or B<signature_scheme>. For the default providers shipped with OpenSSL,
B<algorithm> is one of B<RSA>, B<DSA> or B<ECDSA> and
B<hash> is a supported algorithm OID short name such as B<SHA1>, B<SHA224>,
-B<SHA256>, B<SHA384> or B<SHA512>. Note: algorithm and hash names are case
-sensitive. B<signature_scheme> is one of the signature schemes defined in
-TLSv1.3, specified using the IETF name, e.g., B<ecdsa_secp256r1_sha256>,
+B<SHA256>, B<SHA384> or B<SHA512>.
+B<signature_scheme> is one of the signature schemes defined
+in TLSv1.3, specified using the IETF name, e.g., B<ecdsa_secp256r1_sha256>,
B<ed25519>, or B<rsa_pss_pss_sha256>. Additional providers may make available
further algorithms via the TLS-SIGALG capability.
+Signature scheme names and public key algorithm names (but not the hash names)
+in the B<algoirithm+hash> form are case-insensitive.
See L<provider-base(7)>.
If this option is not set then all signature algorithms supported by all
B<algorithm> is one of B<RSA>, B<DSA> or B<ECDSA> and B<hash> is a supported
algorithm OID short name such as B<SHA1>, B<SHA224>, B<SHA256>, B<SHA384>
or B<SHA512>.
-Note: algorithm and hash names are case sensitive.
B<signature_scheme> is one of the signature schemes defined in TLSv1.3,
-specified using the IETF name, e.g., B<ecdsa_secp256r1_sha256>, B<ed25519>,
+specified using the IANA name, e.g., B<ecdsa_secp256r1_sha256>, B<ed25519>,
or B<rsa_pss_pss_sha256>.
-Additional providers may make available further algorithms via the TLS_SIGALG
-capability. See L<provider-base(7)/CAPABILITIES>.
+Signature scheme names and public key algorithm names (but not the hash names)
+in the B<algoirithm+hash> form are case-insensitive.
+Additional providers may make available further signature schemes via the
+TLS_SIGALG capability. See L<provider-base(7)/CAPABILITIES>.
If this option is not set then all signature algorithms supported by all
activated providers are permissible.
must be a null terminated string consisting of a colon separated list of
elements, where each element is either a combination of a public key
algorithm and a digest separated by B<+>, or a TLS 1.3-style named
-SignatureScheme such as rsa_pss_pss_sha256. If a list entry is preceded
-with the C<?> character, it will be ignored if an implementation is missing.
+SignatureScheme such as rsa_pss_pss_sha256.
+Signature scheme names and public key algorithm names (but not the digest
+names) in the B<algoirithm+hash> form are case-insensitive.
+If a list entry is preceded with the C<?> character, it will be ignored if an
+implementation is missing.
SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(),
static void get_sigorhash(int *psig, int *phash, const char *str)
{
- if (strcmp(str, "RSA") == 0) {
+ if (OPENSSL_strcasecmp(str, "RSA") == 0) {
*psig = EVP_PKEY_RSA;
- } else if (strcmp(str, "RSA-PSS") == 0 || strcmp(str, "PSS") == 0) {
+ } else if (OPENSSL_strcasecmp(str, "RSA-PSS") == 0
+ || OPENSSL_strcasecmp(str, "PSS") == 0) {
*psig = EVP_PKEY_RSA_PSS;
- } else if (strcmp(str, "DSA") == 0) {
+ } else if (OPENSSL_strcasecmp(str, "DSA") == 0) {
*psig = EVP_PKEY_DSA;
- } else if (strcmp(str, "ECDSA") == 0) {
+ } else if (OPENSSL_strcasecmp(str, "ECDSA") == 0) {
*psig = EVP_PKEY_EC;
} else {
*phash = OBJ_sn2nid(str);
size_t i = 0;
const SIGALG_LOOKUP *s;
char etmp[TLS_MAX_SIGSTRING_LEN], *p;
+ const char *iana, *alias;
int sig_alg = NID_undef, hash_alg = NID_undef;
int ignore_unknown = 0;
* in the table.
*/
if (p == NULL) {
- /* Load provider sigalgs */
if (sarg->ctx != NULL) {
/* Check if a provider supports the sigalg */
for (i = 0; i < sarg->ctx->sigalg_list_len; i++) {
- if (sarg->ctx->sigalg_list[i].sigalg_name != NULL
- && (strcmp(etmp,
- sarg->ctx->sigalg_list[i].sigalg_name) == 0
- || strcmp(etmp,
- sarg->ctx->sigalg_list[i].name) == 0)) {
+ iana = sarg->ctx->sigalg_list[i].name;
+ alias = sarg->ctx->sigalg_list[i].sigalg_name;
+ if ((alias != NULL && OPENSSL_strcasecmp(etmp, alias) == 0)
+ || OPENSSL_strcasecmp(etmp, iana) == 0) {
sarg->sigalgs[sarg->sigalgcnt++] =
sarg->ctx->sigalg_list[i].code_point;
break;
if (sarg->ctx == NULL || i == sarg->ctx->sigalg_list_len) {
for (i = 0, s = sigalg_lookup_tbl;
i < OSSL_NELEM(sigalg_lookup_tbl); i++, s++) {
- if (s->name != NULL && strcmp(etmp, s->name) == 0) {
+ if (s->name != NULL
+ && OPENSSL_strcasecmp(etmp, s->name) == 0) {
sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg;
break;
}
UNRECOGNIZED_SIGALG => 11
};
+srand(70);
+sub randcase {
+ my ($names) = @_;
+ my @ret;
+ foreach my $name (split(/:/, $names)) {
+ my ($alg, $rest) = split(/(?=[+])/, $name, 2);
+ $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg;
+ push @ret, $alg . ($rest // "");
+ }
+ return join(":", @ret);
+}
+
#Note: Throughout this test we override the default ciphersuites where TLSv1.2
# is expected to ensure that a ServerKeyExchange message is sent that uses
# the sigalgs
#Test 8: Sending a valid sig algs list but not including a sig type that
# matches the certificate should fail in TLSv1.3.
$proxy->clear();
- $proxy->clientflags("-sigalgs ECDSA+SHA256");
+ $proxy->clientflags("-sigalgs ".randcase("ECDSA+SHA256"));
$proxy->filter(undef);
$proxy->start();
ok(TLSProxy::Message->fail, "No matching TLSv1.3 sigalgs");
# when we have an API capable of configuring the TLSv1.3 sig algs
$proxy->clear();
$testtype = PSS_ONLY_SIG_ALGS;
- $proxy->clientflags("-no_tls1_3 -sigalgs RSA+SHA256");
+ $proxy->clientflags("-no_tls1_3 -sigalgs ".randcase("RSA+SHA256"));
$proxy->ciphers("ECDHE-RSA-AES128-SHA");
$proxy->start();
ok(TLSProxy::Message->fail, "Sigalg we did not send in TLSv1.2");
#Test 18: Sending a valid sig algs list but not including a sig type that
# matches the certificate should fail in TLSv1.2
$proxy->clear();
- $proxy->clientflags("-no_tls1_3 -sigalgs ECDSA+SHA256");
+ $proxy->clientflags("-no_tls1_3 -sigalgs ".randcase("ECDSA+SHA256"));
$proxy->ciphers("ECDHE-RSA-AES128-SHA");
$proxy->filter(undef);
$proxy->start();
[1-Server signature algorithms bug-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = PSS+SHA512:RSA+SHA512
+ClientSignatureAlgorithms = PSs+SHA512:RsA+SHA512
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[1-Server signature algorithms bug-client]
CipherString = DEFAULT
-SignatureAlgorithms = PSS+SHA256:RSA+SHA256
+SignatureAlgorithms = Pss+SHA256:RSa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
package ssltests;
+srand(1);
+sub randcase {
+ my ($names) = @_;
+ my @ret;
+ foreach my $name (split(/:/, $names)) {
+ my ($alg, $rest) = split(/(?=[+])/, $name, 2);
+ $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg;
+ push @ret, $alg . ($rest // "");
+ }
+ return join(":", @ret);
+}
+
our @tests = (
{
name => "default",
{
name => "Server signature algorithms bug",
# Should have no effect as we aren't doing client auth
- server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" },
- client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" },
+ server => { "ClientSignatureAlgorithms" => randcase("PSS+SHA512:RSA+SHA512") },
+ client => { "SignatureAlgorithms" => randcase("PSS+SHA256:RSA+SHA256") },
test => { "ExpectedResult" => "Success" },
},
[23-client-auth-TLSv1.2-require-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT:@SECLEVEL=0
-ClientSignatureAlgorithms = SHA256+RSA
+ClientSignatureAlgorithms = SHA256+rsA
MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT:@SECLEVEL=0
ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-ClientSignatureAlgorithms = SHA256+RSA
+ClientSignatureAlgorithms = SHA256+rsA
MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
our @tests = ();
+srand(4);
+sub randcase {
+ my ($names) = @_;
+ my @ret;
+ foreach my $name (split(/:/, $names)) {
+ my ($alg, $rest) = split(/(?=[+])/, $name, 2);
+ $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg;
+ push @ret, $alg . ($rest // "");
+ }
+ return join(":", @ret);
+}
+
sub generate_tests() {
foreach (0..$#protocols) {
my $protocol = $protocols[$_];
if ($protocol_name eq "TLSv1.2") {
$clihash = "SHA256";
$clisigtype = "RSA";
- $clisigalgs = "SHA256+RSA";
+ $clisigalgs = "SHA256+".randcase("RSA");
}
for (my $sctp = 0; $sctp <= $sctpenabled; $sctp++) {
# Sanity-check simple handshake.
[4-P-256 CipherString and Signature Algorithm Selection-client]
CipherString = aECDSA
MaxProtocol = TLSv1.2
-SignatureAlgorithms = ECDSA+SHA256:ed25519
+SignatureAlgorithms = ecdSA+SHA256:eD25519
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[6-ECDSA Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = eCDsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[7-ECDSA Signature Algorithm Selection SHA384-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA384
+SignatureAlgorithms = eCdSa+SHA384
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[8-ECDSA Signature Algorithm Selection compressed point-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = EcDsA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = eCdsA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[10-RSA Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = RSA+SHA256
+SignatureAlgorithms = rsA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[11-RSA-PSS Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = RSA-PSS+SHA256
+SignatureAlgorithms = RSA-pss+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[13-Suite B P-256 Hash Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
+SignatureAlgorithms = eCdsA+SHA384:ECdSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
VerifyMode = Peer
[14-Suite B P-384 Hash Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
+SignatureAlgorithms = EcdSA+SHA256:ECDSA+SHA384
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
VerifyMode = Peer
CipherString = aECDSA
MaxProtocol = TLSv1.2
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-SignatureAlgorithms = ed25519:ECDSA+SHA256
+SignatureAlgorithms = eD25519:eCdsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
CipherString = aECDSA
MaxProtocol = TLSv1.2
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
-SignatureAlgorithms = ed448:ECDSA+SHA256
+SignatureAlgorithms = Ed448:ECdSa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[19-ECDSA Signature Algorithm Selection SHA1-client]
CipherString = DEFAULT:@SECLEVEL=0
-SignatureAlgorithms = ECDSA+SHA1
+SignatureAlgorithms = ECdSa+SHA1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
CipherString = aECDSA
Curves = X25519
MaxProtocol = TLSv1.2
-SignatureAlgorithms = ECDSA+SHA256:ed25519
+SignatureAlgorithms = ecDSA+SHA256:Ed25519
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
CipherString = aECDSA
Curves = X448
MaxProtocol = TLSv1.2
-SignatureAlgorithms = ECDSA+SHA256:ed448
+SignatureAlgorithms = ECDSa+SHA256:ED448
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = RSA-PSS+SHA256
+SignatureAlgorithms = rSA-pSS+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[25-RSA-PSS Certificate Unified Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = rsa_pss_pss_sha256
+SignatureAlgorithms = rsA_PsS_PsS_sHa256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[27-Only RSA-PSS Certificate Valid Signature Algorithms-client]
CipherString = DEFAULT
-SignatureAlgorithms = rsa_pss_pss_sha512
+SignatureAlgorithms = rsa_psS_psS_sHa512
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[28-RSA-PSS Certificate, no PSS signature algorithms-client]
CipherString = DEFAULT
-SignatureAlgorithms = RSA+SHA256
+SignatureAlgorithms = rsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client]
CipherString = DEFAULT
-SignatureAlgorithms = rsa_pss_pss_sha256:rsa_pss_pss_sha512
+SignatureAlgorithms = RSa_pSS_pSs_sHA256:rsa_PsS_PSs_sHA512
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client]
CipherString = DEFAULT
-SignatureAlgorithms = rsa_pss_pss_sha512:rsa_pss_pss_sha256
+SignatureAlgorithms = rsA_pss_psS_sha512:rsA_pSS_PSs_ShA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client]
CipherString = DEFAULT
-SignatureAlgorithms = rsa_pss_pss_sha512
+SignatureAlgorithms = rSa_PSS_pSS_sHa512
