[openssl] master update
Kurt Roeckx
kurt at openssl.org
Tue Feb 11 22:25:28 UTC 2020
The branch master has been updated
via 620c97b671a9c7bc31ca36a24b2242aa1aa80022 (commit)
via 77c4d3972400adf1bcb76ceea359f5453cc3e8e4 (commit)
from d819760d3da5dd5491c94a2d6b36553708c9338b (commit)
- Log -----------------------------------------------------------------
commit 620c97b671a9c7bc31ca36a24b2242aa1aa80022
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Sun Feb 9 19:28:15 2020 +0100
Check that ed25519 and ed448 are allowed by the security level
Signature algorithms not using an MD weren't checked that they're
allowed by the security level.
Reviewed-by: Matt Caswell <matt at openssl.org>
GH: #10785
commit 77c4d3972400adf1bcb76ceea359f5453cc3e8e4
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Thu Jan 2 23:16:30 2020 +0100
Generate new Ed488 certificates
Create a whole chain of Ed488 certificates so that we can use it at security
level 4 (192 bit). We had an 2048 bit RSA (112 bit, level 2) root sign the
Ed488 certificate using SHA256 (128 bit, level 3).
Reviewed-by: Matt Caswell <matt at openssl.org>
GH: #10785
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 59 ++++++++++++------
test/certs/root-ed448-cert.pem | 10 ++++
test/certs/root-ed448-key.pem | 4 ++
test/certs/server-ed448-cert.pem | 21 +++----
test/certs/setup.sh | 5 ++
test/ssl-tests/20-cert-select.conf | 8 +--
test/ssl-tests/20-cert-select.conf.in | 5 +-
test/ssl-tests/28-seclevel.conf | 110 ++++++++++++++++++++++++----------
test/ssl-tests/28-seclevel.conf.in | 33 ++++++++--
9 files changed, 185 insertions(+), 70 deletions(-)
create mode 100644 test/certs/root-ed448-cert.pem
create mode 100644 test/certs/root-ed448-key.pem
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 103a8f18bb..aedb521015 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1075,6 +1075,31 @@ int tls_check_sigalg_curve(const SSL *s, int curve)
}
#endif
+/*
+ * Return the number of security bits for the signature algorithm, or 0 on
+ * error.
+ */
+static int sigalg_security_bits(SSL_CTX *ctx, const SIGALG_LOOKUP *lu)
+{
+ const EVP_MD *md = NULL;
+ int secbits = 0;
+
+ if (!tls1_lookup_md(ctx, lu, &md))
+ return 0;
+ if (md != NULL)
+ {
+ /* Security bits: half digest bits */
+ secbits = EVP_MD_size(md) * 4;
+ } else {
+ /* Values from https://tools.ietf.org/html/rfc8032#section-8.5 */
+ if (lu->sigalg == TLSEXT_SIGALG_ed25519)
+ secbits = 128;
+ else if (lu->sigalg == TLSEXT_SIGALG_ed448)
+ secbits = 224;
+ }
+ return secbits;
+}
+
/*
* Check signature algorithm is consistent with sent supported signature
* algorithms and if so set relevant digest and signature scheme in
@@ -1088,6 +1113,7 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
size_t sent_sigslen, i, cidx;
int pkeyid = EVP_PKEY_id(pkey);
const SIGALG_LOOKUP *lu;
+ int secbits = 0;
/* Should never happen */
if (pkeyid == -1)
@@ -1189,20 +1215,20 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
SSL_R_UNKNOWN_DIGEST);
return 0;
}
- if (md != NULL) {
- /*
- * Make sure security callback allows algorithm. For historical
- * reasons we have to pass the sigalg as a two byte char array.
- */
- sigalgstr[0] = (sig >> 8) & 0xff;
- sigalgstr[1] = sig & 0xff;
- if (!ssl_security(s, SSL_SECOP_SIGALG_CHECK,
- EVP_MD_size(md) * 4, EVP_MD_type(md),
- (void *)sigalgstr)) {
- SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS12_CHECK_PEER_SIGALG,
- SSL_R_WRONG_SIGNATURE_TYPE);
- return 0;
- }
+ /*
+ * Make sure security callback allows algorithm. For historical
+ * reasons we have to pass the sigalg as a two byte char array.
