3 ## SSL test configurations
10 use OpenSSL::Test::Utils;
16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
17 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
19 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
21 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
22 "MaxProtocol" => "TLSv1.2"
26 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
27 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
28 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
29 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
30 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
31 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
32 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
33 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
34 "MaxProtocol" => "TLSv1.2"
37 my $server_pss_only = {
38 "Certificate" => test_pem("server-pss-cert.pem"),
39 "PrivateKey" => test_pem("server-pss-key.pem"),
42 my $server_pss_restrict_only = {
43 "Certificate" => test_pem("server-pss-restrict-cert.pem"),
44 "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
49 if ($no_deflt_libctx) {
51 "Certificate" => test_pem("servercert.pem"),
52 "PrivateKey" => test_pem("serverkey.pem"),
56 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
57 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
58 "Certificate" => test_pem("servercert.pem"),
59 "PrivateKey" => test_pem("serverkey.pem"),
65 name => "ECDSA CipherString Selection",
68 "CipherString" => "aECDSA",
69 "MaxProtocol" => "TLSv1.2",
70 "RequestCAFile" => test_pem("root-cert.pem"),
73 "ExpectedServerCertType" =>, "P-256",
74 "ExpectedServerSignType" =>, "EC",
75 # Note: certificate_authorities not sent for TLS < 1.3
76 "ExpectedServerCANames" =>, "empty",
77 "ExpectedResult" => "Success"
81 name => "ECDSA CipherString Selection",
83 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
84 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
85 "MaxProtocol" => "TLSv1.2",
86 #Deliberately set supported_groups to one not in the cert. This
91 "CipherString" => "aECDSA",
92 "MaxProtocol" => "TLSv1.2",
93 "Groups" => "P-256:P-384",
94 "RequestCAFile" => test_pem("root-cert.pem"),
97 "ExpectedServerCertType" =>, "P-256",
98 "ExpectedServerSignType" =>, "EC",
99 # Note: certificate_authorities not sent for TLS < 1.3
100 "ExpectedServerCANames" =>, "empty",
101 "ExpectedResult" => "Success"
105 name => "ECDSA CipherString Selection",
107 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
108 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
109 "MaxProtocol" => "TLSv1.2",
110 "Groups" => "P-256:P-384"
113 "CipherString" => "aECDSA",
114 "MaxProtocol" => "TLSv1.2",
115 #Deliberately set groups to not include the certificate group. This
118 "RequestCAFile" => test_pem("root-cert.pem"),
121 "ExpectedResult" => "ServerFail"
125 name => "RSA CipherString Selection",
128 "CipherString" => "aRSA",
129 "MaxProtocol" => "TLSv1.2",
132 "ExpectedServerCertType" =>, "RSA",
133 "ExpectedServerSignType" =>, "RSA-PSS",
134 "ExpectedResult" => "Success"
138 name => "P-256 CipherString and Signature Algorithm Selection",
141 "CipherString" => "aECDSA",
142 "MaxProtocol" => "TLSv1.2",
143 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
146 "ExpectedServerCertType" => "P-256",
147 "ExpectedServerSignHash" => "SHA256",
148 "ExpectedServerSignType" => "EC",
149 "ExpectedResult" => "Success"
153 name => "ECDSA CipherString Selection, no ECDSA certificate",
155 "MaxProtocol" => "TLSv1.2"
158 "CipherString" => "aECDSA",
159 "MaxProtocol" => "TLSv1.2"
162 "ExpectedResult" => "ServerFail"
166 name => "ECDSA Signature Algorithm Selection",
169 "SignatureAlgorithms" => "ECDSA+SHA256",
172 "ExpectedServerCertType" => "P-256",
173 "ExpectedServerSignHash" => "SHA256",
174 "ExpectedServerSignType" => "EC",
175 "ExpectedResult" => "Success"
179 name => "ECDSA Signature Algorithm Selection SHA384",
