TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6916e7052112e1bbef36bf3bedcae621446bb4d0 / . / tests / opt-testcases / tls13-kex-modes.sh
blob: dd907c1d416e8584afc08a64079f96c76f6f6783 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]21get_srv_psk_list ()
22{
23 case $(( TESTS % 3 )) in
24 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
25 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
26 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
27 esac
28}
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]29
Jerry Yu66f35f22022-08-22 17:27:41 +0800[diff] [blame]30requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]31requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
32requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
33requires_config_enabled MBEDTLS_SSL_SRV_C
34requires_config_enabled MBEDTLS_DEBUG_C
Jerry Yu9b83fa12022-07-31 13:13:51 +0800[diff] [blame]35# SOME_ECDHE_ENABLED?
36requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
37 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]38run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]39 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]40 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
41 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
42 localhost" \
43 1 \
44 -s "found psk key exchange modes extension" \
45 -s "found pre_shared_key extension" \
46 -s "Found PSK_EPHEMERAL KEX MODE" \
47 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]48 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]49
50requires_openssl_tls1_3
51requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
52requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
53requires_config_enabled MBEDTLS_SSL_SRV_C
54requires_config_enabled MBEDTLS_DEBUG_C
55# SOME_ECDHE_ENABLED?
56requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
57 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]58run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]59 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]60 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
61 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
62 1 \
63 -s "found psk key exchange modes extension" \
64 -s "found pre_shared_key extension" \
65 -s "Found PSK_EPHEMERAL KEX MODE" \
66 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]67 -s "No matched ciphersuite"
68
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]69requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
70 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
71requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
72 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
73requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
74 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]75run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
76 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
77 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
78 0 \
79 -c "Pre-configured PSK number = 2" \
80 -s "sent selected_identity: 0" \
81 -s "key exchange mode: psk_ephemeral" \
82 -S "key exchange mode: psk$" \
83 -S "key exchange mode: ephemeral$" \
84 -S "ticket is not authentic"
85
86requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
87 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
88requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
89 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
90requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
91 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
92run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]93 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
94 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
95 0 \
96 -c "Pre-configured PSK number = 2" \
97 -s "sent selected_identity: 1" \
98 -s "key exchange mode: psk_ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]99 -S "key exchange mode: psk$" \
100 -S "key exchange mode: ephemeral$" \
101 -s "ticket is not authentic"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]102
103requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
104 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
105requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
106 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
107requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
108 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]109run_test "TLS 1.3 m->m: Multiple PSKs: authentication failed" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]110 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
111 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
112 0 \
113 -c "Pre-configured PSK number = 1" \
114 -S "sent selected_identity:" \
115 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]116 -S "key exchange mode: psk_ephemeral" \
117 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]118 -s "ticket is not authentic" \
119 -S "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]120 -S "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]121 -S "Ticket expired: Ticket age exceed limitation" \
122 -S "Ticket expired: Ticket age outside tolerance window"
123
124requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
125 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
126requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
127 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
128requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
129 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]130run_test "TLS 1.3 m->m: Multiple PSKs: ticket expired, m->m" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]131 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
132 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
133 0 \
134 -c "Pre-configured PSK number = 1" \
135 -S "sent selected_identity:" \
136 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]137 -S "key exchange mode: psk_ephemeral" \
138 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]139 -S "ticket is not authentic" \
140 -s "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]141 -S "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]142 -S "Ticket expired: Ticket age exceed limitation" \
143 -S "Ticket expired: Ticket age outside tolerance window"
144
145requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
146 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
147requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
148 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
149requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
150 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]151run_test "TLS 1.3 m->m: Multiple PSKs: Invalid start time check, m->m" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]152 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
153 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
154 0 \
155 -c "Pre-configured PSK number = 1" \
156 -S "sent selected_identity:" \
157 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]158 -S "key exchange mode: psk_ephemeral" \
159 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]160 -S "ticket is not authentic" \
161 -S "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]162 -s "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]163 -S "Ticket expired: Ticket age exceed limitation" \
164 -S "Ticket expired: Ticket age outside tolerance window"
165
166requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
167 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
168requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
169 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]170requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
171 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]172run_test "TLS 1.3 m->m: Multiple PSKs: Max age check, m->m" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]173 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
174 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
175 0 \
176 -c "Pre-configured PSK number = 1" \
177 -S "sent selected_identity:" \
178 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]179 -S "key exchange mode: psk_ephemeral" \
180 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]181 -S "ticket is not authentic" \
182 -S "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]183 -S "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]184 -s "Ticket expired: Ticket age exceed limitation" \
185 -S "Ticket expired: Ticket age outside tolerance window"
186
187requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
188 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
189requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
190 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]191requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
192 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]193run_test "TLS 1.3 m->m: Multiple PSKs: Tolerance window bottom check." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]194 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
195 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
196 0 \
197 -c "Pre-configured PSK number = 1" \
198 -S "sent selected_identity:" \
199 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]200 -S "key exchange mode: psk_ephemeral" \
201 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]202 -S "ticket is not authentic" \
203 -S "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]204 -S "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]205 -S "Ticket expired: Ticket age exceed limitation" \
206 -s "Ticket expired: Ticket age outside tolerance window"
207
208requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
209 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
210requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
211 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
212requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
213 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]214run_test "TLS 1.3 m->m: Multiple PSKs: Tolerance window top check." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]215 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
216 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
217 0 \
218 -c "Pre-configured PSK number = 1" \
219 -S "sent selected_identity:" \
220 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]221 -S "key exchange mode: psk_ephemeral" \
222 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]223 -S "ticket is not authentic" \
224 -S "ticket is expired" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]225 -S "Ticket expired: Invalid ticket start time" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]226 -S "Ticket expired: Ticket age exceed limitation" \
227 -s "Ticket expired: Ticket age outside tolerance window"
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]228
229requires_gnutls_tls1_3
230requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
231requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]232run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]233 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]234 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
235 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
236 localhost" \
237 1 \
238 -s "found psk key exchange modes extension" \
239 -s "found pre_shared_key extension" \
240 -s "Found PSK_EPHEMERAL KEX MODE" \
241 -S "Found PSK KEX MODE" \
242 -S "key exchange mode: psk$" \
243 -S "key exchange mode: psk_ephemeral" \
244 -S "key exchange mode: ephemeral"
245
246requires_gnutls_tls1_3
247requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
248requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]249run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]250 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]251 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
252 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
253 localhost" \
254 0 \
255 -s "found psk key exchange modes extension" \
256 -s "found pre_shared_key extension" \
257 -s "Found PSK_EPHEMERAL KEX MODE" \
258 -s "Found PSK KEX MODE" \
259 -s "Pre shared key found" \
260 -S "No matched PSK or ticket" \
261 -s "key exchange mode: psk$" \
262 -S "key exchange mode: psk_ephemeral" \
263 -S "key exchange mode: ephemeral"
264
265requires_gnutls_tls1_3
266requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
267requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]268run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]269 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]270 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
271 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
272 localhost" \
273 1 \
274 -s "found psk key exchange modes extension" \
275 -s "found pre_shared_key extension" \
276 -s "Found PSK_EPHEMERAL KEX MODE" \
277 -s "Found PSK KEX MODE" \
278 -s "No matched PSK or ticket" \
279 -S "key exchange mode: psk$" \
280 -S "key exchange mode: psk_ephemeral" \
281 -S "key exchange mode: ephemeral"
282
283requires_gnutls_tls1_3
284requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
285requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]286run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]287 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]288 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
289 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
290 localhost" \
291 1 \
292 -s "found psk key exchange modes extension" \
293 -s "found pre_shared_key extension" \
294 -s "Found PSK_EPHEMERAL KEX MODE" \
295 -s "Found PSK KEX MODE" \
296 -s "Invalid binder." \
297 -S "key exchange mode: psk$" \
298 -S "key exchange mode: psk_ephemeral" \
299 -S "key exchange mode: ephemeral"
300
301requires_gnutls_tls1_3
302requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
303requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]304run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]305 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]306 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
307 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
308 localhost" \
309 0 \
310 -s "found psk key exchange modes extension" \
311 -s "found pre_shared_key extension" \
312 -S "Found PSK_EPHEMERAL KEX MODE" \
313 -s "Found PSK KEX MODE" \
314 -s "Pre shared key found" \
315 -S "No matched PSK or ticket" \
316 -s "key exchange mode: psk$" \
317 -S "key exchange mode: psk_ephemeral" \
318 -S "key exchange mode: ephemeral"
319
320requires_gnutls_tls1_3
321requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
322requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]323run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]324 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]325 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
326 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
327 localhost" \
328 1 \
329 -s "found psk key exchange modes extension" \
330 -s "found pre_shared_key extension" \
331 -S "Found PSK_EPHEMERAL KEX MODE" \
332 -s "Found PSK KEX MODE" \
333 -s "No matched PSK or ticket" \
334 -S "key exchange mode: psk$" \
335 -S "key exchange mode: psk_ephemeral" \
336 -S "key exchange mode: ephemeral"
337
338requires_gnutls_tls1_3
339requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
340requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]341run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]342 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]343 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
344 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
345 localhost" \
346 1 \
347 -s "found psk key exchange modes extension" \
348 -s "found pre_shared_key extension" \
349 -S "Found PSK_EPHEMERAL KEX MODE" \
350 -s "Found PSK KEX MODE" \
351 -s "Invalid binder." \
352 -S "key exchange mode: psk$" \
353 -S "key exchange mode: psk_ephemeral" \
354 -S "key exchange mode: ephemeral"
355
356requires_gnutls_tls1_3
357requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
358requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
359requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]360run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]361 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]362 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
363 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
364 localhost" \
365 0 \
366 -s "found psk key exchange modes extension" \
367 -s "found pre_shared_key extension" \
368 -s "Found PSK_EPHEMERAL KEX MODE" \
369 -S "Found PSK KEX MODE" \
370 -s "Pre shared key found" \
371 -S "No matched PSK or ticket" \
372 -S "key exchange mode: psk$" \
373 -s "key exchange mode: psk_ephemeral" \
374 -S "key exchange mode: ephemeral"
375
376requires_gnutls_tls1_3
377requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
378requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
379requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]380run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]381 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]382 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
383 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
384 localhost" \
385 1 \
386 -s "found psk key exchange modes extension" \
387 -s "found pre_shared_key extension" \
388 -s "Found PSK_EPHEMERAL KEX MODE" \
389 -S "Found PSK KEX MODE" \
390 -s "No matched PSK or ticket" \
391 -S "key exchange mode: psk$" \
392 -S "key exchange mode: psk_ephemeral" \
393 -S "key exchange mode: ephemeral"
394
395requires_gnutls_tls1_3
396requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
397requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
398requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]399run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]400 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]401 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
402 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
403 localhost" \
404 1 \
405 -s "found psk key exchange modes extension" \
406 -s "found pre_shared_key extension" \
407 -s "Found PSK_EPHEMERAL KEX MODE" \
408 -S "Found PSK KEX MODE" \
409 -s "Invalid binder." \
410 -S "key exchange mode: psk$" \
411 -S "key exchange mode: psk_ephemeral" \
412 -S "key exchange mode: ephemeral"
413
414requires_gnutls_tls1_3
415requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
416requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
417requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]418run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]419 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]420 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
421 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
422 localhost" \
423 0 \
424 -s "found psk key exchange modes extension" \
425 -s "found pre_shared_key extension" \
426 -s "Found PSK_EPHEMERAL KEX MODE" \
427 -s "Found PSK KEX MODE" \
428 -s "Pre shared key found" \
429 -S "No matched PSK or ticket" \
430 -S "key exchange mode: psk$" \
431 -s "key exchange mode: psk_ephemeral" \
432 -S "key exchange mode: ephemeral"
433
434requires_gnutls_tls1_3
435requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
436requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
437requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]438run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]439 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]440 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
441 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
442 localhost" \
443 1 \
444 -s "found psk key exchange modes extension" \
445 -s "found pre_shared_key extension" \
446 -s "Found PSK_EPHEMERAL KEX MODE" \
447 -s "Found PSK KEX MODE" \
448 -s "No matched PSK or ticket" \
449 -S "key exchange mode: psk$" \
450 -S "key exchange mode: psk_ephemeral" \
451 -S "key exchange mode: ephemeral"
452
453requires_gnutls_tls1_3
454requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
455requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
456requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]457run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]458 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]459 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
460 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
461 localhost" \
462 1 \
463 -s "found psk key exchange modes extension" \
464 -s "found pre_shared_key extension" \
465 -s "Found PSK_EPHEMERAL KEX MODE" \
466 -s "Found PSK KEX MODE" \
467 -s "Invalid binder." \
468 -S "key exchange mode: psk$" \
469 -S "key exchange mode: psk_ephemeral" \
470 -S "key exchange mode: ephemeral"
471
472requires_gnutls_tls1_3
473requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
474requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
475requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]476run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]477 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]478 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
479 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
480 localhost" \
481 1 \
482 -s "found psk key exchange modes extension" \
483 -s "found pre_shared_key extension" \
484 -S "Found PSK_EPHEMERAL KEX MODE" \
485 -s "Found PSK KEX MODE" \
486 -S "key exchange mode: psk$" \
487 -S "key exchange mode: psk_ephemeral" \
488 -S "key exchange mode: ephemeral"
489
490requires_gnutls_tls1_3
491requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
492requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
493requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]494run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]495 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]496 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
497 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
498 localhost" \
499 0 \
500 -s "found psk key exchange modes extension" \
501 -s "found pre_shared_key extension" \
502 -s "Found PSK_EPHEMERAL KEX MODE" \
503 -S "Found PSK KEX MODE" \
504 -s "Pre shared key found" \
505 -S "No matched PSK or ticket" \
506 -S "key exchange mode: psk$" \
507 -s "key exchange mode: psk_ephemeral" \
508 -S "key exchange mode: ephemeral"
509
510requires_gnutls_tls1_3
511requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
512requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
513requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]514run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]515 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]516 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
517 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
518 localhost" \
519 1 \
520 -s "found psk key exchange modes extension" \
521 -s "found pre_shared_key extension" \
522 -s "Found PSK_EPHEMERAL KEX MODE" \
523 -S "Found PSK KEX MODE" \
524 -s "No matched PSK or ticket" \
525 -S "key exchange mode: psk$" \
526 -S "key exchange mode: psk_ephemeral" \
527 -S "key exchange mode: ephemeral"
528
529requires_gnutls_tls1_3
530requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
531requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
532requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]533run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]534 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]535 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
536 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
537 localhost" \
538 1 \
539 -s "found psk key exchange modes extension" \
540 -s "found pre_shared_key extension" \
541 -s "Found PSK_EPHEMERAL KEX MODE" \
542 -S "Found PSK KEX MODE" \
543 -s "Invalid binder." \
544 -S "key exchange mode: psk$" \
545 -S "key exchange mode: psk_ephemeral" \
546 -S "key exchange mode: ephemeral"
547
548requires_gnutls_tls1_3
549requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
550requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
551requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]552run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]553 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]554 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
555 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
556 localhost" \
557 0 \
558 -s "found psk key exchange modes extension" \
559 -s "found pre_shared_key extension" \
560 -s "Found PSK_EPHEMERAL KEX MODE" \
561 -s "Found PSK KEX MODE" \
562 -s "Pre shared key found" \
563 -S "No matched PSK or ticket" \
564 -S "key exchange mode: psk$" \
565 -s "key exchange mode: psk_ephemeral" \
566 -S "key exchange mode: ephemeral"
567
568requires_gnutls_tls1_3
569requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
570requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
571requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]572run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]573 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]574 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
575 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
576 localhost" \
577 1 \
578 -s "found psk key exchange modes extension" \
579 -s "found pre_shared_key extension" \
580 -s "Found PSK_EPHEMERAL KEX MODE" \
581 -s "Found PSK KEX MODE" \
582 -s "No matched PSK or ticket" \
583 -S "key exchange mode: psk$" \
584 -S "key exchange mode: psk_ephemeral" \
585 -S "key exchange mode: ephemeral"
586
587requires_gnutls_tls1_3
588requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
589requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
590requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]591run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]592 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]593 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
594 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
595 localhost" \
596 1 \
597 -s "found psk key exchange modes extension" \
598 -s "found pre_shared_key extension" \
599 -s "Found PSK_EPHEMERAL KEX MODE" \
600 -s "Found PSK KEX MODE" \
601 -s "Invalid binder." \
602 -S "key exchange mode: psk$" \
603 -S "key exchange mode: psk_ephemeral" \
604 -S "key exchange mode: ephemeral"
605
606requires_gnutls_tls1_3
607requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
608requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
609requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]610run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]611 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]612 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
613 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
614 localhost" \
615 0 \
616 -s "found psk key exchange modes extension" \
617 -s "found pre_shared_key extension" \
618 -S "Found PSK_EPHEMERAL KEX MODE" \
619 -s "Found PSK KEX MODE" \
620 -s "Pre shared key found" \
621 -S "No matched PSK or ticket" \
622 -s "key exchange mode: psk$" \
623 -S "key exchange mode: psk_ephemeral" \
624 -S "key exchange mode: ephemeral"
625
626requires_gnutls_tls1_3
627requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
628requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
629requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]630run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]631 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]632 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
633 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
634 localhost" \
635 1 \
636 -s "found psk key exchange modes extension" \
637 -s "found pre_shared_key extension" \
638 -S "Found PSK_EPHEMERAL KEX MODE" \
639 -s "Found PSK KEX MODE" \
640 -s "No matched PSK or ticket" \
641 -S "key exchange mode: psk$" \
642 -S "key exchange mode: psk_ephemeral" \
643 -S "key exchange mode: ephemeral"
644
645requires_gnutls_tls1_3
646requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
647requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
648requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]649run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]650 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]651 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
652 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
653 localhost" \
654 1 \
655 -s "found psk key exchange modes extension" \
656 -s "found pre_shared_key extension" \
657 -S "Found PSK_EPHEMERAL KEX MODE" \
658 -s "Found PSK KEX MODE" \
659 -s "Invalid binder." \
660 -S "key exchange mode: psk$" \
661 -S "key exchange mode: psk_ephemeral" \
662 -S "key exchange mode: ephemeral"
663
664requires_gnutls_tls1_3
665requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
666requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
667requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]668run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]669 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]670 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
671 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
672 localhost" \
673 0 \
674 -s "found psk key exchange modes extension" \
675 -s "found pre_shared_key extension" \
676 -s "Found PSK_EPHEMERAL KEX MODE" \
677 -S "Found PSK KEX MODE" \
678 -s "Pre shared key found" \
679 -S "No matched PSK or ticket" \
680 -S "key exchange mode: psk$" \
681 -s "key exchange mode: psk_ephemeral" \
682 -S "key exchange mode: ephemeral"
683
684requires_gnutls_tls1_3
685requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
686requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
687requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]688run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]689 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]690 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
691 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
692 localhost" \
693 0 \
694 -s "found psk key exchange modes extension" \
695 -s "found pre_shared_key extension" \
696 -s "Found PSK_EPHEMERAL KEX MODE" \
697 -S "Found PSK KEX MODE" \
698 -s "No matched PSK or ticket" \
699 -S "key exchange mode: psk$" \
700 -S "key exchange mode: psk_ephemeral" \
701 -s "key exchange mode: ephemeral"
702
703requires_gnutls_tls1_3
704requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
705requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
706requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]707run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]708 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]709 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
710 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
711 localhost" \
712 1 \
713 -s "found psk key exchange modes extension" \
714 -s "found pre_shared_key extension" \
715 -s "Found PSK_EPHEMERAL KEX MODE" \
716 -S "Found PSK KEX MODE" \
717 -s "Invalid binder." \
718 -S "key exchange mode: psk$" \
719 -S "key exchange mode: psk_ephemeral" \
720 -S "key exchange mode: ephemeral"
721
722requires_gnutls_tls1_3
723requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
724requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
725requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]726run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]727 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]728 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
729 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
730 localhost" \
731 0 \
732 -s "found psk key exchange modes extension" \
733 -s "found pre_shared_key extension" \
734 -s "Found PSK_EPHEMERAL KEX MODE" \
735 -s "Found PSK KEX MODE" \
736 -s "Pre shared key found" \
737 -S "No matched PSK or ticket" \
738 -S "key exchange mode: psk$" \
739 -s "key exchange mode: psk_ephemeral" \
740 -S "key exchange mode: ephemeral"
741
742requires_gnutls_tls1_3
743requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
744requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
745requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]746run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]747 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]748 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
749 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
750 localhost" \
751 0 \
752 -s "found psk key exchange modes extension" \
753 -s "found pre_shared_key extension" \
754 -s "Found PSK_EPHEMERAL KEX MODE" \
755 -s "Found PSK KEX MODE" \
756 -s "No matched PSK or ticket" \
757 -S "key exchange mode: psk$" \
758 -S "key exchange mode: psk_ephemeral" \
759 -s "key exchange mode: ephemeral"
760
761requires_gnutls_tls1_3
762requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
763requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
764requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]765run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]766 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]767 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
768 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
769 localhost" \
770 1 \
771 -s "found psk key exchange modes extension" \
772 -s "found pre_shared_key extension" \
773 -s "Found PSK_EPHEMERAL KEX MODE" \
774 -s "Found PSK KEX MODE" \
775 -s "Invalid binder." \
776 -S "key exchange mode: psk$" \
777 -S "key exchange mode: psk_ephemeral" \
778 -S "key exchange mode: ephemeral"
779
780requires_gnutls_tls1_3
781requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
782requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
783requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]784run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]785 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]786 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
787 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
788 localhost" \
789 0 \
790 -s "found psk key exchange modes extension" \
791 -s "found pre_shared_key extension" \
792 -S "Found PSK_EPHEMERAL KEX MODE" \
793 -s "Found PSK KEX MODE" \
794 -s "Pre shared key found" \
795 -S "No matched PSK or ticket" \
796 -S "key exchange mode: psk$" \
797 -S "key exchange mode: psk_ephemeral" \
798 -s "key exchange mode: ephemeral"
799
800requires_gnutls_tls1_3
801requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
802requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
803requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]804run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]805 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]806 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
807 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
808 localhost" \
809 0 \
810 -s "found psk key exchange modes extension" \
811 -s "found pre_shared_key extension" \
812 -s "Found PSK_EPHEMERAL KEX MODE" \
813 -S "Found PSK KEX MODE" \
814 -s "Pre shared key found" \
815 -S "No matched PSK or ticket" \
816 -S "key exchange mode: psk$" \
817 -s "key exchange mode: psk_ephemeral" \
818 -S "key exchange mode: ephemeral"
819
820requires_gnutls_tls1_3
821requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
822requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
823requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]824run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]825 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]826 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
827 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
828 localhost" \
829 0 \
830 -s "found psk key exchange modes extension" \
831 -s "found pre_shared_key extension" \
832 -s "Found PSK_EPHEMERAL KEX MODE" \
833 -S "Found PSK KEX MODE" \
834 -s "No matched PSK or ticket" \
835 -S "key exchange mode: psk$" \
836 -S "key exchange mode: psk_ephemeral" \
837 -s "key exchange mode: ephemeral"
838
839requires_gnutls_tls1_3
840requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
841requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
842requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]843run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]844 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]845 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
846 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
847 localhost" \
848 1 \
849 -s "found psk key exchange modes extension" \
850 -s "found pre_shared_key extension" \
851 -s "Found PSK_EPHEMERAL KEX MODE" \
852 -S "Found PSK KEX MODE" \
853 -s "Invalid binder." \
854 -S "key exchange mode: psk$" \
855 -S "key exchange mode: psk_ephemeral" \
856 -S "key exchange mode: ephemeral"
857
858requires_gnutls_tls1_3
859requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
860requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
861requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]862run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]863 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]864 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
865 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
866 localhost" \
867 0 \
868 -s "found psk key exchange modes extension" \
869 -s "found pre_shared_key extension" \
870 -s "Found PSK_EPHEMERAL KEX MODE" \
871 -s "Found PSK KEX MODE" \
872 -s "Pre shared key found" \
873 -S "No matched PSK or ticket" \
874 -S "key exchange mode: psk$" \
875 -s "key exchange mode: psk_ephemeral" \
876 -S "key exchange mode: ephemeral"
877
878requires_gnutls_tls1_3
879requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
880requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
881requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]882run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]883 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]884 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
885 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
886 localhost" \
887 0 \
888 -s "found psk key exchange modes extension" \
889 -s "found pre_shared_key extension" \
890 -s "Found PSK_EPHEMERAL KEX MODE" \
891 -s "Found PSK KEX MODE" \
892 -s "No matched PSK or ticket" \
893 -S "key exchange mode: psk$" \
894 -S "key exchange mode: psk_ephemeral" \
895 -s "key exchange mode: ephemeral"
896
897requires_gnutls_tls1_3
898requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
899requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
900requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]901run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]902 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]903 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
904 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
905 localhost" \
906 1 \
907 -s "found psk key exchange modes extension" \
908 -s "found pre_shared_key extension" \
909 -s "Found PSK_EPHEMERAL KEX MODE" \
910 -s "Found PSK KEX MODE" \
911 -s "Invalid binder." \
912 -S "key exchange mode: psk$" \
913 -S "key exchange mode: psk_ephemeral" \
914 -S "key exchange mode: ephemeral"
915
916requires_gnutls_tls1_3
917requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
918requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
919requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]920run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]921 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]922 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
923 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
924 localhost" \
925 0 \
926 -s "found psk key exchange modes extension" \
927 -s "found pre_shared_key extension" \
928 -S "Found PSK_EPHEMERAL KEX MODE" \
929 -s "Found PSK KEX MODE" \
930 -s "Pre shared key found" \
931 -S "No matched PSK or ticket" \
932 -S "key exchange mode: psk$" \
933 -S "key exchange mode: psk_ephemeral" \
934 -s "key exchange mode: ephemeral"
935
936requires_gnutls_tls1_3
937requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
938requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
939requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]940run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]941 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]942 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
943 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
944 localhost" \
945 1 \
946 -s "found psk key exchange modes extension" \
947 -s "found pre_shared_key extension" \
948 -S "Found PSK_EPHEMERAL KEX MODE" \
949 -s "Found PSK KEX MODE" \
950 -s "Invalid binder." \
951 -S "key exchange mode: psk$" \
952 -S "key exchange mode: psk_ephemeral" \
953 -S "key exchange mode: ephemeral"
954
955requires_gnutls_tls1_3
956requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
957requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
958requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]959run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]960 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]961 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
962 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
963 localhost" \
964 0 \
965 -s "found psk key exchange modes extension" \
966 -s "found pre_shared_key extension" \
967 -s "Found PSK_EPHEMERAL KEX MODE" \
968 -S "Found PSK KEX MODE" \
969 -s "Pre shared key found" \
970 -S "No matched PSK or ticket" \
971 -S "key exchange mode: psk$" \
972 -S "key exchange mode: psk_ephemeral" \
973 -s "key exchange mode: ephemeral"
974
975requires_gnutls_tls1_3
976requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
977requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
978requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]979run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]980 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]981 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
982 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
983 localhost" \
984 0 \
985 -s "found psk key exchange modes extension" \
986 -s "found pre_shared_key extension" \
987 -s "Found PSK_EPHEMERAL KEX MODE" \
988 -s "Found PSK KEX MODE" \
989 -s "Pre shared key found" \
990 -S "No matched PSK or ticket" \
991 -S "key exchange mode: psk$" \
992 -S "key exchange mode: psk_ephemeral" \
993 -s "key exchange mode: ephemeral"
994
995requires_gnutls_tls1_3
996requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
997requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
998requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]999run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1000 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1001 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
1002 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1003 localhost" \
1004 1 \
1005 -s "found psk key exchange modes extension" \
1006 -s "found pre_shared_key extension" \
1007 -s "Found PSK_EPHEMERAL KEX MODE" \
1008 -s "Found PSK KEX MODE" \
1009 -s "Invalid binder." \
1010 -S "key exchange mode: psk$" \
1011 -S "key exchange mode: psk_ephemeral" \
1012 -S "key exchange mode: ephemeral"
1013
1014requires_gnutls_tls1_3
1015requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1016requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1017requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1018run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1019 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1020 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1021 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1022 localhost" \
1023 0 \
1024 -s "found psk key exchange modes extension" \
1025 -s "found pre_shared_key extension" \
1026 -S "Found PSK_EPHEMERAL KEX MODE" \
1027 -s "Found PSK KEX MODE" \
1028 -s "Pre shared key found" \
1029 -S "No matched PSK or ticket" \
1030 -S "key exchange mode: psk$" \
1031 -S "key exchange mode: psk_ephemeral" \
1032 -s "key exchange mode: ephemeral"
1033
1034requires_gnutls_tls1_3
1035requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1036requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1037requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1038run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1039 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1040 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1041 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1042 localhost" \
1043 1 \
1044 -s "found psk key exchange modes extension" \
1045 -s "found pre_shared_key extension" \
1046 -S "Found PSK_EPHEMERAL KEX MODE" \
1047 -s "Found PSK KEX MODE" \
1048 -s "Invalid binder." \
1049 -S "key exchange mode: psk$" \
1050 -S "key exchange mode: psk_ephemeral" \
1051 -S "key exchange mode: ephemeral"
1052
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1053requires_gnutls_tls1_3
1054requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1055requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1056requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1057run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
1058 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1059 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
1060 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1061 localhost" \
1062 0 \
1063 -s "write selected_group: secp256r1" \
1064 -S "key exchange mode: psk$" \
1065 -s "key exchange mode: psk_ephemeral" \
1066 -S "key exchange mode: ephemeral"
1067
1068requires_gnutls_tls1_3
1069requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1070requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1071requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1072run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
1073 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1074 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
1075 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1076 localhost" \
1077 0 \
1078 -s "write selected_group: secp384r1" \
1079 -S "key exchange mode: psk$" \
1080 -s "key exchange mode: psk_ephemeral" \
1081 -S "key exchange mode: ephemeral"
1082
1083requires_gnutls_tls1_3
1084requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1085requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1086requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1087run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
1088 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1089 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
1090 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1091 localhost" \
1092 0 \
1093 -s "write selected_group: secp521r1" \
1094 -S "key exchange mode: psk$" \
1095 -s "key exchange mode: psk_ephemeral" \
1096 -S "key exchange mode: ephemeral"
1097
1098requires_gnutls_tls1_3
1099requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1100requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1101requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1102run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
1103 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1104 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
1105 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1106 localhost" \
1107 0 \
1108 -s "write selected_group: x25519" \
1109 -S "key exchange mode: psk$" \
1110 -s "key exchange mode: psk_ephemeral" \
1111 -S "key exchange mode: ephemeral"
1112
1113requires_gnutls_tls1_3
1114requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1115requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1116requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1117run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
1118 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1119 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
1120 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1121 localhost" \
1122 0 \
1123 -s "write selected_group: x448" \
1124 -S "key exchange mode: psk$" \
1125 -s "key exchange mode: psk_ephemeral" \
1126 -S "key exchange mode: ephemeral"
1127
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1128requires_openssl_tls1_3
1129requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1130requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1131run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1132 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1133 "$O_NEXT_CLI -tls1_3 -msg \
