Loading test/ssl-tests/04-client_auth.conf +2 −0 Original line number Diff line number Diff line Loading @@ -543,6 +543,7 @@ client = 18-client-auth-TLSv1.2-require-client [18-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ClientSignatureAlgorithms = SHA256+RSA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Loading @@ -560,6 +561,7 @@ VerifyMode = Peer [test-18] ExpectedClientCertType = RSA ExpectedClientSignHash = SHA256 ExpectedResult = Success Loading test/ssl-tests/04-client_auth.conf.in +9 −0 Original line number Diff line number Diff line Loading @@ -33,6 +33,13 @@ sub generate_tests() { } else { $caalert = "UnknownCA"; } my $clihash; my $clisigalgs; # TODO add TLSv1.3 versions if ($protocol_name eq "TLSv1.2") { $clihash = "SHA256"; $clisigalgs = "SHA256+RSA"; } # Sanity-check simple handshake. push @tests, { name => "server-auth-${protocol_name}", Loading Loading @@ -87,6 +94,7 @@ sub generate_tests() { server => { "MinProtocol" => $protocol, "MaxProtocol" => $protocol, "ClientSignatureAlgorithms" => $clisigalgs, "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem", "VerifyMode" => "Request", }, Loading @@ -98,6 +106,7 @@ sub generate_tests() { }, test => { "ExpectedResult" => "Success", "ExpectedClientCertType" => "RSA", "ExpectedClientSignHash" => $clihash, }, }; Loading test/ssl-tests/20-cert-select.conf +2 −0 Original line number Diff line number Diff line Loading @@ -111,6 +111,7 @@ VerifyMode = Peer [test-3] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA256 # =========================================================== Loading Loading @@ -163,5 +164,6 @@ VerifyMode = Peer [test-5] ExpectedResult = Success ExpectedServerCertType = RSA ExpectedServerSignHash = SHA256 test/ssl-tests/20-cert-select.conf.in +4 −2 Original line number Diff line number Diff line Loading @@ -59,7 +59,8 @@ our @tests = ( "SignatureAlgorithms" => "ECDSA+SHA256", }, test => { "ExpectedServerCertType" =>, "P-256", "ExpectedServerCertType" => "P-256", "ExpectedServerSignHash" => "SHA256", "ExpectedResult" => "Success" }, }, Loading @@ -80,7 +81,8 @@ our @tests = ( "SignatureAlgorithms" => "RSA+SHA256", }, test => { "ExpectedServerCertType" =>, "RSA", "ExpectedServerCertType" => "RSA", "ExpectedServerSignHash" => "SHA256", "ExpectedResult" => "Success" }, } Loading Loading
test/ssl-tests/04-client_auth.conf +2 −0 Original line number Diff line number Diff line Loading @@ -543,6 +543,7 @@ client = 18-client-auth-TLSv1.2-require-client [18-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ClientSignatureAlgorithms = SHA256+RSA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Loading @@ -560,6 +561,7 @@ VerifyMode = Peer [test-18] ExpectedClientCertType = RSA ExpectedClientSignHash = SHA256 ExpectedResult = Success Loading
test/ssl-tests/04-client_auth.conf.in +9 −0 Original line number Diff line number Diff line Loading @@ -33,6 +33,13 @@ sub generate_tests() { } else { $caalert = "UnknownCA"; } my $clihash; my $clisigalgs; # TODO add TLSv1.3 versions if ($protocol_name eq "TLSv1.2") { $clihash = "SHA256"; $clisigalgs = "SHA256+RSA"; } # Sanity-check simple handshake. push @tests, { name => "server-auth-${protocol_name}", Loading Loading @@ -87,6 +94,7 @@ sub generate_tests() { server => { "MinProtocol" => $protocol, "MaxProtocol" => $protocol, "ClientSignatureAlgorithms" => $clisigalgs, "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem", "VerifyMode" => "Request", }, Loading @@ -98,6 +106,7 @@ sub generate_tests() { }, test => { "ExpectedResult" => "Success", "ExpectedClientCertType" => "RSA", "ExpectedClientSignHash" => $clihash, }, }; Loading
test/ssl-tests/20-cert-select.conf +2 −0 Original line number Diff line number Diff line Loading @@ -111,6 +111,7 @@ VerifyMode = Peer [test-3] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA256 # =========================================================== Loading Loading @@ -163,5 +164,6 @@ VerifyMode = Peer [test-5] ExpectedResult = Success ExpectedServerCertType = RSA ExpectedServerSignHash = SHA256
test/ssl-tests/20-cert-select.conf.in +4 −2 Original line number Diff line number Diff line Loading @@ -59,7 +59,8 @@ our @tests = ( "SignatureAlgorithms" => "ECDSA+SHA256", }, test => { "ExpectedServerCertType" =>, "P-256", "ExpectedServerCertType" => "P-256", "ExpectedServerSignHash" => "SHA256", "ExpectedResult" => "Success" }, }, Loading @@ -80,7 +81,8 @@ our @tests = ( "SignatureAlgorithms" => "RSA+SHA256", }, test => { "ExpectedServerCertType" =>, "RSA", "ExpectedServerCertType" => "RSA", "ExpectedServerSignHash" => "SHA256", "ExpectedResult" => "Success" }, } Loading
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2235)