182 "SignatureAlgorithms" => "ECDSA+SHA384",
185 "ExpectedServerCertType" => "P-256",
186 "ExpectedServerSignHash" => "SHA384",
187 "ExpectedServerSignType" => "EC",
188 "ExpectedResult" => "Success"
192 name => "ECDSA Signature Algorithm Selection compressed point",
194 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
195 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
196 "MaxProtocol" => "TLSv1.2"
199 "SignatureAlgorithms" => "ECDSA+SHA256",
202 "ExpectedServerCertType" => "P-256",
203 "ExpectedServerSignHash" => "SHA256",
204 "ExpectedServerSignType" => "EC",
205 "ExpectedResult" => "Success"
209 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
211 "MaxProtocol" => "TLSv1.2"
214 "SignatureAlgorithms" => "ECDSA+SHA256",
217 "ExpectedResult" => "ServerFail"
221 name => "RSA Signature Algorithm Selection",
224 "SignatureAlgorithms" => "RSA+SHA256",
227 "ExpectedServerCertType" => "RSA",
228 "ExpectedServerSignHash" => "SHA256",
229 "ExpectedServerSignType" => "RSA",
230 "ExpectedResult" => "Success"
234 name => "RSA-PSS Signature Algorithm Selection",
237 "SignatureAlgorithms" => "RSA-PSS+SHA256",
240 "ExpectedServerCertType" => "RSA",
241 "ExpectedServerSignHash" => "SHA256",
242 "ExpectedServerSignType" => "RSA-PSS",
243 "ExpectedResult" => "Success"
247 name => "RSA key exchange with all RSA certificate types",
248 server => $server_rsa_all,
250 "CipherString" => "kRSA",
251 "MaxProtocol" => "TLSv1.2",
254 "ExpectedServerCertType" =>, "RSA",
255 "ExpectedResult" => "Success"
259 name => "Suite B P-256 Hash Algorithm Selection",
261 "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
262 "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
263 "MaxProtocol" => "TLSv1.2",
264 "CipherString" => "SUITEB128"
267 "VerifyCAFile" => test_pem("p384-root.pem"),
268 "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
271 "ExpectedServerCertType" => "P-256",
272 "ExpectedServerSignHash" => "SHA256",
273 "ExpectedServerSignType" => "EC",
274 "ExpectedResult" => "Success"
278 name => "Suite B P-384 Hash Algorithm Selection",
280 "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
281 "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
282 "MaxProtocol" => "TLSv1.2",
283 "CipherString" => "SUITEB128"
286 "VerifyCAFile" => test_pem("p384-root.pem"),
287 "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
290 "ExpectedServerCertType" => "P-384",
291 "ExpectedServerSignHash" => "SHA384",
292 "ExpectedServerSignType" => "EC",
293 "ExpectedResult" => "Success"
297 name => "Ed25519 CipherString and Signature Algorithm Selection",
300 "CipherString" => "aECDSA",
301 "MaxProtocol" => "TLSv1.2",
302 "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
303 "RequestCAFile" => test_pem("root-cert.pem"),
306 "ExpectedServerCertType" =>, "Ed25519",
307 "ExpectedServerSignType" =>, "Ed25519",
308 # Note: certificate_authorities not sent for TLS < 1.3
309 "ExpectedServerCANames" =>, "empty",
310 "ExpectedResult" => "Success"
314 name => "Ed448 CipherString and Signature Algorithm Selection",
317 "CipherString" => "aECDSA",
318 "MaxProtocol" => "TLSv1.2",
319 "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
320 "RequestCAFile" => test_pem("root-ed448-cert.pem"),
321 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
324 "ExpectedServerCertType" =>, "Ed448",
325 "ExpectedServerSignType" =>, "Ed448",
326 # Note: certificate_authorities not sent for TLS < 1.3
327 "ExpectedServerCANames" =>, "empty",
328 "ExpectedResult" => "Success"
332 name => "Ed25519 CipherString and Curves Selection",
335 "CipherString" => "aECDSA",
336 "MaxProtocol" => "TLSv1.2",
337 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
338 # Excluding P-256 from the supported curves list means server
339 # certificate should be Ed25519 and not P-256
343 "ExpectedServerCertType" =>, "Ed25519",
344 "ExpectedServerSignType" =>, "Ed25519",
