ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 3db2b52..d3141b3 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -346,10 +346,11 @@
#define USAGE_KEY_OPAQUE_ALGS \
" key_opaque_algs=%%s Allowed opaque key algorithms.\n" \
- " comma-separated pair of values among the following:\n" \
- " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \
- " ecdsa-sign, ecdh, none (only acceptable for\n" \
- " the second value).\n" \
+ " comma-separated pair of values among the following:\n" \
+ " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " ecdsa-sign, ecdh, none (only acceptable for\n" \
+ " the second value).\n" \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index a1b2978..4021e94 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -458,15 +458,17 @@
#endif
#define USAGE_KEY_OPAQUE_ALGS \
- " key_opaque_algs=%%s Allowed opaque key 1 algorithms.\n" \
- " comma-separated pair of values among the following:\n" \
- " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \
- " ecdsa-sign, ecdh, none (only acceptable for\n" \
- " the second value).\n" \
- " key_opaque_algs2=%%s Allowed opaque key 2 algorithms.\n" \
- " comma-separated pair of values among the following:\n" \
- " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \
- " ecdsa-sign, ecdh, none (only acceptable for\n" \
+ " key_opaque_algs=%%s Allowed opaque key 1 algorithms.\n" \
+ " comma-separated pair of values among the following:\n" \
+ " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " ecdsa-sign, ecdh, none (only acceptable for\n" \
+ " the second value).\n" \
+ " key_opaque_algs2=%%s Allowed opaque key 2 algorithms.\n" \
+ " comma-separated pair of values among the following:\n" \
+ " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \
+ " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \
+ " ecdsa-sign, ecdh, none (only acceptable for\n" \
" the second value).\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index a7f3d0e..cf810a3 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -205,6 +205,9 @@
if( strcmp( *alg1, "rsa-sign-pkcs1" ) != 0 &&
strcmp( *alg1, "rsa-sign-pss" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
strcmp( *alg1, "rsa-decrypt" ) != 0 &&
strcmp( *alg1, "ecdsa-sign" ) != 0 &&
strcmp( *alg1, "ecdh" ) != 0 )
@@ -212,6 +215,9 @@
if( strcmp( *alg2, "rsa-sign-pkcs1" ) != 0 &&
strcmp( *alg2, "rsa-sign-pss" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
+ strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
strcmp( *alg2, "rsa-decrypt" ) != 0 &&
strcmp( *alg2, "ecdsa-sign" ) != 0 &&
strcmp( *alg2, "ecdh" ) != 0 &&
@@ -245,6 +251,21 @@
*psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
*usage |= PSA_KEY_USAGE_SIGN_HASH;
}
+ else if( strcmp( algs[i], "rsa-sign-pss-sha256" ) == 0 )
+ {
+ *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if( strcmp( algs[i], "rsa-sign-pss-sha384" ) == 0 )
+ {
+ *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
+ else if( strcmp( algs[i], "rsa-sign-pss-sha512" ) == 0 )
+ {
+ *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 );
+ *usage |= PSA_KEY_USAGE_SIGN_HASH;
+ }
else if( strcmp( algs[i], "rsa-decrypt" ) == 0 )
{
*psa_algs[i] = PSA_ALG_RSA_PKCS1V15_CRYPT;
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 6fde7b6..6838024 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2071,6 +2071,20 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
+run_test "TLS 1.3 opaque key: first client sig alg not suitable" \
+ "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \
+ "$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \
+ 0 \
+ -s "The SSL configuration is tls13 only" \
+ -s "key types: Opaque, Opaque" \
+ -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \
+ -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
+ -C "error" \
+ -S "error" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_RSA_C
run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
"$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
"$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \