diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-03 08:49:06 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-07 08:26:47 +0200 |
commit | 805f14d44805ec8070334e24ad87539d5f0b33dd (patch) | |
tree | 74b60c340298d902b0d3c97cf3629142feec5cf2 | |
parent | 6ca5787e2027a163eee5f85b36e8e0fe24fd6a53 (diff) | |
download | gnutls-805f14d44805ec8070334e24ad87539d5f0b33dd.tar.gz |
configure: added option --enable-tls13-support
The new option enables TLS1.3 draft-28 support unconditionally.
Updated the test suite to run when TLS1.3 is enabled by default,
and added a CI run with TLS1.3 enabled.
Resolves #424
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | .gitlab-ci.yml | 3 | ||||
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 2 | ||||
-rw-r--r-- | lib/priority.c | 3 | ||||
-rw-r--r-- | m4/hooks.m4 | 15 | ||||
-rw-r--r-- | tests/mini-x509-default-prio.c | 2 | ||||
-rw-r--r-- | tests/mini-x509.c | 4 | ||||
-rw-r--r-- | tests/priorities.c | 13 | ||||
-rw-r--r-- | tests/psk-file.c | 13 | ||||
-rw-r--r-- | tests/pskself.c | 6 | ||||
-rw-r--r-- | tests/resume-with-false-start.c | 3 | ||||
-rwxr-xr-x | tests/server-multi-keys.sh | 6 | ||||
-rw-r--r-- | tests/session-tickets-missing.c | 4 | ||||
-rwxr-xr-x | tests/starttls.sh | 2 | ||||
-rw-r--r-- | tests/status-request-ok.c | 2 | ||||
-rwxr-xr-x | tests/suite/eagain.sh | 2 | ||||
-rw-r--r-- | tests/suite/tls-fuzzer/gnutls-nocert.json | 3 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh | 5 | ||||
m--------- | tests/suite/tls-fuzzer/tlslite-ng | 0 | ||||
-rw-r--r-- | tests/tls-neg-ext-key.c | 35 | ||||
-rw-r--r-- | tests/tls13-cert-key-exchange.c | 2 |
21 files changed, 99 insertions, 30 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0c820fc444..230b0a043c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -138,10 +138,11 @@ TLS1.3/interop: script: - git submodule update --init --no-fetch - ./bootstrap - - dash ./configure --disable-gcc-warnings --cache-file cache/config.cache --disable-ssl3-support --disable-ssl2-support --disable-full-test-suite --enable-seccomp-tests --disable-doc --disable-guile && + - dash ./configure --enable-tls13-support --disable-gcc-warnings --cache-file cache/config.cache --disable-ssl3-support --disable-ssl2-support --disable-full-test-suite --enable-seccomp-tests --disable-doc --disable-guile && make -j$(nproc) - cd devel/openssl && ./config enable-tls1_3 && make -j$(nproc) && cd ../.. - make -C tests/suite TESTS=testcompat-tls13-openssl.sh check + - make -C tests/ check -j$(nproc) tags: - shared except: @@ -11,8 +11,8 @@ See the end for copying conditions. negotiation, post handshake authentication, length hiding, multiple OCSP support, consistent ciphersuite support across protocols, hello retry requests, ability to adjust key shares via gnutls_init() flags, certificate authorities extension, - and key usage limits. TLS1.3 support needs to be explicitly enabled via a - priority string. + and key usage limits. TLS1.3 draft-28 support can be enabled by default if + the option --enable-tls13-support is given to configure script. ** libgnutls: Introduced function to switch the current FIPS140-2 operational mode, i.e., strict vs a more lax mode which will allow certain non FIPS140-2 diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 1a04e6ff1e..7187e9df93 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -705,7 +705,7 @@ typedef enum { GNUTLS_DTLS1_2 = 202, GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS0_9, GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2, - GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_2, + GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_3, GNUTLS_VERSION_UNKNOWN = 0xff /* change it to 0xffff */ } gnutls_protocol_t; diff --git a/lib/priority.c b/lib/priority.c index a749678580..cb162a12fe 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -175,6 +175,9 @@ static const int _supported_groups_secure192[] = { static const int* supported_groups_secure192 = _supported_groups_secure192; static const int protocol_priority[] = { +#ifdef ENABLE_TLS13 + GNUTLS_TLS1_3, +#endif GNUTLS_TLS1_2, GNUTLS_TLS1_1, GNUTLS_TLS1_0, diff --git a/m4/hooks.m4 b/m4/hooks.m4 index 8a7bcd6eef..e997e1d30c 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -172,6 +172,21 @@ LIBTASN1_MINIMUM=4.9 fi AM_CONDITIONAL(ENABLE_SSL3, test "$ac_enable_ssl3" != "no") + ac_enable_tls13=no + AC_MSG_CHECKING([whether to enable the TLS 1.3 draft protocol]) + AC_ARG_ENABLE(tls13-support, + AS_HELP_STRING([--enable-tls13-support], + [enable the TLS1.3 draft protocol by default]), + ac_enable_tls13=$enableval) + if test x$ac_enable_tls13 != xno; then + AC_MSG_RESULT(no) + AC_DEFINE([ENABLE_TLS13], 1, [enable TLS1.3 support]) + else + ac_full=0 + AC_MSG_RESULT(yes) + fi + AM_CONDITIONAL(ENABLE_TLS13, test "$ac_enable_tls13" != "no") + ac_enable_ssl2=yes AC_MSG_CHECKING([whether to disable the SSL 2.0 client hello]) AC_ARG_ENABLE(ssl2-support, diff --git a/tests/mini-x509-default-prio.c b/tests/mini-x509-default-prio.c index 7f2308cde4..a01caf7e43 100644 --- a/tests/mini-x509-default-prio.c +++ b/tests/mini-x509-default-prio.c @@ -260,6 +260,7 @@ void doit(void) } } +#ifndef ENABLE_TLS13 ret = gnutls_session_ext_master_secret_status(client); if (ret != 1) { fprintf(stderr, "Extended master secret wasn't negotiated by default (client ret: %d)\n", ret); @@ -271,6 +272,7 @@ void doit(void) fprintf(stderr, "Extended master secret wasn't negotiated by default (server ret: %d)\n", ret); exit(1); } +#endif gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); diff --git a/tests/mini-x509.c b/tests/mini-x509.c index 52c650aa7f..9b6bbcc006 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -258,5 +258,9 @@ void doit(void) { start("NORMAL:-VERS-ALL:+VERS-TLS1.2", 0); start("NORMAL:-VERS-ALL:+VERS-TLS1.3", 0); +#ifndef ENABLE_TLS13 + start("NORMAL", 0); +#else start("NORMAL", 1); +#endif } diff --git a/tests/priorities.c b/tests/priorities.c index 3cbde6e566..c5d44ea339 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -114,11 +114,20 @@ try_prio_err(const char *prio, int err) void doit(void) { const int null = 3; +#ifdef ENABLE_TLS13 + int sec128_cs = 29; + int sec256_cs = 12; + int normal_cs = 29; + int pfs_cs = 23; + int null_normal_cs = 28; /* disables TLS1.3 CS */ +#else int sec128_cs = 25; int sec256_cs = 10; + int pfs_cs = 19; int normal_cs = 25; + int null_normal_cs = normal_cs + null; +#endif int normal_ciphers = 7; - int pfs_cs = 19; if (gnutls_fips140_mode_enabled()) { normal_cs = 22; @@ -135,7 +144,7 @@ void doit(void) try_prio("PFS", pfs_cs, normal_ciphers, __LINE__); try_prio("NORMAL:+CIPHER-ALL", normal_cs, 7, __LINE__); /* all (except null) */ try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__); /* null */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal_cs + null, 8, __LINE__); /* should be null + all */ + try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", null_normal_cs, 8, __LINE__); /* should be null + all */ try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 4, 1, __LINE__); /* should be null + all */ } diff --git a/tests/psk-file.c b/tests/psk-file.c index 5bd01e42ce..3defa28275 100644 --- a/tests/psk-file.c +++ b/tests/psk-file.c @@ -85,11 +85,8 @@ static void client(int sd, const char *prio, const