Remove the certificate key check against the received signature
Change-Id: I07d8d46c58dec499f96cb7307fc0af15149d9df7 CustomizedGitHooks: yes Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
parent
9850fa8e8d
commit
96287d98d8
@ -336,27 +336,6 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
/*
|
||||
* Return 0 if the given key uses one of the acceptable curves, -1 otherwise
|
||||
*/
|
||||
static int ssl_tls13_check_key_sigs( mbedtls_pk_context *pk,
|
||||
uint16_t *sig_alg )
|
||||
{
|
||||
mbedtls_pk_type_t pk_type;
|
||||
mbedtls_md_type_t md_alg;
|
||||
|
||||
while( *sig_alg != MBEDTLS_TLS1_3_SIG_NONE )
|
||||
{
|
||||
mbedtls_ssl_tls13_get_pk_type_and_md_alg_from_sig_alg(
|
||||
*sig_alg, &pk_type, &md_alg );
|
||||
if( pk_type == mbedtls_pk_get_type(pk) )
|
||||
return( 0 );
|
||||
sig_alg++;
|
||||
}
|
||||
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Try picking a certificate for this ciphersuite,
|
||||
* return 0 on success and -1 on failure.
|
||||
@ -394,14 +373,6 @@ static int ssl_tls13_pick_cert( mbedtls_ssl_context *ssl )
|
||||
continue;
|
||||
}
|
||||
|
||||
if( ssl_tls13_check_key_sigs( &cur->cert->pk,
|
||||
ssl->handshake->received_sig_algs ) != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3, ( "certificate key mismatch: received_sig_algs" ) );
|
||||
continue;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -5363,7 +5363,6 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
|
||||
# tests for SNI
|
||||
|
||||
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
run_test "SNI: no SNI callback" \
|
||||
"$P_SRV debug_level=3 \
|
||||
crt_file=data_files/server5.crt key_file=data_files/server5.key" \
|
||||
|
Loading…
Reference in New Issue
Block a user