xref: /freebsd/crypto/openssl/test/ssl-tests/20-cert-select.cnf.in (revision 3b68c491d37196bb76a95bce3c02f7c6d5ba22fd)
1# -*- mode: perl; -*-
2
3## SSL test configurations
4
5
6use strict;
7use warnings;
8
9package ssltests;
10use OpenSSL::Test::Utils;
11
12our $fips_mode;
13our $no_deflt_libctx;
14
15my $server = {
16    "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
17    "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
18    "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
19    "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
20    "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
21    "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
22    "MaxProtocol" => "TLSv1.2"
23};
24
25my $server_pss = {
26    "PSS.Certificate" => test_pem("server-pss-cert.pem"),
27    "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
28    "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
29    "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
30    "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
31    "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
32    "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
33    "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
34    "MaxProtocol" => "TLSv1.2"
35};
36
37my $server_pss_only = {
38    "Certificate" => test_pem("server-pss-cert.pem"),
39    "PrivateKey" => test_pem("server-pss-key.pem"),
40};
41
42my $server_pss_restrict_only = {
43    "Certificate" => test_pem("server-pss-restrict-cert.pem"),
44    "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
45};
46
47my $server_rsa_all;
48
49if ($no_deflt_libctx) {
50    $server_rsa_all = {
51        "Certificate" => test_pem("servercert.pem"),
52        "PrivateKey" => test_pem("serverkey.pem"),
53    };
54} else {
55    $server_rsa_all = {
56        "PSS.Certificate" => test_pem("server-pss-cert.pem"),
57        "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
58        "Certificate" => test_pem("servercert.pem"),
59        "PrivateKey" => test_pem("serverkey.pem"),
60    };
61}
62
63our @tests = (
64    {
65        name => "ECDSA CipherString Selection",
66        server => $server,
67        client => {
68            "CipherString" => "aECDSA",
69            "MaxProtocol" => "TLSv1.2",
70            "RequestCAFile" => test_pem("root-cert.pem"),
71        },
72        test   => {
73            "ExpectedServerCertType" =>, "P-256",
74            "ExpectedServerSignType" =>, "EC",
75            # Note: certificate_authorities not sent for TLS < 1.3
76            "ExpectedServerCANames" =>, "empty",
77            "ExpectedResult" => "Success"
78        },
79    },
80    {
81        name => "ECDSA CipherString Selection",
82        server => {
83            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
84            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
85            "MaxProtocol" => "TLSv1.2",
86            #Deliberately set supported_groups to one not in the cert. This
87            #should be tolerated
88            "Groups" => "P-384"
89        },
90        client => {
91            "CipherString" => "aECDSA",
92            "MaxProtocol" => "TLSv1.2",
93            "Groups" => "P-256:P-384",
94            "RequestCAFile" => test_pem("root-cert.pem"),
95        },
96        test   => {
97            "ExpectedServerCertType" =>, "P-256",
98            "ExpectedServerSignType" =>, "EC",
99            # Note: certificate_authorities not sent for TLS < 1.3
100            "ExpectedServerCANames" =>, "empty",
101            "ExpectedResult" => "Success"
102        },
103    },
104    {
105        name => "ECDSA CipherString Selection",
106        server => {
107            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
108            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
109            "MaxProtocol" => "TLSv1.2",
110            "Groups" => "P-256:P-384"
111        },
112        client => {
113            "CipherString" => "aECDSA",
114            "MaxProtocol" => "TLSv1.2",
115            #Deliberately set groups to not include the certificate group. This
116            #should fail
117            "Groups" => "P-384",
118            "RequestCAFile" => test_pem("root-cert.pem"),
119        },
120        test   => {
121            "ExpectedResult" => "ServerFail"
122        },
123    },
124    {
125        name => "RSA CipherString Selection",
126        server => $server,
127        client => {
128            "CipherString" => "aRSA",
129            "MaxProtocol" => "TLSv1.2",
130        },
131        test   => {
132            "ExpectedServerCertType" =>, "RSA",
133            "ExpectedServerSignType" =>, "RSA-PSS",
134            "ExpectedResult" => "Success"
135        },
136    },
137    {
138        name => "P-256 CipherString and Signature Algorithm Selection",
139        server => $server,
140        client => {
141            "CipherString" => "aECDSA",
142            "MaxProtocol" => "TLSv1.2",
143            "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
144        },
145        test   => {
