TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7de2ff0310f4c7e7493844533e10785a6207a2a8 / . / tests / opt-testcases / tls13-kex-modes.sh
blob: b1320c5b593adf409331f109a28286e7b42cc28b [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu66f35f22022-08-22 17:27:41 +0800[diff] [blame]21requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]22requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
23requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
24requires_config_enabled MBEDTLS_SSL_SRV_C
25requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]26requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
27
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]28run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]29 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]30 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
31 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
32 localhost" \
33 1 \
34 -s "found psk key exchange modes extension" \
35 -s "found pre_shared_key extension" \
36 -s "Found PSK_EPHEMERAL KEX MODE" \
37 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]38 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]39
40requires_openssl_tls1_3
41requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
42requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
43requires_config_enabled MBEDTLS_SSL_SRV_C
44requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]45requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
46
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]47run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]48 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]49 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
50 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
51 1 \
52 -s "found psk key exchange modes extension" \
53 -s "found pre_shared_key extension" \
54 -s "Found PSK_EPHEMERAL KEX MODE" \
55 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]56 -s "No matched ciphersuite"
57
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]58requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
59 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
60requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
61 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
62requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
63 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]64run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
65 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
66 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
67 0 \
68 -c "Pre-configured PSK number = 2" \
69 -s "sent selected_identity: 0" \
70 -s "key exchange mode: psk_ephemeral" \
71 -S "key exchange mode: psk$" \
72 -S "key exchange mode: ephemeral$" \
73 -S "ticket is not authentic"
74
75requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
76 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
77requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
78 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
79requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
80 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
81run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]82 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
83 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
84 0 \
85 -c "Pre-configured PSK number = 2" \
86 -s "sent selected_identity: 1" \
87 -s "key exchange mode: psk_ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]88 -S "key exchange mode: psk$" \
89 -S "key exchange mode: ephemeral$" \
90 -s "ticket is not authentic"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]91
92requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
93 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
94requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
95 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
96requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
97 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]98run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]99 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
100 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
101 0 \
102 -c "Pre-configured PSK number = 1" \
103 -S "sent selected_identity:" \
104 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]105 -S "key exchange mode: psk_ephemeral" \
106 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]107 -s "ticket is not authentic" \
108 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]109 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]110 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]111 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]112
113requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
114 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
115requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
116 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
117requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
118 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]119run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]120 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
121 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
122 0 \
123 -c "Pre-configured PSK number = 1" \
124 -S "sent selected_identity:" \
125 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]126 -S "key exchange mode: psk_ephemeral" \
127 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]128 -S "ticket is not authentic" \
129 -s "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]130 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]131 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]132 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]133
134requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
135 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
136requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
137 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
138requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
139 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]140run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]141 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
142 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
143 0 \
144 -c "Pre-configured PSK number = 1" \
145 -S "sent selected_identity:" \
146 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]147 -S "key exchange mode: psk_ephemeral" \
148 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]149 -S "ticket is not authentic" \
150 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]151 -s "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]152 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]153 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]154
155requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
156 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
157requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
158 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]159requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
160 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]161run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]162 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
163 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
164 0 \
165 -c "Pre-configured PSK number = 1" \
166 -S "sent selected_identity:" \
167 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]168 -S "key exchange mode: psk_ephemeral" \
169 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]170 -S "ticket is not authentic" \
171 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]172 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]173 -s "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]174 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]175
176requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
177 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
178requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
179 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]180requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
181 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]182run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]183 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
184 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
185 0 \
186 -c "Pre-configured PSK number = 1" \
187 -S "sent selected_identity:" \
188 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]189 -S "key exchange mode: psk_ephemeral" \
190 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]191 -S "ticket is not authentic" \
192 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]193 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]194 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]195 -s "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]196
197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
198 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
199requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
200 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
201requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
202 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]203run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]204 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
205 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
206 0 \
207 -c "Pre-configured PSK number = 1" \
208 -S "sent selected_identity:" \
209 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]210 -S "key exchange mode: psk_ephemeral" \
211 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]212 -S "ticket is not authentic" \
213 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]214 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]215 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]216 -s "Ticket age outside tolerance window"
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]217
218requires_gnutls_tls1_3
219requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]220requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]221run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]222 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]223 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
224 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
225 localhost" \
226 1 \
227 -s "found psk key exchange modes extension" \
228 -s "found pre_shared_key extension" \
229 -s "Found PSK_EPHEMERAL KEX MODE" \
230 -S "Found PSK KEX MODE" \
231 -S "key exchange mode: psk$" \
232 -S "key exchange mode: psk_ephemeral" \
233 -S "key exchange mode: ephemeral"
234
235requires_gnutls_tls1_3
236requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]238run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]239 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]240 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
241 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
242 localhost" \
243 0 \
244 -s "found psk key exchange modes extension" \
245 -s "found pre_shared_key extension" \
246 -s "Found PSK_EPHEMERAL KEX MODE" \
247 -s "Found PSK KEX MODE" \
248 -s "Pre shared key found" \
249 -S "No matched PSK or ticket" \
250 -s "key exchange mode: psk$" \
251 -S "key exchange mode: psk_ephemeral" \
252 -S "key exchange mode: ephemeral"
253
254requires_gnutls_tls1_3
255requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]257run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]258 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]259 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
260 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
261 localhost" \
262 1 \
263 -s "found psk key exchange modes extension" \
264 -s "found pre_shared_key extension" \
265 -s "Found PSK_EPHEMERAL KEX MODE" \
266 -s "Found PSK KEX MODE" \
267 -s "No matched PSK or ticket" \
268 -S "key exchange mode: psk$" \
269 -S "key exchange mode: psk_ephemeral" \
270 -S "key exchange mode: ephemeral"
271
272requires_gnutls_tls1_3
273requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]274requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]275run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]276 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]277 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
278 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
279 localhost" \
280 1 \
281 -s "found psk key exchange modes extension" \
282 -s "found pre_shared_key extension" \
283 -s "Found PSK_EPHEMERAL KEX MODE" \
284 -s "Found PSK KEX MODE" \
285 -s "Invalid binder." \
286 -S "key exchange mode: psk$" \
287 -S "key exchange mode: psk_ephemeral" \
288 -S "key exchange mode: ephemeral"
289
290requires_gnutls_tls1_3
291requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]292requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]293run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]294 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]295 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
296 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
297 localhost" \
298 0 \
299 -s "found psk key exchange modes extension" \
300 -s "found pre_shared_key extension" \
301 -S "Found PSK_EPHEMERAL KEX MODE" \
302 -s "Found PSK KEX MODE" \
303 -s "Pre shared key found" \
304 -S "No matched PSK or ticket" \
305 -s "key exchange mode: psk$" \
306 -S "key exchange mode: psk_ephemeral" \
307 -S "key exchange mode: ephemeral"
308
309requires_gnutls_tls1_3
310requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]312run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]313 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]314 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
315 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
316 localhost" \
317 1 \
318 -s "found psk key exchange modes extension" \
319 -s "found pre_shared_key extension" \
320 -S "Found PSK_EPHEMERAL KEX MODE" \
321 -s "Found PSK KEX MODE" \
322 -s "No matched PSK or ticket" \
323 -S "key exchange mode: psk$" \
324 -S "key exchange mode: psk_ephemeral" \
325 -S "key exchange mode: ephemeral"
326
327requires_gnutls_tls1_3
328requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]330run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]331 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]332 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
333 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
334 localhost" \
335 1 \
336 -s "found psk key exchange modes extension" \
337 -s "found pre_shared_key extension" \
338 -S "Found PSK_EPHEMERAL KEX MODE" \
339 -s "Found PSK KEX MODE" \
340 -s "Invalid binder." \
341 -S "key exchange mode: psk$" \
342 -S "key exchange mode: psk_ephemeral" \
343 -S "key exchange mode: ephemeral"
344
345requires_gnutls_tls1_3
346requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]348run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]349 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]350 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
351 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
352 localhost" \
353 0 \
354 -s "found psk key exchange modes extension" \
355 -s "found pre_shared_key extension" \
356 -s "Found PSK_EPHEMERAL KEX MODE" \
357 -S "Found PSK KEX MODE" \
358 -s "Pre shared key found" \
359 -S "No matched PSK or ticket" \
360 -S "key exchange mode: psk$" \
361 -s "key exchange mode: psk_ephemeral" \
362 -S "key exchange mode: ephemeral"
363
364requires_gnutls_tls1_3
365requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]366requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]367run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]368 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]369 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
370 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
371 localhost" \
372 1 \
373 -s "found psk key exchange modes extension" \
374 -s "found pre_shared_key extension" \
375 -s "Found PSK_EPHEMERAL KEX MODE" \
376 -S "Found PSK KEX MODE" \
377 -s "No matched PSK or ticket" \
378 -S "key exchange mode: psk$" \
379 -S "key exchange mode: psk_ephemeral" \
380 -S "key exchange mode: ephemeral"
381
382requires_gnutls_tls1_3
383requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]384requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]385run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]386 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]387 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
388 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
389 localhost" \
390 1 \
391 -s "found psk key exchange modes extension" \
392 -s "found pre_shared_key extension" \
393 -s "Found PSK_EPHEMERAL KEX MODE" \
394 -S "Found PSK KEX MODE" \
395 -s "Invalid binder." \
396 -S "key exchange mode: psk$" \
397 -S "key exchange mode: psk_ephemeral" \
398 -S "key exchange mode: ephemeral"
399
400requires_gnutls_tls1_3
401requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]402requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]403run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]404 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]405 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
406 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
407 localhost" \
408 0 \
409 -s "found psk key exchange modes extension" \
410 -s "found pre_shared_key extension" \
411 -s "Found PSK_EPHEMERAL KEX MODE" \
412 -s "Found PSK KEX MODE" \
413 -s "Pre shared key found" \
414 -S "No matched PSK or ticket" \
415 -S "key exchange mode: psk$" \
416 -s "key exchange mode: psk_ephemeral" \
417 -S "key exchange mode: ephemeral"
418
419requires_gnutls_tls1_3
420requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]421requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]422run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]423 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]424 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
425 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
426 localhost" \
427 1 \
428 -s "found psk key exchange modes extension" \
429 -s "found pre_shared_key extension" \
430 -s "Found PSK_EPHEMERAL KEX MODE" \
431 -s "Found PSK KEX MODE" \
432 -s "No matched PSK or ticket" \
433 -S "key exchange mode: psk$" \
434 -S "key exchange mode: psk_ephemeral" \
435 -S "key exchange mode: ephemeral"
436
437requires_gnutls_tls1_3
438requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]439requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]440run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]441 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]442 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
443 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
444 localhost" \
445 1 \
446 -s "found psk key exchange modes extension" \
447 -s "found pre_shared_key extension" \
448 -s "Found PSK_EPHEMERAL KEX MODE" \
449 -s "Found PSK KEX MODE" \
450 -s "Invalid binder." \
451 -S "key exchange mode: psk$" \
452 -S "key exchange mode: psk_ephemeral" \
453 -S "key exchange mode: ephemeral"
454
455requires_gnutls_tls1_3
456requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]457requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]458run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]459 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]460 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
461 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
462 localhost" \
463 1 \
464 -s "found psk key exchange modes extension" \
465 -s "found pre_shared_key extension" \
466 -S "Found PSK_EPHEMERAL KEX MODE" \
467 -s "Found PSK KEX MODE" \
468 -S "key exchange mode: psk$" \
469 -S "key exchange mode: psk_ephemeral" \
470 -S "key exchange mode: ephemeral"
471
472requires_gnutls_tls1_3
473requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]474requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
475requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]476run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]477 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]478 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
479 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
480 localhost" \
481 0 \
482 -s "found psk key exchange modes extension" \
483 -s "found pre_shared_key extension" \
484 -s "Found PSK_EPHEMERAL KEX MODE" \
485 -S "Found PSK KEX MODE" \
486 -s "Pre shared key found" \
487 -S "No matched PSK or ticket" \
488 -S "key exchange mode: psk$" \
489 -s "key exchange mode: psk_ephemeral" \
490 -S "key exchange mode: ephemeral"
491
492requires_gnutls_tls1_3
493requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]496run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]497 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]498 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
499 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
500 localhost" \
501 1 \
502 -s "found psk key exchange modes extension" \
503 -s "found pre_shared_key extension" \
504 -s "Found PSK_EPHEMERAL KEX MODE" \
505 -S "Found PSK KEX MODE" \
506 -s "No matched PSK or ticket" \
507 -S "key exchange mode: psk$" \
508 -S "key exchange mode: psk_ephemeral" \
509 -S "key exchange mode: ephemeral"
510
511requires_gnutls_tls1_3
512requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]513requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
514requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]515run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]516 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]517 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
518 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
519 localhost" \
520 1 \
521 -s "found psk key exchange modes extension" \
522 -s "found pre_shared_key extension" \
523 -s "Found PSK_EPHEMERAL KEX MODE" \
524 -S "Found PSK KEX MODE" \
525 -s "Invalid binder." \
526 -S "key exchange mode: psk$" \
527 -S "key exchange mode: psk_ephemeral" \
528 -S "key exchange mode: ephemeral"
529
530requires_gnutls_tls1_3
531requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]532requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
533requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]534run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]535 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]536 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
537 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
538 localhost" \
539 0 \
540 -s "found psk key exchange modes extension" \
541 -s "found pre_shared_key extension" \
542 -s "Found PSK_EPHEMERAL KEX MODE" \
543 -s "Found PSK KEX MODE" \
544 -s "Pre shared key found" \
545 -S "No matched PSK or ticket" \
546 -S "key exchange mode: psk$" \
547 -s "key exchange mode: psk_ephemeral" \
548 -S "key exchange mode: ephemeral"
549
550requires_gnutls_tls1_3
551requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]552requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]554run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]555 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]556 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
557 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
558 localhost" \
559 1 \
560 -s "found psk key exchange modes extension" \
561 -s "found pre_shared_key extension" \
562 -s "Found PSK_EPHEMERAL KEX MODE" \
563 -s "Found PSK KEX MODE" \
564 -s "No matched PSK or ticket" \
565 -S "key exchange mode: psk$" \
566 -S "key exchange mode: psk_ephemeral" \
567 -S "key exchange mode: ephemeral"
568
569requires_gnutls_tls1_3
570requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]571requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
572requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]573run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]574 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]575 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
576 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
577 localhost" \
578 1 \
579 -s "found psk key exchange modes extension" \
580 -s "found pre_shared_key extension" \
581 -s "Found PSK_EPHEMERAL KEX MODE" \
582 -s "Found PSK KEX MODE" \
583 -s "Invalid binder." \
584 -S "key exchange mode: psk$" \
585 -S "key exchange mode: psk_ephemeral" \
586 -S "key exchange mode: ephemeral"
587
588requires_gnutls_tls1_3
589requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]590requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
591requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]592run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]593 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]594 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
595 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
596 localhost" \
597 0 \
598 -s "found psk key exchange modes extension" \
599 -s "found pre_shared_key extension" \
600 -S "Found PSK_EPHEMERAL KEX MODE" \
601 -s "Found PSK KEX MODE" \
602 -s "Pre shared key found" \
603 -S "No matched PSK or ticket" \
604 -s "key exchange mode: psk$" \
605 -S "key exchange mode: psk_ephemeral" \
606 -S "key exchange mode: ephemeral"
607
608requires_gnutls_tls1_3
609requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]610requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
611requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]612run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]613 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]614 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
615 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
616 localhost" \
617 1 \
618 -s "found psk key exchange modes extension" \
619 -s "found pre_shared_key extension" \
620 -S "Found PSK_EPHEMERAL KEX MODE" \
621 -s "Found PSK KEX MODE" \
622 -s "No matched PSK or ticket" \
623 -S "key exchange mode: psk$" \
624 -S "key exchange mode: psk_ephemeral" \
625 -S "key exchange mode: ephemeral"
626
627requires_gnutls_tls1_3
628requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]629requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
630requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]631run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]632 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]633 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
634 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
635 localhost" \
636 1 \
637 -s "found psk key exchange modes extension" \
638 -s "found pre_shared_key extension" \
639 -S "Found PSK_EPHEMERAL KEX MODE" \
640 -s "Found PSK KEX MODE" \
641 -s "Invalid binder." \
642 -S "key exchange mode: psk$" \
643 -S "key exchange mode: psk_ephemeral" \
644 -S "key exchange mode: ephemeral"
645
646requires_gnutls_tls1_3
647requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]648requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
649requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]650run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]651 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]652 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
653 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
654 localhost" \
655 0 \
656 -s "found psk key exchange modes extension" \
657 -s "found pre_shared_key extension" \
658 -s "Found PSK_EPHEMERAL KEX MODE" \
659 -S "Found PSK KEX MODE" \
660 -s "Pre shared key found" \
661 -S "No matched PSK or ticket" \
662 -S "key exchange mode: psk$" \
663 -s "key exchange mode: psk_ephemeral" \
664 -S "key exchange mode: ephemeral"
665
666requires_gnutls_tls1_3
667requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]668requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
669requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]670run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]671 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]672 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
673 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
674 localhost" \
675 0 \
676 -s "found psk key exchange modes extension" \
677 -s "found pre_shared_key extension" \
678 -s "Found PSK_EPHEMERAL KEX MODE" \
679 -S "Found PSK KEX MODE" \
680 -s "No matched PSK or ticket" \
681 -S "key exchange mode: psk$" \
682 -S "key exchange mode: psk_ephemeral" \
683 -s "key exchange mode: ephemeral"
684
685requires_gnutls_tls1_3
686requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]687requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]689run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]690 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]691 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
692 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
693 localhost" \
694 1 \
695 -s "found psk key exchange modes extension" \
696 -s "found pre_shared_key extension" \
697 -s "Found PSK_EPHEMERAL KEX MODE" \
698 -S "Found PSK KEX MODE" \
699 -s "Invalid binder." \
700 -S "key exchange mode: psk$" \
701 -S "key exchange mode: psk_ephemeral" \
702 -S "key exchange mode: ephemeral"
703
704requires_gnutls_tls1_3
705requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]708run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]709 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]710 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
711 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
712 localhost" \
713 0 \
714 -s "found psk key exchange modes extension" \
715 -s "found pre_shared_key extension" \
716 -s "Found PSK_EPHEMERAL KEX MODE" \
717 -s "Found PSK KEX MODE" \
718 -s "Pre shared key found" \
719 -S "No matched PSK or ticket" \
720 -S "key exchange mode: psk$" \
721 -s "key exchange mode: psk_ephemeral" \
722 -S "key exchange mode: ephemeral"
723
724requires_gnutls_tls1_3
725requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]726requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
727requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]728run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]729 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]730 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
731 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
732 localhost" \
733 0 \
734 -s "found psk key exchange modes extension" \
735 -s "found pre_shared_key extension" \
736 -s "Found PSK_EPHEMERAL KEX MODE" \
737 -s "Found PSK KEX MODE" \
738 -s "No matched PSK or ticket" \
739 -S "key exchange mode: psk$" \
740 -S "key exchange mode: psk_ephemeral" \
741 -s "key exchange mode: ephemeral"
742
743requires_gnutls_tls1_3
744requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]745requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
746requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]747run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]748 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]749 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
750 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
751 localhost" \
752 1 \
753 -s "found psk key exchange modes extension" \
754 -s "found pre_shared_key extension" \
755 -s "Found PSK_EPHEMERAL KEX MODE" \
756 -s "Found PSK KEX MODE" \
757 -s "Invalid binder." \
758 -S "key exchange mode: psk$" \
759 -S "key exchange mode: psk_ephemeral" \
760 -S "key exchange mode: ephemeral"
761
762requires_gnutls_tls1_3
763requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]764requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
765requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]766run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]767 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]768 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
769 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
770 localhost" \
771 0 \
772 -s "found psk key exchange modes extension" \
773 -s "found pre_shared_key extension" \
774 -S "Found PSK_EPHEMERAL KEX MODE" \
775 -s "Found PSK KEX MODE" \
776 -s "Pre shared key found" \
777 -S "No matched PSK or ticket" \
778 -S "key exchange mode: psk$" \
779 -S "key exchange mode: psk_ephemeral" \
780 -s "key exchange mode: ephemeral"
781
782requires_gnutls_tls1_3
783requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
785requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
786requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]787run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]788 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]789 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
790 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
791 localhost" \
792 0 \
793 -s "found psk key exchange modes extension" \
794 -s "found pre_shared_key extension" \
795 -s "Found PSK_EPHEMERAL KEX MODE" \
796 -S "Found PSK KEX MODE" \
797 -s "Pre shared key found" \
798 -S "No matched PSK or ticket" \
799 -S "key exchange mode: psk$" \
800 -s "key exchange mode: psk_ephemeral" \
801 -S "key exchange mode: ephemeral"
802
803requires_gnutls_tls1_3
804requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
807requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]808run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]809 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]810 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
811 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
812 localhost" \
813 0 \
814 -s "found psk key exchange modes extension" \
815 -s "found pre_shared_key extension" \
816 -s "Found PSK_EPHEMERAL KEX MODE" \
817 -S "Found PSK KEX MODE" \
818 -s "No matched PSK or ticket" \
819 -S "key exchange mode: psk$" \
820 -S "key exchange mode: psk_ephemeral" \
821 -s "key exchange mode: ephemeral"
822
823requires_gnutls_tls1_3
824requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]825requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
826requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
827requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]828run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]829 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]830 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
831 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
832 localhost" \
833 1 \
834 -s "found psk key exchange modes extension" \
835 -s "found pre_shared_key extension" \
836 -s "Found PSK_EPHEMERAL KEX MODE" \
837 -S "Found PSK KEX MODE" \
838 -s "Invalid binder." \
839 -S "key exchange mode: psk$" \
840 -S "key exchange mode: psk_ephemeral" \
841 -S "key exchange mode: ephemeral"
842
843requires_gnutls_tls1_3
844requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]845requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
846requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
847requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]848run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]849 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]850 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
851 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
852 localhost" \
853 0 \
854 -s "found psk key exchange modes extension" \
855 -s "found pre_shared_key extension" \
856 -s "Found PSK_EPHEMERAL KEX MODE" \
857 -s "Found PSK KEX MODE" \
858 -s "Pre shared key found" \
859 -S "No matched PSK or ticket" \
860 -S "key exchange mode: psk$" \
861 -s "key exchange mode: psk_ephemeral" \
862 -S "key exchange mode: ephemeral"
863
864requires_gnutls_tls1_3
865requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]866requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
867requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
868requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]869run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]870 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]871 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
872 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
873 localhost" \
874 0 \
875 -s "found psk key exchange modes extension" \
876 -s "found pre_shared_key extension" \
877 -s "Found PSK_EPHEMERAL KEX MODE" \
878 -s "Found PSK KEX MODE" \
879 -s "No matched PSK or ticket" \
880 -S "key exchange mode: psk$" \
881 -S "key exchange mode: psk_ephemeral" \
882 -s "key exchange mode: ephemeral"
883
884requires_gnutls_tls1_3
885requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]886requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
887requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
888requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]889run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]890 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]891 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
892 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
893 localhost" \
894 1 \
895 -s "found psk key exchange modes extension" \
896 -s "found pre_shared_key extension" \
897 -s "Found PSK_EPHEMERAL KEX MODE" \
898 -s "Found PSK KEX MODE" \
899 -s "Invalid binder." \
900 -S "key exchange mode: psk$" \
901 -S "key exchange mode: psk_ephemeral" \
902 -S "key exchange mode: ephemeral"
903
904requires_gnutls_tls1_3
905requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]906requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
907requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
908requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]909run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]910 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]911 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
912 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
913 localhost" \
914 0 \
915 -s "found psk key exchange modes extension" \
916 -s "found pre_shared_key extension" \
917 -S "Found PSK_EPHEMERAL KEX MODE" \
918 -s "Found PSK KEX MODE" \
919 -s "Pre shared key found" \
920 -S "No matched PSK or ticket" \
921 -S "key exchange mode: psk$" \
922 -S "key exchange mode: psk_ephemeral" \
923 -s "key exchange mode: ephemeral"
924
925requires_gnutls_tls1_3
926requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]927requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
928requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
929requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]930run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]931 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]932 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
933 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
934 localhost" \
935 1 \
936 -s "found psk key exchange modes extension" \
937 -s "found pre_shared_key extension" \
938 -S "Found PSK_EPHEMERAL KEX MODE" \
939 -s "Found PSK KEX MODE" \
940 -s "Invalid binder." \
941 -S "key exchange mode: psk$" \
942 -S "key exchange mode: psk_ephemeral" \
943 -S "key exchange mode: ephemeral"
944
945requires_gnutls_tls1_3
946requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]947requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]949run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]950 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]951 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
952 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
953 localhost" \
954 0 \
955 -s "found psk key exchange modes extension" \
956 -s "found pre_shared_key extension" \
957 -s "Found PSK_EPHEMERAL KEX MODE" \
958 -S "Found PSK KEX MODE" \
959 -s "Pre shared key found" \
960 -S "No matched PSK or ticket" \
961 -S "key exchange mode: psk$" \
962 -S "key exchange mode: psk_ephemeral" \
963 -s "key exchange mode: ephemeral"
964
965requires_gnutls_tls1_3
966requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]967requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
968requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]969run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]970 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]971 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
972 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
973 localhost" \
974 0 \
975 -s "found psk key exchange modes extension" \
976 -s "found pre_shared_key extension" \
977 -s "Found PSK_EPHEMERAL KEX MODE" \
978 -s "Found PSK KEX MODE" \
979 -s "Pre shared key found" \
980 -S "No matched PSK or ticket" \
981 -S "key exchange mode: psk$" \
982 -S "key exchange mode: psk_ephemeral" \
983 -s "key exchange mode: ephemeral"
984
985requires_gnutls_tls1_3
986requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]987requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
988requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]989run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]990 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]991 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
992 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
993 localhost" \
994 1 \
995 -s "found psk key exchange modes extension" \
996 -s "found pre_shared_key extension" \
997 -s "Found PSK_EPHEMERAL KEX MODE" \
998 -s "Found PSK KEX MODE" \
999 -s "Invalid binder." \
1000 -S "key exchange mode: psk$" \
1001 -S "key exchange mode: psk_ephemeral" \
1002 -S "key exchange mode: ephemeral"
1003
1004requires_gnutls_tls1_3
1005requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1006requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1007requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1008run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1009 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1010 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1011 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1012 localhost" \
1013 0 \
1014 -s "found psk key exchange modes extension" \
1015 -s "found pre_shared_key extension" \
1016 -S "Found PSK_EPHEMERAL KEX MODE" \
1017 -s "Found PSK KEX MODE" \
1018 -s "Pre shared key found" \
1019 -S "No matched PSK or ticket" \
1020 -S "key exchange mode: psk$" \
1021 -S "key exchange mode: psk_ephemeral" \
1022 -s "key exchange mode: ephemeral"
1023
1024requires_gnutls_tls1_3
1025requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1026requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1027requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1028run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1029 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1030 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1031 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1032 localhost" \
1033 1 \
1034 -s "found psk key exchange modes extension" \
1035 -s "found pre_shared_key extension" \
1036 -S "Found PSK_EPHEMERAL KEX MODE" \
1037 -s "Found PSK KEX MODE" \
1038 -s "Invalid binder." \
1039 -S "key exchange mode: psk$" \
1040 -S "key exchange mode: psk_ephemeral" \
1041 -S "key exchange mode: ephemeral"
1042
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1043requires_gnutls_tls1_3
1044requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1045requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1046run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
1047 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1048 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
1049 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1050 localhost" \
1051 0 \
1052 -s "write selected_group: secp256r1" \
1053 -S "key exchange mode: psk$" \
1054 -s "key exchange mode: psk_ephemeral" \
1055 -S "key exchange mode: ephemeral"
1056
1057requires_gnutls_tls1_3
1058requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1059requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1060run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
1061 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1062 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
1063 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1064 localhost" \
1065 0 \
1066 -s "write selected_group: secp384r1" \
1067 -S "key exchange mode: psk$" \
1068 -s "key exchange mode: psk_ephemeral" \
1069 -S "key exchange mode: ephemeral"
1070
1071requires_gnutls_tls1_3
1072requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1073requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1074run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
1075 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1076 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
1077 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1078 localhost" \
1079 0 \
1080 -s "write selected_group: secp521r1" \
1081 -S "key exchange mode: psk$" \
1082 -s "key exchange mode: psk_ephemeral" \
1083 -S "key exchange mode: ephemeral"
1084
1085requires_gnutls_tls1_3
1086requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1087requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1088run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
1089 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1090 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
1091 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1092 localhost" \
1093 0 \
1094 -s "write selected_group: x25519" \
1095 -S "key exchange mode: psk$" \
1096 -s "key exchange mode: psk_ephemeral" \
1097 -S "key exchange mode: ephemeral"
1098
1099requires_gnutls_tls1_3
1100requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1102run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
1103 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1104 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
1105 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1106 localhost" \
1107 0 \
1108 -s "write selected_group: x448" \
1109 -S "key exchange mode: psk$" \
1110 -s "key exchange mode: psk_ephemeral" \
1111 -S "key exchange mode: ephemeral"
1112
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1113requires_openssl_tls1_3
1114requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1115requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1116run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1117 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1118 "$O_NEXT_CLI -tls1_3 -msg \
1119 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1120 1 \
1121 -s "found psk key exchange modes extension" \
1122 -s "found pre_shared_key extension" \
1123 -s "Found PSK_EPHEMERAL KEX MODE" \
1124 -S "Found PSK KEX MODE" \
1125 -S "key exchange mode: psk$" \
1126 -S "key exchange mode: psk_ephemeral" \
1127 -S "key exchange mode: ephemeral"
1128
1129requires_openssl_tls1_3
1130requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1131requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1132run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1133 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1134 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1135 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1136 0 \
1137 -s "found psk key exchange modes extension" \
1138 -s "found pre_shared_key extension" \
1139 -s "Found PSK_EPHEMERAL KEX MODE" \
1140 -s "Found PSK KEX MODE" \
1141 -s "Pre shared key found" \
1142 -S "No matched PSK or ticket" \
1143 -s "key exchange mode: psk$" \
1144 -S "key exchange mode: psk_ephemeral" \
1145 -S "key exchange mode: ephemeral"
1146
1147requires_openssl_tls1_3
1148requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1149requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1150run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1151 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1152 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1153 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1154 1 \
1155 -s "found psk key exchange modes extension" \
1156 -s "found pre_shared_key extension" \
1157 -s "Found PSK_EPHEMERAL KEX MODE" \
1158 -s "Found PSK KEX MODE" \
1159 -s "No matched PSK or ticket" \
1160 -S "key exchange mode: psk$" \
1161 -S "key exchange mode: psk_ephemeral" \
1162 -S "key exchange mode: ephemeral"
1163
1164requires_openssl_tls1_3
1165requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1167run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1168 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1169 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1170 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1171 1 \
1172 -s "found psk key exchange modes extension" \
1173 -s "found pre_shared_key extension" \
1174 -s "Found PSK_EPHEMERAL KEX MODE" \
1175 -s "Found PSK KEX MODE" \
1176 -s "Invalid binder." \
1177 -S "key exchange mode: psk$" \
1178 -S "key exchange mode: psk_ephemeral" \
1179 -S "key exchange mode: ephemeral"
1180
1181requires_openssl_tls1_3
1182requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1183requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1184run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1185 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1186 "$O_NEXT_CLI -tls1_3 -msg \
1187 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1188 0 \
1189 -s "found psk key exchange modes extension" \
1190 -s "found pre_shared_key extension" \
1191 -s "Found PSK_EPHEMERAL KEX MODE" \
1192 -S "Found PSK KEX MODE" \
1193 -s "Pre shared key found" \
1194 -S "No matched PSK or ticket" \
1195 -S "key exchange mode: psk$" \
1196 -s "key exchange mode: psk_ephemeral" \
1197 -S "key exchange mode: ephemeral"
1198
1199requires_openssl_tls1_3
1200requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1201requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1202run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1203 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1204 "$O_NEXT_CLI -tls1_3 -msg \
1205 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1206 1 \
1207 -s "found psk key exchange modes extension" \
1208 -s "found pre_shared_key extension" \
1209 -s "Found PSK_EPHEMERAL KEX MODE" \
1210 -S "Found PSK KEX MODE" \
1211 -s "No matched PSK or ticket" \
1212 -S "key exchange mode: psk$" \
1213 -S "key exchange mode: psk_ephemeral" \
1214 -S "key exchange mode: ephemeral"
1215
1216requires_openssl_tls1_3
1217requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1218requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1219run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1220 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1221 "$O_NEXT_CLI -tls1_3 -msg \
1222 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1223 1 \
1224 -s "found psk key exchange modes extension" \
1225 -s "found pre_shared_key extension" \
1226 -s "Found PSK_EPHEMERAL KEX MODE" \
1227 -S "Found PSK KEX MODE" \
1228 -s "Invalid binder." \
1229 -S "key exchange mode: psk$" \
1230 -S "key exchange mode: psk_ephemeral" \
1231 -S "key exchange mode: ephemeral"
1232
1233requires_openssl_tls1_3
1234requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1235requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1236run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1237 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1238 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1239 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1240 0 \
1241 -s "found psk key exchange modes extension" \
1242 -s "found pre_shared_key extension" \
1243 -s "Found PSK_EPHEMERAL KEX MODE" \
1244 -s "Found PSK KEX MODE" \
1245 -s "Pre shared key found" \
1246 -S "No matched PSK or ticket" \
1247 -S "key exchange mode: psk$" \
1248 -s "key exchange mode: psk_ephemeral" \
1249 -S "key exchange mode: ephemeral"
1250
1251requires_openssl_tls1_3
1252requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1254run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1255 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1256 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1257 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1258 1 \
1259 -s "found psk key exchange modes extension" \
1260 -s "found pre_shared_key extension" \
1261 -s "Found PSK_EPHEMERAL KEX MODE" \
1262 -s "Found PSK KEX MODE" \
1263 -s "No matched PSK or ticket" \
1264 -S "key exchange mode: psk$" \
1265 -S "key exchange mode: psk_ephemeral" \
1266 -S "key exchange mode: ephemeral"
1267
1268requires_openssl_tls1_3
1269requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1270requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1271run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1272 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1273 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1274 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1275 1 \
1276 -s "found psk key exchange modes extension" \
1277 -s "found pre_shared_key extension" \
1278 -s "Found PSK_EPHEMERAL KEX MODE" \
1279 -s "Found PSK KEX MODE" \
1280 -s "Invalid binder." \
1281 -S "key exchange mode: psk$" \
1282 -S "key exchange mode: psk_ephemeral" \
1283 -S "key exchange mode: ephemeral"
1284
1285requires_openssl_tls1_3
1286requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1287requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1288requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1289run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1290 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1291 "$O_NEXT_CLI -tls1_3 -msg \
1292 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1293 0 \
1294 -s "found psk key exchange modes extension" \
1295 -s "found pre_shared_key extension" \
1296 -s "Found PSK_EPHEMERAL KEX MODE" \
1297 -S "Found PSK KEX MODE" \
1298 -s "Pre shared key found" \
1299 -S "No matched PSK or ticket" \
1300 -S "key exchange mode: psk$" \
1301 -s "key exchange mode: psk_ephemeral" \
1302 -S "key exchange mode: ephemeral"
1303
1304requires_openssl_tls1_3
1305requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1306requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1307requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1308run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1309 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1310 "$O_NEXT_CLI -tls1_3 -msg \
1311 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1312 1 \
1313 -s "found psk key exchange modes extension" \
1314 -s "found pre_shared_key extension" \
1315 -s "Found PSK_EPHEMERAL KEX MODE" \
1316 -S "Found PSK KEX MODE" \
1317 -s "No matched PSK or ticket" \
1318 -S "key exchange mode: psk$" \
1319 -S "key exchange mode: psk_ephemeral" \
1320 -S "key exchange mode: ephemeral"
1321
1322requires_openssl_tls1_3
1323requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1324requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1325requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1326run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1327 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1328 "$O_NEXT_CLI -tls1_3 -msg \
1329 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1330 1 \
1331 -s "found psk key exchange modes extension" \
1332 -s "found pre_shared_key extension" \
1333 -s "Found PSK_EPHEMERAL KEX MODE" \
1334 -S "Found PSK KEX MODE" \
1335 -s "Invalid binder." \
1336 -S "key exchange mode: psk$" \
1337 -S "key exchange mode: psk_ephemeral" \
1338 -S "key exchange mode: ephemeral"
1339
1340requires_openssl_tls1_3
1341requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1343requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1344run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1345 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1346 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1347 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1348 0 \
1349 -s "found psk key exchange modes extension" \
1350 -s "found pre_shared_key extension" \
1351 -s "Found PSK_EPHEMERAL KEX MODE" \
1352 -s "Found PSK KEX MODE" \
1353 -s "Pre shared key found" \
1354 -S "No matched PSK or ticket" \
1355 -S "key exchange mode: psk$" \
1356 -s "key exchange mode: psk_ephemeral" \
1357 -S "key exchange mode: ephemeral"
1358
1359requires_openssl_tls1_3
1360requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1361requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1362requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1363run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1364 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1365 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1366 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1367 1 \
1368 -s "found psk key exchange modes extension" \
1369 -s "found pre_shared_key extension" \
1370 -s "Found PSK_EPHEMERAL KEX MODE" \
1371 -s "Found PSK KEX MODE" \
1372 -s "No matched PSK or ticket" \
1373 -S "key exchange mode: psk$" \
1374 -S "key exchange mode: psk_ephemeral" \
1375 -S "key exchange mode: ephemeral"
1376
1377requires_openssl_tls1_3
1378requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1381run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1382 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1383 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1384 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1385 1 \
1386 -s "found psk key exchange modes extension" \
1387 -s "found pre_shared_key extension" \
1388 -s "Found PSK_EPHEMERAL KEX MODE" \
1389 -s "Found PSK KEX MODE" \
1390 -s "Invalid binder." \
1391 -S "key exchange mode: psk$" \
1392 -S "key exchange mode: psk_ephemeral" \
1393 -S "key exchange mode: ephemeral"
1394
1395requires_openssl_tls1_3
1396requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1397requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1398requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1399run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1400 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1401 "$O_NEXT_CLI -tls1_3 -msg \
1402 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1403 0 \
1404 -s "found psk key exchange modes extension" \
1405 -s "found pre_shared_key extension" \
1406 -s "Found PSK_EPHEMERAL KEX MODE" \
1407 -S "Found PSK KEX MODE" \
1408 -s "Pre shared key found" \
1409 -S "No matched PSK or ticket" \
1410 -S "key exchange mode: psk$" \
1411 -s "key exchange mode: psk_ephemeral" \
1412 -S "key exchange mode: ephemeral"
1413
1414requires_openssl_tls1_3
1415requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1416requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1417requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1418run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1419 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1420 "$O_NEXT_CLI -tls1_3 -msg \
1421 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1422 0 \
1423 -s "found psk key exchange modes extension" \
1424 -s "found pre_shared_key extension" \
1425 -s "Found PSK_EPHEMERAL KEX MODE" \
1426 -S "Found PSK KEX MODE" \
1427 -s "No matched PSK or ticket" \
1428 -S "key exchange mode: psk$" \
1429 -S "key exchange mode: psk_ephemeral" \
1430 -s "key exchange mode: ephemeral"
1431
1432requires_openssl_tls1_3
1433requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1434requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1435requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1436run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1437 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1438 "$O_NEXT_CLI -tls1_3 -msg \
1439 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1440 1 \
1441 -s "found psk key exchange modes extension" \
1442 -s "found pre_shared_key extension" \
1443 -s "Found PSK_EPHEMERAL KEX MODE" \
1444 -S "Found PSK KEX MODE" \
1445 -s "Invalid binder." \
1446 -S "key exchange mode: psk$" \
1447 -S "key exchange mode: psk_ephemeral" \
1448 -S "key exchange mode: ephemeral"
1449
1450requires_openssl_tls1_3
1451requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1452requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1453requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1454run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1455 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1456 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1457 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1458 0 \
1459 -s "found psk key exchange modes extension" \
1460 -s "found pre_shared_key extension" \
1461 -s "Found PSK_EPHEMERAL KEX MODE" \
1462 -s "Found PSK KEX MODE" \
1463 -s "Pre shared key found" \
1464 -S "No matched PSK or ticket" \
1465 -S "key exchange mode: psk$" \
1466 -s "key exchange mode: psk_ephemeral" \
1467 -S "key exchange mode: ephemeral"
1468
1469requires_openssl_tls1_3
1470requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1471requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1472requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1473run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1474 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1475 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1476 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1477 0 \
1478 -s "found psk key exchange modes extension" \
1479 -s "found pre_shared_key extension" \
1480 -s "Found PSK_EPHEMERAL KEX MODE" \
1481 -s "Found PSK KEX MODE" \
1482 -s "No matched PSK or ticket" \
1483 -S "key exchange mode: psk$" \
1484 -S "key exchange mode: psk_ephemeral" \
1485 -s "key exchange mode: ephemeral"
1486
1487requires_openssl_tls1_3
1488requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1489requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1490requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1491run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1492 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1493 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1494 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1495 1 \
1496 -s "found psk key exchange modes extension" \
1497 -s "found pre_shared_key extension" \
1498 -s "Found PSK_EPHEMERAL KEX MODE" \
1499 -s "Found PSK KEX MODE" \
1500 -s "Invalid binder." \
1501 -S "key exchange mode: psk$" \
1502 -S "key exchange mode: psk_ephemeral" \
1503 -S "key exchange mode: ephemeral"
1504
1505requires_openssl_tls1_3
1506requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1507requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1508requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1509requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1510run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1511 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1512 "$O_NEXT_CLI -tls1_3 -msg \
1513 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1514 0 \
1515 -s "found psk key exchange modes extension" \
1516 -s "found pre_shared_key extension" \
1517 -s "Found PSK_EPHEMERAL KEX MODE" \
1518 -S "Found PSK KEX MODE" \
1519 -s "Pre shared key found" \
1520 -S "No matched PSK or ticket" \
1521 -S "key exchange mode: psk$" \
1522 -s "key exchange mode: psk_ephemeral" \
1523 -S "key exchange mode: ephemeral"
1524
1525requires_openssl_tls1_3
1526requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1527requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1528requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1529requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1530run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1531 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1532 "$O_NEXT_CLI -tls1_3 -msg \
1533 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1534 0 \
