test/ssl-tests/20-cert-select.cnf.in

   1 # -*- mode: perl; -*-
   2
   3 ## SSL test configurations
   4
   5
   6 use strict;
   7 use warnings;
   8
   9 package ssltests;
  10 use OpenSSL::Test::Utils;
  11
  12 our $fips_mode;
  13 our $no_deflt_libctx;
  14
  15 my $server = {
  16     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  17     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  18     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  19     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  20     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  21     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  22     "MaxProtocol" => "TLSv1.2"
  23 };
  24
  25 my $server_pss = {
  26     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  27     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  28     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  29     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  30     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  31     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  32     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  33     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  34     "MaxProtocol" => "TLSv1.2"
  35 };
  36
  37 my $server_pss_only = {
  38     "Certificate" => test_pem("server-pss-cert.pem"),
  39     "PrivateKey" => test_pem("server-pss-key.pem"),
  40 };
  41
  42 my $server_pss_restrict_only = {
  43     "Certificate" => test_pem("server-pss-restrict-cert.pem"),
  44     "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
  45 };
  46
  47 my $server_rsa_all;
  48
  49 if ($no_deflt_libctx) {
  50     $server_rsa_all = {
  51         "Certificate" => test_pem("servercert.pem"),
  52         "PrivateKey" => test_pem("serverkey.pem"),
  53     };
  54 } else {
  55     $server_rsa_all = {
  56         "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  57         "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  58         "Certificate" => test_pem("servercert.pem"),
  59         "PrivateKey" => test_pem("serverkey.pem"),
  60     };
  61 }
  62
  63 our @tests = (
  64     {
  65         name => "ECDSA CipherString Selection",
  66         server => $server,
  67         client => {
  68             "CipherString" => "aECDSA",
  69             "MaxProtocol" => "TLSv1.2",
  70             "RequestCAFile" => test_pem("root-cert.pem"),
  71         },
  72         test   => {
  73             "ExpectedServerCertType" =>, "P-256",
  74             "ExpectedServerSignType" =>, "EC",
  75             # Note: certificate_authorities not sent for TLS < 1.3
  76             "ExpectedServerCANames" =>, "empty",
  77             "ExpectedResult" => "Success"
  78         },
  79     },
  80     {
  81         name => "ECDSA CipherString Selection",
  82         server => {
  83             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  84             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  85             "MaxProtocol" => "TLSv1.2",
  86             #Deliberately set supported_groups to one not in the cert. This
  87             #should be tolerated
  88             "Groups" => "P-384"
  89         },
  90         client => {
  91             "CipherString" => "aECDSA",
  92             "MaxProtocol" => "TLSv1.2",
  93             "Groups" => "P-256:P-384",
  94             "RequestCAFile" => test_pem("root-cert.pem"),
  95         },
  96         test   => {
  97             "ExpectedServerCertType" =>, "P-256",
  98             "ExpectedServerSignType" =>, "EC",
  99             # Note: certificate_authorities not sent for TLS < 1.3
 100             "ExpectedServerCANames" =>, "empty",
 101             "ExpectedResult" => "Success"
 102         },
 103     },
 104     {
 105         name => "ECDSA CipherString Selection",
 106         server => {
 107             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 108             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 109             "MaxProtocol" => "TLSv1.2",
 110             "Groups" => "P-256:P-384"
 111         },
 112         client => {
 113             "CipherString" => "aECDSA",
 114             "MaxProtocol" => "TLSv1.2",
 115             #Deliberately set groups to not include the certificate group. This
 116             #should fail
 117             "Groups" => "P-384",
 118             "RequestCAFile" => test_pem("root-cert.pem"),
 119         },
 120         test   => {
 121             "ExpectedResult" => "ServerFail"
 122         },
 123     },
 124     {
 125         name => "RSA CipherString Selection",
 126         server => $server,
 127         client => {
 128             "CipherString" => "aRSA",
 129             "MaxProtocol" => "TLSv1.2",
 130         },
 131         test   => {
 132             "ExpectedServerCertType" =>, "RSA",
 133             "ExpectedServerSignType" =>, "RSA-PSS",
 134             "ExpectedResult" => "Success"
 135         },
 136     },
 137     {
 138         name => "P-256 CipherString and Signature Algorithm Selection",
 139         server => $server,
 140         client => {
 141             "CipherString" => "aECDSA",
 142             "MaxProtocol" => "TLSv1.2",
 143             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 144         },
 145         test   => {
 146             "ExpectedServerCertType" => "P-256",
 147             "ExpectedServerSignHash" => "SHA256",
 148             "ExpectedServerSignType" => "EC",
 149             "ExpectedResult" => "Success"
 150         },
 151     },
 152     {
 153         name => "ECDSA CipherString Selection, no ECDSA certificate",
 154         server => {
 155             "MaxProtocol" => "TLSv1.2"
 156         },
 157         client => {
 158             "CipherString" => "aECDSA",
 159             "MaxProtocol" => "TLSv1.2"
 160         },
 161         test   => {
 162             "ExpectedResult" => "ServerFail"
 163         },
 164     },
 165     {
 166         name => "ECDSA Signature Algorithm Selection",
 167         server => $server,
 168         client => {
 169             "SignatureAlgorithms" => "ECDSA+SHA256",
 170         },
 171         test   => {
 172             "ExpectedServerCertType" => "P-256",
 173             "ExpectedServerSignHash" => "SHA256",
 174             "ExpectedServerSignType" => "EC",
 175             "ExpectedResult" => "Success"
 176         },
 177     },
 178     {
 179         name => "ECDSA Signature Algorithm Selection SHA384",
 180         server => $server,
 181         client => {
 182             "SignatureAlgorithms" => "ECDSA+SHA384",
 183         },
 184         test   => {
 185             "ExpectedServerCertType" => "P-256",
 186             "ExpectedServerSignHash" => "SHA384",
 187             "ExpectedServerSignType" => "EC",
 188             "ExpectedResult" => "Success"
 189         },
 190     },
 191     {
 192         name => "ECDSA Signature Algorithm Selection compressed point",
 193         server => {
 194             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 195             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 196             "MaxProtocol" => "TLSv1.2"
 197         },
 198         client => {
 199             "SignatureAlgorithms" => "ECDSA+SHA256",
 200         },
 201         test   => {
 202             "ExpectedServerCertType" => "P-256",
 203             "ExpectedServerSignHash" => "SHA256",
 204             "ExpectedServerSignType" => "EC",
 205             "ExpectedResult" => "Success"
 206         },
 207     },
 208     {
 209         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
 210         server => {
 211              "MaxProtocol" => "TLSv1.2"
 212         },
 213         client => {
 214             "SignatureAlgorithms" => "ECDSA+SHA256",
 215         },
 216         test   => {
 217             "ExpectedResult" => "ServerFail"
 218         },
 219     },
 220     {
 221         name => "RSA Signature Algorithm Selection",
 222         server => $server,
 223         client => {
 224             "SignatureAlgorithms" => "RSA+SHA256",
 225         },
 226         test   => {
 227             "ExpectedServerCertType" => "RSA",
 228             "ExpectedServerSignHash" => "SHA256",
 229             "ExpectedServerSignType" => "RSA",
 230             "ExpectedResult" => "Success"
 231         },
 232     },
 233     {
 234         name => "RSA-PSS Signature Algorithm Selection",
 235         server => $server,
 236         client => {
 237             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 238         },
 239         test   => {
 240             "ExpectedServerCertType" => "RSA",
 241             "ExpectedServerSignHash" => "SHA256",
 242             "ExpectedServerSignType" => "RSA-PSS",
 243             "ExpectedResult" => "Success"
 244         },
 245     },
 246     {
 247         name => "RSA key exchange with all RSA certificate types",
 248         server => $server_rsa_all,
 249         client => {
 250             "CipherString" => "kRSA",
 251             "MaxProtocol" => "TLSv1.2",
 252         },
 253         test   => {
 254             "ExpectedServerCertType" =>, "RSA",
 255             "ExpectedResult" => "Success"
 256         },
 257     },
 258     {
 259         name => "Suite B P-256 Hash Algorithm Selection",
 260         server =>  {
 261             "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
