From d5a4665a21eb6974872e67b2257b6429d7cdf84a Mon Sep 17 00:00:00 2001 From: Viktor Dukhovni Date: Sun, 16 Feb 2025 02:25:16 +1100 Subject: [PATCH] Case-insensitive sigalgs Reviewed-by: Tim Hudson Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/26767) --- doc/man3/SSL_CONF_cmd.pod | 17 ++-- doc/man3/SSL_CTX_set1_sigalgs.pod | 7 +- ssl/t1_lib.c | 23 +++--- test/recipes/70-test_sslsigalgs.t | 18 ++++- test/ssl-tests/01-simple.cnf | 4 +- test/ssl-tests/01-simple.cnf.in | 16 +++- test/ssl-tests/04-client_auth.cnf | 4 +- test/ssl-tests/04-client_auth.cnf.in | 14 +++- test/ssl-tests/20-cert-select.cnf | 78 +++++++++--------- test/ssl-tests/20-cert-select.cnf.in | 94 ++++++++++++---------- test/ssl-tests/26-tls13_client_auth.cnf | 8 +- test/ssl-tests/26-tls13_client_auth.cnf.in | 20 ++++- 12 files changed, 185 insertions(+), 118 deletions(-) diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod index d6592b33a53..ed4c2c083c7 100644 --- a/doc/man3/SSL_CONF_cmd.pod +++ b/doc/man3/SSL_CONF_cmd.pod @@ -121,11 +121,13 @@ algorithms in order of decreasing preference of the form B or B. For the default providers shipped with OpenSSL, B is one of B, B or B and B is a supported algorithm OID short name such as B, B, -B, B or B. Note: algorithm and hash names are case -sensitive. B is one of the signature schemes defined in -TLSv1.3, specified using the IETF name, e.g., B, +B, B or B. +B is one of the signature schemes defined +in TLSv1.3, specified using the IETF name, e.g., B, B, or B. Additional providers may make available further algorithms via the TLS-SIGALG capability. +Signature scheme names and public key algorithm names (but not the hash names) +in the B form are case-insensitive. See L. If this option is not set then all signature algorithms supported by all @@ -415,12 +417,13 @@ B. For the default providers shipped with OpenSSL, B is one of B, B or B and B is a supported algorithm OID short name such as B, B, B, B or B. -Note: algorithm and hash names are case sensitive. B is one of the signature schemes defined in TLSv1.3, -specified using the IETF name, e.g., B, B, +specified using the IANA name, e.g., B, B, or B. -Additional providers may make available further algorithms via the TLS_SIGALG -capability. See L. +Signature scheme names and public key algorithm names (but not the hash names) +in the B form are case-insensitive. +Additional providers may make available further signature schemes via the +TLS_SIGALG capability. See L. If this option is not set then all signature algorithms supported by all activated providers are permissible. diff --git a/doc/man3/SSL_CTX_set1_sigalgs.pod b/doc/man3/SSL_CTX_set1_sigalgs.pod index c384065bfc7..e6380aac2b9 100644 --- a/doc/man3/SSL_CTX_set1_sigalgs.pod +++ b/doc/man3/SSL_CTX_set1_sigalgs.pod @@ -33,8 +33,11 @@ signature algorithms for B or B. The B parameter must be a null terminated string consisting of a colon separated list of elements, where each element is either a combination of a public key algorithm and a digest separated by B<+>, or a TLS 1.3-style named -SignatureScheme such as rsa_pss_pss_sha256. If a list entry is preceded -with the C character, it will be ignored if an implementation is missing. +SignatureScheme such as rsa_pss_pss_sha256. +Signature scheme names and public key algorithm names (but not the digest +names) in the B form are case-insensitive. +If a list entry is preceded with the C character, it will be ignored if an +implementation is missing. SSL_CTX_set1_client_sigalgs(), SSL_set1_client_sigalgs(), diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 17eef870fb1..83047349a52 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3564,13 +3564,14 @@ typedef struct { static void get_sigorhash(int *psig, int *phash, const char *str) { - if (strcmp(str, "RSA") == 0) { + if (OPENSSL_strcasecmp(str, "RSA") == 0) { *psig = EVP_PKEY_RSA; - } else if (strcmp(str, "RSA-PSS") == 0 || strcmp(str, "PSS") == 0) { + } else if (OPENSSL_strcasecmp(str, "RSA-PSS") == 0 + || OPENSSL_strcasecmp(str, "PSS") == 0) { *psig = EVP_PKEY_RSA_PSS; - } else if (strcmp(str, "DSA") == 0) { + } else if (OPENSSL_strcasecmp(str, "DSA") == 0) { *psig = EVP_PKEY_DSA; - } else if (strcmp(str, "ECDSA") == 0) { + } else if (OPENSSL_strcasecmp(str, "ECDSA") == 0) { *psig = EVP_PKEY_EC; } else { *phash = OBJ_sn2nid(str); @@ -3587,6 +3588,7 @@ static int sig_cb(const char *elem, int len, void *arg) size_t i = 0; const SIGALG_LOOKUP *s; char etmp[TLS_MAX_SIGSTRING_LEN], *p; + const char *iana, *alias; int sig_alg = NID_undef, hash_alg = NID_undef; int ignore_unknown = 0; @@ -3614,15 +3616,13 @@ static int sig_cb(const char *elem, int len, void *arg) * in the table. */ if (p == NULL) { - /* Load provider sigalgs */ if (sarg->ctx != NULL) { /* Check if a provider supports the sigalg */ for (i = 0; i < sarg->ctx->sigalg_list_len; i++) { - if (sarg->ctx->sigalg_list[i].sigalg_name != NULL - && (strcmp(etmp, - sarg->ctx->sigalg_list[i].sigalg_name) == 0 - || strcmp(etmp, - sarg->ctx->sigalg_list[i].name) == 0)) { + iana = sarg->ctx->sigalg_list[i].name; + alias = sarg->ctx->sigalg_list[i].sigalg_name; + if ((alias != NULL && OPENSSL_strcasecmp(etmp, alias) == 0) + || OPENSSL_strcasecmp(etmp, iana) == 0) { sarg->sigalgs[sarg->sigalgcnt++] = sarg->ctx->sigalg_list[i].code_point; break; @@ -3633,7 +3633,8 @@ static int sig_cb(const char *elem, int len, void *arg) if (sarg->ctx == NULL || i == sarg->ctx->sigalg_list_len) { for (i = 0, s = sigalg_lookup_tbl; i < OSSL_NELEM(sigalg_lookup_tbl); i++, s++) { - if (s->name != NULL && strcmp(etmp, s->name) == 0) { + if (s->name != NULL + && OPENSSL_strcasecmp(etmp, s->name) == 0) { sarg->sigalgs[sarg->sigalgcnt++] = s->sigalg; break; } diff --git a/test/recipes/70-test_sslsigalgs.t b/test/recipes/70-test_sslsigalgs.t index 998dcc37940..48d4b82c51e 100644 --- a/test/recipes/70-test_sslsigalgs.t +++ b/test/recipes/70-test_sslsigalgs.t @@ -48,6 +48,18 @@ use constant { UNRECOGNIZED_SIGALG => 11 }; +srand(70); +sub randcase { + my ($names) = @_; + my @ret; + foreach my $name (split(/:/, $names)) { + my ($alg, $rest) = split(/(?=[+])/, $name, 2); + $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg; + push @ret, $alg . ($rest // ""); + } + return join(":", @ret); +} + #Note: Throughout this test we override the default ciphersuites where TLSv1.2 # is expected to ensure that a ServerKeyExchange message is sent that uses # the sigalgs @@ -114,7 +126,7 @@ SKIP: { #Test 8: Sending a valid sig algs list but not including a sig type that # matches the certificate should fail in TLSv1.3. $proxy->clear(); - $proxy->clientflags("-sigalgs ECDSA+SHA256"); + $proxy->clientflags("-sigalgs ".randcase("ECDSA+SHA256")); $proxy->filter(undef); $proxy->start(); ok(TLSProxy::Message->fail, "No matching TLSv1.3 sigalgs"); @@ -207,7 +219,7 @@ SKIP: { # when we have an API capable of configuring the TLSv1.3 sig algs $proxy->clear(); $testtype = PSS_ONLY_SIG_ALGS; - $proxy->clientflags("-no_tls1_3 -sigalgs RSA+SHA256"); + $proxy->clientflags("-no_tls1_3 -sigalgs ".randcase("RSA+SHA256")); $proxy->ciphers("ECDHE-RSA-AES128-SHA"); $proxy->start(); ok(TLSProxy::Message->fail, "Sigalg we did not send in TLSv1.2"); @@ -215,7 +227,7 @@ SKIP: { #Test 18: Sending a valid sig algs list but not including a sig type that # matches the certificate should fail in TLSv1.2 $proxy->clear(); - $proxy->clientflags("-no_tls1_3 -sigalgs ECDSA+SHA256"); + $proxy->clientflags("-no_tls1_3 -sigalgs ".randcase("ECDSA+SHA256")); $proxy->ciphers("ECDHE-RSA-AES128-SHA"); $proxy->filter(undef); $proxy->start(); diff --git a/test/ssl-tests/01-simple.cnf b/test/ssl-tests/01-simple.cnf index dfdd3ee3378..626892a3909 100644 --- a/test/ssl-tests/01-simple.cnf +++ b/test/ssl-tests/01-simple.cnf @@ -41,12 +41,12 @@ client = 1-Server signature algorithms bug-client [1-Server signature algorithms bug-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = PSS+SHA512:RSA+SHA512 +ClientSignatureAlgorithms = PSs+SHA512:RsA+SHA512 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-Server signature algorithms bug-client] CipherString = DEFAULT -SignatureAlgorithms = PSS+SHA256:RSA+SHA256 +SignatureAlgorithms = Pss+SHA256:RSa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/test/ssl-tests/01-simple.cnf.in b/test/ssl-tests/01-simple.cnf.in index 3ffd5961396..ce502eee932 100644 --- a/test/ssl-tests/01-simple.cnf.in +++ b/test/ssl-tests/01-simple.cnf.in @@ -11,6 +11,18 @@ package ssltests; +srand(1); +sub randcase { + my ($names) = @_; + my @ret; + foreach my $name (split(/:/, $names)) { + my ($alg, $rest) = split(/(?=[+])/, $name, 2); + $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg; + push @ret, $alg . ($rest // ""); + } + return join(":", @ret); +} + our @tests = ( { name => "default", @@ -22,8 +34,8 @@ our @tests = ( { name => "Server signature algorithms bug", # Should have no effect as we aren't doing client auth - server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" }, - client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" }, + server => { "ClientSignatureAlgorithms" => randcase("PSS+SHA512:RSA+SHA512") }, + client => { "SignatureAlgorithms" => randcase("PSS+SHA256:RSA+SHA256") }, test => { "ExpectedResult" => "Success" }, }, diff --git a/test/ssl-tests/04-client_auth.cnf b/test/ssl-tests/04-client_auth.cnf index 3dae79c3702..782e36c38c9 100644 --- a/test/ssl-tests/04-client_auth.cnf +++ b/test/ssl-tests/04-client_auth.cnf @@ -725,7 +725,7 @@ client = 23-client-auth-TLSv1.2-require-client [23-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT:@SECLEVEL=0 -ClientSignatureAlgorithms = SHA256+RSA +ClientSignatureAlgorithms = SHA256+rsA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -831,7 +831,7 @@ client = 26-client-auth-TLSv1.2-require-non-empty-names-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT:@SECLEVEL=0 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -ClientSignatureAlgorithms = SHA256+RSA +ClientSignatureAlgorithms = SHA256+rsA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem diff --git a/test/ssl-tests/04-client_auth.cnf.in b/test/ssl-tests/04-client_auth.cnf.in index 57dd49b59d1..ba170bbfb81 100644 --- a/test/ssl-tests/04-client_auth.cnf.in +++ b/test/ssl-tests/04-client_auth.cnf.in @@ -27,6 +27,18 @@ if ($fips_mode) { our @tests = (); +srand(4); +sub randcase { + my ($names) = @_; + my @ret; + foreach my $name (split(/:/, $names)) { + my ($alg, $rest) = split(/(?=[+])/, $name, 2); + $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg; + push @ret, $alg . ($rest // ""); + } + return join(":", @ret); +} + sub generate_tests() { foreach (0..$#protocols) { my $protocol = $protocols[$_]; @@ -51,7 +63,7 @@ sub generate_tests() { if ($protocol_name eq "TLSv1.2") { $clihash = "SHA256"; $clisigtype = "RSA"; - $clisigalgs = "SHA256+RSA"; + $clisigalgs = "SHA256+".randcase("RSA"); } for (my $sctp = 0; $sctp <= $sctpenabled; $sctp++) { # Sanity-check simple handshake. diff --git a/test/ssl-tests/20-cert-select.cnf b/test/ssl-tests/20-cert-select.cnf index 8acb205e751..d43a44282c5 100644 --- a/test/ssl-tests/20-cert-select.cnf +++ b/test/ssl-tests/20-cert-select.cnf @@ -215,7 +215,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-P-256 CipherString and Signature Algorithm Selection-client] CipherString = aECDSA MaxProtocol = TLSv1.2 -SignatureAlgorithms = ECDSA+SHA256:ed25519 +SignatureAlgorithms = ecdSA+SHA256:eD25519 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -274,7 +274,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-ECDSA Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = eCDsa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -308,7 +308,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-ECDSA Signature Algorithm Selection SHA384-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA384 +SignatureAlgorithms = eCdSa+SHA384 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -338,7 +338,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-ECDSA Signature Algorithm Selection compressed point-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = EcDsA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -366,7 +366,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = eCdsA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -397,7 +397,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-RSA Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = RSA+SHA256 +SignatureAlgorithms = rsA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -431,7 +431,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-RSA-PSS Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = RSA-PSS+SHA256 +SignatureAlgorithms = RSA-pss+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -488,7 +488,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-Suite B P-256 Hash Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256 +SignatureAlgorithms = eCdsA+SHA384:ECdSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem VerifyMode = Peer @@ -518,7 +518,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-Suite B P-384 Hash Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384 +SignatureAlgorithms = EcdSA+SHA256:ECDSA+SHA384 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem VerifyMode = Peer @@ -554,7 +554,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem CipherString = aECDSA MaxProtocol = TLSv1.2 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -SignatureAlgorithms = ed25519:ECDSA+SHA256 +SignatureAlgorithms = eD25519:eCdsa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -590,7 +590,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem CipherString = aECDSA MaxProtocol = TLSv1.2 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem -SignatureAlgorithms = ed448:ECDSA+SHA256 +SignatureAlgorithms = Ed448:ECdSa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem VerifyMode = Peer @@ -686,7 +686,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-ECDSA Signature Algorithm Selection SHA1-client] CipherString = DEFAULT:@SECLEVEL=0 -SignatureAlgorithms = ECDSA+SHA1 +SignatureAlgorithms = ECdSa+SHA1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -752,7 +752,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem CipherString = aECDSA Curves = X25519 MaxProtocol = TLSv1.2 -SignatureAlgorithms = ECDSA+SHA256:ed25519 +SignatureAlgorithms = ecDSA+SHA256:Ed25519 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -787,7 +787,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem CipherString = aECDSA Curves = X448 MaxProtocol = TLSv1.2 -SignatureAlgorithms = ECDSA+SHA256:ed448 +SignatureAlgorithms = ECDSa+SHA256:ED448 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem VerifyMode = Peer @@ -857,7 +857,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = RSA-PSS+SHA256 +SignatureAlgorithms = rSA-pSS+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -893,7 +893,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-RSA-PSS Certificate Unified Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = rsa_pss_pss_sha256 +SignatureAlgorithms = rsA_PsS_PsS_sHa256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -946,7 +946,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem [27-Only RSA-PSS Certificate Valid Signature Algorithms-client] CipherString = DEFAULT -SignatureAlgorithms = rsa_pss_pss_sha512 +SignatureAlgorithms = rsa_psS_psS_sHa512 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -973,7 +973,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem [28-RSA-PSS Certificate, no PSS signature algorithms-client] CipherString = DEFAULT -SignatureAlgorithms = RSA+SHA256 +SignatureAlgorithms = rsa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1023,7 +1023,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem [30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client] CipherString = DEFAULT -SignatureAlgorithms = rsa_pss_pss_sha256:rsa_pss_pss_sha512 +SignatureAlgorithms = RSa_pSS_pSs_sHA256:rsa_PsS_PSs_sHA512 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1050,7 +1050,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem [31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client] CipherString = DEFAULT -SignatureAlgorithms = rsa_pss_pss_sha512:rsa_pss_pss_sha256 +SignatureAlgorithms = rsA_pss_psS_sha512:rsA_pSS_PSs_ShA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1077,7 +1077,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem [32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client] CipherString = DEFAULT -SignatureAlgorithms = rsa_pss_pss_sha512 +SignatureAlgorithms = rSa_PSS_pSS_sHa512 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1157,7 +1157,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [35-TLS 1.3 ECDSA Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = ECDsa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1189,7 +1189,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = ecDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1225,7 +1225,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client] CipherString = DEFAULT:@SECLEVEL=0 -SignatureAlgorithms = ECDSA+SHA1 +SignatureAlgorithms = eCDSa+SHA1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1258,7 +1258,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client] CipherString = DEFAULT RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256 +SignatureAlgorithms = eCdsA+SHA256:rsA-pSs+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1294,7 +1294,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384 +SignatureAlgorithms = ECdsA+SHA384:RSa-psS+SHA384 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1323,7 +1323,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client] CipherString = DEFAULT -SignatureAlgorithms = ECDSA+SHA256 +SignatureAlgorithms = eCDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1387,7 +1387,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = RSA-PSS+SHA256 +SignatureAlgorithms = Rsa-PSS+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1446,7 +1446,7 @@ client = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA N [44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = PSS+SHA256 +ClientSignatureAlgorithms = Pss+SHA256 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem @@ -1483,7 +1483,7 @@ client = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client [45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = ECDSA+SHA256 +ClientSignatureAlgorithms = ECDsA+SHA256 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require @@ -1530,7 +1530,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [46-TLS 1.3 Ed25519 Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ed25519 +SignatureAlgorithms = eD25519 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1564,7 +1564,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [47-TLS 1.3 Ed448 Signature Algorithm Selection-client] CipherString = DEFAULT -SignatureAlgorithms = ed448 +SignatureAlgorithms = eD448 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem VerifyMode = Peer @@ -1599,7 +1599,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [48-TLS 1.3 Ed25519 CipherString and Groups Selection-client] CipherString = DEFAULT Groups = X25519 -SignatureAlgorithms = ECDSA+SHA256:ed25519 +SignatureAlgorithms = EcdSA+SHA256:eD25519 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1634,7 +1634,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [49-TLS 1.3 Ed448 CipherString and Groups Selection-client] CipherString = DEFAULT Groups = X448 -SignatureAlgorithms = ECDSA+SHA256:ed448 +SignatureAlgorithms = eCDSa+SHA256:ED448 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1779,7 +1779,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [54-TLS 1.2 DSA Certificate Test-client] CipherString = ALL -SignatureAlgorithms = DSA+SHA256:DSA+SHA1 +SignatureAlgorithms = DSA+SHA256:DSa+SHA1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1799,7 +1799,7 @@ client = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client [55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256 +ClientSignatureAlgorithms = ecDSA+SHA1:DsA+SHA256:rsA+SHA256 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request @@ -1833,7 +1833,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [56-TLS 1.3 DSA Certificate Test-client] CipherString = ALL -SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256 +SignatureAlgorithms = dSA+SHA1:DSA+SHA256:ecDsa+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1856,13 +1856,13 @@ CipherString = DEFAULT MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ml-dsa-44-key.pem -SignatureAlgorithms = mldsa44 +SignatureAlgorithms = mlDsA44 [57-TLS 1.3 ML-DSA Certificate Test-client] CipherString = DEFAULT MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 -SignatureAlgorithms = mldsa44 +SignatureAlgorithms = mlDSa44 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ml-dsa-44-cert.pem VerifyMode = Peer diff --git a/test/ssl-tests/20-cert-select.cnf.in b/test/ssl-tests/20-cert-select.cnf.in index bcb54293658..af47842fd86 100644 --- a/test/ssl-tests/20-cert-select.cnf.in +++ b/test/ssl-tests/20-cert-select.cnf.in @@ -14,6 +14,18 @@ our $fips_3_4; our $fips_3_5; our $no_deflt_libctx; +srand(20); +sub randcase { + my ($names) = @_; + my @ret; + foreach my $name (split(/:/, $names)) { + my ($alg, $rest) = split(/(?=[+])/, $name, 2); + $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg; + push @ret, $alg . ($rest // ""); + } + return join(":", @ret); +} + my $server = { "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), @@ -142,7 +154,7 @@ our @tests = ( client => { "CipherString" => "aECDSA", "MaxProtocol" => "TLSv1.2", - "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"), }, test => { "ExpectedServerCertType" => "P-256", @@ -168,7 +180,7 @@ our @tests = ( name => "ECDSA Signature Algorithm Selection", server => $server, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedServerCertType" => "P-256", @@ -181,7 +193,7 @@ our @tests = ( name => "ECDSA Signature Algorithm Selection SHA384", server => $server, client => { - "SignatureAlgorithms" => "ECDSA+SHA384", + "SignatureAlgorithms" => randcase("ECDSA+SHA384"), }, test => { "ExpectedServerCertType" => "P-256", @@ -198,7 +210,7 @@ our @tests = ( "MaxProtocol" => "TLSv1.2" }, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedServerCertType" => "P-256", @@ -213,7 +225,7 @@ our @tests = ( "MaxProtocol" => "TLSv1.2" }, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedResult" => "ServerFail" @@ -223,7 +235,7 @@ our @tests = ( name => "RSA Signature Algorithm Selection", server => $server, client => { - "SignatureAlgorithms" => "RSA+SHA256", + "SignatureAlgorithms" => randcase("RSA+SHA256"), }, test => { "ExpectedServerCertType" => "RSA", @@ -236,7 +248,7 @@ our @tests = ( name => "RSA-PSS Signature Algorithm Selection", server => $server, client => { - "SignatureAlgorithms" => "RSA-PSS+SHA256", + "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"), }, test => { "ExpectedServerCertType" => "RSA", @@ -267,7 +279,7 @@ our @tests = ( }, client => { "VerifyCAFile" => test_pem("p384-root.pem"), - "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256" + "SignatureAlgorithms" => randcase("ECDSA+SHA384:ECDSA+SHA256") }, test => { "ExpectedServerCertType" => "P-256", @@ -286,7 +298,7 @@ our @tests = ( }, client => { "VerifyCAFile" => test_pem("p384-root.pem"), - "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384" + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ECDSA+SHA384") }, test => { "ExpectedServerCertType" => "P-384", @@ -301,7 +313,7 @@ our @tests = ( client => { "CipherString" => "aECDSA", "MaxProtocol" => "TLSv1.2", - "SignatureAlgorithms" => "ed25519:ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ed25519:ECDSA+SHA256"), "RequestCAFile" => test_pem("root-cert.pem"), }, test => { @@ -318,7 +330,7 @@ our @tests = ( client => { "CipherString" => "aECDSA", "MaxProtocol" => "TLSv1.2", - "SignatureAlgorithms" => "ed448:ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ed448:ECDSA+SHA256"), "RequestCAFile" => test_pem("root-ed448-cert.pem"), "VerifyCAFile" => test_pem("root-ed448-cert.pem"), }, @@ -383,7 +395,7 @@ my @tests_non_fips = ( }, client => { "CipherString" => "DEFAULT:\@SECLEVEL=0", - "SignatureAlgorithms" => "ECDSA+SHA1", + "SignatureAlgorithms" => randcase("ECDSA+SHA1"), }, test => { "ExpectedServerCertType" => "P-256", @@ -419,7 +431,7 @@ my @tests_non_fips = ( client => { "CipherString" => "aECDSA", "MaxProtocol" => "TLSv1.2", - "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"), # Excluding P-256 from the supported curves list means server # certificate should be Ed25519 and not P-256 "Curves" => "X25519" @@ -436,7 +448,7 @@ my @tests_non_fips = ( client => { "CipherString" => "aECDSA", "MaxProtocol" => "TLSv1.2", - "SignatureAlgorithms" => "ECDSA+SHA256:ed448", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed448"), "VerifyCAFile" => test_pem("root-ed448-cert.pem"), # Excluding P-256 from the supported curves list means server # certificate should be Ed25519 and not P-256 @@ -468,7 +480,7 @@ my @tests_pss = ( name => "RSA-PSS Certificate Legacy Signature Algorithm Selection", server => $server_pss, client => { - "SignatureAlgorithms" => "RSA-PSS+SHA256", + "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"), }, test => { "ExpectedServerCertType" => "RSA", @@ -481,7 +493,7 @@ my @tests_pss = ( name => "RSA-PSS Certificate Unified Signature Algorithm Selection", server => $server_pss, client => { - "SignatureAlgorithms" => "rsa_pss_pss_sha256", + "SignatureAlgorithms" => randcase("rsa_pss_pss_sha256"), }, test => { "ExpectedServerCertType" => "RSA-PSS", @@ -505,7 +517,7 @@ my @tests_pss = ( name => "Only RSA-PSS Certificate Valid Signature Algorithms", server => $server_pss_only, client => { - "SignatureAlgorithms" => "rsa_pss_pss_sha512", + "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512"), }, test => { "ExpectedServerCertType" => "RSA-PSS", @@ -518,7 +530,7 @@ my @tests_pss = ( name => "RSA-PSS Certificate, no PSS signature algorithms", server => $server_pss_only, client => { - "SignatureAlgorithms" => "RSA+SHA256", + "SignatureAlgorithms" => randcase("RSA+SHA256"), }, test => { "ExpectedResult" => "ServerFail" @@ -539,7 +551,7 @@ my @tests_pss = ( name => "RSA-PSS Restricted Certificate Valid Signature Algorithms", server => $server_pss_restrict_only, client => { - "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512", + "SignatureAlgorithms" => randcase("rsa_pss_pss_sha256:rsa_pss_pss_sha512"), }, test => { "ExpectedServerCertType" => "RSA-PSS", @@ -552,7 +564,7 @@ my @tests_pss = ( name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm", server => $server_pss_restrict_only, client => { - "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256", + "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512:rsa_pss_pss_sha256"), }, test => { "ExpectedServerCertType" => "RSA-PSS", @@ -565,7 +577,7 @@ my @tests_pss = ( name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms", server => $server_pss_restrict_only, client => { - "SignatureAlgorithms" => "rsa_pss_pss_sha512", + "SignatureAlgorithms" => randcase("rsa_pss_pss_sha512"), }, test => { "ExpectedResult" => "ServerFail" @@ -642,7 +654,7 @@ my @tests_tls_1_3 = ( name => "TLS 1.3 ECDSA Signature Algorithm Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedServerCertType" => "P-256", @@ -661,7 +673,7 @@ my @tests_tls_1_3 = ( "MaxProtocol" => "TLSv1.3" }, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedServerCertType" => "P-256", @@ -686,7 +698,7 @@ my @tests_tls_1_3 = ( }, client => { "CipherString" => "DEFAULT:\@SECLEVEL=0", - "SignatureAlgorithms" => "ECDSA+SHA1", + "SignatureAlgorithms" => randcase("ECDSA+SHA1"), }, test => { "ExpectedResult" => "ServerFail" @@ -696,7 +708,7 @@ my @tests_tls_1_3 = ( name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:RSA-PSS+SHA256"), "RequestCAFile" => test_pem("root-cert.pem"), }, test => { @@ -711,7 +723,7 @@ my @tests_tls_1_3 = ( name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384", + "SignatureAlgorithms" => randcase("ECDSA+SHA384:RSA-PSS+SHA384"), }, test => { "ExpectedServerCertType" => "RSA", @@ -727,7 +739,7 @@ my @tests_tls_1_3 = ( "MaxProtocol" => "TLSv1.3" }, client => { - "SignatureAlgorithms" => "ECDSA+SHA256", + "SignatureAlgorithms" => randcase("ECDSA+SHA256"), }, test => { "ExpectedResult" => "ServerFail" @@ -737,7 +749,7 @@ my @tests_tls_1_3 = ( name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "RSA+SHA256", + "SignatureAlgorithms" => randcase("RSA+SHA256"), }, test => { "ExpectedResult" => "ServerFail" @@ -747,7 +759,7 @@ my @tests_tls_1_3 = ( name => "TLS 1.3 RSA-PSS Signature Algorithm Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "RSA-PSS+SHA256", + "SignatureAlgorithms" => randcase("RSA-PSS+SHA256"), }, test => { "ExpectedServerCertType" => "RSA", @@ -759,7 +771,7 @@ my @tests_tls_1_3 = ( { name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection", server => { - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Require" }, @@ -775,7 +787,7 @@ my @tests_tls_1_3 = ( { name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names", server => { - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "RequestCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Require" @@ -792,7 +804,7 @@ my @tests_tls_1_3 = ( { name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection", server => { - "ClientSignatureAlgorithms" => "ECDSA+SHA256", + "ClientSignatureAlgorithms" => randcase("ECDSA+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Require" }, @@ -811,7 +823,7 @@ my @tests_tls_1_3_non_fips = ( name => "TLS 1.3 Ed25519 Signature Algorithm Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ed25519", + "SignatureAlgorithms" => randcase("ed25519"), }, test => { "ExpectedServerCertType" => "Ed25519", @@ -823,7 +835,7 @@ my @tests_tls_1_3_non_fips = ( name => "TLS 1.3 Ed448 Signature Algorithm Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ed448", + "SignatureAlgorithms" => randcase("ed448"), "VerifyCAFile" => test_pem("root-ed448-cert.pem"), }, test => { @@ -836,7 +848,7 @@ my @tests_tls_1_3_non_fips = ( name => "TLS 1.3 Ed25519 CipherString and Groups Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed25519"), # Excluding P-256 from the supported groups list should # mean server still uses a P-256 certificate because supported # groups is not used in signature selection for TLS 1.3 @@ -852,7 +864,7 @@ my @tests_tls_1_3_non_fips = ( name => "TLS 1.3 Ed448 