Enable TLSv1.3 by default

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5266)

.travis.yml

@@ -43,7 +43,7 @@ matrix:
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env: CONFIG_OPTS="--strict-warnings enable-tls1_3" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
+          env: CONFIG_OPTS="--strict-warnings" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
         - os: linux
           compiler: clang-3.9
           env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"

CHANGES

@@ -9,6 +9,26 @@
 
  Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
 
+  *) Support for TLSv1.3 added. Note that users upgrading from an earlier
+     version of OpenSSL should review their configuration settings to ensure
+     that they are still appropriate for TLSv1.3. In particular if no TLSv1.3
+     ciphersuites are enabled then OpenSSL will refuse to make a connection
+     unless (1) TLSv1.3 is explicitly disabled or (2) the ciphersuite
+     configuration is updated to include suitable ciphersuites. The DEFAULT
+     ciphersuite configuration does include TLSv1.3 ciphersuites. For further
+     information on this and other related issues please see:
+     https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/
+
+     NOTE: In this pre-release of OpenSSL a draft version of the
+     TLSv1.3 standard has been implemented. Implementations of different draft
+     versions of the standard do not inter-operate, and this version will not
+     inter-operate with an implementation of the final standard when it is
+     eventually published. Different pre-release versions may implement
+     different versions of the draft. The final version of OpenSSL 1.1.1 will
+     implement the final version of the standard.
+     TODO(TLS1.3): Remove the above note before final release
+     [Matt Caswell]
+
   *) Changed Configure so it only says what it does and doesn't dump
      so much data.  Instead, ./configdata.pm should be used as a script
      to display all sorts of configuration data.

Configure

@@ -435,8 +435,6 @@ our %disabled = ( # "what"         => "comment"
 		  "ssl3"                => "default",
 		  "ssl3-method"         => "default",
                   "ubsan"		=> "default",
-          #TODO(TLS1.3): Temporarily disabled while this is a WIP
-		  "tls1_3"              => "default",
 		  "tls13downgrade"      => "default",
 		  "unit-test"           => "default",
 		  "weak-ssl-ciphers"    => "default",

INSTALL

@@ -482,27 +482,24 @@
                    likely to complement configuration command line with
                    suitable compiler-specific option.
 
-  enable-tls1_3
-                   TODO(TLS1.3): Make this enabled by default
-                   Build support for TLS1.3. Note: This is a WIP feature and
-                   only a single draft version is supported.  Implementations
-                   of different draft versions will negotiate TLS 1.2 instead
-                   of (draft) TLS 1.3.  Use with caution!!
-
   no-<prot>
                    Don't build support for negotiating the specified SSL/TLS
-                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2, dtls,
-                   dtls1 or dtls1_2). If "no-tls" is selected then all of tls1,
-                   tls1_1 and tls1_2 are disabled. Similarly "no-dtls" will
-                   disable dtls1 and dtls1_2. The "no-ssl" option is synonymous
-                   with "no-ssl3". Note this only affects version negotiation.
-                   OpenSSL will still provide the methods for applications to
-                   explicitly select the individual protocol versions.
+                   protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2,
+                   tls1_3, dtls, dtls1 or dtls1_2). If "no-tls" is selected then
+                   all of tls1, tls1_1, tls1_2 and tls1_3 are disabled.
+                   Similarly "no-dtls" will disable dtls1 and dtls1_2. The
+                   "no-ssl" option is synonymous with "no-ssl3". Note this only
+                   affects version negotiation. OpenSSL will still provide the
+                   methods for applications to explicitly select the individual
+                   protocol versions.
 
   no-<prot>-method
                    As for no-<prot> but in addition do not build the methods for
                    applications to explicitly select individual protocol
-                   versions.
+                   versions. Note that there is no "no-tls1_3-method" option
+                   because there is no application method for TLSv1.3. Using
+                   invidivial protocol methods directly is deprecated.
+                   Applications should use TLS_method() instead.
 
   enable-<alg>
                    Build with support for the specified algorithm, where <alg>

NEWS

@@ -7,6 +7,7 @@
 
   Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.1 [under development]
 
+      o Support for TLSv1.3 added
       o Move the display of configuration data to configdata.pm.
       o Allow GNU style "make variables" to be used with Configure.
       o Add a STORE module (OSSL_STORE)

test/recipes/80-test_ssl_new.t

@@ -34,7 +34,7 @@ plan tests => 26;  # = scalar @conf_srcs
 # verify generated sources in the default configuration.
 my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
                       !disabled("tls1_1") && !disabled("tls1_2") &&
-                      disabled("tls1_3"));
+                      !disabled("tls1_3"));
 
 my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));
 

test/ssl-tests/20-cert-select.conf

@@ -1,6 +1,6 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 23
+num_tests = 39
 
 test-0 = 0-ECDSA CipherString Selection
 test-1 = 1-Ed25519 CipherString and Signature Algorithm Selection
@@ -24,7 +24,23 @@ test-18 = 18-Suite B P-256 Hash Algorithm Selection
 test-19 = 19-Suite B P-384 Hash Algorithm Selection
 test-20 = 20-TLS 1.2 Ed25519 Client Auth
 test-21 = 21-Only RSA-PSS Certificate, TLS v1.1
-test-22 = 22-TLS 1.2 DSA Certificate Test
+test-22 = 22-TLS 1.3 ECDSA Signature Algorithm Selection
+test-23 = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
+test-24 = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
+test-25 = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
+test-26 = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
+test-27 = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
+test-28 = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS
+test-29 = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection
+test-30 = 30-TLS 1.3 Ed25519 Signature Algorithm Selection
+test-31 = 31-TLS 1.3 Ed25519 CipherString and Groups Selection
+test-32 = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection
+test-33 = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
+test-34 = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
+test-35 = 35-TLS 1.3 Ed25519 Client Auth
+test-36 = 36-TLS 1.2 DSA Certificate Test
+test-37 = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
+test-38 = 38-TLS 1.3 DSA Certificate Test
 # ===========================================================
 
 [0-ECDSA CipherString Selection]
@@ -697,14 +713,467 @@ ExpectedResult = ServerFail
 
 # ===========================================================
 
-[22-TLS 1.2 DSA Certificate Test]
-ssl_conf = 22-TLS 1.2 DSA Certificate Test-ssl
+[22-TLS 1.3 ECDSA Signature Algorithm Selection]
+ssl_conf = 22-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
 
-[22-TLS 1.2 DSA Certificate Test-ssl]
-server = 22-TLS 1.2 DSA Certificate Test-server
-client = 22-TLS 1.2 DSA Certificate Test-client
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
+server = 22-TLS 1.3 ECDSA Signature Algorithm Selection-server
+client = 22-TLS 1.3 ECDSA Signature Algorithm Selection-client
 
-[22-TLS 1.2 DSA Certificate Test-server]
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-22]
+ExpectedResult = Success
+ExpectedServerCANames = empty
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
+ssl_conf = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
+server = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
+client = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-23]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
+ssl_conf = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
+server = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
+client = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-24]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
+ssl_conf = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
+server = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
+client = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
+CipherString = DEFAULT
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-25]
+ExpectedResult = Success
+ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
+ssl_conf = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
+server = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
+client = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-26]
+ExpectedResult = Success
+ExpectedServerCertType = RSA
+ExpectedServerSignHash = SHA384
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
+ssl_conf = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
+server = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
+client = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-27]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
+ssl_conf = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
+server = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
+client = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
+CipherString = DEFAULT
+SignatureAlgorithms = RSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-28]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection]
+ssl_conf = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
+server = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
+client = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = RSA-PSS+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-29]
+ExpectedResult = Success
+ExpectedServerCertType = RSA
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection]
+ssl_conf = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
+server = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-server
+client = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-client
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ed25519
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-30]
+ExpectedResult = Success
+ExpectedServerCertType = Ed25519
+ExpectedServerSignType = Ed25519
+
+
+# ===========================================================
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection]
+ssl_conf = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
+server = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-server
+client = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-client
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
+CipherString = DEFAULT
+Groups = X25519
+SignatureAlgorithms = ECDSA+SHA256:ed25519
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-31]
+ExpectedResult = Success
+ExpectedServerCertType = P-256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
+ssl_conf = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
+server = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
+client = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-32]
+ExpectedClientCANames = empty
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
+ssl_conf = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
+server = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
+client = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-33]
+ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
+ssl_conf = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
+server = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
+client = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = ECDSA+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-34]
+ExpectedClientCertType = P-256
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = EC
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[35-TLS 1.3 Ed25519 Client Auth]
+ssl_conf = 35-TLS 1.3 Ed25519 Client Auth-ssl
+
+[35-TLS 1.3 Ed25519 Client Auth-ssl]
+server = 35-TLS 1.3 Ed25519 Client Auth-server
+client = 35-TLS 1.3 Ed25519 Client Auth-client
+
+[35-TLS 1.3 Ed25519 Client Auth-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[35-TLS 1.3 Ed25519 Client Auth-client]
+CipherString = DEFAULT
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-35]
+ExpectedClientCertType = Ed25519
+ExpectedClientSignType = Ed25519
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[36-TLS 1.2 DSA Certificate Test]
+ssl_conf = 36-TLS 1.2 DSA Certificate Test-ssl
+
+[36-TLS 1.2 DSA Certificate Test-ssl]
+server = 36-TLS 1.2 DSA Certificate Test-server
+client = 36-TLS 1.2 DSA Certificate Test-client
+
+[36-TLS 1.2 DSA Certificate Test-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = ALL
 DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
@@ -714,13 +1183,67 @@ MaxProtocol = TLSv1.2
 MinProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[22-TLS 1.2 DSA Certificate Test-client]
+[36-TLS 1.2 DSA Certificate Test-client]
 CipherString = ALL
 SignatureAlgorithms = DSA+SHA256:DSA+SHA1
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-22]
+[test-36]
 ExpectedResult = Success
 
 
+# ===========================================================
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
+ssl_conf = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
+server = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
+client = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Request
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-37]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[38-TLS 1.3 DSA Certificate Test]
+ssl_conf = 38-TLS 1.3 DSA Certificate Test-ssl
+
+[38-TLS 1.3 DSA Certificate Test-ssl]
+server = 38-TLS 1.3 DSA Certificate Test-server
+client = 38-TLS 1.3 DSA Certificate Test-client
+
+[38-TLS 1.3 DSA Certificate Test-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = ALL
+DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
+DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[38-TLS 1.3 DSA Certificate Test-client]
+CipherString = ALL
+SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-38]
+ExpectedResult = ServerFail
+
+

test/ssl-tests/22-compression.conf

@@ -1,55 +1,57 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 4
+num_tests = 8
 
-test-0 = 0-tlsv1_2-both-compress
-test-1 = 1-tlsv1_2-client-compress
-test-2 = 2-tlsv1_2-server-compress
-test-3 = 3-tlsv1_2-neither-compress
+test-0 = 0-tlsv1_3-both-compress
+test-1 = 1-tlsv1_3-client-compress
+test-2 = 2-tlsv1_3-server-compress
+test-3 = 3-tlsv1_3-neither-compress
+test-4 = 4-tlsv1_2-both-compress
+test-5 = 5-tlsv1_2-client-compress
+test-6 = 6-tlsv1_2-server-compress
+test-7 = 7-tlsv1_2-neither-compress
 # ===========================================================
 
-[0-tlsv1_2-both-compress]
-ssl_conf = 0-tlsv1_2-both-compress-ssl
+[0-tlsv1_3-both-compress]
+ssl_conf = 0-tlsv1_3-both-compress-ssl
 
-[0-tlsv1_2-both-compress-ssl]
-server = 0-tlsv1_2-both-compress-server
-client = 0-tlsv1_2-both-compress-client
+[0-tlsv1_3-both-compress-ssl]
+server = 0-tlsv1_3-both-compress-server
+client = 0-tlsv1_3-both-compress-client
 
-[0-tlsv1_2-both-compress-server]
+[0-tlsv1_3-both-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 Options = Compression
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[0-tlsv1_2-both-compress-client]
+[0-tlsv1_3-both-compress-client]
 CipherString = DEFAULT
-MaxProtocol = TLSv1.2
 Options = Compression
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-0]
-CompressionExpected = Yes
+CompressionExpected = No
 ExpectedResult = Success
 
