test/ssl-tests/20-cert-select.conf.in

   1 # -*- mode: perl; -*-
   2
   3 ## SSL test configurations
   4
   5
   6 use strict;
   7 use warnings;
   8
   9 package ssltests;
  10 use OpenSSL::Test::Utils;
  11
  12 my $server = {
  13     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  14     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  15     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  16     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  17     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  18     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  19     "MaxProtocol" => "TLSv1.2"
  20 };
  21
  22 my $server_pss = {
  23     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  24     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  25     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  26     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  27     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
  28     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
  29     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
  30     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
  31     "MaxProtocol" => "TLSv1.2"
  32 };
  33
  34 my $server_pss_only = {
  35     "Certificate" => test_pem("server-pss-cert.pem"),
  36     "PrivateKey" => test_pem("server-pss-key.pem"),
  37 };
  38
  39 my $server_pss_restrict_only = {
  40     "Certificate" => test_pem("server-pss-restrict-cert.pem"),
  41     "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
  42 };
  43
  44
  45 my $server_rsa_all = {
  46     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
  47     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
  48     "Certificate" => test_pem("servercert.pem"),
  49     "PrivateKey" => test_pem("serverkey.pem"),
  50 };
  51
  52 our @tests = (
  53     {
  54         name => "ECDSA CipherString Selection",
  55         server => $server,
  56         client => {
  57             "CipherString" => "aECDSA",
  58             "MaxProtocol" => "TLSv1.2",
  59             "RequestCAFile" => test_pem("root-cert.pem"),
  60         },
  61         test   => {
  62             "ExpectedServerCertType" =>, "P-256",
  63             "ExpectedServerSignType" =>, "EC",
  64             # Note: certificate_authorities not sent for TLS < 1.3
  65             "ExpectedServerCANames" =>, "empty",
  66             "ExpectedResult" => "Success"
  67         },
  68     },
  69     {
  70         name => "ECDSA CipherString Selection",
  71         server => {
  72             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  73             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  74             "MaxProtocol" => "TLSv1.2",
  75             #Deliberately set supported_groups to one not in the cert. This
  76             #should be tolerated
  77             "Groups" => "P-384"
  78         },
  79         client => {
  80             "CipherString" => "aECDSA",
  81             "MaxProtocol" => "TLSv1.2",
  82             "Groups" => "P-256:P-384",
  83             "RequestCAFile" => test_pem("root-cert.pem"),
  84         },
  85         test   => {
  86             "ExpectedServerCertType" =>, "P-256",
  87             "ExpectedServerSignType" =>, "EC",
  88             # Note: certificate_authorities not sent for TLS < 1.3
  89             "ExpectedServerCANames" =>, "empty",
  90             "ExpectedResult" => "Success"
  91         },
  92     },
  93     {
  94         name => "ECDSA CipherString Selection",
  95         server => {
  96             "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
  97             "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
  98             "MaxProtocol" => "TLSv1.2",
  99             "Groups" => "P-256:P-384"
 100         },
 101         client => {
 102             "CipherString" => "aECDSA",
 103             "MaxProtocol" => "TLSv1.2",
 104             #Deliberately set groups to not include the certificate group. This
 105             #should fail
 106             "Groups" => "P-384",
 107             "RequestCAFile" => test_pem("root-cert.pem"),
 108         },
 109         test   => {
 110             "ExpectedResult" => "ServerFail"
 111         },
 112     },
 113     {
 114         name => "Ed25519 CipherString and Signature Algorithm Selection",
 115         server => $server,
 116         client => {
 117             "CipherString" => "aECDSA",
 118             "MaxProtocol" => "TLSv1.2",
 119             "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
 120             "RequestCAFile" => test_pem("root-cert.pem"),
 121         },
 122         test   => {
 123             "ExpectedServerCertType" =>, "Ed25519",
 124             "ExpectedServerSignType" =>, "Ed25519",
 125             # Note: certificate_authorities not sent for TLS < 1.3
 126             "ExpectedServerCANames" =>, "empty",
 127             "ExpectedResult" => "Success"
 128         },
 129     },
 130     {
