isaacpittman-hitachi / rpms / openssl

Forked from rpms/openssl 2 years ago
Clone

Blame SOURCES/openssl-1.1.1-no-brainpool.patch

c95581
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in
c95581
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool	2019-09-10 15:13:07.000000000 +0200
c95581
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in	2019-09-13 15:11:07.358687169 +0200
c95581
@@ -147,22 +147,22 @@ our @tests = (
3a273b
     {
3a273b
         name => "ECDSA with brainpool",
3a273b
         server =>  {
3a273b
-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
3a273b
-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
3a273b
-            "Groups" => "brainpoolP256r1",
c95581
+            "Certificate" => test_pem("server-ecdsa-cert.pem"),
c95581
+            "PrivateKey" => test_pem("server-ecdsa-key.pem"),
3a273b
+#            "Groups" => "brainpoolP256r1",
3a273b
         },
3a273b
         client => {
3a273b
             #We don't restrict this to TLSv1.2, although use of brainpool
3a273b
             #should force this anyway so that this should succeed
3a273b
             "CipherString" => "aECDSA",
3a273b
             "RequestCAFile" => test_pem("root-cert.pem"),
3a273b
-            "Groups" => "brainpoolP256r1",
3a273b
+#            "Groups" => "brainpoolP256r1",
3a273b
         },
3a273b
         test   => {
3a273b
-            "ExpectedServerCertType" =>, "brainpoolP256r1",
3a273b
-            "ExpectedServerSignType" =>, "EC",
3a273b
+#            "ExpectedServerCertType" =>, "brainpoolP256r1",
3a273b
+#            "ExpectedServerSignType" =>, "EC",
3a273b
             # Note: certificate_authorities not sent for TLS < 1.3
3a273b
-            "ExpectedServerCANames" =>, "empty",
3a273b
+#            "ExpectedServerCANames" =>, "empty",
3a273b
             "ExpectedResult" => "Success"
3a273b
         },
3a273b
     },
c95581
@@ -853,18 +853,18 @@ my @tests_tls_1_3 = (
3a273b
     {
3a273b
         name => "TLS 1.3 ECDSA with brainpool",
3a273b
         server =>  {
3a273b
-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
3a273b
-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
3a273b
-            "Groups" => "brainpoolP256r1",
c95581
+            "Certificate" => test_pem("server-ecdsa-cert.pem"),
c95581
+            "PrivateKey" => test_pem("server-ecdsa-key.pem"),
3a273b
+#            "Groups" => "brainpoolP256r1",
3a273b
         },
3a273b
         client => {
3a273b
             "RequestCAFile" => test_pem("root-cert.pem"),
3a273b
-            "Groups" => "brainpoolP256r1",
3a273b
+#            "Groups" => "brainpoolP256r1",
3a273b
             "MinProtocol" => "TLSv1.3",
3a273b
             "MaxProtocol" => "TLSv1.3"
3a273b
         },
3a273b
         test   => {
3a273b
-            "ExpectedResult" => "ServerFail"
3a273b
+            "ExpectedResult" => "Success"
3a273b
         },
3a273b
     },
3a273b
 );
c95581
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf
c95581
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool	2019-09-10 15:13:07.000000000 +0200
c95581
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf	2019-09-13 15:12:27.380288469 +0200
c95581
@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server
3a273b
 client = 5-ECDSA with brainpool-client
3a273b
 
3a273b
 [5-ECDSA with brainpool-server]
3a273b
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
c95581
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
c95581
 CipherString = DEFAULT
3a273b
-Groups = brainpoolP256r1
3a273b
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
c95581
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
3a273b
 
3a273b
 [5-ECDSA with brainpool-client]
3a273b
 CipherString = aECDSA
3a273b
-Groups = brainpoolP256r1
3a273b
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
3a273b
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
3a273b
 VerifyMode = Peer
3a273b
 
3a273b
 [test-5]
3a273b
 ExpectedResult = Success
3a273b
-ExpectedServerCANames = empty
3a273b
-ExpectedServerCertType = brainpoolP256r1
3a273b
-ExpectedServerSignType = EC
3a273b
 
3a273b
 
3a273b
 # ===========================================================
c95581
@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool
c95581
 client = 52-TLS 1.3 ECDSA with brainpool-client
3a273b
 
c95581
 [52-TLS 1.3 ECDSA with brainpool-server]
3a273b
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
c95581
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
c95581
 CipherString = DEFAULT
3a273b
-Groups = brainpoolP256r1
3a273b
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
c95581
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
3a273b
 
c95581
 [52-TLS 1.3 ECDSA with brainpool-client]
3a273b
 CipherString = DEFAULT
3a273b
-Groups = brainpoolP256r1
3a273b
 MaxProtocol = TLSv1.3
3a273b
 MinProtocol = TLSv1.3
3a273b
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
c95581
@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
3a273b
 VerifyMode = Peer
3a273b
 
c95581
 [test-52]
3a273b
-ExpectedResult = ServerFail
3a273b
+ExpectedResult = Success
3a273b
 
3a273b
 
3a273b
 # ===========================================================