summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/common-cert-key-exchange.h2
-rw-r--r--tests/dtls12-cert-key-exchange.c6
-rw-r--r--tests/pkcs11/tls-neg-pkcs11-key.c2
-rw-r--r--tests/privkey-verify-broken.c2
-rw-r--r--tests/rsa-rsa-pss.c75
-rw-r--r--tests/suite/tls-fuzzer/gnutls-cert.json5
-rw-r--r--tests/suite/tls-fuzzer/gnutls-nocert.json6
-rw-r--r--tests/tls-neg-ext-key.c6
-rw-r--r--tests/tls12-cert-key-exchange.c6
-rw-r--r--tests/tls13-cert-key-exchange.c16
-rw-r--r--tests/tls13/prf.c18
11 files changed, 86 insertions, 58 deletions
diff --git a/tests/common-cert-key-exchange.h b/tests/common-cert-key-exchange.h
index 4c7d6c0ca9..47e3738900 100644
--- a/tests/common-cert-key-exchange.h
+++ b/tests/common-cert-key-exchange.h
@@ -36,7 +36,7 @@ extern const char *server_priority;
&server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0)
#define try_ks(name, client_prio, client_kx, group) \
- try_with_key_ks(name, client_prio, client_kx, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN, \
+ try_with_key_ks(name, client_prio, client_kx, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN, \
&server_ca3_localhost_cert, &server_ca3_key, NULL, NULL, 0, group)
#define try_cli(name, client_prio, client_kx, server_sign_algo, client_sign_algo, client_cert) \
diff --git a/tests/dtls12-cert-key-exchange.c b/tests/dtls12-cert-key-exchange.c
index 0903cafe66..82028041d7 100644
--- a/tests/dtls12-cert-key-exchange.c
+++ b/tests/dtls12-cert-key-exchange.c
@@ -48,8 +48,8 @@ void doit(void)
dtls_try_with_key("DTLS 1.2 with ecdhe ecdsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_ECDSA_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, 0);
- dtls_try("DTLS 1.2 with ecdhe rsa-pss sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- dtls_try("DTLS 1.2 with ecdhe rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
+ dtls_try("DTLS 1.2 with ecdhe rsa-pss sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ dtls_try("DTLS 1.2 with ecdhe rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
dtls_try_with_key("TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, NULL, NULL, 0);
dtls_try("DTLS 1.2 with rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+RSA", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN);
@@ -63,7 +63,7 @@ void doit(void)
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, USE_CERT);
- dtls_try_cli("DTLS 1.2 with ecdhe-rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256, USE_CERT);
+ dtls_try_cli("DTLS 1.2 with ecdhe-rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT);
dtls_try_with_key("DTLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256,
&server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, &cli_ca3_rsa_pss_key, USE_CERT);
dtls_try_cli("DTLS 1.2 with dhe-rsa ask cli-cert", "NORMAL:-VERS-ALL:+VERS-DTLS1.2:-KX-ALL:+DHE-RSA", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN, ASK_CERT);
diff --git a/tests/pkcs11/tls-neg-pkcs11-key.c b/tests/pkcs11/tls-neg-pkcs11-key.c
index c85d8789df..c32dee27a6 100644
--- a/tests/pkcs11/tls-neg-pkcs11-key.c
+++ b/tests/pkcs11/tls-neg-pkcs11-key.c
@@ -286,7 +286,7 @@ static const test_st tests[] = {
},
{.name = "tls1.2: rsa-pss cert, rsa-sign key no PSS signatures",
.pk = GNUTLS_PK_RSA,
- .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512",
