TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 351e6885f55fd6354b57b51a5dbaadf3231aa7c8 / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 974d513d8ef67ef85d5dd1fef72fbcfec13acbfe [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]21# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]22# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]23
24requires_gnutls_tls1_3
25requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]26requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]27run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]28 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]29 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
30 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
31 localhost" \
32 0 \
33 -s "found psk key exchange modes extension" \
34 -s "found pre_shared_key extension" \
35 -s "Found PSK_EPHEMERAL KEX MODE" \
36 -s "Found PSK KEX MODE" \
37 -s "Pre shared key found" \
38 -S "No matched PSK or ticket" \
39 -s "key exchange mode: psk$" \
40 -S "key exchange mode: psk_ephemeral" \
41 -S "key exchange mode: ephemeral"
42
43requires_gnutls_tls1_3
44requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]45requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]46run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]47 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]48 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
49 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
50 localhost" \
51 1 \
52 -s "found psk key exchange modes extension" \
53 -s "found pre_shared_key extension" \
54 -s "Found PSK_EPHEMERAL KEX MODE" \
55 -s "Found PSK KEX MODE" \
56 -s "No matched PSK or ticket" \
57 -S "key exchange mode: psk$" \
58 -S "key exchange mode: psk_ephemeral" \
59 -S "key exchange mode: ephemeral"
60
61requires_gnutls_tls1_3
62requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]63requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]64run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]65 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]66 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
67 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
68 localhost" \
69 1 \
70 -s "found psk key exchange modes extension" \
71 -s "found pre_shared_key extension" \
72 -s "Found PSK_EPHEMERAL KEX MODE" \
73 -s "Found PSK KEX MODE" \
74 -s "Invalid binder." \
75 -S "key exchange mode: psk$" \
76 -S "key exchange mode: psk_ephemeral" \
77 -S "key exchange mode: ephemeral"
78
79requires_gnutls_tls1_3
80requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]81requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]82run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]83 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]84 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
85 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
86 localhost" \
87 0 \
88 -s "found psk key exchange modes extension" \
89 -s "found pre_shared_key extension" \
90 -S "Found PSK_EPHEMERAL KEX MODE" \
91 -s "Found PSK KEX MODE" \
92 -s "Pre shared key found" \
93 -S "No matched PSK or ticket" \
94 -s "key exchange mode: psk$" \
95 -S "key exchange mode: psk_ephemeral" \
96 -S "key exchange mode: ephemeral"
97
98requires_gnutls_tls1_3
99requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]101run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]102 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]103 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
104 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
105 localhost" \
106 1 \
107 -s "found psk key exchange modes extension" \
108 -s "found pre_shared_key extension" \
109 -S "Found PSK_EPHEMERAL KEX MODE" \
110 -s "Found PSK KEX MODE" \
111 -s "No matched PSK or ticket" \
112 -S "key exchange mode: psk$" \
113 -S "key exchange mode: psk_ephemeral" \
114 -S "key exchange mode: ephemeral"
115
116requires_gnutls_tls1_3
117requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]118requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]119run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]120 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]121 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
122 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
123 localhost" \
124 1 \
125 -s "found psk key exchange modes extension" \
126 -s "found pre_shared_key extension" \
127 -S "Found PSK_EPHEMERAL KEX MODE" \
128 -s "Found PSK KEX MODE" \
129 -s "Invalid binder." \
130 -S "key exchange mode: psk$" \
131 -S "key exchange mode: psk_ephemeral" \
132 -S "key exchange mode: ephemeral"
133
134requires_gnutls_tls1_3
135requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]137run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]138 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]139 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
140 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
141 localhost" \
142 0 \
143 -s "found psk key exchange modes extension" \
144 -s "found pre_shared_key extension" \
145 -s "Found PSK_EPHEMERAL KEX MODE" \
146 -S "Found PSK KEX MODE" \
147 -s "Pre shared key found" \
148 -S "No matched PSK or ticket" \
149 -S "key exchange mode: psk$" \
150 -s "key exchange mode: psk_ephemeral" \
151 -S "key exchange mode: ephemeral"
152
153requires_gnutls_tls1_3
154requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]155requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]156run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]157 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]158 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
159 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
160 localhost" \
161 1 \
162 -s "found psk key exchange modes extension" \
163 -s "found pre_shared_key extension" \
164 -s "Found PSK_EPHEMERAL KEX MODE" \
165 -S "Found PSK KEX MODE" \
166 -s "No matched PSK or ticket" \
167 -S "key exchange mode: psk$" \
168 -S "key exchange mode: psk_ephemeral" \
169 -S "key exchange mode: ephemeral"
170
171requires_gnutls_tls1_3
172requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]173requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]174run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]175 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]176 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
177 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
178 localhost" \
179 1 \
180 -s "found psk key exchange modes extension" \
181 -s "found pre_shared_key extension" \
182 -s "Found PSK_EPHEMERAL KEX MODE" \
183 -S "Found PSK KEX MODE" \
184 -s "Invalid binder." \
185 -S "key exchange mode: psk$" \
186 -S "key exchange mode: psk_ephemeral" \
187 -S "key exchange mode: ephemeral"
188
189requires_gnutls_tls1_3
190requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]191requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]192run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]193 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]194 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
195 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
196 localhost" \
197 0 \
198 -s "found psk key exchange modes extension" \
199 -s "found pre_shared_key extension" \
200 -s "Found PSK_EPHEMERAL KEX MODE" \
201 -s "Found PSK KEX MODE" \
202 -s "Pre shared key found" \
203 -S "No matched PSK or ticket" \
204 -S "key exchange mode: psk$" \
205 -s "key exchange mode: psk_ephemeral" \
206 -S "key exchange mode: ephemeral"
207
208requires_gnutls_tls1_3
209requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]211run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]212 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]213 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
214 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
215 localhost" \
216 1 \
217 -s "found psk key exchange modes extension" \
218 -s "found pre_shared_key extension" \
219 -s "Found PSK_EPHEMERAL KEX MODE" \
220 -s "Found PSK KEX MODE" \
221 -s "No matched PSK or ticket" \
222 -S "key exchange mode: psk$" \
223 -S "key exchange mode: psk_ephemeral" \
224 -S "key exchange mode: ephemeral"
225
226requires_gnutls_tls1_3
227requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]228requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]229run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]230 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]231 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
232 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
233 localhost" \
234 1 \
235 -s "found psk key exchange modes extension" \
236 -s "found pre_shared_key extension" \
237 -s "Found PSK_EPHEMERAL KEX MODE" \
238 -s "Found PSK KEX MODE" \
239 -s "Invalid binder." \
240 -S "key exchange mode: psk$" \
241 -S "key exchange mode: psk_ephemeral" \
242 -S "key exchange mode: ephemeral"
243
244requires_gnutls_tls1_3
245requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]247run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]248 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]249 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
250 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
251 localhost" \
252 1 \
253 -s "found psk key exchange modes extension" \
254 -s "found pre_shared_key extension" \
255 -S "Found PSK_EPHEMERAL KEX MODE" \
256 -s "Found PSK KEX MODE" \
257 -S "key exchange mode: psk$" \
258 -S "key exchange mode: psk_ephemeral" \
259 -S "key exchange mode: ephemeral"
260
261requires_gnutls_tls1_3
262requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]263requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
264requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]265run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]266 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]267 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
268 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
269 localhost" \
270 0 \
271 -s "found psk key exchange modes extension" \
272 -s "found pre_shared_key extension" \
273 -s "Found PSK_EPHEMERAL KEX MODE" \
274 -S "Found PSK KEX MODE" \
275 -s "Pre shared key found" \
276 -S "No matched PSK or ticket" \
277 -S "key exchange mode: psk$" \
278 -s "key exchange mode: psk_ephemeral" \
279 -S "key exchange mode: ephemeral"
280
281requires_gnutls_tls1_3
282requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
284requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]285run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]286 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]287 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
288 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
289 localhost" \
290 1 \
291 -s "found psk key exchange modes extension" \
292 -s "found pre_shared_key extension" \
293 -s "Found PSK_EPHEMERAL KEX MODE" \
294 -S "Found PSK KEX MODE" \
295 -s "No matched PSK or ticket" \
296 -S "key exchange mode: psk$" \
297 -S "key exchange mode: psk_ephemeral" \
298 -S "key exchange mode: ephemeral"
299
300requires_gnutls_tls1_3
301requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]302requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
303requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]304run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]305 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]306 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
307 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
308 localhost" \
309 1 \
310 -s "found psk key exchange modes extension" \
311 -s "found pre_shared_key extension" \
312 -s "Found PSK_EPHEMERAL KEX MODE" \
313 -S "Found PSK KEX MODE" \
314 -s "Invalid binder." \
315 -S "key exchange mode: psk$" \
316 -S "key exchange mode: psk_ephemeral" \
317 -S "key exchange mode: ephemeral"
318
319requires_gnutls_tls1_3
320requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]321requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
322requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]323run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]324 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]325 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
326 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
327 localhost" \
328 0 \
329 -s "found psk key exchange modes extension" \
330 -s "found pre_shared_key extension" \
331 -s "Found PSK_EPHEMERAL KEX MODE" \
332 -s "Found PSK KEX MODE" \
333 -s "Pre shared key found" \
334 -S "No matched PSK or ticket" \
335 -S "key exchange mode: psk$" \
336 -s "key exchange mode: psk_ephemeral" \
337 -S "key exchange mode: ephemeral"
338
339requires_gnutls_tls1_3
340requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]343run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]344 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]345 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
346 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
347 localhost" \
348 1 \
349 -s "found psk key exchange modes extension" \
350 -s "found pre_shared_key extension" \
351 -s "Found PSK_EPHEMERAL KEX MODE" \
352 -s "Found PSK KEX MODE" \
353 -s "No matched PSK or ticket" \
354 -S "key exchange mode: psk$" \
355 -S "key exchange mode: psk_ephemeral" \
356 -S "key exchange mode: ephemeral"
357
358requires_gnutls_tls1_3
359requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]360requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
361requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]362run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]363 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]364 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
365 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
366 localhost" \
367 1 \
368 -s "found psk key exchange modes extension" \
369 -s "found pre_shared_key extension" \
370 -s "Found PSK_EPHEMERAL KEX MODE" \
371 -s "Found PSK KEX MODE" \
372 -s "Invalid binder." \
373 -S "key exchange mode: psk$" \
374 -S "key exchange mode: psk_ephemeral" \
375 -S "key exchange mode: ephemeral"
376
377requires_gnutls_tls1_3
378requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]381run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]382 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]383 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
384 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
385 localhost" \
386 0 \
387 -s "found psk key exchange modes extension" \
388 -s "found pre_shared_key extension" \
389 -S "Found PSK_EPHEMERAL KEX MODE" \
390 -s "Found PSK KEX MODE" \
