Blame - tests/opt-testcases/tls13-compat.sh - mirror/mbed-tls

blob: fa7663ba720291fb2c1fe298bf09b92e093e5251 [file] [log] [blame]

Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1	#!/bin/sh
				2
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3	# tls13-compat.sh
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4	#
				5	# Copyright The Mbed TLS Contributors
				6	# SPDX-License-Identifier: Apache-2.0
				7	#
				8	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				9	# not use this file except in compliance with the License.
				10	# You may obtain a copy of the License at
				11	#
				12	# http://www.apache.org/licenses/LICENSE-2.0
				13	#
				14	# Unless required by applicable law or agreed to in writing, software
				15	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				16	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				17	# See the License for the specific language governing permissions and
				18	# limitations under the License.
				19	#
				20	# Purpose
				21	#
				22	# List TLS1.3 compat test cases. They are generated by
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	23	# `./tests/scripts/generate_tls13_compat_tests.py -a -o tests/opt-testcases/tls13-compat.sh`.
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	24	#
				25	# PLEASE DO NOT EDIT THIS FILE. IF NEEDED, PLEASE MODIFY `generate_tls13_compat_tests.py`
				26	# AND REGENERATE THIS FILE.
				27	#
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	28	requires_openssl_tls1_3
				29	requires_config_enabled MBEDTLS_DEBUG_C
				30	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	31	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	32	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	33	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	34	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	35	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	36	0 \
				37	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	38	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				39	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	40	-c "NamedGroup: secp256r1 ( 17 )" \
				41	-c "Verifying peer X.509 certificate... ok" \
				42	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	43
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	44	requires_gnutls_tls1_3
				45	requires_gnutls_next_no_ticket
				46	requires_gnutls_next_disable_tls13_compat
				47	requires_config_enabled MBEDTLS_DEBUG_C
				48	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	49	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	50	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	51	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	52	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	53	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	54	0 \
				55	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	56	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				57	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	58	-c "NamedGroup: secp256r1 ( 17 )" \
				59	-c "Verifying peer X.509 certificate... ok" \
				60	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	61
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	62	requires_openssl_tls1_3
				63	requires_config_enabled MBEDTLS_DEBUG_C
				64	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	65	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	66	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	67	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	68	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	69	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	70	0 \
				71	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	72	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				73	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	74	-c "NamedGroup: secp384r1 ( 18 )" \
				75	-c "Verifying peer X.509 certificate... ok" \
				76	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	77
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	78	requires_gnutls_tls1_3
				79	requires_gnutls_next_no_ticket
				80	requires_gnutls_next_disable_tls13_compat
				81	requires_config_enabled MBEDTLS_DEBUG_C
				82	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	83	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	84	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	85	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	86	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	87	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	88	0 \
				89	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	90	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				91	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	92	-c "NamedGroup: secp384r1 ( 18 )" \
				93	-c "Verifying peer X.509 certificate... ok" \
				94	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	95
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	96	requires_openssl_tls1_3
				97	requires_config_enabled MBEDTLS_DEBUG_C
				98	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	99	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	100	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	101	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	102	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	103	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	104	0 \
				105	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	106	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				107	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	108	-c "NamedGroup: secp521r1 ( 19 )" \
				109	-c "Verifying peer X.509 certificate... ok" \
				110	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	111
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	112	requires_gnutls_tls1_3
				113	requires_gnutls_next_no_ticket
				114	requires_gnutls_next_disable_tls13_compat
				115	requires_config_enabled MBEDTLS_DEBUG_C
				116	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	117	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	118	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	119	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	120	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	121	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	122	0 \
				123	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	124	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				125	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	126	-c "NamedGroup: secp521r1 ( 19 )" \
				127	-c "Verifying peer X.509 certificate... ok" \
				128	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	129
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	130	requires_openssl_tls1_3
				131	requires_config_enabled MBEDTLS_DEBUG_C
				132	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	133	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	134	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	135	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	136	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	137	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	138	0 \
				139	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	140	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				141	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	142	-c "NamedGroup: x25519 ( 1d )" \
				143	-c "Verifying peer X.509 certificate... ok" \
				144	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	145
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	146	requires_gnutls_tls1_3
				147	requires_gnutls_next_no_ticket
				148	requires_gnutls_next_disable_tls13_compat
				149	requires_config_enabled MBEDTLS_DEBUG_C
				150	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	151	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	152	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	153	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	154	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	155	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	156	0 \
				157	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	158	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				159	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	160	-c "NamedGroup: x25519 ( 1d )" \
				161	-c "Verifying peer X.509 certificate... ok" \
				162	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	163
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	164	requires_openssl_tls1_3
				165	requires_config_enabled MBEDTLS_DEBUG_C
				166	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	167	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	168	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	169	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	170	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	171	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	172	0 \
				173	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	174	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				175	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	176	-c "NamedGroup: x448 ( 1e )" \
				177	-c "Verifying peer X.509 certificate... ok" \
				178	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	179
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	180	requires_gnutls_tls1_3
				181	requires_gnutls_next_no_ticket
				182	requires_gnutls_next_disable_tls13_compat
				183	requires_config_enabled MBEDTLS_DEBUG_C
				184	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	185	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	186	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	187	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	188	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	189	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	190	0 \
				191	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	192	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				193	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	194	-c "NamedGroup: x448 ( 1e )" \
				195	-c "Verifying peer X.509 certificate... ok" \
				196	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	197
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	198	requires_openssl_tls1_3
				199	requires_config_enabled MBEDTLS_DEBUG_C
				200	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	201	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	202	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	203	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	204	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	205	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	206	0 \
				207	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	208	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				209	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	210	-c "NamedGroup: secp256r1 ( 17 )" \
				211	-c "Verifying peer X.509 certificate... ok" \
				212	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	213
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	214	requires_gnutls_tls1_3
				215	requires_gnutls_next_no_ticket
				216	requires_gnutls_next_disable_tls13_compat
				217	requires_config_enabled MBEDTLS_DEBUG_C
				218	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	219	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	220	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	221	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	222	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	223	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	224	0 \
				225	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	226	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				227	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	228	-c "NamedGroup: secp256r1 ( 17 )" \
				229	-c "Verifying peer X.509 certificate... ok" \
				230	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	231
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	232	requires_openssl_tls1_3
				233	requires_config_enabled MBEDTLS_DEBUG_C
				234	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	235	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	236	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	237	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	238	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	239	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	240	0 \
				241	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	242	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				243	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	244	-c "NamedGroup: secp384r1 ( 18 )" \
				245	-c "Verifying peer X.509 certificate... ok" \
				246	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	247
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	248	requires_gnutls_tls1_3
				249	requires_gnutls_next_no_ticket
				250	requires_gnutls_next_disable_tls13_compat
				251	requires_config_enabled MBEDTLS_DEBUG_C
				252	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	253	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	254	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	255	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	256	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	257	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	258	0 \
				259	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	260	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				261	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	262	-c "NamedGroup: secp384r1 ( 18 )" \
				263	-c "Verifying peer X.509 certificate... ok" \
				264	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	265
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	266	requires_openssl_tls1_3
				267	requires_config_enabled MBEDTLS_DEBUG_C
				268	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	269	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	270	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	271	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	272	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	273	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	274	0 \
				275	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	276	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				277	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	278	-c "NamedGroup: secp521r1 ( 19 )" \
				279	-c "Verifying peer X.509 certificate... ok" \
				280	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	281
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	282	requires_gnutls_tls1_3
				283	requires_gnutls_next_no_ticket
				284	requires_gnutls_next_disable_tls13_compat
				285	requires_config_enabled MBEDTLS_DEBUG_C
				286	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	287	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	288	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	289	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	290	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	291	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	292	0 \
				293	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	294	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				295	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	296	-c "NamedGroup: secp521r1 ( 19 )" \
				297	-c "Verifying peer X.509 certificate... ok" \
				298	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	299
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	300	requires_openssl_tls1_3
				301	requires_config_enabled MBEDTLS_DEBUG_C
				302	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	303	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	304	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	305	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	306	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	307	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	308	0 \
				309	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	310	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				311	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	312	-c "NamedGroup: x25519 ( 1d )" \
				313	-c "Verifying peer X.509 certificate... ok" \
				314	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	315
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	316	requires_gnutls_tls1_3
				317	requires_gnutls_next_no_ticket
				318	requires_gnutls_next_disable_tls13_compat
				319	requires_config_enabled MBEDTLS_DEBUG_C
				320	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	321	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	322	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	323	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	324	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	325	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	326	0 \
				327	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	328	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				329	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	330	-c "NamedGroup: x25519 ( 1d )" \
				331	-c "Verifying peer X.509 certificate... ok" \
				332	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	333
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	334	requires_openssl_tls1_3
				335	requires_config_enabled MBEDTLS_DEBUG_C
				336	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	337	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	338	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	339	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	340	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	341	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	342	0 \
				343	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	344	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				345	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	346	-c "NamedGroup: x448 ( 1e )" \
				347	-c "Verifying peer X.509 certificate... ok" \
				348	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	349
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	350	requires_gnutls_tls1_3
				351	requires_gnutls_next_no_ticket
				352	requires_gnutls_next_disable_tls13_compat
				353	requires_config_enabled MBEDTLS_DEBUG_C
				354	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	355	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	356	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	357	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	358	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	359	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	360	0 \
				361	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	362	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				363	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	364	-c "NamedGroup: x448 ( 1e )" \
				365	-c "Verifying peer X.509 certificate... ok" \
				366	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	367
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	368	requires_openssl_tls1_3
				369	requires_config_enabled MBEDTLS_DEBUG_C
				370	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	371	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	372	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	373	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	374	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	375	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	376	0 \
				377	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	378	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				379	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	380	-c "NamedGroup: secp256r1 ( 17 )" \
				381	-c "Verifying peer X.509 certificate... ok" \
				382	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	383
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	384	requires_gnutls_tls1_3
				385	requires_gnutls_next_no_ticket
				386	requires_gnutls_next_disable_tls13_compat
				387	requires_config_enabled MBEDTLS_DEBUG_C
				388	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	389	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	390	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	391	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	392	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	393	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	394	0 \
				395	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	396	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				397	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	398	-c "NamedGroup: secp256r1 ( 17 )" \
				399	-c "Verifying peer X.509 certificate... ok" \
				400	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	401
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	402	requires_openssl_tls1_3
				403	requires_config_enabled MBEDTLS_DEBUG_C
				404	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	405	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	406	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	407	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	408	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	409	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	410	0 \
				411	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	412	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				413	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	414	-c "NamedGroup: secp384r1 ( 18 )" \
				415	-c "Verifying peer X.509 certificate... ok" \
				416	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	417
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	418	requires_gnutls_tls1_3
				419	requires_gnutls_next_no_ticket
				420	requires_gnutls_next_disable_tls13_compat
				421	requires_config_enabled MBEDTLS_DEBUG_C
				422	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	423	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	424	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	425	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	426	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	427	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	428	0 \
				429	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	430	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				431	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	432	-c "NamedGroup: secp384r1 ( 18 )" \
				433	-c "Verifying peer X.509 certificate... ok" \
				434	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	435
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	436	requires_openssl_tls1_3
