From 903c97937608d1dfd0481408c89b57cdf430b72b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 16 Jun 2022 16:55:31 +0200 Subject: [PATCH 1/6] programs: ssl: Add one RSA PSS signature algorithm Add one RSA PSS signature algorithm to the test list of signature algorithms. This allows certificate chains exposing an RSA key with signatures using SHA-1 to be used in tests where an TLS 1.3 handshake is performed. Signed-off-by: Ronald Cron --- programs/ssl/ssl_test_common_source.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 0e66895dbd..c6a9a70f45 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -285,6 +285,9 @@ uint16_t ssl_sig_algs_for_test[] = { #if defined(MBEDTLS_SHA224_C) MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA224 ) #endif +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) + MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, +#endif /* MBEDTLS_RSASSA_C && MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA1_C) /* Allow SHA-1 as we use it extensively in tests. */ MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA1 ) From d28f5a98f158fd5cdac3ac42cc58cc60c2b2f5a2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 16 Jun 2022 19:27:25 +0200 Subject: [PATCH 2/6] ssl-opt.sh: Add certificate key usage tests for TLS 1.3 Those are adaptations of the already existing TLS 1.2 tests. It is not really possible to just remove the TLS 1.2 dependency of the existing tests because of the following: . in TLS 1.3 the ciphersuite selection on server side is not related to the server certificate . for tests involving OpenSSL the OpenSSL command line as to be adapted to TLS 1.3 . server authentication is mandatory in TLS 1.3 . a key with KeyEncipherment and not DigitalSignature usage is never acceptable Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 209 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 208 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 9ec2ffa303..c0d8b49ad7 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -6016,7 +6016,6 @@ run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ 0 \ -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ "$P_SRV key_file=data_files/server2.key \ @@ -6151,6 +6150,78 @@ run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ -c "Ciphersuite is TLS-" \ -c "! Usage does not match the keyUsage extension" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \ + -cert data_files/server2.ku-ds_ke.crt" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: KeyEncipherment, RSA: KO" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: KeyAgreement, RSA: KO" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \ + -cert data_files/server2.ku-ka.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.ku-ds.crt" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: KO" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.ku-ke.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: KO" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.ku-ka.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is" + # Tests for keyUsage in leaf certificates, part 3: # server-side checking of client cert @@ -6199,6 +6270,50 @@ run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ -s "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.ku-ka.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -6271,6 +6386,54 @@ run_test "extKeyUsage cli: codeSign -> fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is TLS-" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli 1.3: serverAuth -> OK" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.eku-srv.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli 1.3: codeSign -> fail" \ + "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is" + # Tests for extendedKeyUsage, part 3: server-side checking of client cert requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -6318,6 +6481,50 @@ run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ -s "bad certificate (usage extensions)" \ -s "Processing of the Certificate handshake message failed" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.eku-cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_openssl_tls1_3 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + # Tests for DHM parameters loading requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 From 30c5a2520eb558e8b40e745ae98c4a5aa91087cb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 16 Jun 2022 19:31:06 +0200 Subject: [PATCH 3/6] tls13: Fix certificate key usage checks Signed-off-by: Ronald Cron --- library/ssl_tls13_generic.