TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / efb440afec3d90a17da7f4a3205c186abbd5f9ab^! / .
commitefb440afec3d90a17da7f4a3205c186abbd5f9ab[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Wed Apr 03 13:04:33 2019 +0100
committerHanno Becker <hanno.becker@arm.com>Wed Apr 03 13:11:20 2019 +0100
tree4ddbb33068f10777c4ba693bc2437eb6df234701
parentbb425dbb1b3f1025c8ef763068d202c065647e20 [diff]
Add test exercising context-specific CRT callback to ssl-opt.sh

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8800cc7..e030195 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -6059,11 +6059,13 @@
 
     if( ssl->f_vrfy != NULL )
     {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) );
         f_vrfy = ssl->f_vrfy;
         p_vrfy = ssl->p_vrfy;
     }
     else
     {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) );
         f_vrfy = ssl->conf->f_vrfy;
         p_vrfy = ssl->conf->p_vrfy;
     }

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d952f33..59786af 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh

@@ -1008,6 +1008,20 @@
             -u "IV used" \
             -U "IV used"
 
+# Test for context-specific CRT verification callback
+run_test    "Context-specific CRT verification callback" \
+            "$P_SRV debug_level=3" \
+            "$P_CLI context_crt_cb=1 debug_level=3" \
+            0 \
+            -s "Protocol is TLSv1.2" \
+            -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
+            -s "client hello v3, signature_algorithm ext: 6" \
+            -s "ECDHE curve: secp521r1" \
+            -S "error" \
+            -c "Use context-specific verification callback"\
+            -C "Use configuration-specific verification callback"\
+            -C "error"
+
 # Tests for rc4 option
 
 requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES