Mbed-TLS/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-06-05 21:15:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssl: add TLS 1.2 RSA-PSS regression coverage

Browse Source 
Signed-off-by: Viktor Sokolovskiy <maokaman@gmail.com>
This commit is contained in:
Viktor Sokolovskiy
2026-04-07 20:17:49 +03:00
parent c064ba0edb
commit f75c033ead
4 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/ssl-opt.sh
+20
View File
@@ -13938,6 +13938,26 @@ run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O" \
-c "Protocol is TLSv1.2" \
-c "HTTP/1.0 200 [Oo][Kk]"
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled PSA_WANT_ALG_RSA_PSS
requires_config_enabled PSA_WANT_ALG_SHA_256
run_test "TLS 1.2: OpenSSL chooses rsa_pss_rsae_sha256 for SKE, m->O" \
"$O_NEXT_SRV_NO_CERT -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key
-msg -tls1_2
-sigalgs rsa_pss_rsae_sha256 " \
"$P_CLI debug_level=4 auth_mode=none ca_file=none ca_path=none crt_file=none key_file=none
sig_algs=rsa_pss_rsae_sha256
min_version=tls12 max_version=tls12 " \
0 \
-c "Perform .* computation of digest of ServerKeyExchange" \
-c "got signature scheme \\[804\\] rsa_pss_rsae_sha256" \
-c "Ciphersuite is TLS-ECDHE-RSA" \
-c "Protocol is TLSv1.2" \
-c "HTTP/1.0 200 [Oo][Kk]"
requires_gnutls_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
tests/suites/test_suite_ssl.data
+12
View File
@@ -3554,10 +3554,22 @@ TLS 1.2 accepts rsa_pss_rsae_sha256 in signature_algorithm
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:1
TLS 1.2 rejects rsa_pss_rsae_sha256 in signature_algorithm when RSA-PSS is disabled
depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:0
TLS 1.2 accepts rsa_pss_rsae_sha384 in signature_algorithm
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:1
TLS 1.2 rejects rsa_pss_rsae_sha384 in signature_algorithm when RSA-PSS is disabled
depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:0
TLS 1.2 accepts rsa_pss_rsae_sha512 in signature_algorithm
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:1
TLS 1.2 rejects rsa_pss_rsae_sha512 in signature_algorithm when RSA-PSS is disabled
depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512
ssl_tls12_sig_alg_supported:MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:0