 131         name => "Ed448 CipherString and Signature Algorithm Selection",
 132         server => $server,
 133         client => {
 134             "CipherString" => "aECDSA",
 135             "MaxProtocol" => "TLSv1.2",
 136             "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
 137             "RequestCAFile" => test_pem("root-cert.pem"),
 138         },
 139         test   => {
 140             "ExpectedServerCertType" =>, "Ed448",
 141             "ExpectedServerSignType" =>, "Ed448",
 142             # Note: certificate_authorities not sent for TLS < 1.3
 143             "ExpectedServerCANames" =>, "empty",
 144             "ExpectedResult" => "Success"
 145         },
 146     },
 147     {
 148         name => "ECDSA with brainpool",
 149         server =>  {
 150             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 151             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 152             "Groups" => "brainpoolP256r1",
 153         },
 154         client => {
 155             #We don't restrict this to TLSv1.2, although use of brainpool
 156             #should force this anyway so that this should succeed
 157             "CipherString" => "aECDSA",
 158             "RequestCAFile" => test_pem("root-cert.pem"),
 159             "Groups" => "brainpoolP256r1",
 160         },
 161         test   => {
 162             "ExpectedServerCertType" =>, "brainpoolP256r1",
 163             "ExpectedServerSignType" =>, "EC",
 164             # Note: certificate_authorities not sent for TLS < 1.3
 165             "ExpectedServerCANames" =>, "empty",
 166             "ExpectedResult" => "Success"
 167         },
 168     },
 169     {
 170         name => "RSA CipherString Selection",
 171         server => $server,
 172         client => {
 173             "CipherString" => "aRSA",
 174             "MaxProtocol" => "TLSv1.2",
 175         },
 176         test   => {
 177             "ExpectedServerCertType" =>, "RSA",
 178             "ExpectedServerSignType" =>, "RSA-PSS",
 179             "ExpectedResult" => "Success"
 180         },
 181     },
 182     {
 183         name => "RSA-PSS Certificate CipherString Selection",
 184         server => $server_pss,
 185         client => {
 186             "CipherString" => "aRSA",
 187             "MaxProtocol" => "TLSv1.2",
 188         },
 189         test   => {
 190             "ExpectedServerCertType" =>, "RSA-PSS",
 191             "ExpectedServerSignType" =>, "RSA-PSS",
 192             "ExpectedResult" => "Success"
 193         },
 194     },
 195     {
 196         name => "P-256 CipherString and Signature Algorithm Selection",
 197         server => $server,
 198         client => {
 199             "CipherString" => "aECDSA",
 200             "MaxProtocol" => "TLSv1.2",
 201             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 202         },
 203         test   => {
 204             "ExpectedServerCertType" => "P-256",
 205             "ExpectedServerSignHash" => "SHA256",
 206             "ExpectedServerSignType" => "EC",
 207             "ExpectedResult" => "Success"
 208         },
 209     },
 210     {
 211         name => "Ed25519 CipherString and Curves Selection",
 212         server => $server,
 213         client => {
 214             "CipherString" => "aECDSA",
 215             "MaxProtocol" => "TLSv1.2",
 216             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 217             # Excluding P-256 from the supported curves list means server
 218             # certificate should be Ed25519 and not P-256
 219             "Curves" => "X25519"
 220         },
 221         test   => {
 222             "ExpectedServerCertType" =>, "Ed25519",
 223             "ExpectedServerSignType" =>, "Ed25519",
 224             "ExpectedResult" => "Success"
 225         },
 226     },
 227     {
 228         name => "Ed448 CipherString and Curves Selection",
 229         server => $server,
 230         client => {
 231             "CipherString" => "aECDSA",
 232             "MaxProtocol" => "TLSv1.2",
 233             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 234             # Excluding P-256 from the supported curves list means server
 235             # certificate should be Ed25519 and not P-256
 236             "Curves" => "X448"
 237         },
 238         test   => {
 239             "ExpectedServerCertType" =>, "Ed448",
 240             "ExpectedServerSignType" =>, "Ed448",
 241             "ExpectedResult" => "Success"
 242         },
 243     },
 244     {
 245         name => "ECDSA CipherString Selection, no ECDSA certificate",
 246         server => {
 247             "MaxProtocol" => "TLSv1.2"
 248         },
 249         client => {
 250             "CipherString" => "aECDSA",
 251             "MaxProtocol" => "TLSv1.2"
 252         },
 253         test   => {
 254             "ExpectedResult" => "ServerFail"
 255         },
 256     },
 257     {
 258         name => "ECDSA Signature Algorithm Selection",
 259         server => $server,