345 "ExpectedResult" => "Success"
349 name => "Ed448 CipherString and Curves Selection",
352 "CipherString" => "aECDSA",
353 "MaxProtocol" => "TLSv1.2",
354 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
355 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
356 # Excluding P-256 from the supported curves list means server
357 # certificate should be Ed25519 and not P-256
361 "ExpectedServerCertType" =>, "Ed448",
362 "ExpectedServerSignType" =>, "Ed448",
363 "ExpectedResult" => "Success"
367 name => "TLS 1.2 Ed25519 Client Auth",
369 "VerifyCAFile" => test_pem("root-cert.pem"),
370 "VerifyMode" => "Require"
373 "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
374 "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
375 "MinProtocol" => "TLSv1.2",
376 "MaxProtocol" => "TLSv1.2"
379 "ExpectedClientCertType" => "Ed25519",
380 "ExpectedClientSignType" => "Ed25519",
381 "ExpectedResult" => "Success"
385 name => "TLS 1.2 Ed448 Client Auth",
387 "VerifyCAFile" => test_pem("root-cert.pem"),
388 "VerifyMode" => "Require"
391 "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
392 "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
393 "MinProtocol" => "TLSv1.2",
394 "MaxProtocol" => "TLSv1.2"
397 "ExpectedClientCertType" => "Ed448",
398 "ExpectedClientSignType" => "Ed448",
399 "ExpectedResult" => "Success"
404 my @tests_non_fips = (
406 name => "ECDSA Signature Algorithm Selection SHA1",
408 "CipherString" => "DEFAULT:\@SECLEVEL=0",
409 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
410 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
411 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
412 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
413 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
414 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
415 "MaxProtocol" => "TLSv1.2"
418 "CipherString" => "DEFAULT:\@SECLEVEL=0",
419 "SignatureAlgorithms" => "ECDSA+SHA1",
422 "ExpectedServerCertType" => "P-256",
423 "ExpectedServerSignHash" => "SHA1",
424 "ExpectedServerSignType" => "EC",
425 "ExpectedResult" => "Success"
429 name => "ECDSA with brainpool",
431 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
432 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
433 "Groups" => "brainpoolP256r1",
436 "MaxProtocol" => "TLSv1.2",
437 "CipherString" => "aECDSA",
438 "RequestCAFile" => test_pem("root-cert.pem"),
439 "Groups" => "brainpoolP256r1",
442 "ExpectedServerCertType" =>, "brainpoolP256r1",
443 "ExpectedServerSignType" =>, "EC",
444 # Note: certificate_authorities not sent for TLS < 1.3
445 "ExpectedServerCANames" =>, "empty",
446 "ExpectedResult" => "Success"
453 name => "RSA-PSS Certificate CipherString Selection",
454 server => $server_pss,
456 "CipherString" => "aRSA",
457 "MaxProtocol" => "TLSv1.2",
460 "ExpectedServerCertType" =>, "RSA-PSS",
461 "ExpectedServerSignType" =>, "RSA-PSS",
462 "ExpectedResult" => "Success"
466 name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
467 server => $server_pss,
469 "SignatureAlgorithms" => "RSA-PSS+SHA256",
472 "ExpectedServerCertType" => "RSA",
473 "ExpectedServerSignHash" => "SHA256",
474 "ExpectedServerSignType" => "RSA-PSS",
475 "ExpectedResult" => "Success"
479 name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
480 server => $server_pss,
482 "SignatureAlgorithms" => "rsa_pss_pss_sha256",
485 "ExpectedServerCertType" => "RSA-PSS",
486 "ExpectedServerSignHash" => "SHA256",
487 "ExpectedServerSignType" => "RSA-PSS",
488 "ExpectedResult" => "Success"
492 name => "Only RSA-PSS Certificate",
493 server => $server_pss_only,
496 "ExpectedServerCertType" => "RSA-PSS",
497 "ExpectedServerSignHash" => "SHA256",
498 "ExpectedServerSignType" => "RSA-PSS",
499 "ExpectedResult" => "Success"
503 name => "Only RSA-PSS Certificate Valid Signature Algorithms",
504 server => $server_pss_only,
506 "SignatureAlgorithms" => "rsa_pss_pss_sha512",
