TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 981ec147448829de901b75d1756867506ee42a1a / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 4581bc5e30286d811a18b0e406245592a768be7f [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]6# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]7#
8
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]9# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]10# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]11
12requires_gnutls_tls1_3
13requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]14requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]15run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]16 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]17 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
18 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
19 localhost" \
20 0 \
21 -s "found psk key exchange modes extension" \
22 -s "found pre_shared_key extension" \
23 -s "Found PSK_EPHEMERAL KEX MODE" \
24 -s "Found PSK KEX MODE" \
25 -s "Pre shared key found" \
26 -S "No matched PSK or ticket" \
27 -s "key exchange mode: psk$" \
28 -S "key exchange mode: psk_ephemeral" \
29 -S "key exchange mode: ephemeral"
30
31requires_gnutls_tls1_3
32requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]33requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]34run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]35 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]36 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
37 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
38 localhost" \
39 1 \
40 -s "found psk key exchange modes extension" \
41 -s "found pre_shared_key extension" \
42 -s "Found PSK_EPHEMERAL KEX MODE" \
43 -s "Found PSK KEX MODE" \
44 -s "No matched PSK or ticket" \
45 -S "key exchange mode: psk$" \
46 -S "key exchange mode: psk_ephemeral" \
47 -S "key exchange mode: ephemeral"
48
49requires_gnutls_tls1_3
50requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]51requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]52run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]53 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]54 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
55 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
56 localhost" \
57 1 \
58 -s "found psk key exchange modes extension" \
59 -s "found pre_shared_key extension" \
60 -s "Found PSK_EPHEMERAL KEX MODE" \
61 -s "Found PSK KEX MODE" \
62 -s "Invalid binder." \
63 -S "key exchange mode: psk$" \
64 -S "key exchange mode: psk_ephemeral" \
65 -S "key exchange mode: ephemeral"
66
67requires_gnutls_tls1_3
68requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]69requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]70run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]71 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]72 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
73 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
74 localhost" \
75 0 \
76 -s "found psk key exchange modes extension" \
77 -s "found pre_shared_key extension" \
78 -S "Found PSK_EPHEMERAL KEX MODE" \
79 -s "Found PSK KEX MODE" \
80 -s "Pre shared key found" \
81 -S "No matched PSK or ticket" \
82 -s "key exchange mode: psk$" \
83 -S "key exchange mode: psk_ephemeral" \
84 -S "key exchange mode: ephemeral"
85
86requires_gnutls_tls1_3
87requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]88requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]89run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]90 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]91 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
92 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
93 localhost" \
94 1 \
95 -s "found psk key exchange modes extension" \
96 -s "found pre_shared_key extension" \
97 -S "Found PSK_EPHEMERAL KEX MODE" \
98 -s "Found PSK KEX MODE" \
99 -s "No matched PSK or ticket" \
100 -S "key exchange mode: psk$" \
101 -S "key exchange mode: psk_ephemeral" \
102 -S "key exchange mode: ephemeral"
103
104requires_gnutls_tls1_3
105requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]107run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]108 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]109 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
110 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
111 localhost" \
112 1 \
113 -s "found psk key exchange modes extension" \
114 -s "found pre_shared_key extension" \
115 -S "Found PSK_EPHEMERAL KEX MODE" \
116 -s "Found PSK KEX MODE" \
117 -s "Invalid binder." \
118 -S "key exchange mode: psk$" \
119 -S "key exchange mode: psk_ephemeral" \
120 -S "key exchange mode: ephemeral"
121
122requires_gnutls_tls1_3
123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]125run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]126 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]127 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
128 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
129 localhost" \
130 0 \
131 -s "found psk key exchange modes extension" \
132 -s "found pre_shared_key extension" \
133 -s "Found PSK_EPHEMERAL KEX MODE" \
134 -S "Found PSK KEX MODE" \
135 -s "Pre shared key found" \
136 -S "No matched PSK or ticket" \
137 -S "key exchange mode: psk$" \
138 -s "key exchange mode: psk_ephemeral" \
139 -S "key exchange mode: ephemeral"