 260         client => {
 261             "SignatureAlgorithms" => "ECDSA+SHA256",
 262         },
 263         test   => {
 264             "ExpectedServerCertType" => "P-256",
 265             "ExpectedServerSignHash" => "SHA256",
 266             "ExpectedServerSignType" => "EC",
 267             "ExpectedResult" => "Success"
 268         },
 269     },
 270     {
 271         name => "ECDSA Signature Algorithm Selection SHA384",
 272         server => $server,
 273         client => {
 274             "SignatureAlgorithms" => "ECDSA+SHA384",
 275         },
 276         test   => {
 277             "ExpectedServerCertType" => "P-256",
 278             "ExpectedServerSignHash" => "SHA384",
 279             "ExpectedServerSignType" => "EC",
 280             "ExpectedResult" => "Success"
 281         },
 282     },
 283     {
 284         name => "ECDSA Signature Algorithm Selection SHA1",
 285         server => $server,
 286         client => {
 287             "SignatureAlgorithms" => "ECDSA+SHA1",
 288         },
 289         test   => {
 290             "ExpectedServerCertType" => "P-256",
 291             "ExpectedServerSignHash" => "SHA1",
 292             "ExpectedServerSignType" => "EC",
 293             "ExpectedResult" => "Success"
 294         },
 295     },
 296     {
 297         name => "ECDSA Signature Algorithm Selection compressed point",
 298         server => {
 299             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 300             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 301             "MaxProtocol" => "TLSv1.2"
 302         },
 303         client => {
 304             "SignatureAlgorithms" => "ECDSA+SHA256",
 305         },
 306         test   => {
 307             "ExpectedServerCertType" => "P-256",
 308             "ExpectedServerSignHash" => "SHA256",
 309             "ExpectedServerSignType" => "EC",
 310             "ExpectedResult" => "Success"
 311         },
 312     },
 313     {
 314         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
 315         server => {
 316              "MaxProtocol" => "TLSv1.2"
 317         },
 318         client => {
 319             "SignatureAlgorithms" => "ECDSA+SHA256",
 320         },
 321         test   => {
 322             "ExpectedResult" => "ServerFail"
 323         },
 324     },
 325     {
 326         name => "RSA Signature Algorithm Selection",
 327         server => $server,
 328         client => {
 329             "SignatureAlgorithms" => "RSA+SHA256",
 330         },
 331         test   => {
 332             "ExpectedServerCertType" => "RSA",
 333             "ExpectedServerSignHash" => "SHA256",
 334             "ExpectedServerSignType" => "RSA",
 335             "ExpectedResult" => "Success"
 336         },
 337     },
 338     {
 339         name => "RSA-PSS Signature Algorithm Selection",
 340         server => $server,
 341         client => {
 342             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 343         },
 344         test   => {
 345             "ExpectedServerCertType" => "RSA",
 346             "ExpectedServerSignHash" => "SHA256",
 347             "ExpectedServerSignType" => "RSA-PSS",
 348             "ExpectedResult" => "Success"
 349         },
 350     },
 351     {
 352         name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
 353         server => $server_pss,
 354         client => {
 355             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 356         },
 357         test   => {
 358             "ExpectedServerCertType" => "RSA",
 359             "ExpectedServerSignHash" => "SHA256",
 360             "ExpectedServerSignType" => "RSA-PSS",
 361             "ExpectedResult" => "Success"
 362         },
 363     },
 364     {
 365         name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
 366         server => $server_pss,
 367         client => {
 368             "SignatureAlgorithms" => "rsa_pss_pss_sha256",
 369         },
 370         test   => {
 371             "ExpectedServerCertType" => "RSA-PSS",
 372             "ExpectedServerSignHash" => "SHA256",
 373             "ExpectedServerSignType" => "RSA-PSS",
 374             "ExpectedResult" => "Success"
 375         },
 376     },
 377     {
 378         name => "Only RSA-PSS Certificate",
 379         server => $server_pss_only,
 380         client => {},
 381         test   => {
 382             "ExpectedServerCertType" => "RSA-PSS",
 383             "ExpectedServerSignHash" => "SHA256",
 384             "ExpectedServerSignType" => "RSA-PSS",
 385             "ExpectedResult" => "Success"
 386         },
 387     },
 388     {
 389         name => "Only RSA-PSS Certificate Valid Signature Algorithms",
 390         server => $server_pss_only,
 391         client => {
 392             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 393         },
 394         test   => {
 395             "ExpectedServerCertType" => "RSA-PSS",
 396             "ExpectedServerSignHash" => "SHA512",
