commit bdf26de3844af5fbd0eca3266242fcc002df1c63
author XiaokangQian <xiaokang.qian@arm.com> Mon Nov 22 09:52:56 2021 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Mon Nov 22 09:52:56 2021 +0000
tree 26fd2e9efc30dabe0f5a147a8748eb23fc185267
parent 3887ab5bcc07644121ecd8eea89c4a2efe29c62b

Fix test failure and remove useless code

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

programs/ssl/ssl_client2.c

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 462b8f6..cb299b1 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -567,24 +567,6 @@
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
-#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
-static uint16_t ssl_tls13_sig_algs_for_test[] = {
-#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-    MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256,
-#endif
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-    MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384,
-#endif
-#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-    MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512,
-#endif
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-    MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256,
-#endif
-    MBEDTLS_TLS13_SIG_NONE
-};
-#endif /* MBEDTLS_ECP_C && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 int report_cid_usage( mbedtls_ssl_context *ssl,
                       const char *additional_description )
@@ -1749,10 +1731,6 @@
     memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    mbedtls_ssl_conf_sig_algs( &conf, ssl_tls13_sig_algs_for_test );
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
     {

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index f9ec847..c964167 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1420,7 +1420,7 @@
 
 if [ -n "${OPENSSL_NEXT:-}" ]; then
     O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
-    O_NEXT_SRV_RSA="$O_NEXT_SRV -accept $SRV_PORT"
+    O_NEXT_SRV_RSA="$O_NEXT_SRV_RSA -accept $SRV_PORT"
     O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
 fi
 
@@ -8850,28 +8850,10 @@
             "$O_NEXT_SRV_RSA -ciphersuites TLS_AES_128_GCM_SHA256 -tls1_3 -msg -no_middlebox -num_tickets 0" \
             "$P_CLI debug_level=4 force_version=tls1_3 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256" \
             0 \
-            -s "ServerHello"                \
-            -c "tls1_3 client state: 0"     \
-            -c "tls1_3 client state: 2"     \
-            -c "tls1_3 client state: 19"    \
-            -c "tls1_3 client state: 5"     \
-            -c "tls1_3 client state: 3"     \
-            -c "tls1_3 client state: 9"     \
-            -c "tls1_3 client state: 13"    \
-            -c "tls1_3 client state: 11"    \
-            -c "tls1_3 client state: 14"    \
-            -c "tls1_3 client state: 15"    \
-            -c "<= ssl_tls1_3_process_server_hello" \
             -c "ECDH curve: x25519" \
-            -c "=> ssl_tls1_3_process_server_hello" \
-            -c "<= parse encrypted extensions"      \
             -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
             -c "Certificate Verify: Signature algorithm ( 0804 )" \
-            -c "Certificate verification flags clear" \
-            -c "=> parse certificate verify"          \
-            -c "<= parse certificate verify"          \
             -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-            -c "<= parse finished message" \
             -c "HTTP/1.0 200 ok"
 
 requires_gnutls_tls1_3
@@ -8915,17 +8897,6 @@
             "$G_NEXT_SRV_RSA --disable-client-cert --priority=NORMAL:+CIPHER-ALL:+SHA256:+GROUP-SECP256R1:+ECDHE-ECDSA:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
             "$P_CLI debug_level=4 force_version=tls1_3 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256" \
             0 \
-            -c "tls1_3 client state: 0"     \
-            -c "tls1_3 client state: 2"     \
-            -c "tls1_3 client state: 19"    \
-            -c "tls1_3 client state: 5"     \
-            -c "tls1_3 client state: 3"     \
-            -c "tls1_3 client state: 9"     \
-            -c "tls1_3 client state: 13"    \
-            -c "tls1_3 client state: 11"    \
-            -c "tls1_3 client state: 14"    \
-            -c "tls1_3 client state: 15"    \
-            -c "<= ssl_tls1_3_process_server_hello" \
             -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
             -s "Ephemeral EC Diffie-Hellman parameters" \
             -s "Version: TLS1.3" \
@@ -8935,13 +8906,7 @@
             -c "ECDH curve: x25519"         \
             -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
             -c "Certificate Verify: Signature algorithm ( 0804 )" \
-            -c "=> ssl_tls1_3_process_server_hello" \
-            -c "<= parse encrypted extensions"      \
-            -c "Certificate verification flags clear" \
-            -c "=> parse certificate verify"          \
-            -c "<= parse certificate verify"          \
             -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-            -c "<= parse finished message" \
             -c "HTTP/1.0 200 OK"
 
 # Test heap memory usage after handshake