Require RSA when using server1* key or certificate
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 8e32a69..b40e322 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -477,9 +477,15 @@
esac
case "$CMD_LINE" in
+ */server1*|\
*/server2*|\
*/server7*)
- # server2 and server7 certificates use RSA encryption
+ # Certificates with an RSA key. The algorithm requirement is
+ # some subset of {PKCS#1v1.5 encryption, PKCS#1v1.5 signature,
+ # PSS signature}. We can't easily tell which subset works, and
+ # we aren't currently running ssl-opt.sh in configurations
+ # where partial RSA support is a problem, so generically, we
+ # just require RSA and it works out for our tests so far.
requires_config_enabled "MBEDTLS_RSA_C"
esac