391 -s "Pre shared key found" \
392 -S "No matched PSK or ticket" \
393 -s "key exchange mode: psk$" \
394 -S "key exchange mode: psk_ephemeral" \
395 -S "key exchange mode: ephemeral"
396
397requires_gnutls_tls1_3
398requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]399requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
400requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]401run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]402 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]403 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
404 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
405 localhost" \
406 1 \
407 -s "found psk key exchange modes extension" \
408 -s "found pre_shared_key extension" \
409 -S "Found PSK_EPHEMERAL KEX MODE" \
410 -s "Found PSK KEX MODE" \
411 -s "No matched PSK or ticket" \
412 -S "key exchange mode: psk$" \
413 -S "key exchange mode: psk_ephemeral" \
414 -S "key exchange mode: ephemeral"
415
416requires_gnutls_tls1_3
417requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
419requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]420run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]421 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]422 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
423 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
424 localhost" \
425 1 \
426 -s "found psk key exchange modes extension" \
427 -s "found pre_shared_key extension" \
428 -S "Found PSK_EPHEMERAL KEX MODE" \
429 -s "Found PSK KEX MODE" \
430 -s "Invalid binder." \
431 -S "key exchange mode: psk$" \
432 -S "key exchange mode: psk_ephemeral" \
433 -S "key exchange mode: ephemeral"
434
435requires_gnutls_tls1_3
436requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]437requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
438requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]439run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]440 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]441 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
442 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
443 localhost" \
444 0 \
445 -s "found psk key exchange modes extension" \
446 -s "found pre_shared_key extension" \
447 -s "Found PSK_EPHEMERAL KEX MODE" \
448 -S "Found PSK KEX MODE" \
449 -s "Pre shared key found" \
450 -S "No matched PSK or ticket" \
451 -S "key exchange mode: psk$" \
452 -s "key exchange mode: psk_ephemeral" \
453 -S "key exchange mode: ephemeral"
454
455requires_gnutls_tls1_3
456requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]457requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
458requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]459run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]460 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]461 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
462 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
463 localhost" \
464 0 \
465 -s "found psk key exchange modes extension" \
466 -s "found pre_shared_key extension" \
467 -s "Found PSK_EPHEMERAL KEX MODE" \
468 -S "Found PSK KEX MODE" \
469 -s "No matched PSK or ticket" \
470 -S "key exchange mode: psk$" \
471 -S "key exchange mode: psk_ephemeral" \
472 -s "key exchange mode: ephemeral"
473
474requires_gnutls_tls1_3
475requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]476requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
477requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]478run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]479 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]480 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
481 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
482 localhost" \
483 1 \
484 -s "found psk key exchange modes extension" \
485 -s "found pre_shared_key extension" \
486 -s "Found PSK_EPHEMERAL KEX MODE" \
487 -S "Found PSK KEX MODE" \
488 -s "Invalid binder." \
489 -S "key exchange mode: psk$" \
490 -S "key exchange mode: psk_ephemeral" \
491 -S "key exchange mode: ephemeral"
492
493requires_gnutls_tls1_3
494requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
496requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]497run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]498 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]499 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
500 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
501 localhost" \
502 0 \
503 -s "found psk key exchange modes extension" \
504 -s "found pre_shared_key extension" \
505 -s "Found PSK_EPHEMERAL KEX MODE" \
506 -s "Found PSK KEX MODE" \
507 -s "Pre shared key found" \
508 -S "No matched PSK or ticket" \
509 -S "key exchange mode: psk$" \
510 -s "key exchange mode: psk_ephemeral" \
511 -S "key exchange mode: ephemeral"
512
513requires_gnutls_tls1_3
514requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]517run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]518 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]519 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
520 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
521 localhost" \
522 0 \
523 -s "found psk key exchange modes extension" \
524 -s "found pre_shared_key extension" \
525 -s "Found PSK_EPHEMERAL KEX MODE" \
526 -s "Found PSK KEX MODE" \
527 -s "No matched PSK or ticket" \
528 -S "key exchange mode: psk$" \
529 -S "key exchange mode: psk_ephemeral" \
530 -s "key exchange mode: ephemeral"
531
532requires_gnutls_tls1_3
533requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]534requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
535requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]536run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]537 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]538 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
539 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
540 localhost" \
541 1 \
542 -s "found psk key exchange modes extension" \
543 -s "found pre_shared_key extension" \
544 -s "Found PSK_EPHEMERAL KEX MODE" \
545 -s "Found PSK KEX MODE" \
546 -s "Invalid binder." \
547 -S "key exchange mode: psk$" \
548 -S "key exchange mode: psk_ephemeral" \
549 -S "key exchange mode: ephemeral"
550
551requires_gnutls_tls1_3
552requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
554requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]555run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]556 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]557 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
558 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
559 localhost" \
560 0 \
561 -s "found psk key exchange modes extension" \
562 -s "found pre_shared_key extension" \
563 -S "Found PSK_EPHEMERAL KEX MODE" \
564 -s "Found PSK KEX MODE" \
565 -s "Pre shared key found" \
566 -S "No matched PSK or ticket" \
567 -S "key exchange mode: psk$" \
568 -S "key exchange mode: psk_ephemeral" \
569 -s "key exchange mode: ephemeral"
570
571requires_gnutls_tls1_3
572requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]576run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]577 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]578 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
579 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
580 localhost" \
581 0 \
582 -s "found psk key exchange modes extension" \
583 -s "found pre_shared_key extension" \
584 -s "Found PSK_EPHEMERAL KEX MODE" \
585 -S "Found PSK KEX MODE" \
586 -s "Pre shared key found" \
587 -S "No matched PSK or ticket" \
588 -S "key exchange mode: psk$" \
589 -s "key exchange mode: psk_ephemeral" \
590 -S "key exchange mode: ephemeral"
591
592requires_gnutls_tls1_3
593requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]594requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
595requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
596requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]597run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]598 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]599 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
600 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
601 localhost" \
602 0 \
603 -s "found psk key exchange modes extension" \
604 -s "found pre_shared_key extension" \
605 -s "Found PSK_EPHEMERAL KEX MODE" \
606 -S "Found PSK KEX MODE" \
607 -s "No matched PSK or ticket" \
608 -S "key exchange mode: psk$" \
609 -S "key exchange mode: psk_ephemeral" \
610 -s "key exchange mode: ephemeral"
611
612requires_gnutls_tls1_3
613requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]614requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
616requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]617run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]618 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]619 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
620 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
621 localhost" \
622 1 \
623 -s "found psk key exchange modes extension" \
624 -s "found pre_shared_key extension" \
625 -s "Found PSK_EPHEMERAL KEX MODE" \
626 -S "Found PSK KEX MODE" \
627 -s "Invalid binder." \
628 -S "key exchange mode: psk$" \
629 -S "key exchange mode: psk_ephemeral" \
630 -S "key exchange mode: ephemeral"
631
632requires_gnutls_tls1_3
633requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
635requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]637run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]638 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]639 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
640 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
641 localhost" \
642 0 \
643 -s "found psk key exchange modes extension" \
644 -s "found pre_shared_key extension" \
645 -s "Found PSK_EPHEMERAL KEX MODE" \
646 -s "Found PSK KEX MODE" \
647 -s "Pre shared key found" \
648 -S "No matched PSK or ticket" \
649 -S "key exchange mode: psk$" \
650 -s "key exchange mode: psk_ephemeral" \
651 -S "key exchange mode: ephemeral"
652
653requires_gnutls_tls1_3
654requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]655requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
656requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]658run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]659 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]660 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
661 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
662 localhost" \
663 0 \
664 -s "found psk key exchange modes extension" \
665 -s "found pre_shared_key extension" \
666 -s "Found PSK_EPHEMERAL KEX MODE" \
667 -s "Found PSK KEX MODE" \
668 -s "No matched PSK or ticket" \
669 -S "key exchange mode: psk$" \
670 -S "key exchange mode: psk_ephemeral" \
671 -s "key exchange mode: ephemeral"
672
673requires_gnutls_tls1_3
674requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]675requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
676requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
677requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]678run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]679 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]680 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
681 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
682 localhost" \
683 1 \
684 -s "found psk key exchange modes extension" \
685 -s "found pre_shared_key extension" \
686 -s "Found PSK_EPHEMERAL KEX MODE" \
687 -s "Found PSK KEX MODE" \
688 -s "Invalid binder." \
689 -S "key exchange mode: psk$" \
690 -S "key exchange mode: psk_ephemeral" \
691 -S "key exchange mode: ephemeral"
692
693requires_gnutls_tls1_3
694requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]695requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]698run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]699 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]700 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
701 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
702 localhost" \
703 0 \
704 -s "found psk key exchange modes extension" \
705 -s "found pre_shared_key extension" \
706 -S "Found PSK_EPHEMERAL KEX MODE" \
707 -s "Found PSK KEX MODE" \
708 -s "Pre shared key found" \
709 -S "No matched PSK or ticket" \
710 -S "key exchange mode: psk$" \
711 -S "key exchange mode: psk_ephemeral" \
712 -s "key exchange mode: ephemeral"
713
714requires_gnutls_tls1_3
715requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]716requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
717requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
718requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]719run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]720 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]721 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
722 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
723 localhost" \
724 1 \
725 -s "found psk key exchange modes extension" \
726 -s "found pre_shared_key extension" \
727 -S "Found PSK_EPHEMERAL KEX MODE" \
728 -s "Found PSK KEX MODE" \
729 -s "Invalid binder." \
730 -S "key exchange mode: psk$" \
731 -S "key exchange mode: psk_ephemeral" \
732 -S "key exchange mode: ephemeral"
733
734requires_gnutls_tls1_3
735requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
737requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]738run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]739 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]740 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
741 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
742 localhost" \
743 0 \
744 -s "found psk key exchange modes extension" \
745 -s "found pre_shared_key extension" \
746 -s "Found PSK_EPHEMERAL KEX MODE" \
747 -S "Found PSK KEX MODE" \
748 -s "Pre shared key found" \
749 -S "No matched PSK or ticket" \
750 -S "key exchange mode: psk$" \
751 -S "key exchange mode: psk_ephemeral" \
752 -s "key exchange mode: ephemeral"
753
754requires_gnutls_tls1_3
755requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
757requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]758run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]759 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]760 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
761 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
762 localhost" \
763 0 \
764 -s "found psk key exchange modes extension" \
765 -s "found pre_shared_key extension" \
766 -s "Found PSK_EPHEMERAL KEX MODE" \
767 -s "Found PSK KEX MODE" \
768 -s "Pre shared key found" \
769 -S "No matched PSK or ticket" \
770 -S "key exchange mode: psk$" \
771 -S "key exchange mode: psk_ephemeral" \
772 -s "key exchange mode: ephemeral"
773
774requires_gnutls_tls1_3
775requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]776requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
777requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]778run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]779 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]780 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
781 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
782 localhost" \
783 1 \
784 -s "found psk key exchange modes extension" \
785 -s "found pre_shared_key extension" \
786 -s "Found PSK_EPHEMERAL KEX MODE" \
787 -s "Found PSK KEX MODE" \
788 -s "Invalid binder." \
789 -S "key exchange mode: psk$" \
790 -S "key exchange mode: psk_ephemeral" \
791 -S "key exchange mode: ephemeral"
792
793requires_gnutls_tls1_3
794requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]795requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
796requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]797run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]798 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]799 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
800 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
801 localhost" \
802 0 \
803 -s "found psk key exchange modes extension" \
804 -s "found pre_shared_key extension" \
805 -S "Found PSK_EPHEMERAL KEX MODE" \
806 -s "Found PSK KEX MODE" \
807 -s "Pre shared key found" \
808 -S "No matched PSK or ticket" \
809 -S "key exchange mode: psk$" \
810 -S "key exchange mode: psk_ephemeral" \
811 -s "key exchange mode: ephemeral"
812
813requires_gnutls_tls1_3
814requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]815requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]817run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]818 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]819 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
820 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
821 localhost" \
822 1 \
823 -s "found psk key exchange modes extension" \
824 -s "found pre_shared_key extension" \
825 -S "Found PSK_EPHEMERAL KEX MODE" \
826 -s "Found PSK KEX MODE" \
827 -s "Invalid binder." \
828 -S "key exchange mode: psk$" \
829 -S "key exchange mode: psk_ephemeral" \
830 -S "key exchange mode: ephemeral"
831
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]832requires_gnutls_tls1_3
833requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]834requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]835run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
836 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
837 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
838 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
839 localhost" \
840 0 \
841 -s "write selected_group: secp256r1" \
842 -S "key exchange mode: psk$" \
843 -s "key exchange mode: psk_ephemeral" \
844 -S "key exchange mode: ephemeral"
845
846requires_gnutls_tls1_3
847requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]848requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]849run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
850 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
851 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
852 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
853 localhost" \
854 0 \
855 -s "write selected_group: secp384r1" \
856 -S "key exchange mode: psk$" \
857 -s "key exchange mode: psk_ephemeral" \
858 -S "key exchange mode: ephemeral"
859
860requires_gnutls_tls1_3
861requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]862requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]863run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
864 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
865 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
866 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
867 localhost" \
868 0 \
869 -s "write selected_group: secp521r1" \
870 -S "key exchange mode: psk$" \
871 -s "key exchange mode: psk_ephemeral" \
872 -S "key exchange mode: ephemeral"
873
874requires_gnutls_tls1_3
875requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]876requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]877run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
878 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
879 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
880 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
881 localhost" \
882 0 \
883 -s "write selected_group: x25519" \
884 -S "key exchange mode: psk$" \
885 -s "key exchange mode: psk_ephemeral" \
886 -S "key exchange mode: ephemeral"
887
888requires_gnutls_tls1_3
889requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]890requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]891run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
892 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
893 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
894 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
895 localhost" \
896 0 \
897 -s "write selected_group: x448" \
898 -S "key exchange mode: psk$" \
899 -s "key exchange mode: psk_ephemeral" \
900 -S "key exchange mode: ephemeral"
901
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]902requires_openssl_tls1_3
903requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]904requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]905run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]906 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]907 "$O_NEXT_CLI -tls1_3 -msg \
908 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
909 1 \
910 -s "found psk key exchange modes extension" \
911 -s "found pre_shared_key extension" \
912 -s "Found PSK_EPHEMERAL KEX MODE" \
913 -S "Found PSK KEX MODE" \
914 -S "key exchange mode: psk$" \
915 -S "key exchange mode: psk_ephemeral" \
916 -S "key exchange mode: ephemeral"
917
918requires_openssl_tls1_3
919requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]920requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]921run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]922 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]923 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
924 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
925 0 \
926 -s "found psk key exchange modes extension" \
927 -s "found pre_shared_key extension" \
928 -s "Found PSK_EPHEMERAL KEX MODE" \
929 -s "Found PSK KEX MODE" \
930 -s "Pre shared key found" \
931 -S "No matched PSK or ticket" \
932 -s "key exchange mode: psk$" \
933 -S "key exchange mode: psk_ephemeral" \
934 -S "key exchange mode: ephemeral"
935
936requires_openssl_tls1_3
937requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]938requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]939run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]940 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]941 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
942 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
943 1 \
944 -s "found psk key exchange modes extension" \
945 -s "found pre_shared_key extension" \
946 -s "Found PSK_EPHEMERAL KEX MODE" \
947 -s "Found PSK KEX MODE" \
948 -s "No matched PSK or ticket" \
949 -S "key exchange mode: psk$" \
950 -S "key exchange mode: psk_ephemeral" \
951 -S "key exchange mode: ephemeral"
952
953requires_openssl_tls1_3
954requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]955requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]956run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]957 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]958 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
959 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
960 1 \
961 -s "found psk key exchange modes extension" \
962 -s "found pre_shared_key extension" \
963 -s "Found PSK_EPHEMERAL KEX MODE" \
964 -s "Found PSK KEX MODE" \
965 -s "Invalid binder." \
966 -S "key exchange mode: psk$" \
967 -S "key exchange mode: psk_ephemeral" \
968 -S "key exchange mode: ephemeral"
969
970requires_openssl_tls1_3
971requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]972requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]973run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]974 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]975 "$O_NEXT_CLI -tls1_3 -msg \
976 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
977 0 \
978 -s "found psk key exchange modes extension" \
979 -s "found pre_shared_key extension" \
980 -s "Found PSK_EPHEMERAL KEX MODE" \
981 -S "Found PSK KEX MODE" \
982 -s "Pre shared key found" \
983 -S "No matched PSK or ticket" \
984 -S "key exchange mode: psk$" \
985 -s "key exchange mode: psk_ephemeral" \
986 -S "key exchange mode: ephemeral"
987
988requires_openssl_tls1_3
989requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]991run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]992 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]993 "$O_NEXT_CLI -tls1_3 -msg \
994 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
995 1 \
996 -s "found psk key exchange modes extension" \
997 -s "found pre_shared_key extension" \
998 -s "Found PSK_EPHEMERAL KEX MODE" \
999 -S "Found PSK KEX MODE" \
1000 -s "No matched PSK or ticket" \
1001 -S "key exchange mode: psk$" \
1002 -S "key exchange mode: psk_ephemeral" \
1003 -S "key exchange mode: ephemeral"
1004
1005requires_openssl_tls1_3
1006requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1007requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1008run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1009 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1010 "$O_NEXT_CLI -tls1_3 -msg \
1011 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1012 1 \
1013 -s "found psk key exchange modes extension" \
1014 -s "found pre_shared_key extension" \
1015 -s "Found PSK_EPHEMERAL KEX MODE" \
1016 -S "Found PSK KEX MODE" \
1017 -s "Invalid binder." \
1018 -S "key exchange mode: psk$" \
1019 -S "key exchange mode: psk_ephemeral" \
1020 -S "key exchange mode: ephemeral"
1021
1022requires_openssl_tls1_3
1023requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1024requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1025run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1026 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1027 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1028 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1029 0 \
1030 -s "found psk key exchange modes extension" \
1031 -s "found pre_shared_key extension" \
1032 -s "Found PSK_EPHEMERAL KEX MODE" \
1033 -s "Found PSK KEX MODE" \
1034 -s "Pre shared key found" \
1035 -S "No matched PSK or ticket" \
1036 -S "key exchange mode: psk$" \
1037 -s "key exchange mode: psk_ephemeral" \
1038 -S "key exchange mode: ephemeral"
1039
1040requires_openssl_tls1_3
1041requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1042requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1043run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1044 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1045 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1046 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1047 1 \
1048 -s "found psk key exchange modes extension" \
1049 -s "found pre_shared_key extension" \
1050 -s "Found PSK_EPHEMERAL KEX MODE" \
1051 -s "Found PSK KEX MODE" \
1052 -s "No matched PSK or ticket" \
1053 -S "key exchange mode: psk$" \
1054 -S "key exchange mode: psk_ephemeral" \
1055 -S "key exchange mode: ephemeral"
1056
1057requires_openssl_tls1_3
1058requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1059requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1060run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1061 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1062 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1063 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1064 1 \
1065 -s "found psk key exchange modes extension" \
1066 -s "found pre_shared_key extension" \
1067 -s "Found PSK_EPHEMERAL KEX MODE" \
1068 -s "Found PSK KEX MODE" \
1069 -s "Invalid binder." \
1070 -S "key exchange mode: psk$" \
1071 -S "key exchange mode: psk_ephemeral" \
1072 -S "key exchange mode: ephemeral"
1073
1074requires_openssl_tls1_3
1075requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1077requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1078run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1079 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1080 "$O_NEXT_CLI -tls1_3 -msg \
1081 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1082 0 \
1083 -s "found psk key exchange modes extension" \
1084 -s "found pre_shared_key extension" \
1085 -s "Found PSK_EPHEMERAL KEX MODE" \
1086 -S "Found PSK KEX MODE" \
1087 -s "Pre shared key found" \
1088 -S "No matched PSK or ticket" \
1089 -S "key exchange mode: psk$" \
1090 -s "key exchange mode: psk_ephemeral" \
1091 -S "key exchange mode: ephemeral"
1092
1093requires_openssl_tls1_3
1094requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1095requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1096requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1097run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1098 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1099 "$O_NEXT_CLI -tls1_3 -msg \
1100 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1101 1 \
1102 -s "found psk key exchange modes extension" \
1103 -s "found pre_shared_key extension" \
1104 -s "Found PSK_EPHEMERAL KEX MODE" \
1105 -S "Found PSK KEX MODE" \
1106 -s "No matched PSK or ticket" \
1107 -S "key exchange mode: psk$" \
1108 -S "key exchange mode: psk_ephemeral" \
1109 -S "key exchange mode: ephemeral"
1110
1111requires_openssl_tls1_3
1112requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1113requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1114requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1115run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1116 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1117 "$O_NEXT_CLI -tls1_3 -msg \
1118 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1119 1 \
1120 -s "found psk key exchange modes extension" \
1121 -s "found pre_shared_key extension" \
1122 -s "Found PSK_EPHEMERAL KEX MODE" \
1123 -S "Found PSK KEX MODE" \
1124 -s "Invalid binder." \
1125 -S "key exchange mode: psk$" \
