
 945         },
 946         client => {
 947             "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
 948             "CipherString" => "ALL",
 949         },
 950         test   => {
 951             "ExpectedResult" => "Success"
 952         },
 953     },
 954 );
 955
 956 my @tests_dsa_tls_1_3 = (
 957     {
 958         name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
 959         server => {
 960             "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
 961             "VerifyCAFile" => test_pem("root-cert.pem"),
 962             "VerifyMode" => "Request"
 963         },
 964         client => {},
 965         test   => {
 966             "ExpectedResult" => "ServerFail"
 967         },
 968     },
 969     {
 970         name => "TLS 1.3 DSA Certificate Test",
 971         server => {
 972             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 973             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 974             "MinProtocol" => "TLSv1.3",
 975             "MaxProtocol" => "TLSv1.3",
 976             "CipherString" => "ALL",
 977         },
 978         client => {
 979             "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
 980             "CipherString" => "ALL",
 981         },
 982         test   => {
 983             "ExpectedResult" => "ServerFail"
 984         },
 985     },
 986 );
 987
 988 if (!disabled("dsa")) {
 989     push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
 990     push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
 991 }