@@ -5475,8 +5475,8 @@ func addSignatureAlgorithmTests() {
expectedError: ":NO_COMMON_SIGNATURE_ALGORITHMS:",
})
// Test that hash preferences are enforced. BoringSSL defaults to
// rejecting MD5 signatures.
// Test that hash preferences are enforced. BoringSSL does not implement
// MD5 signatures.
testCases = append(testCases, testCase{
testType: serverTest,
name: "ClientAuth-Enforced",
@@ -5485,11 +5485,6 @@ func addSignatureAlgorithmTests() {
Certificates: []Certificate{rsaCertificate},
SignSignatureAlgorithms: []signatureAlgorithm{
signatureRSAPKCS1WithMD5,
// Advertise SHA-1 so the handshake will
// proceed, but the shim's preferences will be
// ignored in CertificateVerify generation, so
// MD5 will be chosen.
signatureRSAPKCS1WithSHA1,
},
Bugs: ProtocolBugs{
IgnorePeerSignatureAlgorithmPreferences: true,
@@ -5515,6 +5510,41 @@ func addSignatureAlgorithmTests() {
shouldFail: true,
expectedError: ":WRONG_SIGNATURE_TYPE:",
})
testCases = append(testCases, testCase{
testType: serverTest,
name: "ClientAuth-Enforced-TLS13",
config: Config{
MaxVersion: VersionTLS13,
Certificates: []Certificate{rsaCertificate},
SignSignatureAlgorithms: []signatureAlgorithm{
signatureRSAPKCS1WithMD5,
},
Bugs: ProtocolBugs{
IgnorePeerSignatureAlgorithmPreferences: true,
IgnoreSignatureVersionChecks: true,
},
},
flags: []string{"-require-any-client-certificate"},
shouldFail: true,
expectedError: ":WRONG_SIGNATURE_TYPE:",
})
testCases = append(testCases, testCase{
name: "ServerAuth-Enforced-TLS13",
config: Config{
MaxVersion: VersionTLS13,
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
SignSignatureAlgorithms: []signatureAlgorithm{
signatureRSAPKCS1WithMD5,
},
Bugs: ProtocolBugs{
IgnorePeerSignatureAlgorithmPreferences: true,
IgnoreSignatureVersionChecks: true,
},
},
shouldFail: true,
expectedError: ":WRONG_SIGNATURE_TYPE:",
})
// Test that the agreed upon digest respects the client preferences and
// the server digests.