Add test exercising context-specific CRT callback to ssl-opt.sh

This commit is contained in:
Hanno Becker 2019-04-03 13:04:33 +01:00
parent bb425dbb1b
commit efb440afec
2 changed files with 16 additions and 0 deletions

View file

@ -6059,11 +6059,13 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
if( ssl->f_vrfy != NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) );
f_vrfy = ssl->f_vrfy;
p_vrfy = ssl->p_vrfy;
}
else
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) );
f_vrfy = ssl->conf->f_vrfy;
p_vrfy = ssl->conf->p_vrfy;
}

View file

@ -1008,6 +1008,20 @@ run_test "Unique IV in GCM" \
-u "IV used" \
-U "IV used"
# Test for context-specific CRT verification callback
run_test "Context-specific CRT verification callback" \
"$P_SRV debug_level=3" \
"$P_CLI context_crt_cb=1 debug_level=3" \
0 \
-s "Protocol is TLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
-s "client hello v3, signature_algorithm ext: 6" \
-s "ECDHE curve: secp521r1" \
-S "error" \
-c "Use context-specific verification callback"\
-C "Use configuration-specific verification callback"\
-C "error"
# Tests for rc4 option
requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES