diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-02-03 08:47:50 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-02-06 12:52:44 +0100 |
commit | 29f875cae21bcf5139801ed8c8cb78c4fa61a9f0 (patch) | |
tree | 06132ed361675246231d1ca948dca290481a36fc /tests/common-cert-key-exchange.h | |
parent | aaf286293050a4a2dbcd98d9eb2d69eca99c502a (diff) | |
download | gnutls-29f875cae21bcf5139801ed8c8cb78c4fa61a9f0.tar.gz |
raw public keys: apply the key usage bits the same way as X.509
That is, we require a signing certificate when negotiating
TLS1.3, or when sending a client certificate (on all cases).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/common-cert-key-exchange.h')
-rw-r--r-- | tests/common-cert-key-exchange.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/tests/common-cert-key-exchange.h b/tests/common-cert-key-exchange.h index 8fb5ab754e..5d68d72ff8 100644 --- a/tests/common-cert-key-exchange.h +++ b/tests/common-cert-key-exchange.h @@ -51,6 +51,14 @@ extern const char *server_priority; try_with_key(name, client_prio, client_kx, server_sign_algo, client_sign_algo, \ &rawpk_public_key1, &rawpk_private_key1, &rawpk_public_key2, &rawpk_private_key2, client_cert, GNUTLS_CRT_RAWPK, GNUTLS_CRT_RAWPK) +void try_with_rawpk_key_fail(const char *name, const char *client_prio, + int server_err, int client_err, + const gnutls_datum_t *serv_cert, + const gnutls_datum_t *serv_key, + unsigned server_ku, + const gnutls_datum_t *cli_cert, + const gnutls_datum_t *cli_key, + unsigned client_ku); void try_with_key_ks(const char *name, const char *client_prio, gnutls_kx_algorithm_t client_kx, gnutls_sign_algorithm_t server_sign_algo, |