CipherString and Groups Selection", server => $server_tls_1_3, client => { - "SignatureAlgorithms" => "ECDSA+SHA256:ed448", + "SignatureAlgorithms" => randcase("ECDSA+SHA256:ed448"), # Excluding P-256 from the supported groups list should # mean server still uses a P-256 certificate because supported # groups is not used in signature selection for TLS 1.3 @@ -951,7 +963,7 @@ my @tests_dsa_tls_1_2 = ( "CipherString" => "ALL", }, client => { - "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1", + "SignatureAlgorithms" => randcase("DSA+SHA256:DSA+SHA1"), "CipherString" => "ALL", }, test => { @@ -964,7 +976,7 @@ my @tests_dsa_tls_1_3 = ( { name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms", server => { - "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256", + "ClientSignatureAlgorithms" => randcase("ECDSA+SHA1:DSA+SHA256:RSA+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Request" }, @@ -983,7 +995,7 @@ my @tests_dsa_tls_1_3 = ( "CipherString" => "ALL", }, client => { - "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256", + "SignatureAlgorithms" => randcase("DSA+SHA1:DSA+SHA256:ECDSA+SHA256"), "CipherString" => "ALL", }, test => { @@ -1005,12 +1017,12 @@ my @tests_mldsa_tls_1_3 = ( "PrivateKey" => test_pem("server-ml-dsa-44-key.pem"), "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "SignatureAlgorithms" => "mldsa44", + "SignatureAlgorithms" => randcase("mldsa44"), }, client => { "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "SignatureAlgorithms" => "mldsa44", + "SignatureAlgorithms" => randcase("mldsa44"), "VerifyCAFile" => test_pem("root-ml-dsa-44-cert.pem"), "VerifyMode" => "Peer", }, diff --git a/test/ssl-tests/26-tls13_client_auth.cnf b/test/ssl-tests/26-tls13_client_auth.cnf index 9c42391906a..184c3704d00 100644 --- a/test/ssl-tests/26-tls13_client_auth.cnf +++ b/test/ssl-tests/26-tls13_client_auth.cnf @@ -113,7 +113,7 @@ client = 3-client-auth-TLSv1.3-require-client [3-client-auth-TLSv1.3-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = PSS+SHA256 +ClientSignatureAlgorithms = pSS+SHA256 MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -150,7 +150,7 @@ client = 4-client-auth-TLSv1.3-require-non-empty-names-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -ClientSignatureAlgorithms = PSS+SHA256 +ClientSignatureAlgorithms = pSS+SHA256 MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -276,7 +276,7 @@ client = 8-client-auth-TLSv1.3-require-post-handshake-client [8-client-auth-TLSv1.3-require-post-handshake-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = PSS+SHA256 +ClientSignatureAlgorithms = pss+SHA256 MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -318,7 +318,7 @@ client = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem -ClientSignatureAlgorithms = PSS+SHA256 +ClientSignatureAlgorithms = psS+SHA256 MaxProtocol = TLSv1.3 MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem diff --git a/test/ssl-tests/26-tls13_client_auth.cnf.in b/test/ssl-tests/26-tls13_client_auth.cnf.in index c1e70b7f3da..8c70d711265 100644 --- a/test/ssl-tests/26-tls13_client_auth.cnf.in +++ b/test/ssl-tests/26-tls13_client_auth.cnf.in @@ -17,6 +17,18 @@ use warnings; package ssltests; use OpenSSL::Test::Utils; +srand(26); +sub randcase { + my ($names) = @_; + my @ret; + foreach my $name (split(/:/, $names)) { + my ($alg, $rest) = split(/(?=[+])/, $name, 2); + $alg =~ s{([a-zA-Z])}{chr(ord($1)^(int(rand(2.0)) * 32))}eg; + push @ret, $alg . ($rest // ""); + } + return join(":", @ret); +} + our @tests = ( { name => "server-auth-TLSv1.3", @@ -69,7 +81,7 @@ our @tests = ( server => { "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Request", }, @@ -92,7 +104,7 @@ our @tests = ( server => { "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "ClientCAFile" => test_pem("root-cert.pem"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "Request", @@ -167,7 +179,7 @@ our @tests = ( server => { "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "RequestPostHandshake", }, @@ -194,7 +206,7 @@ our @tests = ( server => { "MinProtocol" => "TLSv1.3", "MaxProtocol" => "TLSv1.3", - "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientSignatureAlgorithms" => randcase("PSS+SHA256"), "ClientCAFile" => test_pem("root-cert.pem"), "VerifyCAFile" => test_pem("root-cert.pem"), "VerifyMode" => "RequestPostHandshake", -- 2.47.2