Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1752734775, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"5b09e5ef7d24a5b0a39f5607f94ef0d8", "commit": {"type":"commit", "time": 1487263424, "time_ofs": 0, "oid_tree": { "oid": "db985af2d56c7aa16ccddb569d9e9d08bb639e88", "alias": []}, "oid":{ "oid": "86de658a84a379ad9e7b8b93bb66adb8e218f4c8", "alias": []}, "msg": "Add client auth TLS 1.3 certificate selection tests", "sig_commit": { "git_time": { "time": 1487263424, "offset": 0 }, "name": "Dr. Stephen Henson", "email": "steve@openssl.org", "md5": "fb4026c8240f7577a612418c24e54343" }, "sig_author": { "git_time": { "time": 1487196969, "offset": 0 }, "name": "Dr. Stephen Henson", "email": "steve@openssl.org", "md5": "fb4026c8240f7577a612418c24e54343" }}, "body": "Add client auth TLS 1.3 certificate selection tests\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/2643)" , "diff": "diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in\nindex 2036d2c..3d36a0e 100644\n--- a/test/ssl-tests/20-cert-select.conf.in\n+++ b/test/ssl-tests/20-cert-select.conf.in\n@@ -11,9 +11,11 @@ use OpenSSL::Test::Utils;\n \n my $dir_sep \u003d $^O ne \u0022VMS\u0022 ? \u0022/\u0022 : \u0022\u0022;\n \n+my $cert_dir \u003d \u0022\u005c${ENV::TEST_CERTS_DIR}${dir_sep}\u0022;\n+\n my $server \u003d {\n- \u0022ECDSA.Certificate\u0022 \u003d\u003e \u0022\u005c${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem\u0022,\n- \u0022ECDSA.PrivateKey\u0022 \u003d\u003e \u0022\u005c${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem\u0022,\n+ \u0022ECDSA.Certificate\u0022 \u003d\u003e \u0022${cert_dir}server-ecdsa-cert.pem\u0022,\n+ \u0022ECDSA.PrivateKey\u0022 \u003d\u003e \u0022${cert_dir}server-ecdsa-key.pem\u0022,\n \u0022MaxProtocol\u0022 \u003d\u003e \u0022TLSv1.2\u0022\n };\n \n@@ -122,8 +124,17 @@ our @tests \u003d (\n \n \n my $server_tls_1_3 \u003d {\n- \u0022ECDSA.Certificate\u0022 \u003d\u003e \u0022\u005c${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem\u0022,\n- \u0022ECDSA.PrivateKey\u0022 \u003d\u003e \u0022\u005c${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem\u0022,\n+ \u0022ECDSA.Certificate\u0022 \u003d\u003e \u0022${cert_dir}server-ecdsa-cert.pem\u0022,\n+ \u0022ECDSA.PrivateKey\u0022 \u003d\u003e \u0022${cert_dir}server-ecdsa-key.pem\u0022,\n+ \u0022MinProtocol\u0022 \u003d\u003e \u0022TLSv1.3\u0022,\n+ \u0022MaxProtocol\u0022 \u003d\u003e \u0022TLSv1.3\u0022\n+};\n+\n+my $client_tls_1_3 \u003d {\n+ \u0022RSA.Certificate\u0022 \u003d\u003e \u0022${cert_dir}ee-client-chain.pem\u0022,\n+ \u0022RSA.PrivateKey\u0022 \u003d\u003e \u0022${cert_dir}ee-key.pem\u0022,\n+ \u0022ECDSA.Certificate\u0022 \u003d\u003e \u0022${cert_dir}ee-ecdsa-client-chain.pem\u0022,\n+ \u0022ECDSA.PrivateKey\u0022 \u003d\u003e \u0022${cert_dir}ee-ecdsa-key.pem\u0022,\n \u0022MinProtocol\u0022 \u003d\u003e \u0022TLSv1.3\u0022,\n \u0022MaxProtocol\u0022 \u003d\u003e \u0022TLSv1.3\u0022\n };\n@@ -203,7 +214,37 @@ my @tests_tls_1_3 \u003d (\n \u0022ExpectedServerSignType\u0022 \u003d\u003e \u0022RSA-PSS\u0022,\n \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n },\n- }\n+ },\n+ {\n+ name \u003d\u003e \u0022TLS 1.3 RSA Client Auth Signature Algorithm Selection\u0022,\n+ server \u003d\u003e {\n+ \u0022ClientSignatureAlgorithms\u0022 \u003d\u003e \u0022PSS+SHA256\u0022,\n+ \u0022VerifyCAFile\u0022 \u003d\u003e \u0022${cert_dir}root-cert.pem\u0022,\n+ \u0022VerifyMode\u0022 \u003d\u003e \u0022Require\u0022\n+ },\n+ client \u003d\u003e $client_tls_1_3,\n+ test \u003d\u003e {\n+ \u0022ExpectedClientCertType\u0022 \u003d\u003e \u0022RSA\u0022,\n+ \u0022ExpectedClientSignHash\u0022 \u003d\u003e \u0022SHA256\u0022,\n+ \u0022ExpectedClientSignType\u0022 \u003d\u003e \u0022RSA-PSS\u0022,\n+ \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n+ },\n+ },\n+ {\n+ name \u003d\u003e \u0022TLS 1.3 ECDSA Client Auth Signature Algorithm Selection\u0022,\n+ server \u003d\u003e {\n+ \u0022ClientSignatureAlgorithms\u0022 \u003d\u003e \u0022ECDSA+SHA256\u0022,\n+ \u0022VerifyCAFile\u0022 \u003d\u003e \u0022${cert_dir}root-cert.pem\u0022,\n+ \u0022VerifyMode\u0022 \u003d\u003e \u0022Require\u0022\n+ },\n+ client \u003d\u003e $client_tls_1_3,\n+ test \u003d\u003e {\n+ \u0022ExpectedClientCertType\u0022 \u003d\u003e \u0022P-256\u0022,\n+ \u0022ExpectedClientSignHash\u0022 \u003d\u003e \u0022SHA256\u0022,\n+ \u0022ExpectedClientSignType\u0022 \u003d\u003e \u0022EC\u0022,\n+ \u0022ExpectedResult\u0022 \u003d\u003e \u0022Success\u0022\n+ },\n+ },\n );\n \n push @tests, @tests_tls_1_3 unless disabled(\u0022tls1_3\u0022);\n","s":{"c":1752734775,"u": 27163}} ],"g": 28389,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}