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 3b49ec5f71..7a7713ae4c 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -542,6 +542,8 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) int authmode = MBEDTLS_SSL_VERIFY_REQUIRED; mbedtls_x509_crt *ca_chain; mbedtls_x509_crl *ca_crl; + const char *ext_oid; + size_t ext_len; uint32_t verify_result = 0; /* If SNI was used, overwrite authentication mode @@ -623,12 +625,25 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) /* * Secondary checks: always done, but change 'ret' only if it was 0 */ - if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert, - ssl->handshake->ciphersuite_info, - !ssl->conf->endpoint, - &verify_result ) != 0 ) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate ( usage extensions )" ) ); + ext_oid = MBEDTLS_OID_SERVER_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); + } + else + { + ext_oid = MBEDTLS_OID_CLIENT_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); + } + + if( ( mbedtls_x509_crt_check_key_usage( + ssl->session_negotiate->peer_cert, + MBEDTLS_X509_KU_DIGITAL_SIGNATURE ) != 0 ) || + ( mbedtls_x509_crt_check_extended_key_usage( + ssl->session_negotiate->peer_cert, + ext_oid, ext_len ) != 0 ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); if( ret == 0 ) ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } From c3e9abedfffc954b9dd68bece97158dd5bfaddda Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 17 Jun 2022 17:23:06 +0200 Subject: [PATCH 4/6] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-fix-key-usage-checks.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/tls13-fix-key-usage-checks.txt diff --git a/ChangeLog.d/tls13-fix-key-usage-checks.txt b/ChangeLog.d/tls13-fix-key-usage-checks.txt new file mode 100644 index 0000000000..f19bf523eb --- /dev/null +++ b/ChangeLog.d/tls13-fix-key-usage-checks.txt @@ -0,0 +1,7 @@ +Security + * Fix check of certificate key usage in TLS 1.3. The usage of the public key + provided by a client or server certificate for authentication was not + checked properly when validating the certificate. This could cause a + client or server to be able to authenticate itself through a certificate + to an Mbed TLS TLS 1.3 server or client while it does not own a proper + certificate to do so. From ba65fbbe30aeb274352c03de59554b9665c47607 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 22 Jun 2022 14:35:05 +0200 Subject: [PATCH 5/6] Fix comments Signed-off-by: Ronald Cron --- programs/ssl/ssl_test_common_source.c | 2 +- tests/ssl-opt.sh | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index c6a9a70f45..511ede9cb2 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -287,7 +287,7 @@ uint16_t ssl_sig_algs_for_test[] = { #endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif /* MBEDTLS_RSASSA_C && MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA1_C) /* Allow SHA-1 as we use it extensively in tests. */ MBEDTLS_SSL_SIG_ALG( MBEDTLS_SSL_HASH_SHA1 ) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c0d8b49ad7..e9a8090196 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -6165,7 +6165,7 @@ run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_openssl_tls1_3 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "keyUsage cli 1.3: KeyEncipherment, RSA: KO" \ +run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \ "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \ -cert data_files/server2.ku-ke.crt" \ "$P_CLI debug_level=1" \ @@ -6177,7 +6177,7 @@ run_test "keyUsage cli 1.3: KeyEncipherment, RSA: KO" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_openssl_tls1_3 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "keyUsage cli 1.3: KeyAgreement, RSA: KO" \ +run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \ "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \ -cert data_files/server2.ku-ka.crt" \ "$P_CLI debug_level=1" \ @@ -6201,7 +6201,7 @@ run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_openssl_tls1_3 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: KO" \ +run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \ "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ -cert data_files/server5.ku-ke.crt" \ "$P_CLI debug_level=1" \ @@ -6213,7 +6213,7 @@ run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: KO" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_openssl_tls1_3 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: KO" \ +run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail" \ "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \ -cert data_files/server5.ku-ka.crt" \ "$P_CLI debug_level=1" \ From f9c13fe69f7cabfb5046ce243057da51b0ba18b3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 22 Jun 2022 14:35:17 +0200 Subject: [PATCH 6/6] ssl-opt.sh: Add positive check in successful "keyUsage client-auth" tests Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e9a8090196..41d69a36e1 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -6231,6 +6231,7 @@ run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \ "$O_CLI -key data_files/server2.key \ -cert data_files/server2.ku-ds.crt" \ 0 \ + -s "Verifying peer X.509 certificate... ok" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" @@ -6258,6 +6259,7 @@ run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \ "$O_CLI -key data_files/server5.key \ -cert data_files/server5.ku-ds.crt" \ 0 \ + -s "Verifying peer X.509 certificate... ok" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" @@ -6278,6 +6280,7 @@ run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \ "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \ -cert data_files/server2.ku-ds.crt" \ 0 \ + -s "Verifying peer X.509 certificate... ok" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" @@ -6300,6 +6303,7 @@ run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \ "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \ -cert data_files/server5.ku-ds.crt" \ 0 \ + -s "Verifying peer X.509 certificate... ok" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed"