fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

commit: a1255e6b8c8063319b9420239c0fce8fc3eb843a [log] [tgz]
author: Jerry Yu <jerry.h.yu@arm.com> Fri Jun 24 10:10:47 2022 +0800
committer: Jerry Yu <jerry.h.yu@arm.com> Wed Jun 29 16:16:09 2022 +0800
tree: e9bfac05b957ab35e87b1935b2f85d5832cfe4fc
parent: 9bb3ee436baca2f298fdb66e642ffe6377ad9066 [diff] [blame]
diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c
index b720fd3..a155ceb 100644
--- a/programs/ssl/ssl_test_common_source.c
+++ b/programs/ssl/ssl_test_common_source.c

@@ -265,13 +265,12 @@
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_RSA_C)
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 /*
- *   `rsa_pss_rsae_*` MUST BE PUT ARTER `rsa_pkcs1_*` before below compitable fixed
- *   The compitable issue is When
- *   - GnuTLS/OpenSSL is configured as tls12 server with rsa key
- *   - `mebedTLS` is configured as hybrid mode.
- *   - The order is `rsa_pss_rsae_*`, `rsa_pkcs1_*`.
- *   GnuTLS/OpenSSL will return `rsa_pss_rsae_*` which are not supported by
- *   TLS 1.2 in mbedTLS.
+ *   When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate
+ *   declaring an RSA public key and Mbed TLS is configured in hybrid mode, if
+ *   `rsa_pss_rsae_*` algorithms are before `rsa_pkcs1_*` ones in this list then
+ *   the  GnuTLS/Openssl server chooses an `rsa_pss_rsae_*` signature algorithm
+ *   for its signature in the key exchange message and as Mbed TLS 1.2 does not
+ *   support them, the handshake fails.
  */
 #define MBEDTLS_SSL_SIG_ALG( hash ) (( hash << 8 ) | MBEDTLS_SSL_SIG_ECDSA), \
                                     (( hash << 8 ) | MBEDTLS_SSL_SIG_RSA), \
commit	a1255e6b8c8063319b9420239c0fce8fc3eb843a	[log] [tgz]
author	Jerry Yu <jerry.h.yu@arm.com>	Fri Jun 24 10:10:47 2022 +0800
committer	Jerry Yu <jerry.h.yu@arm.com>	Wed Jun 29 16:16:09 2022 +0800
tree	e9bfac05b957ab35e87b1935b2f85d5832cfe4fc
parent	9bb3ee436baca2f298fdb66e642ffe6377ad9066 [diff] [blame]