Migrate RSA-decryption test cases #9954
Open
+40
−271
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gabor-mezei-arm
added
component-tls
needs-ci
Signed-off-by: Gabor Mezei <[email protected]>
Signed-off-by: Gabor Mezei <[email protected]>
Migrate to ECDHE-ECDSA instead of PSK Signed-off-by: Gabor Mezei <[email protected]>
Signed-off-by: Gabor Mezei <[email protected]>
Only RSA cipgersuits are accepted for these tests and there is no ECDHE-RSA alternative for AES-128-CCM so delete them. Signed-off-by: Gabor Mezei <[email protected]>
gabor-mezei-arm
force-pushed
the
9753_migrate_RSA_key_exchange_tests
branch
from
f156941 to
ecc5d31
Compare
Signed-off-by: Gabor Mezei <[email protected]>
gabor-mezei-arm
added
needs-review
valeriosetti
approved these changes
Feb 20, 2025
There was a problem hiding this comment.
The PR looks good to me.
However I'm not sure this PR should not have some sort of backport to 3.6. The originating issue states that:
This applies to development only. But we may want to backport the new test cases as additional tests in 3.6 for a minor but very cheap coverage improvement.
ronald-cron-arm
removed
the
needs-reviewer
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
There are a few TLS 1.2 test cases where we're currently using an RSA decryption key exchange, but we could indifferently use a signature-based key exchange. Since #9682, we need to migrate those test cases to something else. It can be either ECDHE-ECDSA or ECDHE-RSA or PSK, but ECDHE-ECDSA minimizes the crypto requirements while not switching to PSK which is sometimes peculiar.
Resolves #9753
PR checklist
Please remove the segment/s on either side of the | symbol as appropriate, and add any relevant link/s to the end of the line.
If the provided content is part of the present PR remove the # symbol.