Implement key_opaque option to ssl_client2

commit: f83d31260db0739308537f54237ff00f3759434b [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Nov 08 09:52:25 2018 +0100
committer: Hanno Becker <hanno.becker@arm.com> Thu Nov 22 16:41:07 2018 +0000
tree: cd73a864b897475c2d7c965ff1b055f55e7a062a
parent: ca906fb8b936163eadf396c2b5780cfdb46aa2ec [diff] [blame]
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index ce9aee2..5cded21 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh

@@ -865,6 +865,21 @@
             -s "Protocol is DTLSv1.2" \
             -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
 
+# Test using an opaque private key for client authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test    "Opaque key for client authentication" \
+            "$P_SRV auth_mode=required" \
+            "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -c "key type: Opaque" \
+            -s "Verifying peer X.509 certificate... ok" \
+            -S "error" \
+            -C "error"
+
 # Test current time in ServerHello
 requires_config_enabled MBEDTLS_HAVE_TIME
 run_test    "ServerHello contains gmt_unix_time" \
commit	f83d31260db0739308537f54237ff00f3759434b	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Nov 08 09:52:25 2018 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Thu Nov 22 16:41:07 2018 +0000
tree	cd73a864b897475c2d7c965ff1b055f55e7a062a
parent	ca906fb8b936163eadf396c2b5780cfdb46aa2ec [diff] [blame]