wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Ed25519 TLS 1.3 and 1.2 tests

Browse source 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
This commit is contained in:
Dr. Stephen Henson 2017-06-15 00:34:20 +01:00
parent 60bbed3ff6
commit fbe1af9dfe
1 changed files with 70 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
test/ssl-tests/20-cert-select.conf.in
View file

@ -12,6 +12,8 @@ use OpenSSL::Test::Utils;
my $server = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"EdDSA.Certificate" => test_pem("server-ed25519-cert.pem"),
"EdDSA.PrivateKey" => test_pem("server-ed25519-key.pem"),
"MaxProtocol" => "TLSv1.2"
};
@ -32,6 +34,23 @@ our @tests = (
"ExpectedResult" => "Success"
},
},
{
name => "Ed25519 CipherString and Signature Algorithm Selection",
server => $server,
client => {
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ed25519:ECDSA+SHA256",
"RequestCAFile" => test_pem("root-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "Ed25519",
"ExpectedServerSignType" =>, "Ed25519",
# Note: certificate_authorities not sent for TLS < 1.3
"ExpectedServerCANames" =>, "empty",
"ExpectedResult" => "Success"
},
},
{
name => "RSA CipherString Selection",
server => $server,
@ -189,13 +208,33 @@ our @tests = (
"ExpectedServerSignType" => "EC",
"ExpectedResult" => "Success"
},
}
},
{
name => "TLS 1.2 Ed25519 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
"EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
"MinProtocol" => "TLSv1.2",
"MaxProtocol" => "TLSv1.2"
},
test => {
"ExpectedClientCertType" => "Ed25519",
"ExpectedClientSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
);
my $server_tls_1_3 = {
"ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
"ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
"EdDSA.Certificate" => test_pem("server-ed25519-cert.pem"),
"EdDSA.PrivateKey" => test_pem("server-ed25519-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
};
@ -313,6 +352,18 @@ my @tests_tls_1_3 = (
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed25519 Signature Algorithm Selection",
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ed25519",
},
test => {
"ExpectedServerCertType" => "Ed25519",
"ExpectedServerSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection",
server => {
@ -361,6 +412,24 @@ my @tests_tls_1_3 = (
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Ed25519 Client Auth",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require"
},
client => {
"EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"),
"EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"),
"MinProtocol" => "TLSv1.3",
"MaxProtocol" => "TLSv1.3"
},
test => {
"ExpectedClientCertType" => "Ed25519",
"ExpectedClientSignType" => "Ed25519",
"ExpectedResult" => "Success"
},
},
{
name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms",
server => {