1126 -S "key exchange mode: psk_ephemeral" \
1127 -S "key exchange mode: ephemeral"
1128
1129requires_openssl_tls1_3
1130requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1131requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1132requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1133run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1134 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1135 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1136 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1137 0 \
1138 -s "found psk key exchange modes extension" \
1139 -s "found pre_shared_key extension" \
1140 -s "Found PSK_EPHEMERAL KEX MODE" \
1141 -s "Found PSK KEX MODE" \
1142 -s "Pre shared key found" \
1143 -S "No matched PSK or ticket" \
1144 -S "key exchange mode: psk$" \
1145 -s "key exchange mode: psk_ephemeral" \
1146 -S "key exchange mode: ephemeral"
1147
1148requires_openssl_tls1_3
1149requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1150requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1151requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1152run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1153 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1154 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1155 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1156 1 \
1157 -s "found psk key exchange modes extension" \
1158 -s "found pre_shared_key extension" \
1159 -s "Found PSK_EPHEMERAL KEX MODE" \
1160 -s "Found PSK KEX MODE" \
1161 -s "No matched PSK or ticket" \
1162 -S "key exchange mode: psk$" \
1163 -S "key exchange mode: psk_ephemeral" \
1164 -S "key exchange mode: ephemeral"
1165
1166requires_openssl_tls1_3
1167requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1169requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1170run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1171 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1172 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1173 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1174 1 \
1175 -s "found psk key exchange modes extension" \
1176 -s "found pre_shared_key extension" \
1177 -s "Found PSK_EPHEMERAL KEX MODE" \
1178 -s "Found PSK KEX MODE" \
1179 -s "Invalid binder." \
1180 -S "key exchange mode: psk$" \
1181 -S "key exchange mode: psk_ephemeral" \
1182 -S "key exchange mode: ephemeral"
1183
1184requires_openssl_tls1_3
1185requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1186requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1187requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1188run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1189 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1190 "$O_NEXT_CLI -tls1_3 -msg \
1191 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1192 0 \
1193 -s "found psk key exchange modes extension" \
1194 -s "found pre_shared_key extension" \
1195 -s "Found PSK_EPHEMERAL KEX MODE" \
1196 -S "Found PSK KEX MODE" \
1197 -s "Pre shared key found" \
1198 -S "No matched PSK or ticket" \
1199 -S "key exchange mode: psk$" \
1200 -s "key exchange mode: psk_ephemeral" \
1201 -S "key exchange mode: ephemeral"
1202
1203requires_openssl_tls1_3
1204requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1205requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1206requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1207run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1208 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1209 "$O_NEXT_CLI -tls1_3 -msg \
1210 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1211 0 \
1212 -s "found psk key exchange modes extension" \
1213 -s "found pre_shared_key extension" \
1214 -s "Found PSK_EPHEMERAL KEX MODE" \
1215 -S "Found PSK KEX MODE" \
1216 -s "No matched PSK or ticket" \
1217 -S "key exchange mode: psk$" \
1218 -S "key exchange mode: psk_ephemeral" \
1219 -s "key exchange mode: ephemeral"
1220
1221requires_openssl_tls1_3
1222requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1225run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1226 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1227 "$O_NEXT_CLI -tls1_3 -msg \
1228 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1229 1 \
1230 -s "found psk key exchange modes extension" \
1231 -s "found pre_shared_key extension" \
1232 -s "Found PSK_EPHEMERAL KEX MODE" \
1233 -S "Found PSK KEX MODE" \
1234 -s "Invalid binder." \
1235 -S "key exchange mode: psk$" \
1236 -S "key exchange mode: psk_ephemeral" \
1237 -S "key exchange mode: ephemeral"
1238
1239requires_openssl_tls1_3
1240requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1241requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1242requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1243run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1244 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1245 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1246 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1247 0 \
1248 -s "found psk key exchange modes extension" \
1249 -s "found pre_shared_key extension" \
1250 -s "Found PSK_EPHEMERAL KEX MODE" \
1251 -s "Found PSK KEX MODE" \
1252 -s "Pre shared key found" \
1253 -S "No matched PSK or ticket" \
1254 -S "key exchange mode: psk$" \
1255 -s "key exchange mode: psk_ephemeral" \
1256 -S "key exchange mode: ephemeral"
1257
1258requires_openssl_tls1_3
1259requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1260requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1261requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1262run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1263 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1264 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1265 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1266 0 \
1267 -s "found psk key exchange modes extension" \
1268 -s "found pre_shared_key extension" \
1269 -s "Found PSK_EPHEMERAL KEX MODE" \
1270 -s "Found PSK KEX MODE" \
1271 -s "No matched PSK or ticket" \
1272 -S "key exchange mode: psk$" \
1273 -S "key exchange mode: psk_ephemeral" \
1274 -s "key exchange mode: ephemeral"
1275
1276requires_openssl_tls1_3
1277requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1278requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1279requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1280run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1281 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1282 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1283 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1284 1 \
1285 -s "found psk key exchange modes extension" \
1286 -s "found pre_shared_key extension" \
1287 -s "Found PSK_EPHEMERAL KEX MODE" \
1288 -s "Found PSK KEX MODE" \
1289 -s "Invalid binder." \
1290 -S "key exchange mode: psk$" \
1291 -S "key exchange mode: psk_ephemeral" \
1292 -S "key exchange mode: ephemeral"
1293
1294requires_openssl_tls1_3
1295requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1296requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1297requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1298requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1299run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1300 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1301 "$O_NEXT_CLI -tls1_3 -msg \
1302 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1303 0 \
1304 -s "found psk key exchange modes extension" \
1305 -s "found pre_shared_key extension" \
1306 -s "Found PSK_EPHEMERAL KEX MODE" \
1307 -S "Found PSK KEX MODE" \
1308 -s "Pre shared key found" \
1309 -S "No matched PSK or ticket" \
1310 -S "key exchange mode: psk$" \
1311 -s "key exchange mode: psk_ephemeral" \
1312 -S "key exchange mode: ephemeral"
1313
1314requires_openssl_tls1_3
1315requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1316requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1317requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1318requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1319run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1320 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1321 "$O_NEXT_CLI -tls1_3 -msg \
1322 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1323 0 \
1324 -s "found psk key exchange modes extension" \
1325 -s "found pre_shared_key extension" \
1326 -s "Found PSK_EPHEMERAL KEX MODE" \
1327 -S "Found PSK KEX MODE" \
1328 -s "No matched PSK or ticket" \
1329 -S "key exchange mode: psk$" \
1330 -S "key exchange mode: psk_ephemeral" \
1331 -s "key exchange mode: ephemeral"
1332
1333requires_openssl_tls1_3
1334requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1335requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1336requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1337requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1338run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1339 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1340 "$O_NEXT_CLI -tls1_3 -msg \
1341 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1342 1 \
1343 -s "found psk key exchange modes extension" \
1344 -s "found pre_shared_key extension" \
1345 -s "Found PSK_EPHEMERAL KEX MODE" \
1346 -S "Found PSK KEX MODE" \
1347 -s "Invalid binder." \
1348 -S "key exchange mode: psk$" \
1349 -S "key exchange mode: psk_ephemeral" \
1350 -S "key exchange mode: ephemeral"
1351
1352requires_openssl_tls1_3
1353requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1354requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1355requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1357run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1358 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1359 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1360 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1361 0 \
1362 -s "found psk key exchange modes extension" \
1363 -s "found pre_shared_key extension" \
1364 -s "Found PSK_EPHEMERAL KEX MODE" \
1365 -s "Found PSK KEX MODE" \
1366 -s "Pre shared key found" \
1367 -S "No matched PSK or ticket" \
1368 -S "key exchange mode: psk$" \
1369 -s "key exchange mode: psk_ephemeral" \
1370 -S "key exchange mode: ephemeral"
1371
1372requires_openssl_tls1_3
1373requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1374requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1375requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1376requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1377run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1378 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1379 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1380 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1381 0 \
1382 -s "found psk key exchange modes extension" \
1383 -s "found pre_shared_key extension" \
1384 -s "Found PSK_EPHEMERAL KEX MODE" \
1385 -s "Found PSK KEX MODE" \
1386 -s "No matched PSK or ticket" \
1387 -S "key exchange mode: psk$" \
1388 -S "key exchange mode: psk_ephemeral" \
1389 -s "key exchange mode: ephemeral"
1390
1391requires_openssl_tls1_3
1392requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1393requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1394requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1395requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1396run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1397 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1398 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1399 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1400 1 \
1401 -s "found psk key exchange modes extension" \
1402 -s "found pre_shared_key extension" \
1403 -s "Found PSK_EPHEMERAL KEX MODE" \
1404 -s "Found PSK KEX MODE" \
1405 -s "Invalid binder." \
1406 -S "key exchange mode: psk$" \
1407 -S "key exchange mode: psk_ephemeral" \
1408 -S "key exchange mode: ephemeral"
1409
1410requires_openssl_tls1_3
1411requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1412requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1413requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1414run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1415 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1416 "$O_NEXT_CLI -tls1_3 -msg \
1417 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1418 0 \
1419 -s "found psk key exchange modes extension" \
1420 -s "found pre_shared_key extension" \
1421 -s "Found PSK_EPHEMERAL KEX MODE" \
1422 -S "Found PSK KEX MODE" \
1423 -s "Pre shared key found" \
1424 -S "No matched PSK or ticket" \
1425 -S "key exchange mode: psk$" \
1426 -S "key exchange mode: psk_ephemeral" \
1427 -s "key exchange mode: ephemeral"
1428
1429requires_openssl_tls1_3
1430requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1431requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1432requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1433run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1434 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1435 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1436 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1437 0 \
1438 -s "found psk key exchange modes extension" \
1439 -s "found pre_shared_key extension" \
1440 -s "Found PSK_EPHEMERAL KEX MODE" \
1441 -s "Found PSK KEX MODE" \
1442 -s "Pre shared key found" \
1443 -S "No matched PSK or ticket" \
1444 -S "key exchange mode: psk$" \
1445 -S "key exchange mode: psk_ephemeral" \
1446 -s "key exchange mode: ephemeral"
1447
1448requires_openssl_tls1_3
1449requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1450requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1451requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1452run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1453 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1454 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1455 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1456 1 \
1457 -s "found psk key exchange modes extension" \
1458 -s "found pre_shared_key extension" \
1459 -s "Found PSK_EPHEMERAL KEX MODE" \
1460 -s "Found PSK KEX MODE" \
1461 -s "Invalid binder." \
1462 -S "key exchange mode: psk$" \
1463 -S "key exchange mode: psk_ephemeral" \
1464 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1465
1466requires_openssl_tls1_3
1467requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1468requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1469run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1470 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1471 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1472 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1473 0 \
