From 5de9c6f295fcc4328c6c94af0aa217a1a43ae2d7 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Wed, 31 Jan 2024 14:45:16 +0100
Subject: [PATCH] Fix and add comments in ticket and early data test function

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_ssl.function | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 65fed181b3..9b282dc538 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -3606,8 +3606,9 @@ void tls13_resume_session_with_ticket()
 
     /*
      * Run initial handshake: ephemeral key exchange mode, certificate with
-     * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket
-     * sent by the server at the end of its handshake sequence.
+     * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature
+     * algorithm. Then, get the ticket sent by the server at the end of its
+     * handshake sequence.
      */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),
@@ -3637,6 +3638,11 @@ void tls13_resume_session_with_ticket()
     ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session);
     TEST_EQUAL(ret, 0);
 
+    /*
+     * Run the handshake up to MBEDTLS_SSL_HANDSHAKE_WRAPUP and not
+     * MBEDTLS_SSL_HANDSHAKE_OVER to preserve handshake data for the checks
+     * below.
+     */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),
                     MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0);
@@ -3656,6 +3662,11 @@ exit:
 }
 /* END_CASE */
 
+/*
+ * The !MBEDTLS_SSL_PROTO_TLS1_2 dependency of tls13_early_data() below is
+ * a temporary workaround to not run the test in Windows-2013 where there is
+ * an issue with mbedtls_vsnprintf().
+ */
 /* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */
 void tls13_early_data()
 {
@@ -3707,8 +3718,9 @@ void tls13_early_data()
 
     /*
      * Run initial handshake: ephemeral key exchange mode, certificate with
-     * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket
-     * sent by the server at the end of its handshake sequence.
+     * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature
+     * algorithm. Then, get the ticket sent by the server at the end of its
+     * handshake sequence.
      */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),