test/ssl-tests/20-cert-select.cnf.in: Re-enable RSA-PSS related tests
[openssl.git] / test / ssl-tests / 20-cert-select.cnf.in
1 # -*- mode: perl; -*-
2
3 ## SSL test configurations
4
5
6 use strict;
7 use warnings;
8
9 package ssltests;
10 use OpenSSL::Test::Utils;
11
12 our $fips_mode;
13 our $no_deflt_libctx;
14
15 my $server;
16
17 if ($fips_mode) {
18     #TODO(3.0): No EdDSA support in FIPS mode at the moment
19     $server = {
20         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
21         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
22         "MaxProtocol" => "TLSv1.2"
23     };
24 } else {
25     $server = {
26         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
27         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
28         "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
29         "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
30         "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
31         "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
32         "MaxProtocol" => "TLSv1.2"
33     };
34 }
35
36 my $server_pss = {
37     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
38     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
39     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
40     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
41     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
42     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
43     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
44     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
45     "MaxProtocol" => "TLSv1.2"
46 };
47
48 my $server_pss_only = {
49     "Certificate" => test_pem("server-pss-cert.pem"),
50     "PrivateKey" => test_pem("server-pss-key.pem"),
51 };
52
53 my $server_pss_restrict_only = {
54     "Certificate" => test_pem("server-pss-restrict-cert.pem"),
55     "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
56 };
57
58 my $server_rsa_all;
59
60 if ($no_deflt_libctx) {
61     $server_rsa_all = {
62         "Certificate" => test_pem("servercert.pem"),
63         "PrivateKey" => test_pem("serverkey.pem"),
64     };
65 } else {
66     $server_rsa_all = {
67         "PSS.Certificate" => test_pem("server-pss-cert.pem"),
68         "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
69         "Certificate" => test_pem("servercert.pem"),
70         "PrivateKey" => test_pem("serverkey.pem"),
71     };
72 }
73
74 our @tests = (
75     {
76         name => "ECDSA CipherString Selection",
77         server => $server,
78         client => {
79             "CipherString" => "aECDSA",
80             "MaxProtocol" => "TLSv1.2",
81             "RequestCAFile" => test_pem("root-cert.pem"),
82         },
83         test   => {
84             "ExpectedServerCertType" =>, "P-256",
85             "ExpectedServerSignType" =>, "EC",
86             # Note: certificate_authorities not sent for TLS < 1.3
87             "ExpectedServerCANames" =>, "empty",
88             "ExpectedResult" => "Success"
89         },
90     },
91     {
92         name => "ECDSA CipherString Selection",
93         server => {
94             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
95             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
96             "MaxProtocol" => "TLSv1.2",
97             #Deliberately set supported_groups to one not in the cert. This
98             #should be tolerated
99             "Groups" => "P-384"
100         },
101         client => {
102             "CipherString" => "aECDSA",
103             "MaxProtocol" => "TLSv1.2",
104             "Groups" => "P-256:P-384",
105             "RequestCAFile" => test_pem("root-cert.pem"),
106         },
107         test   => {
108             "ExpectedServerCertType" =>, "P-256",
109             "ExpectedServerSignType" =>, "EC",
110             # Note: certificate_authorities not sent for TLS < 1.3
111             "ExpectedServerCANames" =>, "empty",
112             "ExpectedResult" => "Success"
113         },
114     },
115     {
116         name => "ECDSA CipherString Selection",
117         server => {
118             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
119             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
120             "MaxProtocol" => "TLSv1.2",
121             "Groups" => "P-256:P-384"
122         },
123         client => {
124             "CipherString" => "aECDSA",
125             "MaxProtocol" => "TLSv1.2",
126             #Deliberately set groups to not include the certificate group. This
127             #should fail
128             "Groups" => "P-384",
129             "RequestCAFile" => test_pem("root-cert.pem"),
130         },
131         test   => {
132             "ExpectedResult" => "ServerFail"
133         },
134     },
135     {
136         name => "RSA CipherString Selection",
137         server => $server,
138         client => {
139             "CipherString" => "aRSA",
140             "MaxProtocol" => "TLSv1.2",
141         },