 262             "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
 263             "MaxProtocol" => "TLSv1.2",
 264             "CipherString" => "SUITEB128"
 265         },
 266         client => {
 267             "VerifyCAFile" => test_pem("p384-root.pem"),
 268             "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
 269         },
 270         test   => {
 271             "ExpectedServerCertType" => "P-256",
 272             "ExpectedServerSignHash" => "SHA256",
 273             "ExpectedServerSignType" => "EC",
 274             "ExpectedResult" => "Success"
 275         },
 276     },
 277     {
 278         name => "Suite B P-384 Hash Algorithm Selection",
 279         server =>  {
 280             "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
 281             "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
 282             "MaxProtocol" => "TLSv1.2",
 283             "CipherString" => "SUITEB128"
 284         },
 285         client => {
 286             "VerifyCAFile" => test_pem("p384-root.pem"),
 287             "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
 288         },
 289         test   => {
 290             "ExpectedServerCertType" => "P-384",
 291             "ExpectedServerSignHash" => "SHA384",
 292             "ExpectedServerSignType" => "EC",
 293             "ExpectedResult" => "Success"
 294         },
 295     },
 296     {
 297         name => "Ed25519 CipherString and Signature Algorithm Selection",
 298         server => $server,
 299         client => {
 300             "CipherString" => "aECDSA",
 301             "MaxProtocol" => "TLSv1.2",
 302             "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
 303             "RequestCAFile" => test_pem("root-cert.pem"),
 304         },
 305         test   => {
 306             "ExpectedServerCertType" =>, "Ed25519",
 307             "ExpectedServerSignType" =>, "Ed25519",
 308             # Note: certificate_authorities not sent for TLS < 1.3
 309             "ExpectedServerCANames" =>, "empty",
 310             "ExpectedResult" => "Success"
 311         },
 312     },
 313     {
 314         name => "Ed448 CipherString and Signature Algorithm Selection",
 315         server => $server,
 316         client => {
 317             "CipherString" => "aECDSA",
 318             "MaxProtocol" => "TLSv1.2",
 319             "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
 320             "RequestCAFile" => test_pem("root-ed448-cert.pem"),
 321             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 322         },
 323         test   => {
 324             "ExpectedServerCertType" =>, "Ed448",
 325             "ExpectedServerSignType" =>, "Ed448",
 326             # Note: certificate_authorities not sent for TLS < 1.3
 327             "ExpectedServerCANames" =>, "empty",
 328             "ExpectedResult" => "Success"
 329         },
 330     },
 331     {
 332         name => "Ed25519 CipherString and Curves Selection",
 333         server => $server,
 334         client => {
 335             "CipherString" => "aECDSA",
 336             "MaxProtocol" => "TLSv1.2",
 337             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 338             # Excluding P-256 from the supported curves list means server
 339             # certificate should be Ed25519 and not P-256
 340             "Curves" => "X25519"
 341         },
 342         test   => {
 343             "ExpectedServerCertType" =>, "Ed25519",
 344             "ExpectedServerSignType" =>, "Ed25519",
 345             "ExpectedResult" => "Success"
 346         },
 347     },
 348     {
 349         name => "Ed448 CipherString and Curves Selection",
 350         server => $server,
 351         client => {
 352             "CipherString" => "aECDSA",
 353             "MaxProtocol" => "TLSv1.2",
 354             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 355             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 356             # Excluding P-256 from the supported curves list means server
 357             # certificate should be Ed25519 and not P-256
 358             "Curves" => "X448"
 359         },
 360         test   => {
 361             "ExpectedServerCertType" =>, "Ed448",
 362             "ExpectedServerSignType" =>, "Ed448",
 363             "ExpectedResult" => "Success"
 364         },
 365     },
 366     {
 367         name => "TLS 1.2 Ed25519 Client Auth",
 368         server => {
 369             "VerifyCAFile" => test_pem("root-cert.pem"),
 370             "VerifyMode" => "Require"
 371         },
 372         client => {
 373             "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
 374             "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