146            "ExpectedServerCertType" => "P-256",
147            "ExpectedServerSignHash" => "SHA256",
148            "ExpectedServerSignType" => "EC",
149            "ExpectedResult" => "Success"
150        },
151    },
152    {
153        name => "ECDSA CipherString Selection, no ECDSA certificate",
154        server => {
155            "MaxProtocol" => "TLSv1.2"
156        },
157        client => {
158            "CipherString" => "aECDSA",
159            "MaxProtocol" => "TLSv1.2"
160        },
161        test   => {
162            "ExpectedResult" => "ServerFail"
163        },
164    },
165    {
166        name => "ECDSA Signature Algorithm Selection",
167        server => $server,
168        client => {
169            "SignatureAlgorithms" => "ECDSA+SHA256",
170        },
171        test   => {
172            "ExpectedServerCertType" => "P-256",
173            "ExpectedServerSignHash" => "SHA256",
174            "ExpectedServerSignType" => "EC",
175            "ExpectedResult" => "Success"
176        },
177    },
178    {
179        name => "ECDSA Signature Algorithm Selection SHA384",
180        server => $server,
181        client => {
182            "SignatureAlgorithms" => "ECDSA+SHA384",
183        },
184        test   => {
185            "ExpectedServerCertType" => "P-256",
186            "ExpectedServerSignHash" => "SHA384",
187            "ExpectedServerSignType" => "EC",
188            "ExpectedResult" => "Success"
189        },
190    },
191    {
192        name => "ECDSA Signature Algorithm Selection compressed point",
193        server => {
194            "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
195            "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
196            "MaxProtocol" => "TLSv1.2"
197        },
198        client => {
199            "SignatureAlgorithms" => "ECDSA+SHA256",
200        },
201        test   => {
202            "ExpectedServerCertType" => "P-256",
203            "ExpectedServerSignHash" => "SHA256",
204            "ExpectedServerSignType" => "EC",
205            "ExpectedResult" => "Success"
206        },
207    },
208    {
209        name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
210        server => {
211             "MaxProtocol" => "TLSv1.2"
212        },
213        client => {
214            "SignatureAlgorithms" => "ECDSA+SHA256",
215        },
216        test   => {
217            "ExpectedResult" => "ServerFail"
218        },
219    },
220    {
221        name => "RSA Signature Algorithm Selection",
222        server => $server,
223        client => {
224            "SignatureAlgorithms" => "RSA+SHA256",
225        },
226        test   => {
227            "ExpectedServerCertType" => "RSA",
228            "ExpectedServerSignHash" => "SHA256",
229            "ExpectedServerSignType" => "RSA",
230            "ExpectedResult" => "Success"
231        },
232    },
233    {
234        name => "RSA-PSS Signature Algorithm Selection",
235        server => $server,
236        client => {
237            "SignatureAlgorithms" => "RSA-PSS+SHA256",
238        },
239        test   => {
240            "ExpectedServerCertType" => "RSA",
241            "ExpectedServerSignHash" => "SHA256",
242            "ExpectedServerSignType" => "RSA-PSS",
243            "ExpectedResult" => "Success"
244        },
245    },
246    {
247        name => "RSA key exchange with all RSA certificate types",
248        server => $server_rsa_all,
249        client => {
250            "CipherString" => "kRSA",
251            "MaxProtocol" => "TLSv1.2",
252        },
253        test   => {
254            "ExpectedServerCertType" =>, "RSA",
255            "ExpectedResult" => "Success"
256        },
257    },
258    {
259        name => "Suite B P-256 Hash Algorithm Selection",
260        server =>  {
261            "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
262            "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
263            "MaxProtocol" => "TLSv1.2",
264            "CipherString" => "SUITEB128"
265        },
266        client => {
267            "VerifyCAFile" => test_pem("p384-root.pem"),
268            "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
269        },
270        test   => {
271            "ExpectedServerCertType" => "P-256",
272            "ExpectedServerSignHash" => "SHA256",
273            "ExpectedServerSignType" => "EC",
274            "ExpectedResult" => "Success"
275        },
276    },
277    {
278        name => "Suite B P-384 Hash Algorithm Selection",
279        server =>  {
280            "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
281            "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
282            "MaxProtocol" => "TLSv1.2",
283            "CipherString" => "SUITEB128"
284        },
285        client => {
286            "VerifyCAFile" => test_pem("p384-root.pem"),
287            "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
288        },
289        test   => {
290            "ExpectedServerCertType" => "P-384",
291            "ExpectedServerSignHash" => "SHA384",
292            "ExpectedServerSignType" => "EC",
