Enable chachcapoly cipher for SSL tickets
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index f48831b..ed9c7a5 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -236,7 +236,8 @@
cipher_info = mbedtls_cipher_info_from_type( cipher );
if( mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_GCM &&
- mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM )
+ mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CCM &&
+ mbedtls_cipher_info_get_mode( cipher_info ) != MBEDTLS_MODE_CHACHAPOLY )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 960320a..7b11590 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3108,6 +3108,21 @@
-s "a session has been resumed" \
-c "a session has been resumed"
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "Session resume using tickets: CHACHA20-POLY1305" \
+ "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
+ "$P_CLI debug_level=3 tickets=1 reconnect=1" \
+ 0 \
+ -c "client hello, adding session ticket extension" \
+ -s "found session ticket extension" \
+ -s "server hello, adding session ticket extension" \
+ -c "found session_ticket extension" \
+ -c "parse new session ticket" \
+ -S "session successfully restored from cache" \
+ -s "session successfully restored from ticket" \
+ -s "a session has been resumed" \
+ -c "a session has been resumed"
+
# Tests for Session Tickets with DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2