char *user, const gnutls_datu gnutls_psk_set_client_credentials(pskcred, user, key, GNUTLS_PSK_KEY_HEX); - /* Initialize TLS session - */ - gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_KEY_SHARE_TOP); + assert(gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_KEY_SHARE_TOP)>=0); - /* Use default priorities */ assert(gnutls_priority_set_direct(session, prio, NULL)>=0); /* put the anonymous credentials to the current session @@ -366,9 +363,15 @@ void doit(void) run_test2("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); run_test2("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", NULL, "non-hex", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_KEYFILE_ERROR); - run_test_ok("NORMAL:-KX-ALL:+PSK", "jas", &key, 1, 0); + run_test_ok("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", "jas", &key, 1, 0); + run_test_ok("NORMAL:-KX-ALL:+PSK", "jas", &key, 0, 0); +#ifdef ENABLE_TLS13 + run_test2("NORMAL:+PSK", NULL, "unknown", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + run_test2("NORMAL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); +#else run_test2("NORMAL:+PSK", NULL, "unknown", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); run_test2("NORMAL:+PSK", NULL, "jas", &wrong_key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_DECRYPTION_FAILED); +#endif run_test2("NORMAL:-KX-ALL:+PSK", NULL, "non-hex", &key, 1, 0, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_KEYFILE_ERROR); run_dhtest_ok("NORMAL:-VERS-ALL:+VERS-TLS1.3:+DHE-PSK:-GROUP-EC-ALL", "jas", &key, 0, 0); diff --git a/tests/pskself.c b/tests/pskself.c index 10fe4c90cf..65aceb2522 100644 --- a/tests/pskself.c +++ b/tests/pskself.c @@ -326,9 +326,15 @@ void doit(void) /* the following should work once we support PSK without DH */ run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+PSK", 0); +#ifdef ENABLE_TLS13 + run_test("NORMAL:-KX-ALL:+PSK", 0); + run_test("NORMAL:-KX-ALL:+ECDHE-PSK", 0); + run_test("NORMAL:-KX-ALL:+DHE-PSK", 0); +#else run_test("NORMAL:-KX-ALL:+PSK", 1); run_test("NORMAL:-KX-ALL:+ECDHE-PSK", 1); run_test("NORMAL:-KX-ALL:+DHE-PSK", 1); +#endif gnutls_dh_params_deinit(dh_params); } diff --git a/tests/resume-with-false-start.c b/tests/resume-with-false-start.c index 26f374c841..69307eb079 100644 --- a/tests/resume-with-false-start.c +++ b/tests/resume-with-false-start.c @@ -28,6 +28,7 @@ #include <stdlib.h> #include <string.h> #include <errno.h> +#include <assert.h> #include <gnutls/gnutls.h> #include "utils.h" #include "eagain-common.h" @@ -104,7 +105,7 @@ void doit(void) if (ret < 0) exit(1); - gnutls_set_default_priority(client); + assert(gnutls_priority_set_direct(client, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL)>=0); gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); gnutls_transport_set_ptr(client, client); diff --git a/tests/server-multi-keys.sh b/tests/server-multi-keys.sh index 25ab601a13..3138fb6888 100755 --- a/tests/server-multi-keys.sh +++ b/tests/server-multi-keys.sh @@ -74,7 +74,7 @@ timeout 1800 datefudge "2017-08-9" \ fail ${PID} "2. handshake with ECC should have succeeded!" timeout 1800 datefudge "2017-08-9" \ -"${CLI}" -p "${PORT}" localhost --x509cafile ${CAFILE} --priority "NORMAL:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-SHA256" --save-cert ${TMPFILE} </dev/null || \ +"${CLI}" -p "${PORT}" localhost --x509cafile ${CAFILE} --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-SHA256" --save-cert ${TMPFILE} </dev/null || \ fail ${PID} "3. handshake with RSA should have succeeded!" cmp ${TMPFILE} ${CERT1} @@ -82,6 +82,10 @@ if test $? != 0;then fail ${PID} "3. the certificate used by