[openssl] master update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Fri Nov 26 05:46:49 UTC 2021


The branch master has been updated
       via  0a10825a009c830125fef94c81d34e41300a24a5 (commit)
      from  8e22f9d6d956ad583afe10b986519731c113ac80 (commit)


- Log -----------------------------------------------------------------
commit 0a10825a009c830125fef94c81d34e41300a24a5
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Wed Oct 24 23:10:38 2018 +0200

    Enable brainpool curves for TLS1.3
    
    See the recently assigned brainpool code points at:
    https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/7485)

-----------------------------------------------------------------------

Summary of changes:
 include/internal/tlsgroups.h         |  10 +++
 ssl/s3_lib.c                         |   5 +-
 ssl/ssl_local.h                      |   5 ++
 ssl/statem/extensions.c              |   2 +-
 ssl/statem/extensions_clnt.c         |  20 +++++-
 ssl/statem/extensions_srvr.c         |  15 ++--
 ssl/statem/statem_lib.c              |   6 ++
 ssl/t1_lib.c                         | 129 +++++++++++++++++++++++++----------
 ssl/t1_trce.c                        |   3 +
 test/ssl-tests/20-cert-select.cnf    |   4 +-
 test/ssl-tests/20-cert-select.cnf.in |   4 +-
 11 files changed, 153 insertions(+), 50 deletions(-)

diff --git a/include/internal/tlsgroups.h b/include/internal/tlsgroups.h
index 8a35ced122..73fb53bc5f 100644
--- a/include/internal/tlsgroups.h
+++ b/include/internal/tlsgroups.h
@@ -41,6 +41,16 @@
 # define OSSL_TLS_GROUP_ID_brainpoolP512r1  0x001C
 # define OSSL_TLS_GROUP_ID_x25519           0x001D
 # define OSSL_TLS_GROUP_ID_x448             0x001E
+# define OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13 0x001F
+# define OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13 0x0020
+# define OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13 0x0021
+# define OSSL_TLS_GROUP_ID_gc256A           0x0022
+# define OSSL_TLS_GROUP_ID_gc256B           0x0023
+# define OSSL_TLS_GROUP_ID_gc256C           0x0024
+# define OSSL_TLS_GROUP_ID_gc256D           0x0025
+# define OSSL_TLS_GROUP_ID_gc512A           0x0026
+# define OSSL_TLS_GROUP_ID_gc512B           0x0027
+# define OSSL_TLS_GROUP_ID_gc512C           0x0028
 # define OSSL_TLS_GROUP_ID_ffdhe2048        0x0100
 # define OSSL_TLS_GROUP_ID_ffdhe3072        0x0101
 # define OSSL_TLS_GROUP_ID_ffdhe4096        0x0102
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 88565a7000..1a89bde851 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3607,8 +3607,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                 int *cptr = parg;
 
                 for (i = 0; i < clistlen; i++) {
+                    uint16_t cid = SSL_IS_TLS13(s)
+                                   ? ssl_group_id_tls13_to_internal(clist[i])
+                                   : clist[i];
                     const TLS_GROUP_INFO *cinf
-                        = tls1_group_id_lookup(s->ctx, clist[i]);
+                        = tls1_group_id_lookup(s->ctx, cid);
 
                     if (cinf != NULL)
                         cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 9b88140a28..ddae48b2af 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2169,6 +2169,9 @@ typedef enum downgrade_en {
 
 #define TLSEXT_SIGALG_ed25519                                   0x0807
 #define TLSEXT_SIGALG_ed448                                     0x0808
+#define TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256              0x081a
+#define TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384              0x081b
+#define TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512              0x081c
 
 /* Known PSK key exchange modes */
 #define TLSEXT_KEX_MODE_KE                                      0x00
@@ -2642,6 +2645,8 @@ __owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
 
 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
 
+__owur uint16_t ssl_group_id_internal_to_tls13(uint16_t curve_id);
+__owur uint16_t ssl_group_id_tls13_to_internal(uint16_t curve_id);
 __owur const TLS_GROUP_INFO *tls1_group_id_lookup(SSL_CTX *ctx, uint16_t curve_id);
 __owur int tls1_group_id2nid(uint16_t group_id, int include_unknown);
 __owur uint16_t tls1_nid2group_id(int nid);
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index bc437be26a..0ac8253be3 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1369,7 +1369,7 @@ static int final_key_share(SSL *s, unsigned int context, int sent)
                     group_id = pgroups[i];
 
                     if (check_in_list(s, group_id, clntgroups, clnt_num_groups,
-                                      1))
+                                      2))
                         break;
                 }
 