1474 -s "write selected_group: secp256r1" \
1475 -S "key exchange mode: psk$" \
1476 -s "key exchange mode: psk_ephemeral" \
1477 -S "key exchange mode: ephemeral"
1478
1479requires_openssl_tls1_3
1480requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1481requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1482run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1483 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1484 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1485 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1486 0 \
1487 -s "write selected_group: secp384r1" \
1488 -S "key exchange mode: psk$" \
1489 -s "key exchange mode: psk_ephemeral" \
1490 -S "key exchange mode: ephemeral"
1491
1492requires_openssl_tls1_3
1493requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1495run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1496 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1497 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1498 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1499 0 \
1500 -s "write selected_group: secp521r1" \
1501 -S "key exchange mode: psk$" \
1502 -s "key exchange mode: psk_ephemeral" \
1503 -S "key exchange mode: ephemeral"
1504
1505requires_openssl_tls1_3
1506requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1507requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1508run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1509 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1510 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1511 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1512 0 \
1513 -s "write selected_group: x25519" \
1514 -S "key exchange mode: psk$" \
1515 -s "key exchange mode: psk_ephemeral" \
1516 -S "key exchange mode: ephemeral"
1517
1518requires_openssl_tls1_3
1519requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1520requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1521run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1522 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1523 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1524 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1525 0 \
1526 -s "write selected_group: x448" \
1527 -S "key exchange mode: psk$" \
1528 -s "key exchange mode: psk_ephemeral" \
1529 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1530
1531requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1532requires_openssl_tls1_3
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1533requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1534run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1535 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1536 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1537 0 \
1538 -s "write selected_group: secp384r1" \
1539 -s "HRR selected_group: secp384r1" \
1540 -S "key exchange mode: psk$" \
1541 -s "key exchange mode: psk_ephemeral" \
1542 -S "key exchange mode: ephemeral"
1543
1544requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1545requires_gnutls_tls1_3
1546requires_gnutls_next_no_ticket
1547requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1548requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1549run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1550 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1551 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1552 0 \
1553 -s "write selected_group: secp384r1" \
1554 -s "HRR selected_group: secp384r1" \
1555 -S "key exchange mode: psk$" \
1556 -s "key exchange mode: psk_ephemeral" \
1557 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1558
1559
1560# Add psk test cases for mbedtls client code
1561
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1562# MbedTls->MbedTLS kinds of tls13_kex_modes
1563# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1564requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1565requires_config_enabled MBEDTLS_SSL_SRV_C
1566requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1567requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1568run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1569 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1570 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1571 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1572 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1573 -c "client hello, adding psk_key_exchange_modes extension" \
1574 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1575 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1576 -c "HTTP/1.0 200 OK"
1577
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1578requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1579requires_config_enabled MBEDTLS_SSL_SRV_C
1580requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1581requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1582run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1583 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1584 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1585 1 \
1586 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1587 -c "client hello, adding psk_key_exchange_modes extension" \
1588 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1589 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1590
1591requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1592requires_config_enabled MBEDTLS_SSL_SRV_C
1593requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1594requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1595run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1596 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1597 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1598 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1599 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1600 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1601 -c "client hello, adding PSK binder list" \
1602 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1603
1604requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1605requires_config_enabled MBEDTLS_SSL_SRV_C
1606requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1607requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1608requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1609run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1610 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1611 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1612 1 \
1613 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1614 -c "client hello, adding psk_key_exchange_modes extension" \
1615 -c "client hello, adding PSK binder list" \
1616 -s "ClientHello message misses mandatory extensions."
1617
1618requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1619requires_config_enabled MBEDTLS_SSL_SRV_C
1620requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1623run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1624 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1625 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1626 1 \
1627 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1628 -c "client hello, adding psk_key_exchange_modes extension" \
1629 -c "client hello, adding PSK binder list" \
1630 -s "ClientHello message misses mandatory extensions."
1631
1632requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1633requires_config_enabled MBEDTLS_SSL_SRV_C
1634requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1635requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1637requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1638run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1639 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1640 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1641 1 \
1642 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1643 -c "client hello, adding psk_key_exchange_modes extension" \
1644 -c "client hello, adding PSK binder list" \
1645 -s "ClientHello message misses mandatory extensions."
1646
1647requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1648requires_config_enabled MBEDTLS_SSL_SRV_C
1649requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1650requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1651requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1652run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1653 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1654 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1655 0 \
1656 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1657 -c "client hello, adding psk_key_exchange_modes extension" \
1658 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1659 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1660 -c "HTTP/1.0 200 OK"
1661
1662requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1663requires_config_enabled MBEDTLS_SSL_SRV_C
1664requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1667run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1668 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1669 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1670 1 \
1671 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1672 -c "client hello, adding psk_key_exchange_modes extension" \
1673 -c "client hello, adding PSK binder list" \
1674 -s "No matched PSK or ticket" \
1675 -s "ClientHello message misses mandatory extensions."
1676
1677requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1678requires_config_enabled MBEDTLS_SSL_SRV_C
1679requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1680requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1681requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1682run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1683 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1684 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1685 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1686 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1687 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1688 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1689 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1690
1691requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1692requires_config_enabled MBEDTLS_SSL_SRV_C
1693requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1694requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1695requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1697run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1698 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1699 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1700 0 \
1701 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1702 -c "client hello, adding psk_key_exchange_modes extension" \
1703 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1704 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1705 -c "HTTP/1.0 200 OK"
1706
1707requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1708requires_config_enabled MBEDTLS_SSL_SRV_C
1709requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1710requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1711requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1712requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1713run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1714 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1715 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1716 1 \
1717 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1718 -c "client hello, adding psk_key_exchange_modes extension" \
1719 -c "client hello, adding PSK binder list" \
1720 -s "No matched PSK or ticket" \
1721 -s "ClientHello message misses mandatory extensions."
1722
1723requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1724requires_config_enabled MBEDTLS_SSL_SRV_C
1725requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1726requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1727requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1728requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1729run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1730 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1731 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1732 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1733 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1734 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1735 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1736 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1737
1738# psk_ephemeral mode in client
1739requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1740requires_config_enabled MBEDTLS_SSL_SRV_C
1741requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1742requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1743requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1744run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1745 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1746 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1747 1 \
1748 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1749 -c "client hello, adding psk_key_exchange_modes extension" \
1750 -c "client hello, adding PSK binder list" \
1751 -s "ClientHello message misses mandatory extensions."
1752
1753requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1754requires_config_enabled MBEDTLS_SSL_SRV_C
1755requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1757run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1758 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1759 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1760 0 \
1761 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1762 -c "client hello, adding psk_key_exchange_modes extension" \
1763 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1764 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1765 -c "HTTP/1.0 200 OK"
1766
1767requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1768requires_config_enabled MBEDTLS_SSL_SRV_C
1769requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1770requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1771run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1772 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1773 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1774 1 \
1775 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1776 -c "client hello, adding psk_key_exchange_modes extension" \
1777 -c "client hello, adding PSK binder list" \
1778 -s "No matched PSK or ticket" \
1779 -s "ClientHello message misses mandatory extensions."
