diff options
author | Matt Caswell <matt@openssl.org> | 2018-04-23 14:02:23 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-04-24 09:28:17 +0100 |
commit | 7500bc337ae61ff370c8e77bb018114d73dfcf18 (patch) | |
tree | bed7a7cad15709fc44ce1859027262ff719661d2 /test | |
parent | 4753ad858c299a34815988907989c98d5285e57e (diff) |
Allow TLSv1.3 EC certs to use compressed points
The spec does not prohib certs form using compressed points. It only
requires that points in a key share are uncompressed. It says nothing
about point compression for certs, so we should not fail if a cert uses a
compressed point.
Fixes #5743
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/6055)
Diffstat (limited to 'test')
-rw-r--r-- | test/ssl-tests/20-cert-select.conf | 6 | ||||
-rw-r--r-- | test/ssl-tests/20-cert-select.conf.in | 6 |
2 files changed, 10 insertions, 2 deletions
diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf index 26da1c027e..0a92bf820b 100644 --- a/test/ssl-tests/20-cert-select.conf +++ b/test/ssl-tests/20-cert-select.conf @@ -971,7 +971,11 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-28] -ExpectedResult = ServerFail +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC # =========================================================== diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in index 62dfc52852..51a158dc49 100644 --- a/test/ssl-tests/20-cert-select.conf.in +++ b/test/ssl-tests/20-cert-select.conf.in @@ -511,7 +511,11 @@ my @tests_tls_1_3 = ( "SignatureAlgorithms" => "ECDSA+SHA256", }, test => { - "ExpectedResult" => "ServerFail" + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedServerCANames" => "empty", + "ExpectedResult" => "Success" }, }, { |