Tests for mutual authentication

This commit is contained in:
David Garske
2026-02-04 21:28:28 -08:00
parent 4d3925d526
commit e9b711e42b
3 changed files with 16 additions and 9 deletions
+6 -3
View File
@@ -76,10 +76,13 @@ jobs:
run_pair ecc_tls12 --tls12 --ecc
run_pair x25519_tls12 --tls12 --x25519
# BELOW ARE NOT WORKING YET
# TLS 1.3 mutual auth
#run_pair ecc_tls13_mutual --mutual --ecc
#run_pair x25519_tls13_mutual --mutual --x25519
run_pair ecc_tls13_mutual --mutual --ecc
run_pair x25519_tls13_mutual --mutual --x25519
# TLS 1.2 mutual auth
run_pair ecc_tls12_mutual --mutual --tls12 --ecc
run_pair x25519_tls12_mutual --mutual --tls12 --x25519
- name: Print async logs
+1
View File
@@ -51,6 +51,7 @@ $(OBJDIR)/%.o: $(WOLFSSL_TOP)/%.c
$(OBJDIR)/wolfcrypt/src/ecc_fp.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/fips.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/fips_test.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/fipsv2.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/selftest.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/wolfcrypt_first.o: CFLAGS += -Wno-pedantic
$(OBJDIR)/wolfcrypt/src/wolfcrypt_last.o: CFLAGS += -Wno-pedantic
+9 -6
View File
@@ -316,11 +316,12 @@ int server_async_test(int argc, char** argv)
}
if (mutual) {
ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_ed25519_cert,
sizeof_ca_ed25519_cert, WOLFSSL_FILETYPE_ASN1);
/* client-ed25519 is self-signed, so load it as its own CA */
ret = wolfSSL_CTX_load_verify_buffer(ctx, client_ed25519_cert,
sizeof_client_ed25519_cert, WOLFSSL_FILETYPE_ASN1);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr,
"ERROR: failed to load ED25519 CA cert.\n");
"ERROR: failed to load ED25519 client CA cert.\n");
goto exit;
}
}
@@ -345,10 +346,12 @@ int server_async_test(int argc, char** argv)
}
if (mutual) {
ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_ecc_cert_der_256,
sizeof_ca_ecc_cert_der_256, WOLFSSL_FILETYPE_ASN1);
/* client-ecc-cert is self-signed, so load it as its own CA */
ret = wolfSSL_CTX_load_verify_buffer(ctx, cliecc_cert_der_256,
sizeof_cliecc_cert_der_256, WOLFSSL_FILETYPE_ASN1);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load ECC CA cert.\n");
fprintf(stderr,
"ERROR: failed to load ECC client CA cert.\n");
goto exit;
}
}