1780
1781requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1782requires_config_enabled MBEDTLS_SSL_SRV_C
1783requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1785run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1786 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1787 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1788 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1789 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1790 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1791 -c "client hello, adding PSK binder list" \
1792 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1793
1794requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1795requires_config_enabled MBEDTLS_SSL_SRV_C
1796requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1797requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1798requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1799requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1800run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1801 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1802 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1803 1 \
1804 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1805 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1806 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1807
1808requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1809requires_config_enabled MBEDTLS_SSL_SRV_C
1810requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1811requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1812requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1813run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1814 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1815 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1816 0 \
1817 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1818 -c "client hello, adding psk_key_exchange_modes extension" \
1819 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1820 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1821 -c "HTTP/1.0 200 OK"
1822
1823requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1824requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1825requires_config_enabled MBEDTLS_SSL_SRV_C
1826requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1827requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1828requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1829run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1830 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1831 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1832 1 \
1833 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1834 -c "client hello, adding psk_key_exchange_modes extension" \
1835 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1836 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1837
1838requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1839requires_config_enabled MBEDTLS_SSL_SRV_C
1840requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1841requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1842requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1843run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1844 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1845 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1846 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1847 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1848 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1849 -c "client hello, adding PSK binder list" \
1850 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1851
1852requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1853requires_config_enabled MBEDTLS_SSL_SRV_C
1854requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1855requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1856requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1857run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1858 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1859 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1860 0 \
1861 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1862 -c "client hello, adding psk_key_exchange_modes extension" \
1863 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1864 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1865 -c "HTTP/1.0 200 OK"
1866
1867requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1868requires_config_enabled MBEDTLS_SSL_SRV_C
1869requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1870requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1871requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1872run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1873 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1874 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1875 1 \
1876 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1877 -c "client hello, adding psk_key_exchange_modes extension" \
1878 -c "client hello, adding PSK binder list" \
1879 -s "No matched PSK or ticket" \
1880 -s "ClientHello message misses mandatory extensions."
1881
1882requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1883requires_config_enabled MBEDTLS_SSL_SRV_C
1884requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1885requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1886requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1887run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1888 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1889 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1890 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1891 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1892 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1893 -c "client hello, adding PSK binder list" \
1894 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1895
1896requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1897requires_config_enabled MBEDTLS_SSL_SRV_C
1898requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1899requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1900requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1901requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1902run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1903 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1904 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1905 0 \
1906 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1907 -c "client hello, adding psk_key_exchange_modes extension" \
1908 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1909 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1910 -c "HTTP/1.0 200 OK"
1911
1912requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1913requires_config_enabled MBEDTLS_SSL_SRV_C
1914requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1916requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1917requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1918run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1919 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1920 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1921 1 \
1922 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1923 -c "client hello, adding psk_key_exchange_modes extension" \
1924 -c "client hello, adding PSK binder list" \
1925 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1926
1927requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1928requires_config_enabled MBEDTLS_SSL_SRV_C
1929requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1930requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1932requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1933run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1934 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1935 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1936 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1937 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1938 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1939 -c "client hello, adding PSK binder list" \
1940 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1941
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1942# ephemeral mode in client
1943requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1944requires_config_enabled MBEDTLS_SSL_SRV_C
1945requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1946requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1947requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1948run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1949 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1950 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1951 1 \
1952 -s "ClientHello message misses mandatory extensions."
1953
1954requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1955requires_config_enabled MBEDTLS_SSL_SRV_C
1956requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1957requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1958requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1959run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1960 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1961 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1962 1 \
1963 -s "ClientHello message misses mandatory extensions."
1964
1965requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1966requires_config_enabled MBEDTLS_SSL_SRV_C
1967requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1968requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1969run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1970 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1971 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1972 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1973 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1974 -c "HTTP/1.0 200 OK"
1975
1976requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1977requires_config_enabled MBEDTLS_SSL_SRV_C
1978requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1979requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1980requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1981run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1982 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1983 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1984 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1985 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1986 -c "HTTP/1.0 200 OK"
1987
1988requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1989requires_config_enabled MBEDTLS_SSL_SRV_C
1990requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1991requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1992requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1993requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1994run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1995 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1996 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1997 1 \
1998 -s "ClientHello message misses mandatory extensions."
1999
2000requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2001requires_config_enabled MBEDTLS_SSL_SRV_C
2002requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2003requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2004requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2005requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2006run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2007 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2008 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2009 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2010 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2011 -c "HTTP/1.0 200 OK"
2012
2013# ephemeral_all mode in client
2014requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2015requires_config_enabled MBEDTLS_SSL_SRV_C
2016requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2017requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2018requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2019requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2020run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2021 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2022 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2023 1 \
2024 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2025 -c "client hello, adding psk_key_exchange_modes extension" \
2026 -c "client hello, adding PSK binder list" \
2027 -s "ClientHello message misses mandatory extensions."
2028
2029requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2030requires_config_enabled MBEDTLS_SSL_SRV_C
2031requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2032requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2033requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2034run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2035 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2036 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2037 0 \
2038 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2039 -c "client hello, adding psk_key_exchange_modes extension" \
2040 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2041 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2042 -c "HTTP/1.0 200 OK"
2043
2044requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2045requires_config_enabled MBEDTLS_SSL_SRV_C
2046requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2047requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2048requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2049run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2050 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2051 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2052 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2053 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2054 -c "client hello, adding psk_key_exchange_modes extension" \
2055 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2056 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2057
2058requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2059requires_config_enabled MBEDTLS_SSL_SRV_C
2060requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2061requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2062requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2063run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2064 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2065 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2066 1 \
2067 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2068 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2069 -c "client hello, adding PSK binder list" \
2070 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2071
2072requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2073requires_config_enabled MBEDTLS_SSL_SRV_C
2074requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2075requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2077run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2078 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2079 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2080 0 \
2081 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2082 -c "client hello, adding psk_key_exchange_modes extension" \
2083 -c "client hello, adding PSK binder list" \
2084 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2085 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2086 -c "HTTP/1.0 200 OK"
2087
2088requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2089requires_config_enabled MBEDTLS_SSL_SRV_C
2090requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2092requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2093run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2094 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2095 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2096 0 \
2097 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2098 -c "client hello, adding psk_key_exchange_modes extension" \
2099 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2100 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2101 -c "HTTP/1.0 200 OK"
2102
2103requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2104requires_config_enabled MBEDTLS_SSL_SRV_C
2105requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2107requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2108run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2109 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2110 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2111 0 \
2112 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2113 -c "client hello, adding psk_key_exchange_modes extension" \
2114 -c "client hello, adding PSK binder list" \
2115 -s "No matched PSK or ticket" \
2116 -s "key exchange mode: ephemeral"
2117
2118requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2119requires_config_enabled MBEDTLS_SSL_SRV_C
2120requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2121requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2122requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2123run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2124 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2125 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2126 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2127 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2128 -c "client hello, adding psk_key_exchange_modes extension" \
2129 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2130 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2131
2132requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2133requires_config_enabled MBEDTLS_SSL_SRV_C
2134requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2135requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2137requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2138run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2139 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2140 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2141 0 \
2142 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2143 -c "client hello, adding psk_key_exchange_modes extension" \
2144 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2145 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2146 -c "HTTP/1.0 200 OK"
2147
2148requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2149requires_config_enabled MBEDTLS_SSL_SRV_C
2150requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2151requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2152requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2153requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2154run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2155 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2156 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2157 1 \
2158 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2159 -c "client hello, adding psk_key_exchange_modes extension" \
2160 -c "client hello, adding PSK binder list" \
2161 -s "No matched PSK or ticket" \
2162 -s "ClientHello message misses mandatory extensions."
2163
2164requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2165requires_config_enabled MBEDTLS_SSL_SRV_C
2166requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2167requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2169requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2170run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2171 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2172 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2173 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2174 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2175 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2176 -c "client hello, adding PSK binder list" \
2177 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2178
2179requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2180requires_config_enabled MBEDTLS_SSL_SRV_C
2181requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2182requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2183requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2184requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2185run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2186 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2187 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2188 0 \
2189 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2190 -c "client hello, adding psk_key_exchange_modes extension" \
2191 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2192 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2193 -c "HTTP/1.0 200 OK"
2194
2195requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2196requires_config_enabled MBEDTLS_SSL_SRV_C
2197requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2199requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2200requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2201run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2202 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2203 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2204 0 \
2205 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2206 -c "client hello, adding psk_key_exchange_modes extension" \
2207 -c "client hello, adding PSK binder list" \
2208 -s "No matched PSK or ticket" \
2209 -s "key exchange mode: ephemeral"
2210
2211requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2212requires_config_enabled MBEDTLS_SSL_SRV_C
2213requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2214requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2215requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2217run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2218 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2219 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2220 1 \
2221 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2222 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2223 -c "client hello, adding PSK binder list" \
2224 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2225
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2226# psk_all mode in client
2227requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2228requires_config_enabled MBEDTLS_SSL_SRV_C
2229requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2230requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2231requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2232run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2233 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2234 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2235 0 \
2236 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2237 -c "client hello, adding psk_key_exchange_modes extension" \
2238 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2239 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2240 -c "HTTP/1.0 200 OK"
2241
2242requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2243requires_config_enabled MBEDTLS_SSL_SRV_C
2244requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2245requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2247run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2248 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2249 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2250 1 \
2251 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2252 -c "client hello, adding psk_key_exchange_modes extension" \
2253 -c "client hello, adding PSK binder list" \
2254 -s "ClientHello message misses mandatory extensions."
