wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8860 from LinuxJedi/tls13-trusted-ca

Browse Source 
Allow `trusted_ca_keys` with TLSv1.3
This commit is contained in:
JacobBarthelmeh
2025-06-09 17:43:44 -06:00
committed by GitHub
parent 4ae8ca03ac 5e6cb2b0b6
commit 106bcb22d3
2 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/tls.c
View File

@@ -16149,7 +16149,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
/* RFC 8446 4.2.4 states trusted_ca_keys is not used
in TLS 1.3. */
if (IsAtLeastTLSv1_3(ssl->version)) {
return EXT_NOT_ALLOWED;
break;
}
else
#endif

11
tests/test-tls13-down.conf
View File

@@ -51,7 +51,7 @@
-v 3
-H exitWithRet
# server TLSv1.2
# server TLSv1.2
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
@@ -60,7 +60,7 @@
-v 4
-H exitWithRet
# server TLSv1.2
# server TLSv1.2
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
@@ -119,3 +119,10 @@
-7 3
-s
-l ECDHE-PSK-AES128-GCM-SHA256
# server TLSv1.3
-v 4
# client downgrade with trusted ca
-v d
-5