+ */
+ sigalgstr[0] = (sig >> 8) & 0xff;
+ sigalgstr[1] = sig & 0xff;
+ secbits = sigalg_security_bits(s->ctx, lu);
+ if (secbits == 0 ||
+ !ssl_security(s, SSL_SECOP_SIGALG_CHECK, secbits,
+ md != NULL ? EVP_MD_type(md) : NID_undef,
+ (void *)sigalgstr)) {
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS12_CHECK_PEER_SIGALG,
+ SSL_R_WRONG_SIGNATURE_TYPE);
+ return 0;
}
/* Store the sigalg the peer uses */
s->s3.tmp.peer_sigalg = lu;
@@ -1726,11 +1752,8 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
}
}
- if (lu->hash == NID_undef)
- return 1;
- /* Security bits: half digest bits */
- secbits = EVP_MD_size(ssl_md(s->ctx, lu->hash_idx)) * 4;
/* Finally see if security callback allows it */
+ secbits = sigalg_security_bits(s->ctx, lu);
sigalgstr[0] = (lu->sigalg >> 8) & 0xff;
sigalgstr[1] = lu->sigalg & 0xff;
return ssl_security(s, op, secbits, lu->hash, (void *)sigalgstr);
diff --git a/test/certs/root-ed448-cert.pem b/test/certs/root-ed448-cert.pem
new file mode 100644
index 0000000000..48e293d69d
--- /dev/null
+++ b/test/certs/root-ed448-cert.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBeDCB+aADAgECAgEBMAUGAytlcTAVMRMwEQYDVQQDDApSb290IEVkNDQ4MCAX
+DTIwMDIwOTEzMjY1NVoYDzIxMjAwMjEwMTMyNjU1WjAVMRMwEQYDVQQDDApSb290
+IEVkNDQ4MEMwBQYDK2VxAzoAbbhuwNA/rdlgdLSyTJ6WaCVNO1gzccKiKW6pCADM
+McMBCNiQqWSt4EIbHpqDc+eWoiKbG6t7tjUAo1MwUTAdBgNVHQ4EFgQUVg2aQ+yh
+VRhOuW1l19jtgxfTgj8wHwYDVR0jBBgwFoAUVg2aQ+yhVRhOuW1l19jtgxfTgj8w
+DwYDVR0TAQH/BAUwAwEB/zAFBgMrZXEDcwCiXlZXyMubWFqLYiLXfKYrurajBMON
+lclLrYr57Syd+nAIlgXiF0rGK2PawoMPXVB3VWWSigEb54AImb6tsW42gC+zC6oq
+nkPC2FTLXPvqqgGXUpK/OfhPUP9bWw6mcJaIozlyzJD4AyebN9LDrBqCMwA=
+-----END CERTIFICATE-----
diff --git a/test/certs/root-ed448-key.pem b/test/certs/root-ed448-key.pem
new file mode 100644
index 0000000000..e0c36ff43a
--- /dev/null
+++ b/test/certs/root-ed448-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MEcCAQAwBQYDK2VxBDsEOQeryQn6L8gItRarrM0pRHxjNdtaIz3BrWU2mwhLZQaq
+8Cm6w5gP6aitAIde7Td3nQ55bIGC5roxFQ==
+-----END PRIVATE KEY-----
diff --git a/test/certs/server-ed448-cert.pem b/test/certs/server-ed448-cert.pem
index 740f275549..ba050077c3 100644
--- a/test/certs/server-ed448-cert.pem
+++ b/test/certs/server-ed448-cert.pem
@@ -1,14 +1,11 @@
-----BEGIN CERTIFICATE-----
-MIICHTCCAQWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
-IENBMCAXDTE4MDIyNzE1MDcxM1oYDzIxMTgwMjI4MTUwNzEzWjAQMQ4wDAYDVQQD
-DAVFZDQ0ODBDMAUGAytlcQM6ABBicYlhG1s3AoG5BFmY3r50lJzjQoER4zwuieEe
-QTvKxLEV06vGh79UWO6yQ5FxqmxvM1F/Xw7RAKNfMF0wHQYDVR0OBBYEFAwa1L4m
-3pwA8+IEJ7K/4izrjJIHMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJ
-MAkGA1UdEwQCMAAwEAYDVR0RBAkwB4IFRWQ0NDgwDQYJKoZIhvcNAQELBQADggEB
-AAugH2aE6VvArnOVjKBtalqtHlx+NCC3+S65sdWc9A9sNgI1ZiN7dn76TKn5d0T7
-NqV8nY1rwQg6WPGrCD6Eh63qhotytqYIxltppb4MOUJcz/Zf0ZwhB5bUfwNB//Ih
-5aZT86FpXVuyMnwUTWPcISJqpZiBv95yzZFMpniHFvecvV445ly4TFW5y6VURh40
-Tg4tMgjPTE7ADw+dX4FvnTWY3blxT1GzGxGvqWW4HgP8dOETnjmAwCzN0nUVmH9s
-7ybHORcSljcpe0XH6L/K7mbI+r8mVLsAoIzUeDwUdKKJZ2uGEtdhQDmJBp4EjOXE
-3qIn3wEQQ6ax4NIwkZihdLI=
+MIIBlTCCARWgAwIBAgIBAjAFBgMrZXEwFTETMBEGA1UEAwwKUm9vdCBFZDQ0ODAg
+Fw0yMDAyMDkxMzMwMjJaGA8yMTIwMDIxMDEzMzAyMlowEDEOMAwGA1UEAwwFZWQ0
+NDgwQzAFBgMrZXEDOgAQYnGJYRtbNwKBuQRZmN6+dJSc40KBEeM8LonhHkE7ysSx
+FdOrxoe/VFjuskORcapsbzNRf18O0QCjdDByMB0GA1UdDgQWBBQMGtS+Jt6cAPPi
+BCeyv+Is64ySBzAfBgNVHSMEGDAWgBRWDZpD7KFVGE65bWXX2O2DF9OCPzAJBgNV
+HRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBAGA1UdEQQJMAeCBWVkNDQ4MAUG
+AytlcQNzABLGZiaU6JPKa9eQ/VsE4HN9XjSogZBKIEHEWwyxrtGvjWiZ5MOnNJmQ
+7mX+Y2eJzfZ6MGHc63IlgPdIPFPzInnnAugw297kUNoLTg9SsGYeVGLbI3PNjwFL
+mQ3508f1Jobb8qZnf8YFUZrd85aurgoKAA==
-----END CERTIFICATE-----
diff --git a/test/certs/setup.sh b/test/certs/setup.sh
index bd0b663944..d58d0d789b 100755
--- a/test/certs/setup.sh
+++ b/test/certs/setup.sh
@@ -378,3 +378,8 @@ openssl req -new -nodes -subj "/CN=localhost" \
# CT entry
./mkcert.sh genct server.example embeddedSCTs1-key embeddedSCTs1 embeddedSCTs1_issuer-key embeddedSCTs1_issuer ct-server-key
+
+OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed448 ./mkcert.sh genroot "Root Ed448" \
+ root-ed448-key root-ed448-cert
+OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed448 ./mkcert.sh genee ed448 \
+ server-ed448-key server-ed448-cert root-ed448-key root-ed448-cert
diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf
index 93f3a1ff68..757b973e57 100644
--- a/test/ssl-tests/20-cert-select.conf
+++ b/test/ssl-tests/20-cert-select.conf
@@ -216,9 +216,9 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[4-Ed448 CipherString and Signature Algorithm Selection-client]
CipherString = aECDSA
MaxProtocol = TLSv1.2
-RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
SignatureAlgorithms = ed448:ECDSA+SHA256
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[test-4]
@@ -421,7 +421,7 @@ CipherString = aECDSA
Curves = X448
MaxProtocol = TLSv1.2
SignatureAlgorithms = ECDSA+SHA256:ed448
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[test-10]
@@ -1454,7 +1454,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[44-TLS 1.3 Ed448 Signature Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = ed448
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[test-44]
diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in
index 5e9bfede5d..24093548cd 100644
--- a/test/ssl-tests/20-cert-select.conf.in
+++ b/test/ssl-tests/20-cert-select.conf.in
@@ -134,7 +134,8 @@ our @tests = (
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ed448:ECDSA+SHA256",
- "RequestCAFile" => test_pem("root-cert.pem"),
+ "RequestCAFile" => test_pem("root-ed448-cert.pem"),
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
test => {
"ExpectedServerCertType" =>, "Ed448",
@@ -231,6 +232,7 @@ our @tests = (
"CipherString" => "aECDSA",
"MaxProtocol" => "TLSv1.2",
"SignatureAlgorithms" => "ECDSA+SHA256:ed448",
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
# Excluding P-256 from the supported curves list means server
# certificate should be Ed25519 and not P-256
"Curves" => "X448"
@@ -727,6 +729,7 @@ my @tests_tls_1_3 = (
server => $server_tls_1_3,
client => {
"SignatureAlgorithms" => "ed448",
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem"),
},
test => {
"ExpectedServerCertType" => "Ed448",
diff --git a/test/ssl-tests/28-seclevel.conf b/test/ssl-tests/28-seclevel.conf
index f863f68b08..99fa8109c3 100644
--- a/test/ssl-tests/28-seclevel.conf
+++ b/test/ssl-tests/28-seclevel.conf
@@ -1,11 +1,13 @@
# Generated with generate_ssl_tests.pl
-num_tests = 4
+num_tests = 6
test-0 = 0-SECLEVEL 3 with default key
-test-1 = 1-SECLEVEL 3 with ED448 key
-test-2 = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE
-test-3 = 3-SECLEVEL 3 with ED448 key, TLSv1.2
+test-1 = 1-SECLEVEL 4 with ED448 key
+test-2 = 2-SECLEVEL 5 server with ED448 key
+test-3 = 3-SECLEVEL 5 client with ED448 key
+test-4 = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE
+test-5 = 5-SECLEVEL 3 with ED448 key, TLSv1.2
# ===========================================================
[0-SECLEVEL 3 with default key]
@@ -31,21 +33,21 @@ ExpectedResult = ServerFail
# ===========================================================
-[1-SECLEVEL 3 with ED448 key]
-ssl_conf = 1-SECLEVEL 3 with ED448 key-ssl
+[1-SECLEVEL 4 with ED448 key]
+ssl_conf = 1-SECLEVEL 4 with ED448 key-ssl
-[1-SECLEVEL 3 with ED448 key-ssl]
-server = 1-SECLEVEL 3 with ED448 key-server
-client = 1-SECLEVEL 3 with ED448 key-client
+[1-SECLEVEL 4 with ED448 key-ssl]
+server = 1-SECLEVEL 4 with ED448 key-server
+client = 1-SECLEVEL 4 with ED448 key-client
-[1-SECLEVEL 3 with ED448 key-server]
+[1-SECLEVEL 4 with ED448 key-server]
Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
-CipherString = DEFAULT:@SECLEVEL=3
+CipherString = DEFAULT:@SECLEVEL=4
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
-[1-SECLEVEL 3 with ED448 key-client]
-CipherString = DEFAULT
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+[1-SECLEVEL 4 with ED448 key-client]
+CipherString = DEFAULT:@SECLEVEL=4
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
[test-1]
@@ -54,49 +56,95 @@ ExpectedResult = Success
# ===========================================================
-[2-SECLEVEL 3 with P-384 key, X25519 ECDHE]
-ssl_conf = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl
+[2-SECLEVEL 5 server with ED448 key]
+ssl_conf = 2-SECLEVEL 5 server with ED448 key-ssl
+
+[2-SECLEVEL 5 server with ED448 key-ssl]
+server = 2-SECLEVEL 5 server with ED448 key-server
+client = 2-SECLEVEL 5 server with ED448 key-client
+
+[2-SECLEVEL 5 server with ED448 key-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
+CipherString = DEFAULT:@SECLEVEL=5
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
+
+[2-SECLEVEL 5 server with ED448 key-client]
+CipherString = DEFAULT:@SECLEVEL=4
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
+VerifyMode = Peer
+
+[test-2]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[3-SECLEVEL 5 client with ED448 key]
+ssl_conf = 3-SECLEVEL 5 client with ED448 key-ssl
-[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl]
-server = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-server
-client = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-client
+[3-SECLEVEL 5 client with ED448 key-ssl]
+server = 3-SECLEVEL 5 client with ED448 key-server
+client = 3-SECLEVEL 5 client with ED448 key-client
-[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-server]
+[3-SECLEVEL 5 client with ED448 key-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
+CipherString = DEFAULT:@SECLEVEL=4
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
+
+[3-SECLEVEL 5 client with ED448 key-client]
+CipherString = DEFAULT:@SECLEVEL=5
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
+VerifyMode = Peer
+
+[test-3]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[4-SECLEVEL 3 with P-384 key, X25519 ECDHE]
+ssl_conf = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl
+
+[4-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl]
+server = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-server
+client = 4-SECLEVEL 3 with P-384 key, X25519 ECDHE-client
+
+[4-SECLEVEL 3 with P-384 key, X25519 ECDHE-server]
Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
CipherString = DEFAULT:@SECLEVEL=3
Groups = X25519
PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
-[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-client]
+[4-SECLEVEL 3 with P-384 key, X25519 ECDHE-client]
CipherString = ECDHE:@SECLEVEL=3
