[openssl] master update

Dr. Paul Dale pauli at openssl.org
Wed Mar 3 00:06:37 UTC 2021


The branch master has been updated
       via  81f9af3460dca0fe37d3a240cb385efbf0f0d362 (commit)
       via  77b03f0e8fd97a57f84294d085e7730de5b4da4c (commit)
       via  f5c629a00aaf47fc1a90b435504662205ec0ee64 (commit)
       via  fffb67343e6e5bdfce34f2b3e0add058c1be420a (commit)
       via  8d05a65256294f70a3bc34b7d13cc38e41a17402 (commit)
       via  f378755d62e1646b36683de37408dd98549bef69 (commit)
       via  5e2f580d4ae51e60892adcdde6c5c25d83fe88e9 (commit)
       via  21b7dfa8adb67eb2abcffff529a8bda6dd92b9d9 (commit)
       via  b3c155b83c984116ef1828664bbe77c66f53df6b (commit)
      from  d36a5dd05ec58dec8a6175a25958f008166c421b (commit)


- Log -----------------------------------------------------------------
commit 81f9af3460dca0fe37d3a240cb385efbf0f0d362
Author: Tomas Mraz <tomas at openssl.org>
Date:   Mon Mar 1 16:14:30 2021 +0100

    Remove todos in decode_der2key.c and decode_ms2key.c
    
    Those TODOs do not really apply to 3.0 as the legacy internal
    keys will stay.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit 77b03f0e8fd97a57f84294d085e7730de5b4da4c
Author: Tomas Mraz <tomas at openssl.org>
Date:   Mon Mar 1 16:07:15 2021 +0100

    Improve error reporting in key exchange provider implementations
    
    Added some error reporting in dh_exch.c and unified error reporting
    with it in other key exchange methods.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit f5c629a00aaf47fc1a90b435504662205ec0ee64
Author: Tomas Mraz <tomas at openssl.org>
Date:   Mon Mar 1 15:52:34 2021 +0100

    Remove unused MAX_TLS_MAC_SIZE define
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit fffb67343e6e5bdfce34f2b3e0add058c1be420a
Author: Tomas Mraz <tomas at openssl.org>
Date:   Mon Mar 1 15:49:50 2021 +0100

    Remove todos in providers/implementations/include/prov
    
    Those TODOs are not relevant anymore as the headers
    are now in providers.
    
    Also make the header guard defines better reflect the
    header placement.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit 8d05a65256294f70a3bc34b7d13cc38e41a17402
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Feb 26 18:28:48 2021 +0100

    Resolve TODOs in signature implementations.
    
    The DER writing errors can be ignored safely.
    
    Document that the EVP_MAX_MD_SIZE is a hardcoded limit
    for digest sizes.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit f378755d62e1646b36683de37408dd98549bef69
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Feb 26 15:31:23 2021 +0100

    statem_lib.c: Remove TODOs that are unnecessary
    
    If the EVP_MD_CTX_ctrl is deprecated the code will
    generate deprecation warnings. So there is no point in marking
    all EVP_MD_CTX_ctrl() calls with TODOs.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit 5e2f580d4ae51e60892adcdde6c5c25d83fe88e9
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Feb 26 14:42:57 2021 +0100

    test_ssl_new: X448, X25519, and EdDSA are supported with fips
    
    Removed the related TODOs.
    
    Also adjusted the DH parameters used for the DH test to be acceptable
    for FIPS as that now allows only known safe prime parameters.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit 21b7dfa8adb67eb2abcffff529a8bda6dd92b9d9
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Feb 26 13:10:00 2021 +0100

    evp_extra_test2: Remove TODO 3.0
    
    The TODO marks optional cleanup that can be done any time in future.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

commit b3c155b83c984116ef1828664bbe77c66f53df6b
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Feb 26 13:05:39 2021 +0100

    evp_extra_test: Remove TODO comment as setting the curve is mandatory
    
    Even with the SM2 algorithm the curve is needed for the paramgen.
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14367)

-----------------------------------------------------------------------

Summary of changes:
 doc/man7/provider-digest.pod                       |   6 +
 .../implementations/encode_decode/decode_der2key.c |   2 +-
 .../implementations/encode_decode/decode_ms2key.c  |   2 +-
 providers/implementations/exchange/dh_exch.c       |  14 +-
 providers/implementations/exchange/ecdh_exch.c     |   7 +-
 providers/implementations/exchange/ecx_exch.c      |   4 +-
 providers/implementations/include/prov/blake2.h    |   7 +-
 .../implementations/include/prov/ciphercommon.h    |   3 -
 providers/implementations/include/prov/md5_sha1.h  |   7 +-
 providers/implementations/signature/dsa.c          |   6 +-
 providers/implementations/signature/eddsa.c        |   2 +-
 providers/implementations/signature/sm2sig.c       |   2 +-
 ssl/statem/statem_lib.c                            |   8 -
 test/certs/dhp2048.pem                             |  12 +-
 test/evp_extra_test.c                              |   1 -
 test/evp_extra_test2.c                             |   2 +-
 test/ssl-tests/20-cert-select.cnf                  | 238 ++++++++++-----------
 test/ssl-tests/20-cert-select.cnf.in               | 129 +++++------
 test/ssl-tests/28-seclevel.cnf.in                  |   5 +-
 19 files changed, 222 insertions(+), 235 deletions(-)

diff --git a/doc/man7/provider-digest.pod b/doc/man7/provider-digest.pod
index 4f90cf8b62..a0327a85df 100644
--- a/doc/man7/provider-digest.pod
+++ b/doc/man7/provider-digest.pod
@@ -249,6 +249,12 @@ OSSL_FUNC_digest_size() should return the digest size.
 OSSL_FUNC_digest_block_size() should return the block size of the underlying digest
 algorithm.
 
+=head1 BUGS
+
+The EVP_Digest() and EVP_DigestFinal_ex() libcrypto API calls do not
+expect the digest size to be larger than EVP_MAX_MD_SIZE. Any algorithm which
+produces larger digests is unusable with those API calls.
+
 =head1 SEE ALSO
 
 L<provider(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>,
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index fed30bf952..09601fc335 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -339,7 +339,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
              * Tear out the low-level key pointer from the pkey,
              * but only if it matches the expected key type.
              *
-             * TODO: The check should be done with EVP_PKEY_is_a(), but
+             * The check should be done with EVP_PKEY_is_a(), but
              * as long as we still have #legacy internal keys, it's safer
              * to use the type numbers inside the provider.
              */
diff --git a/providers/implementations/encode_decode/decode_ms2key.c b/providers/implementations/encode_decode/decode_ms2key.c
index 339b347fa0..e1741f4e53 100644
--- a/providers/implementations/encode_decode/decode_ms2key.c
+++ b/providers/implementations/encode_decode/decode_ms2key.c
@@ -148,7 +148,7 @@ static int ms2key_post(struct ms2key_ctx_st *ctx, EVP_PKEY *pkey,
          * Tear out the low-level key pointer from the pkey,
          * but only if it matches the expected key type.
          *
-         * TODO(3.0): The check should be done with EVP_PKEY_is_a(), but
+         * The check should be done with EVP_PKEY_is_a(), but
          * as long as we still have #legacy internal keys, it's safer to
          * use the type numbers in side the provider.
          */
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index 2638675da5..7f0fa3295e 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -19,6 +19,7 @@
 #include <openssl/core_names.h>
 #include <openssl/dh.h>
 #include <openssl/err.h>
+#include <openssl/proverr.h>
 #include <openssl/params.h>
 #include "prov/providercommon.h"
 #include "prov/implementations.h"
@@ -130,17 +131,20 @@ static int dh_plain_derive(void *vpdhctx,
     size_t dhsize;
     const BIGNUM *pub_key = NULL;
 
-    /* TODO(3.0): Add errors to stack */
-    if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL)
+    if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
         return 0;
+    }
 
     dhsize = (size_t)DH_size(pdhctx->dh);
     if (secret == NULL) {
         *secretlen = dhsize;
         return 1;
     }
-    if (outlen < dhsize)
+    if (outlen < dhsize) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
         return 0;
+    }
 
     DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
     if (pdhctx->pad)
@@ -167,8 +171,10 @@ static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret,
         return 1;
     }
 
-    if (pdhctx->kdf_outlen > outlen)
+    if (pdhctx->kdf_outlen > outlen) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
         return 0;
+    }
     if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0))
         return 0;
     if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index 6c24643255..a1b984769e 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -21,6 +21,7 @@
 #include <openssl/ec.h>
 #include <openssl/params.h>
 #include <openssl/err.h>
+#include <openssl/proverr.h>
 #include "prov/provider_ctx.h"
 #include "prov/providercommon.h"
 #include "prov/implementations.h"
@@ -408,7 +409,7 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret,
     int key_cofactor_mode;
 
     if (pecdhctx->k == NULL || pecdhctx->peerk == NULL) {
-        ERR_raise(ERR_LIB_PROV, EC_R_KEYS_NOT_SET);
+        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
         return 0;
     }
 
@@ -486,8 +487,10 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret,
         return 1;
     }
 
-    if (pecdhctx->kdf_outlen > outlen)
+    if (pecdhctx->kdf_outlen > outlen) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
         return 0;
+    }
     if (!ecdh_plain_derive(vpecdhctx, NULL, &stmplen, 0))
         return 0;
     if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c
index 6d4471be3c..17861c0d75 100644
--- a/providers/implementations/exchange/ecx_exch.c
+++ b/providers/implementations/exchange/ecx_exch.c
@@ -123,7 +123,7 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen,
     if (ecxctx->key == NULL
             || ecxctx->key->privkey == NULL
             || ecxctx->peerkey == NULL) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY);
+        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
         return 0;
     }
 
@@ -138,7 +138,7 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen,
         return 1;
     }
     if (outlen < ecxctx->keylen) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
         return 0;
     }
 
diff --git a/providers/implementations/include/prov/blake2.h b/providers/implementations/include/prov/blake2.h
index 33b82490ef..305f7a3c53 100644
--- a/providers/implementations/include/prov/blake2.h
+++ b/providers/implementations/include/prov/blake2.h
@@ -7,9 +7,8 @@
  * https://www.openssl.org/source/license.html
  */
 
-/* TODO(3.0) Move this header into provider when dependencies are removed */
-#ifndef OSSL_PROVIDERS_DEFAULT_INCLUDE_INTERNAL_BLAKE2_H
-# define OSSL_PROVIDERS_DEFAULT_INCLUDE_INTERNAL_BLAKE2_H
+#ifndef OSSL_PROV_BLAKE2_H
+# define OSSL_PROV_BLAKE2_H
 
 # include <openssl/opensslconf.h>
 
@@ -118,4 +117,4 @@ void ossl_blake2s_param_set_personal(BLAKE2S_PARAM *P, const uint8_t *personal,
 void ossl_blake2s_param_set_salt(BLAKE2S_PARAM *P, const uint8_t *salt,
                                  size_t length);
 
-#endif /* OSSL_PROVIDERS_DEFAULT_INCLUDE_INTERNAL_BLAKE2_H */
+#endif /* OSSL_PROV_BLAKE2_H */
diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h
index d5212c3c81..7ccc9c7047 100644
--- a/providers/implementations/include/prov/ciphercommon.h
+++ b/providers/implementations/include/prov/ciphercommon.h
@@ -31,9 +31,6 @@ typedef struct prov_cipher_ctx_st PROV_CIPHER_CTX;
 typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out,
                                 const unsigned char *in, size_t len);
 
-/* TODO(3.0): VERIFY ME */
-#define MAX_TLS_MAC_SIZE    48
-
 /* Internal flags that can be queried */
 #define PROV_CIPHER_FLAG_AEAD             0x0001
 #define PROV_CIPHER_FLAG_CUSTOM_IV        0x0002
diff --git a/providers/implementations/include/prov/md5_sha1.h b/providers/implementations/include/prov/md5_sha1.h
index 33bfa29b51..284ec957ba 100644
--- a/providers/implementations/include/prov/md5_sha1.h
+++ b/providers/implementations/include/prov/md5_sha1.h
@@ -7,9 +7,8 @@
  * https://www.openssl.org/source/license.html
  */
 
-/* TODO(3.0) Move this header into provider when dependencies are removed */
-#ifndef OSSL_INTERNAL_MD5_SHA1_H
-# define OSSL_INTERNAL_MD5_SHA1_H
+#ifndef OSSL_PROV_MD5_SHA1_H
+# define OSSL_PROV_MD5_SHA1_H
 
 # include <openssl/opensslconf.h>
 
@@ -34,4 +33,4 @@ int ossl_md5_sha1_ctrl(MD5_SHA1_CTX *mctx, int cmd, int mslen, void *ms);
 
 # endif /* OPENSSL_NO_MD5 */
 
-#endif /* OSSL_INTERNAL_MD5_SHA1_H */
+#endif /* OSSL_PROV_MD5_SHA1_H */
diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c
index 81e435c419..eadf62361a 100644
--- a/providers/implementations/signature/dsa.c
+++ b/providers/implementations/signature/dsa.c
@@ -148,7 +148,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
         EVP_MD_free(ctx->md);
 
         /*
-         * TODO(3.0) Should we care about DER writing errors?
+         * We do not care about DER writing errors.
          * All it really means is that for some reason, there's no
          * AlgorithmIdentifier to be had, but the operation itself is
          * still valid, just as long as it's not used to construct
@@ -313,7 +313,7 @@ int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen,
      */
     if (sig != NULL) {
         /*
-         * TODO(3.0): There is the possibility that some externally provided
+         * There is the possibility that some externally provided
          * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow -
          * but that problem is much larger than just in DSA.
          */
@@ -338,7 +338,7 @@ int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig,
         return 0;
 