+ .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2:-SIGN-RSA-PSS-SHA256:-SIGN-RSA-PSS-SHA384:-SIGN-RSA-PSS-SHA512:-SIGN-RSA-PSS-RSAE-SHA256:-SIGN-RSA-PSS-RSAE-SHA384:-SIGN-RSA-PSS-RSAE-SHA512",
.cert = &server_ca3_rsa_pss_cert,
.key = &server_ca3_rsa_pss_key,
.exp_kx = GNUTLS_KX_ECDHE_RSA,
diff --git a/tests/privkey-verify-broken.c b/tests/privkey-verify-broken.c
index aaf640d030..276fcdaafe 100644
--- a/tests/privkey-verify-broken.c
+++ b/tests/privkey-verify-broken.c
@@ -145,7 +145,7 @@ void doit(void)
if (sign_verify_data(pkey, GNUTLS_SIGN_RSA_SHA3_256, 0) < 0)
fail("failed verification with SHA3-256!\n");
- if (sign_verify_data(pkey, GNUTLS_SIGN_RSA_PSS_SHA256, 0) < 0)
+ if (sign_verify_data(pkey, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, 0) < 0)
fail("failed verification with SHA256 with PSS!\n");
gnutls_x509_privkey_deinit(pkey);
diff --git a/tests/rsa-rsa-pss.c b/tests/rsa-rsa-pss.c
index 74ed99055a..2ba926e321 100644
--- a/tests/rsa-rsa-pss.c
+++ b/tests/rsa-rsa-pss.c
@@ -46,8 +46,8 @@ const gnutls_datum_t raw_data = {
11
};
-static void inv_sign_check(gnutls_pk_algorithm_t algorithm, unsigned sigalgo,
- gnutls_privkey_t privkey, int exp_error)
+static void inv_sign_check(unsigned sigalgo,
+ gnutls_privkey_t privkey, int exp_error)
{
int ret;
gnutls_datum_t signature;
@@ -55,9 +55,11 @@ static void inv_sign_check(gnutls_pk_algorithm_t algorithm, unsigned sigalgo,
ret = gnutls_privkey_sign_data2(privkey, sigalgo, 0,
&raw_data, &signature);
if (ret != exp_error)
- fail("gnutls_privkey_sign_data succeeded with %s and %s: %s\n", gnutls_pk_get_name(algorithm),
+ fail("gnutls_privkey_sign_data succeeded with %s and %s: %s\n", gnutls_pk_get_name(gnutls_privkey_get_pk_algorithm(privkey, NULL)),
gnutls_sign_get_name(sigalgo), gnutls_strerror(ret));
+ if (ret == 0)
+ gnutls_free(signature.data);
}
static void inv_encryption_check(gnutls_pk_algorithm_t algorithm,
@@ -82,8 +84,7 @@ static void inv_encryption_check(gnutls_pk_algorithm_t algorithm,
}
-static void sign_verify_data(gnutls_pk_algorithm_t algorithm, unsigned sigalgo,
- gnutls_privkey_t privkey)
+static void sign_verify_data(unsigned sigalgo, gnutls_privkey_t privkey)
{
int ret;
gnutls_pubkey_t pubkey;
@@ -112,7 +113,8 @@ static void sign_verify_data(gnutls_pk_algorithm_t algorithm, unsigned sigalgo,
void doit(void)
{
- gnutls_privkey_t pkey;
+ gnutls_privkey_t pkey_rsa_pss;
+ gnutls_privkey_t pkey_rsa;
gnutls_x509_privkey_t tkey;
int ret;
gnutls_x509_spki_t spki;
@@ -128,46 +130,67 @@ void doit(void)
assert(gnutls_x509_spki_init(&spki)>=0);
- assert(gnutls_privkey_init(&pkey) >=0);
+ assert(gnutls_privkey_init(&pkey_rsa) >=0);
gnutls_x509_spki_set_rsa_pss_params(spki, GNUTLS_DIG_SHA256, 32);
ret =
- gnutls_privkey_generate(pkey, GNUTLS_PK_RSA, 2048, 0);
+ gnutls_privkey_generate(pkey_rsa, GNUTLS_PK_RSA, 2048, 0);
if (ret < 0) {
fail("gnutls_privkey_generate: %s\n", gnutls_strerror(ret));
}
- assert(gnutls_privkey_set_spki(pkey, spki, 0)>=0);
- assert(gnutls_privkey_export_x509(pkey, &tkey) >=0);
+ assert(gnutls_privkey_set_spki(pkey_rsa, spki, 0)>=0);
+ assert(gnutls_privkey_export_x509(pkey_rsa, &tkey) >=0);
gnutls_x509_privkey_export2_pkcs8(tkey, GNUTLS_X509_FMT_PEM, NULL, 0, &tmp);
- gnutls_x509_privkey_deinit(tkey);
- gnutls_privkey_deinit(pkey);
+ /* import RSA-PSS version of key */