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index b38c9ca684..d6d4e55ce7 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -224,6 +224,21 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
 
         if (tls_valid_group(s, ctmp, min_version, max_version, 0, &okfortls13)
                 && tls_group_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED)) {
+#ifndef OPENSSL_NO_TLS1_3
+            int ctmp13 = ssl_group_id_internal_to_tls13(ctmp);
+
+            if (ctmp13 != 0 && ctmp13 != ctmp
+                    && max_version == TLS1_3_VERSION) {
+                if (!WPACKET_put_bytes_u16(pkt, ctmp13)) {
+                    SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+                    return EXT_RETURN_FAIL;
+                }
+                tls13added++;
+                added++;
+                if (min_version == TLS1_3_VERSION)
+                    continue;
+            }
+#endif
             if (!WPACKET_put_bytes_u16(pkt, ctmp)) {
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 return EXT_RETURN_FAIL;
@@ -622,7 +637,7 @@ static int add_key_share(SSL *s, WPACKET *pkt, unsigned int curve_id)
     }
 
     /* Create KeyShareEntry */
-    if (!WPACKET_put_bytes_u16(pkt, curve_id)
+    if (!WPACKET_put_bytes_u16(pkt, ssl_group_id_internal_to_tls13(curve_id))
             || !WPACKET_sub_memcpy_u16(pkt, encoded_point, encodedlen)) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         goto err;
@@ -675,6 +690,8 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
         curve_id = s->s3.group_id;
     } else {
         for (i = 0; i < num_groups; i++) {
+            if (ssl_group_id_internal_to_tls13(pgroups[i]) == 0)
+                continue;
 
             if (!tls_group_allowed(s, pgroups[i], SSL_SECOP_CURVE_SUPPORTED))
                 continue;
@@ -1747,6 +1764,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         return 0;
     }
 
+    group_id = ssl_group_id_tls13_to_internal(group_id);
     if ((context & SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) {
         const uint16_t *pgroups = NULL;
         size_t i, num_groups;
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 3afb18c312..fa64435a00 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -635,7 +635,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
          * we requested, and must be the only key_share sent.
          */
         if (s->s3.group_id != 0
-                && (group_id != s->s3.group_id
+                && (ssl_group_id_tls13_to_internal(group_id) != s->s3.group_id
                     || PACKET_remaining(&key_share_list) != 0)) {
             SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
             return 0;
@@ -653,16 +653,18 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             continue;
         }
 
+        s->s3.group_id = group_id;
+        /* Cache the selected group ID in the SSL_SESSION */
+        s->session->kex_group = group_id;
+
+        group_id = ssl_group_id_tls13_to_internal(group_id);
+
         if ((s->s3.peer_tmp = ssl_generate_param_group(s, group_id)) == NULL) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                    SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
             return 0;
         }
 
-        s->s3.group_id = group_id;
-        /* Cache the selected group ID in the SSL_SESSION */
-        s->session->kex_group = group_id;
-
         if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
                 PACKET_data(&encoded_pt),
                 PACKET_remaining(&encoded_pt)) <= 0) {
@@ -1591,7 +1593,8 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
         }
         if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)
                 || !WPACKET_start_sub_packet_u16(pkt)
-                || !WPACKET_put_bytes_u16(pkt, s->s3.group_id)
+                || !WPACKET_put_bytes_u16(pkt, ssl_group_id_internal_to_tls13(
+                                          s->s3.group_id))
                 || !WPACKET_close(pkt)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
             return EXT_RETURN_FAIL;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 79ac9be04b..334e1c7bd4 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -2165,9 +2165,15 @@ int check_in_list(SSL *s, uint16_t group_id, const uint16_t *groups,
     if (groups == NULL || num_groups == 0)
         return 0;
 
+    if (checkallow == 1)
+        group_id = ssl_group_id_tls13_to_internal(group_id);
+
     for (i = 0; i < num_groups; i++) {
         uint16_t group = groups[i];
 
