Add key_opaque option to ssl_server2.c + test Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>

commit: ab09c9eb790ab78fcabbab56b263d94d1c8f5c4a [log] [tgz]
author: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com> Mon Oct 04 11:13:22 2021 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 20 21:04:31 2022 +0200
tree: 53392d00deb98f11b3872d376f121ae7b02f6d57
parent: b9c7ea459e518eac4cdf8c0d79977f2571b4dcd7 [diff]
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index fb9746f..739cbd8 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh

@@ -1632,6 +1632,21 @@
             -S "error" \
             -C "error"
 
+# Test using an opaque private key for server authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test    "Opaque key for server authentication" \
+            "$P_SRV auth_mode=required key_opaque=1" \
+            "$P_CLI crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -c "Verifying peer X.509 certificate... ok" \
+            -s "key type: Opaque" \
+            -S "error" \
+            -C "error"
+
 # Test ciphersuites which we expect to be fully supported by PSA Crypto
 # and check that we don't fall back to Mbed TLS' internal crypto primitives.
 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
commit	ab09c9eb790ab78fcabbab56b263d94d1c8f5c4a	[log] [tgz]
author	Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	Mon Oct 04 11:13:22 2021 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Jun 20 21:04:31 2022 +0200
tree	53392d00deb98f11b3872d376f121ae7b02f6d57
parent	b9c7ea459e518eac4cdf8c0d79977f2571b4dcd7 [diff]