     /*
-     * TODO(3.0): There is the possibility that some externally provided
+     * There is the possibility that some externally provided
      * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow -
      * but that problem is much larger than just in DSA.
      */
diff --git a/providers/implementations/signature/eddsa.c b/providers/implementations/signature/eddsa.c
index 71b57d70ea..93b98dbbbc 100644
--- a/providers/implementations/signature/eddsa.c
+++ b/providers/implementations/signature/eddsa.c
@@ -105,7 +105,7 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname,
     }
 
     /*
-     * TODO(3.0) Should we care about DER writing errors?
+     * We do not care about DER writing errors.
      * All it really means is that for some reason, there's no
      * AlgorithmIdentifier to be had, but the operation itself is
      * still valid, just as long as it's not used to construct
diff --git a/providers/implementations/signature/sm2sig.c b/providers/implementations/signature/sm2sig.c
index d12c7191fb..18fdf62487 100644
--- a/providers/implementations/signature/sm2sig.c
+++ b/providers/implementations/signature/sm2sig.c
@@ -192,7 +192,7 @@ static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname,
         goto error;
 
     /*
-     * TODO(3.0) Should we care about DER writing errors?
+     * We do not care about DER writing errors.
      * All it really means is that for some reason, there's no
      * AlgorithmIdentifier to be had, but the operation itself is
      * still valid, just as long as it's not used to construct
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index ba1fe75070..a7ed843aa4 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -329,10 +329,6 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
          * in order to add the EVP_CTRL_SSL3_MASTER_SECRET call between them.
          */
         if (EVP_DigestSignUpdate(mctx, hdata, hdatalen) <= 0
-            /*
-             * TODO(3.0) Replace this when EVP_MD_CTX_ctrl() is deprecated
-             * with a call to ssl3_digest_master_key_set_params()
-             */
             || EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
                                (int)s->session->master_key_length,
                                s->session->master_key) <= 0
@@ -520,10 +516,6 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
         }
     }
     if (s->version == SSL3_VERSION) {
-        /*
-         * TODO(3.0) Replace this when EVP_MD_CTX_ctrl() is deprecated
-         * with a call to ssl3_digest_master_key_set_params()
-         */
         if (EVP_DigestVerifyUpdate(mctx, hdata, hdatalen) <= 0
                 || EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
                                    (int)s->session->master_key_length,
diff --git a/test/certs/dhp2048.pem b/test/certs/dhp2048.pem
index 9ee474b820..5e32efe779 100644
--- a/test/certs/dhp2048.pem
+++ b/test/certs/dhp2048.pem
@@ -1,8 +1,8 @@
 -----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEAoI0V5HKAcsG4LlAnVJhYnnl2ErOcdvz7WN4n+LoSkZVkfPcPExAF
-uXnT6v16rYfxCgZDPB/tSYaRhOxpJgaAHGA9PrfwprM4xQm9HLIWtidyIGtkgynQ
-rrtxaCculbPOMxc1od7V0jw8/Sj4pdKjijmdvY3VsvuQPu6Lo7qV94u3pYN+WSP9
-ESPcY0lvIV0s0eYxzU5LOU7FZRv6gpe658yxnpaQf13M3sFBqcQEnw+vIjNyaBBK
-Nm4jVFeKCN3aIz+yJL8y14HEnV/tnhtIrr33MAJvsG1qFBY7iFvbvlx/gKDW7qyk
-V0/iN2uElrJZIGxD2uPMZNXO+dci+EriMwIBAg==
+MIIBDAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb
+IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft
+awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT
+mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh
+fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
+5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAgICB/8=
 -----END DH PARAMETERS-----
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 33a8af717b..62840d0d19 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1319,7 +1319,6 @@ static int test_EVP_SM2(void)
     if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
         goto done;
 
-    /* TODO is this even needed? */
     if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
         goto done;
 
diff --git a/test/evp_extra_test2.c b/test/evp_extra_test2.c
index bb8e897536..e61f50baad 100644
--- a/test/evp_extra_test2.c
+++ b/test/evp_extra_test2.c
@@ -8,7 +8,7 @@
  */
 
 /*
- * TODO(3.0): Really these tests should be in evp_extra_test - but that doesn't
+ * Really these tests should be in evp_extra_test - but that doesn't
  * yet support testing with a non-default libctx. Once it does we should move
  * everything into one file. Consequently some things are duplicated between
  * the two files.
diff --git a/test/ssl-tests/20-cert-select.cnf b/test/ssl-tests/20-cert-select.cnf
index b0e3b79013..267690ee35 100644
--- a/test/ssl-tests/20-cert-select.cnf
+++ b/test/ssl-tests/20-cert-select.cnf
@@ -17,14 +17,14 @@ test-11 = 11-RSA-PSS Signature Algorithm Selection
 test-12 = 12-RSA key exchange with all RSA certificate types
 test-13 = 13-Suite B P-256 Hash Algorithm Selection
 test-14 = 14-Suite B P-384 Hash Algorithm Selection
-test-15 = 15-ECDSA Signature Algorithm Selection SHA1
-test-16 = 16-Ed25519 CipherString and Signature Algorithm Selection
-test-17 = 17-Ed448 CipherString and Signature Algorithm Selection
-test-18 = 18-ECDSA with brainpool
-test-19 = 19-Ed25519 CipherString and Curves Selection
-test-20 = 20-Ed448 CipherString and Curves Selection
-test-21 = 21-TLS 1.2 Ed25519 Client Auth
-test-22 = 22-TLS 1.2 Ed448 Client Auth
+test-15 = 15-Ed25519 CipherString and Signature Algorithm Selection
+test-16 = 16-Ed448 CipherString and Signature Algorithm Selection
+test-17 = 17-Ed25519 CipherString and Curves Selection
+test-18 = 18-Ed448 CipherString and Curves Selection
+test-19 = 19-TLS 1.2 Ed25519 Client Auth
+test-20 = 20-TLS 1.2 Ed448 Client Auth
+test-21 = 21-ECDSA Signature Algorithm Selection SHA1
+test-22 = 22-ECDSA with brainpool
 test-23 = 23-RSA-PSS Certificate CipherString Selection
 test-24 = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection
 test-25 = 25-RSA-PSS Certificate Unified Signature Algorithm Selection
@@ -529,48 +529,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[15-ECDSA Signature Algorithm Selection SHA1]
-ssl_conf = 15-ECDSA Signature Algorithm Selection SHA1-ssl
+[15-Ed25519 CipherString and Signature Algorithm Selection]
+ssl_conf = 15-Ed25519 CipherString and Signature Algorithm Selection-ssl
 
-[15-ECDSA Signature Algorithm Selection SHA1-ssl]
-server = 15-ECDSA Signature Algorithm Selection SHA1-server
-client = 15-ECDSA Signature Algorithm Selection SHA1-client
+[15-Ed25519 CipherString and Signature Algorithm Selection-ssl]
+server = 15-Ed25519 CipherString and Signature Algorithm Selection-server
+client = 15-Ed25519 CipherString and Signature Algorithm Selection-client
 
-[15-ECDSA Signature Algorithm Selection SHA1-server]
-Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
-CipherString = DEFAULT:@SECLEVEL=0
-ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
-ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
-Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
-Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
-Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
-Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
-MaxProtocol = TLSv1.2
-PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-
-[15-ECDSA Signature Algorithm Selection SHA1-client]
-CipherString = DEFAULT:@SECLEVEL=0
-SignatureAlgorithms = ECDSA+SHA1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
-
-[test-15]
-ExpectedResult = Success
-ExpectedServerCertType = P-256
-ExpectedServerSignHash = SHA1
-ExpectedServerSignType = EC
-
-
-# ===========================================================
-
-[16-Ed25519 CipherString and Signature Algorithm Selection]
-ssl_conf = 16-Ed25519 CipherString and Signature Algorithm Selection-ssl
-
-[16-Ed25519 CipherString and Signature Algorithm Selection-ssl]
-server = 16-Ed25519 CipherString and Signature Algorithm Selection-server
-client = 16-Ed25519 CipherString and Signature Algorithm Selection-client
-
-[16-Ed25519 CipherString and Signature Algorithm Selection-server]
+[15-Ed25519 CipherString and Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -582,7 +548,7 @@ Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[16-Ed25519 CipherString and Signature Algorithm Selection-client]
+[15-Ed25519 CipherString and Signature Algorithm Selection-client]
 CipherString = aECDSA
 MaxProtocol = TLSv1.2
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
@@ -590,7 +556,7 @@ SignatureAlgorithms = ed25519:ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-16]
+[test-15]
 ExpectedResult = Success
 ExpectedServerCANames = empty
 ExpectedServerCertType = Ed25519
@@ -599,14 +565,14 @@ ExpectedServerSignType = Ed25519
 
 # ===========================================================
 
-[17-Ed448 CipherString and Signature Algorithm Selection]
-ssl_conf = 17-Ed448 CipherString and Signature Algorithm Selection-ssl
+[16-Ed448 CipherString and Signature Algorithm Selection]
+ssl_conf = 16-Ed448 CipherString and Signature Algorithm Selection-ssl
 
-[17-Ed448 CipherString and Signature Algorithm Selection-ssl]
-server = 17-Ed448 CipherString and Signature Algorithm Selection-server
-client = 17-Ed448 CipherString and Signature Algorithm Selection-client
+[16-Ed448 CipherString and Signature Algorithm Selection-ssl]
+server = 16-Ed448 CipherString and Signature Algorithm Selection-server
+client = 16-Ed448 CipherString and Signature Algorithm Selection-client
 
