AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clarify key types message from ssl_client2 and ssl_server2

Browse Source 
If no key is loaded in a slot, say "none", not "invalid PK".

When listing two key types, use punctuation that's visibly a sequence
separator (",").

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-01-25 17:50:25 +01:00
parent dfc5c7117e
commit 05bf89da34
3 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
programs/ssl/ssl_client2.c
View File

@ -1703,7 +1703,8 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
mbedtls_printf( " ok (key type: %s)\n",
strlen( opt.key_file ) ? mbedtls_pk_get_name( &pkey ) : "none" );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/*

4
programs/ssl/ssl_server2.c
View File

@ -2515,7 +2515,9 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) );
mbedtls_printf( " ok (key types: %s, %s)\n",
key_cert_init2 ? mbedtls_pk_get_name( &pkey ) : "none",
key_cert_init2 ? mbedtls_pk_get_name( &pkey2 ) : "none" );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)

4
tests/ssl-opt.sh
View File

@ -1556,7 +1556,7 @@ run_test "Opaque key for server authentication" \
0 \
-c "Verifying peer X.509 certificate... ok" \
-c "Ciphersuite is TLS-ECDHE-ECDSA" \
-s "key types: Opaque - invalid PK" \
-s "key types: Opaque, none" \
-s "Ciphersuite is TLS-ECDHE-ECDSA" \
-S "error" \
-C "error"
@ -1575,7 +1575,7 @@ run_test "Opaque key for client/server authentication" \
-c "key type: Opaque" \
-c "Verifying peer X.509 certificate... ok" \
-c "Ciphersuite is TLS-ECDHE-ECDSA" \
-s "key types: Opaque - invalid PK" \
-s "key types: Opaque, none" \
-s "Verifying peer X.509 certificate... ok" \
-s "Ciphersuite is TLS-ECDHE-ECDSA" \
-S "error" \