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[35-TLS 1.3 ECDSA Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = ECDsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = ecDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
CipherString = DEFAULT:@SECLEVEL=0
-SignatureAlgorithms = ECDSA+SHA1
+SignatureAlgorithms = eCDSa+SHA1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
CipherString = DEFAULT
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
+SignatureAlgorithms = eCdsA+SHA256:rsA-pSs+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
+SignatureAlgorithms = ECdsA+SHA384:RSa-psS+SHA384
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
CipherString = DEFAULT
-SignatureAlgorithms = ECDSA+SHA256
+SignatureAlgorithms = eCDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = RSA-PSS+SHA256
+SignatureAlgorithms = Rsa-PSS+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = PSS+SHA256
+ClientSignatureAlgorithms = Pss+SHA256
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
[45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = ECDSA+SHA256
+ClientSignatureAlgorithms = ECDsA+SHA256
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Require
[46-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ed25519
+SignatureAlgorithms = eD25519
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[47-TLS 1.3 Ed448 Signature Algorithm Selection-client]
CipherString = DEFAULT
-SignatureAlgorithms = ed448
+SignatureAlgorithms = eD448
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[48-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
CipherString = DEFAULT
Groups = X25519
-SignatureAlgorithms = ECDSA+SHA256:ed25519
+SignatureAlgorithms = EcdSA+SHA256:eD25519
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[49-TLS 1.3 Ed448 CipherString and Groups Selection-client]
CipherString = DEFAULT
Groups = X448
-SignatureAlgorithms = ECDSA+SHA256:ed448
+SignatureAlgorithms = eCDSa+SHA256:ED448
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[54-TLS 1.2 DSA Certificate Test-client]
CipherString = ALL
-SignatureAlgorithms = DSA+SHA256:DSA+SHA1
+SignatureAlgorithms = DSA+SHA256:DSa+SHA1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
+ClientSignatureAlgorithms = ecDSA+SHA1:DsA+SHA256:rsA+SHA256
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Request
[56-TLS 1.3 DSA Certificate Test-client]
CipherString = ALL
-SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
+SignatureAlgorithms = dSA+SHA1:DSA+SHA256:ecDsa+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ml-dsa-44-key.pem
-SignatureAlgorithms = mldsa44
+SignatureAlgorithms = mlDsA44
[57-TLS 1.3 ML-DSA Certificate Test-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
-SignatureAlgorithms = mldsa44
+SignatureAlgorithms = mlDSa44
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ml-dsa-44-cert.pem
VerifyMode = Peer
our $fips_3_5;
our $no_deflt_libctx;
+srand(20);
+sub randcase {
+ my ($names) = @_;
+ my @ret;
+ foreach my $name (split(/:/, $names)) {
+ my ($alg, $rest) = split(/(?=[+])/, $name, 2);
+ $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg;
+ push @ret, $alg . ($rest // "");
+ }
+ return join(":", @ret);
+}
+
my $server = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
- "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"),
},
test => {
"ExpectedServerCertType" => "P-256",
name => "ECDSA Signature Algorithm Selection",
server => $server,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedServerCertType" => "P-256",
name => "ECDSA Signature Algorithm Selection SHA384",
server => $server,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA384",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA384"),
},
test => {
"ExpectedServerCertType" => "P-256",
"MaxProtocol" => "TLSv1.2"
},
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedServerCertType" => "P-256",
"MaxProtocol" => "TLSv1.2"
},
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "RSA Signature Algorithm Selection",
server => $server,
client => {
- "SignatureAlgorithms" => "RSA+SHA256",
+ "SignatureAlgorithms" => randcase("RSA+SHA256"),
},
test => {
"ExpectedServerCertType" => "RSA",
name => "RSA-PSS Signature Algorithm Selection",
server => $server,
client => {
- "SignatureAlgorithms" => "RSA-PSS+SHA256",
+ "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"),
},
test => {
"ExpectedServerCertType" => "RSA",
},
client => {
"VerifyCAFile" => test_pem("p384-root.pem"),
- "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
+ "SignatureAlgorithms" => randcase("ECDSA+SHA384:ECDSA+SHA256")
},
test => {
"ExpectedServerCertType" => "P-256",
},
client => {
"VerifyCAFile" => test_pem("p384-root.pem"),
- "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ECDSA+SHA384")
},
test => {
"ExpectedServerCertType" => "P-384",
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
- "SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ed25519:ECDSA+SHA256"),
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
- "SignatureAlgorithms" => "ed448:ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ed448:ECDSA+SHA256"),
"RequestCAFile" => test_pem("root-ed448-cert.pem"),
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
},
client => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
- "SignatureAlgorithms" => "ECDSA+SHA1",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA1"),
},
test => {
"ExpectedServerCertType" => "P-256",
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
- "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"),
# Excluding P-256 from the supported curves list means server
# certificate should be Ed25519 and not P-256
"Curves" => "X25519"
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
- "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed448"),
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
# Excluding P-256 from the supported curves list means server
# certificate should be Ed25519 and not P-256
name => "RSA-PSS Certificate Legacy Signature Algorithm Selection",
server => $server_pss,
client => {
- "SignatureAlgorithms" => "RSA-PSS+SHA256",
+ "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"),
},
test => {
"ExpectedServerCertType" => "RSA",
name => "RSA-PSS Certificate Unified Signature Algorithm Selection",
server => $server_pss,
client => {
- "SignatureAlgorithms" => "rsa_pss_pss_sha256",
+ "SignatureAlgorithms" => randcase("rsa_pss_pss_sha256"),
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
name => "Only RSA-PSS Certificate Valid Signature Algorithms",
server => $server_pss_only,
client => {
- "SignatureAlgorithms" => "rsa_pss_pss_sha512",
+ "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512"),
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
name => "RSA-PSS Certificate, no PSS signature algorithms",
server => $server_pss_only,
client => {
- "SignatureAlgorithms" => "RSA+SHA256",
+ "SignatureAlgorithms" => randcase("RSA+SHA256"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
- "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
+ "SignatureAlgorithms" => randcase("rsa_pss_pss_sha256:rsa_pss_pss_sha512"),
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
server => $server_pss_restrict_only,
client => {
- "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
+ "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512:rsa_pss_pss_sha256"),
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
- "SignatureAlgorithms" => "rsa_pss_pss_sha512",
+ "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "TLS 1.3 ECDSA Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedServerCertType" => "P-256",
"MaxProtocol" => "TLSv1.3"
},
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedServerCertType" => "P-256",
},
client => {
"CipherString" => "DEFAULT:\@SECLEVEL=0",
- "SignatureAlgorithms" => "ECDSA+SHA1",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA1"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:RSA-PSS+SHA256"),
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA384:RSA-PSS+SHA384"),
},
test => {
"ExpectedServerCertType" => "RSA",
"MaxProtocol" => "TLSv1.3"
},
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "RSA+SHA256",
+ "SignatureAlgorithms" => randcase("RSA+SHA256"),
},
test => {
"ExpectedResult" => "ServerFail"
name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "RSA-PSS+SHA256",
+ "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"),
},
test => {
"ExpectedServerCertType" => "RSA",
{
name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
server => {
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
{