293            "ExpectedResult" => "Success"
294        },
295    },
296    {
297        name => "Ed25519 CipherString and Signature Algorithm Selection",
298        server => $server,
299        client => {
300            "CipherString" => "aECDSA",
301            "MaxProtocol" => "TLSv1.2",
302            "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
303            "RequestCAFile" => test_pem("root-cert.pem"),
304        },
305        test   => {
306            "ExpectedServerCertType" =>, "Ed25519",
307            "ExpectedServerSignType" =>, "Ed25519",
308            # Note: certificate_authorities not sent for TLS < 1.3
309            "ExpectedServerCANames" =>, "empty",
310            "ExpectedResult" => "Success"
311        },
312    },
313    {
314        name => "Ed448 CipherString and Signature Algorithm Selection",
315        server => $server,
316        client => {
317            "CipherString" => "aECDSA",
318            "MaxProtocol" => "TLSv1.2",
319            "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
320            "RequestCAFile" => test_pem("root-ed448-cert.pem"),
321            "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
322        },
323        test   => {
324            "ExpectedServerCertType" =>, "Ed448",
325            "ExpectedServerSignType" =>, "Ed448",
326            # Note: certificate_authorities not sent for TLS < 1.3
327            "ExpectedServerCANames" =>, "empty",
328            "ExpectedResult" => "Success"
329        },
330    },
331    {
332        name => "TLS 1.2 Ed25519 Client Auth",
333        server => {
334            "VerifyCAFile" => test_pem("root-cert.pem"),
335            "VerifyMode" => "Require"
336        },
337        client => {
338            "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
339            "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
340            "MinProtocol" => "TLSv1.2",
341            "MaxProtocol" => "TLSv1.2"
342        },
343        test   => {
344            "ExpectedClientCertType" => "Ed25519",
345            "ExpectedClientSignType" => "Ed25519",
346            "ExpectedResult" => "Success"
347        },
348    },
349    {
350        name => "TLS 1.2 Ed448 Client Auth",
351        server => {
352            "VerifyCAFile" => test_pem("root-cert.pem"),
353            "VerifyMode" => "Require"
354        },
355        client => {
356            "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
357            "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
358            "MinProtocol" => "TLSv1.2",
359            "MaxProtocol" => "TLSv1.2"
360        },
361        test   => {
362            "ExpectedClientCertType" => "Ed448",
363            "ExpectedClientSignType" => "Ed448",
364            "ExpectedResult" => "Success"
365        },
366    },
367);
368
369my @tests_non_fips = (
370    {
371        name => "ECDSA Signature Algorithm Selection SHA1",
372        server => {
373            "CipherString" => "DEFAULT:\@SECLEVEL=0",
374            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
375            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
376            "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
377            "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
378            "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
379            "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
380            "MaxProtocol" => "TLSv1.2"
381        },
382        client => {
383            "CipherString" => "DEFAULT:\@SECLEVEL=0",
384            "SignatureAlgorithms" => "ECDSA+SHA1",
385        },
386        test   => {
387            "ExpectedServerCertType" => "P-256",
388            "ExpectedServerSignHash" => "SHA1",
389            "ExpectedServerSignType" => "EC",
390            "ExpectedResult" => "Success"
391        },
392    },
393    {
394        name => "ECDSA with brainpool",
395        server =>  {
396            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
397            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
398            "Groups" => "brainpoolP256r1",
399        },
400        client => {
401            "MaxProtocol" => "TLSv1.2",
402            "CipherString" => "aECDSA",
403            "RequestCAFile" => test_pem("root-cert.pem"),
404            "Groups" => "brainpoolP256r1",
405        },
406        test   => {
407            "ExpectedServerCertType" =>, "brainpoolP256r1",
408            "ExpectedServerSignType" =>, "EC",
409            # Note: certificate_authorities not sent for TLS < 1.3
410            "ExpectedServerCANames" =>, "empty",
411            "ExpectedResult" => "Success"
412        },
413    },
414    {
415        name => "Ed25519 CipherString and Curves Selection",
416        server => $server,
417        client => {
418            "CipherString" => "aECDSA",
419            "MaxProtocol" => "TLSv1.2",
420            "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
421            # Excluding P-256 from the supported curves list means server
422            # certificate should be Ed25519 and not P-256
423            "Curves" => "X25519"
424        },
425        test   => {
426            "ExpectedServerCertType" =>, "Ed25519",
427            "ExpectedServerSignType" =>, "Ed25519",
428            "ExpectedResult" => "Success"
429        },
430    },
431    {
432        name => "Ed448 CipherString and Curves Selection",
433        server => $server,
434        client => {
435            "CipherString" => "aECDSA",
436            "MaxProtocol" => "TLSv1.2",
437            "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
438            "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
439            # Excluding P-256 from the supported curves list means server
440            # certificate should be Ed25519 and not P-256
441            "Curves" => "X448"
442        },
443        test   => {
444            "ExpectedServerCertType" =>, "Ed448",
445            "ExpectedServerSignType" =>, "Ed448",
446            "ExpectedResult" => "Success"
447        },
448    },
449);
450
451my @tests_pss = (
452    {
453        name => "RSA-PSS Certificate CipherString Selection",
454        server => $server_pss,
455        client => {
456            "CipherString" => "aRSA",
457            "MaxProtocol" => "TLSv1.2",
458        },
459        test   => {
460            "ExpectedServerCertType" =>, "RSA-PSS",
461            "ExpectedServerSignType" =>, "RSA-PSS",
462            "ExpectedResult" => "Success"
463        },
464    },
465    {
466        name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
467        server => $server_pss,
468        client => {
469            "SignatureAlgorithms" => "RSA-PSS+SHA256",
470        },
471        test   => {
472            "ExpectedServerCertType" => "RSA",
473            "ExpectedServerSignHash" => "SHA256",
474            "ExpectedServerSignType" => "RSA-PSS",
475            "ExpectedResult" => "Success"
476        },
477    },
478    {
479        name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
480        server => $server_pss,
481        client => {
482            "SignatureAlgorithms" => "rsa_pss_pss_sha256",
483        },
484        test   => {
485            "ExpectedServerCertType" => "RSA-PSS",
486            "ExpectedServerSignHash" => "SHA256",
487            "ExpectedServerSignType" => "RSA-PSS",
488            "ExpectedResult" => "Success"
489        },
490    },
491    {
492        name => "Only RSA-PSS Certificate",
493        server => $server_pss_only,
494        client => {},
495        test   => {
496            "ExpectedServerCertType" => "RSA-PSS",
497            "ExpectedServerSignHash" => "SHA256",
498            "ExpectedServerSignType" => "RSA-PSS",
499            "ExpectedResult" => "Success"
500        },
501    },
502    {
503        name => "Only RSA-PSS Certificate Valid Signature Algorithms",
504        server => $server_pss_only,
505        client => {
506            "SignatureAlgorithms" => "rsa_pss_pss_sha512",
507        },
508        test   => {
509            "ExpectedServerCertType" => "RSA-PSS",
510            "ExpectedServerSignHash" => "SHA512",
511            "ExpectedServerSignType" => "RSA-PSS",
512            "ExpectedResult" => "Success"
513        },
514    },
515    {
516        name => "RSA-PSS Certificate, no PSS signature algorithms",
517        server => $server_pss_only,
518        client => {
519            "SignatureAlgorithms" => "RSA+SHA256",
520        },
521        test   => {
522            "ExpectedResult" => "ServerFail"
523        },
524    },
525    {
526        name => "Only RSA-PSS Restricted Certificate",
527        server => $server_pss_restrict_only,
528        client => {},
529        test   => {
530            "ExpectedServerCertType" => "RSA-PSS",
531            "ExpectedServerSignHash" => "SHA256",
532            "ExpectedServerSignType" => "RSA-PSS",
533            "ExpectedResult" => "Success"
534        },
535    },
536    {
537        name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
538        server => $server_pss_restrict_only,
539        client => {
540            "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
541        },
542        test   => {
543            "ExpectedServerCertType" => "RSA-PSS",
544            "ExpectedServerSignHash" => "SHA256",
545            "ExpectedServerSignType" => "RSA-PSS",
546            "ExpectedResult" => "Success"
547        },
548    },
549    {
550        name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
551        server => $server_pss_restrict_only,
552        client => {
553            "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
554        },
555        test   => {
556            "ExpectedServerCertType" => "RSA-PSS",
557            "ExpectedServerSignHash" => "SHA256",
558            "ExpectedServerSignType" => "RSA-PSS",
559            "ExpectedResult" => "Success"
560        },
561    },
562    {
563        name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
564        server => $server_pss_restrict_only,
565        client => {
566            "SignatureAlgorithms" => "rsa_pss_pss_sha512",