1535 -s "found psk key exchange modes extension" \
1536 -s "found pre_shared_key extension" \
1537 -s "Found PSK_EPHEMERAL KEX MODE" \
1538 -S "Found PSK KEX MODE" \
1539 -s "No matched PSK or ticket" \
1540 -S "key exchange mode: psk$" \
1541 -S "key exchange mode: psk_ephemeral" \
1542 -s "key exchange mode: ephemeral"
1543
1544requires_openssl_tls1_3
1545requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1546requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1547requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1548requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1549run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1550 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1551 "$O_NEXT_CLI -tls1_3 -msg \
1552 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1553 1 \
1554 -s "found psk key exchange modes extension" \
1555 -s "found pre_shared_key extension" \
1556 -s "Found PSK_EPHEMERAL KEX MODE" \
1557 -S "Found PSK KEX MODE" \
1558 -s "Invalid binder." \
1559 -S "key exchange mode: psk$" \
1560 -S "key exchange mode: psk_ephemeral" \
1561 -S "key exchange mode: ephemeral"
1562
1563requires_openssl_tls1_3
1564requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1565requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1566requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1567requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1568run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1569 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1570 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1571 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1572 0 \
1573 -s "found psk key exchange modes extension" \
1574 -s "found pre_shared_key extension" \
1575 -s "Found PSK_EPHEMERAL KEX MODE" \
1576 -s "Found PSK KEX MODE" \
1577 -s "Pre shared key found" \
1578 -S "No matched PSK or ticket" \
1579 -S "key exchange mode: psk$" \
1580 -s "key exchange mode: psk_ephemeral" \
1581 -S "key exchange mode: ephemeral"
1582
1583requires_openssl_tls1_3
1584requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1585requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1586requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1587requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1588run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1589 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1590 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1591 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1592 0 \
1593 -s "found psk key exchange modes extension" \
1594 -s "found pre_shared_key extension" \
1595 -s "Found PSK_EPHEMERAL KEX MODE" \
1596 -s "Found PSK KEX MODE" \
1597 -s "No matched PSK or ticket" \
1598 -S "key exchange mode: psk$" \
1599 -S "key exchange mode: psk_ephemeral" \
1600 -s "key exchange mode: ephemeral"
1601
1602requires_openssl_tls1_3
1603requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1606requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1607run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1608 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1609 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1610 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1611 1 \
1612 -s "found psk key exchange modes extension" \
1613 -s "found pre_shared_key extension" \
1614 -s "Found PSK_EPHEMERAL KEX MODE" \
1615 -s "Found PSK KEX MODE" \
1616 -s "Invalid binder." \
1617 -S "key exchange mode: psk$" \
1618 -S "key exchange mode: psk_ephemeral" \
1619 -S "key exchange mode: ephemeral"
1620
1621requires_openssl_tls1_3
1622requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1624requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1625run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1626 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1627 "$O_NEXT_CLI -tls1_3 -msg \
1628 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1629 0 \
1630 -s "found psk key exchange modes extension" \
1631 -s "found pre_shared_key extension" \
1632 -s "Found PSK_EPHEMERAL KEX MODE" \
1633 -S "Found PSK KEX MODE" \
1634 -s "Pre shared key found" \
1635 -S "No matched PSK or ticket" \
1636 -S "key exchange mode: psk$" \
1637 -S "key exchange mode: psk_ephemeral" \
1638 -s "key exchange mode: ephemeral"
1639
1640requires_openssl_tls1_3
1641requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1642requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1644run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1645 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1646 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1647 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1648 0 \
1649 -s "found psk key exchange modes extension" \
1650 -s "found pre_shared_key extension" \
1651 -s "Found PSK_EPHEMERAL KEX MODE" \
1652 -s "Found PSK KEX MODE" \
1653 -s "Pre shared key found" \
1654 -S "No matched PSK or ticket" \
1655 -S "key exchange mode: psk$" \
1656 -S "key exchange mode: psk_ephemeral" \
1657 -s "key exchange mode: ephemeral"
1658
1659requires_openssl_tls1_3
1660requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1661requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1662requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1663run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1664 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1665 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1666 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1667 1 \
1668 -s "found psk key exchange modes extension" \
1669 -s "found pre_shared_key extension" \
1670 -s "Found PSK_EPHEMERAL KEX MODE" \
1671 -s "Found PSK KEX MODE" \
1672 -s "Invalid binder." \
1673 -S "key exchange mode: psk$" \
1674 -S "key exchange mode: psk_ephemeral" \
1675 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1676
1677requires_openssl_tls1_3
1678requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1679requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1680run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1681 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1682 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1683 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1684 0 \
1685 -s "write selected_group: secp256r1" \
1686 -S "key exchange mode: psk$" \
1687 -s "key exchange mode: psk_ephemeral" \
1688 -S "key exchange mode: ephemeral"
1689
1690requires_openssl_tls1_3
1691requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1692requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1693run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1694 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1695 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1696 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1697 0 \
1698 -s "write selected_group: secp384r1" \
1699 -S "key exchange mode: psk$" \
1700 -s "key exchange mode: psk_ephemeral" \
1701 -S "key exchange mode: ephemeral"
1702
1703requires_openssl_tls1_3
1704requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1706run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1707 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1708 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1709 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1710 0 \
1711 -s "write selected_group: secp521r1" \
1712 -S "key exchange mode: psk$" \
1713 -s "key exchange mode: psk_ephemeral" \
1714 -S "key exchange mode: ephemeral"
1715
1716requires_openssl_tls1_3
1717requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1718requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1719run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1720 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1721 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1722 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1723 0 \
1724 -s "write selected_group: x25519" \
1725 -S "key exchange mode: psk$" \
1726 -s "key exchange mode: psk_ephemeral" \
1727 -S "key exchange mode: ephemeral"
1728
1729requires_openssl_tls1_3
1730requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1731requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1732run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1733 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1734 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1735 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1736 0 \
1737 -s "write selected_group: x448" \
1738 -S "key exchange mode: psk$" \
1739 -s "key exchange mode: psk_ephemeral" \
1740 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1741
1742requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1743requires_openssl_tls1_3
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1744requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1745run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1746 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1747 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1748 0 \
1749 -s "write selected_group: secp384r1" \
1750 -s "HRR selected_group: secp384r1" \
1751 -S "key exchange mode: psk$" \
1752 -s "key exchange mode: psk_ephemeral" \
1753 -S "key exchange mode: ephemeral"
1754
1755requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1756requires_gnutls_tls1_3
1757requires_gnutls_next_no_ticket
1758requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1759requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1760run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1761 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1762 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1763 0 \
1764 -s "write selected_group: secp384r1" \
1765 -s "HRR selected_group: secp384r1" \
1766 -S "key exchange mode: psk$" \
1767 -s "key exchange mode: psk_ephemeral" \
1768 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1769
1770
1771# Add psk test cases for mbedtls client code
1772
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1773# MbedTls->MbedTLS kinds of tls13_kex_modes
1774# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1775requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1776requires_config_enabled MBEDTLS_SSL_SRV_C
1777requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1778requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1779run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1780 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1781 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1782 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1783 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1784 -c "client hello, adding psk_key_exchange_modes extension" \
1785 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1786 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1787 -c "HTTP/1.0 200 OK"
1788
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1789requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1790requires_config_enabled MBEDTLS_SSL_SRV_C
1791requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1792requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1793run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1794 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1795 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1796 1 \
1797 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1798 -c "client hello, adding psk_key_exchange_modes extension" \
1799 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1800 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1801
1802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1803requires_config_enabled MBEDTLS_SSL_SRV_C
1804requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1806run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1807 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1808 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1809 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1810 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1811 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1812 -c "client hello, adding PSK binder list" \
1813 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1814
1815requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1816requires_config_enabled MBEDTLS_SSL_SRV_C
1817requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1818requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1819requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1820run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1821 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1822 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1823 1 \
1824 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1825 -c "client hello, adding psk_key_exchange_modes extension" \
1826 -c "client hello, adding PSK binder list" \
1827 -s "ClientHello message misses mandatory extensions."
1828
1829requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1830requires_config_enabled MBEDTLS_SSL_SRV_C
1831requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1832requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1833requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1834run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1835 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1836 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1837 1 \
1838 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1839 -c "client hello, adding psk_key_exchange_modes extension" \
1840 -c "client hello, adding PSK binder list" \
1841 -s "ClientHello message misses mandatory extensions."
1842
1843requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1844requires_config_enabled MBEDTLS_SSL_SRV_C
1845requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1846requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1847requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1848requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1849run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1850 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1851 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1852 1 \
1853 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1854 -c "client hello, adding psk_key_exchange_modes extension" \
1855 -c "client hello, adding PSK binder list" \
1856 -s "ClientHello message misses mandatory extensions."
1857
1858requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1859requires_config_enabled MBEDTLS_SSL_SRV_C
1860requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1861requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1862requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1863run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1864 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1865 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1866 0 \
1867 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1868 -c "client hello, adding psk_key_exchange_modes extension" \
1869 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1870 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1871 -c "HTTP/1.0 200 OK"
1872
1873requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1874requires_config_enabled MBEDTLS_SSL_SRV_C
1875requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1876requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1877requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1878run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1879 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1880 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1881 1 \
1882 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1883 -c "client hello, adding psk_key_exchange_modes extension" \
1884 -c "client hello, adding PSK binder list" \
1885 -s "No matched PSK or ticket" \
1886 -s "ClientHello message misses mandatory extensions."
1887
1888requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1889requires_config_enabled MBEDTLS_SSL_SRV_C
1890requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1891requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1892requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1893run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1894 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1895 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1896 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1897 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1898 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1899 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1900 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1901
1902requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1903requires_config_enabled MBEDTLS_SSL_SRV_C
1904requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1905requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1906requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1907requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1908run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1909 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1910 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1911 0 \
1912 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1913 -c "client hello, adding psk_key_exchange_modes extension" \
1914 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1915 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1916 -c "HTTP/1.0 200 OK"
1917
1918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1919requires_config_enabled MBEDTLS_SSL_SRV_C
1920requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1921requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1922requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1923requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1924run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1925 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1926 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1927 1 \
1928 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1929 -c "client hello, adding psk_key_exchange_modes extension" \
1930 -c "client hello, adding PSK binder list" \
1931 -s "No matched PSK or ticket" \
1932 -s "ClientHello message misses mandatory extensions."
1933
1934requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1935requires_config_enabled MBEDTLS_SSL_SRV_C
1936requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1937requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1938requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1939requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1940run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1941 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1942 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1943 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1944 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1945 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1946 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1947 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1948
1949# psk_ephemeral mode in client
1950requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1951requires_config_enabled MBEDTLS_SSL_SRV_C
1952requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1953requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1954requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1955run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1956 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1957 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1958 1 \
1959 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1960 -c "client hello, adding psk_key_exchange_modes extension" \
1961 -c "client hello, adding PSK binder list" \
1962 -s "ClientHello message misses mandatory extensions."
1963
1964requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1965requires_config_enabled MBEDTLS_SSL_SRV_C
1966requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1967requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1968run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1969 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1970 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1971 0 \
1972 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1973 -c "client hello, adding psk_key_exchange_modes extension" \
1974 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1975 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1976 -c "HTTP/1.0 200 OK"
1977
1978requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1979requires_config_enabled MBEDTLS_SSL_SRV_C
1980requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1981requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1982run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1983 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1984 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1985 1 \
1986 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1987 -c "client hello, adding psk_key_exchange_modes extension" \
1988 -c "client hello, adding PSK binder list" \
1989 -s "No matched PSK or ticket" \
1990 -s "ClientHello message misses mandatory extensions."
1991
1992requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1993requires_config_enabled MBEDTLS_SSL_SRV_C
1994requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1995requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1996run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1997 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1998 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1999 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2000 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2001 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2002 -c "client hello, adding PSK binder list" \
2003 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2004
2005requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2006requires_config_enabled MBEDTLS_SSL_SRV_C
2007requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2008requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2009requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2010requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2011run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2012 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2013 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2014 1 \
2015 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2016 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2017 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2018
2019requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2020requires_config_enabled MBEDTLS_SSL_SRV_C
2021requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2022requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2023requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2024run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2025 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2026 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2027 0 \
2028 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2029 -c "client hello, adding psk_key_exchange_modes extension" \
2030 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2031 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2032 -c "HTTP/1.0 200 OK"
2033
2034requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2035requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2036requires_config_enabled MBEDTLS_SSL_SRV_C
2037requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2038requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2039requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2040run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2041 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2042 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2043 1 \
2044 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2045 -c "client hello, adding psk_key_exchange_modes extension" \
2046 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2047 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2048
2049requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2050requires_config_enabled MBEDTLS_SSL_SRV_C
2051requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2052requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2053requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2054run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2055 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2056 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2057 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2058 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2059 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2060 -c "client hello, adding PSK binder list" \
2061 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2062
2063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2064requires_config_enabled MBEDTLS_SSL_SRV_C
2065requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2066requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2067requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2068run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2069 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2070 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2071 0 \
2072 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2073 -c "client hello, adding psk_key_exchange_modes extension" \
2074 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2075 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2076 -c "HTTP/1.0 200 OK"
2077
2078requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2079requires_config_enabled MBEDTLS_SSL_SRV_C
2080requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2081requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2082requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2083run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2084 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2085 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2086 1 \
2087 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2088 -c "client hello, adding psk_key_exchange_modes extension" \
2089 -c "client hello, adding PSK binder list" \
2090 -s "No matched PSK or ticket" \
2091 -s "ClientHello message misses mandatory extensions."
2092
2093requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2094requires_config_enabled MBEDTLS_SSL_SRV_C
2095requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2096requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2097requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2098run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2099 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2100 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2101 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2102 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2103 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2104 -c "client hello, adding PSK binder list" \
2105 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2106
2107requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2108requires_config_enabled MBEDTLS_SSL_SRV_C
2109requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2110requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2111requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2112requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2113run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2114 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2115 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2116 0 \
2117 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2118 -c "client hello, adding psk_key_exchange_modes extension" \
2119 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2120 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2121 -c "HTTP/1.0 200 OK"
2122
2123requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2124requires_config_enabled MBEDTLS_SSL_SRV_C
2125requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2126requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2127requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2128requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2129run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2130 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2131 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2132 1 \
2133 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2134 -c "client hello, adding psk_key_exchange_modes extension" \
2135 -c "client hello, adding PSK binder list" \
2136 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2137
2138requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2139requires_config_enabled MBEDTLS_SSL_SRV_C
2140requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2141requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2142requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2144run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2145 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2146 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2147 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2148 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2149 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2150 -c "client hello, adding PSK binder list" \
2151 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2152
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2153# ephemeral mode in client
2154requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2155requires_config_enabled MBEDTLS_SSL_SRV_C
2156requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2157requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2158requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2159run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2160 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2161 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2162 1 \
2163 -s "ClientHello message misses mandatory extensions."
2164
2165requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2166requires_config_enabled MBEDTLS_SSL_SRV_C
2167requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2169requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2170run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2171 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2172 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2173 1 \
2174 -s "ClientHello message misses mandatory extensions."
2175
2176requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2177requires_config_enabled MBEDTLS_SSL_SRV_C
2178requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2180run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2181 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2182 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2183 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2184 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2185 -c "HTTP/1.0 200 OK"
2186
2187requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2188requires_config_enabled MBEDTLS_SSL_SRV_C
2189requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2190requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2191requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2192run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2193 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2194 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2195 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2196 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2197 -c "HTTP/1.0 200 OK"
2198
2199requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2200requires_config_enabled MBEDTLS_SSL_SRV_C
2201requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2202requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2203requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2204requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2205run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2206 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2207 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2208 1 \
2209 -s "ClientHello message misses mandatory extensions."
2210
2211requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2212requires_config_enabled MBEDTLS_SSL_SRV_C
2213requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2214requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2215requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2217run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2218 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2219 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2220 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2221 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2222 -c "HTTP/1.0 200 OK"
2223
2224# ephemeral_all mode in client
2225requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2226requires_config_enabled MBEDTLS_SSL_SRV_C
2227requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2228requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2229requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2230requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2231run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2232 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2233 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2234 1 \
2235 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2236 -c "client hello, adding psk_key_exchange_modes extension" \
2237 -c "client hello, adding PSK binder list" \
2238 -s "ClientHello message misses mandatory extensions."
2239
2240requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2241requires_config_enabled MBEDTLS_SSL_SRV_C
2242requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2243requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2244requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2245run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2246 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2247 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2248 0 \
2249 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2250 -c "client hello, adding psk_key_exchange_modes extension" \
2251 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2252 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2253 -c "HTTP/1.0 200 OK"
2254
2255requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2256requires_config_enabled MBEDTLS_SSL_SRV_C
2257requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2258requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2259requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2260run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2261 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2262 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2263 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2264 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2265 -c "client hello, adding psk_key_exchange_modes extension" \
2266 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2267 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2268
2269requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2270requires_config_enabled MBEDTLS_SSL_SRV_C
2271requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2273requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2274run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2275 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2276 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2277 1 \
2278 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2279 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2280 -c "client hello, adding PSK binder list" \
2281 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2282
2283requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2284requires_config_enabled MBEDTLS_SSL_SRV_C
2285requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2286requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2287requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2288run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2289 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2290 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2291 0 \
2292 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2293 -c "client hello, adding psk_key_exchange_modes extension" \
2294 -c "client hello, adding PSK binder list" \
2295 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2296 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2297 -c "HTTP/1.0 200 OK"
2298
2299requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2300requires_config_enabled MBEDTLS_SSL_SRV_C
2301requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2302requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2303requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2304run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2305 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2306 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2307 0 \
2308 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2309 -c "client hello, adding psk_key_exchange_modes extension" \
2310 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2311 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2312 -c "HTTP/1.0 200 OK"
2313
2314requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2315requires_config_enabled MBEDTLS_SSL_SRV_C
2316requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2317requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2318requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2319run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2320 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2321 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2322 0 \
2323 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2324 -c "client hello, adding psk_key_exchange_modes extension" \
2325 -c "client hello, adding PSK binder list" \
2326 -s "No matched PSK or ticket" \
2327 -s "key exchange mode: ephemeral"
2328
2329requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2330requires_config_enabled MBEDTLS_SSL_SRV_C
2331requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2332requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2333requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2334run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2335 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2336 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2337 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2338 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2339 -c "client hello, adding psk_key_exchange_modes extension" \
2340 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2341 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2342
2343requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2344requires_config_enabled MBEDTLS_SSL_SRV_C
2345requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2346requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2349run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2350 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2351 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2352 0 \
2353 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2354 -c "client hello, adding psk_key_exchange_modes extension" \
2355 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2356 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2357 -c "HTTP/1.0 200 OK"
2358
2359requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2360requires_config_enabled MBEDTLS_SSL_SRV_C
2361requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2362requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2363requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2364requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2365run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2366 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2367 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2368 1 \
2369 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2370 -c "client hello, adding psk_key_exchange_modes extension" \
2371 -c "client hello, adding PSK binder list" \
2372 -s "No matched PSK or ticket" \
2373 -s "ClientHello message misses mandatory extensions."