140
141requires_gnutls_tls1_3
142requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]144run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]145 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]146 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
147 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
148 localhost" \
149 1 \
150 -s "found psk key exchange modes extension" \
151 -s "found pre_shared_key extension" \
152 -s "Found PSK_EPHEMERAL KEX MODE" \
153 -S "Found PSK KEX MODE" \
154 -s "No matched PSK or ticket" \
155 -S "key exchange mode: psk$" \
156 -S "key exchange mode: psk_ephemeral" \
157 -S "key exchange mode: ephemeral"
158
159requires_gnutls_tls1_3
160requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]162run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]163 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]164 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
165 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
166 localhost" \
167 1 \
168 -s "found psk key exchange modes extension" \
169 -s "found pre_shared_key extension" \
170 -s "Found PSK_EPHEMERAL KEX MODE" \
171 -S "Found PSK KEX MODE" \
172 -s "Invalid binder." \
173 -S "key exchange mode: psk$" \
174 -S "key exchange mode: psk_ephemeral" \
175 -S "key exchange mode: ephemeral"
176
177requires_gnutls_tls1_3
178requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]180run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]181 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]182 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
183 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
184 localhost" \
185 0 \
186 -s "found psk key exchange modes extension" \
187 -s "found pre_shared_key extension" \
188 -s "Found PSK_EPHEMERAL KEX MODE" \
189 -s "Found PSK KEX MODE" \
190 -s "Pre shared key found" \
191 -S "No matched PSK or ticket" \
192 -S "key exchange mode: psk$" \
193 -s "key exchange mode: psk_ephemeral" \
194 -S "key exchange mode: ephemeral"
195
196requires_gnutls_tls1_3
197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]199run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]200 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]201 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
202 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
203 localhost" \
204 1 \
205 -s "found psk key exchange modes extension" \
206 -s "found pre_shared_key extension" \
207 -s "Found PSK_EPHEMERAL KEX MODE" \
208 -s "Found PSK KEX MODE" \
209 -s "No matched PSK or ticket" \
210 -S "key exchange mode: psk$" \
211 -S "key exchange mode: psk_ephemeral" \
212 -S "key exchange mode: ephemeral"
213
214requires_gnutls_tls1_3
215requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]217run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]218 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]219 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
220 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
221 localhost" \
222 1 \
223 -s "found psk key exchange modes extension" \
224 -s "found pre_shared_key extension" \
225 -s "Found PSK_EPHEMERAL KEX MODE" \
226 -s "Found PSK KEX MODE" \
227 -s "Invalid binder." \
228 -S "key exchange mode: psk$" \
229 -S "key exchange mode: psk_ephemeral" \
230 -S "key exchange mode: ephemeral"
231
232requires_gnutls_tls1_3
233requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]234requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]235run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]236 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]237 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
238 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
239 localhost" \
240 1 \
241 -s "found psk key exchange modes extension" \
242 -s "found pre_shared_key extension" \
243 -S "Found PSK_EPHEMERAL KEX MODE" \
244 -s "Found PSK KEX MODE" \
245 -S "key exchange mode: psk$" \
246 -S "key exchange mode: psk_ephemeral" \
247 -S "key exchange mode: ephemeral"
248
249requires_gnutls_tls1_3
250requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]251requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]253run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]254 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]255 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
256 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
257 localhost" \
258 0 \
259 -s "found psk key exchange modes extension" \
260 -s "found pre_shared_key extension" \
261 -s "Found PSK_EPHEMERAL KEX MODE" \
262 -S "Found PSK KEX MODE" \
263 -s "Pre shared key found" \
264 -S "No matched PSK or ticket" \
265 -S "key exchange mode: psk$" \
266 -s "key exchange mode: psk_ephemeral" \
267 -S "key exchange mode: ephemeral"
268
269requires_gnutls_tls1_3
270requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]273run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]274 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]275 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
276 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
277 localhost" \
278 1 \
279 -s "found psk key exchange modes extension" \
280 -s "found pre_shared_key extension" \
281 -s "Found PSK_EPHEMERAL KEX MODE" \
282 -S "Found PSK KEX MODE" \
283 -s "No matched PSK or ticket" \
284 -S "key exchange mode: psk$" \
285 -S "key exchange mode: psk_ephemeral" \