142         test   => {
143             "ExpectedServerCertType" =>, "RSA",
144             "ExpectedServerSignType" =>, "RSA-PSS",
145             "ExpectedResult" => "Success"
146         },
147     },
148     {
149         name => "P-256 CipherString and Signature Algorithm Selection",
150         server => $server,
151         client => {
152             "CipherString" => "aECDSA",
153             "MaxProtocol" => "TLSv1.2",
154             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
155         },
156         test   => {
157             "ExpectedServerCertType" => "P-256",
158             "ExpectedServerSignHash" => "SHA256",
159             "ExpectedServerSignType" => "EC",
160             "ExpectedResult" => "Success"
161         },
162     },
163     {
164         name => "ECDSA CipherString Selection, no ECDSA certificate",
165         server => {
166             "MaxProtocol" => "TLSv1.2"
167         },
168         client => {
169             "CipherString" => "aECDSA",
170             "MaxProtocol" => "TLSv1.2"
171         },
172         test   => {
173             "ExpectedResult" => "ServerFail"
174         },
175     },
176     {
177         name => "ECDSA Signature Algorithm Selection",
178         server => $server,
179         client => {
180             "SignatureAlgorithms" => "ECDSA+SHA256",
181         },
182         test   => {
183             "ExpectedServerCertType" => "P-256",
184             "ExpectedServerSignHash" => "SHA256",
185             "ExpectedServerSignType" => "EC",
186             "ExpectedResult" => "Success"
187         },
188     },
189     {
190         name => "ECDSA Signature Algorithm Selection SHA384",
191         server => $server,
192         client => {
193             "SignatureAlgorithms" => "ECDSA+SHA384",
194         },
195         test   => {
196             "ExpectedServerCertType" => "P-256",
197             "ExpectedServerSignHash" => "SHA384",
198             "ExpectedServerSignType" => "EC",
199             "ExpectedResult" => "Success"
200         },
201     },
202     {
203         name => "ECDSA Signature Algorithm Selection SHA1",
204         server => $server,
205         client => {
206             "SignatureAlgorithms" => "ECDSA+SHA1",
207         },
208         test   => {
209             "ExpectedServerCertType" => "P-256",
210             "ExpectedServerSignHash" => "SHA1",
211             "ExpectedServerSignType" => "EC",
212             "ExpectedResult" => "Success"
213         },
214     },
215     {
216         name => "ECDSA Signature Algorithm Selection compressed point",
217         server => {
218             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
219             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
220             "MaxProtocol" => "TLSv1.2"
221         },
222         client => {
223             "SignatureAlgorithms" => "ECDSA+SHA256",
224         },
225         test   => {
226             "ExpectedServerCertType" => "P-256",
227             "ExpectedServerSignHash" => "SHA256",
228             "ExpectedServerSignType" => "EC",
229             "ExpectedResult" => "Success"
230         },
231     },
232     {
233         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
234         server => {
235              "MaxProtocol" => "TLSv1.2"
236         },
237         client => {
238             "SignatureAlgorithms" => "ECDSA+SHA256",
239         },
240         test   => {
241             "ExpectedResult" => "ServerFail"
242         },
243     },
244     {
245         name => "RSA Signature Algorithm Selection",
246         server => $server,
247         client => {
248             "SignatureAlgorithms" => "RSA+SHA256",
249         },
250         test   => {
251             "ExpectedServerCertType" => "RSA",
252             "ExpectedServerSignHash" => "SHA256",
253             "ExpectedServerSignType" => "RSA",
254             "ExpectedResult" => "Success"
255         },
256     },
257     {
258         name => "RSA-PSS Signature Algorithm Selection",
259         server => $server,
260         client => {
261             "SignatureAlgorithms" => "RSA-PSS+SHA256",
262         },
263         test   => {
264             "ExpectedServerCertType" => "RSA",
265             "ExpectedServerSignHash" => "SHA256",
266             "ExpectedServerSignType" => "RSA-PSS",
267             "ExpectedResult" => "Success"
268         },
269     },
270     {
271         name => "RSA key exchange with all RSA certificate types",
272         server => $server_rsa_all,
273         client => {
274             "CipherString" => "kRSA",
275             "MaxProtocol" => "TLSv1.2",
276         },
277         test   => {
278             "ExpectedServerCertType" =>, "RSA",
279             "ExpectedResult" => "Success"
280         },
281     },
282     {
283         name => "Suite B P-256 Hash Algorithm Selection",
284         server =>  {
285             "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
286             "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