				437	requires_config_enabled MBEDTLS_DEBUG_C
				438	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	439	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	440	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	441	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	442	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	443	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	444	0 \
				445	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	446	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				447	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	448	-c "NamedGroup: secp521r1 ( 19 )" \
				449	-c "Verifying peer X.509 certificate... ok" \
				450	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	451
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	452	requires_gnutls_tls1_3
				453	requires_gnutls_next_no_ticket
				454	requires_gnutls_next_disable_tls13_compat
				455	requires_config_enabled MBEDTLS_DEBUG_C
				456	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	457	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	458	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	459	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	460	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	461	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	462	0 \
				463	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	464	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				465	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	466	-c "NamedGroup: secp521r1 ( 19 )" \
				467	-c "Verifying peer X.509 certificate... ok" \
				468	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	469
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	470	requires_openssl_tls1_3
				471	requires_config_enabled MBEDTLS_DEBUG_C
				472	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	473	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	474	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	475	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	476	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	477	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	478	0 \
				479	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	480	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				481	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	482	-c "NamedGroup: x25519 ( 1d )" \
				483	-c "Verifying peer X.509 certificate... ok" \
				484	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	485
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	486	requires_gnutls_tls1_3
				487	requires_gnutls_next_no_ticket
				488	requires_gnutls_next_disable_tls13_compat
				489	requires_config_enabled MBEDTLS_DEBUG_C
				490	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	491	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	492	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	493	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	494	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	495	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	496	0 \
				497	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	498	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				499	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	500	-c "NamedGroup: x25519 ( 1d )" \
				501	-c "Verifying peer X.509 certificate... ok" \
				502	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	503
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	504	requires_openssl_tls1_3
				505	requires_config_enabled MBEDTLS_DEBUG_C
				506	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	507	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	508	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	509	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	510	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	511	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	512	0 \
				513	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	514	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				515	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	516	-c "NamedGroup: x448 ( 1e )" \
				517	-c "Verifying peer X.509 certificate... ok" \
				518	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	519
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	520	requires_gnutls_tls1_3
				521	requires_gnutls_next_no_ticket
				522	requires_gnutls_next_disable_tls13_compat
				523	requires_config_enabled MBEDTLS_DEBUG_C
				524	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	525	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	526	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	527	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	528	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	529	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	530	0 \
				531	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	532	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				533	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	534	-c "NamedGroup: x448 ( 1e )" \
				535	-c "Verifying peer X.509 certificate... ok" \
				536	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	537
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	538	requires_openssl_tls1_3
				539	requires_config_enabled MBEDTLS_DEBUG_C
				540	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	541	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	542	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	543	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	544	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	545	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	546	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	547	0 \
				548	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	549	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				550	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	551	-c "NamedGroup: secp256r1 ( 17 )" \
				552	-c "Verifying peer X.509 certificate... ok" \
				553	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	554
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	555	requires_gnutls_tls1_3
				556	requires_gnutls_next_no_ticket
				557	requires_gnutls_next_disable_tls13_compat
				558	requires_config_enabled MBEDTLS_DEBUG_C
				559	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	560	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	561	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	562	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	563	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	564	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	565	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	566	0 \
				567	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	568	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				569	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	570	-c "NamedGroup: secp256r1 ( 17 )" \
				571	-c "Verifying peer X.509 certificate... ok" \
				572	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	573
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	574	requires_openssl_tls1_3
				575	requires_config_enabled MBEDTLS_DEBUG_C
				576	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	577	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	578	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	579	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	580	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	581	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	582	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	583	0 \
				584	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	585	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				586	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	587	-c "NamedGroup: secp384r1 ( 18 )" \
				588	-c "Verifying peer X.509 certificate... ok" \
				589	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	590
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	591	requires_gnutls_tls1_3
				592	requires_gnutls_next_no_ticket
				593	requires_gnutls_next_disable_tls13_compat
				594	requires_config_enabled MBEDTLS_DEBUG_C
				595	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	596	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	597	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	598	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	599	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	600	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	601	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	602	0 \
				603	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	604	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				605	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	606	-c "NamedGroup: secp384r1 ( 18 )" \
				607	-c "Verifying peer X.509 certificate... ok" \
				608	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	609
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	610	requires_openssl_tls1_3
				611	requires_config_enabled MBEDTLS_DEBUG_C
				612	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	613	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	614	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	615	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	616	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	617	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	618	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	619	0 \
				620	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	621	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				622	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	623	-c "NamedGroup: secp521r1 ( 19 )" \
				624	-c "Verifying peer X.509 certificate... ok" \
				625	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	626
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	627	requires_gnutls_tls1_3
				628	requires_gnutls_next_no_ticket
				629	requires_gnutls_next_disable_tls13_compat
				630	requires_config_enabled MBEDTLS_DEBUG_C
				631	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	632	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	633	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	634	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	635	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	636	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	637	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	638	0 \
				639	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	640	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				641	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	642	-c "NamedGroup: secp521r1 ( 19 )" \
				643	-c "Verifying peer X.509 certificate... ok" \
				644	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	645
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	646	requires_openssl_tls1_3
				647	requires_config_enabled MBEDTLS_DEBUG_C
				648	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	649	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	650	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	651	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	652	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	653	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	654	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	655	0 \
				656	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	657	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				658	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	659	-c "NamedGroup: x25519 ( 1d )" \
				660	-c "Verifying peer X.509 certificate... ok" \
				661	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	662
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	663	requires_gnutls_tls1_3
				664	requires_gnutls_next_no_ticket
				665	requires_gnutls_next_disable_tls13_compat
				666	requires_config_enabled MBEDTLS_DEBUG_C
				667	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	668	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	669	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	670	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	671	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	672	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	673	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	674	0 \
				675	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	676	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				677	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	678	-c "NamedGroup: x25519 ( 1d )" \
				679	-c "Verifying peer X.509 certificate... ok" \
				680	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	681
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	682	requires_openssl_tls1_3
				683	requires_config_enabled MBEDTLS_DEBUG_C
				684	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	685	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	686	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	687	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	688	run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	689	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	690	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	691	0 \
				692	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	693	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				694	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	695	-c "NamedGroup: x448 ( 1e )" \
				696	-c "Verifying peer X.509 certificate... ok" \
				697	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	698
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	699	requires_gnutls_tls1_3
				700	requires_gnutls_next_no_ticket
				701	requires_gnutls_next_disable_tls13_compat
				702	requires_config_enabled MBEDTLS_DEBUG_C
				703	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	704	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	705	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	706	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	707	run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	708	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	709	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	710	0 \
				711	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	712	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				713	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	714	-c "NamedGroup: x448 ( 1e )" \
				715	-c "Verifying peer X.509 certificate... ok" \
				716	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	717
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	718	requires_openssl_tls1_3
				719	requires_config_enabled MBEDTLS_DEBUG_C
				720	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	721	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	722	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	723	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	724	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	725	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	726	0 \
				727	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	728	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				729	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	730	-c "NamedGroup: secp256r1 ( 17 )" \
				731	-c "Verifying peer X.509 certificate... ok" \
				732	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	733
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	734	requires_gnutls_tls1_3
				735	requires_gnutls_next_no_ticket
				736	requires_gnutls_next_disable_tls13_compat
				737	requires_config_enabled MBEDTLS_DEBUG_C
				738	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	739	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	740	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	741	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	742	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	743	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	744	0 \
				745	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	746	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				747	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	748	-c "NamedGroup: secp256r1 ( 17 )" \
				749	-c "Verifying peer X.509 certificate... ok" \
				750	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	751
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	752	requires_openssl_tls1_3
				753	requires_config_enabled MBEDTLS_DEBUG_C
				754	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	755	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	756	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	757	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	758	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	759	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	760	0 \
				761	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	762	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				763	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	764	-c "NamedGroup: secp384r1 ( 18 )" \
				765	-c "Verifying peer X.509 certificate... ok" \
				766	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	767
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	768	requires_gnutls_tls1_3
				769	requires_gnutls_next_no_ticket
				770	requires_gnutls_next_disable_tls13_compat
				771	requires_config_enabled MBEDTLS_DEBUG_C
				772	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	773	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	774	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	775	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	776	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	777	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	778	0 \
				779	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	780	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				781	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	782	-c "NamedGroup: secp384r1 ( 18 )" \
				783	-c "Verifying peer X.509 certificate... ok" \
				784	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	785
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	786	requires_openssl_tls1_3
				787	requires_config_enabled MBEDTLS_DEBUG_C
				788	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	789	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	790	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	791	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	792	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	793	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	794	0 \
				795	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	796	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				797	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	798	-c "NamedGroup: secp521r1 ( 19 )" \
				799	-c "Verifying peer X.509 certificate... ok" \
				800	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	801
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	802	requires_gnutls_tls1_3
				803	requires_gnutls_next_no_ticket
				804	requires_gnutls_next_disable_tls13_compat
				805	requires_config_enabled MBEDTLS_DEBUG_C
				806	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	807	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	808	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	809	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	810	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	811	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	812	0 \
				813	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	814	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				815	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	816	-c "NamedGroup: secp521r1 ( 19 )" \
				817	-c "Verifying peer X.509 certificate... ok" \
				818	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	819
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	820	requires_openssl_tls1_3
				821	requires_config_enabled MBEDTLS_DEBUG_C
				822	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	823	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	824	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	825	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	826	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	827	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	828	0 \
				829	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	830	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				831	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	832	-c "NamedGroup: x25519 ( 1d )" \
				833	-c "Verifying peer X.509 certificate... ok" \
				834	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	835
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	836	requires_gnutls_tls1_3
				837	requires_gnutls_next_no_ticket
				838	requires_gnutls_next_disable_tls13_compat
				839	requires_config_enabled MBEDTLS_DEBUG_C
				840	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	841	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	842	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	843	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	844	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	845	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	846	0 \
				847	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	848	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				849	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	850	-c "NamedGroup: x25519 ( 1d )" \
				851	-c "Verifying peer X.509 certificate... ok" \
				852	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	853
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	854	requires_openssl_tls1_3
				855	requires_config_enabled MBEDTLS_DEBUG_C
				856	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	857	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	858	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	859	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	860	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	861	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	862	0 \
				863	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	864	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				865	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	866	-c "NamedGroup: x448 ( 1e )" \
				867	-c "Verifying peer X.509 certificate... ok" \
				868	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	869
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	870	requires_gnutls_tls1_3
				871	requires_gnutls_next_no_ticket
				872	requires_gnutls_next_disable_tls13_compat
				873	requires_config_enabled MBEDTLS_DEBUG_C
				874	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	875	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	876	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	877	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	878	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	879	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	880	0 \
				881	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	882	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				883	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	884	-c "NamedGroup: x448 ( 1e )" \
				885	-c "Verifying peer X.509 certificate... ok" \
				886	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	887
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	888	requires_openssl_tls1_3
				889	requires_config_enabled MBEDTLS_DEBUG_C
				890	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	891	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	892	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	893	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	894	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	895	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	896	0 \
				897	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	898	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				899	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	900	-c "NamedGroup: secp256r1 ( 17 )" \
				901	-c "Verifying peer X.509 certificate... ok" \
				902	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	903
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	904	requires_gnutls_tls1_3
				905	requires_gnutls_next_no_ticket
				906	requires_gnutls_next_disable_tls13_compat
				907	requires_config_enabled MBEDTLS_DEBUG_C
				908	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	909	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	910	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	911	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	912	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	913	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	914	0 \
				915	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	916	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				917	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	918	-c "NamedGroup: secp256r1 ( 17 )" \
				919	-c "Verifying peer X.509 certificate... ok" \
				920	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	921
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	922	requires_openssl_tls1_3
				923	requires_config_enabled MBEDTLS_DEBUG_C
				924	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	925	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	926	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	927	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	928	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	929	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	930	0 \
				931	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	932	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				933	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	934	-c "NamedGroup: secp384r1 ( 18 )" \
				935	-c "Verifying peer X.509 certificate... ok" \
				936	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	937
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	938	requires_gnutls_tls1_3
				939	requires_gnutls_next_no_ticket
				940	requires_gnutls_next_disable_tls13_compat
				941	requires_config_enabled MBEDTLS_DEBUG_C
				942	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	943	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	944	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	945	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	946	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	947	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	948	0 \
				949	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	950	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				951	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	952	-c "NamedGroup: secp384r1 ( 18 )" \
				953	-c "Verifying peer X.509 certificate... ok" \
				954	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	955
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	956	requires_openssl_tls1_3
				957	requires_config_enabled MBEDTLS_DEBUG_C
				958	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	959	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	960	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	961	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	962	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	963	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	964	0 \
				965	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	966	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				967	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	968	-c "NamedGroup: secp521r1 ( 19 )" \
				969	-c "Verifying peer X.509 certificate... ok" \
				970	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	971
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	972	requires_gnutls_tls1_3
				973	requires_gnutls_next_no_ticket
				974	requires_gnutls_next_disable_tls13_compat
				975	requires_config_enabled MBEDTLS_DEBUG_C
				976	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	977	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	978	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	979	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	980	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	981	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	982	0 \
				983	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	984	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				985	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	986	-c "NamedGroup: secp521r1 ( 19 )" \
				987	-c "Verifying peer X.509 certificate... ok" \
				988	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	989
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	990	requires_openssl_tls1_3
				991	requires_config_enabled MBEDTLS_DEBUG_C
				992	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	993	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	994	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	995	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	996	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	997	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	998	0 \
				999	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1000	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1001	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1002	-c "NamedGroup: x25519 ( 1d )" \
				1003	-c "Verifying peer X.509 certificate... ok" \
				1004	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1005
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1006	requires_gnutls_tls1_3
				1007	requires_gnutls_next_no_ticket
				1008	requires_gnutls_next_disable_tls13_compat
				1009	requires_config_enabled MBEDTLS_DEBUG_C
				1010	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1011	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1012	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1013	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1014	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1015	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1016	0 \
				1017	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1018	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1019	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1020	-c "NamedGroup: x25519 ( 1d )" \
				1021	-c "Verifying peer X.509 certificate... ok" \
				1022	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1023
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1024	requires_openssl_tls1_3
				1025	requires_config_enabled MBEDTLS_DEBUG_C
				1026	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1027	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1028	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1029	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1030	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1031	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1032	0 \
				1033	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1034	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1035	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1036	-c "NamedGroup: x448 ( 1e )" \
				1037	-c "Verifying peer X.509 certificate... ok" \
				1038	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1039
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1040	requires_gnutls_tls1_3
				1041	requires_gnutls_next_no_ticket
				1042	requires_gnutls_next_disable_tls13_compat
				1043	requires_config_enabled MBEDTLS_DEBUG_C
				1044	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1045	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1046	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1047	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1048	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1049	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1050	0 \
				1051	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1052	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1053	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1054	-c "NamedGroup: x448 ( 1e )" \
				1055	-c "Verifying peer X.509 certificate... ok" \
				1056	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1057
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1058	requires_openssl_tls1_3
				1059	requires_config_enabled MBEDTLS_DEBUG_C
				1060	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1061	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1062	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1063	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1064	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1065	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1066	0 \
				1067	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1068	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1069	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1070	-c "NamedGroup: secp256r1 ( 17 )" \
				1071	-c "Verifying peer X.509 certificate... ok" \
				1072	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1073
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1074	requires_gnutls_tls1_3
				1075	requires_gnutls_next_no_ticket
				1076	requires_gnutls_next_disable_tls13_compat
				1077	requires_config_enabled MBEDTLS_DEBUG_C
				1078	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1079	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1080	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1081	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1082	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1083	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1084	0 \
				1085	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1086	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1087	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1088	-c "NamedGroup: secp256r1 ( 17 )" \
				1089	-c "Verifying peer X.509 certificate... ok" \
				1090	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1091
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1092	requires_openssl_tls1_3
				1093	requires_config_enabled MBEDTLS_DEBUG_C
				1094	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1095	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1096	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1097	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1098	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1099	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1100	0 \
				1101	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1102	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1103	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1104	-c "NamedGroup: secp384r1 ( 18 )" \
				1105	-c "Verifying peer X.509 certificate... ok" \
				1106	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1107
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1108	requires_gnutls_tls1_3
				1109	requires_gnutls_next_no_ticket
				1110	requires_gnutls_next_disable_tls13_compat
				1111	requires_config_enabled MBEDTLS_DEBUG_C
				1112	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1113	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1114	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1115	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1116	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1117	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1118	0 \
				1119	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1120	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1121	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1122	-c "NamedGroup: secp384r1 ( 18 )" \
				1123	-c "Verifying peer X.509 certificate... ok" \
				1124	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1125
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1126	requires_openssl_tls1_3
				1127	requires_config_enabled MBEDTLS_DEBUG_C
				1128	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1129	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1130	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1131	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1132	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1133	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1134	0 \
				1135	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1136	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1137	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1138	-c "NamedGroup: secp521r1 ( 19 )" \
				1139	-c "Verifying peer X.509 certificate... ok" \
				1140	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1141
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1142	requires_gnutls_tls1_3
				1143	requires_gnutls_next_no_ticket
				1144	requires_gnutls_next_disable_tls13_compat
				1145	requires_config_enabled MBEDTLS_DEBUG_C
				1146	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1147	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1148	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1149	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1150	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1151	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1152	0 \
				1153	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1154	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1155	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1156	-c "NamedGroup: secp521r1 ( 19 )" \
				1157	-c "Verifying peer X.509 certificate... ok" \
				1158	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1159
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1160	requires_openssl_tls1_3
				1161	requires_config_enabled MBEDTLS_DEBUG_C
				1162	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1163	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1164	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1165	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1166	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1167	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1168	0 \
				1169	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1170	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1171	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1172	-c "NamedGroup: x25519 ( 1d )" \
				1173	-c "Verifying peer X.509 certificate... ok" \
				1174	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1175
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1176	requires_gnutls_tls1_3
				1177	requires_gnutls_next_no_ticket
				1178	requires_gnutls_next_disable_tls13_compat
				1179	requires_config_enabled MBEDTLS_DEBUG_C
				1180	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1181	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1182	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1183	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1184	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1185	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1186	0 \
				1187	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1188	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1189	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1190	-c "NamedGroup: x25519 ( 1d )" \
				1191	-c "Verifying peer X.509 certificate... ok" \
				1192	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1193
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1194	requires_openssl_tls1_3
				1195	requires_config_enabled MBEDTLS_DEBUG_C
				1196	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1197	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1198	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1199	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1200	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1201	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1202	0 \
				1203	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1204	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1205	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1206	-c "NamedGroup: x448 ( 1e )" \
				1207	-c "Verifying peer X.509 certificate... ok" \
				1208	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1209
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1210	requires_gnutls_tls1_3
				1211	requires_gnutls_next_no_ticket
				1212	requires_gnutls_next_disable_tls13_compat
				1213	requires_config_enabled MBEDTLS_DEBUG_C
				1214	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1215	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1216	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1217	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1218	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1219	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1220	0 \
				1221	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1222	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1223	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1224	-c "NamedGroup: x448 ( 1e )" \
				1225	-c "Verifying peer X.509 certificate... ok" \
				1226	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1227
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1228	requires_openssl_tls1_3
				1229	requires_config_enabled MBEDTLS_DEBUG_C
				1230	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1231	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1232	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1233	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1234	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1235	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1236	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1237	0 \
				1238	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1239	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1240	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1241	-c "NamedGroup: secp256r1 ( 17 )" \
				1242	-c "Verifying peer X.509 certificate... ok" \
				1243	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1244
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1245	requires_gnutls_tls1_3
				1246	requires_gnutls_next_no_ticket
				1247	requires_gnutls_next_disable_tls13_compat
				1248	requires_config_enabled MBEDTLS_DEBUG_C
				1249	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1250	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1251	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1252	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1253	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1254	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1255	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1256	0 \
				1257	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1258	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1259	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1260	-c "NamedGroup: secp256r1 ( 17 )" \
				1261	-c "Verifying peer X.509 certificate... ok" \
				1262	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1263
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1264	requires_openssl_tls1_3
				1265	requires_config_enabled MBEDTLS_DEBUG_C
				1266	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1267	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1268	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1269	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1270	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1271	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1272	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1273	0 \
				1274	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1275	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1276	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1277	-c "NamedGroup: secp384r1 ( 18 )" \
				1278	-c "Verifying peer X.509 certificate... ok" \
				1279	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1280
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1281	requires_gnutls_tls1_3
				1282	requires_gnutls_next_no_ticket
				1283	requires_gnutls_next_disable_tls13_compat
				1284	requires_config_enabled MBEDTLS_DEBUG_C
				1285	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1286	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1287	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1288	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1289	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1290	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1291	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1292	0 \
				1293	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1294	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1295	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1296	-c "NamedGroup: secp384r1 ( 18 )" \
				1297	-c "Verifying peer X.509 certificate... ok" \
				1298	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1299
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1300	requires_openssl_tls1_3
				1301	requires_config_enabled MBEDTLS_DEBUG_C
				1302	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1303	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1304	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1305	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1306	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1307	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1308	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1309	0 \