509 "ExpectedServerCertType" => "RSA-PSS",
510 "ExpectedServerSignHash" => "SHA512",
511 "ExpectedServerSignType" => "RSA-PSS",
512 "ExpectedResult" => "Success"
516 name => "RSA-PSS Certificate, no PSS signature algorithms",
517 server => $server_pss_only,
519 "SignatureAlgorithms" => "RSA+SHA256",
522 "ExpectedResult" => "ServerFail"
526 name => "Only RSA-PSS Restricted Certificate",
527 server => $server_pss_restrict_only,
530 "ExpectedServerCertType" => "RSA-PSS",
531 "ExpectedServerSignHash" => "SHA256",
532 "ExpectedServerSignType" => "RSA-PSS",
533 "ExpectedResult" => "Success"
537 name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
538 server => $server_pss_restrict_only,
540 "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
543 "ExpectedServerCertType" => "RSA-PSS",
544 "ExpectedServerSignHash" => "SHA256",
545 "ExpectedServerSignType" => "RSA-PSS",
546 "ExpectedResult" => "Success"
550 name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
551 server => $server_pss_restrict_only,
553 "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
556 "ExpectedServerCertType" => "RSA-PSS",
557 "ExpectedServerSignHash" => "SHA256",
558 "ExpectedServerSignType" => "RSA-PSS",
559 "ExpectedResult" => "Success"
563 name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
564 server => $server_pss_restrict_only,
566 "SignatureAlgorithms" => "rsa_pss_pss_sha512",
569 "ExpectedResult" => "ServerFail"
573 name => "RSA key exchange with only RSA-PSS certificate",
574 server => $server_pss_only,
576 "CipherString" => "kRSA",
577 "MaxProtocol" => "TLSv1.2",
580 "ExpectedResult" => "ServerFail"
585 my @tests_tls_1_1 = (
587 name => "Only RSA-PSS Certificate, TLS v1.1",
589 "CipherString" => "DEFAULT:\@SECLEVEL=0",
590 "Certificate" => test_pem("server-pss-cert.pem"),
591 "PrivateKey" => test_pem("server-pss-key.pem"),
594 "MaxProtocol" => "TLSv1.1",
595 "CipherString" => "DEFAULT:\@SECLEVEL=0",
598 "ExpectedResult" => "ServerFail"
603 push @tests, @tests_non_fips unless $fips_mode;
604 push @tests, @tests_pss;
605 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
611 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
612 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
613 "MinProtocol" => "TLSv1.3",
614 "MaxProtocol" => "TLSv1.3"
618 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
619 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
620 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
621 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
622 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
623 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
624 "MinProtocol" => "TLSv1.3",
625 "MaxProtocol" => "TLSv1.3"
629 my $client_tls_1_3 = {
630 "RSA.Certificate" => test_pem("ee-client-chain.pem"),
631 "RSA.PrivateKey" => test_pem("ee-key.pem"),
632 "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
633 "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
634 "MinProtocol" => "TLSv1.3",
635 "MaxProtocol" => "TLSv1.3"
638 my @tests_tls_1_3 = (
640 name => "TLS 1.3 ECDSA Signature Algorithm Selection",
641 server => $server_tls_1_3,
643 "SignatureAlgorithms" => "ECDSA+SHA256",
646 "ExpectedServerCertType" => "P-256",
647 "ExpectedServerSignHash" => "SHA256",
648 "ExpectedServerSignType" => "EC",
649 "ExpectedServerCANames" => "empty",
650 "ExpectedResult" => "Success"
654 name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
656 "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
657 "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
658 "MinProtocol" => "TLSv1.3",
659 "MaxProtocol" => "TLSv1.3"
662 "SignatureAlgorithms" => "ECDSA+SHA256",
665 "ExpectedServerCertType" => "P-256",
666 "ExpectedServerSignHash" => "SHA256",
667 "ExpectedServerSignType" => "EC",
668 "ExpectedServerCANames" => "empty",
669 "ExpectedResult" => "Success"
673 name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