+        if (checkallow == 2)
+            group = ssl_group_id_tls13_to_internal(group);
+
         if (group_id == group
                 && (!checkallow
                     || tls_group_allowed(s, group, SSL_SECOP_CURVE_CHECK))) {
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index fc32bb3556..88912be23c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -171,13 +171,13 @@ static struct {
     {NID_brainpoolP512r1, OSSL_TLS_GROUP_ID_brainpoolP512r1},
     {EVP_PKEY_X25519, OSSL_TLS_GROUP_ID_x25519},
     {EVP_PKEY_X448, OSSL_TLS_GROUP_ID_x448},
-    {NID_id_tc26_gost_3410_2012_256_paramSetA, 0x0022},
-    {NID_id_tc26_gost_3410_2012_256_paramSetB, 0x0023},
-    {NID_id_tc26_gost_3410_2012_256_paramSetC, 0x0024},
-    {NID_id_tc26_gost_3410_2012_256_paramSetD, 0x0025},
-    {NID_id_tc26_gost_3410_2012_512_paramSetA, 0x0026},
-    {NID_id_tc26_gost_3410_2012_512_paramSetB, 0x0027},
-    {NID_id_tc26_gost_3410_2012_512_paramSetC, 0x0028},
+    {NID_id_tc26_gost_3410_2012_256_paramSetA, OSSL_TLS_GROUP_ID_gc256A},
+    {NID_id_tc26_gost_3410_2012_256_paramSetB, OSSL_TLS_GROUP_ID_gc256B},
+    {NID_id_tc26_gost_3410_2012_256_paramSetC, OSSL_TLS_GROUP_ID_gc256C},
+    {NID_id_tc26_gost_3410_2012_256_paramSetD, OSSL_TLS_GROUP_ID_gc256D},
+    {NID_id_tc26_gost_3410_2012_512_paramSetA, OSSL_TLS_GROUP_ID_gc512A},
+    {NID_id_tc26_gost_3410_2012_512_paramSetB, OSSL_TLS_GROUP_ID_gc512B},
+    {NID_id_tc26_gost_3410_2012_512_paramSetC, OSSL_TLS_GROUP_ID_gc512C},
     {NID_ffdhe2048, OSSL_TLS_GROUP_ID_ffdhe2048},
     {NID_ffdhe3072, OSSL_TLS_GROUP_ID_ffdhe3072},
     {NID_ffdhe4096, OSSL_TLS_GROUP_ID_ffdhe4096},
@@ -193,28 +193,28 @@ static const unsigned char ecformats_default[] = {
 
 /* The default curves */
 static const uint16_t supported_groups_default[] = {
-    29,                      /* X25519 (29) */
-    23,                      /* secp256r1 (23) */
-    30,                      /* X448 (30) */
-    25,                      /* secp521r1 (25) */
-    24,                      /* secp384r1 (24) */
-    34,                      /* GC256A (34) */
-    35,                      /* GC256B (35) */
-    36,                      /* GC256C (36) */
-    37,                      /* GC256D (37) */
-    38,                      /* GC512A (38) */
-    39,                      /* GC512B (39) */
-    40,                      /* GC512C (40) */
-    0x100,                   /* ffdhe2048 (0x100) */
-    0x101,                   /* ffdhe3072 (0x101) */
-    0x102,                   /* ffdhe4096 (0x102) */
-    0x103,                   /* ffdhe6144 (0x103) */
-    0x104,                   /* ffdhe8192 (0x104) */
+    OSSL_TLS_GROUP_ID_x25519,        /* X25519 (29) */
+    OSSL_TLS_GROUP_ID_secp256r1,     /* secp256r1 (23) */
+    OSSL_TLS_GROUP_ID_x448,          /* X448 (30) */
+    OSSL_TLS_GROUP_ID_secp521r1,     /* secp521r1 (25) */
+    OSSL_TLS_GROUP_ID_secp384r1,     /* secp384r1 (24) */
+    OSSL_TLS_GROUP_ID_gc256A,        /* GC256A (34) */
+    OSSL_TLS_GROUP_ID_gc256B,        /* GC256B (35) */
+    OSSL_TLS_GROUP_ID_gc256C,        /* GC256C (36) */
+    OSSL_TLS_GROUP_ID_gc256D,        /* GC256D (37) */
+    OSSL_TLS_GROUP_ID_gc512A,        /* GC512A (38) */
+    OSSL_TLS_GROUP_ID_gc512B,        /* GC512B (39) */
+    OSSL_TLS_GROUP_ID_gc512C,        /* GC512C (40) */
+    OSSL_TLS_GROUP_ID_ffdhe2048,     /* ffdhe2048 (0x100) */
+    OSSL_TLS_GROUP_ID_ffdhe3072,     /* ffdhe3072 (0x101) */
+    OSSL_TLS_GROUP_ID_ffdhe4096,     /* ffdhe4096 (0x102) */
+    OSSL_TLS_GROUP_ID_ffdhe6144,     /* ffdhe6144 (0x103) */
+    OSSL_TLS_GROUP_ID_ffdhe8192,     /* ffdhe8192 (0x104) */
 };
 