2255
2256requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2257requires_config_enabled MBEDTLS_SSL_SRV_C
2258requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2259requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2260requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2261run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2262 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2263 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2264 1 \
2265 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2266 -c "client hello, adding psk_key_exchange_modes extension" \
2267 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2268 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2269
2270requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2271requires_config_enabled MBEDTLS_SSL_SRV_C
2272requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2273requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2274requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2275run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2276 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2277 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2278 0 \
2279 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2280 -c "client hello, adding psk_key_exchange_modes extension" \
2281 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2282 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2283 -c "HTTP/1.0 200 OK"
2284
2285requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2286requires_config_enabled MBEDTLS_SSL_SRV_C
2287requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2288requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2289requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2290run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2291 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2292 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2293 1 \
2294 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2295 -c "client hello, adding psk_key_exchange_modes extension" \
2296 -c "client hello, adding PSK binder list" \
2297 -s "No matched PSK or ticket" \
2298 -s "ClientHello message misses mandatory extensions."
2299
2300requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2301requires_config_enabled MBEDTLS_SSL_SRV_C
2302requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2303requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2304requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2305run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2306 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2307 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2308 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2309 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2310 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2311 -c "client hello, adding PSK binder list" \
2312 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2313
2314requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2315requires_config_enabled MBEDTLS_SSL_SRV_C
2316requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2317requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2318requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2319requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2320run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2321 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2322 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2323 1 \
2324 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2325 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2326 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2327
2328requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2329requires_config_enabled MBEDTLS_SSL_SRV_C
2330requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2331requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2332requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2333requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2334run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2335 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2336 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2337 0 \
2338 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2339 -c "client hello, adding psk_key_exchange_modes extension" \
2340 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2341 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2342 -c "HTTP/1.0 200 OK"
2343
2344requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2345requires_config_enabled MBEDTLS_SSL_SRV_C
2346requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2350run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2351 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2352 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2353 1 \
2354 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2355 -c "client hello, adding psk_key_exchange_modes extension" \
2356 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2357 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2358
2359requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2360requires_config_enabled MBEDTLS_SSL_SRV_C
2361requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2362requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2363requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2364requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2365run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2366 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2367 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2368 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2369 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2370 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2371 -c "client hello, adding PSK binder list" \
2372 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2373
2374requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2375requires_config_enabled MBEDTLS_SSL_SRV_C
2376requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2377requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2378requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2379run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2380 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2381 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2382 0 \
2383 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2384 -c "client hello, adding psk_key_exchange_modes extension" \
2385 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2386 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2387 -c "HTTP/1.0 200 OK"
2388
2389requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2390requires_config_enabled MBEDTLS_SSL_SRV_C
2391requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2392requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2393requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2394run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2395 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2396 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2397 1 \
2398 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2399 -c "client hello, adding psk_key_exchange_modes extension" \
2400 -c "client hello, adding PSK binder list" \
2401 -s "No matched PSK or ticket" \
2402 -s "ClientHello message misses mandatory extensions."
2403
2404requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2405requires_config_enabled MBEDTLS_SSL_SRV_C
2406requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2408requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2409run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2410 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2411 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2412 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2413 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2414 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2415 -c "client hello, adding PSK binder list" \
2416 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2417
2418requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2419requires_config_enabled MBEDTLS_SSL_SRV_C
2420requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2421requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2422requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2423requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2424run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2425 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2426 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2427 0 \
2428 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2429 -c "client hello, adding psk_key_exchange_modes extension" \
2430 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2431 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2432 -c "HTTP/1.0 200 OK"
2433
2434requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2435requires_config_enabled MBEDTLS_SSL_SRV_C
2436requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2437requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2438requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2439requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2440run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2441 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2442 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2443 1 \
2444 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2445 -c "client hello, adding psk_key_exchange_modes extension" \
2446 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2447 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2448
2449requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2450requires_config_enabled MBEDTLS_SSL_SRV_C
2451requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2452requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2453requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2454requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2455run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2456 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2457 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2458 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2459 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2460 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2461 -c "client hello, adding PSK binder list" \
2462 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2463
2464# all mode in client
2465requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2466requires_config_enabled MBEDTLS_SSL_SRV_C
2467requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2468requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2469requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2470requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2471run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2472 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2473 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2474 0 \
2475 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2476 -c "client hello, adding psk_key_exchange_modes extension" \
2477 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2478 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2479 -c "HTTP/1.0 200 OK"
2480
2481requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2482requires_config_enabled MBEDTLS_SSL_SRV_C
2483requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2485requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2486requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2487run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2488 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2489 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2490 1 \
2491 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2492 -c "client hello, adding psk_key_exchange_modes extension" \
2493 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2494 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2495 -s "ClientHello message misses mandatory extensions."
2496
2497requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2498requires_config_enabled MBEDTLS_SSL_SRV_C
2499requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2500requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2501requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2502requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2503run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2504 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2505 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2506 1 \
2507 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2508 -c "client hello, adding psk_key_exchange_modes extension" \
2509 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2510 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2511
2512requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2513requires_config_enabled MBEDTLS_SSL_SRV_C
2514requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2517requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2518run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2519 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2520 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2521 0 \
2522 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2523 -c "client hello, adding psk_key_exchange_modes extension" \
2524 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2525 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2526 -c "HTTP/1.0 200 OK"
2527
2528requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2529requires_config_enabled MBEDTLS_SSL_SRV_C
2530requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2531requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2532requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2533requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2534run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2535 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2536 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2537 1 \
2538 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2539 -c "client hello, adding psk_key_exchange_modes extension" \
2540 -c "client hello, adding PSK binder list" \
2541 -s "No matched PSK or ticket" \
2542 -s "ClientHello message misses mandatory extensions."
2543
2544requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2545requires_config_enabled MBEDTLS_SSL_SRV_C
2546requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2547requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2548requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2549requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2550run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2551 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2552 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2553 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2554 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2555 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2556 -c "client hello, adding PSK binder list" \
2557 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2558
2559requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2560requires_config_enabled MBEDTLS_SSL_SRV_C
2561requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2563requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2564requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2565run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2566 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2567 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2568 0 \
2569 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2570 -c "client hello, adding psk_key_exchange_modes extension" \
2571 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2572 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2573 -c "HTTP/1.0 200 OK"
2574
2575requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2576requires_config_enabled MBEDTLS_SSL_SRV_C
2577requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2578requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2579requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2580requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2581run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2582 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2583 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2584 0 \
2585 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2586 -c "client hello, adding psk_key_exchange_modes extension" \
2587 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2588 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2589 -c "HTTP/1.0 200 OK"
2590
2591requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2592requires_config_enabled MBEDTLS_SSL_SRV_C
2593requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2594requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2595requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2596requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2597run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2598 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2599 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2600 0 \
2601 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2602 -c "client hello, adding psk_key_exchange_modes extension" \
2603 -c "client hello, adding PSK binder list" \
2604 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2605 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2606 -c "HTTP/1.0 200 OK"
2607
2608requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2609requires_config_enabled MBEDTLS_SSL_SRV_C
2610requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2611requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2612requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2613requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2614run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2615 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2616 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2617 1 \
2618 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2619 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2620 -c "client hello, adding PSK binder list" \
2621 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2622
2623requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2624requires_config_enabled MBEDTLS_SSL_SRV_C
2625requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2626requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2627requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2628requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2629run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2630 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2631 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2632 0 \
2633 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2634 -c "client hello, adding psk_key_exchange_modes extension" \
2635 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2636 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2637 -c "HTTP/1.0 200 OK"
2638
2639requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2640requires_config_enabled MBEDTLS_SSL_SRV_C
2641requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2642requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2645run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2646 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2647 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2648 1 \
2649 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2650 -c "client hello, adding psk_key_exchange_modes extension" \
2651 -c "client hello, adding PSK binder list" \
2652 -s "No matched PSK or ticket" \
2653 -s "ClientHello message misses mandatory extensions."