 397             "ExpectedServerSignType" => "RSA-PSS",
 398             "ExpectedResult" => "Success"
 399         },
 400     },
 401     {
 402         name => "RSA-PSS Certificate, no PSS signature algorithms",
 403         server => $server_pss_only,
 404         client => {
 405             "SignatureAlgorithms" => "RSA+SHA256",
 406         },
 407         test   => {
 408             "ExpectedResult" => "ServerFail"
 409         },
 410     },
 411     {
 412         name => "Only RSA-PSS Restricted Certificate",
 413         server => $server_pss_restrict_only,
 414         client => {},
 415         test   => {
 416             "ExpectedServerCertType" => "RSA-PSS",
 417             "ExpectedServerSignHash" => "SHA256",
 418             "ExpectedServerSignType" => "RSA-PSS",
 419             "ExpectedResult" => "Success"
 420         },
 421     },
 422     {
 423         name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
 424         server => $server_pss_restrict_only,
 425         client => {
 426             "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
 427         },
 428         test   => {
 429             "ExpectedServerCertType" => "RSA-PSS",
 430             "ExpectedServerSignHash" => "SHA256",
 431             "ExpectedServerSignType" => "RSA-PSS",
 432             "ExpectedResult" => "Success"
 433         },
 434     },
 435     {
 436         name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
 437         server => $server_pss_restrict_only,
 438         client => {
 439             "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
 440         },
 441         test   => {
 442             "ExpectedServerCertType" => "RSA-PSS",
 443             "ExpectedServerSignHash" => "SHA256",
 444             "ExpectedServerSignType" => "RSA-PSS",
 445             "ExpectedResult" => "Success"
 446         },
 447     },
 448     {
 449         name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
 450         server => $server_pss_restrict_only,
 451         client => {
 452             "SignatureAlgorithms" => "rsa_pss_pss_sha512",
 453         },
 454         test   => {
 455             "ExpectedResult" => "ServerFail"
 456         },
 457     },
 458     {
 459         name => "RSA key exchange with all RSA certificate types",
 460         server => $server_rsa_all,
 461         client => {
 462             "CipherString" => "kRSA",
 463             "MaxProtocol" => "TLSv1.2",
 464         },
 465         test   => {
 466             "ExpectedServerCertType" =>, "RSA",
 467             "ExpectedResult" => "Success"
 468         },
 469     },
 470     {
 471         name => "RSA key exchange with only RSA-PSS certificate",
 472         server => $server_pss_only,
 473         client => {
 474             "CipherString" => "kRSA",
 475             "MaxProtocol" => "TLSv1.2",
 476         },
 477         test   => {
 478             "ExpectedResult" => "ServerFail"
 479         },
 480     },
 481     {
 482         name => "Suite B P-256 Hash Algorithm Selection",
 483         server =>  {
 484             "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
 485             "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
 486             "MaxProtocol" => "TLSv1.2",
 487             "CipherString" => "SUITEB128"
 488         },
 489         client => {
 490             "VerifyCAFile" => test_pem("p384-root.pem"),
 491             "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
 492         },
 493         test   => {
 494             "ExpectedServerCertType" => "P-256",
 495             "ExpectedServerSignHash" => "SHA256",
 496             "ExpectedServerSignType" => "EC",
 497             "ExpectedResult" => "Success"
 498         },
 499     },
 500     {
 501         name => "Suite B P-384 Hash Algorithm Selection",
 502         server =>  {
 503             "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
 504             "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
 505             "MaxProtocol" => "TLSv1.2",
 506             "CipherString" => "SUITEB128"
 507         },
 508         client => {
 509             "VerifyCAFile" => test_pem("p384-root.pem"),
 510             "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
 511         },
 512         test   => {
 513             "ExpectedServerCertType" => "P-384",
 514             "ExpectedServerSignHash" => "SHA384",
 515             "ExpectedServerSignType" => "EC",
 516             "ExpectedResult" => "Success"
 517         },
 518     },
 519     {
 520         name => "TLS 1.2 Ed25519 Client Auth",
 521         server => {
 522             "VerifyCAFile" => test_pem("root-cert.pem"),
 523             "VerifyMode" => "Require"
 524         },
 525         client => {
 526             "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
 527             "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
 528             "MinProtocol" => "TLSv1.2",
 529             "MaxProtocol" => "TLSv1.2"
 530         },
