int ossl_prov_digest_md_to_nid(const EVP_MD *md, const OSSL_ITEM *it,
size_t it_len);
int ossl_prov_digest_get_approved_nid(const EVP_MD *md, int sha1_allowed);
+int ossl_prov_ec_check(const EC_KEY *ec, int protect);
#endif
return mdnid;
}
+
+/*
+ * In FIPS mode:
+ * protect should be 1 for any operations that need 112 bits of security
+ * strength (such as signing, and key exchange), or 0 for operations that allow
+ * a lower security strength (such as verify).
+ *
+ * For ECDH key agreement refer to SP800-56A
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf
+ * "Appendix D"
+ *
+ * For ECDSA signatures refer to
+ * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf
+ * "Table 2"
+ */
+int ossl_prov_ec_check(const EC_KEY *ec, int protect)
+{
+#ifdef FIPS_MODULE
+ int nid, strength;
+ const char *curve_name;
+ const EC_GROUP *group = EC_KEY_get0_group(ec);
+
+ if (group == NULL) {
+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE, "No group");
+ return 0;
+ }
+ nid = EC_GROUP_get_curve_name(group);
+ if (nid == NID_undef) {
+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
+ "Explicit curves are not allowed in fips mode");
+ return 0;
+ }
+
+ curve_name = EC_curve_nid2nist(nid);
+ if (curve_name == NULL) {
+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
+ "Curve %s is not approved in FIPS mode", curve_name);
+ return 0;
+ }
+
+ /*
+ * For EC the security strength is the (order_bits / 2)
+ * e.g. P-224 is 112 bits.
+ */
+ strength = EC_GROUP_order_bits(group) / 2;
+ /* The min security strength allowed for legacy verification is 80 bits */
+ if (strength < 80) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CURVE);
+ return 0;
+ }
+
+ /*
+ * For signing/or key agreement only allow curves with at least 112 bits of
+ * security strength
+ */
+ if (protect && strength < 112) {
+ ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_CURVE,
+ "Curve %s cannot be used for signing", curve_name);
+ return 0;
+ }
+#endif
+ return 1;
+}
#include "prov/providercommonerr.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
+#include "prov/provider_util.h"
#include "crypto/ec.h"
#include "prov/der_ec.h"
static OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
-static OSSL_FUNC_signature_sign_init_fn ecdsa_signature_init;
-static OSSL_FUNC_signature_verify_init_fn ecdsa_signature_init;
+static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init;
+static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init;
static OSSL_FUNC_signature_sign_fn ecdsa_sign;
static OSSL_FUNC_signature_verify_fn ecdsa_verify;
-static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_signverify_init;
+static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init;
static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update;
static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final;
-static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_signverify_init;
+static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init;
static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update;
static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final;
static OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
unsigned char *aid;
size_t aid_len;
size_t mdsize;
+ int operation;
EVP_MD *md;
EVP_MD_CTX *mdctx;
return ctx;
}
-static int ecdsa_signature_init(void *vctx, void *ec)
+static int ecdsa_signverify_init(void *vctx, void *ec, int operation)
{
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
return 0;
EC_KEY_free(ctx->ec);
ctx->ec = ec;
- return 1;
+ ctx->operation = operation;
+ return ossl_prov_ec_check(ec, operation == EVP_PKEY_OP_SIGN);
+}
+
+static int ecdsa_sign_init(void *vctx, void *ec)
+{
+ return ecdsa_signverify_init(vctx, ec, EVP_PKEY_OP_SIGN);
+}
+
+static int ecdsa_verify_init(void *vctx, void *ec)
+{
+ return ecdsa_signverify_init(vctx, ec, EVP_PKEY_OP_VERIFY);
}
static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen,
return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec);
}
-static int get_md_nid(const EVP_MD *md)
+static int get_md_nid(const PROV_ECDSA_CTX *ctx, const EVP_MD *md)
{
- /*
- * Because the ECDSA library deals with NIDs, we need to translate.
- * We do so using EVP_MD_is_a(), and therefore need a name to NID
- * map.
- */
- static const OSSL_ITEM name_to_nid[] = {
- { NID_sha1, OSSL_DIGEST_NAME_SHA1 },
- { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 },
- { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 },
- { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 },
- { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 },
- { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 },
- { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 },
- { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 },
- { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 },
- /* TODO - Add SHAKE OIDS when they are standardized */
-
- };
- size_t i;
- int mdnid = NID_undef;
-
- if (md == NULL)
- goto end;
-
- for (i = 0; i < OSSL_NELEM(name_to_nid); i++) {
- if (EVP_MD_is_a(md, name_to_nid[i].ptr)) {
- mdnid = (int)name_to_nid[i].id;
- break;
- }
- }
-
- if (mdnid == NID_undef)
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST);
+ int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
- end:
- return mdnid;
+ return ossl_prov_digest_get_approved_nid(md, sha1_allowed);
}
static void free_md(PROV_ECDSA_CTX *ctx)
}
static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
- void *ec)
+ void *ec, int operation)
{
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
int md_nid = NID_undef;
free_md(ctx);
- if (!ecdsa_signature_init(vctx, ec))
+ if (!ecdsa_signverify_init(vctx, ec, operation))
return 0;
ctx->md = EVP_MD_fetch(ctx->libctx, mdname, ctx->propq);
- if ((md_nid = get_md_nid(ctx->md)) == NID_undef)
+ md_nid = get_md_nid(ctx, ctx->md);
+ if (md_nid == NID_undef)
goto error;
ctx->mdsize = EVP_MD_size(ctx->md);
return 0;
}
+static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec)
+{
+ return ecdsa_digest_signverify_init(vctx, mdname, ec, EVP_PKEY_OP_SIGN);
+}
+
+static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec)
+{
+ return ecdsa_digest_signverify_init(vctx, mdname, ec, EVP_PKEY_OP_VERIFY);
+}
+
int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data,
size_t datalen)
{
const OSSL_DISPATCH ecdsa_signature_functions[] = {
{ OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },
- { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_signature_init },
+ { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init },
{ OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign },
- { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_signature_init },
+ { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init },
{ OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify },
{ OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
- (void (*)(void))ecdsa_digest_signverify_init },
+ (void (*)(void))ecdsa_digest_sign_init },
{ OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
(void (*)(void))ecdsa_digest_signverify_update },
{ OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
(void (*)(void))ecdsa_digest_sign_final },
{ OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
- (void (*)(void))ecdsa_digest_signverify_init },
+ (void (*)(void))ecdsa_digest_verify_init },
{ OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
(void (*)(void))ecdsa_digest_signverify_update },
{ OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
EVP_PKEY *peer;
if (find_key(&peer, value, public_keys) == 0)
return -1;
- if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
- return -1;
+ if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0) {
+ t->err = "DERIVE_SET_PEER_ERROR";
+ return 1;
+ }
+ t->err = NULL;
return 1;
}
if (strcmp(keyword, "SharedSecret") == 0)
Input = "0123456789ABCDEF1234"
Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8
-
Title = DigestSign and DigestVerify
DigestVerify = SHA256
Key = P-256-PUBLIC
Input = "Hello World"
Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862
+
+PrivateKey = P-256_NAMED_CURVE_EXPLICIT
+-----BEGIN PRIVATE KEY-----
+MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
+AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
+///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
+AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg
+9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A
+AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgiUTxtr5vLVjj
+0BOXUa/4r82DJ30QoupYS/wlilW4gWehRANCAATM0n3q2UaDyaQ7OxzJM3B6prhW
+3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl
+-----END PRIVATE KEY-----
+
+PrivateKey = EC_EXPLICIT
+-----BEGIN PRIVATE KEY-----
+MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
+AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
+///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
+AMSdNgiG5wSTamZ44ROdJreBn36QBEEE5JcIvn36opqjEm/k59Al40rBAxWM2TPG
+l0L13Je51zHpfXQ9Z2o7IQicMXP4wSfJ0qCgg2bgydqoxlYrlLGuVQIhAP////8A
+AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgec92jwduadCk
+OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATtECEhQbLEaiUj/Wu0qjcr81lL
