Sean Parkinson f54ca0d481 TLS 1.2 CertificateVerify: req sig alg to have been in CR ...

The signature algorithm specified in CertificateVerify must have been in
the CertificateRequest. Add check.

The cipher suite test cases, when client auth and RSA are built-in and
use the default client certificate and use the *-ECDSA-* cipher
suites, no longer work. The client certificate must be ECC when the
cipher suite has ECDSA. Don't run them for that build.

2025-11-11 13:20:46 +10:00

28 KiB

Raw Permalink Blame History

View Raw