server was not the expected" fi +timeout 1800 datefudge "2017-08-9" \ +"${CLI}" -p "${PORT}" localhost --x509cafile ${CAFILE} --priority "NORMAL:-KX-ALL:+ECDHE-RSA:+SIGN-RSA-SHA256:+SIGN-RSA-PSS-RSAE-SHA256" --save-cert ${TMPFILE} </dev/null || \ + fail ${PID} "4. handshake with RSA should have succeeded!" + # check whether the server used the RSA-PSS certificate when we asked for RSA-PSS signature timeout 1800 datefudge "2017-08-9" \ diff --git a/tests/session-tickets-missing.c b/tests/session-tickets-missing.c index 9db194904f..69f16cf643 100644 --- a/tests/session-tickets-missing.c +++ b/tests/session-tickets-missing.c @@ -316,7 +316,11 @@ void doit(void) start("NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_NO_TICKETS); /* ...or there is no overlap between PSK key exchange modes */ start2("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:-DHE-PSK", "NORMAL:-VERS-ALL:+VERS-TLS1.3", 0, 0); +#ifdef ENABLE_TLS13 + start("NORMAL", GNUTLS_NO_TICKETS); +#else start("NORMAL", 0); +#endif } #endif /* _WIN32 */ diff --git a/tests/starttls.sh b/tests/starttls.sh index 929ab1d5cc..0feed953ac 100755 --- a/tests/starttls.sh +++ b/tests/starttls.sh @@ -37,7 +37,7 @@ launch_server $$ --echo --priority "NORMAL:+ANON-ECDH" PID=$! wait_server ${PID} -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls </dev/null >/dev/null || \ +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+ANON-ECDH --insecure --starttls -d 6 </dev/null >/dev/null || \ fail ${PID} "starttls connect should have succeeded!" diff --git a/tests/status-request-ok.c b/tests/status-request-ok.c index 50a4a9d4b7..5dda6faf4f 100644 --- a/tests/status-request-ok.c +++ b/tests/status-request-ok.c @@ -249,7 +249,7 @@ static void server(int fd) /* avoid calling all the priority functions, since the defaults * are adequate. */ - gnutls_priority_set_direct(session, "NORMAL", NULL); + gnutls_priority_set_direct(session, "NORMAL:-VERS-ALL:+VERS-TLS1.2", NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); diff --git a/tests/suite/eagain.sh b/tests/suite/eagain.sh index 235a5390ec..cc6668acf1 100755 --- a/tests/suite/eagain.sh +++ b/tests/suite/eagain.sh @@ -33,7 +33,7 @@ SERV="${SERV} -q" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:+ANON-DH" --dhparams "${srcdir}/params.dh" +launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ANON-DH" --dhparams "${srcdir}/params.dh" PID=$! wait_server ${PID} diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json index 6784511bf2..8019db5af1 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert.json @@ -102,7 +102,8 @@ "comment" : "gnutls does not allow switching from EMS to no EMS, and w/ECDHE test is incomplete", "arguments" : ["-e", "renegotiate without EMS in session with EMS", "-e", "EMS with session resume without extension"]}, - {"name" : "test-fallback-scsv.py"}, + {"name" : "test-fallback-scsv.py", + "arguments" : ["--tls-1.3"]}, {"name" : "test-fuzzed-ciphertext.py"}, {"name" : "test-fuzzed-finished.py"}, {"name" : "test-fuzzed-MAC.py"}, diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh index b4b7c10883..f577f71249 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh @@ -49,10 +49,11 @@ wait_for_free_port $PORT retval=0 -PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:+VERS-SSL3.0:+SHA256" +VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0" +PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 if test $? != 0;then - PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:+VERS-SSL3.0:+SHA256" + PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256" fi TLS_PY=./tlslite-ng/scripts/tls.py diff --git a/tests/suite/tls-fuzzer/tlslite-ng