				1310	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1311	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1312	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1313	-c "NamedGroup: secp521r1 ( 19 )" \
				1314	-c "Verifying peer X.509 certificate... ok" \
				1315	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1316
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1317	requires_gnutls_tls1_3
				1318	requires_gnutls_next_no_ticket
				1319	requires_gnutls_next_disable_tls13_compat
				1320	requires_config_enabled MBEDTLS_DEBUG_C
				1321	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1322	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1323	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1324	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1325	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1326	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1327	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1328	0 \
				1329	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1330	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1331	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1332	-c "NamedGroup: secp521r1 ( 19 )" \
				1333	-c "Verifying peer X.509 certificate... ok" \
				1334	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1335
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1336	requires_openssl_tls1_3
				1337	requires_config_enabled MBEDTLS_DEBUG_C
				1338	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1339	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1340	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1341	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1342	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1343	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1344	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1345	0 \
				1346	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1347	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1348	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1349	-c "NamedGroup: x25519 ( 1d )" \
				1350	-c "Verifying peer X.509 certificate... ok" \
				1351	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1352
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1353	requires_gnutls_tls1_3
				1354	requires_gnutls_next_no_ticket
				1355	requires_gnutls_next_disable_tls13_compat
				1356	requires_config_enabled MBEDTLS_DEBUG_C
				1357	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1358	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1359	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1360	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1361	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1362	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1363	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1364	0 \
				1365	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1366	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1367	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1368	-c "NamedGroup: x25519 ( 1d )" \
				1369	-c "Verifying peer X.509 certificate... ok" \
				1370	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1371
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1372	requires_openssl_tls1_3
				1373	requires_config_enabled MBEDTLS_DEBUG_C
				1374	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1375	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1376	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1377	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1378	run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1379	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1380	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1381	0 \
				1382	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1383	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1384	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1385	-c "NamedGroup: x448 ( 1e )" \
				1386	-c "Verifying peer X.509 certificate... ok" \
				1387	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1388
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1389	requires_gnutls_tls1_3
				1390	requires_gnutls_next_no_ticket
				1391	requires_gnutls_next_disable_tls13_compat
				1392	requires_config_enabled MBEDTLS_DEBUG_C
				1393	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1394	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1395	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1396	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1397	run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1398	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1399	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1400	0 \
				1401	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1402	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1403	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1404	-c "NamedGroup: x448 ( 1e )" \
				1405	-c "Verifying peer X.509 certificate... ok" \
				1406	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1407
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1408	requires_openssl_tls1_3
				1409	requires_config_enabled MBEDTLS_DEBUG_C
				1410	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1411	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1412	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1413	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1414	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1415	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1416	0 \
				1417	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1418	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1419	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1420	-c "NamedGroup: secp256r1 ( 17 )" \
				1421	-c "Verifying peer X.509 certificate... ok" \
				1422	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1423
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1424	requires_gnutls_tls1_3
				1425	requires_gnutls_next_no_ticket
				1426	requires_gnutls_next_disable_tls13_compat
				1427	requires_config_enabled MBEDTLS_DEBUG_C
				1428	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1429	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1430	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1431	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1432	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1433	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1434	0 \
				1435	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1436	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1437	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1438	-c "NamedGroup: secp256r1 ( 17 )" \
				1439	-c "Verifying peer X.509 certificate... ok" \
				1440	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1441
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1442	requires_openssl_tls1_3
				1443	requires_config_enabled MBEDTLS_DEBUG_C
				1444	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1445	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1446	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1447	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1448	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1449	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1450	0 \
				1451	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1452	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1453	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1454	-c "NamedGroup: secp384r1 ( 18 )" \
				1455	-c "Verifying peer X.509 certificate... ok" \
				1456	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1457
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1458	requires_gnutls_tls1_3
				1459	requires_gnutls_next_no_ticket
				1460	requires_gnutls_next_disable_tls13_compat
				1461	requires_config_enabled MBEDTLS_DEBUG_C
				1462	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1463	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1464	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1465	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1466	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1467	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1468	0 \
				1469	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1470	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1471	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1472	-c "NamedGroup: secp384r1 ( 18 )" \
				1473	-c "Verifying peer X.509 certificate... ok" \
				1474	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1475
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1476	requires_openssl_tls1_3
				1477	requires_config_enabled MBEDTLS_DEBUG_C
				1478	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1479	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1480	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1481	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1482	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1483	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1484	0 \
				1485	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1486	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1487	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1488	-c "NamedGroup: secp521r1 ( 19 )" \
				1489	-c "Verifying peer X.509 certificate... ok" \
				1490	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1491
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1492	requires_gnutls_tls1_3
				1493	requires_gnutls_next_no_ticket
				1494	requires_gnutls_next_disable_tls13_compat
				1495	requires_config_enabled MBEDTLS_DEBUG_C
				1496	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1497	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1498	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1499	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1500	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1501	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1502	0 \
				1503	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1504	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1505	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1506	-c "NamedGroup: secp521r1 ( 19 )" \
				1507	-c "Verifying peer X.509 certificate... ok" \
				1508	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1509
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1510	requires_openssl_tls1_3
				1511	requires_config_enabled MBEDTLS_DEBUG_C
				1512	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1513	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1514	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1515	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1516	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1517	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1518	0 \
				1519	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1520	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1521	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1522	-c "NamedGroup: x25519 ( 1d )" \
				1523	-c "Verifying peer X.509 certificate... ok" \
				1524	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1525
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1526	requires_gnutls_tls1_3
				1527	requires_gnutls_next_no_ticket
				1528	requires_gnutls_next_disable_tls13_compat
				1529	requires_config_enabled MBEDTLS_DEBUG_C
				1530	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1531	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1532	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1533	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1534	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1535	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1536	0 \
				1537	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1538	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1539	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1540	-c "NamedGroup: x25519 ( 1d )" \
				1541	-c "Verifying peer X.509 certificate... ok" \
				1542	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1543
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1544	requires_openssl_tls1_3
				1545	requires_config_enabled MBEDTLS_DEBUG_C
				1546	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1547	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1548	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1549	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1550	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1551	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1552	0 \
				1553	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1554	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1555	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1556	-c "NamedGroup: x448 ( 1e )" \
				1557	-c "Verifying peer X.509 certificate... ok" \
				1558	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1559
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1560	requires_gnutls_tls1_3
				1561	requires_gnutls_next_no_ticket
				1562	requires_gnutls_next_disable_tls13_compat
				1563	requires_config_enabled MBEDTLS_DEBUG_C
				1564	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1565	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1566	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1567	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1568	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1569	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1570	0 \
				1571	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1572	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1573	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1574	-c "NamedGroup: x448 ( 1e )" \
				1575	-c "Verifying peer X.509 certificate... ok" \
				1576	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1577
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1578	requires_openssl_tls1_3
				1579	requires_config_enabled MBEDTLS_DEBUG_C
				1580	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1581	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1582	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1583	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1584	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1585	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1586	0 \
				1587	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1588	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1589	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1590	-c "NamedGroup: secp256r1 ( 17 )" \
				1591	-c "Verifying peer X.509 certificate... ok" \
				1592	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1593
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1594	requires_gnutls_tls1_3
				1595	requires_gnutls_next_no_ticket
				1596	requires_gnutls_next_disable_tls13_compat
				1597	requires_config_enabled MBEDTLS_DEBUG_C
				1598	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1599	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1600	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1601	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1602	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1603	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1604	0 \
				1605	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1606	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1607	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1608	-c "NamedGroup: secp256r1 ( 17 )" \
				1609	-c "Verifying peer X.509 certificate... ok" \
				1610	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1611
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1612	requires_openssl_tls1_3
				1613	requires_config_enabled MBEDTLS_DEBUG_C
				1614	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1615	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1616	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1617	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1618	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1619	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1620	0 \
				1621	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1622	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1623	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1624	-c "NamedGroup: secp384r1 ( 18 )" \
				1625	-c "Verifying peer X.509 certificate... ok" \
				1626	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1627
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1628	requires_gnutls_tls1_3
				1629	requires_gnutls_next_no_ticket
				1630	requires_gnutls_next_disable_tls13_compat
				1631	requires_config_enabled MBEDTLS_DEBUG_C
				1632	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1633	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1634	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1635	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1636	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1637	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1638	0 \
				1639	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1640	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1641	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1642	-c "NamedGroup: secp384r1 ( 18 )" \
				1643	-c "Verifying peer X.509 certificate... ok" \
				1644	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1645
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1646	requires_openssl_tls1_3
				1647	requires_config_enabled MBEDTLS_DEBUG_C
				1648	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1649	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1650	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1651	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1652	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1653	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1654	0 \
				1655	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1656	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1657	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1658	-c "NamedGroup: secp521r1 ( 19 )" \
				1659	-c "Verifying peer X.509 certificate... ok" \
				1660	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1661
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1662	requires_gnutls_tls1_3
				1663	requires_gnutls_next_no_ticket
				1664	requires_gnutls_next_disable_tls13_compat
				1665	requires_config_enabled MBEDTLS_DEBUG_C
				1666	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1667	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1668	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1669	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1670	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1671	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1672	0 \
				1673	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1674	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1675	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1676	-c "NamedGroup: secp521r1 ( 19 )" \
				1677	-c "Verifying peer X.509 certificate... ok" \
				1678	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1679
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1680	requires_openssl_tls1_3
				1681	requires_config_enabled MBEDTLS_DEBUG_C
				1682	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1683	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1684	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1685	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1686	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1687	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1688	0 \
				1689	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1690	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1691	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1692	-c "NamedGroup: x25519 ( 1d )" \
				1693	-c "Verifying peer X.509 certificate... ok" \
				1694	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1695
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1696	requires_gnutls_tls1_3
				1697	requires_gnutls_next_no_ticket
				1698	requires_gnutls_next_disable_tls13_compat
				1699	requires_config_enabled MBEDTLS_DEBUG_C
				1700	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1701	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1702	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1703	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1704	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1705	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1706	0 \
				1707	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1708	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1709	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1710	-c "NamedGroup: x25519 ( 1d )" \
				1711	-c "Verifying peer X.509 certificate... ok" \
				1712	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1713
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1714	requires_openssl_tls1_3
				1715	requires_config_enabled MBEDTLS_DEBUG_C
				1716	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1717	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1718	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1719	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1720	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1721	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1722	0 \
				1723	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1724	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1725	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1726	-c "NamedGroup: x448 ( 1e )" \
				1727	-c "Verifying peer X.509 certificate... ok" \
				1728	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1729
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1730	requires_gnutls_tls1_3
				1731	requires_gnutls_next_no_ticket
				1732	requires_gnutls_next_disable_tls13_compat
				1733	requires_config_enabled MBEDTLS_DEBUG_C
				1734	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1735	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1736	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1737	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1738	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1739	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1740	0 \