 375             "MinProtocol" => "TLSv1.2",
 376             "MaxProtocol" => "TLSv1.2"
 377         },
 378         test   => {
 379             "ExpectedClientCertType" => "Ed25519",
 380             "ExpectedClientSignType" => "Ed25519",
 381             "ExpectedResult" => "Success"
 382         },
 383     },
 384     {
 385         name => "TLS 1.2 Ed448 Client Auth",
 386         server => {
 387             "VerifyCAFile" => test_pem("root-cert.pem"),
 388             "VerifyMode" => "Require"
 389         },
 390         client => {
 391             "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
 392             "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
 393             "MinProtocol" => "TLSv1.2",
 394             "MaxProtocol" => "TLSv1.2"
 395         },
 396         test   => {
 397             "ExpectedClientCertType" => "Ed448",
 398             "ExpectedClientSignType" => "Ed448",
 399             "ExpectedResult" => "Success"
 400         },
 401     },
 402 );
 403
 404 my @tests_non_fips = (
 405     {
 406         name => "ECDSA Signature Algorithm Selection SHA1",
 407         server => {
 408             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 409             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 410             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 411             "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 412             "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 413             "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 414             "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 415             "MaxProtocol" => "TLSv1.2"
 416         },
 417         client => {
 418             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 419             "SignatureAlgorithms" => "ECDSA+SHA1",
 420         },
 421         test   => {
 422             "ExpectedServerCertType" => "P-256",
 423             "ExpectedServerSignHash" => "SHA1",
 424             "ExpectedServerSignType" => "EC",
 425             "ExpectedResult" => "Success"
 426         },
 427     },
 428     {
 429         name => "ECDSA with brainpool",
 430         server =>  {
 431             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 432             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 433             "Groups" => "brainpoolP256r1",
 434         },
 435         client => {
 436             "MaxProtocol" => "TLSv1.2",
 437             "CipherString" => "aECDSA",
 438             "RequestCAFile" => test_pem("root-cert.pem"),
 439             "Groups" => "brainpoolP256r1",
 440         },
 441         test   => {
 442             "ExpectedServerCertType" =>, "brainpoolP256r1",
 443             "ExpectedServerSignType" =>, "EC",
 444             # Note: certificate_authorities not sent for TLS < 1.3
 445             "ExpectedServerCANames" =>, "empty",
 446             "ExpectedResult" => "Success"
 447         },
 448     },
 449 );
 450
 451 my @tests_pss = (
 452     {
 453         name => "RSA-PSS Certificate CipherString Selection",
 454         server => $server_pss,
 455         client => {
 456             "CipherString" => "aRSA",
 457             "MaxProtocol" => "TLSv1.2",
 458         },
 459         test   => {
 460             "ExpectedServerCertType" =>, "RSA-PSS",
 461             "ExpectedServerSignType" =>, "RSA-PSS",
 462             "ExpectedResult" => "Success"
 463         },
 464     },
 465     {
 466         name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
 467         server => $server_pss,
 468         client => {
 469             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 470         },
 471         test   => {
 472             "ExpectedServerCertType" => "RSA",
 473             "ExpectedServerSignHash" => "SHA256",
 474             "ExpectedServerSignType" => "RSA-PSS",
 475             "ExpectedResult" => "Success"
 476         },
 477     },
 478     {
 479         name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
 480         server => $server_pss,
 481         client => {
 482             "SignatureAlgorithms" => "rsa_pss_pss_sha256",
 483         },
 484         test   => {
 485             "ExpectedServerCertType" => "RSA-PSS",
 486             "ExpectedServerSignHash" => "SHA256",
 487             "ExpectedServerSignType" => "RSA-PSS",
 488             "ExpectedResult" => "Success"
 489         },
 490     },
 491     {
 492         name => "Only RSA-PSS Certificate",
 493         server => $server_pss_only,
 494         client => {},
 495         test   => {
 496             "ExpectedServerCertType" => "RSA-PSS",
 497             "ExpectedServerSignHash" => "SHA256",