+46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg
+-----END PRIVATE KEY-----
+
+PrivateKey = B-163
+-----BEGIN PRIVATE KEY-----
+MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K
+DnVlDgChLgMsAAQB1qZ00fPIct+QN8skv1XIHtBNp3EGLytJV0tsAUTYtGhtrzRj
+e3GzYyg=
+-----END PRIVATE KEY-----
+
+PrivateKey = secp256k1
+-----BEGIN PRIVATE KEY-----
+MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgsLpFV9joHc0bisyV53XL
+mrG6/Gu6ZaHoXtKP/VFX44ehRANCAARLYWGgp5nP4N8guypLSbYGCVN6ZPCnWW4x
+srYkcpdbxr4neRT3zC62keCKgPbJf5SIHkJ2Tcaw6hVSrBOUFtix
+-----END PRIVATE KEY-----
+
+Title = FIPS tests
+
+# Test that a nist curve with < 112 bits is allowed in fips mode for verifying
+DigestVerify = SHA256
+Key = B-163
+Input = "Hello World"
+Output = 302e0215027bb891747468b4b59ca2a2bf8f42d29d08866cf5021502cc311b25e9a2168e42240b07a6071070f687eb3b
+
+# Test that a nist curve with SHA3 is allowed in fips mode
+# The sign will get a mismatch error since the output signature changes on each run
+DigestSign = SHA3-512
+Key = P-256
+Input = "Hello World"
+Result = SIGNATURE_MISMATCH
+
+# Test that a explicit curve that is a named curve is allowed in fips mode
+DigestVerify = SHA256
+Key = P-256_NAMED_CURVE_EXPLICIT
+Input = "Hello World"
+Output = 30450220796fcf472882ed5779226dcd0217b9d2b9acfe4fa2fb0109c8ee63c63adc1033022100e306c69f7e31b9a5d54eb12ba813cddf4de4af933e4f6cea38a0817d9d831d91
+
+Title = FIPS Negative tests (using different curves and digests)
+
+# Test that a explicit curve is not allowed in fips mode
+Availablein = fips
+DigestVerify = SHA256
+Key = EC_EXPLICIT
+Input = "Hello World"
+Result = DIGESTVERIFYINIT_ERROR
+
+# Test that a curve with < 112 bits is not allowed in fips mode for signing
+Availablein = fips
+DigestSign = SHA3-512
+Key = B-163
+Input = "Hello World"
+Result = DIGESTSIGNINIT_ERROR
+
+# Test that a non nist curve is not allowed in fips mode
+Availablein = fips
+DigestSign = SHA3-512
+Key = secp256k1
+Input = "Hello World"
+Result = DIGESTSIGNINIT_ERROR
test-5 = 5-ECDSA CipherString Selection, no ECDSA certificate
test-6 = 6-ECDSA Signature Algorithm Selection
test-7 = 7-ECDSA Signature Algorithm Selection SHA384
-test-8 = 8-ECDSA Signature Algorithm Selection SHA1
-test-9 = 9-ECDSA Signature Algorithm Selection compressed point
-test-10 = 10-ECDSA Signature Algorithm Selection, no ECDSA certificate
-test-11 = 11-RSA Signature Algorithm Selection
-test-12 = 12-RSA-PSS Signature Algorithm Selection
-test-13 = 13-RSA key exchange with all RSA certificate types
-test-14 = 14-Suite B P-256 Hash Algorithm Selection
-test-15 = 15-Suite B P-384 Hash Algorithm Selection
+test-8 = 8-ECDSA Signature Algorithm Selection compressed point
+test-9 = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate
+test-10 = 10-RSA Signature Algorithm Selection
+test-11 = 11-RSA-PSS Signature Algorithm Selection
+test-12 = 12-RSA key exchange with all RSA certificate types
+test-13 = 13-Suite B P-256 Hash Algorithm Selection
+test-14 = 14-Suite B P-384 Hash Algorithm Selection
+test-15 = 15-ECDSA Signature Algorithm Selection SHA1
test-16 = 16-Ed25519 CipherString and Signature Algorithm Selection
test-17 = 17-Ed448 CipherString and Signature Algorithm Selection
test-18 = 18-ECDSA with brainpool
# ===========================================================
-[8-ECDSA Signature Algorithm Selection SHA1]
-ssl_conf = 8-ECDSA Signature Algorithm Selection SHA1-ssl
+[8-ECDSA Signature Algorithm Selection compressed point]
+ssl_conf = 8-ECDSA Signature Algorithm Selection compressed point-ssl
-[8-ECDSA Signature Algorithm Selection SHA1-ssl]
-server = 8-ECDSA Signature Algorithm Selection SHA1-server
-client = 8-ECDSA Signature Algorithm Selection SHA1-client
+[8-ECDSA Signature Algorithm Selection compressed point-ssl]
+server = 8-ECDSA Signature Algorithm Selection compressed point-server
+client = 8-ECDSA Signature Algorithm Selection compressed point-client
-[8-ECDSA Signature Algorithm Selection SHA1-server]
-Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
-CipherString = DEFAULT:@SECLEVEL=0
-ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
-ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
-Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
-Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
-Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
-Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
-MaxProtocol = TLSv1.2
-PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-
-[8-ECDSA Signature Algorithm Selection SHA1-client]
-CipherString = DEFAULT:@SECLEVEL=0
-SignatureAlgorithms = ECDSA+SHA1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
-
-[test-8]
-ExpectedResult = Success
-ExpectedServerCertType = P-256
-ExpectedServerSignHash = SHA1
-ExpectedServerSignType = EC
-
-
-# ===========================================================
-
-[9-ECDSA Signature Algorithm Selection compressed point]
-ssl_conf = 9-ECDSA Signature Algorithm Selection compressed point-ssl
-
-[9-ECDSA Signature Algorithm Selection compressed point-ssl]
-server = 9-ECDSA Signature Algorithm Selection compressed point-server
-client = 9-ECDSA Signature Algorithm Selection compressed point-client
-
-[9-ECDSA Signature Algorithm Selection compressed point-server]
+[8-ECDSA Signature Algorithm Selection compressed point-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[9-ECDSA Signature Algorithm Selection compressed point-client]
+[8-ECDSA Signature Algorithm Selection compressed point-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-9]
+[test-8]
ExpectedResult = Success
ExpectedServerCertType = P-256
ExpectedServerSignHash = SHA256
# ===========================================================
-[10-ECDSA Signature Algorithm Selection, no ECDSA certificate]
-ssl_conf = 10-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
+[9-ECDSA Signature Algorithm Selection, no ECDSA certificate]
+ssl_conf = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
-[10-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
-server = 10-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
-client = 10-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
+[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
+server = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
+client = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
-[10-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
+[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[10-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
+[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-10]
+[test-9]
ExpectedResult = ServerFail
# ===========================================================
-[11-RSA Signature Algorithm Selection]
-ssl_conf = 11-RSA Signature Algorithm Selection-ssl
+[10-RSA Signature Algorithm Selection]
+ssl_conf = 10-RSA Signature Algorithm Selection-ssl
-[11-RSA Signature Algorithm Selection-ssl]
-server = 11-RSA Signature Algorithm Selection-server
-client = 11-RSA Signature Algorithm Selection-client
+[10-RSA Signature Algorithm Selection-ssl]
+server = 10-RSA Signature Algorithm Selection-server
+client = 10-RSA Signature Algorithm Selection-client
-[11-RSA Signature Algorithm Selection-server]
+[10-RSA Signature Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[11-RSA Signature Algorithm Selection-client]
+[10-RSA Signature Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = RSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-11]
+[test-10]
ExpectedResult = Success
ExpectedServerCertType = RSA
ExpectedServerSignHash = SHA256
# ===========================================================
-[12-RSA-PSS Signature Algorithm Selection]
-ssl_conf = 12-RSA-PSS Signature Algorithm Selection-ssl
+[11-RSA-PSS Signature Algorithm Selection]
+ssl_conf = 11-RSA-PSS Signature Algorithm Selection-ssl
-[12-RSA-PSS Signature Algorithm Selection-ssl]
-server = 12-RSA-PSS Signature Algorithm Selection-server
-client = 12-RSA-PSS Signature Algorithm Selection-client
+[11-RSA-PSS Signature Algorithm Selection-ssl]
+server = 11-RSA-PSS Signature Algorithm Selection-server
+client = 11-RSA-PSS Signature Algorithm Selection-client
-[12-RSA-PSS Signature Algorithm Selection-server]
+[11-RSA-PSS Signature Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[12-RSA-PSS Signature Algorithm Selection-client]
+[11-RSA-PSS Signature Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = RSA-PSS+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-12]
+[test-11]
ExpectedResult = Success
ExpectedServerCertType = RSA
ExpectedServerSignHash = SHA256
# ===========================================================
-[13-RSA key exchange with all RSA certificate types]
-ssl_conf = 13-RSA key exchange with all RSA certificate types-ssl
+[12-RSA key exchange with all RSA certificate types]
+ssl_conf = 12-RSA key exchange with all RSA certificate types-ssl
-[13-RSA key exchange with all RSA certificate types-ssl]
-server = 13-RSA key exchange with all RSA certificate types-server
-client = 13-RSA key exchange with all RSA certificate types-client
+[12-RSA key exchange with all RSA certificate types-ssl]
+server = 12-RSA key exchange with all RSA certificate types-server
+client = 12-RSA key exchange with all RSA certificate types-client
-[13-RSA key exchange with all RSA certificate types-server]
+[12-RSA key exchange with all RSA certificate types-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[13-RSA key exchange with all RSA certificate types-client]
+[12-RSA key exchange with all RSA certificate types-client]
CipherString = kRSA
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-13]
+[test-12]
ExpectedResult = Success
ExpectedServerCertType = RSA