 
 # ===========================================================
 
-[1-tlsv1_2-client-compress]
-ssl_conf = 1-tlsv1_2-client-compress-ssl
+[1-tlsv1_3-client-compress]
+ssl_conf = 1-tlsv1_3-client-compress-ssl
 
-[1-tlsv1_2-client-compress-ssl]
-server = 1-tlsv1_2-client-compress-server
-client = 1-tlsv1_2-client-compress-client
+[1-tlsv1_3-client-compress-ssl]
+server = 1-tlsv1_3-client-compress-server
+client = 1-tlsv1_3-client-compress-client
 
-[1-tlsv1_2-client-compress-server]
+[1-tlsv1_3-client-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[1-tlsv1_2-client-compress-client]
+[1-tlsv1_3-client-compress-client]
 CipherString = DEFAULT
-MaxProtocol = TLSv1.2
 Options = Compression
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -61,22 +63,21 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[2-tlsv1_2-server-compress]
-ssl_conf = 2-tlsv1_2-server-compress-ssl
+[2-tlsv1_3-server-compress]
+ssl_conf = 2-tlsv1_3-server-compress-ssl
 
-[2-tlsv1_2-server-compress-ssl]
-server = 2-tlsv1_2-server-compress-server
-client = 2-tlsv1_2-server-compress-client
+[2-tlsv1_3-server-compress-ssl]
+server = 2-tlsv1_3-server-compress-server
+client = 2-tlsv1_3-server-compress-client
 
-[2-tlsv1_2-server-compress-server]
+[2-tlsv1_3-server-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 Options = Compression
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[2-tlsv1_2-server-compress-client]
+[2-tlsv1_3-server-compress-client]
 CipherString = DEFAULT
-MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
@@ -87,21 +88,20 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[3-tlsv1_2-neither-compress]
-ssl_conf = 3-tlsv1_2-neither-compress-ssl
+[3-tlsv1_3-neither-compress]
+ssl_conf = 3-tlsv1_3-neither-compress-ssl
 
-[3-tlsv1_2-neither-compress-ssl]
-server = 3-tlsv1_2-neither-compress-server
-client = 3-tlsv1_2-neither-compress-client
+[3-tlsv1_3-neither-compress-ssl]
+server = 3-tlsv1_3-neither-compress-server
+client = 3-tlsv1_3-neither-compress-client
 
-[3-tlsv1_2-neither-compress-server]
+[3-tlsv1_3-neither-compress-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[3-tlsv1_2-neither-compress-client]
+[3-tlsv1_3-neither-compress-client]
 CipherString = DEFAULT
-MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
@@ -110,3 +110,107 @@ CompressionExpected = No
 ExpectedResult = Success
 
 
+# ===========================================================
+
+[4-tlsv1_2-both-compress]
+ssl_conf = 4-tlsv1_2-both-compress-ssl
+
+[4-tlsv1_2-both-compress-ssl]
+server = 4-tlsv1_2-both-compress-server
+client = 4-tlsv1_2-both-compress-client
+
+[4-tlsv1_2-both-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[4-tlsv1_2-both-compress-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-4]
+CompressionExpected = Yes
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[5-tlsv1_2-client-compress]
+ssl_conf = 5-tlsv1_2-client-compress-ssl
+
+[5-tlsv1_2-client-compress-ssl]
+server = 5-tlsv1_2-client-compress-server
+client = 5-tlsv1_2-client-compress-client
+
+[5-tlsv1_2-client-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[5-tlsv1_2-client-compress-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-5]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[6-tlsv1_2-server-compress]
+ssl_conf = 6-tlsv1_2-server-compress-ssl
+
+[6-tlsv1_2-server-compress-ssl]
+server = 6-tlsv1_2-server-compress-server
+client = 6-tlsv1_2-server-compress-client
+
+[6-tlsv1_2-server-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[6-tlsv1_2-server-compress-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-6]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[7-tlsv1_2-neither-compress]
+ssl_conf = 7-tlsv1_2-neither-compress-ssl
+
+[7-tlsv1_2-neither-compress-ssl]
+server = 7-tlsv1_2-neither-compress-server
+client = 7-tlsv1_2-neither-compress-client
+
+[7-tlsv1_2-neither-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[7-tlsv1_2-neither-compress-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-7]
+CompressionExpected = No
+ExpectedResult = Success
+
+