AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add non support sig alg check and test

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-02-18 16:42:24 +08:00
parent 562a0fddf0
commit d66409ae92
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/ssl_tls13_generic.c
View File

@ -1164,7 +1164,10 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
if( !mbedtls_ssl_sig_alg_is_received( ssl, algorithm ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
MBEDTLS_SSL_DEBUG_MSG( 1,
( "signature algorithm not in received list." ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}

4
tests/ssl-opt.sh
View File

@ -9861,7 +9861,7 @@ run_test "TLS 1.3: No client authentication, client has certificate - openssl
key_file=data_files/cli2.key" \
0 \
-c "got no certificate request" \
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
-c "Protocol is TLSv1.3"
@ -9877,7 +9877,7 @@ run_test "TLS 1.3: No client authentication, client has certificate- gnutls"
key_file=data_files/cli2.key" \
0 \
-c "got no certificate request" \
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
-c "Protocol is TLSv1.3"