2374
2375requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2376requires_config_enabled MBEDTLS_SSL_SRV_C
2377requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2378requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2381run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2382 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2383 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2384 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2385 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2386 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2387 -c "client hello, adding PSK binder list" \
2388 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2389
2390requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2391requires_config_enabled MBEDTLS_SSL_SRV_C
2392requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2393requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2394requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2395requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2396run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2397 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2398 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2399 0 \
2400 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2401 -c "client hello, adding psk_key_exchange_modes extension" \
2402 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2403 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2404 -c "HTTP/1.0 200 OK"
2405
2406requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2407requires_config_enabled MBEDTLS_SSL_SRV_C
2408requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2409requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2410requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2411requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2412run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2413 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2414 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2415 0 \
2416 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2417 -c "client hello, adding psk_key_exchange_modes extension" \
2418 -c "client hello, adding PSK binder list" \
2419 -s "No matched PSK or ticket" \
2420 -s "key exchange mode: ephemeral"
2421
2422requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2423requires_config_enabled MBEDTLS_SSL_SRV_C
2424requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2427requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2428run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2429 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2430 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2431 1 \
2432 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2433 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2434 -c "client hello, adding PSK binder list" \
2435 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2436
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437# psk_all mode in client
2438requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2439requires_config_enabled MBEDTLS_SSL_SRV_C
2440requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2441requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2442requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2443run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2444 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2445 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2446 0 \
2447 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2448 -c "client hello, adding psk_key_exchange_modes extension" \
2449 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2450 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2451 -c "HTTP/1.0 200 OK"
2452
2453requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2454requires_config_enabled MBEDTLS_SSL_SRV_C
2455requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2456requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2457requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2458run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2459 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2460 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2461 1 \
2462 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2463 -c "client hello, adding psk_key_exchange_modes extension" \
2464 -c "client hello, adding PSK binder list" \
2465 -s "ClientHello message misses mandatory extensions."
2466
2467requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2468requires_config_enabled MBEDTLS_SSL_SRV_C
2469requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2470requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2471requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2472run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2473 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2474 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2475 1 \
2476 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2477 -c "client hello, adding psk_key_exchange_modes extension" \
2478 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2479 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2480
2481requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2482requires_config_enabled MBEDTLS_SSL_SRV_C
2483requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2485requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2486run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2487 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2488 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489 0 \
2490 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2491 -c "client hello, adding psk_key_exchange_modes extension" \
2492 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2493 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2494 -c "HTTP/1.0 200 OK"
2495
2496requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2497requires_config_enabled MBEDTLS_SSL_SRV_C
2498requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2499requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2500requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2501run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2502 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2503 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2504 1 \
2505 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2506 -c "client hello, adding psk_key_exchange_modes extension" \
2507 -c "client hello, adding PSK binder list" \
2508 -s "No matched PSK or ticket" \
2509 -s "ClientHello message misses mandatory extensions."
2510
2511requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2512requires_config_enabled MBEDTLS_SSL_SRV_C
2513requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2514requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2516run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2517 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2518 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2519 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2520 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2521 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2522 -c "client hello, adding PSK binder list" \
2523 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2524
2525requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2526requires_config_enabled MBEDTLS_SSL_SRV_C
2527requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2528requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2529requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2530requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2531run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2532 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2533 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2534 1 \
2535 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2536 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2537 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2538
2539requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2540requires_config_enabled MBEDTLS_SSL_SRV_C
2541requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2543requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2544requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2545run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2546 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2547 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2548 0 \
2549 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2550 -c "client hello, adding psk_key_exchange_modes extension" \
2551 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2552 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2553 -c "HTTP/1.0 200 OK"
2554
2555requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2556requires_config_enabled MBEDTLS_SSL_SRV_C
2557requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2558requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2559requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2560requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2561run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2562 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2563 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2564 1 \
2565 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2566 -c "client hello, adding psk_key_exchange_modes extension" \
2567 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2568 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2569
2570requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2571requires_config_enabled MBEDTLS_SSL_SRV_C
2572requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2576run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2577 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2578 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2579 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2580 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2581 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2582 -c "client hello, adding PSK binder list" \
2583 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2584
2585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2586requires_config_enabled MBEDTLS_SSL_SRV_C
2587requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2588requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2589requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2590run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2591 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2592 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2593 0 \
2594 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2595 -c "client hello, adding psk_key_exchange_modes extension" \
2596 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2597 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2598 -c "HTTP/1.0 200 OK"
2599
2600requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2601requires_config_enabled MBEDTLS_SSL_SRV_C
2602requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2605run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2606 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2607 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2608 1 \
2609 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2610 -c "client hello, adding psk_key_exchange_modes extension" \
2611 -c "client hello, adding PSK binder list" \
2612 -s "No matched PSK or ticket" \
2613 -s "ClientHello message misses mandatory extensions."
2614
2615requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2616requires_config_enabled MBEDTLS_SSL_SRV_C
2617requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2618requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2619requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2620run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2621 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2622 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2623 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2624 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2625 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2626 -c "client hello, adding PSK binder list" \
2627 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2628
2629requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2630requires_config_enabled MBEDTLS_SSL_SRV_C
2631requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2632requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2633requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2635run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2636 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2637 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2638 0 \
2639 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2640 -c "client hello, adding psk_key_exchange_modes extension" \
2641 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2642 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2643 -c "HTTP/1.0 200 OK"
2644
2645requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2646requires_config_enabled MBEDTLS_SSL_SRV_C
2647requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2648requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2649requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2650requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2651run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2652 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2653 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2654 1 \
2655 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2656 -c "client hello, adding psk_key_exchange_modes extension" \
2657 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2658 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2659
2660requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2661requires_config_enabled MBEDTLS_SSL_SRV_C
2662requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2663requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2666run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2667 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2668 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2669 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2670 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2671 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2672 -c "client hello, adding PSK binder list" \
2673 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2674
2675# all mode in client
2676requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2677requires_config_enabled MBEDTLS_SSL_SRV_C
2678requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2679requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2680requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2681requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2682run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2683 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2684 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2685 0 \
2686 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2687 -c "client hello, adding psk_key_exchange_modes extension" \
2688 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2689 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2690 -c "HTTP/1.0 200 OK"
2691
2692requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2693requires_config_enabled MBEDTLS_SSL_SRV_C
2694requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2695requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2698run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2699 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2700 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2701 1 \
2702 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2703 -c "client hello, adding psk_key_exchange_modes extension" \
2704 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2705 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2706 -s "ClientHello message misses mandatory extensions."
2707
2708requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2709requires_config_enabled MBEDTLS_SSL_SRV_C
2710requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2711requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2712requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2713requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2714run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2715 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2716 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2717 1 \
2718 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2719 -c "client hello, adding psk_key_exchange_modes extension" \
2720 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2721 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2722
2723requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2724requires_config_enabled MBEDTLS_SSL_SRV_C
2725requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2726requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2727requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2728requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2729run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2730 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2731 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2732 0 \
2733 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2734 -c "client hello, adding psk_key_exchange_modes extension" \
2735 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2736 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2737 -c "HTTP/1.0 200 OK"
2738
2739requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2740requires_config_enabled MBEDTLS_SSL_SRV_C
2741requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2742requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2743requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2744requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2745run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2746 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2747 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2748 1 \
2749 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2750 -c "client hello, adding psk_key_exchange_modes extension" \
2751 -c "client hello, adding PSK binder list" \
2752 -s "No matched PSK or ticket" \
2753 -s "ClientHello message misses mandatory extensions."
2754
2755requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2756requires_config_enabled MBEDTLS_SSL_SRV_C
2757requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2758requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2759requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2760requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2761run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2762 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2763 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2764 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2765 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2766 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2767 -c "client hello, adding PSK binder list" \
2768 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2769
2770requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2771requires_config_enabled MBEDTLS_SSL_SRV_C
2772requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2773requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2774requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2775requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2776run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2777 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2778 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2779 0 \
2780 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2781 -c "client hello, adding psk_key_exchange_modes extension" \
2782 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2783 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2784 -c "HTTP/1.0 200 OK"
2785
2786requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2787requires_config_enabled MBEDTLS_SSL_SRV_C
2788requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2789requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2790requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2791requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2792run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2793 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2794 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2795 0 \
2796 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2797 -c "client hello, adding psk_key_exchange_modes extension" \
2798 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2799 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2800 -c "HTTP/1.0 200 OK"
2801
2802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2803requires_config_enabled MBEDTLS_SSL_SRV_C
2804requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2807requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2808run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2809 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2810 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2811 0 \
2812 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2813 -c "client hello, adding psk_key_exchange_modes extension" \
2814 -c "client hello, adding PSK binder list" \
2815 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2816 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2817 -c "HTTP/1.0 200 OK"
2818
2819requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2820requires_config_enabled MBEDTLS_SSL_SRV_C
2821requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2823requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2824requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2825run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2826 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2827 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2828 1 \
2829 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2830 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2831 -c "client hello, adding PSK binder list" \
2832 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2833
2834requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2835requires_config_enabled MBEDTLS_SSL_SRV_C
2836requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2837requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2838requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2839requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2840run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2841 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2842 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2843 0 \
2844 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2845 -c "client hello, adding psk_key_exchange_modes extension" \
2846 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2847 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2848 -c "HTTP/1.0 200 OK"
2849
2850requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2851requires_config_enabled MBEDTLS_SSL_SRV_C
2852requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2853requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2854requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2855requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2856run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2857 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2858 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2859 1 \
2860 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2861 -c "client hello, adding psk_key_exchange_modes extension" \
2862 -c "client hello, adding PSK binder list" \
2863 -s "No matched PSK or ticket" \
2864 -s "ClientHello message misses mandatory extensions."