 static const uint16_t suiteb_curves[] = {
-    TLSEXT_curve_P_256,
-    TLSEXT_curve_P_384
+    OSSL_TLS_GROUP_ID_secp256r1,
+    OSSL_TLS_GROUP_ID_secp384r1,
 };
 
 struct provider_group_data_st {
@@ -433,6 +433,42 @@ static uint16_t tls1_group_name2id(SSL_CTX *ctx, const char *name)
     return 0;
 }
 
+uint16_t ssl_group_id_internal_to_tls13(uint16_t curve_id)
+{
+    switch(curve_id) {
+    case OSSL_TLS_GROUP_ID_brainpoolP256r1:
+        return OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13;
+    case OSSL_TLS_GROUP_ID_brainpoolP384r1:
+        return OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13;
+    case OSSL_TLS_GROUP_ID_brainpoolP512r1:
+        return OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13;
+    case OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13:
+    case OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13:
+    case OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13:
+        return 0;
+    default:
+        return curve_id;
+    }
+}
+
+uint16_t ssl_group_id_tls13_to_internal(uint16_t curve_id)
+{
+    switch(curve_id) {
+    case OSSL_TLS_GROUP_ID_brainpoolP256r1:
+    case OSSL_TLS_GROUP_ID_brainpoolP384r1:
+    case OSSL_TLS_GROUP_ID_brainpoolP512r1:
+        return 0;
+    case OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13:
+        return OSSL_TLS_GROUP_ID_brainpoolP256r1;
+    case OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13:
+        return OSSL_TLS_GROUP_ID_brainpoolP384r1;
+    case OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13:
+        return OSSL_TLS_GROUP_ID_brainpoolP512r1;
+    default:
+        return curve_id;
+    }
+}
+
 const TLS_GROUP_INFO *tls1_group_id_lookup(SSL_CTX *ctx, uint16_t group_id)
 {
     size_t i;
@@ -611,9 +647,9 @@ uint16_t tls1_shared_group(SSL *s, int nmatch)
             unsigned long cid = s->s3.tmp.new_cipher->id;
 
             if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
-                return TLSEXT_curve_P_256;
+                return OSSL_TLS_GROUP_ID_secp256r1;
             if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
-                return TLSEXT_curve_P_384;
+                return OSSL_TLS_GROUP_ID_secp384r1;
             /* Should never happen */
             return 0;
         }
@@ -634,10 +670,17 @@ uint16_t tls1_shared_group(SSL *s, int nmatch)
 
     for (k = 0, i = 0; i < num_pref; i++) {
         uint16_t id = pref[i];
+        uint16_t cid = id;
 
-        if (!tls1_in_list(id, supp, num_supp)
-            || !tls_group_allowed(s, id, SSL_SECOP_CURVE_SHARED))
-                    continue;
+        if (SSL_IS_TLS13(s)) {
+            if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
+                cid = ssl_group_id_internal_to_tls13(id);
+            else
+                cid = id = ssl_group_id_tls13_to_internal(id);
+        }
+        if (!tls1_in_list(cid, supp, num_supp)
+                || !tls_group_allowed(s, id, SSL_SECOP_CURVE_SHARED))
+            continue;
         if (nmatch == k)
             return id;
          k++;
@@ -782,10 +825,10 @@ int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_groups)
         unsigned long cid = s->s3.tmp.new_cipher->id;
 
         if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
-            if (group_id != TLSEXT_curve_P_256)
+            if (group_id != OSSL_TLS_GROUP_ID_secp256r1)
                 return 0;
         } else if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) {
-            if (group_id != TLSEXT_curve_P_384)
+            if (group_id != OSSL_TLS_GROUP_ID_secp384r1)
                 return 0;
         } else {
             /* Should never happen */
@@ -931,9 +974,9 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int check_ee_md)
         size_t i;
 
         /* Check to see we have necessary signing algorithm */
-        if (group_id == TLSEXT_curve_P_256)
+        if (group_id == OSSL_TLS_GROUP_ID_secp256r1)
             check_md = NID_ecdsa_with_SHA256;
-        else if (group_id == TLSEXT_curve_P_384)
+        else if (group_id == OSSL_TLS_GROUP_ID_secp384r1)
             check_md = NID_ecdsa_with_SHA384;
         else
             return 0;           /* Should never happen */
@@ -966,9 +1009,9 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
      * curves permitted.
      */
     if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
-        return tls1_check_group_id(s, TLSEXT_curve_P_256, 1);
+        return tls1_check_group_id(s, OSSL_TLS_GROUP_ID_secp256r1, 1);
     if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
-        return tls1_check_group_id(s, TLSEXT_curve_P_384, 1);
+        return tls1_check_group_id(s, OSSL_TLS_GROUP_ID_secp384r1, 1);
 
     return 0;
 }
@@ -980,6 +1023,9 @@ static const uint16_t tls12_sigalgs[] = {
     TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
     TLSEXT_SIGALG_ed25519,
     TLSEXT_SIGALG_ed448,
+    TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256,
+    TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384,
+    TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512,
 
     TLSEXT_SIGALG_rsa_pss_pss_sha256,
     TLSEXT_SIGALG_rsa_pss_pss_sha384,
@@ -1042,6 +1088,15 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
     {NULL, TLSEXT_SIGALG_ecdsa_sha1,
      NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
      NID_ecdsa_with_SHA1, NID_undef, 1},
+    {"ecdsa_brainpoolP256r1_sha256", TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256,
+     NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
+     NID_ecdsa_with_SHA256, NID_brainpoolP256r1, 1},
+    {"ecdsa_brainpoolP384r1_sha384", TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384,
+     NID_sha384, SSL_MD_SHA384_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
+     NID_ecdsa_with_SHA384, NID_brainpoolP384r1, 1},
+    {"ecdsa_brainpoolP512r1_sha512", TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512,
+     NID_sha512, SSL_MD_SHA512_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
+     NID_ecdsa_with_SHA512, NID_brainpoolP512r1, 1},
     {"rsa_pss_rsae_sha256", TLSEXT_SIGALG_rsa_pss_rsae_sha256,
      NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_RSA_PSS, SSL_PKEY_RSA,
      NID_undef, NID_undef, 1},
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 405b1e6864..3ae97ac822 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -584,6 +584,9 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
     {TLSEXT_SIGALG_gostr34102012_256_gostr34112012_256, "gost2012_256"},
     {TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512, "gost2012_512"},
     {TLSEXT_SIGALG_gostr34102001_gostr3411, "gost2001_gost94"},
+    {TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256, "ecdsa_brainpoolP256r1_sha256"},
+    {TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384, "ecdsa_brainpoolP384r1_sha384"},
+    {TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512, "ecdsa_brainpoolP512r1_sha512"},
 };
 
 static const ssl_trace_tbl ssl_ctype_tbl[] = {
diff --git a/test/ssl-tests/20-cert-select.cnf b/test/ssl-tests/20-cert-select.cnf
index 79dcd4c8f4..853deff1d4 100644
--- a/test/ssl-tests/20-cert-select.cnf
+++ b/test/ssl-tests/20-cert-select.cnf
@@ -1728,7 +1728,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-52]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
 
 
 # ===========================================================
@@ -1754,7 +1754,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-53]
-ExpectedResult = ServerFail
+ExpectedResult = Success
 
 
 # ===========================================================
diff --git a/test/ssl-tests/20-cert-select.cnf.in b/test/ssl-tests/20-cert-select.cnf.in
index 30cde592c6..26c7318974 100644
--- a/test/ssl-tests/20-cert-select.cnf.in
+++ b/test/ssl-tests/20-cert-select.cnf.in
@@ -909,7 +909,7 @@ my @tests_tls_1_3_non_fips = (
             #We only configured brainpoolP256r1 on the client side, but TLSv1.3
             #is enabled and this group is not allowed in TLSv1.3. Therefore this
             #should fail
-            "ExpectedResult" => "ClientFail"
+            "ExpectedResult" => "ServerFail"
         },
     },
     {
@@ -924,7 +924,7 @@ my @tests_tls_1_3_non_fips = (
             "MaxProtocol" => "TLSv1.3"
         },
         test   => {
-            "ExpectedResult" => "ServerFail"
+            "ExpectedResult" => "Success"
         },
     },
 );


More information about the openssl-commits mailing list