 498             "ExpectedServerSignType" => "RSA-PSS",
 499             "ExpectedResult" => "Success"
 500         },
 501     },
 502     {
 503         name => "Only RSA-PSS Certificate Valid Signature Algorithms",
 504         server => $server_pss_only,
 505         client => {
 506             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 507         },
 508         test   => {
 509             "ExpectedServerCertType" => "RSA-PSS",
 510             "ExpectedServerSignHash" => "SHA512",
 511             "ExpectedServerSignType" => "RSA-PSS",
 512             "ExpectedResult" => "Success"
 513         },
 514     },
 515     {
 516         name => "RSA-PSS Certificate, no PSS signature algorithms",
 517         server => $server_pss_only,
 518         client => {
 519             "SignatureAlgorithms" => "RSA+SHA256",
 520         },
 521         test   => {
 522             "ExpectedResult" => "ServerFail"
 523         },
 524     },
 525     {
 526         name => "Only RSA-PSS Restricted Certificate",
 527         server => $server_pss_restrict_only,
 528         client => {},
 529         test   => {
 530             "ExpectedServerCertType" => "RSA-PSS",
 531             "ExpectedServerSignHash" => "SHA256",
 532             "ExpectedServerSignType" => "RSA-PSS",
 533             "ExpectedResult" => "Success"
 534         },
 535     },
 536     {
 537         name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
 538         server => $server_pss_restrict_only,
 539         client => {
 540             "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
 541         },
 542         test   => {
 543             "ExpectedServerCertType" => "RSA-PSS",
 544             "ExpectedServerSignHash" => "SHA256",
 545             "ExpectedServerSignType" => "RSA-PSS",
 546             "ExpectedResult" => "Success"
 547         },
 548     },
 549     {
 550         name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
 551         server => $server_pss_restrict_only,
 552         client => {
 553             "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
 554         },
 555         test   => {
 556             "ExpectedServerCertType" => "RSA-PSS",
 557             "ExpectedServerSignHash" => "SHA256",
 558             "ExpectedServerSignType" => "RSA-PSS",
 559             "ExpectedResult" => "Success"
 560         },
 561     },
 562     {
 563         name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
 564         server => $server_pss_restrict_only,
 565         client => {
 566             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 567         },
 568         test   => {
 569             "ExpectedResult" => "ServerFail"
 570         },
 571     },
 572     {
 573         name => "RSA key exchange with only RSA-PSS certificate",
 574         server => $server_pss_only,
 575         client => {
 576             "CipherString" => "kRSA",
 577             "MaxProtocol" => "TLSv1.2",
 578         },
 579         test   => {
 580             "ExpectedResult" => "ServerFail"
 581         },
 582     },
 583 );
 584
 585 my @tests_tls_1_1 = (
 586     {
 587         name => "Only RSA-PSS Certificate, TLS v1.1",
 588         server => {
 589             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 590             "Certificate" => test_pem("server-pss-cert.pem"),
 591             "PrivateKey" => test_pem("server-pss-key.pem"),
 592         },
 593         client => {
 594             "MaxProtocol" => "TLSv1.1",
 595             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 596         },
 597         test   => {
 598             "ExpectedResult" => "ServerFail"
 599         },
 600     },
 601 );
 602
 603 push @tests, @tests_non_fips unless $fips_mode;
 604 push @tests, @tests_pss;
 605 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
 606
 607 my $server_tls_1_3;
 608
 609 if ($fips_mode) {
 610     $server_tls_1_3 = {
 611         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 612         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 613         "MinProtocol" => "TLSv1.3",
 614         "MaxProtocol" => "TLSv1.3"
 615     };
 616 } else {
 617     $server_tls_1_3 = {
 618         "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 619         "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 620         "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 621         "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 622         "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 623         "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 624         "MinProtocol" => "TLSv1.3",
 625         "MaxProtocol" => "TLSv1.3"
 626     };
