ssl-opt.sh: Add FFDH tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index cfb0bab..c8d6504 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -12348,6 +12348,95 @@
-s "parse ServerName extension" \
-s "HTTP/1.0 200 OK"
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups (ffdhe2048)" \
+ "$P_SRV debug_level=5 force_version=tls13 curves=ffdhe2048" \
+ "$P_CLI debug_level=5 force_version=tls13 curves=ffdhe2048" \
+ 0 \
+ -s "ECDH/FFDH group: ffdhe2048" \
+ -c "HTTP/1.0 200 OK" \
+ -S "error" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups (ffdhe3072)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=ffdhe3072" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=ffdhe3072" \
+ 0 \
+ -s "ECDH/FFDH group: ffdhe3072" \
+ -c "HTTP/1.0 200 OK" \
+ -S "error" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups (ffdhe4096)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=ffdhe4096" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=ffdhe4096" \
+ 0 \
+ -s "ECDH/FFDH group: ffdhe4096" \
+ -c "HTTP/1.0 200 OK" \
+ -S "error" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups (ffdhe6144)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=ffdhe6144" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=ffdhe6144" \
+ 0 \
+ -s "ECDH/FFDH group: ffdhe6144" \
+ -c "HTTP/1.0 200 OK" \
+ -S "error" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups (ffdhe8192)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=ffdhe8192" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=ffdhe8192" \
+ 0 \
+ -s "ECDH/FFDH group: ffdhe8192" \
+ -c "HTTP/1.0 200 OK" \
+ -S "error" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups - no match(server: ffdhe2048 client: secp384r1)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=ffdhe2048" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=secp384r1" \
+ 1 \
+ -s "no matching named group found" \
+ -s "error" \
+ -c "error"
+
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+run_test "TLS 1.3: Test ffdh groups - no match(server: secp384r1 client: ffdhe2048)" \
+ "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1" \
+ "$P_CLI debug_level=4 force_version=tls13 curves=ffdhe2048" \
+ 1 \
+ -s "no matching named group found" \
+ -s "error" \
+ -c "error"
+
for i in opt-testcases/*.sh
do
TEST_SUITE_NAME=${i##*/}