1134 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1135 1 \
1136 -s "found psk key exchange modes extension" \
1137 -s "found pre_shared_key extension" \
1138 -s "Found PSK_EPHEMERAL KEX MODE" \
1139 -S "Found PSK KEX MODE" \
1140 -S "key exchange mode: psk$" \
1141 -S "key exchange mode: psk_ephemeral" \
1142 -S "key exchange mode: ephemeral"
1143
1144requires_openssl_tls1_3
1145requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1146requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1147run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1148 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1149 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1150 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1151 0 \
1152 -s "found psk key exchange modes extension" \
1153 -s "found pre_shared_key extension" \
1154 -s "Found PSK_EPHEMERAL KEX MODE" \
1155 -s "Found PSK KEX MODE" \
1156 -s "Pre shared key found" \
1157 -S "No matched PSK or ticket" \
1158 -s "key exchange mode: psk$" \
1159 -S "key exchange mode: psk_ephemeral" \
1160 -S "key exchange mode: ephemeral"
1161
1162requires_openssl_tls1_3
1163requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1164requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1165run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1166 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1167 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1168 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1169 1 \
1170 -s "found psk key exchange modes extension" \
1171 -s "found pre_shared_key extension" \
1172 -s "Found PSK_EPHEMERAL KEX MODE" \
1173 -s "Found PSK KEX MODE" \
1174 -s "No matched PSK or ticket" \
1175 -S "key exchange mode: psk$" \
1176 -S "key exchange mode: psk_ephemeral" \
1177 -S "key exchange mode: ephemeral"
1178
1179requires_openssl_tls1_3
1180requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1181requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1182run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1183 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1184 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1185 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1186 1 \
1187 -s "found psk key exchange modes extension" \
1188 -s "found pre_shared_key extension" \
1189 -s "Found PSK_EPHEMERAL KEX MODE" \
1190 -s "Found PSK KEX MODE" \
1191 -s "Invalid binder." \
1192 -S "key exchange mode: psk$" \
1193 -S "key exchange mode: psk_ephemeral" \
1194 -S "key exchange mode: ephemeral"
1195
1196requires_openssl_tls1_3
1197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1198requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1199requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1200run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1201 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1202 "$O_NEXT_CLI -tls1_3 -msg \
1203 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1204 0 \
1205 -s "found psk key exchange modes extension" \
1206 -s "found pre_shared_key extension" \
1207 -s "Found PSK_EPHEMERAL KEX MODE" \
1208 -S "Found PSK KEX MODE" \
1209 -s "Pre shared key found" \
1210 -S "No matched PSK or ticket" \
1211 -S "key exchange mode: psk$" \
1212 -s "key exchange mode: psk_ephemeral" \
1213 -S "key exchange mode: ephemeral"
1214
1215requires_openssl_tls1_3
1216requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1217requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1218requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1219run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1220 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1221 "$O_NEXT_CLI -tls1_3 -msg \
1222 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1223 1 \
1224 -s "found psk key exchange modes extension" \
1225 -s "found pre_shared_key extension" \
1226 -s "Found PSK_EPHEMERAL KEX MODE" \
1227 -S "Found PSK KEX MODE" \
1228 -s "No matched PSK or ticket" \
1229 -S "key exchange mode: psk$" \
1230 -S "key exchange mode: psk_ephemeral" \
1231 -S "key exchange mode: ephemeral"
1232
1233requires_openssl_tls1_3
1234requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1235requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1236requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1237run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1238 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1239 "$O_NEXT_CLI -tls1_3 -msg \
1240 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1241 1 \
1242 -s "found psk key exchange modes extension" \
1243 -s "found pre_shared_key extension" \
1244 -s "Found PSK_EPHEMERAL KEX MODE" \
1245 -S "Found PSK KEX MODE" \
1246 -s "Invalid binder." \
1247 -S "key exchange mode: psk$" \
1248 -S "key exchange mode: psk_ephemeral" \
1249 -S "key exchange mode: ephemeral"
1250
1251requires_openssl_tls1_3
1252requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1253requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1254requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1255run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1256 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1257 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1258 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1259 0 \
1260 -s "found psk key exchange modes extension" \
1261 -s "found pre_shared_key extension" \
1262 -s "Found PSK_EPHEMERAL KEX MODE" \
1263 -s "Found PSK KEX MODE" \
1264 -s "Pre shared key found" \
1265 -S "No matched PSK or ticket" \
1266 -S "key exchange mode: psk$" \
1267 -s "key exchange mode: psk_ephemeral" \
1268 -S "key exchange mode: ephemeral"
1269
1270requires_openssl_tls1_3
1271requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1272requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1273requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1274run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1275 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1276 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1277 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1278 1 \
1279 -s "found psk key exchange modes extension" \
1280 -s "found pre_shared_key extension" \
1281 -s "Found PSK_EPHEMERAL KEX MODE" \
1282 -s "Found PSK KEX MODE" \
1283 -s "No matched PSK or ticket" \
1284 -S "key exchange mode: psk$" \
1285 -S "key exchange mode: psk_ephemeral" \
1286 -S "key exchange mode: ephemeral"
1287
1288requires_openssl_tls1_3
1289requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1290requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1291requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1292run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1293 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1294 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1295 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1296 1 \
1297 -s "found psk key exchange modes extension" \
1298 -s "found pre_shared_key extension" \
1299 -s "Found PSK_EPHEMERAL KEX MODE" \
1300 -s "Found PSK KEX MODE" \
1301 -s "Invalid binder." \
1302 -S "key exchange mode: psk$" \
1303 -S "key exchange mode: psk_ephemeral" \
1304 -S "key exchange mode: ephemeral"
1305
1306requires_openssl_tls1_3
1307requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1308requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1309requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1310run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1311 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1312 "$O_NEXT_CLI -tls1_3 -msg \
1313 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1314 0 \
1315 -s "found psk key exchange modes extension" \
1316 -s "found pre_shared_key extension" \
1317 -s "Found PSK_EPHEMERAL KEX MODE" \
1318 -S "Found PSK KEX MODE" \
1319 -s "Pre shared key found" \
1320 -S "No matched PSK or ticket" \
1321 -S "key exchange mode: psk$" \
1322 -s "key exchange mode: psk_ephemeral" \
1323 -S "key exchange mode: ephemeral"
1324
1325requires_openssl_tls1_3
1326requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1327requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1328requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1329run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1330 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1331 "$O_NEXT_CLI -tls1_3 -msg \
1332 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1333 1 \
1334 -s "found psk key exchange modes extension" \
1335 -s "found pre_shared_key extension" \
1336 -s "Found PSK_EPHEMERAL KEX MODE" \
1337 -S "Found PSK KEX MODE" \
1338 -s "No matched PSK or ticket" \
1339 -S "key exchange mode: psk$" \
1340 -S "key exchange mode: psk_ephemeral" \
1341 -S "key exchange mode: ephemeral"
1342
1343requires_openssl_tls1_3
1344requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1345requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1346requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1347run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1348 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1349 "$O_NEXT_CLI -tls1_3 -msg \
1350 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1351 1 \
1352 -s "found psk key exchange modes extension" \
1353 -s "found pre_shared_key extension" \
1354 -s "Found PSK_EPHEMERAL KEX MODE" \
1355 -S "Found PSK KEX MODE" \
1356 -s "Invalid binder." \
1357 -S "key exchange mode: psk$" \
1358 -S "key exchange mode: psk_ephemeral" \
1359 -S "key exchange mode: ephemeral"
1360
1361requires_openssl_tls1_3
1362requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1363requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1364requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1365run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1366 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1367 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1368 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1369 0 \
1370 -s "found psk key exchange modes extension" \
1371 -s "found pre_shared_key extension" \
1372 -s "Found PSK_EPHEMERAL KEX MODE" \
1373 -s "Found PSK KEX MODE" \
1374 -s "Pre shared key found" \
1375 -S "No matched PSK or ticket" \
1376 -S "key exchange mode: psk$" \
1377 -s "key exchange mode: psk_ephemeral" \
1378 -S "key exchange mode: ephemeral"
1379
1380requires_openssl_tls1_3
1381requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1382requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1383requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1384run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1385 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1386 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1387 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1388 1 \
1389 -s "found psk key exchange modes extension" \
1390 -s "found pre_shared_key extension" \
1391 -s "Found PSK_EPHEMERAL KEX MODE" \
1392 -s "Found PSK KEX MODE" \
1393 -s "No matched PSK or ticket" \
1394 -S "key exchange mode: psk$" \
1395 -S "key exchange mode: psk_ephemeral" \
1396 -S "key exchange mode: ephemeral"
1397
1398requires_openssl_tls1_3
1399requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1400requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1401requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1402run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1403 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1404 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1405 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1406 1 \
1407 -s "found psk key exchange modes extension" \
1408 -s "found pre_shared_key extension" \
1409 -s "Found PSK_EPHEMERAL KEX MODE" \
1410 -s "Found PSK KEX MODE" \
1411 -s "Invalid binder." \
1412 -S "key exchange mode: psk$" \
1413 -S "key exchange mode: psk_ephemeral" \
1414 -S "key exchange mode: ephemeral"
1415
1416requires_openssl_tls1_3
1417requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1418requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1419requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1420run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1421 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1422 "$O_NEXT_CLI -tls1_3 -msg \
1423 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1424 0 \
1425 -s "found psk key exchange modes extension" \
1426 -s "found pre_shared_key extension" \
1427 -s "Found PSK_EPHEMERAL KEX MODE" \
1428 -S "Found PSK KEX MODE" \
1429 -s "Pre shared key found" \
1430 -S "No matched PSK or ticket" \
1431 -S "key exchange mode: psk$" \
1432 -s "key exchange mode: psk_ephemeral" \
1433 -S "key exchange mode: ephemeral"
1434
1435requires_openssl_tls1_3
1436requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1437requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1438requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1439run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1440 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1441 "$O_NEXT_CLI -tls1_3 -msg \
1442 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1443 0 \
1444 -s "found psk key exchange modes extension" \
1445 -s "found pre_shared_key extension" \
1446 -s "Found PSK_EPHEMERAL KEX MODE" \
1447 -S "Found PSK KEX MODE" \
1448 -s "No matched PSK or ticket" \
1449 -S "key exchange mode: psk$" \
1450 -S "key exchange mode: psk_ephemeral" \
1451 -s "key exchange mode: ephemeral"
1452
1453requires_openssl_tls1_3
1454requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1455requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1456requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1457run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1458 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1459 "$O_NEXT_CLI -tls1_3 -msg \
1460 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1461 1 \
1462 -s "found psk key exchange modes extension" \
1463 -s "found pre_shared_key extension" \
1464 -s "Found PSK_EPHEMERAL KEX MODE" \
1465 -S "Found PSK KEX MODE" \
1466 -s "Invalid binder." \
1467 -S "key exchange mode: psk$" \
1468 -S "key exchange mode: psk_ephemeral" \
1469 -S "key exchange mode: ephemeral"
1470
1471requires_openssl_tls1_3
1472requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1473requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1474requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1475run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1476 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1477 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1478 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1479 0 \
1480 -s "found psk key exchange modes extension" \
1481 -s "found pre_shared_key extension" \
1482 -s "Found PSK_EPHEMERAL KEX MODE" \
1483 -s "Found PSK KEX MODE" \
1484 -s "Pre shared key found" \
1485 -S "No matched PSK or ticket" \
1486 -S "key exchange mode: psk$" \
1487 -s "key exchange mode: psk_ephemeral" \
1488 -S "key exchange mode: ephemeral"
1489
1490requires_openssl_tls1_3
1491requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1492requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1493requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1494run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1495 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1496 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1497 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1498 0 \
1499 -s "found psk key exchange modes extension" \
1500 -s "found pre_shared_key extension" \
1501 -s "Found PSK_EPHEMERAL KEX MODE" \
1502 -s "Found PSK KEX MODE" \
1503 -s "No matched PSK or ticket" \
1504 -S "key exchange mode: psk$" \
1505 -S "key exchange mode: psk_ephemeral" \
1506 -s "key exchange mode: ephemeral"
1507
1508requires_openssl_tls1_3
