Enable chachcapoly cipher for SSL tickets

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-10 16:13:17 +01:00 · 2022-03-10 16:13:17 +01:00 · 49c8eb3a5a
commit 49c8eb3a5a
parent 2fa1c311cd
2 changed files with 17 additions and 1 deletions
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@ -236,7 +236,8 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
    cipher_info = mbedtls_cipher_info_from_type( cipher );

    if( mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_GCM &&
-        mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM )
+        mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM &&
+        mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CHACHAPOLY )
    {
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    }
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -3108,6 +3108,21 @@ run_test    "Session resume using tickets: ARIA-256-CCM" \
            -s "a session has been resumed" \
            -c "a session has been resumed"

+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test    "Session resume using tickets: CHACHA20-POLY1305" \
+            "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
+            "$P_CLI debug_level=3 tickets=1 reconnect=1" \
+            0 \
+            -c "client hello, adding session ticket extension" \
+            -s "found session ticket extension" \
+            -s "server hello, adding session ticket extension" \
+            -c "found session_ticket extension" \
+            -c "parse new session ticket" \
+            -S "session successfully restored from cache" \
+            -s "session successfully restored from ticket" \
+            -s "a session has been resumed" \
+            -c "a session has been resumed"
+
 # Tests for Session Tickets with DTLS

 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2