DTLS: treat bad MAC on Finished as an error
This is not required nor recommended by the protocol, and it's a layering
violation, but it's a know flaw in the protocol that you can't detect a PSK
auth error in any other way, so it is probably the right thing to do.
closes #227
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index c07c8ca..8d85850 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2851,6 +2851,13 @@
-c "skip write certificate$" \
-s "! Certificate verification was skipped"
+run_test "DTLS wrong PSK: badmac alert" \
+ "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
+ "$P_CLI dtls=1 psk=abc124" \
+ 1 \
+ -s "SSL - Verification of the message MAC failed" \
+ -c "SSL - A fatal alert message was received from our peer"
+
# Tests for receiving fragmented handshake messages with DTLS
requires_gnutls