Add restart support for ECDSA client auth

2026-01-04 21:56:21 +01:00 · 2017-05-17 11:56:15 +02:00 · 2017-05-17 11:56:15 +02:00 · 862cde5b8e
commit 862cde5b8e
parent 2350b4ebdc
4 changed files with 64 additions and 14 deletions
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -3445,43 +3445,53 @@ run_test    "Large packet TLS 1.2 AEAD shorter tag" \

 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, default" \
-            "$P_SRV" \
+            "$P_SRV auth_mode=required" \
            "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
             debug_level=1" \
            0 \
-            -C "mbedtls_ecdh_make_public.*4b80"
+            -C "mbedtls_ecdh_make_public.*4b80" \
+            -C "mbedtls_pk_sign.*4b80"

 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=0" \
-            "$P_SRV" \
+            "$P_SRV auth_mode=required" \
            "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
             debug_level=1 ec_max_ops=0" \
            0 \
-            -C "mbedtls_ecdh_make_public.*4b80"
+            -C "mbedtls_ecdh_make_public.*4b80" \
+            -C "mbedtls_pk_sign.*4b80"

 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=65535" \
-            "$P_SRV" \
+            "$P_SRV auth_mode=required" \
            "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
             debug_level=1 ec_max_ops=65535" \
            0 \
-            -C "mbedtls_ecdh_make_public.*4b80"
+            -C "mbedtls_ecdh_make_public.*4b80" \
+            -C "mbedtls_pk_sign.*4b80"

 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: TLS, max_ops=1000" \
-            "$P_SRV" \
+            "$P_SRV auth_mode=required" \
            "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
             debug_level=1 ec_max_ops=1000" \
            0 \
-            -c "mbedtls_ecdh_make_public.*4b80"
+            -c "mbedtls_ecdh_make_public.*4b80" \
+            -c "mbedtls_pk_sign.*4b80"

 requires_config_enabled MBEDTLS_ECP_RESTARTABLE
 run_test    "EC restart: DTLS, max_ops=1000" \
-            "$P_SRV dtls=1" \
+            "$P_SRV auth_mode=required dtls=1" \
            "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+             key_file=data_files/server5.key crt_file=data_files/server5.crt  \
             dtls=1 debug_level=1 ec_max_ops=1000" \
            0 \
-            -c "mbedtls_ecdh_make_public.*4b80"
+            -c "mbedtls_ecdh_make_public.*4b80" \
+            -c "mbedtls_pk_sign.*4b80"

 # Tests for DTLS HelloVerifyRequest