name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names",
server => {
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"RequestCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
{
name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection",
server => {
- "ClientSignatureAlgorithms" => "ECDSA+SHA256",
+ "ClientSignatureAlgorithms" => randcase("ECDSA+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ed25519",
+ "SignatureAlgorithms" => randcase("ed25519"),
},
test => {
"ExpectedServerCertType" => "Ed25519",
name => "TLS 1.3 Ed448 Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ed448",
+ "SignatureAlgorithms" => randcase("ed448"),
"VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
test => {
name => "TLS 1.3 Ed25519 CipherString and Groups Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256:ed25519",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"),
# Excluding P-256 from the supported groups list should
# mean server still uses a P-256 certificate because supported
# groups is not used in signature selection for TLS 1.3
name => "TLS 1.3 Ed448 CipherString and Groups Selection",
server => $server_tls_1_3,
client => {
- "SignatureAlgorithms" => "ECDSA+SHA256:ed448",
+ "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed448"),
# Excluding P-256 from the supported groups list should
# mean server still uses a P-256 certificate because supported
# groups is not used in signature selection for TLS 1.3
"CipherString" => "ALL",
},
client => {
- "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1",
+ "SignatureAlgorithms" => randcase("DSA+SHA256:DSA+SHA1"),
"CipherString" => "ALL",
},
test => {
{
name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
server => {
- "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256",
+ "ClientSignatureAlgorithms" => randcase("ECDSA+SHA1:DSA+SHA256:RSA+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Request"
},
"CipherString" => "ALL",
},
client => {
- "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256",
+ "SignatureAlgorithms" => randcase("DSA+SHA1:DSA+SHA256:ECDSA+SHA256"),
"CipherString" => "ALL",
},
test => {
"PrivateKey" => test_pem("server-ml-dsa-44-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "SignatureAlgorithms" => "mldsa44",
+ "SignatureAlgorithms" => randcase("mldsa44"),
},
client => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "SignatureAlgorithms" => "mldsa44",
+ "SignatureAlgorithms" => randcase("mldsa44"),
"VerifyCAFile" => test_pem("root-ml-dsa-44-cert.pem"),
"VerifyMode" => "Peer",
},
[3-client-auth-TLSv1.3-require-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = PSS+SHA256
+ClientSignatureAlgorithms = pSS+SHA256
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-ClientSignatureAlgorithms = PSS+SHA256
+ClientSignatureAlgorithms = pSS+SHA256
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-client-auth-TLSv1.3-require-post-handshake-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-ClientSignatureAlgorithms = PSS+SHA256
+ClientSignatureAlgorithms = pss+SHA256
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-ClientSignatureAlgorithms = PSS+SHA256
+ClientSignatureAlgorithms = psS+SHA256
MaxProtocol = TLSv1.3
MinProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
package ssltests;
use OpenSSL::Test::Utils;
+srand(26);
+sub randcase {
+ my ($names) = @_;
+ my @ret;
+ foreach my $name (split(/:/, $names)) {
+ my ($alg, $rest) = split(/(?=[+])/, $name, 2);
+ $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg;
+ push @ret, $alg . ($rest // "");
+ }
+ return join(":", @ret);
+}
+
our @tests = (
{
name => "server-auth-TLSv1.3",
server => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Request",
},
server => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"ClientCAFile" => test_pem("root-cert.pem"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Request",
server => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "RequestPostHandshake",
},
server => {
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3",
- "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientSignatureAlgorithms" => randcase("PSS+SHA256"),
"ClientCAFile" => test_pem("root-cert.pem"),
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "RequestPostHandshake",
projects / thirdparty / openssl.git / commitdiff