286 -S "key exchange mode: ephemeral"
287
288requires_gnutls_tls1_3
289requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]292run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]293 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]294 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
295 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
296 localhost" \
297 1 \
298 -s "found psk key exchange modes extension" \
299 -s "found pre_shared_key extension" \
300 -s "Found PSK_EPHEMERAL KEX MODE" \
301 -S "Found PSK KEX MODE" \
302 -s "Invalid binder." \
303 -S "key exchange mode: psk$" \
304 -S "key exchange mode: psk_ephemeral" \
305 -S "key exchange mode: ephemeral"
306
307requires_gnutls_tls1_3
308requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]311run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]312 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]313 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
314 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
315 localhost" \
316 0 \
317 -s "found psk key exchange modes extension" \
318 -s "found pre_shared_key extension" \
319 -s "Found PSK_EPHEMERAL KEX MODE" \
320 -s "Found PSK KEX MODE" \
321 -s "Pre shared key found" \
322 -S "No matched PSK or ticket" \
323 -S "key exchange mode: psk$" \
324 -s "key exchange mode: psk_ephemeral" \
325 -S "key exchange mode: ephemeral"
326
327requires_gnutls_tls1_3
328requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]331run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]332 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]333 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
334 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
335 localhost" \
336 1 \
337 -s "found psk key exchange modes extension" \
338 -s "found pre_shared_key extension" \
339 -s "Found PSK_EPHEMERAL KEX MODE" \
340 -s "Found PSK KEX MODE" \
341 -s "No matched PSK or ticket" \
342 -S "key exchange mode: psk$" \
343 -S "key exchange mode: psk_ephemeral" \
344 -S "key exchange mode: ephemeral"
345
346requires_gnutls_tls1_3
347requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]350run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]351 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]352 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
353 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
354 localhost" \
355 1 \
356 -s "found psk key exchange modes extension" \
357 -s "found pre_shared_key extension" \
358 -s "Found PSK_EPHEMERAL KEX MODE" \
359 -s "Found PSK KEX MODE" \
360 -s "Invalid binder." \
361 -S "key exchange mode: psk$" \
362 -S "key exchange mode: psk_ephemeral" \
363 -S "key exchange mode: ephemeral"
364
365requires_gnutls_tls1_3
366requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]367requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]369run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]370 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]371 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
372 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
373 localhost" \
374 0 \
375 -s "found psk key exchange modes extension" \
376 -s "found pre_shared_key extension" \
377 -S "Found PSK_EPHEMERAL KEX MODE" \
378 -s "Found PSK KEX MODE" \
379 -s "Pre shared key found" \
380 -S "No matched PSK or ticket" \
381 -s "key exchange mode: psk$" \
382 -S "key exchange mode: psk_ephemeral" \
383 -S "key exchange mode: ephemeral"
384
385requires_gnutls_tls1_3
386requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]389run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]390 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]391 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
392 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
393 localhost" \
394 1 \
395 -s "found psk key exchange modes extension" \
396 -s "found pre_shared_key extension" \
397 -S "Found PSK_EPHEMERAL KEX MODE" \
398 -s "Found PSK KEX MODE" \
399 -s "No matched PSK or ticket" \
400 -S "key exchange mode: psk$" \
401 -S "key exchange mode: psk_ephemeral" \
402 -S "key exchange mode: ephemeral"
403
404requires_gnutls_tls1_3
405requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]408run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]409 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]410 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
411 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
412 localhost" \
413 1 \
414 -s "found psk key exchange modes extension" \
415 -s "found pre_shared_key extension" \
416 -S "Found PSK_EPHEMERAL KEX MODE" \
417 -s "Found PSK KEX MODE" \
418 -s "Invalid binder." \
419 -S "key exchange mode: psk$" \
420 -S "key exchange mode: psk_ephemeral" \
421 -S "key exchange mode: ephemeral"
422
423requires_gnutls_tls1_3
424requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]427run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]428 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]429 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
430 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
431 localhost" \
432 0 \
433 -s "found psk key exchange modes extension" \
434 -s "found pre_shared_key extension" \
435 -s "Found PSK_EPHEMERAL KEX MODE" \
436 -S "Found PSK KEX MODE" \
437 -s "Pre shared key found" \
438 -S "No matched PSK or ticket" \
439 -S "key exchange mode: psk$" \
