commit 5de9c6f295fcc4328c6c94af0aa217a1a43ae2d7
author Ronald Cron <ronald.cron@arm.com> Wed Jan 31 14:45:16 2024 +0100
committer Ronald Cron <ronald.cron@arm.com> Wed Jan 31 15:23:33 2024 +0100
tree 1aa6f5c931822b4676614c4dc7ec647fb5a83459
parent 095a3a5a299d5e7a2adab71bc2aa25d5f44606a0

Fix and add comments in ticket and early data test function

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

tests/suites/test_suite_ssl.function

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 65fed18..9b282dc 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -3606,8 +3606,9 @@
 
     /*
      * Run initial handshake: ephemeral key exchange mode, certificate with
-     * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket
-     * sent by the server at the end of its handshake sequence.
+     * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature
+     * algorithm. Then, get the ticket sent by the server at the end of its
+     * handshake sequence.
      */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),
@@ -3637,6 +3638,11 @@
     ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session);
     TEST_EQUAL(ret, 0);
 
+    /*
+     * Run the handshake up to MBEDTLS_SSL_HANDSHAKE_WRAPUP and not
+     * MBEDTLS_SSL_HANDSHAKE_OVER to preserve handshake data for the checks
+     * below.
+     */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),
                     MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0);
@@ -3656,6 +3662,11 @@
 }
 /* END_CASE */
 
+/*
+ * The !MBEDTLS_SSL_PROTO_TLS1_2 dependency of tls13_early_data() below is
+ * a temporary workaround to not run the test in Windows-2013 where there is
+ * an issue with mbedtls_vsnprintf().
+ */
 /* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */
 void tls13_early_data()
 {
@@ -3707,8 +3718,9 @@
 
     /*
      * Run initial handshake: ephemeral key exchange mode, certificate with
-     * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket
-     * sent by the server at the end of its handshake sequence.
+     * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature
+     * algorithm. Then, get the ticket sent by the server at the end of its
+     * handshake sequence.
      */
     TEST_ASSERT(mbedtls_test_move_handshake_to_state(
                     &(server_ep.ssl), &(client_ep.ssl),