From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 28 Jan 2017 19:45:33 +0000 (+0000)
Subject: Use PSS for simple test so TLS 1.3 handhake is successful.
X-Git-Tag: OpenSSL_1_1_1-pre1~2523
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d8979bdda8dae95d0fc694dbc80a6b6865dd5232;p=oweals%2Fopenssl.git

Use PSS for simple test so TLS 1.3 handhake is successful.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2301)
---

diff --git a/test/ssl-tests/01-simple.conf b/test/ssl-tests/01-simple.conf
index 5f4dd841b4..7fc23f0b69 100644
--- a/test/ssl-tests/01-simple.conf
+++ b/test/ssl-tests/01-simple.conf
@@ -40,12 +40,12 @@ client = 1-Server signature algorithms bug-client
 [1-Server signature algorithms bug-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
-ClientSignatureAlgorithms = ECDSA+SHA256
+ClientSignatureAlgorithms = PSS+SHA512:RSA+SHA512
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [1-Server signature algorithms bug-client]
 CipherString = DEFAULT
-SignatureAlgorithms = RSA+SHA256
+SignatureAlgorithms = PSS+SHA256:RSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
diff --git a/test/ssl-tests/01-simple.conf.in b/test/ssl-tests/01-simple.conf.in
index 086d66d32f..54dc451f3b 100644
--- a/test/ssl-tests/01-simple.conf.in
+++ b/test/ssl-tests/01-simple.conf.in
@@ -22,8 +22,8 @@ our @tests = (
     {
         name => "Server signature algorithms bug",
         # Should have no effect as we aren't doing client auth
-        server => { "ClientSignatureAlgorithms" => "ECDSA+SHA256" },
-        client => { "SignatureAlgorithms" => "RSA+SHA256" },
+        server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" },
+        client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" },
         test   => { "ExpectedResult" => "Success" },
     },