diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-02-12 11:18:06 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-02-12 11:55:44 +0100 |
commit | ef44477127952c13e93d7ea88f7b549bf36602f5 (patch) | |
tree | d43ea0c64ec350dd261704ce71df5ba4580a7ad5 /tests/tls12-cert-key-exchange.c | |
parent | 32aa795a81e413672dd2485e461ff87f64e211aa (diff) | |
download | gnutls-ef44477127952c13e93d7ea88f7b549bf36602f5.tar.gz |
priority: disable the enabled by default RSA-PSS signature algorithmstmp-tests-include-ccm
They have been modified in the latest (yet unsupported) TLS 1.3
drafts, so prevent causes interoperability failures by keeping them
on.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'tests/tls12-cert-key-exchange.c')
-rw-r--r-- | tests/tls12-cert-key-exchange.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/tls12-cert-key-exchange.c b/tests/tls12-cert-key-exchange.c index 497c8aee3c..8f7a9fe3f6 100644 --- a/tests/tls12-cert-key-exchange.c +++ b/tests/tls12-cert-key-exchange.c @@ -50,7 +50,7 @@ void doit(void) try("TLS 1.2 with ecdhe rsa-pss sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN); /* Test RSA-PSS cert/key combo issues */ - try_with_key("TLS 1.2 with ecdhe with rsa-pss-sha256 key no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN, + try_with_key("TLS 1.2 with ecdhe with rsa-pss-sha256 key no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, &server_ca3_rsa_pss2_key, NULL, NULL, 0); try_with_key("TLS 1.2 with ecdhe with rsa-pss-sha256 key and 1 sig no-cli-cert", "NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+ECDHE-RSA:-SIGN-ALL:+SIGN-RSA-PSS-SHA256", GNUTLS_KX_ECDHE_RSA, GNUTLS_SIGN_RSA_PSS_SHA256, GNUTLS_SIGN_UNKNOWN, &server_ca3_rsa_pss2_cert, &server_ca3_rsa_pss2_key, NULL, NULL, 0); |