				1741	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1742	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1743	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1744	-c "NamedGroup: x448 ( 1e )" \
				1745	-c "Verifying peer X.509 certificate... ok" \
				1746	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1747
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1748	requires_openssl_tls1_3
				1749	requires_config_enabled MBEDTLS_DEBUG_C
				1750	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1751	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1752	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1753	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1754	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1755	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1756	0 \
				1757	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1758	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1759	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1760	-c "NamedGroup: secp256r1 ( 17 )" \
				1761	-c "Verifying peer X.509 certificate... ok" \
				1762	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1763
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1764	requires_gnutls_tls1_3
				1765	requires_gnutls_next_no_ticket
				1766	requires_gnutls_next_disable_tls13_compat
				1767	requires_config_enabled MBEDTLS_DEBUG_C
				1768	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1769	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1770	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1771	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1772	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1773	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1774	0 \
				1775	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1776	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1777	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1778	-c "NamedGroup: secp256r1 ( 17 )" \
				1779	-c "Verifying peer X.509 certificate... ok" \
				1780	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1781
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1782	requires_openssl_tls1_3
				1783	requires_config_enabled MBEDTLS_DEBUG_C
				1784	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1785	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1786	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1787	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1788	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1789	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1790	0 \
				1791	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1792	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1793	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1794	-c "NamedGroup: secp384r1 ( 18 )" \
				1795	-c "Verifying peer X.509 certificate... ok" \
				1796	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1797
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1798	requires_gnutls_tls1_3
				1799	requires_gnutls_next_no_ticket
				1800	requires_gnutls_next_disable_tls13_compat
				1801	requires_config_enabled MBEDTLS_DEBUG_C
				1802	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1803	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1804	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1805	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1806	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1807	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1808	0 \
				1809	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1810	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1811	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1812	-c "NamedGroup: secp384r1 ( 18 )" \
				1813	-c "Verifying peer X.509 certificate... ok" \
				1814	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1815
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1816	requires_openssl_tls1_3
				1817	requires_config_enabled MBEDTLS_DEBUG_C
				1818	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1819	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1820	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1821	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1822	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1823	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1824	0 \
				1825	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1826	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1827	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1828	-c "NamedGroup: secp521r1 ( 19 )" \
				1829	-c "Verifying peer X.509 certificate... ok" \
				1830	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1831
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1832	requires_gnutls_tls1_3
				1833	requires_gnutls_next_no_ticket
				1834	requires_gnutls_next_disable_tls13_compat
				1835	requires_config_enabled MBEDTLS_DEBUG_C
				1836	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1837	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1838	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1839	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1840	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1841	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1842	0 \
				1843	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1844	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1845	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1846	-c "NamedGroup: secp521r1 ( 19 )" \
				1847	-c "Verifying peer X.509 certificate... ok" \
				1848	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1849
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1850	requires_openssl_tls1_3
				1851	requires_config_enabled MBEDTLS_DEBUG_C
				1852	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1853	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1854	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1855	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1856	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1857	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1858	0 \
				1859	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1860	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1861	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1862	-c "NamedGroup: x25519 ( 1d )" \
				1863	-c "Verifying peer X.509 certificate... ok" \
				1864	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1865
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1866	requires_gnutls_tls1_3
				1867	requires_gnutls_next_no_ticket
				1868	requires_gnutls_next_disable_tls13_compat
				1869	requires_config_enabled MBEDTLS_DEBUG_C
				1870	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1871	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1872	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1873	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1874	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1875	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1876	0 \
				1877	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1878	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1879	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1880	-c "NamedGroup: x25519 ( 1d )" \
				1881	-c "Verifying peer X.509 certificate... ok" \
				1882	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1883
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1884	requires_openssl_tls1_3
				1885	requires_config_enabled MBEDTLS_DEBUG_C
				1886	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1887	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1888	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1889	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1890	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1891	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1892	0 \
				1893	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1894	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1895	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1896	-c "NamedGroup: x448 ( 1e )" \
				1897	-c "Verifying peer X.509 certificate... ok" \
				1898	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1899
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1900	requires_gnutls_tls1_3
				1901	requires_gnutls_next_no_ticket
				1902	requires_gnutls_next_disable_tls13_compat
				1903	requires_config_enabled MBEDTLS_DEBUG_C
				1904	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1905	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1906	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1907	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1908	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1909	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1910	0 \
				1911	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1912	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1913	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1914	-c "NamedGroup: x448 ( 1e )" \
				1915	-c "Verifying peer X.509 certificate... ok" \
				1916	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1917
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1918	requires_openssl_tls1_3
				1919	requires_config_enabled MBEDTLS_DEBUG_C
				1920	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1921	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1922	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1923	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1924	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1925	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1926	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1927	0 \
				1928	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1929	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1930	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1931	-c "NamedGroup: secp256r1 ( 17 )" \
				1932	-c "Verifying peer X.509 certificate... ok" \
				1933	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1934
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1935	requires_gnutls_tls1_3
				1936	requires_gnutls_next_no_ticket
				1937	requires_gnutls_next_disable_tls13_compat
				1938	requires_config_enabled MBEDTLS_DEBUG_C
				1939	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1940	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1941	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1942	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1943	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1944	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1945	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1946	0 \
				1947	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1948	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1949	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1950	-c "NamedGroup: secp256r1 ( 17 )" \
				1951	-c "Verifying peer X.509 certificate... ok" \
				1952	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1953
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1954	requires_openssl_tls1_3
				1955	requires_config_enabled MBEDTLS_DEBUG_C
				1956	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1957	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1958	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1959	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1960	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1961	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1962	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1963	0 \
				1964	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1965	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1966	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1967	-c "NamedGroup: secp384r1 ( 18 )" \
				1968	-c "Verifying peer X.509 certificate... ok" \
				1969	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1970
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1971	requires_gnutls_tls1_3
				1972	requires_gnutls_next_no_ticket
				1973	requires_gnutls_next_disable_tls13_compat
				1974	requires_config_enabled MBEDTLS_DEBUG_C
				1975	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1976	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1977	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1978	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1979	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1980	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1981	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1982	0 \
				1983	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1984	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1985	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	1986	-c "NamedGroup: secp384r1 ( 18 )" \
				1987	-c "Verifying peer X.509 certificate... ok" \
				1988	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1989
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1990	requires_openssl_tls1_3
				1991	requires_config_enabled MBEDTLS_DEBUG_C
				1992	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1993	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1994	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1995	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1996	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1997	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	1998	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1999	0 \
				2000	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2001	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2002	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2003	-c "NamedGroup: secp521r1 ( 19 )" \
				2004	-c "Verifying peer X.509 certificate... ok" \
				2005	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2006
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2007	requires_gnutls_tls1_3
				2008	requires_gnutls_next_no_ticket
				2009	requires_gnutls_next_disable_tls13_compat
				2010	requires_config_enabled MBEDTLS_DEBUG_C
				2011	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2012	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2013	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2014	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2015	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2016	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2017	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2018	0 \
				2019	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2020	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2021	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2022	-c "NamedGroup: secp521r1 ( 19 )" \
				2023	-c "Verifying peer X.509 certificate... ok" \
				2024	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2025
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2026	requires_openssl_tls1_3
				2027	requires_config_enabled MBEDTLS_DEBUG_C
				2028	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2029	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2030	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2031	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2032	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2033	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2034	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2035	0 \
				2036	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2037	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2038	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2039	-c "NamedGroup: x25519 ( 1d )" \
				2040	-c "Verifying peer X.509 certificate... ok" \
				2041	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2042
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2043	requires_gnutls_tls1_3
				2044	requires_gnutls_next_no_ticket
				2045	requires_gnutls_next_disable_tls13_compat
				2046	requires_config_enabled MBEDTLS_DEBUG_C
				2047	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2048	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2049	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2050	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2051	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2052	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2053	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2054	0 \
				2055	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2056	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2057	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2058	-c "NamedGroup: x25519 ( 1d )" \
				2059	-c "Verifying peer X.509 certificate... ok" \
				2060	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2061
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2062	requires_openssl_tls1_3
				2063	requires_config_enabled MBEDTLS_DEBUG_C
				2064	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2065	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2066	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2067	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2068	run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2069	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2070	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2071	0 \
				2072	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2073	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2074	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2075	-c "NamedGroup: x448 ( 1e )" \
				2076	-c "Verifying peer X.509 certificate... ok" \
				2077	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2078
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2079	requires_gnutls_tls1_3
				2080	requires_gnutls_next_no_ticket
				2081	requires_gnutls_next_disable_tls13_compat
				2082	requires_config_enabled MBEDTLS_DEBUG_C
				2083	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2084	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2085	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2086	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2087	run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2088	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2089	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2090	0 \
				2091	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2092	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2093	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2094	-c "NamedGroup: x448 ( 1e )" \
				2095	-c "Verifying peer X.509 certificate... ok" \
				2096	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2097
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2098	requires_openssl_tls1_3
				2099	requires_config_enabled MBEDTLS_DEBUG_C
				2100	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2101	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2102	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2103	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2104	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2105	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2106	0 \
				2107	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2108	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2109	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2110	-c "NamedGroup: secp256r1 ( 17 )" \
				2111	-c "Verifying peer X.509 certificate... ok" \
				2112	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2113
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2114	requires_gnutls_tls1_3
				2115	requires_gnutls_next_no_ticket
				2116	requires_gnutls_next_disable_tls13_compat
				2117	requires_config_enabled MBEDTLS_DEBUG_C
				2118	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2119	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2120	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2121	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2122	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2123	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2124	0 \
				2125	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2126	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2127	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2128	-c "NamedGroup: secp256r1 ( 17 )" \
				2129	-c "Verifying peer X.509 certificate... ok" \
				2130	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2131
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2132	requires_openssl_tls1_3
				2133	requires_config_enabled MBEDTLS_DEBUG_C
				2134	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2135	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2136	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2137	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2138	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2139	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2140	0 \
				2141	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2142	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2143	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2144	-c "NamedGroup: secp384r1 ( 18 )" \
				2145	-c "Verifying peer X.509 certificate... ok" \
				2146	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2147
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2148	requires_gnutls_tls1_3
				2149	requires_gnutls_next_no_ticket
				2150	requires_gnutls_next_disable_tls13_compat
				2151	requires_config_enabled MBEDTLS_DEBUG_C
				2152	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2153	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2154	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2155	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2156	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2157	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2158	0 \
				2159	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2160	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2161	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2162	-c "NamedGroup: secp384r1 ( 18 )" \
				2163	-c "Verifying peer X.509 certificate... ok" \
				2164	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2165
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2166	requires_openssl_tls1_3
				2167	requires_config_enabled MBEDTLS_DEBUG_C
				2168	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2169	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2170	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2171	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2172	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2173	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2174	0 \