 627 }
 628
 629 my $client_tls_1_3 = {
 630     "RSA.Certificate" => test_pem("ee-client-chain.pem"),
 631     "RSA.PrivateKey" => test_pem("ee-key.pem"),
 632     "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
 633     "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
 634     "MinProtocol" => "TLSv1.3",
 635     "MaxProtocol" => "TLSv1.3"
 636 };
 637
 638 my @tests_tls_1_3 = (
 639     {
 640         name => "TLS 1.3 ECDSA Signature Algorithm Selection",
 641         server => $server_tls_1_3,
 642         client => {
 643             "SignatureAlgorithms" => "ECDSA+SHA256",
 644         },
 645         test   => {
 646             "ExpectedServerCertType" => "P-256",
 647             "ExpectedServerSignHash" => "SHA256",
 648             "ExpectedServerSignType" => "EC",
 649             "ExpectedServerCANames" => "empty",
 650             "ExpectedResult" => "Success"
 651         },
 652     },
 653     {
 654         name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
 655         server => {
 656             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 657             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 658             "MinProtocol" => "TLSv1.3",
 659             "MaxProtocol" => "TLSv1.3"
 660         },
 661         client => {
 662             "SignatureAlgorithms" => "ECDSA+SHA256",
 663         },
 664         test   => {
 665             "ExpectedServerCertType" => "P-256",
 666             "ExpectedServerSignHash" => "SHA256",
 667             "ExpectedServerSignType" => "EC",
 668             "ExpectedServerCANames" => "empty",
 669             "ExpectedResult" => "Success"
 670         },
 671     },
 672     {
 673         name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
 674         server => {
 675             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 676             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 677             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 678             "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 679             "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 680             "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 681             "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 682             "MinProtocol" => "TLSv1.3",
 683             "MaxProtocol" => "TLSv1.3"
 684         },
 685         client => {
 686             "CipherString" => "DEFAULT:\@SECLEVEL=0",
 687             "SignatureAlgorithms" => "ECDSA+SHA1",
 688         },
 689         test   => {
 690             "ExpectedResult" => "ServerFail"
 691         },
 692     },
 693     {
 694         name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
 695         server => $server_tls_1_3,
 696         client => {
 697             "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
 698             "RequestCAFile" => test_pem("root-cert.pem"),
 699         },
 700         test   => {
 701             "ExpectedServerCertType" => "P-256",
 702             "ExpectedServerSignHash" => "SHA256",
 703             "ExpectedServerSignType" => "EC",
 704             "ExpectedServerCANames" => test_pem("root-cert.pem"),
 705             "ExpectedResult" => "Success"
 706         },
 707     },
 708     {
 709         name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
 710         server => $server_tls_1_3,
 711         client => {
 712             "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
 713         },
 714         test   => {
 715             "ExpectedServerCertType" => "RSA",
 716             "ExpectedServerSignHash" => "SHA384",
 717             "ExpectedServerSignType" => "RSA-PSS",
 718             "ExpectedResult" => "Success"
 719         },
 720     },
 721     {
 722         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
 723         server => {
 724             "MinProtocol" => "TLSv1.3",
 725             "MaxProtocol" => "TLSv1.3"
 726         },
 727         client => {
 728             "SignatureAlgorithms" => "ECDSA+SHA256",
 729         },
 730         test   => {
 731             "ExpectedResult" => "ServerFail"
 732         },
 733     },
 734     {
 735         name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
 736         server => $server_tls_1_3,
 737         client => {
 738             "SignatureAlgorithms" => "RSA+SHA256",
 739         },
 740         test   => {
 741             "ExpectedResult" => "ServerFail"
 742         },
 743     },
 744     {
 745         name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
 746         server => $server_tls_1_3,
 747         client => {
 748             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 749         },