287             "MaxProtocol" => "TLSv1.2",
288             "CipherString" => "SUITEB128"
289         },
290         client => {
291             "VerifyCAFile" => test_pem("p384-root.pem"),
292             "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
293         },
294         test   => {
295             "ExpectedServerCertType" => "P-256",
296             "ExpectedServerSignHash" => "SHA256",
297             "ExpectedServerSignType" => "EC",
298             "ExpectedResult" => "Success"
299         },
300     },
301     {
302         name => "Suite B P-384 Hash Algorithm Selection",
303         server =>  {
304             "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
305             "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
306             "MaxProtocol" => "TLSv1.2",
307             "CipherString" => "SUITEB128"
308         },
309         client => {
310             "VerifyCAFile" => test_pem("p384-root.pem"),
311             "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
312         },
313         test   => {
314             "ExpectedServerCertType" => "P-384",
315             "ExpectedServerSignHash" => "SHA384",
316             "ExpectedServerSignType" => "EC",
317             "ExpectedResult" => "Success"
318         },
319     },
320 );
321
322 my @tests_non_fips = (
323     # TODO(3.0) No Ed25519/Ed448 in FIPS mode at the moment
324     {
325         name => "Ed25519 CipherString and Signature Algorithm Selection",
326         server => $server,
327         client => {
328             "CipherString" => "aECDSA",
329             "MaxProtocol" => "TLSv1.2",
330             "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
331             "RequestCAFile" => test_pem("root-cert.pem"),
332         },
333         test   => {
334             "ExpectedServerCertType" =>, "Ed25519",
335             "ExpectedServerSignType" =>, "Ed25519",
336             # Note: certificate_authorities not sent for TLS < 1.3
337             "ExpectedServerCANames" =>, "empty",
338             "ExpectedResult" => "Success"
339         },
340     },
341     {
342         name => "Ed448 CipherString and Signature Algorithm Selection",
343         server => $server,
344         client => {
345             "CipherString" => "aECDSA",
346             "MaxProtocol" => "TLSv1.2",
347             "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
348             "RequestCAFile" => test_pem("root-ed448-cert.pem"),
349             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
350         },
351         test   => {
352             "ExpectedServerCertType" =>, "Ed448",
353             "ExpectedServerSignType" =>, "Ed448",
354             # Note: certificate_authorities not sent for TLS < 1.3
355             "ExpectedServerCANames" =>, "empty",
356             "ExpectedResult" => "Success"
357         },
358     },
359     {
360         name => "ECDSA with brainpool",
361         server =>  {
362             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
363             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
364             "Groups" => "brainpoolP256r1",
365         },
366         client => {
367             #We don't restrict this to TLSv1.2, although use of brainpool
368             #should force this anyway so that this should succeed
369             "CipherString" => "aECDSA",
370             "RequestCAFile" => test_pem("root-cert.pem"),
371             "Groups" => "brainpoolP256r1",
372         },
373         test   => {
374             "ExpectedServerCertType" =>, "brainpoolP256r1",
375             "ExpectedServerSignType" =>, "EC",
376             # Note: certificate_authorities not sent for TLS < 1.3
377             "ExpectedServerCANames" =>, "empty",
378             "ExpectedResult" => "Success"
379         },
380     },
381     {
382         name => "Ed25519 CipherString and Curves Selection",
383         server => $server,
384         client => {
385             "CipherString" => "aECDSA",
386             "MaxProtocol" => "TLSv1.2",
387             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
388             # Excluding P-256 from the supported curves list means server
389             # certificate should be Ed25519 and not P-256
390             "Curves" => "X25519"
391         },
392         test   => {
393             "ExpectedServerCertType" =>, "Ed25519",
394             "ExpectedServerSignType" =>, "Ed25519",
395             "ExpectedResult" => "Success"
396         },
397     },
398     {
399         name => "Ed448 CipherString and Curves Selection",
400         server => $server,
401         client => {
402             "CipherString" => "aECDSA",
403             "MaxProtocol" => "TLSv1.2",
404             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
405             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
406             # Excluding P-256 from the supported curves list means server
407             # certificate should be Ed25519 and not P-256
408             "Curves" => "X448"