				2175	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2176	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2177	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2178	-c "NamedGroup: secp521r1 ( 19 )" \
				2179	-c "Verifying peer X.509 certificate... ok" \
				2180	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2181
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2182	requires_gnutls_tls1_3
				2183	requires_gnutls_next_no_ticket
				2184	requires_gnutls_next_disable_tls13_compat
				2185	requires_config_enabled MBEDTLS_DEBUG_C
				2186	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2187	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2188	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2189	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2190	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2191	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2192	0 \
				2193	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2194	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2195	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2196	-c "NamedGroup: secp521r1 ( 19 )" \
				2197	-c "Verifying peer X.509 certificate... ok" \
				2198	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2199
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2200	requires_openssl_tls1_3
				2201	requires_config_enabled MBEDTLS_DEBUG_C
				2202	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2203	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2204	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2205	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2206	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2207	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2208	0 \
				2209	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2210	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2211	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2212	-c "NamedGroup: x25519 ( 1d )" \
				2213	-c "Verifying peer X.509 certificate... ok" \
				2214	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2215
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2216	requires_gnutls_tls1_3
				2217	requires_gnutls_next_no_ticket
				2218	requires_gnutls_next_disable_tls13_compat
				2219	requires_config_enabled MBEDTLS_DEBUG_C
				2220	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2221	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2222	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2223	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2224	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2225	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2226	0 \
				2227	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2228	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2229	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2230	-c "NamedGroup: x25519 ( 1d )" \
				2231	-c "Verifying peer X.509 certificate... ok" \
				2232	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2233
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2234	requires_openssl_tls1_3
				2235	requires_config_enabled MBEDTLS_DEBUG_C
				2236	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2237	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2238	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2239	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2240	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2241	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2242	0 \
				2243	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2244	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2245	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2246	-c "NamedGroup: x448 ( 1e )" \
				2247	-c "Verifying peer X.509 certificate... ok" \
				2248	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2249
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2250	requires_gnutls_tls1_3
				2251	requires_gnutls_next_no_ticket
				2252	requires_gnutls_next_disable_tls13_compat
				2253	requires_config_enabled MBEDTLS_DEBUG_C
				2254	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2255	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2256	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2257	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2258	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2259	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2260	0 \
				2261	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2262	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2263	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2264	-c "NamedGroup: x448 ( 1e )" \
				2265	-c "Verifying peer X.509 certificate... ok" \
				2266	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2267
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2268	requires_openssl_tls1_3
				2269	requires_config_enabled MBEDTLS_DEBUG_C
				2270	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2271	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2272	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2273	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2274	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2275	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2276	0 \
				2277	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2278	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2279	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2280	-c "NamedGroup: secp256r1 ( 17 )" \
				2281	-c "Verifying peer X.509 certificate... ok" \
				2282	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2283
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2284	requires_gnutls_tls1_3
				2285	requires_gnutls_next_no_ticket
				2286	requires_gnutls_next_disable_tls13_compat
				2287	requires_config_enabled MBEDTLS_DEBUG_C
				2288	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2289	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2290	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2291	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2292	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2293	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2294	0 \
				2295	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2296	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2297	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2298	-c "NamedGroup: secp256r1 ( 17 )" \
				2299	-c "Verifying peer X.509 certificate... ok" \
				2300	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2301
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2302	requires_openssl_tls1_3
				2303	requires_config_enabled MBEDTLS_DEBUG_C
				2304	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2305	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2306	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2307	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2308	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2309	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2310	0 \
				2311	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2312	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2313	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2314	-c "NamedGroup: secp384r1 ( 18 )" \
				2315	-c "Verifying peer X.509 certificate... ok" \
				2316	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2317
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2318	requires_gnutls_tls1_3
				2319	requires_gnutls_next_no_ticket
				2320	requires_gnutls_next_disable_tls13_compat
				2321	requires_config_enabled MBEDTLS_DEBUG_C
				2322	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2323	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2324	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2325	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2326	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2327	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2328	0 \
				2329	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2330	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2331	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2332	-c "NamedGroup: secp384r1 ( 18 )" \
				2333	-c "Verifying peer X.509 certificate... ok" \
				2334	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2335
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2336	requires_openssl_tls1_3
				2337	requires_config_enabled MBEDTLS_DEBUG_C
				2338	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2339	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2340	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2341	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2342	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2343	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2344	0 \
				2345	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2346	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2347	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2348	-c "NamedGroup: secp521r1 ( 19 )" \
				2349	-c "Verifying peer X.509 certificate... ok" \
				2350	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2351
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2352	requires_gnutls_tls1_3
				2353	requires_gnutls_next_no_ticket
				2354	requires_gnutls_next_disable_tls13_compat
				2355	requires_config_enabled MBEDTLS_DEBUG_C
				2356	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2357	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2358	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2359	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2360	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2361	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2362	0 \
				2363	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2364	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2365	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2366	-c "NamedGroup: secp521r1 ( 19 )" \
				2367	-c "Verifying peer X.509 certificate... ok" \
				2368	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2369
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2370	requires_openssl_tls1_3
				2371	requires_config_enabled MBEDTLS_DEBUG_C
				2372	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2373	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2374	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2375	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2376	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2377	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2378	0 \
				2379	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2380	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2381	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2382	-c "NamedGroup: x25519 ( 1d )" \
				2383	-c "Verifying peer X.509 certificate... ok" \
				2384	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2385
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2386	requires_gnutls_tls1_3
				2387	requires_gnutls_next_no_ticket
				2388	requires_gnutls_next_disable_tls13_compat
				2389	requires_config_enabled MBEDTLS_DEBUG_C
				2390	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2391	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2392	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2393	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2394	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2395	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2396	0 \
				2397	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2398	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2399	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2400	-c "NamedGroup: x25519 ( 1d )" \
				2401	-c "Verifying peer X.509 certificate... ok" \
				2402	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2403
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2404	requires_openssl_tls1_3
				2405	requires_config_enabled MBEDTLS_DEBUG_C
				2406	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2407	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2408	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2409	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2410	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2411	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2412	0 \
				2413	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2414	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2415	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2416	-c "NamedGroup: x448 ( 1e )" \
				2417	-c "Verifying peer X.509 certificate... ok" \
				2418	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2419
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2420	requires_gnutls_tls1_3
				2421	requires_gnutls_next_no_ticket
				2422	requires_gnutls_next_disable_tls13_compat
				2423	requires_config_enabled MBEDTLS_DEBUG_C
				2424	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2425	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2426	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2427	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2428	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2429	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2430	0 \
				2431	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2432	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2433	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2434	-c "NamedGroup: x448 ( 1e )" \
				2435	-c "Verifying peer X.509 certificate... ok" \
				2436	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2437
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2438	requires_openssl_tls1_3
				2439	requires_config_enabled MBEDTLS_DEBUG_C
				2440	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2441	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2442	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2443	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2444	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2445	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2446	0 \
				2447	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2448	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2449	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2450	-c "NamedGroup: secp256r1 ( 17 )" \
				2451	-c "Verifying peer X.509 certificate... ok" \
				2452	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2453
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2454	requires_gnutls_tls1_3
				2455	requires_gnutls_next_no_ticket
				2456	requires_gnutls_next_disable_tls13_compat
				2457	requires_config_enabled MBEDTLS_DEBUG_C
				2458	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2459	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2460	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2461	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2462	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2463	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2464	0 \
				2465	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2466	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2467	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2468	-c "NamedGroup: secp256r1 ( 17 )" \
				2469	-c "Verifying peer X.509 certificate... ok" \
				2470	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2471
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2472	requires_openssl_tls1_3
				2473	requires_config_enabled MBEDTLS_DEBUG_C
				2474	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2475	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2476	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2477	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2478	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2479	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2480	0 \
				2481	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2482	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2483	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2484	-c "NamedGroup: secp384r1 ( 18 )" \
				2485	-c "Verifying peer X.509 certificate... ok" \
				2486	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2487
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2488	requires_gnutls_tls1_3
				2489	requires_gnutls_next_no_ticket
				2490	requires_gnutls_next_disable_tls13_compat
				2491	requires_config_enabled MBEDTLS_DEBUG_C
				2492	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2493	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2494	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2495	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2496	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2497	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2498	0 \
				2499	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2500	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2501	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2502	-c "NamedGroup: secp384r1 ( 18 )" \
				2503	-c "Verifying peer X.509 certificate... ok" \
				2504	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2505
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2506	requires_openssl_tls1_3
				2507	requires_config_enabled MBEDTLS_DEBUG_C
				2508	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2509	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2510	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2511	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2512	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2513	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2514	0 \
				2515	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2516	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2517	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2518	-c "NamedGroup: secp521r1 ( 19 )" \
				2519	-c "Verifying peer X.509 certificate... ok" \
				2520	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2521
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2522	requires_gnutls_tls1_3
				2523	requires_gnutls_next_no_ticket
				2524	requires_gnutls_next_disable_tls13_compat
				2525	requires_config_enabled MBEDTLS_DEBUG_C
				2526	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2527	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2528	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2529	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2530	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2531	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2532	0 \
				2533	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2534	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2535	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2536	-c "NamedGroup: secp521r1 ( 19 )" \
				2537	-c "Verifying peer X.509 certificate... ok" \
				2538	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2539
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2540	requires_openssl_tls1_3
				2541	requires_config_enabled MBEDTLS_DEBUG_C
				2542	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2543	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2544	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2545	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2546	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2547	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2548	0 \
				2549	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2550	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2551	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2552	-c "NamedGroup: x25519 ( 1d )" \
				2553	-c "Verifying peer X.509 certificate... ok" \
				2554	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2555
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2556	requires_gnutls_tls1_3
				2557	requires_gnutls_next_no_ticket
				2558	requires_gnutls_next_disable_tls13_compat
				2559	requires_config_enabled MBEDTLS_DEBUG_C
				2560	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2561	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2562	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2563	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2564	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2565	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2566	0 \
				2567	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2568	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2569	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2570	-c "NamedGroup: x25519 ( 1d )" \
				2571	-c "Verifying peer X.509 certificate... ok" \
				2572	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2573
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2574	requires_openssl_tls1_3
				2575	requires_config_enabled MBEDTLS_DEBUG_C
				2576	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2577	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2578	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2579	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2580	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2581	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2582	0 \
				2583	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2584	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2585	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2586	-c "NamedGroup: x448 ( 1e )" \
				2587	-c "Verifying peer X.509 certificate... ok" \
				2588	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2589
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2590	requires_gnutls_tls1_3
				2591	requires_gnutls_next_no_ticket
				2592	requires_gnutls_next_disable_tls13_compat
				2593	requires_config_enabled MBEDTLS_DEBUG_C
				2594	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2595	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2596	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2597	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2598	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2599	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2600	0 \
				2601	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2602	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2603	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2604	-c "NamedGroup: x448 ( 1e )" \
				2605	-c "Verifying peer X.509 certificate... ok" \
				2606	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2607
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2608	requires_openssl_tls1_3
				2609	requires_config_enabled MBEDTLS_DEBUG_C
				2610	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2611	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2612	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2613	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2614	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2615	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2616	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2617	0 \
				2618	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2619	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2620	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2621	-c "NamedGroup: secp256r1 ( 17 )" \
				2622	-c "Verifying peer X.509 certificate... ok" \
				2623	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2624
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2625	requires_gnutls_tls1_3
				2626	requires_gnutls_next_no_ticket
				2627	requires_gnutls_next_disable_tls13_compat
				2628	requires_config_enabled MBEDTLS_DEBUG_C
				2629	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2630	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2631	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2632	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2633	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2634	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2635	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2636	0 \
				2637	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2638	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2639	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2640	-c "NamedGroup: secp256r1 ( 17 )" \
				2641	-c "Verifying peer X.509 certificate... ok" \
				2642	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2643
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2644	requires_openssl_tls1_3
				2645	requires_config_enabled MBEDTLS_DEBUG_C
				2646	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2647	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2648	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2649	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2650	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2651	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2652	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2653	0 \
				2654	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2655	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2656	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2657	-c "NamedGroup: secp384r1 ( 18 )" \
				2658	-c "Verifying peer X.509 certificate... ok" \
				2659	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2660
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2661	requires_gnutls_tls1_3
				2662	requires_gnutls_next_no_ticket
				2663	requires_gnutls_next_disable_tls13_compat
				2664	requires_config_enabled MBEDTLS_DEBUG_C
				2665	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2666	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2667	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2668	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2669	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2670	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2671	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2672	0 \
				2673	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2674	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2675	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2676	-c "NamedGroup: secp384r1 ( 18 )" \
				2677	-c "Verifying peer X.509 certificate... ok" \
				2678	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2679
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2680	requires_openssl_tls1_3
				2681	requires_config_enabled MBEDTLS_DEBUG_C
				2682	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2683	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2684	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2685	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2686	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2687	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2688	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2689	0 \
				2690	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2691	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2692	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2693	-c "NamedGroup: secp521r1 ( 19 )" \
				2694	-c "Verifying peer X.509 certificate... ok" \
				2695	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2696
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2697	requires_gnutls_tls1_3
				2698	requires_gnutls_next_no_ticket
				2699	requires_gnutls_next_disable_tls13_compat
				2700	requires_config_enabled MBEDTLS_DEBUG_C
				2701	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2702	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2703	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2704	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2705	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2706	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2707	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2708	0 \
				2709	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2710	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2711	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2712	-c "NamedGroup: secp521r1 ( 19 )" \
				2713	-c "Verifying peer X.509 certificate... ok" \
				2714	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2715
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2716	requires_openssl_tls1_3
				2717	requires_config_enabled MBEDTLS_DEBUG_C
				2718	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2719	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2720	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2721	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2722	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2723	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2724	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2725	0 \
				2726	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2727	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2728	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2729	-c "NamedGroup: x25519 ( 1d )" \
				2730	-c "Verifying peer X.509 certificate... ok" \
				2731	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2732
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2733	requires_gnutls_tls1_3
				2734	requires_gnutls_next_no_ticket
				2735	requires_gnutls_next_disable_tls13_compat
				2736	requires_config_enabled MBEDTLS_DEBUG_C
				2737	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2738	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2739	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2740	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2741	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2742	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2743	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2744	0 \
				2745	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2746	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2747	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2748	-c "NamedGroup: x25519 ( 1d )" \
				2749	-c "Verifying peer X.509 certificate... ok" \
				2750	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2751
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2752	requires_openssl_tls1_3
				2753	requires_config_enabled MBEDTLS_DEBUG_C
				2754	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2755	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2756	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2757	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2758	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2759	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2760	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2761	0 \
				2762	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2763	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2764	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2765	-c "NamedGroup: x448 ( 1e )" \
				2766	-c "Verifying peer X.509 certificate... ok" \
				2767	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2768
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2769	requires_gnutls_tls1_3
				2770	requires_gnutls_next_no_ticket
				2771	requires_gnutls_next_disable_tls13_compat
				2772	requires_config_enabled MBEDTLS_DEBUG_C
				2773	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2774	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2775	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2776	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2777	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2778	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2779	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2780	0 \
				2781	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2782	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2783	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2784	-c "NamedGroup: x448 ( 1e )" \
				2785	-c "Verifying peer X.509 certificate... ok" \
				2786	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2787
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2788	requires_openssl_tls1_3
				2789	requires_config_enabled MBEDTLS_DEBUG_C
				2790	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2791	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2792	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2793	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2794	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2795	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2796	0 \
				2797	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2798	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2799	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2800	-c "NamedGroup: secp256r1 ( 17 )" \
				2801	-c "Verifying peer X.509 certificate... ok" \
				2802	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2803
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2804	requires_gnutls_tls1_3
				2805	requires_gnutls_next_no_ticket
				2806	requires_gnutls_next_disable_tls13_compat
				2807	requires_config_enabled MBEDTLS_DEBUG_C
				2808	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2809	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2810	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2811	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2812	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2813	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2814	0 \
				2815	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2816	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2817	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2818	-c "NamedGroup: secp256r1 ( 17 )" \
				2819	-c "Verifying peer X.509 certificate... ok" \
				2820	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2821
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2822	requires_openssl_tls1_3
				2823	requires_config_enabled MBEDTLS_DEBUG_C
				2824	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2825	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2826	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2827	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2828	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2829	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2830	0 \
				2831	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2832	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2833	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2834	-c "NamedGroup: secp384r1 ( 18 )" \
				2835	-c "Verifying peer X.509 certificate... ok" \
				2836	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2837
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2838	requires_gnutls_tls1_3
				2839	requires_gnutls_next_no_ticket
				2840	requires_gnutls_next_disable_tls13_compat
				2841	requires_config_enabled MBEDTLS_DEBUG_C
				2842	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2843	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2844	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2845	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2846	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2847	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2848	0 \
				2849	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2850	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2851	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2852	-c "NamedGroup: secp384r1 ( 18 )" \
				2853	-c "Verifying peer X.509 certificate... ok" \
				2854	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2855
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2856	requires_openssl_tls1_3
				2857	requires_config_enabled MBEDTLS_DEBUG_C
				2858	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2859	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2860	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2861	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2862	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2863	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2864	0 \
				2865	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2866	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2867	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2868	-c "NamedGroup: secp521r1 ( 19 )" \
				2869	-c "Verifying peer X.509 certificate... ok" \
				2870	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2871
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2872	requires_gnutls_tls1_3
				2873	requires_gnutls_next_no_ticket
				2874	requires_gnutls_next_disable_tls13_compat
				2875	requires_config_enabled MBEDTLS_DEBUG_C
				2876	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2877	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2878	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2879	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2880	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2881	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2882	0 \
				2883	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2884	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2885	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2886	-c "NamedGroup: secp521r1 ( 19 )" \
				2887	-c "Verifying peer X.509 certificate... ok" \
				2888	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2889
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2890	requires_openssl_tls1_3
				2891	requires_config_enabled MBEDTLS_DEBUG_C
				2892	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2893	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2894	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2895	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2896	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2897	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2898	0 \
				2899	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2900	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2901	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2902	-c "NamedGroup: x25519 ( 1d )" \
				2903	-c "Verifying peer X.509 certificate... ok" \
				2904	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2905
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2906	requires_gnutls_tls1_3
				2907	requires_gnutls_next_no_ticket
				2908	requires_gnutls_next_disable_tls13_compat
				2909	requires_config_enabled MBEDTLS_DEBUG_C
				2910	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2911	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2912	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2913	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2914	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2915	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2916	0 \
				2917	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2918	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2919	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2920	-c "NamedGroup: x25519 ( 1d )" \
				2921	-c "Verifying peer X.509 certificate... ok" \
				2922	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2923
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2924	requires_openssl_tls1_3
				2925	requires_config_enabled MBEDTLS_DEBUG_C
				2926	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2927	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2928	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2929	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2930	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2931	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2932	0 \
				2933	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2934	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2935	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2936	-c "NamedGroup: x448 ( 1e )" \
				2937	-c "Verifying peer X.509 certificate... ok" \
				2938	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2939
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2940	requires_gnutls_tls1_3
				2941	requires_gnutls_next_no_ticket
				2942	requires_gnutls_next_disable_tls13_compat
				2943	requires_config_enabled MBEDTLS_DEBUG_C
				2944	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2945	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2946	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2947	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2948	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2949	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2950	0 \
				2951	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2952	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2953	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2954	-c "NamedGroup: x448 ( 1e )" \
				2955	-c "Verifying peer X.509 certificate... ok" \
				2956	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2957
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2958	requires_openssl_tls1_3
				2959	requires_config_enabled MBEDTLS_DEBUG_C
				2960	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2961	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2962	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2963	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2964	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2965	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2966	0 \
				2967	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2968	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2969	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2970	-c "NamedGroup: secp256r1 ( 17 )" \
				2971	-c "Verifying peer X.509 certificate... ok" \
				2972	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2973
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2974	requires_gnutls_tls1_3
				2975	requires_gnutls_next_no_ticket
				2976	requires_gnutls_next_disable_tls13_compat
				2977	requires_config_enabled MBEDTLS_DEBUG_C
				2978	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2979	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2980	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2981	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2982	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2983	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2984	0 \
				2985	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2986	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2987	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	2988	-c "NamedGroup: secp256r1 ( 17 )" \
				2989	-c "Verifying peer X.509 certificate... ok" \
				2990	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2991
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2992	requires_openssl_tls1_3
				2993	requires_config_enabled MBEDTLS_DEBUG_C
				2994	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2995	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2996	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2997	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2998	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	2999	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3000	0 \
				3001	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3002	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3003	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3004	-c "NamedGroup: secp384r1 ( 18 )" \
				3005	-c "Verifying peer X.509 certificate... ok" \
				3006	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3007
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3008	requires_gnutls_tls1_3
				3009	requires_gnutls_next_no_ticket
				3010	requires_gnutls_next_disable_tls13_compat
				3011	requires_config_enabled MBEDTLS_DEBUG_C
				3012	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3013	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3014	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3015	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3016	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3017	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3018	0 \
				3019	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3020	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3021	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3022	-c "NamedGroup: secp384r1 ( 18 )" \
				3023	-c "Verifying peer X.509 certificate... ok" \
				3024	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3025
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3026	requires_openssl_tls1_3
				3027	requires_config_enabled MBEDTLS_DEBUG_C
				3028	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3029	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3030	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3031	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3032	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3033	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3034	0 \
				3035	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3036	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3037	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3038	-c "NamedGroup: secp521r1 ( 19 )" \
				3039	-c "Verifying peer X.509 certificate... ok" \
				3040	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3041
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3042	requires_gnutls_tls1_3
				3043	requires_gnutls_next_no_ticket
				3044	requires_gnutls_next_disable_tls13_compat
				3045	requires_config_enabled MBEDTLS_DEBUG_C
				3046	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3047	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3048	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3049	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3050	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3051	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3052	0 \
				3053	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3054	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3055	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3056	-c "NamedGroup: secp521r1 ( 19 )" \
				3057	-c "Verifying peer X.509 certificate... ok" \
				3058	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3059
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3060	requires_openssl_tls1_3
				3061	requires_config_enabled MBEDTLS_DEBUG_C
				3062	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3063	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3064	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3065	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3066	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3067	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3068	0 \
				3069	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3070	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3071	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3072	-c "NamedGroup: x25519 ( 1d )" \
				3073	-c "Verifying peer X.509 certificate... ok" \
				3074	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3075
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3076	requires_gnutls_tls1_3
				3077	requires_gnutls_next_no_ticket
				3078	requires_gnutls_next_disable_tls13_compat
				3079	requires_config_enabled MBEDTLS_DEBUG_C
				3080	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3081	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3082	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3083	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3084	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3085	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3086	0 \
				3087	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3088	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3089	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3090	-c "NamedGroup: x25519 ( 1d )" \
				3091	-c "Verifying peer X.509 certificate... ok" \
				3092	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3093
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3094	requires_openssl_tls1_3
				3095	requires_config_enabled MBEDTLS_DEBUG_C
				3096	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3097	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3098	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3099	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3100	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3101	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3102	0 \
				3103	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3104	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3105	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3106	-c "NamedGroup: x448 ( 1e )" \
				3107	-c "Verifying peer X.509 certificate... ok" \
				3108	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3109
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3110	requires_gnutls_tls1_3
				3111	requires_gnutls_next_no_ticket
				3112	requires_gnutls_next_disable_tls13_compat
				3113	requires_config_enabled MBEDTLS_DEBUG_C
				3114	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3115	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3116	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3117	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3118	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3119	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3120	0 \
				3121	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3122	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3123	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3124	-c "NamedGroup: x448 ( 1e )" \
				3125	-c "Verifying peer X.509 certificate... ok" \
				3126	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3127
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3128	requires_openssl_tls1_3
				3129	requires_config_enabled MBEDTLS_DEBUG_C
				3130	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3131	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3132	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3133	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3134	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3135	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3136	0 \
				3137	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3138	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3139	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3140	-c "NamedGroup: secp256r1 ( 17 )" \
				3141	-c "Verifying peer X.509 certificate... ok" \
				3142	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3143
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3144	requires_gnutls_tls1_3
				3145	requires_gnutls_next_no_ticket
				3146	requires_gnutls_next_disable_tls13_compat
				3147	requires_config_enabled MBEDTLS_DEBUG_C
				3148	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3149	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3150	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3151	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3152	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3153	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3154	0 \
				3155	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3156	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3157	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3158	-c "NamedGroup: secp256r1 ( 17 )" \
				3159	-c "Verifying peer X.509 certificate... ok" \
				3160	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3161
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3162	requires_openssl_tls1_3
				3163	requires_config_enabled MBEDTLS_DEBUG_C
				3164	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3165	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3166	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3167	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3168	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3169	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3170	0 \
				3171	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3172	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3173	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3174	-c "NamedGroup: secp384r1 ( 18 )" \
				3175	-c "Verifying peer X.509 certificate... ok" \
				3176	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3177
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3178	requires_gnutls_tls1_3
				3179	requires_gnutls_next_no_ticket
				3180	requires_gnutls_next_disable_tls13_compat
				3181	requires_config_enabled MBEDTLS_DEBUG_C
				3182	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3183	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3184	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3185	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3186	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3187	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3188	0 \
				3189	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3190	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3191	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3192	-c "NamedGroup: secp384r1 ( 18 )" \
				3193	-c "Verifying peer X.509 certificate... ok" \
				3194	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3195
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3196	requires_openssl_tls1_3
				3197	requires_config_enabled MBEDTLS_DEBUG_C
				3198	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3199	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3200	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3201	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3202	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3203	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3204	0 \
				3205	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3206	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3207	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3208	-c "NamedGroup: secp521r1 ( 19 )" \
				3209	-c "Verifying peer X.509 certificate... ok" \
				3210	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3211
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3212	requires_gnutls_tls1_3
				3213	requires_gnutls_next_no_ticket
				3214	requires_gnutls_next_disable_tls13_compat
				3215	requires_config_enabled MBEDTLS_DEBUG_C
				3216	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3217	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3218	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3219	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3220	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3221	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3222	0 \
				3223	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3224	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3225	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3226	-c "NamedGroup: secp521r1 ( 19 )" \
				3227	-c "Verifying peer X.509 certificate... ok" \
				3228	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3229
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3230	requires_openssl_tls1_3
				3231	requires_config_enabled MBEDTLS_DEBUG_C
				3232	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3233	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3234	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3235	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3236	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3237	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3238	0 \
				3239	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3240	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3241	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3242	-c "NamedGroup: x25519 ( 1d )" \
				3243	-c "Verifying peer X.509 certificate... ok" \
				3244	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3245
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3246	requires_gnutls_tls1_3
				3247	requires_gnutls_next_no_ticket
				3248	requires_gnutls_next_disable_tls13_compat
				3249	requires_config_enabled MBEDTLS_DEBUG_C
				3250	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3251	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3252	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3253	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3254	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3255	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3256	0 \
				3257	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3258	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3259	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3260	-c "NamedGroup: x25519 ( 1d )" \
				3261	-c "Verifying peer X.509 certificate... ok" \
				3262	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3263
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3264	requires_openssl_tls1_3
				3265	requires_config_enabled MBEDTLS_DEBUG_C
				3266	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3267	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3268	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3269	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3270	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3271	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3272	0 \
				3273	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3274	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3275	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3276	-c "NamedGroup: x448 ( 1e )" \
				3277	-c "Verifying peer X.509 certificate... ok" \
				3278	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3279
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3280	requires_gnutls_tls1_3
				3281	requires_gnutls_next_no_ticket
				3282	requires_gnutls_next_disable_tls13_compat
				3283	requires_config_enabled MBEDTLS_DEBUG_C
				3284	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3285	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3286	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3287	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3288	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3289	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3290	0 \
				3291	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3292	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3293	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3294	-c "NamedGroup: x448 ( 1e )" \
				3295	-c "Verifying peer X.509 certificate... ok" \
				3296	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3297
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3298	requires_openssl_tls1_3
				3299	requires_config_enabled MBEDTLS_DEBUG_C
				3300	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3301	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3302	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3303	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3304	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3305	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3306	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3307	0 \
				3308	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3309	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3310	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3311	-c "NamedGroup: secp256r1 ( 17 )" \
				3312	-c "Verifying peer X.509 certificate... ok" \
				3313	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3314
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3315	requires_gnutls_tls1_3
				3316	requires_gnutls_next_no_ticket
				3317	requires_gnutls_next_disable_tls13_compat
				3318	requires_config_enabled MBEDTLS_DEBUG_C
				3319	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3320	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3321	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3322	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3323	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3324	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3325	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3326	0 \
				3327	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3328	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3329	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3330	-c "NamedGroup: secp256r1 ( 17 )" \
				3331	-c "Verifying peer X.509 certificate... ok" \
				3332	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3333
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3334	requires_openssl_tls1_3
				3335	requires_config_enabled MBEDTLS_DEBUG_C
				3336	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3337	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3338	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3339	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3340	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3341	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3342	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3343	0 \
				3344	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3345	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3346	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3347	-c "NamedGroup: secp384r1 ( 18 )" \
				3348	-c "Verifying peer X.509 certificate... ok" \
				3349	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3350
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3351	requires_gnutls_tls1_3
				3352	requires_gnutls_next_no_ticket
				3353	requires_gnutls_next_disable_tls13_compat
				3354	requires_config_enabled MBEDTLS_DEBUG_C
				3355	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3356	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3357	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3358	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3359	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3360	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3361	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3362	0 \
				3363	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3364	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3365	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3366	-c "NamedGroup: secp384r1 ( 18 )" \
				3367	-c "Verifying peer X.509 certificate... ok" \
				3368	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3369
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3370	requires_openssl_tls1_3
				3371	requires_config_enabled MBEDTLS_DEBUG_C
				3372	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3373	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3374	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3375	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3376	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3377	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3378	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3379	0 \
				3380	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3381	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3382	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3383	-c "NamedGroup: secp521r1 ( 19 )" \
				3384	-c "Verifying peer X.509 certificate... ok" \
				3385	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3386
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3387	requires_gnutls_tls1_3
				3388	requires_gnutls_next_no_ticket
				3389	requires_gnutls_next_disable_tls13_compat
				3390	requires_config_enabled MBEDTLS_DEBUG_C
				3391	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3392	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3393	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3394	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3395	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3396	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3397	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3398	0 \
				3399	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3400	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3401	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3402	-c "NamedGroup: secp521r1 ( 19 )" \
				3403	-c "Verifying peer X.509 certificate... ok" \
				3404	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3405
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3406	requires_openssl_tls1_3
				3407	requires_config_enabled MBEDTLS_DEBUG_C
				3408	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3409	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3410	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3411	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3412	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3413	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3414	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3415	0 \
				3416	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3417	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3418	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3419	-c "NamedGroup: x25519 ( 1d )" \
				3420	-c "Verifying peer X.509 certificate... ok" \
				3421	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3422
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3423	requires_gnutls_tls1_3
				3424	requires_gnutls_next_no_ticket
				3425	requires_gnutls_next_disable_tls13_compat
				3426	requires_config_enabled MBEDTLS_DEBUG_C
				3427	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3428	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3429	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3430	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3431	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3432	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3433	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3434	0 \
				3435	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3436	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3437	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3438	-c "NamedGroup: x25519 ( 1d )" \
				3439	-c "Verifying peer X.509 certificate... ok" \
				3440	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3441
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3442	requires_openssl_tls1_3
				3443	requires_config_enabled MBEDTLS_DEBUG_C
				3444	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3445	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3446	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3447	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3448	run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3449	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3450	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3451	0 \
				3452	-c "HTTP/1.0 200 ok" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3453	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3454	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3455	-c "NamedGroup: x448 ( 1e )" \
				3456	-c "Verifying peer X.509 certificate... ok" \
				3457	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3458
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3459	requires_gnutls_tls1_3
				3460	requires_gnutls_next_no_ticket
				3461	requires_gnutls_next_disable_tls13_compat
				3462	requires_config_enabled MBEDTLS_DEBUG_C
				3463	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3464	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3465	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3466	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3467	run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3468	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Jerry Yu	52a6e7e	2021-12-06 18:24:46 +0800	[diff] [blame]	3469	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3470	0 \
				3471	-c "HTTP/1.0 200 OK" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3472	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3473	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame^]	3474	-c "NamedGroup: x448 ( 1e )" \
				3475	-c "Verifying peer X.509 certificate... ok" \
				3476	-C "received HelloRetryRequest message"