675 "CipherString" => "DEFAULT:\@SECLEVEL=0",
676 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
677 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
678 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
679 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
680 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
681 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
682 "MinProtocol" => "TLSv1.3",
683 "MaxProtocol" => "TLSv1.3"
686 "CipherString" => "DEFAULT:\@SECLEVEL=0",
687 "SignatureAlgorithms" => "ECDSA+SHA1",
690 "ExpectedResult" => "ServerFail"
694 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
695 server => $server_tls_1_3,
697 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
698 "RequestCAFile" => test_pem("root-cert.pem"),
701 "ExpectedServerCertType" => "P-256",
702 "ExpectedServerSignHash" => "SHA256",
703 "ExpectedServerSignType" => "EC",
704 "ExpectedServerCANames" => test_pem("root-cert.pem"),
705 "ExpectedResult" => "Success"
709 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
710 server => $server_tls_1_3,
712 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
715 "ExpectedServerCertType" => "RSA",
716 "ExpectedServerSignHash" => "SHA384",
717 "ExpectedServerSignType" => "RSA-PSS",
718 "ExpectedResult" => "Success"
722 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
724 "MinProtocol" => "TLSv1.3",
725 "MaxProtocol" => "TLSv1.3"
728 "SignatureAlgorithms" => "ECDSA+SHA256",
731 "ExpectedResult" => "ServerFail"
735 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
736 server => $server_tls_1_3,
738 "SignatureAlgorithms" => "RSA+SHA256",
741 "ExpectedResult" => "ServerFail"
745 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
746 server => $server_tls_1_3,
748 "SignatureAlgorithms" => "RSA-PSS+SHA256",
751 "ExpectedServerCertType" => "RSA",
752 "ExpectedServerSignHash" => "SHA256",
753 "ExpectedServerSignType" => "RSA-PSS",
754 "ExpectedResult" => "Success"
758 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
760 "ClientSignatureAlgorithms" => "PSS+SHA256",
761 "VerifyCAFile" => test_pem("root-cert.pem"),
762 "VerifyMode" => "Require"
764 client => $client_tls_1_3,
766 "ExpectedClientCertType" => "RSA",
767 "ExpectedClientSignHash" => "SHA256",
768 "ExpectedClientSignType" => "RSA-PSS",
769 "ExpectedClientCANames" => "empty",
770 "ExpectedResult" => "Success"
774 name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
776 "ClientSignatureAlgorithms" => "PSS+SHA256",
777 "VerifyCAFile" => test_pem("root-cert.pem"),
778 "RequestCAFile" => test_pem("root-cert.pem"),
779 "VerifyMode" => "Require"
781 client => $client_tls_1_3,
783 "ExpectedClientCertType" => "RSA",
784 "ExpectedClientSignHash" => "SHA256",
785 "ExpectedClientSignType" => "RSA-PSS",
786 "ExpectedClientCANames" => test_pem("root-cert.pem"),
787 "ExpectedResult" => "Success"
791 name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
793 "ClientSignatureAlgorithms" => "ECDSA+SHA256",
794 "VerifyCAFile" => test_pem("root-cert.pem"),
795 "VerifyMode" => "Require"
797 client => $client_tls_1_3,
799 "ExpectedClientCertType" => "P-256",
800 "ExpectedClientSignHash" => "SHA256",
801 "ExpectedClientSignType" => "EC",
802 "ExpectedResult" => "Success"
807 my @tests_tls_1_3_non_fips = (
809 name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
810 server => $server_tls_1_3,
812 "SignatureAlgorithms" => "ed25519",
815 "ExpectedServerCertType" => "Ed25519",
816 "ExpectedServerSignType" => "Ed25519",
817 "ExpectedResult" => "Success"
821 name => "TLS 1.3 Ed448 Signature Algorithm Selection",
822 server => $server_tls_1_3,
824 "SignatureAlgorithms" => "ed448",
825 "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
828 "ExpectedServerCertType" => "Ed448",
829 "ExpectedServerSignType" => "Ed448",
830 "ExpectedResult" => "Success"
834 name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