567        },
568        test   => {
569            "ExpectedResult" => "ServerFail"
570        },
571    },
572    {
573        name => "RSA key exchange with only RSA-PSS certificate",
574        server => $server_pss_only,
575        client => {
576            "CipherString" => "kRSA",
577            "MaxProtocol" => "TLSv1.2",
578        },
579        test   => {
580            "ExpectedResult" => "ServerFail"
581        },
582    },
583);
584
585my @tests_tls_1_1 = (
586    {
587        name => "Only RSA-PSS Certificate, TLS v1.1",
588        server => $server_pss_only,
589        client => {
590            "MaxProtocol" => "TLSv1.1",
591        },
592        test   => {
593            "ExpectedResult" => "ServerFail"
594        },
595    },
596);
597
598push @tests, @tests_non_fips unless $fips_mode;
599push @tests, @tests_pss;
600push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $no_deflt_libctx;
601
602my $server_tls_1_3;
603
604if ($fips_mode) {
605    $server_tls_1_3 = {
606        "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
607        "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
608        "MinProtocol" => "TLSv1.3",
609        "MaxProtocol" => "TLSv1.3"
610    };
611} else {
612    $server_tls_1_3 = {
613        "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
614        "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
615        "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
616        "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
617        "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
618        "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
619        "MinProtocol" => "TLSv1.3",
620        "MaxProtocol" => "TLSv1.3"
621    };
622}
623
624my $client_tls_1_3 = {
625    "RSA.Certificate" => test_pem("ee-client-chain.pem"),
626    "RSA.PrivateKey" => test_pem("ee-key.pem"),
627    "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"),
628    "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"),
629    "MinProtocol" => "TLSv1.3",
630    "MaxProtocol" => "TLSv1.3"
631};
632
633my @tests_tls_1_3 = (
634    {
635        name => "TLS 1.3 ECDSA Signature Algorithm Selection",
636        server => $server_tls_1_3,
637        client => {
638            "SignatureAlgorithms" => "ECDSA+SHA256",
639        },
640        test   => {
641            "ExpectedServerCertType" => "P-256",
642            "ExpectedServerSignHash" => "SHA256",
643            "ExpectedServerSignType" => "EC",
644            "ExpectedServerCANames" => "empty",
645            "ExpectedResult" => "Success"
646        },
647    },
648    {
649        name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point",
650        server => {
651            "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"),
652            "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"),
653            "MinProtocol" => "TLSv1.3",
654            "MaxProtocol" => "TLSv1.3"
655        },
656        client => {
657            "SignatureAlgorithms" => "ECDSA+SHA256",
658        },
659        test   => {
660            "ExpectedServerCertType" => "P-256",
661            "ExpectedServerSignHash" => "SHA256",
662            "ExpectedServerSignType" => "EC",
663            "ExpectedServerCANames" => "empty",
664            "ExpectedResult" => "Success"
665        },
666    },
667    {
668        name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1",
669        server => {
670            "CipherString" => "DEFAULT:\@SECLEVEL=0",
671            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
672            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
673            "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
674            "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
675            "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
676            "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
677            "MinProtocol" => "TLSv1.3",
678            "MaxProtocol" => "TLSv1.3"
679        },
680        client => {
681            "CipherString" => "DEFAULT:\@SECLEVEL=0",
682            "SignatureAlgorithms" => "ECDSA+SHA1",
683        },
684        test   => {
685            "ExpectedResult" => "ServerFail"
686        },
687    },
688    {
689        name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
690        server => $server_tls_1_3,
691        client => {
692            "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
693            "RequestCAFile" => test_pem("root-cert.pem"),
694        },
695        test   => {
696            "ExpectedServerCertType" => "P-256",
697            "ExpectedServerSignHash" => "SHA256",
698            "ExpectedServerSignType" => "EC",
699            "ExpectedServerCANames" => test_pem("root-cert.pem"),
700            "ExpectedResult" => "Success"
701        },
702    },
703    {
704        name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
705        server => $server_tls_1_3,
706        client => {
707            "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
708        },
709        test   => {
710            "ExpectedServerCertType" => "RSA",
711            "ExpectedServerSignHash" => "SHA384",
712            "ExpectedServerSignType" => "RSA-PSS",
713            "ExpectedResult" => "Success"
714        },
715    },
716    {
717        name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
718        server => {
719            "MinProtocol" => "TLSv1.3",
720            "MaxProtocol" => "TLSv1.3"
721        },
722        client => {
723            "SignatureAlgorithms" => "ECDSA+SHA256",
724        },
725        test   => {
726            "ExpectedResult" => "ServerFail"
727        },
728    },
729    {
730        name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
731        server => $server_tls_1_3,
732        client => {
733            "SignatureAlgorithms" => "RSA+SHA256",
734        },
735        test   => {
736            "ExpectedResult" => "ServerFail"
737        },
738    },
739    {
740        name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
741        server => $server_tls_1_3,
742        client => {
743            "SignatureAlgorithms" => "RSA-PSS+SHA256",
744        },
745        test   => {
746            "ExpectedServerCertType" => "RSA",
747            "ExpectedServerSignHash" => "SHA256",
748            "ExpectedServerSignType" => "RSA-PSS",
749            "ExpectedResult" => "Success"
750        },
751    },
752    {
753        name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
754        server => {
755            "ClientSignatureAlgorithms" => "PSS+SHA256",
756            "VerifyCAFile" => test_pem("root-cert.pem"),
757            "VerifyMode" => "Require"
758        },
759        client => $client_tls_1_3,
760        test   => {
761            "ExpectedClientCertType" => "RSA",
762            "ExpectedClientSignHash" => "SHA256",
763            "ExpectedClientSignType" => "RSA-PSS",
764            "ExpectedClientCANames" => "empty",
765            "ExpectedResult" => "Success"
766        },
767    },
768    {
769        name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
770        server => {
771            "ClientSignatureAlgorithms" => "PSS+SHA256",
772            "VerifyCAFile" => test_pem("root-cert.pem"),
773            "RequestCAFile" => test_pem("root-cert.pem"),
774            "VerifyMode" => "Require"
775        },
776        client => $client_tls_1_3,
777        test   => {
778            "ExpectedClientCertType" => "RSA",
779            "ExpectedClientSignHash" => "SHA256",
780            "ExpectedClientSignType" => "RSA-PSS",
781            "ExpectedClientCANames" => test_pem("root-cert.pem"),
782            "ExpectedResult" => "Success"
783        },
784    },
785    {
786        name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
787        server => {
788            "ClientSignatureAlgorithms" => "ECDSA+SHA256",
789            "VerifyCAFile" => test_pem("root-cert.pem"),
790            "VerifyMode" => "Require"
791        },
792        client => $client_tls_1_3,
793        test   => {
794            "ExpectedClientCertType" => "P-256",
795            "ExpectedClientSignHash" => "SHA256",
796            "ExpectedClientSignType" => "EC",
797            "ExpectedResult" => "Success"
798        },
799    },
800);
801
802my @tests_tls_1_3_non_fips = (
803    {
804        name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
805        server => $server_tls_1_3,
806        client => {
807            "SignatureAlgorithms" => "ed25519",
808        },
809        test   => {
810            "ExpectedServerCertType" => "Ed25519",
811            "ExpectedServerSignType" => "Ed25519",
812            "ExpectedResult" => "Success"
813        },
814    },
815    {
816        name => "TLS 1.3 Ed448 Signature Algorithm Selection",
817        server => $server_tls_1_3,
818        client => {
819            "SignatureAlgorithms" => "ed448",
820            "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
821        },
822        test   => {
823            "ExpectedServerCertType" => "Ed448",
824            "ExpectedServerSignType" => "Ed448",
825            "ExpectedResult" => "Success"
826        },
827    },
828    {
829        name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
830        server => $server_tls_1_3,
831        client => {
832            "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
833            # Excluding P-256 from the supported groups list should
834            # mean server still uses a P-256 certificate because supported
835            # groups is not used in signature selection for TLS 1.3
836            "Groups" => "X25519"
837        },
838        test   => {
839            "ExpectedServerCertType" =>, "P-256",
840            "ExpectedServerSignType" =>, "EC",
841            "ExpectedResult" => "Success"
842        },
843    },
844    {
845        name => "TLS 1.3 Ed448 CipherString and Groups Selection",
846        server => $server_tls_1_3,
847        client => {
848            "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
