my $server = {
"ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
"ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
- # TODO: add test cases for TLSv1.3
+ # TODO(TLS1.3): add test cases for TLSv1.3
"MaxProtocol" => "TLSv1.2"
};
},
test => {
"ExpectedServerCertType" =>, "P-256",
+ "ExpectedServerSignType" =>, "EC",
"ExpectedResult" => "Success"
},
},
},
test => {
"ExpectedServerCertType" =>, "RSA",
+ "ExpectedServerSignType" =>, "RSA-PSS",
"ExpectedResult" => "Success"
},
},
"SignatureAlgorithms" => "ECDSA+SHA256",
},
test => {
- "ExpectedServerCertType" =>, "P-256",
+ "ExpectedServerCertType" => "P-256",
+ "ExpectedServerSignHash" => "SHA256",
+ "ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
},
"SignatureAlgorithms" => "RSA+SHA256",
},
test => {
- "ExpectedServerCertType" =>, "RSA",
+ "ExpectedServerCertType" => "RSA",
+ "ExpectedServerSignHash" => "SHA256",
+ "ExpectedServerSignType" => "RSA",
+ "ExpectedResult" => "Success"
+ },
+ },
+ {
+ name => "RSA-PSS Signature Algorithm Selection",
+ server => $server,
+ client => {
+ "SignatureAlgorithms" => "RSA-PSS+SHA256",
+ },
+ test => {
+ "ExpectedServerCertType" => "RSA",
+ "ExpectedServerSignHash" => "SHA256",
+ "ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
}