Add a test for RSA key exchange with both RSA and RSA-PSS certs

Check that we use an RSA certificate if an RSA key exchange ciphersuite
is being used and we have both RSA and RSA-PSS certificates configured.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7099)

test/ssl-tests/20-cert-select.conf.in

@@ -36,6 +36,13 @@ my $server_pss_only = {
     "PrivateKey" => test_pem("server-pss-key.pem"),
 };
 
+my $server_rsa_all = {
+    "PSS.Certificate" => test_pem("server-pss-cert.pem"),
+    "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
+    "Certificate" => test_pem("servercert.pem"),
+    "PrivateKey" => test_pem("serverkey.pem"),
+};
+
 our @tests = (
     {
         name => "ECDSA CipherString Selection",
@@ -360,6 +367,29 @@ our @tests = (
             "ExpectedResult" => "ServerFail"
         },
     },
+    {
+        name => "RSA key exchange with all RSA certificate types",
+        server => $server_rsa_all,
+        client => {
+            "CipherString" => "kRSA",
+            "MaxProtocol" => "TLSv1.2",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "RSA",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "RSA key exchange with only RSA-PSS certificate",
+        server => $server_pss_only,
+        client => {
+            "CipherString" => "kRSA",
+            "MaxProtocol" => "TLSv1.2",
+        },
+        test   => {
+            "ExpectedResult" => "ServerFail"
+        },
+    },
     {
         name => "Suite B P-256 Hash Algorithm Selection",
         server =>  {