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
VerifyMode = Peer
-[test-2]
+[test-4]
ExpectedResult = Success
# ===========================================================
-[3-SECLEVEL 3 with ED448 key, TLSv1.2]
-ssl_conf = 3-SECLEVEL 3 with ED448 key, TLSv1.2-ssl
+[5-SECLEVEL 3 with ED448 key, TLSv1.2]
+ssl_conf = 5-SECLEVEL 3 with ED448 key, TLSv1.2-ssl
-[3-SECLEVEL 3 with ED448 key, TLSv1.2-ssl]
-server = 3-SECLEVEL 3 with ED448 key, TLSv1.2-server
-client = 3-SECLEVEL 3 with ED448 key, TLSv1.2-client
+[5-SECLEVEL 3 with ED448 key, TLSv1.2-ssl]
+server = 5-SECLEVEL 3 with ED448 key, TLSv1.2-server
+client = 5-SECLEVEL 3 with ED448 key, TLSv1.2-client
-[3-SECLEVEL 3 with ED448 key, TLSv1.2-server]
+[5-SECLEVEL 3 with ED448 key, TLSv1.2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
CipherString = DEFAULT:@SECLEVEL=3
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
-[3-SECLEVEL 3 with ED448 key, TLSv1.2-client]
+[5-SECLEVEL 3 with ED448 key, TLSv1.2-client]
CipherString = DEFAULT
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
VerifyMode = Peer
-[test-3]
+[test-5]
ExpectedResult = Success
diff --git a/test/ssl-tests/28-seclevel.conf.in b/test/ssl-tests/28-seclevel.conf.in
index 9d400a45ed..aba5007947 100644
--- a/test/ssl-tests/28-seclevel.conf.in
+++ b/test/ssl-tests/28-seclevel.conf.in
@@ -23,13 +23,38 @@ our @tests = (
our @tests_ec = (
{
- name => "SECLEVEL 3 with ED448 key",
- server => { "CipherString" => "DEFAULT:\@SECLEVEL=3",
+ name => "SECLEVEL 4 with ED448 key",
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=4",
"Certificate" => test_pem("server-ed448-cert.pem"),
"PrivateKey" => test_pem("server-ed448-key.pem") },
- client => { },
+ client => { "CipherString" => "DEFAULT:\@SECLEVEL=4",
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem") },
test => { "ExpectedResult" => "Success" },
},
+ {
+ # The Ed488 signature algorithm will not be enabled.
+ # Because of the config order, the certificate is first loaded, and
+ # then the security level is chaged. If you try this with s_server
+ # the order will be reversed and it will instead fail to load the key.
+ name => "SECLEVEL 5 server with ED448 key",
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=5",
+ "Certificate" => test_pem("server-ed448-cert.pem"),
+ "PrivateKey" => test_pem("server-ed448-key.pem") },
+ client => { "CipherString" => "DEFAULT:\@SECLEVEL=4",
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem") },
+ test => { "ExpectedResult" => "ServerFail" },
+ },
+ {
+ # The client will not sent the Ed488 signature algorithm, so the server
+ # doesn't have a useable signature algorithm for the certificate.
+ name => "SECLEVEL 5 client with ED448 key",
+ server => { "CipherString" => "DEFAULT:\@SECLEVEL=4",
+ "Certificate" => test_pem("server-ed448-cert.pem"),
+ "PrivateKey" => test_pem("server-ed448-key.pem") },
+ client => { "CipherString" => "DEFAULT:\@SECLEVEL=5",
+ "VerifyCAFile" => test_pem("root-ed448-cert.pem") },
+ test => { "ExpectedResult" => "ServerFail" },
+ },
{
name => "SECLEVEL 3 with P-384 key, X25519 ECDHE",
server => { "CipherString" => "DEFAULT:\@SECLEVEL=3",
@@ -49,7 +74,7 @@ our @tests_tls1_2 = (
"Certificate" => test_pem("server-ed448-cert.pem"),
"PrivateKey" => test_pem("server-ed448-key.pem"),
"MaxProtocol" => "TLSv1.2" },
- client => { },
+ client => { "VerifyCAFile" => test_pem("root-ed448-cert.pem") },
test => { "ExpectedResult" => "Success" },
},
);
More information about the openssl-commits
mailing list