 750         test   => {
 751             "ExpectedServerCertType" => "RSA",
 752             "ExpectedServerSignHash" => "SHA256",
 753             "ExpectedServerSignType" => "RSA-PSS",
 754             "ExpectedResult" => "Success"
 755         },
 756     },
 757     {
 758         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
 759         server => {
 760             "ClientSignatureAlgorithms" => "PSS+SHA256",
 761             "VerifyCAFile" => test_pem("root-cert.pem"),
 762             "VerifyMode" => "Require"
 763         },
 764         client => $client_tls_1_3,
 765         test   => {
 766             "ExpectedClientCertType" => "RSA",
 767             "ExpectedClientSignHash" => "SHA256",
 768             "ExpectedClientSignType" => "RSA-PSS",
 769             "ExpectedClientCANames" => "empty",
 770             "ExpectedResult" => "Success"
 771         },
 772     },
 773     {
 774         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
 775         server => {
 776             "ClientSignatureAlgorithms" => "PSS+SHA256",
 777             "VerifyCAFile" => test_pem("root-cert.pem"),
 778             "RequestCAFile" => test_pem("root-cert.pem"),
 779             "VerifyMode" => "Require"
 780         },
 781         client => $client_tls_1_3,
 782         test   => {
 783             "ExpectedClientCertType" => "RSA",
 784             "ExpectedClientSignHash" => "SHA256",
 785             "ExpectedClientSignType" => "RSA-PSS",
 786             "ExpectedClientCANames" => test_pem("root-cert.pem"),
 787             "ExpectedResult" => "Success"
 788         },
 789     },
 790     {
 791         name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
 792         server => {
 793             "ClientSignatureAlgorithms" => "ECDSA+SHA256",
 794             "VerifyCAFile" => test_pem("root-cert.pem"),
 795             "VerifyMode" => "Require"
 796         },
 797         client => $client_tls_1_3,
 798         test   => {
 799             "ExpectedClientCertType" => "P-256",
 800             "ExpectedClientSignHash" => "SHA256",
 801             "ExpectedClientSignType" => "EC",
 802             "ExpectedResult" => "Success"
 803         },
 804     },
 805 );
 806
 807 my @tests_tls_1_3_non_fips = (
 808     {
 809         name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
 810         server => $server_tls_1_3,
 811         client => {
 812             "SignatureAlgorithms" => "ed25519",
 813         },
 814         test   => {
 815             "ExpectedServerCertType" => "Ed25519",
 816             "ExpectedServerSignType" => "Ed25519",
 817             "ExpectedResult" => "Success"
 818         },
 819     },
 820     {
 821         name => "TLS 1.3 Ed448 Signature Algorithm Selection",
 822         server => $server_tls_1_3,
 823         client => {
 824             "SignatureAlgorithms" => "ed448",
 825             "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
 826         },
 827         test   => {
 828             "ExpectedServerCertType" => "Ed448",
 829             "ExpectedServerSignType" => "Ed448",
 830             "ExpectedResult" => "Success"
 831         },
 832     },
 833     {
 834         name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
 835         server => $server_tls_1_3,
 836         client => {
 837             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 838             # Excluding P-256 from the supported groups list should
 839             # mean server still uses a P-256 certificate because supported
 840             # groups is not used in signature selection for TLS 1.3
 841             "Groups" => "X25519"
 842         },
 843         test   => {
 844             "ExpectedServerCertType" =>, "P-256",
 845             "ExpectedServerSignType" =>, "EC",
 846             "ExpectedResult" => "Success"
 847         },
 848     },
 849     {
 850         name => "TLS 1.3 Ed448 CipherString and Groups Selection",
 851         server => $server_tls_1_3,
 852         client => {
 853             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 854             # Excluding P-256 from the supported groups list should
 855             # mean server still uses a P-256 certificate because supported
 856             # groups is not used in signature selection for TLS 1.3
 857             "Groups" => "X448"
 858         },
 859         test   => {
 860             "ExpectedServerCertType" =>, "P-256",
 861             "ExpectedServerSignType" =>, "EC",
 862             "ExpectedResult" => "Success"
 863         },
 864     },
 865     {
 866         name => "TLS 1.3 Ed25519 Client Auth",
 867         server => {
 868             "VerifyCAFile" => test_pem("root-cert.pem"),
 869             "VerifyMode" => "Require"
 870         },
 871         client => {
 872             "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
 873             "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
 874             "MinProtocol" => "TLSv1.3",
 875             "MaxProtocol" => "TLSv1.3"
 876         },
 877         test   => {
 878             "ExpectedClientCertType" => "Ed25519",
 879             "ExpectedClientSignType" => "Ed25519",
 880             "ExpectedResult" => "Success"
 881         },
 882     },
 883     {
 884         name => "TLS 1.3 Ed448 Client Auth",
 885         server => {
 886             "VerifyCAFile" => test_pem("root-cert.pem"),
 887             "VerifyMode" => "Require"
 888         },
 889         client => {
 890             "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
 891             "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
 892             "MinProtocol" => "TLSv1.3",
 893             "MaxProtocol" => "TLSv1.3"
 894         },
 895         test   => {
 896             "ExpectedClientCertType" => "Ed448",
 897             "ExpectedClientSignType" => "Ed448",
 898             "ExpectedResult" => "Success"
 899         },
 900     },
 901     {
 902         name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
 903         server =>  {
 904             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 905             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 906             "Groups" => "brainpoolP256r1",
 907         },
 908         client => {
 909             "CipherString" => "aECDSA",
 910             "RequestCAFile" => test_pem("root-cert.pem"),
 911             "Groups" => "brainpoolP256r1",
 912         },
 913         test   => {
 914             #We only configured brainpoolP256r1 on the client side, but TLSv1.3
 915             #is enabled and this group is not allowed in TLSv1.3. Therefore this
 916             #should fail
 917             "ExpectedResult" => "ClientFail"
 918         },
 919     },
 920     {
 921         name => "TLS 1.3 ECDSA with brainpool",
 922         server =>  {
 923             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 924             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 925         },
 926         client => {
 927             "RequestCAFile" => test_pem("root-cert.pem"),
 928             "MinProtocol" => "TLSv1.3",
 929             "MaxProtocol" => "TLSv1.3"
 930         },
 931         test   => {
 932             "ExpectedResult" => "Success"
 933         },
 934     },
 935 );
 936
 937 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
 938 push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
 939
 940 my @tests_dsa_tls_1_2 = (
 941     {
 942         name => "TLS 1.2 DSA Certificate Test",
 943         server => {
 944             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 945             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 946             "DHParameters" => test_pem("dhp2048.pem"),
 947             "MinProtocol" => "TLSv1.2",
 948             "MaxProtocol" => "TLSv1.2",
 949             "CipherString" => "ALL",
 950         },
 951         client => {
 952             "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
 953             "CipherString" => "ALL",
 954         },
 955         test   => {
 956             "ExpectedResult" => "Success"
 957         },
 958     },
 959 );
 960
 961 my @tests_dsa_tls_1_3 = (
 962     {
 963         name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
 964         server => {
 965             "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
 966             "VerifyCAFile" => test_pem("root-cert.pem"),
 967             "VerifyMode" => "Request"
 968         },
 969         client => {},
 970         test   => {
 971             "ExpectedResult" => "ServerFail"
 972         },
 973     },
 974     {
 975         name => "TLS 1.3 DSA Certificate Test",
 976         server => {
 977             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 978             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 979             "MinProtocol" => "TLSv1.3",
 980             "MaxProtocol" => "TLSv1.3",
 981             "CipherString" => "ALL",
 982         },
 983         client => {
 984             "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
 985             "CipherString" => "ALL",
 986         },
 987         test   => {
 988             "ExpectedResult" => "ServerFail"
 989         },
 990     },
 991 );
 992
 993 if (!disabled("dsa")) {
 994     push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
 995     push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
 996 }