b/tests/suite/tls-fuzzer/tlslite-ng -Subproject ac9c99a59c3c51abbd6909e76415c6306c3e45d +Subproject d976188fe7fd7466dc5cf0818a4ef87e3738189 diff --git a/tests/tls-neg-ext-key.c b/tests/tls-neg-ext-key.c index f8b4877a58..95e9414a59 100644 --- a/tests/tls-neg-ext-key.c +++ b/tests/tls-neg-ext-key.c @@ -174,13 +174,13 @@ void try_with_key(const char *name, const char *client_prio, testfail("Could not set key/cert: %s\n", gnutls_strerror(ret)); } - gnutls_init(&server, GNUTLS_SERVER); + assert(gnutls_init(&server, GNUTLS_SERVER) >= 0); gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, s_xcred); - gnutls_priority_set_direct(server, - "NORMAL:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", - NULL); + assert(gnutls_priority_set_direct(server, + "NORMAL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ANON-ECDH:+ANON-DH:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", + NULL)>=0); gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_ptr(server, server); @@ -279,30 +279,45 @@ typedef struct test_st { } test_st; static const test_st tests[] = { - {.name = "ecc key", + {.name = "TLS1.2 ecc key", .pk = GNUTLS_PK_ECDSA, - .prio = "NORMAL:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA", + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+ECDHE-ECDSA", .cert = &server_ca3_localhost_ecc_cert, .key = &server_ca3_ecc_key, .exp_kx = GNUTLS_KX_ECDHE_ECDSA }, + {.name = "TLS1.3 ecc key", + .pk = GNUTLS_PK_ECDSA, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .cert = &server_ca3_localhost_ecc_cert, + .key = &server_ca3_ecc_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA + }, {.name = "rsa-sign key", .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", .cert = &server_ca3_localhost_cert, .key = &server_ca3_key, .exp_kx = GNUTLS_KX_ECDHE_RSA }, {.name = "rsa-sign key with rsa-pss sigs prioritized", .pk = GNUTLS_PK_RSA, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512", .cert = &server_ca3_localhost_cert, .key = &server_ca3_key, .exp_kx = GNUTLS_KX_ECDHE_RSA }, - {.name = "rsa-pss-sign key", + {.name = "TLS 1.2 rsa-pss-sign key", .pk = GNUTLS_PK_RSA_PSS, - .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA", + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+ECDHE-RSA:+ECDHE-ECDSA", + .cert = &server_ca3_rsa_pss2_cert, + .key = &server_ca3_rsa_pss2_key, + .exp_kx = GNUTLS_KX_ECDHE_RSA, + .exp_key_err = GNUTLS_E_INVALID_REQUEST + }, + {.name = "TLS 1.3 rsa-pss-sign key", + .pk = GNUTLS_PK_RSA_PSS, + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+ECDHE-RSA:+ECDHE-ECDSA", .cert = &server_ca3_rsa_pss2_cert, .key = &server_ca3_rsa_pss2_key, .exp_kx = GNUTLS_KX_ECDHE_RSA, diff --git a/tests/tls13-cert-key-exchange.c b/tests/tls13-cert-key-exchange.c index af97df8e4e..c0963889ae 100644 --- a/tests/tls13-cert-key-exchange.c +++ b/tests/tls13-cert-key-exchange.c @@ -95,7 +95,7 @@ void doit(void) try_ks("TLS 1.3 with x25519 -> ffdhe3072 key share", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519:+GROUP-SECP384R1:+GROUP-FFDHE3072", GNUTLS_KX_DHE_RSA, GNUTLS_GROUP_FFDHE3072); /* TLS 1.2 fallback */ - server_priority = "NORMAL:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", + server_priority = "NORMAL:-VERS-ALL:+VERS-TLS1.2:+ECDHE-RSA:+DHE-RSA:+RSA:+ECDHE-ECDSA:+CURVE-X25519:+SIGN-EDDSA-ED25519", try_with_key_ks("TLS 1.2 fallback with x25519 ed25519 no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA:-CURVE-ALL:+CURVE-X25519:-SIGN-ALL:+SIGN-EDDSA-ED25519", GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_EDDSA_ED25519, GNUTLS_SIGN_UNKNOWN, &server_ca3_eddsa_cert, &server_ca3_eddsa_key, NULL, NULL, 0, 0); |