835 server => $server_tls_1_3,
837 "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
838 # Excluding P-256 from the supported groups list should
839 # mean server still uses a P-256 certificate because supported
840 # groups is not used in signature selection for TLS 1.3
844 "ExpectedServerCertType" =>, "P-256",
845 "ExpectedServerSignType" =>, "EC",
846 "ExpectedResult" => "Success"
850 name => "TLS 1.3 Ed448 CipherString and Groups Selection",
851 server => $server_tls_1_3,
853 "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
854 # Excluding P-256 from the supported groups list should
855 # mean server still uses a P-256 certificate because supported
856 # groups is not used in signature selection for TLS 1.3
860 "ExpectedServerCertType" =>, "P-256",
861 "ExpectedServerSignType" =>, "EC",
862 "ExpectedResult" => "Success"
866 name => "TLS 1.3 Ed25519 Client Auth",
868 "VerifyCAFile" => test_pem("root-cert.pem"),
869 "VerifyMode" => "Require"
872 "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
873 "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
874 "MinProtocol" => "TLSv1.3",
875 "MaxProtocol" => "TLSv1.3"
878 "ExpectedClientCertType" => "Ed25519",
879 "ExpectedClientSignType" => "Ed25519",
880 "ExpectedResult" => "Success"
884 name => "TLS 1.3 Ed448 Client Auth",
886 "VerifyCAFile" => test_pem("root-cert.pem"),
887 "VerifyMode" => "Require"
890 "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
891 "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
892 "MinProtocol" => "TLSv1.3",
893 "MaxProtocol" => "TLSv1.3"
896 "ExpectedClientCertType" => "Ed448",
897 "ExpectedClientSignType" => "Ed448",
898 "ExpectedResult" => "Success"
902 name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
904 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
905 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
906 "Groups" => "brainpoolP256r1",
909 "CipherString" => "aECDSA",
910 "RequestCAFile" => test_pem("root-cert.pem"),
911 "Groups" => "brainpoolP256r1",
914 #We only configured brainpoolP256r1 on the client side, but TLSv1.3
915 #is enabled and this group is not allowed in TLSv1.3. Therefore this
917 "ExpectedResult" => "ClientFail"
921 name => "TLS 1.3 ECDSA with brainpool",
923 "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
924 "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
927 "RequestCAFile" => test_pem("root-cert.pem"),
928 "MinProtocol" => "TLSv1.3",
929 "MaxProtocol" => "TLSv1.3"
932 "ExpectedResult" => "Success"
937 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
938 push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
940 my @tests_dsa_tls_1_2 = (
942 name => "TLS 1.2 DSA Certificate Test",
944 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
945 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
946 "DHParameters" => test_pem("dhp2048.pem"),
947 "MinProtocol" => "TLSv1.2",
948 "MaxProtocol" => "TLSv1.2",
949 "CipherString" => "ALL",
952 "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
953 "CipherString" => "ALL",
956 "ExpectedResult" => "Success"
961 my @tests_dsa_tls_1_3 = (
963 name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
965 "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
966 "VerifyCAFile" => test_pem("root-cert.pem"),
967 "VerifyMode" => "Request"
971 "ExpectedResult" => "ServerFail"
975 name => "TLS 1.3 DSA Certificate Test",
977 "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
978 "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
979 "MinProtocol" => "TLSv1.3",
980 "MaxProtocol" => "TLSv1.3",
981 "CipherString" => "ALL",
984 "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
985 "CipherString" => "ALL",
988 "ExpectedResult" => "ServerFail"
993 if (!disabled("dsa")) {
994 push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
995 push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");