 531         test   => {
 532             "ExpectedClientCertType" => "Ed25519",
 533             "ExpectedClientSignType" => "Ed25519",
 534             "ExpectedResult" => "Success"
 535         },
 536     },
 537     {
 538         name => "TLS 1.2 Ed448 Client Auth",
 539         server => {
 540             "VerifyCAFile" => test_pem("root-cert.pem"),
 541             "VerifyMode" => "Require"
 542         },
 543         client => {
 544             "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
 545             "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
 546             "MinProtocol" => "TLSv1.2",
 547             "MaxProtocol" => "TLSv1.2"
 548         },
 549         test   => {
 550             "ExpectedClientCertType" => "Ed448",
 551             "ExpectedClientSignType" => "Ed448",
 552             "ExpectedResult" => "Success"
 553         },
 554     },
 555 );
 556
 557 my @tests_tls_1_1 = (
 558     {
 559         name => "Only RSA-PSS Certificate, TLS v1.1",
 560         server => $server_pss_only,
 561         client => {
 562             "MaxProtocol" => "TLSv1.1",
 563         },
 564         test   => {
 565             "ExpectedResult" => "ServerFail"
 566         },
 567     },
 568 );
 569
 570 push @tests, @tests_tls_1_1 unless disabled("tls1_1");
 571
 572 my $server_tls_1_3 = {
 573     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 574     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 575     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 576     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 577     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 578     "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
 579     "MinProtocol" => "TLSv1.3",
 580     "MaxProtocol" => "TLSv1.3"
 581 };
 582
 583 my $server_tls_1_3_pss = {
 584     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
 585     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
 586     "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
 587     "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
 588     "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
 589     "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
 590     "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
 591     "Ed448.PrivateKey" => test_pem("server-ed449-key.pem"),
 592     "MinProtocol" => "TLSv1.3",
 593     "MaxProtocol" => "TLSv1.3"
 594 };
 595
 596 my $client_tls_1_3 = {
 597     "RSA.Certificate" => test_pem("ee-client-chain.pem"),
 598     "RSA.PrivateKey" => test_pem("ee-key.pem"),
 599     "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
 600     "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
 601     "MinProtocol" => "TLSv1.3",
 602     "MaxProtocol" => "TLSv1.3"
 603 };
 604
 605 my @tests_tls_1_3 = (
 606     {
 607         name => "TLS 1.3 ECDSA Signature Algorithm Selection",
 608         server => $server_tls_1_3,
 609         client => {
 610             "SignatureAlgorithms" => "ECDSA+SHA256",
 611         },
 612         test   => {
 613             "ExpectedServerCertType" => "P-256",
 614             "ExpectedServerSignHash" => "SHA256",
 615             "ExpectedServerSignType" => "EC",
 616             "ExpectedServerCANames" => "empty",
 617             "ExpectedResult" => "Success"
 618         },
 619     },
 620     {
 621         name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
 622         server => {
 623             "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
 624             "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
 625             "MinProtocol" => "TLSv1.3",
 626             "MaxProtocol" => "TLSv1.3"
 627         },
 628         client => {
 629             "SignatureAlgorithms" => "ECDSA+SHA256",
 630         },
 631         test   => {
 632             "ExpectedServerCertType" => "P-256",
 633             "ExpectedServerSignHash" => "SHA256",
 634             "ExpectedServerSignType" => "EC",
 635             "ExpectedServerCANames" => "empty",
 636             "ExpectedResult" => "Success"
 637         },
 638     },
 639     {
 640         name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
 641         server => $server_tls_1_3,
 642         client => {
 643             "SignatureAlgorithms" => "ECDSA+SHA1",
 644         },
 645         test   => {
 646             "ExpectedResult" => "ServerFail"
 647         },
 648     },
 649     {
 650         name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
 651         server => $server_tls_1_3,
 652         client => {
 653             "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
 654             "RequestCAFile" => test_pem("root-cert.pem"),
 655         },
 656         test   => {
 657             "ExpectedServerCertType" => "P-256",
 658             "ExpectedServerSignHash" => "SHA256",
 659             "ExpectedServerSignType" => "EC",
 660             "ExpectedServerCANames" => test_pem("root-cert.pem"),
 661             "ExpectedResult" => "Success"
 662         },
 663     },
 664     {
 665         name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
 666         server => $server_tls_1_3,
 667         client => {
 668             "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
 669         },
 670         test   => {
 671             "ExpectedServerCertType" => "RSA",
 672             "ExpectedServerSignHash" => "SHA384",
 673             "ExpectedServerSignType" => "RSA-PSS",
 674             "ExpectedResult" => "Success"
 675         },
 676     },
 677     {
 678         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
 679         server => {
 680             "MinProtocol" => "TLSv1.3",
 681             "MaxProtocol" => "TLSv1.3"
 682         },
 683         client => {
 684             "SignatureAlgorithms" => "ECDSA+SHA256",
 685         },
 686         test   => {
 687             "ExpectedResult" => "ServerFail"
 688         },
 689     },
 690     {
 691         name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
 692         server => $server_tls_1_3,
 693         client => {
 694             "SignatureAlgorithms" => "RSA+SHA256",
 695         },
 696         test   => {
 697             "ExpectedResult" => "ServerFail"
 698         },
 699     },
 700     {
 701         name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
 702         server => $server_tls_1_3,
 703         client => {
 704             "SignatureAlgorithms" => "RSA-PSS+SHA256",
 705         },
 706         test   => {
 707             "ExpectedServerCertType" => "RSA",
 708             "ExpectedServerSignHash" => "SHA256",
 709             "ExpectedServerSignType" => "RSA-PSS",
 710             "ExpectedResult" => "Success"
 711         },
 712     },
 713     {
 714         name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
 715         server => $server_tls_1_3,
 716         client => {
 717             "SignatureAlgorithms" => "ed25519",
 718         },
 719         test   => {
 720             "ExpectedServerCertType" => "Ed25519",
 721             "ExpectedServerSignType" => "Ed25519",
 722             "ExpectedResult" => "Success"
 723         },
 724     },
 725     {
 726         name => "TLS 1.3 Ed448 Signature Algorithm Selection",
 727         server => $server_tls_1_3,
 728         client => {
 729             "SignatureAlgorithms" => "ed448",
 730         },
 731         test   => {
 732             "ExpectedServerCertType" => "Ed448",
 733             "ExpectedServerSignType" => "Ed448",
 734             "ExpectedResult" => "Success"
 735         },
 736     },
 737     {
 738         name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
 739         server => $server_tls_1_3,
 740         client => {
 741             "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
 742             # Excluding P-256 from the supported groups list should
 743             # mean server still uses a P-256 certificate because supported
 744             # groups is not used in signature selection for TLS 1.3
 745             "Groups" => "X25519"
 746         },
 747         test   => {
 748             "ExpectedServerCertType" =>, "P-256",
 749             "ExpectedServerSignType" =>, "EC",
 750             "ExpectedResult" => "Success"
 751         },
 752     },
 753     {
 754         name => "TLS 1.3 Ed448 CipherString and Groups Selection",
 755         server => $server_tls_1_3,
 756         client => {
 757             "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
 758             # Excluding P-256 from the supported groups list should
 759             # mean server still uses a P-256 certificate because supported
 760             # groups is not used in signature selection for TLS 1.3
 761             "Groups" => "X448"
 762         },
 763         test   => {
 764             "ExpectedServerCertType" =>, "P-256",
 765             "ExpectedServerSignType" =>, "EC",
 766             "ExpectedResult" => "Success"
 767         },
 768     },
 769     {
 770         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
 771         server => {
 772             "ClientSignatureAlgorithms" => "PSS+SHA256",
 773             "VerifyCAFile" => test_pem("root-cert.pem"),
 774             "VerifyMode" => "Require"
 775         },
 776         client => $client_tls_1_3,
 777         test   => {
 778             "ExpectedClientCertType" => "RSA",
 779             "ExpectedClientSignHash" => "SHA256",
 780             "ExpectedClientSignType" => "RSA-PSS",
 781             "ExpectedClientCANames" => "empty",
 782             "ExpectedResult" => "Success"
 783         },
 784     },
 785     {
 786         name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
 787         server => {
 788             "ClientSignatureAlgorithms" => "PSS+SHA256",
 789             "VerifyCAFile" => test_pem("root-cert.pem"),
 790             "RequestCAFile" => test_pem("root-cert.pem"),
 791             "VerifyMode" => "Require"
 792         },
 793         client => $client_tls_1_3,
 794         test   => {
 795             "ExpectedClientCertType" => "RSA",
 796             "ExpectedClientSignHash" => "SHA256",
 797             "ExpectedClientSignType" => "RSA-PSS",
 798             "ExpectedClientCANames" => test_pem("root-cert.pem"),
 799             "ExpectedResult" => "Success"
 800         },
 801     },
 802     {
 803         name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
 804         server => {
 805             "ClientSignatureAlgorithms" => "ECDSA+SHA256",
 806             "VerifyCAFile" => test_pem("root-cert.pem"),
 807             "VerifyMode" => "Require"
 808         },
 809         client => $client_tls_1_3,
 810         test   => {
 811             "ExpectedClientCertType" => "P-256",
 812             "ExpectedClientSignHash" => "SHA256",
 813             "ExpectedClientSignType" => "EC",
 814             "ExpectedResult" => "Success"
 815         },
 816     },
 817     {
 818         name => "TLS 1.3 Ed25519 Client Auth",
 819         server => {
 820             "VerifyCAFile" => test_pem("root-cert.pem"),
 821             "VerifyMode" => "Require"
 822         },
 823         client => {
 824             "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
 825             "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
 826             "MinProtocol" => "TLSv1.3",
 827             "MaxProtocol" => "TLSv1.3"
 828         },
 829         test   => {
 830             "ExpectedClientCertType" => "Ed25519",
 831             "ExpectedClientSignType" => "Ed25519",
 832             "ExpectedResult" => "Success"
 833         },
 834     },
 835     {
 836         name => "TLS 1.3 Ed448 Client Auth",
 837         server => {
 838             "VerifyCAFile" => test_pem("root-cert.pem"),
 839             "VerifyMode" => "Require"
 840         },
 841         client => {
 842             "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
 843             "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
 844             "MinProtocol" => "TLSv1.3",
 845             "MaxProtocol" => "TLSv1.3"
 846         },
 847         test   => {
 848             "ExpectedClientCertType" => "Ed448",
 849             "ExpectedClientSignType" => "Ed448",
 850             "ExpectedResult" => "Success"
 851         },
 852     },
 853     {
 854         name => "TLS 1.3 ECDSA with brainpool",
 855         server =>  {
 856             "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
 857             "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
 858             "Groups" => "brainpoolP256r1",
 859         },
 860         client => {
 861             "RequestCAFile" => test_pem("root-cert.pem"),
 862             "Groups" => "brainpoolP256r1",
 863             "MinProtocol" => "TLSv1.3",
 864             "MaxProtocol" => "TLSv1.3"
 865         },
 866         test   => {
 867             "ExpectedResult" => "ServerFail"
 868         },
 869     },
 870 );
 871
 872 push @tests, @tests_tls_1_3 unless disabled("tls1_3");
 873
 874 my @tests_dsa_tls_1_2 = (
 875     {
 876         name => "TLS 1.2 DSA Certificate Test",
 877         server => {
 878             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 879             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 880             "DHParameters" => test_pem("dhp2048.pem"),
 881             "MinProtocol" => "TLSv1.2",
 882             "MaxProtocol" => "TLSv1.2",
 883             "CipherString" => "ALL",
 884         },
 885         client => {
 886             "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
 887             "CipherString" => "ALL",
 888         },
 889         test   => {
 890             "ExpectedResult" => "Success"
 891         },
 892     },
 893 );
 894
 895 my @tests_dsa_tls_1_3 = (
 896     {
 897         name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
 898         server => {
 899             "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
 900             "VerifyCAFile" => test_pem("root-cert.pem"),
 901             "VerifyMode" => "Request"
 902         },
 903         client => {},
 904         test   => {
 905             "ExpectedResult" => "ServerFail"
 906         },
 907     },
 908     {
 909         name => "TLS 1.3 DSA Certificate Test",
 910         server => {
 911             "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
 912             "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
 913             "MinProtocol" => "TLSv1.3",
 914             "MaxProtocol" => "TLSv1.3",
 915             "CipherString" => "ALL",
 916         },
 917         client => {
 918             "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
 919             "CipherString" => "ALL",
 920         },
 921         test   => {
 922             "ExpectedResult" => "ServerFail"
 923         },
 924     },
 925 );
 926
 927 if (!disabled("dsa")) {
 928     push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
 929     push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
 930 }