409         },
410         test   => {
411             "ExpectedServerCertType" =>, "Ed448",
412             "ExpectedServerSignType" =>, "Ed448",
413             "ExpectedResult" => "Success"
414         },
415     },
416     {
417         name => "TLS 1.2 Ed25519 Client Auth",
418         server => {
419             "VerifyCAFile" => test_pem("root-cert.pem"),
420             "VerifyMode" => "Require"
421         },
422         client => {
423             "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
424             "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
425             "MinProtocol" => "TLSv1.2",
426             "MaxProtocol" => "TLSv1.2"
427         },
428         test   => {
429             "ExpectedClientCertType" => "Ed25519",
430             "ExpectedClientSignType" => "Ed25519",
431             "ExpectedResult" => "Success"
432         },
433     },
434     {
435         name => "TLS 1.2 Ed448 Client Auth",
436         server => {
437             "VerifyCAFile" => test_pem("root-cert.pem"),
438             "VerifyMode" => "Require"
439         },
440         client => {
441             "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
442             "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
443             "MinProtocol" => "TLSv1.2",
444             "MaxProtocol" => "TLSv1.2"
445         },
446         test   => {
447             "ExpectedClientCertType" => "Ed448",
448             "ExpectedClientSignType" => "Ed448",
449             "ExpectedResult" => "Success"
450         },
451     },
452 );
453
454 my @tests_pss = (
455     {
456         name => "RSA-PSS Certificate CipherString Selection",
457         server => $server_pss,
458         client => {
459             "CipherString" => "aRSA",
460             "MaxProtocol" => "TLSv1.2",
461         },
462         test   => {
463             "ExpectedServerCertType" =>, "RSA-PSS",
464             "ExpectedServerSignType" =>, "RSA-PSS",
465             "ExpectedResult" => "Success"
466         },
467     },
468     {
469         name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
470         server => $server_pss,
471         client => {
472             "SignatureAlgorithms" => "RSA-PSS+SHA256",
473         },
474         test   => {
475             "ExpectedServerCertType" => "RSA",
476             "ExpectedServerSignHash" => "SHA256",
477             "ExpectedServerSignType" => "RSA-PSS",
478             "ExpectedResult" => "Success"
479         },
480     },
481     {
482         name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
483         server => $server_pss,
484         client => {
485             "SignatureAlgorithms" => "rsa_pss_pss_sha256",
486         },
487         test   => {
488             "ExpectedServerCertType" => "RSA-PSS",
489             "ExpectedServerSignHash" => "SHA256",
490             "ExpectedServerSignType" => "RSA-PSS",
491             "ExpectedResult" => "Success"
492         },
493     },
494     {
495         name => "Only RSA-PSS Certificate",
496         server => $server_pss_only,
497         client => {},
498         test   => {
499             "ExpectedServerCertType" => "RSA-PSS",
500             "ExpectedServerSignHash" => "SHA256",
501             "ExpectedServerSignType" => "RSA-PSS",
502             "ExpectedResult" => "Success"
503         },
504     },
505     {
506         name => "Only RSA-PSS Certificate Valid Signature Algorithms",
507         server => $server_pss_only,
508         client => {
509             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
510         },
511         test   => {
512             "ExpectedServerCertType" => "RSA-PSS",
513             "ExpectedServerSignHash" => "SHA512",
514             "ExpectedServerSignType" => "RSA-PSS",
515             "ExpectedResult" => "Success"
516         },
517     },
518     {
519         name => "RSA-PSS Certificate, no PSS signature algorithms",
520         server => $server_pss_only,
521         client => {
522             "SignatureAlgorithms" => "RSA+SHA256",
523         },
524         test   => {
525             "ExpectedResult" => "ServerFail"
526         },
527     },
528     {
529         name => "Only RSA-PSS Restricted Certificate",
530         server => $server_pss_restrict_only,
531         client => {},
532         test   => {
533             "ExpectedServerCertType" => "RSA-PSS",
534             "ExpectedServerSignHash" => "SHA256",
535             "ExpectedServerSignType" => "RSA-PSS",
536             "ExpectedResult" => "Success"
537         },
538     },
539     {
540         name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
541         server => $server_pss_restrict_only,
542         client => {
543             "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
544         },
545         test   => {
546             "ExpectedServerCertType" => "RSA-PSS",
547             "ExpectedServerSignHash" => "SHA256",
548             "ExpectedServerSignType" => "RSA-PSS",
549             "ExpectedResult" => "Success"