+ assert(gnutls_privkey_init(&pkey_rsa_pss) >=0);
+ assert(gnutls_privkey_import_x509_raw(pkey_rsa_pss, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0);
- assert(gnutls_privkey_init(&pkey) >=0);
+ gnutls_free(tmp.data);
- assert(gnutls_privkey_import_x509_raw(pkey, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0);
+ /* import RSA-PSS version of key */
+ gnutls_privkey_deinit(pkey_rsa);
+ gnutls_x509_privkey_export2(tkey, GNUTLS_X509_FMT_PEM, &tmp);
+ assert(gnutls_privkey_init(&pkey_rsa) >=0);
+ assert(gnutls_privkey_import_x509_raw(pkey_rsa, &tmp, GNUTLS_X509_FMT_PEM, NULL, 0) >= 0);
- if (debug)
- printf("%s", tmp.data);
+ gnutls_x509_privkey_deinit(tkey);
+ gnutls_free(tmp.data);
- sign_verify_data(GNUTLS_PK_RSA_PSS, GNUTLS_SIGN_RSA_PSS_SHA256, pkey);
+ sign_verify_data(GNUTLS_SIGN_RSA_PSS_SHA256, pkey_rsa_pss);
+ sign_verify_data(GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, pkey_rsa);
+ sign_verify_data(GNUTLS_SIGN_RSA_PSS_SHA256, pkey_rsa);
if (debug)
success("success signing with RSA-PSS-SHA256\n");
- /* check whether the RSA-PSS restrictions are being followed */
- inv_encryption_check(GNUTLS_PK_RSA_PSS, pkey, GNUTLS_E_INVALID_REQUEST);
- inv_sign_check(GNUTLS_PK_RSA, GNUTLS_SIGN_RSA_SHA512, pkey, GNUTLS_E_CONSTRAINT_ERROR);
- inv_sign_check(GNUTLS_PK_RSA, GNUTLS_SIGN_RSA_SHA256, pkey, GNUTLS_E_CONSTRAINT_ERROR);
- inv_sign_check(GNUTLS_PK_RSA_PSS, GNUTLS_SIGN_RSA_PSS_SHA384, pkey, GNUTLS_E_CONSTRAINT_ERROR);
- inv_sign_check(GNUTLS_PK_RSA_PSS, GNUTLS_SIGN_RSA_PSS_SHA512, pkey, GNUTLS_E_CONSTRAINT_ERROR);
-
- gnutls_privkey_deinit(pkey);
+ /* check whether the RSA-PSS key restrictions are being followed */
+ inv_encryption_check(GNUTLS_PK_RSA_PSS, pkey_rsa_pss, GNUTLS_E_INVALID_REQUEST);
+ inv_sign_check(GNUTLS_SIGN_RSA_SHA512, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+ inv_sign_check(GNUTLS_SIGN_RSA_SHA256, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_SHA384, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_SHA512, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_RSAE_SHA384, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_RSAE_SHA512, pkey_rsa_pss, GNUTLS_E_CONSTRAINT_ERROR);
+
+ /* check whether the RSA key is not being restricted */
+ inv_sign_check(GNUTLS_SIGN_RSA_SHA512, pkey_rsa, 0);
+ inv_sign_check(GNUTLS_SIGN_RSA_SHA256, pkey_rsa, 0);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_RSAE_SHA384, pkey_rsa, 0);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_RSAE_SHA512, pkey_rsa, 0);
+ /* an RSA key can also generate "pure" for TLS RSA-PSS signatures
+ * as they are essentially the same thing, and we cannot always
+ * know whether a key is RSA-PSS only, or not (e.g., in PKCS#11
+ * keys). */
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_SHA384, pkey_rsa, 0);
+ inv_sign_check(GNUTLS_SIGN_RSA_PSS_SHA512, pkey_rsa, 0);
+
+ gnutls_privkey_deinit(pkey_rsa);
+ gnutls_privkey_deinit(pkey_rsa_pss);
gnutls_x509_spki_deinit(spki);
- gnutls_free(tmp.data);
gnutls_global_deinit();
}
diff --git a/tests/suite/tls-fuzzer/gnutls-cert.json b/tests/suite/tls-fuzzer/gnutls-cert.json
index 8da7a50a06..69b7812f72 100644
--- a/tests/suite/tls-fuzzer/gnutls-cert.json
+++ b/tests/suite/tls-fuzzer/gnutls-cert.json
@@ -30,10 +30,11 @@
"-e", "check sigalgs in cert request"]
},
{"name" : "test-rsa-pss-sigs-on-certificate-verify.py",