-[17-Ed448 CipherString and Signature Algorithm Selection-server]
+[16-Ed448 CipherString and Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -618,7 +584,7 @@ Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[17-Ed448 CipherString and Signature Algorithm Selection-client]
+[16-Ed448 CipherString and Signature Algorithm Selection-client]
 CipherString = aECDSA
 MaxProtocol = TLSv1.2
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
@@ -626,7 +592,7 @@ SignatureAlgorithms = ed448:ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
 VerifyMode = Peer
 
-[test-17]
+[test-16]
 ExpectedResult = Success
 ExpectedServerCANames = empty
 ExpectedServerCertType = Ed448
@@ -635,43 +601,14 @@ ExpectedServerSignType = Ed448
 
 # ===========================================================
 
-[18-ECDSA with brainpool]
-ssl_conf = 18-ECDSA with brainpool-ssl
-
-[18-ECDSA with brainpool-ssl]
-server = 18-ECDSA with brainpool-server
-client = 18-ECDSA with brainpool-client
-
-[18-ECDSA with brainpool-server]
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
-CipherString = DEFAULT
-Groups = brainpoolP256r1
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
+[17-Ed25519 CipherString and Curves Selection]
+ssl_conf = 17-Ed25519 CipherString and Curves Selection-ssl
 
-[18-ECDSA with brainpool-client]
-CipherString = aECDSA
-Groups = brainpoolP256r1
-RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+[17-Ed25519 CipherString and Curves Selection-ssl]
+server = 17-Ed25519 CipherString and Curves Selection-server
+client = 17-Ed25519 CipherString and Curves Selection-client
 
-[test-18]
-ExpectedResult = Success
-ExpectedServerCANames = empty
-ExpectedServerCertType = brainpoolP256r1
-ExpectedServerSignType = EC
-
-
-# ===========================================================
-
-[19-Ed25519 CipherString and Curves Selection]
-ssl_conf = 19-Ed25519 CipherString and Curves Selection-ssl
-
-[19-Ed25519 CipherString and Curves Selection-ssl]
-server = 19-Ed25519 CipherString and Curves Selection-server
-client = 19-Ed25519 CipherString and Curves Selection-client
-
-[19-Ed25519 CipherString and Curves Selection-server]
+[17-Ed25519 CipherString and Curves Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -683,7 +620,7 @@ Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[19-Ed25519 CipherString and Curves Selection-client]
+[17-Ed25519 CipherString and Curves Selection-client]
 CipherString = aECDSA
 Curves = X25519
 MaxProtocol = TLSv1.2
@@ -691,7 +628,7 @@ SignatureAlgorithms = ECDSA+SHA256:ed25519
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-19]
+[test-17]
 ExpectedResult = Success
 ExpectedServerCertType = Ed25519
 ExpectedServerSignType = Ed25519
@@ -699,14 +636,14 @@ ExpectedServerSignType = Ed25519
 
 # ===========================================================
 
-[20-Ed448 CipherString and Curves Selection]
-ssl_conf = 20-Ed448 CipherString and Curves Selection-ssl
+[18-Ed448 CipherString and Curves Selection]
+ssl_conf = 18-Ed448 CipherString and Curves Selection-ssl
 
-[20-Ed448 CipherString and Curves Selection-ssl]
-server = 20-Ed448 CipherString and Curves Selection-server
-client = 20-Ed448 CipherString and Curves Selection-client
+[18-Ed448 CipherString and Curves Selection-ssl]
+server = 18-Ed448 CipherString and Curves Selection-server
+client = 18-Ed448 CipherString and Curves Selection-client
 
-[20-Ed448 CipherString and Curves Selection-server]
+[18-Ed448 CipherString and Curves Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -718,7 +655,7 @@ Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[20-Ed448 CipherString and Curves Selection-client]
+[18-Ed448 CipherString and Curves Selection-client]
 CipherString = aECDSA
 Curves = X448
 MaxProtocol = TLSv1.2
@@ -726,7 +663,7 @@ SignatureAlgorithms = ECDSA+SHA256:ed448
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem
 VerifyMode = Peer
 
-[test-20]
+[test-18]
 ExpectedResult = Success
 ExpectedServerCertType = Ed448
 ExpectedServerSignType = Ed448
@@ -734,21 +671,21 @@ ExpectedServerSignType = Ed448
 
 # ===========================================================
 
-[21-TLS 1.2 Ed25519 Client Auth]
-ssl_conf = 21-TLS 1.2 Ed25519 Client Auth-ssl
+[19-TLS 1.2 Ed25519 Client Auth]
+ssl_conf = 19-TLS 1.2 Ed25519 Client Auth-ssl
 
-[21-TLS 1.2 Ed25519 Client Auth-ssl]
-server = 21-TLS 1.2 Ed25519 Client Auth-server
-client = 21-TLS 1.2 Ed25519 Client Auth-client
+[19-TLS 1.2 Ed25519 Client Auth-ssl]
+server = 19-TLS 1.2 Ed25519 Client Auth-server
+client = 19-TLS 1.2 Ed25519 Client Auth-client
 
-[21-TLS 1.2 Ed25519 Client Auth-server]
+[19-TLS 1.2 Ed25519 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[21-TLS 1.2 Ed25519 Client Auth-client]
+[19-TLS 1.2 Ed25519 Client Auth-client]
 CipherString = DEFAULT
 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
@@ -757,7 +694,7 @@ MinProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-21]
+[test-19]
 ExpectedClientCertType = Ed25519
 ExpectedClientSignType = Ed25519
 ExpectedResult = Success
@@ -765,21 +702,21 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[22-TLS 1.2 Ed448 Client Auth]
-ssl_conf = 22-TLS 1.2 Ed448 Client Auth-ssl
+[20-TLS 1.2 Ed448 Client Auth]
+ssl_conf = 20-TLS 1.2 Ed448 Client Auth-ssl
 
-[22-TLS 1.2 Ed448 Client Auth-ssl]
-server = 22-TLS 1.2 Ed448 Client Auth-server
-client = 22-TLS 1.2 Ed448 Client Auth-client
+[20-TLS 1.2 Ed448 Client Auth-ssl]
+server = 20-TLS 1.2 Ed448 Client Auth-server
+client = 20-TLS 1.2 Ed448 Client Auth-client
 
-[22-TLS 1.2 Ed448 Client Auth-server]
+[20-TLS 1.2 Ed448 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[22-TLS 1.2 Ed448 Client Auth-client]
+[20-TLS 1.2 Ed448 Client Auth-client]
 CipherString = DEFAULT
 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
@@ -788,12 +725,75 @@ MinProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-22]
+[test-20]
 ExpectedClientCertType = Ed448
 ExpectedClientSignType = Ed448
 ExpectedResult = Success
 
 
+# ===========================================================
+
+[21-ECDSA Signature Algorithm Selection SHA1]
+ssl_conf = 21-ECDSA Signature Algorithm Selection SHA1-ssl
+
+[21-ECDSA Signature Algorithm Selection SHA1-ssl]
+server = 21-ECDSA Signature Algorithm Selection SHA1-server
+client = 21-ECDSA Signature Algorithm Selection SHA1-client
+
+[21-ECDSA Signature Algorithm Selection SHA1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT:@SECLEVEL=0
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
+Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[21-ECDSA Signature Algorithm Selection SHA1-client]
+CipherString = DEFAULT:@SECLEVEL=0
+SignatureAlgorithms = ECDSA+SHA1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-21]
+ExpectedResult = Success
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA1
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[22-ECDSA with brainpool]
+ssl_conf = 22-ECDSA with brainpool-ssl
+
+[22-ECDSA with brainpool-ssl]
+server = 22-ECDSA with brainpool-server
+client = 22-ECDSA with brainpool-client
+
+[22-ECDSA with brainpool-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
+CipherString = DEFAULT
+Groups = brainpoolP256r1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
+
+[22-ECDSA with brainpool-client]
+CipherString = aECDSA
+Groups = brainpoolP256r1
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-22]
+ExpectedResult = Success
+ExpectedServerCANames = empty
+ExpectedServerCertType = brainpoolP256r1
+ExpectedServerSignType = EC
+
+
 # ===========================================================
 
 [23-RSA-PSS Certificate CipherString Selection]
diff --git a/test/ssl-tests/20-cert-select.cnf.in b/test/ssl-tests/20-cert-select.cnf.in
index ddb9ff4747..1aa3b0aeec 100644
--- a/test/ssl-tests/20-cert-select.cnf.in
+++ b/test/ssl-tests/20-cert-select.cnf.in
@@ -12,26 +12,15 @@ use OpenSSL::Test::Utils;
 our $fips_mode;
 our $no_deflt_libctx;
 
-my $server;
-
-if ($fips_mode) {
-    #TODO(3.0): No EdDSA support in FIPS mode at the moment
-    $server = {
-        "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
-        "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
-        "MaxProtocol" => "TLSv1.2"
-    };
-} else {
-    $server = {
-        "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
-        "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
-        "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
-        "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
-        "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
-        "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
-        "MaxProtocol" => "TLSv1.2"
-    };
-}
+my $server = {
+    "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
+    "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
+    "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
+    "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
+    "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
+    "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
+    "MaxProtocol" => "TLSv1.2"
+};
 
 my $server_pss = {
     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
@@ -304,33 +293,6 @@ our @tests = (
             "ExpectedResult" => "Success"
         },
     },
-);
-
-my @tests_non_fips = (
-    {
-        name => "ECDSA Signature Algorithm Selection SHA1",
-        server => {
-            "CipherString" => "DEFAULT:\@SECLEVEL=0",
-            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
-            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
-            "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
-            "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
-            "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
-            "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
-            "MaxProtocol" => "TLSv1.2"
-        },
-        client => {
-            "CipherString" => "DEFAULT:\@SECLEVEL=0",
-            "SignatureAlgorithms" => "ECDSA+SHA1",
-        },
-        test   => {
-            "ExpectedServerCertType" => "P-256",
-            "ExpectedServerSignHash" => "SHA1",
-            "ExpectedServerSignType" => "EC",
-            "ExpectedResult" => "Success"
-        },
-    },
-    # TODO(3.0) No Ed25519/Ed448 in FIPS mode at the moment
     {
         name => "Ed25519 CipherString and Signature Algorithm Selection",
         server => $server,
@@ -366,28 +328,6 @@ my @tests_non_fips = (
             "ExpectedResult" => "Success"
         },
     },
-    {
-        name => "ECDSA with brainpool",
-        server =>  {
-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
-            "Groups" => "brainpoolP256r1",
-        },
-        client => {
-            #We don't restrict this to TLSv1.2, although use of brainpool
-            #should force this anyway so that this should succeed
-            "CipherString" => "aECDSA",
-            "RequestCAFile" => test_pem("root-cert.pem"),
-            "Groups" => "brainpoolP256r1",
-        },
-        test   => {
-            "ExpectedServerCertType" =>, "brainpoolP256r1",
-            "ExpectedServerSignType" =>, "EC",
-            # Note: certificate_authorities not sent for TLS < 1.3
-            "ExpectedServerCANames" =>, "empty",
-            "ExpectedResult" => "Success"
-        },
-    },
     {
         name => "Ed25519 CipherString and Curves Selection",
         server => $server,
@@ -461,6 +401,54 @@ my @tests_non_fips = (
     },
 );
 
+my @tests_non_fips = (
+    {
+        name => "ECDSA Signature Algorithm Selection SHA1",
+        server => {
+            "CipherString" => "DEFAULT:\@SECLEVEL=0",
+            "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
+            "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
+            "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
+            "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
+            "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
+            "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
+            "MaxProtocol" => "TLSv1.2"
+        },
+        client => {
+            "CipherString" => "DEFAULT:\@SECLEVEL=0",
+            "SignatureAlgorithms" => "ECDSA+SHA1",
+        },
+        test   => {
+            "ExpectedServerCertType" => "P-256",
+            "ExpectedServerSignHash" => "SHA1",
+            "ExpectedServerSignType" => "EC",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "ECDSA with brainpool",
+        server =>  {
+            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
+            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
+            "Groups" => "brainpoolP256r1",
+        },
+        client => {
+            #We don't restrict this to TLSv1.2, although use of brainpool
+            #should force this anyway so that this should succeed
+            "CipherString" => "aECDSA",
+            "RequestCAFile" => test_pem("root-cert.pem"),
+            "Groups" => "brainpoolP256r1",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "brainpoolP256r1",
+            "ExpectedServerSignType" =>, "EC",
+            # Note: certificate_authorities not sent for TLS < 1.3
+            "ExpectedServerCANames" =>, "empty",
+            "ExpectedResult" => "Success"
+        },
+    },
+);
+
 my @tests_pss = (
     {
         name => "RSA-PSS Certificate CipherString Selection",
@@ -980,7 +968,6 @@ my @tests_dsa_tls_1_3 = (
 );
 
 if (!disabled("dsa")) {
-    #TODO(3.0): Temporary workaround for DH issues in FIPS. Needs investigation
-    push @tests, @tests_dsa_tls_1_2 unless disabled("dh") || $fips_mode;
+    push @tests, @tests_dsa_tls_1_2 unless disabled("dh");
     push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3");
 }
diff --git a/test/ssl-tests/28-seclevel.cnf.in b/test/ssl-tests/28-seclevel.cnf.in
index 56c23eba3a..945f4599d1 100644
--- a/test/ssl-tests/28-seclevel.cnf.in
+++ b/test/ssl-tests/28-seclevel.cnf.in
@@ -81,6 +81,5 @@ our @tests_tls1_2 = (
     },
 );
 
-#TODO(3.0): No Ed448 or X25519 in FIPS mode at the moment
-push @tests, @tests_ec unless disabled("ec") || $fips_mode;
-push @tests, @tests_tls1_2 unless disabled("tls1_2") || disabled("ec")|| $fips_mode;
+push @tests, @tests_ec unless disabled("ec");
+push @tests, @tests_tls1_2 unless disabled("tls1_2") || disabled("ec");


More information about the openssl-commits mailing list