# ===========================================================
-[14-Suite B P-256 Hash Algorithm Selection]
-ssl_conf = 14-Suite B P-256 Hash Algorithm Selection-ssl
+[13-Suite B P-256 Hash Algorithm Selection]
+ssl_conf = 13-Suite B P-256 Hash Algorithm Selection-ssl
-[14-Suite B P-256 Hash Algorithm Selection-ssl]
-server = 14-Suite B P-256 Hash Algorithm Selection-server
-client = 14-Suite B P-256 Hash Algorithm Selection-client
+[13-Suite B P-256 Hash Algorithm Selection-ssl]
+server = 13-Suite B P-256 Hash Algorithm Selection-server
+client = 13-Suite B P-256 Hash Algorithm Selection-client
-[14-Suite B P-256 Hash Algorithm Selection-server]
+[13-Suite B P-256 Hash Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = SUITEB128
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[14-Suite B P-256 Hash Algorithm Selection-client]
+[13-Suite B P-256 Hash Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
VerifyMode = Peer
-[test-14]
+[test-13]
ExpectedResult = Success
ExpectedServerCertType = P-256
ExpectedServerSignHash = SHA256
# ===========================================================
-[15-Suite B P-384 Hash Algorithm Selection]
-ssl_conf = 15-Suite B P-384 Hash Algorithm Selection-ssl
+[14-Suite B P-384 Hash Algorithm Selection]
+ssl_conf = 14-Suite B P-384 Hash Algorithm Selection-ssl
-[15-Suite B P-384 Hash Algorithm Selection-ssl]
-server = 15-Suite B P-384 Hash Algorithm Selection-server
-client = 15-Suite B P-384 Hash Algorithm Selection-client
+[14-Suite B P-384 Hash Algorithm Selection-ssl]
+server = 14-Suite B P-384 Hash Algorithm Selection-server
+client = 14-Suite B P-384 Hash Algorithm Selection-client
-[15-Suite B P-384 Hash Algorithm Selection-server]
+[14-Suite B P-384 Hash Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = SUITEB128
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[15-Suite B P-384 Hash Algorithm Selection-client]
+[14-Suite B P-384 Hash Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
VerifyMode = Peer
-[test-15]
+[test-14]
ExpectedResult = Success
ExpectedServerCertType = P-384
ExpectedServerSignHash = SHA384
ExpectedServerSignType = EC
+# ===========================================================
+
+[15-ECDSA Signature Algorithm Selection SHA1]
+ssl_conf = 15-ECDSA Signature Algorithm Selection SHA1-ssl
+
+[15-ECDSA Signature Algorithm Selection SHA1-ssl]
+server = 15-ECDSA Signature Algorithm Selection SHA1-server
+client = 15-ECDSA Signature Algorithm Selection SHA1-client
+
+[15-ECDSA Signature Algorithm Selection SHA1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT:@SECLEVEL=0
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
+Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[15-ECDSA Signature Algorithm Selection SHA1-client]
+CipherString = DEFAULT:@SECLEVEL=0
+SignatureAlgorithms = ECDSA+SHA1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-15]
+ExpectedResult = Success
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA1
+ExpectedServerSignType = EC
+
+
# ===========================================================
[16-Ed25519 CipherString and Signature Algorithm Selection]
"ExpectedResult" => "Success"
},
},
- {
- name => "ECDSA Signature Algorithm Selection SHA1",
- server => {
- "CipherString" => "DEFAULT:\@SECLEVEL=0",
- "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
- "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
- "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
- "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
- "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
- "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
- "MaxProtocol" => "TLSv1.2"
- },
- client => {
- "CipherString" => "DEFAULT:\@SECLEVEL=0",
- "SignatureAlgorithms" => "ECDSA+SHA1",
- },
- test => {
- "ExpectedServerCertType" => "P-256",
- "ExpectedServerSignHash" => "SHA1",
- "ExpectedServerSignType" => "EC",
- "ExpectedResult" => "Success"
- },
- },
{
name => "ECDSA Signature Algorithm Selection compressed point",
server => {
);
my @tests_non_fips = (
+ {
+ name => "ECDSA Signature Algorithm Selection SHA1",
+ server => {
+ "CipherString" => "DEFAULT:\@SECLEVEL=0",
+ "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
+ "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
+ "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
+ "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
+ "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
+ "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {
+ "CipherString" => "DEFAULT:\@SECLEVEL=0",
+ "SignatureAlgorithms" => "ECDSA+SHA1",
+ },
+ test => {
+ "ExpectedServerCertType" => "P-256",
+ "ExpectedServerSignHash" => "SHA1",
+ "ExpectedServerSignType" => "EC",
+ "ExpectedResult" => "Success"
+ },
+ },
# TODO(3.0) No Ed25519/Ed448 in FIPS mode at the moment
{
name => "Ed25519 CipherString and Signature Algorithm Selection",
projects / thirdparty / openssl.git / commitdiff