2654
2655requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2656requires_config_enabled MBEDTLS_SSL_SRV_C
2657requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2658requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2659requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2660requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2661run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2662 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2663 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2664 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2665 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2666 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2667 -c "client hello, adding PSK binder list" \
2668 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2669
2670requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2671requires_config_enabled MBEDTLS_SSL_SRV_C
2672requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2673requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2674requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2675requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2676run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2677 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2678 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2679 0 \
2680 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2681 -c "client hello, adding psk_key_exchange_modes extension" \
2682 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2683 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2684 -c "HTTP/1.0 200 OK"
2685
2686requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2687requires_config_enabled MBEDTLS_SSL_SRV_C
2688requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2689requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2690requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2691requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2692run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2693 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2694 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2695 0 \
2696 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2697 -c "client hello, adding psk_key_exchange_modes extension" \
2698 -c "client hello, adding PSK binder list" \
2699 -s "No matched PSK or ticket" \
2700 -s "key exchange mode: ephemeral"
2701
2702requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2703requires_config_enabled MBEDTLS_SSL_SRV_C
2704requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2708run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2709 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2710 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2711 1 \
2712 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2713 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2714 -c "client hello, adding PSK binder list" \
2715 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2716
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2717#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2718requires_openssl_tls1_3
2719requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2720requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2721requires_config_enabled MBEDTLS_DEBUG_C
2722requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2723requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2724run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2725 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2726 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2727 0 \
2728 -c "=> write client hello" \
2729 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2730 -c "client hello, adding psk_key_exchange_modes extension" \
2731 -c "client hello, adding PSK binder list" \
2732 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2733 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2734 -c "HTTP/1.0 200 ok"
2735
2736requires_openssl_tls1_3
2737requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2738requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2739requires_config_enabled MBEDTLS_DEBUG_C
2740requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2741requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2742run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2743 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2744 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2745 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2746 -c "=> write client hello" \
2747 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2748 -c "client hello, adding psk_key_exchange_modes extension" \
2749 -c "client hello, adding PSK binder list" \
2750 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2751 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2752
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2753#OPENSSL-SERVER psk_all mode
2754requires_openssl_tls1_3
2755requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2756requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2757requires_config_enabled MBEDTLS_DEBUG_C
2758requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2759requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2760requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2761run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2762 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2763 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2764 0 \
2765 -c "=> write client hello" \
2766 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2767 -c "client hello, adding psk_key_exchange_modes extension" \
2768 -c "client hello, adding PSK binder list" \
2769 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2770 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2771 -c "HTTP/1.0 200 ok"
2772
2773requires_openssl_tls1_3
2774requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2775requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2776requires_config_enabled MBEDTLS_DEBUG_C
2777requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2778requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2779requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2780run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2781 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2782 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2783 0 \
2784 -c "=> write client hello" \
2785 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2786 -c "client hello, adding psk_key_exchange_modes extension" \
2787 -c "client hello, adding PSK binder list" \
2788 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2789 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2790 -c "HTTP/1.0 200 ok"
2791
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2792#OPENSSL-SERVER psk_ephemeral mode
2793requires_openssl_tls1_3
2794requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2795requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2796requires_config_enabled MBEDTLS_DEBUG_C
2797requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2798requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2799run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2800 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2801 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2802 0 \
2803 -c "=> write client hello" \
2804 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2805 -c "client hello, adding psk_key_exchange_modes extension" \
2806 -c "client hello, adding PSK binder list" \
2807 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2808 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2809 -c "HTTP/1.0 200 ok"
2810
2811requires_openssl_tls1_3
2812requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2813requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2814requires_config_enabled MBEDTLS_DEBUG_C
2815requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2817run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2818 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2819 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2820 0 \
2821 -c "=> write client hello" \
2822 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2823 -c "client hello, adding psk_key_exchange_modes extension" \
2824 -c "client hello, adding PSK binder list" \
2825 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2826 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2827 -c "HTTP/1.0 200 ok"
2828
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2829#OPENSSL-SERVER ephemeral mode
2830requires_openssl_tls1_3
2831requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2832requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2833requires_config_enabled MBEDTLS_DEBUG_C
2834requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2835requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2836run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2837 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2838 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2839 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2840 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2841 -c "HTTP/1.0 200 ok"
2842
2843requires_openssl_tls1_3
2844requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2845requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2846requires_config_enabled MBEDTLS_DEBUG_C
2847requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2848requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2849run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2850 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2851 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2852 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2853 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2854 -c "HTTP/1.0 200 ok"
2855
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2856#OPENSSL-SERVER ephemeral_all mode
2857requires_openssl_tls1_3
2858requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2859requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2860requires_config_enabled MBEDTLS_DEBUG_C
2861requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2862requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2863requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2864run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2865 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2866 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2867 0 \
2868 -c "=> write client hello" \
2869 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2870 -c "client hello, adding psk_key_exchange_modes extension" \
2871 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2872 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2873 -c "<= write client hello" \
2874 -c "HTTP/1.0 200 ok"
2875
2876requires_openssl_tls1_3
2877requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2878requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2879requires_config_enabled MBEDTLS_DEBUG_C
2880requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2881requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2882requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2883run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2884 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2885 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2886 0 \
2887 -c "=> write client hello" \
2888 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2889 -c "client hello, adding psk_key_exchange_modes extension" \
2890 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2891 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2892 -c "<= write client hello" \
2893 -c "HTTP/1.0 200 ok"
2894
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2895#OPENSSL-SERVER all mode
2896requires_openssl_tls1_3
2897requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2898requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2899requires_config_enabled MBEDTLS_DEBUG_C
2900requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2901requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2902requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2903requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2904run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2905 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2906 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2907 0 \
2908 -c "=> write client hello" \
2909 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2910 -c "client hello, adding psk_key_exchange_modes extension" \
2911 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2912 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2913 -c "<= write client hello" \
2914 -c "HTTP/1.0 200 ok"
2915
2916requires_openssl_tls1_3
2917requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2918requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2919requires_config_enabled MBEDTLS_DEBUG_C
2920requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2921requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2922requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2923requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2924run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2925 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2926 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2927 0 \
2928 -c "=> write client hello" \
2929 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2930 -c "client hello, adding psk_key_exchange_modes extension" \
2931 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2932 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2933 -c "<= write client hello" \
2934 -c "HTTP/1.0 200 ok"
2935
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2936#GNUTLS-SERVER psk mode
2937requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2938requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2939requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2940requires_config_enabled MBEDTLS_DEBUG_C
2941requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2942requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2943run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2944 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2945 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
2946 0 \
2947 -c "=> write client hello" \
2948 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2949 -c "client hello, adding psk_key_exchange_modes extension" \
2950 -c "client hello, adding PSK binder list" \
2951 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2952 -s "Parsing extension 'Pre Shared Key/41'" \
2953 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2954 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2955 -c "HTTP/1.0 200 OK"
2956
2957requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2958requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2959requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2960requires_config_enabled MBEDTLS_DEBUG_C
2961requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2962requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2963run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2964 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2965 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
2966 1 \
2967 -c "=> write client hello" \
2968 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2969 -c "client hello, adding psk_key_exchange_modes extension" \
2970 -c "client hello, adding PSK binder list" \
2971 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2972 -s "Parsing extension 'Pre Shared Key/41'" \
2973 -c "<= write client hello" \
2974 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2975
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2976#GNUTLS-SERVER psk_all mode
2977requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2978requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2979requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2980requires_config_enabled MBEDTLS_DEBUG_C
2981requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2982requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2983requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2984run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2985 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2986 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
2987 0 \
2988 -c "=> write client hello" \
2989 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2990 -c "client hello, adding psk_key_exchange_modes extension" \
2991 -c "client hello, adding PSK binder list" \
2992 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2993 -s "Parsing extension 'Pre Shared Key/41'" \
2994 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]2995 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2996 -c "HTTP/1.0 200 OK"
2997
2998requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2999requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3000requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3001requires_config_enabled MBEDTLS_DEBUG_C
3002requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3003requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3004requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3005run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3006 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3007 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3008 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3009 -c "=> write client hello" \
3010 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3011 -c "client hello, adding psk_key_exchange_modes extension" \
3012 -c "client hello, adding PSK binder list" \
3013 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3014 -s "Parsing extension 'Pre Shared Key/41'" \
3015 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3016 -c "Selected key exchange mode: psk_ephemeral" \
3017 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3018
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3019#GNUTLS-SERVER psk_ephemeral mode
3020requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3021requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3022requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3023requires_config_enabled MBEDTLS_DEBUG_C
3024requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3025requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3026run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3027 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3028 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3029 0 \
3030 -c "=> write client hello" \
3031 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3032 -c "client hello, adding psk_key_exchange_modes extension" \
3033 -c "client hello, adding PSK binder list" \
3034 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3035 -s "Parsing extension 'Pre Shared Key/41'" \
3036 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3037 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3038 -c "HTTP/1.0 200 OK"
3039
3040requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3041requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3042requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3043requires_config_enabled MBEDTLS_DEBUG_C
3044requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3045requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3046run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3047 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3048 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3049 0 \
3050 -c "=> write client hello" \
3051 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3052 -c "client hello, adding psk_key_exchange_modes extension" \
3053 -c "client hello, adding PSK binder list" \
3054 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3055 -s "Parsing extension 'Pre Shared Key/41'" \
3056 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3057 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3058 -c "HTTP/1.0 200 OK"
3059
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3060#GNUTLS-SERVER ephemeral mode
3061requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3062requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3063requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3064requires_config_enabled MBEDTLS_DEBUG_C
3065requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3066requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3067run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3068 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3069 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3070 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3071 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3072 -c "HTTP/1.0 200 OK"
3073
3074requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3075requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3076requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3077requires_config_enabled MBEDTLS_DEBUG_C
3078requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3079requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3080run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3081 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3082 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3083 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3084 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3085 -c "HTTP/1.0 200 OK"
3086
3087#GNUTLS-SERVER ephemeral_all mode
3088requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3089requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3090requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3091requires_config_enabled MBEDTLS_DEBUG_C
3092requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3093requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3094requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3095run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3096 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3097 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3098 0 \
3099 -c "=> write client hello" \
3100 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3101 -c "client hello, adding psk_key_exchange_modes extension" \
3102 -c "client hello, adding PSK binder list" \
3103 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3104 -s "Parsing extension 'Pre Shared Key/41'" \
3105 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3106 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3107 -c "HTTP/1.0 200 OK"
3108
3109requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3110requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3111requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3112requires_config_enabled MBEDTLS_DEBUG_C
3113requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3114requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3115requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3116run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3117 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3118 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3119 0 \
3120 -c "=> write client hello" \
3121 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3122 -c "client hello, adding psk_key_exchange_modes extension" \
3123 -c "client hello, adding PSK binder list" \
3124 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3125 -s "Parsing extension 'Pre Shared Key/41'" \
3126 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3127 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3128 -c "HTTP/1.0 200 OK"
3129
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3130#GNUTLS-SERVER all mode
3131requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3132requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3133requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3134requires_config_enabled MBEDTLS_DEBUG_C
3135requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3137requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3138requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3139run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3140 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3141 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3142 0 \
3143 -c "=> write client hello" \
3144 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3145 -c "client hello, adding psk_key_exchange_modes extension" \
3146 -c "client hello, adding PSK binder list" \
3147 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3148 -s "Parsing extension 'Pre Shared Key/41'" \
3149 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3150 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3151 -c "HTTP/1.0 200 OK"
3152
3153requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3154requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3155requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3156requires_config_enabled MBEDTLS_DEBUG_C
3157requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3158requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3159requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3160requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3161run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3162 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3163 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3164 0 \
3165 -c "=> write client hello" \
3166 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3167 -c "client hello, adding psk_key_exchange_modes extension" \
3168 -c "client hello, adding PSK binder list" \
3169 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3170 -s "Parsing extension 'Pre Shared Key/41'" \
3171 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3172 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3173 -c "HTTP/1.0 200 OK"