1509requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1510requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1511requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1512run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1513 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1514 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1515 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1516 1 \
1517 -s "found psk key exchange modes extension" \
1518 -s "found pre_shared_key extension" \
1519 -s "Found PSK_EPHEMERAL KEX MODE" \
1520 -s "Found PSK KEX MODE" \
1521 -s "Invalid binder." \
1522 -S "key exchange mode: psk$" \
1523 -S "key exchange mode: psk_ephemeral" \
1524 -S "key exchange mode: ephemeral"
1525
1526requires_openssl_tls1_3
1527requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1528requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1529requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1530run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1531 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1532 "$O_NEXT_CLI -tls1_3 -msg \
1533 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1534 0 \
1535 -s "found psk key exchange modes extension" \
1536 -s "found pre_shared_key extension" \
1537 -s "Found PSK_EPHEMERAL KEX MODE" \
1538 -S "Found PSK KEX MODE" \
1539 -s "Pre shared key found" \
1540 -S "No matched PSK or ticket" \
1541 -S "key exchange mode: psk$" \
1542 -s "key exchange mode: psk_ephemeral" \
1543 -S "key exchange mode: ephemeral"
1544
1545requires_openssl_tls1_3
1546requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1547requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1548requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1549run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1550 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1551 "$O_NEXT_CLI -tls1_3 -msg \
1552 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1553 0 \
1554 -s "found psk key exchange modes extension" \
1555 -s "found pre_shared_key extension" \
1556 -s "Found PSK_EPHEMERAL KEX MODE" \
1557 -S "Found PSK KEX MODE" \
1558 -s "No matched PSK or ticket" \
1559 -S "key exchange mode: psk$" \
1560 -S "key exchange mode: psk_ephemeral" \
1561 -s "key exchange mode: ephemeral"
1562
1563requires_openssl_tls1_3
1564requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1565requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1566requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1567run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1568 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1569 "$O_NEXT_CLI -tls1_3 -msg \
1570 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1571 1 \
1572 -s "found psk key exchange modes extension" \
1573 -s "found pre_shared_key extension" \
1574 -s "Found PSK_EPHEMERAL KEX MODE" \
1575 -S "Found PSK KEX MODE" \
1576 -s "Invalid binder." \
1577 -S "key exchange mode: psk$" \
1578 -S "key exchange mode: psk_ephemeral" \
1579 -S "key exchange mode: ephemeral"
1580
1581requires_openssl_tls1_3
1582requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1583requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1584requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1585run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1586 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1587 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1588 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1589 0 \
1590 -s "found psk key exchange modes extension" \
1591 -s "found pre_shared_key extension" \
1592 -s "Found PSK_EPHEMERAL KEX MODE" \
1593 -s "Found PSK KEX MODE" \
1594 -s "Pre shared key found" \
1595 -S "No matched PSK or ticket" \
1596 -S "key exchange mode: psk$" \
1597 -s "key exchange mode: psk_ephemeral" \
1598 -S "key exchange mode: ephemeral"
1599
1600requires_openssl_tls1_3
1601requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1602requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1603requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1604run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1605 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1606 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1607 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1608 0 \
1609 -s "found psk key exchange modes extension" \
1610 -s "found pre_shared_key extension" \
1611 -s "Found PSK_EPHEMERAL KEX MODE" \
1612 -s "Found PSK KEX MODE" \
1613 -s "No matched PSK or ticket" \
1614 -S "key exchange mode: psk$" \
1615 -S "key exchange mode: psk_ephemeral" \
1616 -s "key exchange mode: ephemeral"
1617
1618requires_openssl_tls1_3
1619requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1620requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1621requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1622run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1623 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1624 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1625 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1626 1 \
1627 -s "found psk key exchange modes extension" \
1628 -s "found pre_shared_key extension" \
1629 -s "Found PSK_EPHEMERAL KEX MODE" \
1630 -s "Found PSK KEX MODE" \
1631 -s "Invalid binder." \
1632 -S "key exchange mode: psk$" \
1633 -S "key exchange mode: psk_ephemeral" \
1634 -S "key exchange mode: ephemeral"
1635
1636requires_openssl_tls1_3
1637requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1638requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1639requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1640run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1641 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1642 "$O_NEXT_CLI -tls1_3 -msg \
1643 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1644 0 \
1645 -s "found psk key exchange modes extension" \
1646 -s "found pre_shared_key extension" \
1647 -s "Found PSK_EPHEMERAL KEX MODE" \
1648 -S "Found PSK KEX MODE" \
1649 -s "Pre shared key found" \
1650 -S "No matched PSK or ticket" \
1651 -S "key exchange mode: psk$" \
1652 -S "key exchange mode: psk_ephemeral" \
1653 -s "key exchange mode: ephemeral"
1654
1655requires_openssl_tls1_3
1656requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1657requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1658requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1659run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1660 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1661 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1662 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1663 0 \
1664 -s "found psk key exchange modes extension" \
1665 -s "found pre_shared_key extension" \
1666 -s "Found PSK_EPHEMERAL KEX MODE" \
1667 -s "Found PSK KEX MODE" \
1668 -s "Pre shared key found" \
1669 -S "No matched PSK or ticket" \
1670 -S "key exchange mode: psk$" \
1671 -S "key exchange mode: psk_ephemeral" \
1672 -s "key exchange mode: ephemeral"
1673
1674requires_openssl_tls1_3
1675requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1676requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1677requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1678run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1679 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1680 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1681 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1682 1 \
1683 -s "found psk key exchange modes extension" \
1684 -s "found pre_shared_key extension" \
1685 -s "Found PSK_EPHEMERAL KEX MODE" \
1686 -s "Found PSK KEX MODE" \
1687 -s "Invalid binder." \
1688 -S "key exchange mode: psk$" \
1689 -S "key exchange mode: psk_ephemeral" \
1690 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1691
1692requires_openssl_tls1_3
1693requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1694requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1695requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1696run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1697 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1698 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1699 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1700 0 \
1701 -s "write selected_group: secp256r1" \
1702 -S "key exchange mode: psk$" \
1703 -s "key exchange mode: psk_ephemeral" \
1704 -S "key exchange mode: ephemeral"
1705
1706requires_openssl_tls1_3
1707requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1708requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1709requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1710run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1711 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1712 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1713 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1714 0 \
1715 -s "write selected_group: secp384r1" \
1716 -S "key exchange mode: psk$" \
1717 -s "key exchange mode: psk_ephemeral" \
1718 -S "key exchange mode: ephemeral"
1719
1720requires_openssl_tls1_3
1721requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1722requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1723requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1724run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1725 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1726 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1727 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1728 0 \
1729 -s "write selected_group: secp521r1" \
1730 -S "key exchange mode: psk$" \
1731 -s "key exchange mode: psk_ephemeral" \
1732 -S "key exchange mode: ephemeral"
1733
1734requires_openssl_tls1_3
1735requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1736requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1737requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1738run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1739 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1740 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1741 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1742 0 \
1743 -s "write selected_group: x25519" \
1744 -S "key exchange mode: psk$" \
1745 -s "key exchange mode: psk_ephemeral" \
1746 -S "key exchange mode: ephemeral"
1747
1748requires_openssl_tls1_3
1749requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1750requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1751requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1752run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1753 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1754 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1755 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1756 0 \
1757 -s "write selected_group: x448" \
1758 -S "key exchange mode: psk$" \
1759 -s "key exchange mode: psk_ephemeral" \
1760 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1761
1762requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1763requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1764requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1765requires_openssl_tls1_3
1766run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1767 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1768 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1769 0 \
1770 -s "write selected_group: secp384r1" \
1771 -s "HRR selected_group: secp384r1" \
1772 -S "key exchange mode: psk$" \
1773 -s "key exchange mode: psk_ephemeral" \
1774 -S "key exchange mode: ephemeral"
1775
1776requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1777requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1778requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1779requires_gnutls_tls1_3
1780requires_gnutls_next_no_ticket
1781requires_gnutls_next_disable_tls13_compat
1782run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1783 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1784 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1785 0 \
1786 -s "write selected_group: secp384r1" \
1787 -s "HRR selected_group: secp384r1" \
1788 -S "key exchange mode: psk$" \
1789 -s "key exchange mode: psk_ephemeral" \
1790 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1791
1792
1793# Add psk test cases for mbedtls client code
1794
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1795# MbedTls->MbedTLS kinds of tls13_kex_modes
1796# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1797requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1798requires_config_enabled MBEDTLS_SSL_SRV_C
1799requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1800run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1801 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1802 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1803 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1804 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1805 -c "client hello, adding psk_key_exchange_modes extension" \
1806 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1807 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1808 -c "HTTP/1.0 200 OK"
1809
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1810requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1811requires_config_enabled MBEDTLS_SSL_SRV_C
1812requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1813run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1814 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1815 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1816 1 \
1817 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1818 -c "client hello, adding psk_key_exchange_modes extension" \
1819 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1820 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1821
1822requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1823requires_config_enabled MBEDTLS_SSL_SRV_C
1824requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1825run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1826 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1827 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1828 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1829 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1830 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1831 -c "client hello, adding PSK binder list" \
1832 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1833
1834requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1835requires_config_enabled MBEDTLS_SSL_SRV_C
1836requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1837run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1838 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1839 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1840 1 \
1841 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1842 -c "client hello, adding psk_key_exchange_modes extension" \
1843 -c "client hello, adding PSK binder list" \
1844 -s "ClientHello message misses mandatory extensions."
1845
1846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1847requires_config_enabled MBEDTLS_SSL_SRV_C
1848requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1849run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1850 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1851 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1852 1 \
1853 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1854 -c "client hello, adding psk_key_exchange_modes extension" \
1855 -c "client hello, adding PSK binder list" \
1856 -s "ClientHello message misses mandatory extensions."
1857
1858requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1859requires_config_enabled MBEDTLS_SSL_SRV_C
1860requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1861run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1862 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1863 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1864 1 \
1865 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1866 -c "client hello, adding psk_key_exchange_modes extension" \
1867 -c "client hello, adding PSK binder list" \
1868 -s "ClientHello message misses mandatory extensions."
1869
1870requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1871requires_config_enabled MBEDTLS_SSL_SRV_C
1872requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1873run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1874 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1875 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1876 0 \
1877 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1878 -c "client hello, adding psk_key_exchange_modes extension" \
1879 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1880 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1881 -c "HTTP/1.0 200 OK"
1882
1883requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1884requires_config_enabled MBEDTLS_SSL_SRV_C
1885requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1886run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1887 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1888 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1889 1 \
1890 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1891 -c "client hello, adding psk_key_exchange_modes extension" \
1892 -c "client hello, adding PSK binder list" \
1893 -s "No matched PSK or ticket" \
1894 -s "ClientHello message misses mandatory extensions."
1895
1896requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1897requires_config_enabled MBEDTLS_SSL_SRV_C
1898requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1899run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1900 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1901 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1902 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1903 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1904 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1905 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1906 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1907
1908requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1909requires_config_enabled MBEDTLS_SSL_SRV_C
1910requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1911run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1912 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1913 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1914 0 \
1915 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1916 -c "client hello, adding psk_key_exchange_modes extension" \
1917 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1918 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1919 -c "HTTP/1.0 200 OK"
1920
1921requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1922requires_config_enabled MBEDTLS_SSL_SRV_C
1923requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1924run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1925 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1926 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1927 1 \
1928 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1929 -c "client hello, adding psk_key_exchange_modes extension" \
1930 -c "client hello, adding PSK binder list" \
1931 -s "No matched PSK or ticket" \
1932 -s "ClientHello message misses mandatory extensions."
1933
1934requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1935requires_config_enabled MBEDTLS_SSL_SRV_C
1936requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1937run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1938 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1939 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1940 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1941 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1942 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1943 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1944 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1945
1946# psk_ephemeral mode in client
1947requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1948requires_config_enabled MBEDTLS_SSL_SRV_C
1949requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1950run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1951 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1952 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1953 1 \
1954 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1955 -c "client hello, adding psk_key_exchange_modes extension" \
1956 -c "client hello, adding PSK binder list" \
1957 -s "ClientHello message misses mandatory extensions."
1958
1959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1960requires_config_enabled MBEDTLS_SSL_SRV_C
1961requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1962run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1963 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1964 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1965 0 \
1966 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1967 -c "client hello, adding psk_key_exchange_modes extension" \
1968 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1969 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1970 -c "HTTP/1.0 200 OK"
1971
1972requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1973requires_config_enabled MBEDTLS_SSL_SRV_C
1974requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1975run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1976 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1977 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1978 1 \
1979 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1980 -c "client hello, adding psk_key_exchange_modes extension" \
1981 -c "client hello, adding PSK binder list" \
1982 -s "No matched PSK or ticket" \
1983 -s "ClientHello message misses mandatory extensions."
1984
1985requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1986requires_config_enabled MBEDTLS_SSL_SRV_C
1987requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1988run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1989 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1990 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1991 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1992 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1993 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1994 -c "client hello, adding PSK binder list" \
1995 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1996
1997requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1998requires_config_enabled MBEDTLS_SSL_SRV_C
1999requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2000requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2001requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
2002requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2003run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2004 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2005 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2006 1 \
2007 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2008 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2009 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2010
2011requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2012requires_config_enabled MBEDTLS_SSL_SRV_C
2013requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2014run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2015 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2016 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2017 0 \
2018 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2019 -c "client hello, adding psk_key_exchange_modes extension" \
2020 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2021 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2022 -c "HTTP/1.0 200 OK"
2023
2024requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2025requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2026requires_config_enabled MBEDTLS_SSL_SRV_C
2027requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2028requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
2029requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2030run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2031 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2032 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2033 1 \
2034 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2035 -c "client hello, adding psk_key_exchange_modes extension" \
2036 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2037 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2038
2039requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2040requires_config_enabled MBEDTLS_SSL_SRV_C
2041requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2042run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2043 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2044 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2045 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2046 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2047 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2048 -c "client hello, adding PSK binder list" \
2049 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2050
2051requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2052requires_config_enabled MBEDTLS_SSL_SRV_C
2053requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2054run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2055 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2056 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2057 0 \
2058 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2059 -c "client hello, adding psk_key_exchange_modes extension" \
2060 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2061 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2062 -c "HTTP/1.0 200 OK"
2063
2064requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2065requires_config_enabled MBEDTLS_SSL_SRV_C
2066requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2067run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2068 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2069 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2070 1 \
2071 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2072 -c "client hello, adding psk_key_exchange_modes extension" \
2073 -c "client hello, adding PSK binder list" \
2074 -s "No matched PSK or ticket" \
2075 -s "ClientHello message misses mandatory extensions."
2076
2077requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2078requires_config_enabled MBEDTLS_SSL_SRV_C
2079requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2080run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2081 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2082 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2083 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2084 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2085 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2086 -c "client hello, adding PSK binder list" \
2087 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2088
2089requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2090requires_config_enabled MBEDTLS_SSL_SRV_C
2091requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2092run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2093 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2094 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2095 0 \
2096 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2097 -c "client hello, adding psk_key_exchange_modes extension" \
2098 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2099 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2100 -c "HTTP/1.0 200 OK"
2101
2102requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2103requires_config_enabled MBEDTLS_SSL_SRV_C
2104requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2105run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2106 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2107 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2108 1 \
2109 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2110 -c "client hello, adding psk_key_exchange_modes extension" \
2111 -c "client hello, adding PSK binder list" \
2112 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2113
2114requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2115requires_config_enabled MBEDTLS_SSL_SRV_C
2116requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2117run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2118 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2119 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2120 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2121 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2122 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2123 -c "client hello, adding PSK binder list" \
2124 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2125
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2126# ephemeral mode in client
2127requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2128requires_config_enabled MBEDTLS_SSL_SRV_C
2129requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2130run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2131 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2132 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2133 1 \
2134 -s "ClientHello message misses mandatory extensions."
2135
2136requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2137requires_config_enabled MBEDTLS_SSL_SRV_C
2138requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2139run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2140 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2141 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2142 1 \
2143 -s "ClientHello message misses mandatory extensions."
2144
2145requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2146requires_config_enabled MBEDTLS_SSL_SRV_C
2147requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2148run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2149 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2150 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2151 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2152 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2153 -c "HTTP/1.0 200 OK"
2154
2155requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2156requires_config_enabled MBEDTLS_SSL_SRV_C
2157requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2158run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2159 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2160 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2161 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2162 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2163 -c "HTTP/1.0 200 OK"
2164
2165requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2166requires_config_enabled MBEDTLS_SSL_SRV_C
2167requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2168run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2169 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2170 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2171 1 \
2172 -s "ClientHello message misses mandatory extensions."
2173
2174requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2175requires_config_enabled MBEDTLS_SSL_SRV_C
2176requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2177run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2178 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2179 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2180 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2181 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2182 -c "HTTP/1.0 200 OK"
2183
2184# ephemeral_all mode in client
2185requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2186requires_config_enabled MBEDTLS_SSL_SRV_C
2187requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2188run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2189 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2190 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2191 1 \
2192 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2193 -c "client hello, adding psk_key_exchange_modes extension" \
2194 -c "client hello, adding PSK binder list" \
2195 -s "ClientHello message misses mandatory extensions."
2196
2197requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2198requires_config_enabled MBEDTLS_SSL_SRV_C
2199requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2200run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2201 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2202 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2203 0 \
2204 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2205 -c "client hello, adding psk_key_exchange_modes extension" \
2206 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2207 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2208 -c "HTTP/1.0 200 OK"
2209
2210requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2211requires_config_enabled MBEDTLS_SSL_SRV_C
2212requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2213run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2214 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2215 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2216 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2217 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2218 -c "client hello, adding psk_key_exchange_modes extension" \
2219 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2220 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2221
2222requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2223requires_config_enabled MBEDTLS_SSL_SRV_C
2224requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2225run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2226 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2227 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2228 1 \
2229 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2230 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2231 -c "client hello, adding PSK binder list" \
2232 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2233
2234requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2235requires_config_enabled MBEDTLS_SSL_SRV_C
2236requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2237run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2238 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2239 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2240 0 \
2241 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2242 -c "client hello, adding psk_key_exchange_modes extension" \
2243 -c "client hello, adding PSK binder list" \
2244 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2245 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2246 -c "HTTP/1.0 200 OK"
2247
2248requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2249requires_config_enabled MBEDTLS_SSL_SRV_C
2250requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2251run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2252 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2253 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2254 0 \
2255 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2256 -c "client hello, adding psk_key_exchange_modes extension" \
2257 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2258 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2259 -c "HTTP/1.0 200 OK"
2260
2261requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2262requires_config_enabled MBEDTLS_SSL_SRV_C
2263requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2264run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2265 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2266 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2267 0 \
2268 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2269 -c "client hello, adding psk_key_exchange_modes extension" \
2270 -c "client hello, adding PSK binder list" \
2271 -s "No matched PSK or ticket" \
2272 -s "key exchange mode: ephemeral"
2273
2274requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2275requires_config_enabled MBEDTLS_SSL_SRV_C
2276requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2277run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2278 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2279 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2280 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2281 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2282 -c "client hello, adding psk_key_exchange_modes extension" \
2283 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2284 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2285
2286requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2287requires_config_enabled MBEDTLS_SSL_SRV_C
2288requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2289run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2290 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2291 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2292 0 \
2293 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2294 -c "client hello, adding psk_key_exchange_modes extension" \
2295 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2296 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2297 -c "HTTP/1.0 200 OK"
2298
2299requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2300requires_config_enabled MBEDTLS_SSL_SRV_C
2301requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2302run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2303 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2304 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2305 1 \
2306 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2307 -c "client hello, adding psk_key_exchange_modes extension" \
2308 -c "client hello, adding PSK binder list" \
2309 -s "No matched PSK or ticket" \
2310 -s "ClientHello message misses mandatory extensions."
2311
2312requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2313requires_config_enabled MBEDTLS_SSL_SRV_C
2314requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2315run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2316 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2317 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2318 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2319 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2320 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2321 -c "client hello, adding PSK binder list" \
2322 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2323
2324requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2325requires_config_enabled MBEDTLS_SSL_SRV_C
2326requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2327run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2328 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2329 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2330 0 \
2331 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2332 -c "client hello, adding psk_key_exchange_modes extension" \
2333 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2334 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2335 -c "HTTP/1.0 200 OK"
2336
2337requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2338requires_config_enabled MBEDTLS_SSL_SRV_C
2339requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2340run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2341 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2342 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2343 0 \
2344 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2345 -c "client hello, adding psk_key_exchange_modes extension" \
2346 -c "client hello, adding PSK binder list" \
2347 -s "No matched PSK or ticket" \
2348 -s "key exchange mode: ephemeral"
2349
2350requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2351requires_config_enabled MBEDTLS_SSL_SRV_C
2352requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2353run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2354 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2355 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2356 1 \
2357 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2358 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2359 -c "client hello, adding PSK binder list" \
2360 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2361
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2362# psk_all mode in client
2363requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2364requires_config_enabled MBEDTLS_SSL_SRV_C
2365requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2366run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2367 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2368 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2369 0 \
2370 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2371 -c "client hello, adding psk_key_exchange_modes extension" \
2372 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2373 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2374 -c "HTTP/1.0 200 OK"
2375
2376requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2377requires_config_enabled MBEDTLS_SSL_SRV_C
2378requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2379run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2380 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2381 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2382 1 \
2383 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2384 -c "client hello, adding psk_key_exchange_modes extension" \
2385 -c "client hello, adding PSK binder list" \
2386 -s "ClientHello message misses mandatory extensions."
2387
2388requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2389requires_config_enabled MBEDTLS_SSL_SRV_C
2390requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2391run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2392 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2393 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2394 1 \
2395 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2396 -c "client hello, adding psk_key_exchange_modes extension" \
2397 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2398 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2399
2400requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2401requires_config_enabled MBEDTLS_SSL_SRV_C
2402requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2403run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2404 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2405 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2406 0 \
2407 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2408 -c "client hello, adding psk_key_exchange_modes extension" \
2409 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2410 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2411 -c "HTTP/1.0 200 OK"
2412
2413requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2414requires_config_enabled MBEDTLS_SSL_SRV_C
2415requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2416run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2417 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2418 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2419 1 \
2420 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2421 -c "client hello, adding psk_key_exchange_modes extension" \
2422 -c "client hello, adding PSK binder list" \
2423 -s "No matched PSK or ticket" \
2424 -s "ClientHello message misses mandatory extensions."
2425
2426requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2427requires_config_enabled MBEDTLS_SSL_SRV_C
2428requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2429run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2430 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2431 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2432 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2433 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2434 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2435 -c "client hello, adding PSK binder list" \
2436 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437
2438requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2439requires_config_enabled MBEDTLS_SSL_SRV_C
2440requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2441run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2442 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2443 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2444 1 \
2445 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2446 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2447 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2448
2449requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2450requires_config_enabled MBEDTLS_SSL_SRV_C
2451requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2452run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2453 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2454 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2455 0 \
2456 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2457 -c "client hello, adding psk_key_exchange_modes extension" \
2458 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2459 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2460 -c "HTTP/1.0 200 OK"
2461
2462requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2463requires_config_enabled MBEDTLS_SSL_SRV_C
2464requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2465run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2466 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2467 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 1 \
2469 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2470 -c "client hello, adding psk_key_exchange_modes extension" \
2471 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2472 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2473
2474requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2475requires_config_enabled MBEDTLS_SSL_SRV_C
2476requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2477run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2478 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2479 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2480 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2481 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2482 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2483 -c "client hello, adding PSK binder list" \
2484 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2485
2486requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2487requires_config_enabled MBEDTLS_SSL_SRV_C
2488requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2489run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2490 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2491 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2492 0 \
2493 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2494 -c "client hello, adding psk_key_exchange_modes extension" \
2495 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2496 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2497 -c "HTTP/1.0 200 OK"
2498
2499requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2500requires_config_enabled MBEDTLS_SSL_SRV_C
2501requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2502run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2504 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2505 1 \
2506 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2507 -c "client hello, adding psk_key_exchange_modes extension" \
2508 -c "client hello, adding PSK binder list" \
2509 -s "No matched PSK or ticket" \
2510 -s "ClientHello message misses mandatory extensions."
2511
2512requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2513requires_config_enabled MBEDTLS_SSL_SRV_C
2514requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2515run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2516 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2517 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2518 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2519 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2520 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2521 -c "client hello, adding PSK binder list" \
2522 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2523
2524requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2525requires_config_enabled MBEDTLS_SSL_SRV_C
2526requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2527run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2528 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2529 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2530 0 \
2531 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2532 -c "client hello, adding psk_key_exchange_modes extension" \
2533 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2534 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2535 -c "HTTP/1.0 200 OK"
2536
2537requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2538requires_config_enabled MBEDTLS_SSL_SRV_C
2539requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2540run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2541 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2542 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2543 1 \
2544 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2545 -c "client hello, adding psk_key_exchange_modes extension" \
2546 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2547 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2548
2549requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2550requires_config_enabled MBEDTLS_SSL_SRV_C
2551requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2552run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2553 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2554 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2555 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2556 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2557 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2558 -c "client hello, adding PSK binder list" \
2559 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2560
2561# all mode in client
2562requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2563requires_config_enabled MBEDTLS_SSL_SRV_C
2564requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2565run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2566 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2567 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2568 0 \
2569 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2570 -c "client hello, adding psk_key_exchange_modes extension" \
2571 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2572 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2573 -c "HTTP/1.0 200 OK"
2574
2575requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2576requires_config_enabled MBEDTLS_SSL_SRV_C
2577requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2578run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2579 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2580 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2581 1 \
2582 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2583 -c "client hello, adding psk_key_exchange_modes extension" \
2584 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2585 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2586 -s "ClientHello message misses mandatory extensions."
2587
2588requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2589requires_config_enabled MBEDTLS_SSL_SRV_C
2590requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2591run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2592 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2593 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2594 1 \
2595 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2596 -c "client hello, adding psk_key_exchange_modes extension" \
2597 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2598 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2599
2600requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2601requires_config_enabled MBEDTLS_SSL_SRV_C
2602requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2603run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2604 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2605 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2606 0 \
2607 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2608 -c "client hello, adding psk_key_exchange_modes extension" \
2609 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2610 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2611 -c "HTTP/1.0 200 OK"
2612
2613requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2614requires_config_enabled MBEDTLS_SSL_SRV_C
2615requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2616run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2617 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2618 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2619 1 \
2620 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2621 -c "client hello, adding psk_key_exchange_modes extension" \
2622 -c "client hello, adding PSK binder list" \
2623 -s "No matched PSK or ticket" \
2624 -s "ClientHello message misses mandatory extensions."
2625
2626requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2627requires_config_enabled MBEDTLS_SSL_SRV_C
2628requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2629run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2630 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2631 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2632 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2633 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2634 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2635 -c "client hello, adding PSK binder list" \
2636 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2637
2638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2639requires_config_enabled MBEDTLS_SSL_SRV_C
2640requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2641run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2642 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2643 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2644 0 \
2645 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2646 -c "client hello, adding psk_key_exchange_modes extension" \
2647 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2648 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2649 -c "HTTP/1.0 200 OK"
2650
2651requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2652requires_config_enabled MBEDTLS_SSL_SRV_C
2653requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2654run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2655 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2656 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2657 0 \
2658 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2659 -c "client hello, adding psk_key_exchange_modes extension" \
2660 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2661 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2662 -c "HTTP/1.0 200 OK"
2663
2664requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2665requires_config_enabled MBEDTLS_SSL_SRV_C
2666requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2667run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2668 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2669 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2670 0 \
2671 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2672 -c "client hello, adding psk_key_exchange_modes extension" \
2673 -c "client hello, adding PSK binder list" \
2674 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2675 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2676 -c "HTTP/1.0 200 OK"
2677
2678requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2679requires_config_enabled MBEDTLS_SSL_SRV_C
2680requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2681run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2682 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2683 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2684 1 \
2685 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2686 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2687 -c "client hello, adding PSK binder list" \
2688 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2689
2690requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2691requires_config_enabled MBEDTLS_SSL_SRV_C
2692requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2693run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2694 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2695 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2696 0 \
2697 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2698 -c "client hello, adding psk_key_exchange_modes extension" \
2699 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2700 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2701 -c "HTTP/1.0 200 OK"
2702
2703requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2704requires_config_enabled MBEDTLS_SSL_SRV_C
2705requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2706run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2707 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2708 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2709 1 \
2710 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2711 -c "client hello, adding psk_key_exchange_modes extension" \
2712 -c "client hello, adding PSK binder list" \
2713 -s "No matched PSK or ticket" \
2714 -s "ClientHello message misses mandatory extensions."
2715
2716requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2717requires_config_enabled MBEDTLS_SSL_SRV_C
2718requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2719run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2720 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2721 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2722 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2723 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2724 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2725 -c "client hello, adding PSK binder list" \
2726 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2727
2728requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2729requires_config_enabled MBEDTLS_SSL_SRV_C
2730requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2731run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2732 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2733 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2734 0 \
2735 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2736 -c "client hello, adding psk_key_exchange_modes extension" \
2737 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2738 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2739 -c "HTTP/1.0 200 OK"
2740
2741requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2742requires_config_enabled MBEDTLS_SSL_SRV_C
2743requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2744run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2745 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2746 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2747 0 \
2748 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2749 -c "client hello, adding psk_key_exchange_modes extension" \
2750 -c "client hello, adding PSK binder list" \
2751 -s "No matched PSK or ticket" \
2752 -s "key exchange mode: ephemeral"
2753
2754requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2755requires_config_enabled MBEDTLS_SSL_SRV_C
2756requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2757run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2758 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2759 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2760 1 \
2761 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2762 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2763 -c "client hello, adding PSK binder list" \
2764 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2765
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2766#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2767requires_openssl_tls1_3
2768requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2769requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2770requires_config_enabled MBEDTLS_DEBUG_C
2771requires_config_enabled MBEDTLS_SSL_CLI_C
2772requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2773 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2774run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2775 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2776 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2777 0 \
2778 -c "=> write client hello" \
2779 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2780 -c "client hello, adding psk_key_exchange_modes extension" \
2781 -c "client hello, adding PSK binder list" \
2782 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2783 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2784 -c "HTTP/1.0 200 ok"
2785
2786requires_openssl_tls1_3
2787requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2788requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2789requires_config_enabled MBEDTLS_DEBUG_C
2790requires_config_enabled MBEDTLS_SSL_CLI_C
2791requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2792 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2793run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2794 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2795 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2796 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2797 -c "=> write client hello" \
2798 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2799 -c "client hello, adding psk_key_exchange_modes extension" \
2800 -c "client hello, adding PSK binder list" \
2801 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2802 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2803
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2804#OPENSSL-SERVER psk_all mode
2805requires_openssl_tls1_3
2806requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2807requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2808requires_config_enabled MBEDTLS_DEBUG_C
2809requires_config_enabled MBEDTLS_SSL_CLI_C
2810requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2811 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2812run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2813 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2814 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2815 0 \
2816 -c "=> write client hello" \
2817 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2818 -c "client hello, adding psk_key_exchange_modes extension" \
2819 -c "client hello, adding PSK binder list" \
2820 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2821 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2822 -c "HTTP/1.0 200 ok"
2823
2824requires_openssl_tls1_3
2825requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2826requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2827requires_config_enabled MBEDTLS_DEBUG_C
2828requires_config_enabled MBEDTLS_SSL_CLI_C
2829requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2830 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2831run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2832 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2833 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
2834 0 \
2835 -c "=> write client hello" \
2836 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2837 -c "client hello, adding psk_key_exchange_modes extension" \
2838 -c "client hello, adding PSK binder list" \
2839 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2840 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2841 -c "HTTP/1.0 200 ok"
2842
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2843#OPENSSL-SERVER psk_ephemeral mode
2844requires_openssl_tls1_3
2845requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2846requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2847requires_config_enabled MBEDTLS_DEBUG_C
2848requires_config_enabled MBEDTLS_SSL_CLI_C
2849requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2850 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2851run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2852 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2853 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2854 0 \
2855 -c "=> write client hello" \
2856 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2857 -c "client hello, adding psk_key_exchange_modes extension" \
2858 -c "client hello, adding PSK binder list" \
2859 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2860 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2861 -c "HTTP/1.0 200 ok"
2862
2863requires_openssl_tls1_3
2864requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2865requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2866requires_config_enabled MBEDTLS_DEBUG_C
2867requires_config_enabled MBEDTLS_SSL_CLI_C
2868requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2869 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2870run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2871 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2872 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
2873 0 \
2874 -c "=> write client hello" \
2875 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2876 -c "client hello, adding psk_key_exchange_modes extension" \
2877 -c "client hello, adding PSK binder list" \
2878 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2879 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2880 -c "HTTP/1.0 200 ok"
2881
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2882#OPENSSL-SERVER ephemeral mode
2883requires_openssl_tls1_3
2884requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2885requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2886requires_config_enabled MBEDTLS_DEBUG_C
2887requires_config_enabled MBEDTLS_SSL_CLI_C
2888requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2889 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2890run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2891 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2892 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2893 0 \
2894 -c "=> write client hello" \
2895 -c "skip psk_key_exchange_modes extension" \
2896 -c "<= write client hello" \
2897 -c "found key_shares extension" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2898 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2899 -c "HTTP/1.0 200 ok"
2900
2901requires_openssl_tls1_3
2902requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2903requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2904requires_config_enabled MBEDTLS_DEBUG_C
2905requires_config_enabled MBEDTLS_SSL_CLI_C
2906requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2907 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2908run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2909 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2910 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2911 0 \
2912 -c "=> write client hello" \
2913 -c "skip psk_key_exchange_modes extension" \
2914 -c "<= write client hello" \
2915 -c "found key_shares extension" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2916 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2917 -c "HTTP/1.0 200 ok"
2918
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2919#OPENSSL-SERVER ephemeral_all mode
2920requires_openssl_tls1_3
2921requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2922requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2923requires_config_enabled MBEDTLS_DEBUG_C
2924requires_config_enabled MBEDTLS_SSL_CLI_C
2925requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2926 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2927run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2928 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2929 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2930 0 \
2931 -c "=> write client hello" \
2932 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2933 -c "client hello, adding psk_key_exchange_modes extension" \
2934 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2935 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2936 -c "<= write client hello" \
2937 -c "HTTP/1.0 200 ok"
2938
2939requires_openssl_tls1_3
2940requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2941requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2942requires_config_enabled MBEDTLS_DEBUG_C
2943requires_config_enabled MBEDTLS_SSL_CLI_C
2944requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2945 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2946run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2947 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2948 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2949 0 \
2950 -c "=> write client hello" \
2951 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2952 -c "client hello, adding psk_key_exchange_modes extension" \
2953 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2954 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2955 -c "<= write client hello" \
2956 -c "HTTP/1.0 200 ok"
2957
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2958#OPENSSL-SERVER all mode
2959requires_openssl_tls1_3
2960requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2961requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2962requires_config_enabled MBEDTLS_DEBUG_C
2963requires_config_enabled MBEDTLS_SSL_CLI_C
2964requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2965 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2966run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2967 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2968 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2969 0 \
2970 -c "=> write client hello" \
2971 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2972 -c "client hello, adding psk_key_exchange_modes extension" \
2973 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2974 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2975 -c "<= write client hello" \
2976 -c "HTTP/1.0 200 ok"
2977
2978requires_openssl_tls1_3
2979requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2980requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2981requires_config_enabled MBEDTLS_DEBUG_C
2982requires_config_enabled MBEDTLS_SSL_CLI_C
2983requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2984 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2985run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2986 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2987 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2988 0 \
2989 -c "=> write client hello" \
2990 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2991 -c "client hello, adding psk_key_exchange_modes extension" \
2992 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2993 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2994 -c "<= write client hello" \
2995 -c "HTTP/1.0 200 ok"
2996
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2997#GNUTLS-SERVER psk mode
2998requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2999requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3000requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3001requires_config_enabled MBEDTLS_DEBUG_C
3002requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3003run_test "TLS 1.3: m->G: psk/all, good" \
3004 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3005 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3006 0 \
3007 -c "=> write client hello" \
3008 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3009 -c "client hello, adding psk_key_exchange_modes extension" \
3010 -c "client hello, adding PSK binder list" \
3011 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3012 -s "Parsing extension 'Pre Shared Key/41'" \
3013 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3014 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3015 -c "HTTP/1.0 200 OK"
3016
3017requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3018requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3019requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3020requires_config_enabled MBEDTLS_DEBUG_C
3021requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3022run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
3023 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3024 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3025 1 \
3026 -c "=> write client hello" \
3027 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3028 -c "client hello, adding psk_key_exchange_modes extension" \
3029 -c "client hello, adding PSK binder list" \
3030 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3031 -s "Parsing extension 'Pre Shared Key/41'" \
3032 -c "<= write client hello" \
3033 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3034
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3035#GNUTLS-SERVER psk_all mode
3036requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3037requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3038requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3039requires_config_enabled MBEDTLS_DEBUG_C
3040requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3041run_test "TLS 1.3: m->G: psk_all/all, good" \
3042 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3043 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3044 0 \
3045 -c "=> write client hello" \
3046 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3047 -c "client hello, adding psk_key_exchange_modes extension" \
3048 -c "client hello, adding PSK binder list" \
3049 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3050 -s "Parsing extension 'Pre Shared Key/41'" \
3051 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3052 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3053 -c "HTTP/1.0 200 OK"
3054
3055requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3056requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3057requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3058requires_config_enabled MBEDTLS_DEBUG_C
3059requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3060run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail - no fallback" \
3061 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3062 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3063 1 \
3064 -c "=> write client hello" \
3065 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3066 -c "client hello, adding psk_key_exchange_modes extension" \
3067 -c "client hello, adding PSK binder list" \
3068 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3069 -s "Parsing extension 'Pre Shared Key/41'" \
3070 -c "<= write client hello" \
3071 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3072
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3073#GNUTLS-SERVER psk_ephemeral mode
3074requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3075requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3076requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3077requires_config_enabled MBEDTLS_DEBUG_C
3078requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3079run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
3080 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3081 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3082 0 \
3083 -c "=> write client hello" \
3084 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3085 -c "client hello, adding psk_key_exchange_modes extension" \
3086 -c "client hello, adding PSK binder list" \
3087 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3088 -s "Parsing extension 'Pre Shared Key/41'" \
3089 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3090 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3091 -c "HTTP/1.0 200 OK"
3092
3093requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3094requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3095requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3096requires_config_enabled MBEDTLS_DEBUG_C
3097requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3098run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
3099 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3100 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3101 0 \
3102 -c "=> write client hello" \
3103 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3104 -c "client hello, adding psk_key_exchange_modes extension" \
3105 -c "client hello, adding PSK binder list" \
3106 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3107 -s "Parsing extension 'Pre Shared Key/41'" \
3108 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3109 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3110 -c "HTTP/1.0 200 OK"
3111
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3112#GNUTLS-SERVER ephemeral mode
3113requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3114requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3115requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3116requires_config_enabled MBEDTLS_DEBUG_C
3117requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3118run_test "TLS 1.3: m->G: ephemeral/all, good" \
3119 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3120 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3121 0 \
3122 -c "=> write client hello" \
3123 -c "skip psk_key_exchange_modes extension" \
3124 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3125 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3126 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3127 -c "HTTP/1.0 200 OK"
3128
3129requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3130requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3131requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3132requires_config_enabled MBEDTLS_DEBUG_C
3133requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3134run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
3135 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3136 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3137 0 \
3138 -c "=> write client hello" \
3139 -c "skip psk_key_exchange_modes extension" \
3140 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3141 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3142 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3143 -c "HTTP/1.0 200 OK"
3144
3145#GNUTLS-SERVER ephemeral_all mode
3146requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3147requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3148requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3149requires_config_enabled MBEDTLS_DEBUG_C
3150requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3151run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
3152 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3153 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3154 0 \
3155 -c "=> write client hello" \
3156 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3157 -c "client hello, adding psk_key_exchange_modes extension" \
3158 -c "client hello, adding PSK binder list" \
3159 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3160 -s "Parsing extension 'Pre Shared Key/41'" \
3161 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3162 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3163 -c "HTTP/1.0 200 OK"
3164
3165requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3166requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3167requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3168requires_config_enabled MBEDTLS_DEBUG_C
3169requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3170run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
3171 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3172 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3173 0 \
3174 -c "=> write client hello" \
3175 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3176 -c "client hello, adding psk_key_exchange_modes extension" \
3177 -c "client hello, adding PSK binder list" \
3178 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3179 -s "Parsing extension 'Pre Shared Key/41'" \
3180 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3181 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3182 -c "HTTP/1.0 200 OK"
3183
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3184#GNUTLS-SERVER all mode
3185requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3186requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3187requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3188requires_config_enabled MBEDTLS_DEBUG_C
3189requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3190run_test "TLS 1.3: m->G: all/all, good" \
3191 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3192 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3193 0 \
3194 -c "=> write client hello" \
3195 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3196 -c "client hello, adding psk_key_exchange_modes extension" \
3197 -c "client hello, adding PSK binder list" \
3198 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3199 -s "Parsing extension 'Pre Shared Key/41'" \
3200 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3201 -c "Selected key exchange mode: psk$" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3202 -c "HTTP/1.0 200 OK"
3203
3204requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3205requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3206requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3207requires_config_enabled MBEDTLS_DEBUG_C
3208requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3209run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
3210 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3211 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3212 0 \
3213 -c "=> write client hello" \
3214 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3215 -c "client hello, adding psk_key_exchange_modes extension" \
3216 -c "client hello, adding PSK binder list" \
3217 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3218 -s "Parsing extension 'Pre Shared Key/41'" \
3219 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3220 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3221 -c "HTTP/1.0 200 OK"