tls13: Apply same preference rules for ciphersuites as for TLS 1.2
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
b18c67af5f
commit
4bb6773640
2 changed files with 8 additions and 8 deletions
|
@ -52,9 +52,9 @@ static const int ciphersuite_preference[] =
|
|||
#else
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
/* TLS 1.3 ciphersuites */
|
||||
MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
|
||||
MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
|
||||
MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
|
||||
MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
|
||||
MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
|
@ -11470,7 +11470,7 @@ run_test "TLS 1.3: Test gnutls tls1_3 feature" \
|
|||
# TLS1.3 test cases
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
requires_ciphersuite_enabled TLS1-3-AES-128-GCM-SHA256
|
||||
requires_ciphersuite_enabled TLS1-3-CHACHA20-POLY1305-SHA256
|
||||
requires_config_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
requires_config_enabled MBEDTLS_ECDSA_C
|
||||
|
@ -11479,7 +11479,7 @@ run_test "TLS 1.3: Default" \
|
|||
"$P_CLI allow_sha1=0" \
|
||||
0 \
|
||||
-s "Protocol is TLSv1.3" \
|
||||
-s "Ciphersuite is TLS1-3-AES-128-GCM-SHA256" \
|
||||
-s "Ciphersuite is TLS1-3-CHACHA20-POLY1305-SHA256" \
|
||||
-s "ECDH group: x25519" \
|
||||
-s "selected signature algorithm ecdsa_secp256r1_sha256"
|
||||
|
||||
|
@ -11503,7 +11503,7 @@ run_test "TLS 1.3: minimal feature sets - openssl" \
|
|||
-c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
|
||||
-c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
|
@ -11537,7 +11537,7 @@ run_test "TLS 1.3: minimal feature sets - gnutls" \
|
|||
-c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
|
||||
-c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
|
@ -11570,7 +11570,7 @@ run_test "TLS 1.3: alpn - openssl" \
|
|||
-c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
|
||||
-c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
|
@ -11606,7 +11606,7 @@ run_test "TLS 1.3: alpn - gnutls" \
|
|||
-c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
|
||||
-c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
|
||||
-c "<= ssl_tls13_process_server_hello" \
|
||||
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
|
||||
-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
|
||||
-c "ECDH curve: x25519" \
|
||||
-c "=> ssl_tls13_process_server_hello" \
|
||||
-c "<= parse encrypted extensions" \
|
||||
|
|
Loading…
Reference in a new issue