550         },
551     },
552     {
553         name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
554         server => $server_pss_restrict_only,
555         client => {
556             "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
557         },
558         test   => {
559             "ExpectedServerCertType" => "RSA-PSS",
560             "ExpectedServerSignHash" => "SHA256",
561             "ExpectedServerSignType" => "RSA-PSS",
562             "ExpectedResult" => "Success"
563         },
564     },
565     {
566         name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
567         server => $server_pss_restrict_only,
568         client => {
569             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
570         },
571         test   => {
572             "ExpectedResult" => "ServerFail"
573         },
574     },
575     {
576         name => "RSA key exchange with only RSA-PSS certificate",
577         server => $server_pss_only,
578         client => {
579             "CipherString" => "kRSA",
580             "MaxProtocol" => "TLSv1.2",
581         },
582         test   => {
583             "ExpectedResult" => "ServerFail"
584         },
585     },
586 );
587
588 my @tests_tls_1_1 = (
589     {
590         name => "Only RSA-PSS Certificate, TLS v1.1",
591         server => $server_pss_only,
592         client => {
593             "MaxProtocol" => "TLSv1.1",
594         },
595         test   => {
596             "ExpectedResult" => "ServerFail"
597         },
598     },
599 );
600
601 push @tests, @tests_non_fips unless $fips_mode;
602 push @tests, @tests_pss;
603 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
604
605 my $server_tls_1_3;
606
607 if ($fips_mode) {
608     $server_tls_1_3 = {
609         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
610         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
611         "MinProtocol" => "TLSv1.3",
612         "MaxProtocol" => "TLSv1.3"
613     };
614 } else {
615     $server_tls_1_3 = {
616         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
617         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
618         "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
619         "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
620         "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
621         "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
622         "MinProtocol" => "TLSv1.3",
623         "MaxProtocol" => "TLSv1.3"
624     };
625 }
626
627 my $client_tls_1_3 = {
628     "RSA.Certificate" => test_pem("ee-client-chain.pem"),
629     "RSA.PrivateKey" => test_pem("ee-key.pem"),
630     "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
631     "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
632     "MinProtocol" => "TLSv1.3",
633     "MaxProtocol" => "TLSv1.3"
634 };
635
636 my @tests_tls_1_3 = (
637     {
638         name => "TLS 1.3 ECDSA Signature Algorithm Selection",
639         server => $server_tls_1_3,
640         client => {
641             "SignatureAlgorithms" => "ECDSA+SHA256",
642         },
643         test   => {
644             "ExpectedServerCertType" => "P-256",
645             "ExpectedServerSignHash" => "SHA256",
646             "ExpectedServerSignType" => "EC",
647             "ExpectedServerCANames" => "empty",
648             "ExpectedResult" => "Success"
649         },
650     },
651     {
652         name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
653         server => {
654             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
655             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
656             "MinProtocol" => "TLSv1.3",
657             "MaxProtocol" => "TLSv1.3"
658         },
659         client => {
660             "SignatureAlgorithms" => "ECDSA+SHA256",
661         },
662         test   => {
663             "ExpectedServerCertType" => "P-256",
664             "ExpectedServerSignHash" => "SHA256",
665             "ExpectedServerSignType" => "EC",
666             "ExpectedServerCANames" => "empty",
667             "ExpectedResult" => "Success"
668         },
669     },
670     {
671         name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
672         server => $server_tls_1_3,
673         client => {
674             "SignatureAlgorithms" => "ECDSA+SHA1",
675         },
676         test   => {
677             "ExpectedResult" => "ServerFail"
678         },
679     },
680     {
681         name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
682         server => $server_tls_1_3,
683         client => {
684             "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
685             "RequestCAFile" => test_pem("root-cert.pem"),
686         },
687         test   => {
688             "ExpectedServerCertType" => "P-256",
689             "ExpectedServerSignHash" => "SHA256",
690             "ExpectedServerSignType" => "EC",
691             "ExpectedServerCANames" => test_pem("root-cert.pem"),
692             "ExpectedResult" => "Success"
693         },
694     },
695     {
696         name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
697         server => $server_tls_1_3,
698         client => {
699             "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
700         },
701         test   => {
702             "ExpectedServerCertType" => "RSA",
703             "ExpectedServerSignHash" => "SHA384",
704             "ExpectedServerSignType" => "RSA-PSS",
705             "ExpectedResult" => "Success"
706         },
707     },
708     {
709         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
710         server => {
711             "MinProtocol" => "TLSv1.3",
712             "MaxProtocol" => "TLSv1.3"
713         },
714         client => {
715             "SignatureAlgorithms" => "ECDSA+SHA256",
716         },
717         test   => {
718             "ExpectedResult" => "ServerFail"
719         },
720     },
721     {
722         name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
723         server => $server_tls_1_3,
724         client => {
725             "SignatureAlgorithms" => "RSA+SHA256",
726         },
727         test   => {
728             "ExpectedResult" => "ServerFail"
729         },
730     },
731     {
732         name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
733         server => $server_tls_1_3,
734         client => {
735             "SignatureAlgorithms" => "RSA-PSS+SHA256",
736         },
737         test   => {
738             "ExpectedServerCertType" => "RSA",
739             "ExpectedServerSignHash" => "SHA256",
740             "ExpectedServerSignType" => "RSA-PSS",
741             "ExpectedResult" => "Success"
742         },
743     },
744     {
745         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
746         server => {
747             "ClientSignatureAlgorithms" => "PSS+SHA256",
748             "VerifyCAFile" => test_pem("root-cert.pem"),
749             "VerifyMode" => "Require"
750         },
751         client => $client_tls_1_3,
752         test   => {
753             "ExpectedClientCertType" => "RSA",
754             "ExpectedClientSignHash" => "SHA256",
755             "ExpectedClientSignType" => "RSA-PSS",
756             "ExpectedClientCANames" => "empty",
757             "ExpectedResult" => "Success"
758         },
759     },
760     {
761         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
762         server => {
763             "ClientSignatureAlgorithms" => "PSS+SHA256",
764             "VerifyCAFile" => test_pem("root-cert.pem"),
765             "RequestCAFile" => test_pem("root-cert.pem"),
766             "VerifyMode" => "Require"
767         },
768         client => $client_tls_1_3,
769         test   => {
770             "ExpectedClientCertType" => "RSA",
771             "ExpectedClientSignHash" => "SHA256",
772             "ExpectedClientSignType" => "RSA-PSS",
773             "ExpectedClientCANames" => test_pem("root-cert.pem"),
774             "ExpectedResult" => "Success"
775         },
776     },
777     {
778         name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
779         server => {
780             "ClientSignatureAlgorithms" => "ECDSA+SHA256",
781             "VerifyCAFile" => test_pem("root-cert.pem"),
782             "VerifyMode" => "Require"
783         },
784         client => $client_tls_1_3,
785         test   => {
786             "ExpectedClientCertType" => "P-256",
787             "ExpectedClientSignHash" => "SHA256",
788             "ExpectedClientSignType" => "EC",
789             "ExpectedResult" => "Success"
790         },
791     },
792 );
793
794 my @tests_tls_1_3_non_fips = (
795     {
796         name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
797         server => $server_tls_1_3,
798         client => {
799             "SignatureAlgorithms" => "ed25519",
800         },
801         test   => {
802             "ExpectedServerCertType" => "Ed25519",
803             "ExpectedServerSignType" => "Ed25519",
804             "ExpectedResult" => "Success"
805         },
806     },
807     {
808         name => "TLS 1.3 Ed448 Signature Algorithm Selection",
809         server => $server_tls_1_3,
810         client => {
811             "SignatureAlgorithms" => "ed448",
812             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
813         },
814         test   => {
815             "ExpectedServerCertType" => "Ed448",
816             "ExpectedServerSignType" => "Ed448",
817             "ExpectedResult" => "Success"
818         },
819     },
820     {
821         name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
822         server => $server_tls_1_3,
823         client => {
824             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
825             # Excluding P-256 from the supported groups list should
826             # mean server still uses a P-256 certificate because supported
827             # groups is not used in signature selection for TLS 1.3
828             "Groups" => "X25519"
829         },
830         test   => {
831             "ExpectedServerCertType" =>, "P-256",
832             "ExpectedServerSignType" =>, "EC",
833             "ExpectedResult" => "Success"
834         },
835     },
836     {
837         name => "TLS 1.3 Ed448 CipherString and Groups Selection",
838         server => $server_tls_1_3,
839         client => {
840             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
841             # Excluding P-256 from the supported groups list should
842             # mean server still uses a P-256 certificate because supported
843             # groups is not used in signature selection for TLS 1.3
844             "Groups" => "X448"
845         },
846         test   => {
847             "ExpectedServerCertType" =>, "P-256",
848             "ExpectedServerSignType" =>, "EC",
849             "ExpectedResult" => "Success"
850         },
851     },
852     {
853         name => "TLS 1.3 Ed25519 Client Auth",
854         server => {
855             "VerifyCAFile" => test_pem("root-cert.pem"),
856             "VerifyMode" => "Require"
857         },
858         client => {
859             "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
860             "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
861             "MinProtocol" => "TLSv1.3",
862             "MaxProtocol" => "TLSv1.3"
863         },
864         test   => {
865             "ExpectedClientCertType" => "Ed25519",
866             "ExpectedClientSignType" => "Ed25519",
867             "ExpectedResult" => "Success"
868         },
869     },
870     {
871         name => "TLS 1.3 Ed448 Client Auth",
872         server => {
873             "VerifyCAFile" => test_pem("root-cert.pem"),
874             "VerifyMode" => "Require"
875         },
876         client => {
877             "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
878             "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
879             "MinProtocol" => "TLSv1.3",
880             "MaxProtocol" => "TLSv1.3"
881         },
882         test   => {
883             "ExpectedClientCertType" => "Ed448",
884             "ExpectedClientSignType" => "Ed448",
885             "ExpectedResult" => "Success"
886         },
887     },
888     {
889         name => "TLS 1.3 ECDSA with brainpool",
890         server =>  {
891             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
892             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
893             "Groups" => "brainpoolP256r1",
894         },
895         client => {
896             "RequestCAFile" => test_pem("root-cert.pem"),
897             "Groups" => "brainpoolP256r1",
898             "MinProtocol" => "TLSv1.3",
899             "MaxProtocol" => "TLSv1.3"
900         },
901         test   => {
902             "ExpectedResult" => "ServerFail"
903         },
904     },
905 );
906
907 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
908 push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
909
910 my @tests_dsa_tls_1_2 = (
911     {
912         name => "TLS 1.2 DSA Certificate Test",
913         server => {
914             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
915             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
916             "DHParameters" => test_pem("dhp2048.pem"),
917             "MinProtocol" => "TLSv1.2",
918             "MaxProtocol" => "TLSv1.2",
919             "CipherString" => "ALL",
920         },
921         client => {
922             "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
923             "CipherString" => "ALL",
924         },
925         test   => {
926             "ExpectedResult" => "Success"
927         },
928     },
929 );
930
931 my @tests_dsa_tls_1_3 = (
932     {
933         name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
934         server => {
935             "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
936             "VerifyCAFile" => test_pem("root-cert.pem"),
937             "VerifyMode" => "Request"
938         },
939         client => {},
940         test   => {
941             "ExpectedResult" => "ServerFail"
942         },
943     },
944     {
945         name => "TLS 1.3 DSA Certificate Test",
946         server => {
947             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
948             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
949             "MinProtocol" => "TLSv1.3",
950             "MaxProtocol" => "TLSv1.3",
951             "CipherString" => "ALL",
952         },
953         client => {
954             "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
955             "CipherString" => "ALL",
956         },
957         test   => {
958             "ExpectedResult" => "ServerFail"
959         },
960     },
961 );
962
963 if (!disabled("dsa")) {
964     #TODO(3.0): Temporary workaround for DH issues in FIPS. Needs investigation
965     push @tests, @tests_dsa_tls_1_2 unless disabled("dh") || $fips_mode;
966     push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
967 }