- "comment" : "tlsfuzzer doesn't like our set of algorithms",
+ "comment" : "tlsfuzzer doesn't yet support draft-22 RSA-PSS",
"arguments" : ["-k", "tests/clientX509Key.pem",
"-c", "tests/clientX509Cert.pem",
- "-e", "check CertificateRequest sigalgs"]
+ "-e", "check CertificateRequest sigalgs"],
+ "exp_pass" : false
},
{"name": "test-certificate-malformed.py",
"comment" : "tlsfuzzer doesn't like the alerts we send",
diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json
index db9ec67844..3c156d316d 100644
--- a/tests/suite/tls-fuzzer/gnutls-nocert.json
+++ b/tests/suite/tls-fuzzer/gnutls-nocert.json
@@ -134,9 +134,11 @@
"-e", "medium, maximum fragmentation: 1 fragment - 1024B extension"]},
{"name" : "test-sessionID-resumption.py"},
{"name" : "test-sig-algs.py",
- "comment" : "FIXME: these fail, but most likely due to tls-fuzzer issue",
+ "comment" : "tlsfuzzer doesn't yet support draft-22 RSA-PSS",
"arguments" : ["-e", "RSA-PSS only - fails in verify if server selects PSS",
- "-e", "with RSA-PSS - fails in verify if server selects PSS"]},
+ "-e", "with RSA-PSS - fails in verify if server selects PSS"],
+ "exp_pass" : false
+ },
{"name" : "test-signature-algorithms.py",
"comment" : "gnutls doesn't tolerate that much",
"arguments" : ["-e", "tolerance max (32764) number of methods"]
diff --git a/tests/tls-neg-ext-key.c b/tests/tls-neg-ext-key.c
index a02c6b0034..f8b4877a58 100644
--- a/tests/tls-neg-ext-key.c
+++ b/tests/tls-neg-ext-key.c
@@ -295,7 +295,7 @@ static const test_st tests[] = {
},
{.name = "rsa-sign key with rsa-pss sigs prioritized",
.pk = GNUTLS_PK_RSA,
- .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512",
+ .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512",
.cert = &server_ca3_localhost_cert,
.key = &server_ca3_key,
.exp_kx = GNUTLS_KX_ECDHE_RSA
@@ -308,9 +308,9 @@ static const test_st tests[] = {
.exp_kx = GNUTLS_KX_ECDHE_RSA,
.exp_key_err = GNUTLS_E_INVALID_REQUEST
},
- {.name = "rsa-pss cert, rsa-sign key", /* we expect the server to refuse negotiating */
+ {.name = "rsa-pss cert, rsa-sign key, no rsa-pss-rsae sigs", /* we expect the server to refuse negotiating */
.pk = GNUTLS_PK_RSA,
- .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA",
+ .prio = "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512",
.cert = &server_ca3_rsa_pss_cert,
.key = &server_ca3_rsa_pss_key,
.exp_kx = GNUTLS_KX_ECDHE_RSA,
diff --git a/tests/tls12-cert-key-exchange.c b/tests/tls12-cert-key-exchange.c
index 497c8aee3c..5a7eade47b 100644
--- a/tests/tls12-cert-key-exchange.c
+++ b/tests/tls12-cert-key-exchange.c
@@ -47,7 +47,7 @@ void doit(void)
try("TLS 1.2 with ecdhe rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_SHA256, GNUTLS_SIGN_UNKNOWN);
try_with_key("TLS 1.2 with ecdhe ecdsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_ECDSA_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, 0);
- try("TLS 1.2 with ecdhe rsa-pss sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.2 with ecdhe rsa-pss sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
/* Test RSA-PSS cert/key combo issues */
try_with_key("TLS 1.2 with ecdhe with rsa-pss-sha256 key no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN,
@@ -59,7 +59,7 @@ void doit(void)
try_with_key("TLS 1.2 with ecdhe with rsa-pss-sha256 key and rsa-pss-sha512 first sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_rsa_pss2_cert, &server_ca3_rsa_pss2_key, NULL, NULL, 0);