2865
2866requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2867requires_config_enabled MBEDTLS_SSL_SRV_C
2868requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2869requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2870requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2871requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2872run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2873 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2874 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2875 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2876 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2877 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2878 -c "client hello, adding PSK binder list" \
2879 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2880
2881requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2882requires_config_enabled MBEDTLS_SSL_SRV_C
2883requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2884requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2885requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2886requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2887run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2888 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2889 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2890 0 \
2891 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2892 -c "client hello, adding psk_key_exchange_modes extension" \
2893 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2894 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2895 -c "HTTP/1.0 200 OK"
2896
2897requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2898requires_config_enabled MBEDTLS_SSL_SRV_C
2899requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2900requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2901requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2902requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2903run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2904 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2905 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2906 0 \
2907 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2908 -c "client hello, adding psk_key_exchange_modes extension" \
2909 -c "client hello, adding PSK binder list" \
2910 -s "No matched PSK or ticket" \
2911 -s "key exchange mode: ephemeral"
2912
2913requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2914requires_config_enabled MBEDTLS_SSL_SRV_C
2915requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2916requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2917requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2918requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2919run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2920 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2921 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2922 1 \
2923 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2924 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2925 -c "client hello, adding PSK binder list" \
2926 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2927
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2928#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2929requires_openssl_tls1_3
2930requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2931requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2932requires_config_enabled MBEDTLS_DEBUG_C
2933requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2934requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2935run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2936 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2937 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2938 0 \
2939 -c "=> write client hello" \
2940 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2941 -c "client hello, adding psk_key_exchange_modes extension" \
2942 -c "client hello, adding PSK binder list" \
2943 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2944 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2945 -c "HTTP/1.0 200 ok"
2946
2947requires_openssl_tls1_3
2948requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2949requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2950requires_config_enabled MBEDTLS_DEBUG_C
2951requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2952requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2953run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2954 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2955 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2956 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2957 -c "=> write client hello" \
2958 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2959 -c "client hello, adding psk_key_exchange_modes extension" \
2960 -c "client hello, adding PSK binder list" \
2961 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2962 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2963
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2964#OPENSSL-SERVER psk_all mode
2965requires_openssl_tls1_3
2966requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2967requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2968requires_config_enabled MBEDTLS_DEBUG_C
2969requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2970requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2971requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2972run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2973 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2974 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2975 0 \
2976 -c "=> write client hello" \
2977 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2978 -c "client hello, adding psk_key_exchange_modes extension" \
2979 -c "client hello, adding PSK binder list" \
2980 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2981 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2982 -c "HTTP/1.0 200 ok"
2983
2984requires_openssl_tls1_3
2985requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2986requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2987requires_config_enabled MBEDTLS_DEBUG_C
2988requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2989requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2991run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2992 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2993 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2994 0 \
2995 -c "=> write client hello" \
2996 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2997 -c "client hello, adding psk_key_exchange_modes extension" \
2998 -c "client hello, adding PSK binder list" \
2999 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3000 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]3001 -c "HTTP/1.0 200 ok"
3002
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3003#OPENSSL-SERVER psk_ephemeral mode
3004requires_openssl_tls1_3
3005requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3006requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3007requires_config_enabled MBEDTLS_DEBUG_C
3008requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3009requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3010run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3011 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3012 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3013 0 \
3014 -c "=> write client hello" \
3015 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3016 -c "client hello, adding psk_key_exchange_modes extension" \
3017 -c "client hello, adding PSK binder list" \
3018 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3019 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3020 -c "HTTP/1.0 200 ok"
3021
3022requires_openssl_tls1_3
3023requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3024requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3025requires_config_enabled MBEDTLS_DEBUG_C
3026requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3027requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3028run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3029 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]3030 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3031 0 \
3032 -c "=> write client hello" \
3033 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3034 -c "client hello, adding psk_key_exchange_modes extension" \
3035 -c "client hello, adding PSK binder list" \
3036 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3037 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3038 -c "HTTP/1.0 200 ok"
3039
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3040#OPENSSL-SERVER ephemeral mode
3041requires_openssl_tls1_3
3042requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3043requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3044requires_config_enabled MBEDTLS_DEBUG_C
3045requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3046requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3047run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3048 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3049 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3050 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3051 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3052 -c "HTTP/1.0 200 ok"
3053
3054requires_openssl_tls1_3
3055requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3056requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3057requires_config_enabled MBEDTLS_DEBUG_C
3058requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3059requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3060run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3061 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3062 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3063 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3064 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3065 -c "HTTP/1.0 200 ok"
3066
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3067#OPENSSL-SERVER ephemeral_all mode
3068requires_openssl_tls1_3
3069requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3070requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3071requires_config_enabled MBEDTLS_DEBUG_C
3072requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3073requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3074requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3075run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3076 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3077 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3078 0 \
3079 -c "=> write client hello" \
3080 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3081 -c "client hello, adding psk_key_exchange_modes extension" \
3082 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3083 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3084 -c "<= write client hello" \
3085 -c "HTTP/1.0 200 ok"
3086
3087requires_openssl_tls1_3
3088requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3089requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3090requires_config_enabled MBEDTLS_DEBUG_C
3091requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3092requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3093requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3094run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3095 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3096 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3097 0 \
3098 -c "=> write client hello" \
3099 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3100 -c "client hello, adding psk_key_exchange_modes extension" \
3101 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3102 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3103 -c "<= write client hello" \
3104 -c "HTTP/1.0 200 ok"
3105
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3106#OPENSSL-SERVER all mode
3107requires_openssl_tls1_3
3108requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3109requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3110requires_config_enabled MBEDTLS_DEBUG_C
3111requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3112requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3113requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3114requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3115run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3116 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3117 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3118 0 \
3119 -c "=> write client hello" \
3120 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3121 -c "client hello, adding psk_key_exchange_modes extension" \
3122 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3123 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3124 -c "<= write client hello" \
3125 -c "HTTP/1.0 200 ok"
3126
3127requires_openssl_tls1_3
3128requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3129requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3130requires_config_enabled MBEDTLS_DEBUG_C
3131requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3132requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3133requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3134requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3135run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3136 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3137 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
3138 0 \
3139 -c "=> write client hello" \
3140 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3141 -c "client hello, adding psk_key_exchange_modes extension" \
3142 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3143 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3144 -c "<= write client hello" \
3145 -c "HTTP/1.0 200 ok"
3146
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3147#GNUTLS-SERVER psk mode
3148requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3149requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3150requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3151requires_config_enabled MBEDTLS_DEBUG_C
3152requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3153requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3154run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3155 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3156 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3157 0 \
3158 -c "=> write client hello" \
3159 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3160 -c "client hello, adding psk_key_exchange_modes extension" \
3161 -c "client hello, adding PSK binder list" \
3162 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3163 -s "Parsing extension 'Pre Shared Key/41'" \
3164 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3165 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3166 -c "HTTP/1.0 200 OK"
3167
3168requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3169requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3170requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3171requires_config_enabled MBEDTLS_DEBUG_C
3172requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3173requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3174run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3175 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3176 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3177 1 \
3178 -c "=> write client hello" \
3179 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3180 -c "client hello, adding psk_key_exchange_modes extension" \
3181 -c "client hello, adding PSK binder list" \
3182 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3183 -s "Parsing extension 'Pre Shared Key/41'" \
3184 -c "<= write client hello" \
3185 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3186
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3187#GNUTLS-SERVER psk_all mode
3188requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3189requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3190requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3191requires_config_enabled MBEDTLS_DEBUG_C
3192requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3193requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3194requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3195run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3196 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3197 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3198 0 \
3199 -c "=> write client hello" \
3200 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3201 -c "client hello, adding psk_key_exchange_modes extension" \
3202 -c "client hello, adding PSK binder list" \
3203 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3204 -s "Parsing extension 'Pre Shared Key/41'" \
3205 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3206 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3207 -c "HTTP/1.0 200 OK"
3208
3209requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3210requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3211requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3212requires_config_enabled MBEDTLS_DEBUG_C
3213requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3214requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3215requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3216run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3217 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3218 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3219 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3220 -c "=> write client hello" \
3221 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3222 -c "client hello, adding psk_key_exchange_modes extension" \
3223 -c "client hello, adding PSK binder list" \
3224 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3225 -s "Parsing extension 'Pre Shared Key/41'" \
3226 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3227 -c "Selected key exchange mode: psk_ephemeral" \
3228 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3229
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3230#GNUTLS-SERVER psk_ephemeral mode
3231requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3232requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3233requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3234requires_config_enabled MBEDTLS_DEBUG_C
3235requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3236requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3237run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3238 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3239 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3240 0 \
3241 -c "=> write client hello" \
3242 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3243 -c "client hello, adding psk_key_exchange_modes extension" \
3244 -c "client hello, adding PSK binder list" \
3245 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3246 -s "Parsing extension 'Pre Shared Key/41'" \
3247 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3248 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3249 -c "HTTP/1.0 200 OK"
3250
3251requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3252requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3253requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3254requires_config_enabled MBEDTLS_DEBUG_C
3255requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3257run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3258 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3259 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3260 0 \
3261 -c "=> write client hello" \
3262 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3263 -c "client hello, adding psk_key_exchange_modes extension" \
3264 -c "client hello, adding PSK binder list" \
3265 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3266 -s "Parsing extension 'Pre Shared Key/41'" \
3267 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3268 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3269 -c "HTTP/1.0 200 OK"
3270
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3271#GNUTLS-SERVER ephemeral mode
3272requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3273requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3274requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3275requires_config_enabled MBEDTLS_DEBUG_C
3276requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3277requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3278run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3279 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3280 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3281 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3282 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3283 -c "HTTP/1.0 200 OK"
3284
3285requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3286requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3287requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3288requires_config_enabled MBEDTLS_DEBUG_C
3289requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3291run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3292 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3293 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3294 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3295 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3296 -c "HTTP/1.0 200 OK"
3297
3298#GNUTLS-SERVER ephemeral_all mode
3299requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3300requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3301requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3302requires_config_enabled MBEDTLS_DEBUG_C
3303requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3304requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3305requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3306run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3307 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3308 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3309 0 \
3310 -c "=> write client hello" \
3311 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3312 -c "client hello, adding psk_key_exchange_modes extension" \
3313 -c "client hello, adding PSK binder list" \
3314 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3315 -s "Parsing extension 'Pre Shared Key/41'" \
3316 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3317 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3318 -c "HTTP/1.0 200 OK"
3319
3320requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3321requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3322requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3323requires_config_enabled MBEDTLS_DEBUG_C
3324requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3325requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3326requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3327run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3328 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3329 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3330 0 \
3331 -c "=> write client hello" \
3332 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3333 -c "client hello, adding psk_key_exchange_modes extension" \
3334 -c "client hello, adding PSK binder list" \
3335 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3336 -s "Parsing extension 'Pre Shared Key/41'" \
3337 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3338 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3339 -c "HTTP/1.0 200 OK"
3340
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3341#GNUTLS-SERVER all mode
3342requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3343requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3344requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3345requires_config_enabled MBEDTLS_DEBUG_C
3346requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3350run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3351 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3352 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3353 0 \
3354 -c "=> write client hello" \
3355 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3356 -c "client hello, adding psk_key_exchange_modes extension" \
3357 -c "client hello, adding PSK binder list" \
3358 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3359 -s "Parsing extension 'Pre Shared Key/41'" \
3360 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3361 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3362 -c "HTTP/1.0 200 OK"
3363
3364requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3365requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3366requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3367requires_config_enabled MBEDTLS_DEBUG_C
3368requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3372run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3373 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3374 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3375 0 \
3376 -c "=> write client hello" \
3377 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3378 -c "client hello, adding psk_key_exchange_modes extension" \
3379 -c "client hello, adding PSK binder list" \
3380 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3381 -s "Parsing extension 'Pre Shared Key/41'" \
3382 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3383 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3384 -c "HTTP/1.0 200 OK"