849            # Excluding P-256 from the supported groups list should
850            # mean server still uses a P-256 certificate because supported
851            # groups is not used in signature selection for TLS 1.3
852            "Groups" => "X448"
853        },
854        test   => {
855            "ExpectedServerCertType" =>, "P-256",
856            "ExpectedServerSignType" =>, "EC",
857            "ExpectedResult" => "Success"
858        },
859    },
860    {
861        name => "TLS 1.3 Ed25519 Client Auth",
862        server => {
863            "VerifyCAFile" => test_pem("root-cert.pem"),
864            "VerifyMode" => "Require"
865        },
866        client => {
867            "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
868            "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
869            "MinProtocol" => "TLSv1.3",
870            "MaxProtocol" => "TLSv1.3"
871        },
872        test   => {
873            "ExpectedClientCertType" => "Ed25519",
874            "ExpectedClientSignType" => "Ed25519",
875            "ExpectedResult" => "Success"
876        },
877    },
878    {
879        name => "TLS 1.3 Ed448 Client Auth",
880        server => {
881            "VerifyCAFile" => test_pem("root-cert.pem"),
882            "VerifyMode" => "Require"
883        },
884        client => {
885            "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"),
886            "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"),
887            "MinProtocol" => "TLSv1.3",
888            "MaxProtocol" => "TLSv1.3"
889        },
890        test   => {
891            "ExpectedClientCertType" => "Ed448",
892            "ExpectedClientSignType" => "Ed448",
893            "ExpectedResult" => "Success"
894        },
895    },
896    {
897        name => "TLS 1.3 ECDSA with brainpool but no suitable groups",
898        server =>  {
899            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
900            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
901            "Groups" => "brainpoolP256r1",
902        },
903        client => {
904            "CipherString" => "aECDSA",
905            "RequestCAFile" => test_pem("root-cert.pem"),
906            "Groups" => "brainpoolP256r1",
907        },
908        test   => {
909            #We only configured brainpoolP256r1 on the client side, but TLSv1.3
910            #is enabled and this group is not allowed in TLSv1.3. Therefore this
911            #should fail
912            "ExpectedResult" => "ClientFail"
913        },
914    },
915    {
916        name => "TLS 1.3 ECDSA with brainpool",
917        server =>  {
918            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
919            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
920        },
921        client => {
922            "RequestCAFile" => test_pem("root-cert.pem"),
923            "MinProtocol" => "TLSv1.3",
924            "MaxProtocol" => "TLSv1.3"
925        },
926        test   => {
927            "ExpectedResult" => "ServerFail"
928        },
929    },
930);
931
932push @tests, @tests_tls_1_3 unless disabled("tls1_3");
933push @tests, @tests_tls_1_3_non_fips unless disabled("tls1_3") || $fips_mode;
934
935my @tests_dsa_tls_1_2 = (
936    {
937        name => "TLS 1.2 DSA Certificate Test",
938        server => {
939            "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
940            "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
941            "DHParameters" => test_pem("dhp2048.pem"),
942            "MinProtocol" => "TLSv1.2",
943            "MaxProtocol" => "TLSv1.2",
944            "CipherString" => "ALL",
945        },
946        client => {
947            "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
948            "CipherString" => "ALL",
949        },
950        test   => {
951            "ExpectedResult" => "Success"
952        },
953    },
954);
955
956my @tests_dsa_tls_1_3 = (
957    {
958        name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
959        server => {
960            "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
961            "VerifyCAFile" => test_pem("root-cert.pem"),
962            "VerifyMode" => "Request"
963        },
964        client => {},
965        test   => {
966            "ExpectedResult" => "ServerFail"
967        },
968    },
969    {
970        name => "TLS 1.3 DSA Certificate Test",
971        server => {
972            "DSA.Certificate" => test_pem("server-dsa-cert.pem"),
973            "DSA.PrivateKey" => test_pem("server-dsa-key.pem"),
974            "MinProtocol" => "TLSv1.3",
975            "MaxProtocol" => "TLSv1.3",
976            "CipherString" => "ALL",
977        },
978        client => {
979            "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
980            "CipherString" => "ALL",
981        },
982        test   => {
983            "ExpectedResult" => "ServerFail"
984        },
985    },
986);
987
988if (!disabled("dsa")) {
989    push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
990    push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
991}
992