mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-03 10:13:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix ordering of a test case in ssl-opt.sh

Browse Source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2024-08-05 11:21:01 +02:00
parent a6397f0eb3
commit 946d14a7ac
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
tests/ssl-opt.sh
View File

@ -5809,6 +5809,7 @@ run_test "DER format: with 9 trailing random bytes" \
# Tests for auth_mode, there are duplicated tests using ca callback for authentication # Tests for auth_mode, there are duplicated tests using ca callback for authentication
# When updating these tests, modify the matching authentication tests accordingly # When updating these tests, modify the matching authentication tests accordingly
# The next 3 cases test the 3 auth modes with a badly signed server cert.
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: server badcert, client required" \ run_test "Authentication: server badcert, client required" \
"$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@ -5830,6 +5831,16 @@ run_test "Authentication: server badcert, client optional" \
-C "! mbedtls_ssl_handshake returned" \ -C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed" -C "X509 - Certificate verification failed"
run_test "Authentication: server badcert, client none" \
"$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
"$P_CLI force_version=tls12 debug_level=1 auth_mode=none" \
0 \
-C "x509_verify_cert() returned" \
-C "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
run_test "Authentication: server goodcert, client optional, no trusted CA" \ run_test "Authentication: server goodcert, client optional, no trusted CA" \
"$P_SRV" \ "$P_SRV" \
@ -5889,16 +5900,6 @@ run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsuppo
-c "! Certificate verification flags"\ -c "! Certificate verification flags"\
-c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
run_test "Authentication: server badcert, client none" \
"$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
"$P_CLI force_version=tls12 debug_level=1 auth_mode=none" \
0 \
-C "x509_verify_cert() returned" \
-C "! The certificate is not correctly signed by the trusted CA" \
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
run_test "Authentication: client SHA256, server required" \ run_test "Authentication: client SHA256, server required" \
"$P_SRV auth_mode=required" \ "$P_SRV auth_mode=required" \