- try("TLS 1.2 with ecdhe rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.2 with ecdhe rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
try_with_key("TLS 1.2 with ecdhe rsa-pss/rsa-pss no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, NULL, NULL, 0);
try("TLS 1.2 with rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_UNKNOWN);
@@ -71,7 +71,7 @@ void doit(void)
try_cli("TLS 1.2 with rsa cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA", GNUTLS_KX_RSA, GNUTLS_SIGN_UNKNOWN, GNUTLS_SIGN_RSA_SHA256, USE_CERT);
try_with_key("TLS 1.2 with ecdhe ecdsa cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, GNUTLS_SIGN_ECDSA_SHA256, GNUTLS_SIGN_RSA_SHA256,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &cli_ca3_cert, &cli_ca3_key, USE_CERT);
- try_cli("TLS 1.2 with ecdhe-rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256, USE_CERT);
+ try_cli("TLS 1.2 with ecdhe-rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, USE_CERT);
try_with_key("TLS 1.2 with ecdhe-rsa-pss/rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256,
&server_ca3_rsa_pss_cert, &server_ca3_rsa_pss_key, &cli_ca3_rsa_pss_cert, &cli_ca3_rsa_pss_key, USE_CERT);
diff --git a/tests/tls13-cert-key-exchange.c b/tests/tls13-cert-key-exchange.c
index ca1b205c50..91e73cba77 100644
--- a/tests/tls13-cert-key-exchange.c
+++ b/tests/tls13-cert-key-exchange.c
@@ -40,13 +40,13 @@ void doit(void)
global_init();
/* TLS 1.3 no clin cert */
- try("TLS 1.3 with ffdhe2048 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with ffdhe3072 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE3072", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with ffdhe4096 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with secp256r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with secp384r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with secp521r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
- try("TLS 1.3 with x25519 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with ffdhe2048 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with ffdhe3072 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE3072", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with ffdhe4096 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE4096", GNUTLS_KX_DHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with secp256r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with secp384r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with secp521r1 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
+ try("TLS 1.3 with x25519 rsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_UNKNOWN);
try_with_key_ks("TLS 1.3 with secp256r1 ecdsa no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, GNUTLS_SIGN_UNKNOWN,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, NULL, NULL, 0, GNUTLS_GROUP_SECP256R1);
@@ -69,7 +69,7 @@ void doit(void)
/* client authentication */
try_with_key("TLS 1.3 with rsa-pss cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &cli_ca3_rsa_pss_cert, &cli_ca3_rsa_pss_key, USE_CERT);
- try_with_key("TLS 1.3 with rsa cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, GNUTLS_SIGN_RSA_PSS_SHA256,
+ try_with_key("TLS 1.3 with rsa cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &cli_ca3_cert, &cli_ca3_key, USE_CERT);
try_with_key("TLS 1.3 with ecdsa cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
&server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, &server_ca3_localhost_ecc_cert, &server_ca3_ecc_key, USE_CERT);
diff --git a/tests/tls13/prf.c b/tests/tls13/prf.c
index 762dddc15c..69a4e63683 100644
--- a/tests/tls13/prf.c
+++ b/tests/tls13/prf.c
@@ -126,18 +126,20 @@ static void dump(const char *name, const uint8_t *data, unsigned data_size)
} \
}
+#define KEY_EXP_VALUE "\x12\xbc\xfe\x50\x17\x79\x0f\x9b\x46\xf6\x07\xe7\x33\x55\x61\xf1\x15\xd0\x4e\xca\x99\xd6\xad\xa3\xcc\x67\xbf\xf1\x7c\x6c\x4c\xa8\x85\xd9"
+#define HELLO_VALUE "\xa6\x60\x26\xeb\xf9\x53\x05\xb4\x7c\x43\x32\x92\xce\x1f\xe5\x0e\x02\xfd\x57\x04\x5c\x06\x45\x9f\x78\x61\xad\xb8\x74\x9f\xfc"
static void check_prfs(gnutls_session_t session)
{
unsigned char key_material[512];
int ret;
- TRY_OLD(13, "key expansion", 34, (uint8_t*)"\xac\x43\xa8\x49\x8f\x36\x3b\xbd\xcb\x3f\x45\x20\xac\xd5\x99\xf5\x4c\x92\x2a\x4d\xd6\x0b\xc2\x3f\xc2\xfe\xf3\xc7\x9e\x04\x70\xd3\xe1\x92");
- TRY_OLD(6, "hello", 31, (uint8_t*)"\x49\x74\x07\x6f\x2c\xed\xfa\xff\xda\xe8\x20\x1f\xc7\xce\xe7\x78\x66\xb9\x75\x3f\x5d\x6e\xb0\xa9\xb8\xb2\x46\xd1\xa1\xd6\x39");
+ TRY_OLD(13, "key expansion", 34, (uint8_t*)KEY_EXP_VALUE);
+ TRY_OLD(6, "hello", 31, (uint8_t*)HELLO_VALUE);
- TRY(13, "key expansion", 0, NULL, 34, (uint8_t*)"\xac\x43\xa8\x49\x8f\x36\x3b\xbd\xcb\x3f\x45\x20\xac\xd5\x99\xf5\x4c\x92\x2a\x4d\xd6\x0b\xc2\x3f\xc2\xfe\xf3\xc7\x9e\x04\x70\xd3\xe1\x92");
- TRY(6, "hello", 0, NULL, 31, (uint8_t*)"\x49\x74\x07\x6f\x2c\xed\xfa\xff\xda\xe8\x20\x1f\xc7\xce\xe7\x78\x66\xb9\x75\x3f\x5d\x6e\xb0\xa9\xb8\xb2\x46\xd1\xa1\xd6\x39");
- TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t*)"\x0a\xa9\x28\xc7\x00\xf9\x49\xe8\x5a\xd0\xb8\x68\xba\x49\xd6\x04\x78\x61\x0b\xac\x45\xe3\xfb\x9c\x82\x94\x23\x24\xa4\x02\x8e");
- TRY(12, "null-context", 0, "", 31, (uint8_t*)"\xb1\xfa\x57\x28\x1a\x57\x20\xfd\x73\xed\xdd\xda\xf4\xf8\x9b\xec\x4d\xf5\x2d\x23\xd5\xe3\xd3\x77\x89\xeb\x54\xdd\x0e\x17\x49");
+ TRY(13, "key expansion", 0, NULL, 34, (uint8_t*)KEY_EXP_VALUE);
+ TRY(6, "hello", 0, NULL, 31, (uint8_t*)HELLO_VALUE);
+ TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t*)"\x1a\x7e\xc4\x88\x85\x6b\x93\x4e\x20\x7d\x82\xd3\xd9\xe6\xb8\xf9\x88\x22\x3e\x49\xb3\x1b\x3d\xd6\xd8\xaa\x9c\xb6\xb6\x9e\x09");
+ TRY(12, "null-context", 0, "", 31, (uint8_t*)"\x2e\x7e\xbd\x18\x3d\x69\xd6\x2f\x03\xad\x40\xdc\x8d\x7a\x60\xc2\xfb\x35\xa4\x26\xd0\x02\x19\xb2\x12\x8b\x03\x1e\x58\x09\x0e");
/* Try whether calling gnutls_prf() with non-null context or server-first
* param, will fail */
@@ -173,7 +175,7 @@ static void client(int fd)
/* Use default priorities */
ret = gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-SHA384:+GROUP-SECP256R1",
+ "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1",
&err);
if (ret < 0) {
fail("client: priority set failed (%s): %s\n",
@@ -266,7 +268,7 @@ static void server(int fd)
* are adequate.
*/
ret = gnutls_priority_set_direct(session,
- "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL", NULL);
+ "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", NULL);
if (ret < 0) {
fail("server: priority set failed (%s)\n\n",
gnutls_strerror(ret));
View Lorry Controller Status