440 -s "key exchange mode: psk_ephemeral" \
441 -S "key exchange mode: ephemeral"
442
443requires_gnutls_tls1_3
444requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]447run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]448 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]449 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
450 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
451 localhost" \
452 0 \
453 -s "found psk key exchange modes extension" \
454 -s "found pre_shared_key extension" \
455 -s "Found PSK_EPHEMERAL KEX MODE" \
456 -S "Found PSK KEX MODE" \
457 -s "No matched PSK or ticket" \
458 -S "key exchange mode: psk$" \
459 -S "key exchange mode: psk_ephemeral" \
460 -s "key exchange mode: ephemeral"
461
462requires_gnutls_tls1_3
463requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]466run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]467 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]468 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
469 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
470 localhost" \
471 1 \
472 -s "found psk key exchange modes extension" \
473 -s "found pre_shared_key extension" \
474 -s "Found PSK_EPHEMERAL KEX MODE" \
475 -S "Found PSK KEX MODE" \
476 -s "Invalid binder." \
477 -S "key exchange mode: psk$" \
478 -S "key exchange mode: psk_ephemeral" \
479 -S "key exchange mode: ephemeral"
480
481requires_gnutls_tls1_3
482requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]483requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]485run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]486 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]487 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
488 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
489 localhost" \
490 0 \
491 -s "found psk key exchange modes extension" \
492 -s "found pre_shared_key extension" \
493 -s "Found PSK_EPHEMERAL KEX MODE" \
494 -s "Found PSK KEX MODE" \
495 -s "Pre shared key found" \
496 -S "No matched PSK or ticket" \
497 -S "key exchange mode: psk$" \
498 -s "key exchange mode: psk_ephemeral" \
499 -S "key exchange mode: ephemeral"
500
501requires_gnutls_tls1_3
502requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]503requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
504requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]505run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]506 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]507 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
508 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
509 localhost" \
510 0 \
511 -s "found psk key exchange modes extension" \
512 -s "found pre_shared_key extension" \
513 -s "Found PSK_EPHEMERAL KEX MODE" \
514 -s "Found PSK KEX MODE" \
515 -s "No matched PSK or ticket" \
516 -S "key exchange mode: psk$" \
517 -S "key exchange mode: psk_ephemeral" \
518 -s "key exchange mode: ephemeral"
519
520requires_gnutls_tls1_3
521requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]522requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]524run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]525 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]526 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
527 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
528 localhost" \
529 1 \
530 -s "found psk key exchange modes extension" \
531 -s "found pre_shared_key extension" \
532 -s "Found PSK_EPHEMERAL KEX MODE" \
533 -s "Found PSK KEX MODE" \
534 -s "Invalid binder." \
535 -S "key exchange mode: psk$" \
536 -S "key exchange mode: psk_ephemeral" \
537 -S "key exchange mode: ephemeral"
538
539requires_gnutls_tls1_3
540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]543run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]544 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]545 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
546 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
547 localhost" \
548 0 \
549 -s "found psk key exchange modes extension" \
550 -s "found pre_shared_key extension" \
551 -S "Found PSK_EPHEMERAL KEX MODE" \
552 -s "Found PSK KEX MODE" \
Pengyu Lv59afe492023-11-01 14:50:44 +0800[diff] [blame]553 -S "Pre shared key found" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]554 -S "No matched PSK or ticket" \
555 -S "key exchange mode: psk$" \
556 -S "key exchange mode: psk_ephemeral" \
557 -s "key exchange mode: ephemeral"
558
559requires_gnutls_tls1_3
560requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]561requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
563requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]564run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]565 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]566 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
567 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
568 localhost" \
569 0 \
570 -s "found psk key exchange modes extension" \
571 -s "found pre_shared_key extension" \
572 -s "Found PSK_EPHEMERAL KEX MODE" \
573 -S "Found PSK KEX MODE" \
574 -s "Pre shared key found" \
575 -S "No matched PSK or ticket" \
576 -S "key exchange mode: psk$" \
577 -s "key exchange mode: psk_ephemeral" \
578 -S "key exchange mode: ephemeral"
579
580requires_gnutls_tls1_3
581requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]582requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]585run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]586 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]587 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
588 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
589 localhost" \
590 0 \
591 -s "found psk key exchange modes extension" \
592 -s "found pre_shared_key extension" \
593 -s "Found PSK_EPHEMERAL KEX MODE" \
594 -S "Found PSK KEX MODE" \
595 -s "No matched PSK or ticket" \
596 -S "key exchange mode: psk$" \
597 -S "key exchange mode: psk_ephemeral" \
598 -s "key exchange mode: ephemeral"
599
600requires_gnutls_tls1_3
601requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]605run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]606 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]607 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
608 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
609 localhost" \
610 1 \
611 -s "found psk key exchange modes extension" \
612 -s "found pre_shared_key extension" \
613 -s "Found PSK_EPHEMERAL KEX MODE" \
614 -S "Found PSK KEX MODE" \
615 -s "Invalid binder." \
616 -S "key exchange mode: psk$" \
617 -S "key exchange mode: psk_ephemeral" \
618 -S "key exchange mode: ephemeral"
619
620requires_gnutls_tls1_3
621requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
624requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]625run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]626 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]627 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
628 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
629 localhost" \
630 0 \
631 -s "found psk key exchange modes extension" \
632 -s "found pre_shared_key extension" \
633 -s "Found PSK_EPHEMERAL KEX MODE" \
634 -s "Found PSK KEX MODE" \
635 -s "Pre shared key found" \
636 -S "No matched PSK or ticket" \
637 -S "key exchange mode: psk$" \
638 -s "key exchange mode: psk_ephemeral" \
639 -S "key exchange mode: ephemeral"
640
641requires_gnutls_tls1_3
642requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]646run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]647 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]648 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
649 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
650 localhost" \
651 0 \
652 -s "found psk key exchange modes extension" \
653 -s "found pre_shared_key extension" \
654 -s "Found PSK_EPHEMERAL KEX MODE" \
655 -s "Found PSK KEX MODE" \
656 -s "No matched PSK or ticket" \
657 -S "key exchange mode: psk$" \
658 -S "key exchange mode: psk_ephemeral" \
659 -s "key exchange mode: ephemeral"
660
661requires_gnutls_tls1_3
662requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]663requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]666run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]667 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]668 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
669 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
670 localhost" \
671 1 \
672 -s "found psk key exchange modes extension" \
673 -s "found pre_shared_key extension" \
674 -s "Found PSK_EPHEMERAL KEX MODE" \
675 -s "Found PSK KEX MODE" \
676 -s "Invalid binder." \
677 -S "key exchange mode: psk$" \
678 -S "key exchange mode: psk_ephemeral" \
679 -S "key exchange mode: ephemeral"
680
681requires_gnutls_tls1_3
682requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]683requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]686run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]687 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]688 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
689 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
690 localhost" \
691 0 \
692 -s "found psk key exchange modes extension" \
693 -s "found pre_shared_key extension" \
694 -S "Found PSK_EPHEMERAL KEX MODE" \
695 -s "Found PSK KEX MODE" \
696 -s "Pre shared key found" \
697 -S "No matched PSK or ticket" \
698 -S "key exchange mode: psk$" \
699 -S "key exchange mode: psk_ephemeral" \
700 -s "key exchange mode: ephemeral"
701
702requires_gnutls_tls1_3
703requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]707run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]708 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]709 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
710 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
711 localhost" \
712 1 \
713 -s "found psk key exchange modes extension" \
714 -s "found pre_shared_key extension" \
715 -S "Found PSK_EPHEMERAL KEX MODE" \
716 -s "Found PSK KEX MODE" \
717 -s "Invalid binder." \
718 -S "key exchange mode: psk$" \
719 -S "key exchange mode: psk_ephemeral" \
720 -S "key exchange mode: ephemeral"
721
722requires_gnutls_tls1_3
723requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]724requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
725requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]726run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]727 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]728 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
729 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
730 localhost" \
731 0 \
732 -s "found psk key exchange modes extension" \
733 -s "found pre_shared_key extension" \
734 -s "Found PSK_EPHEMERAL KEX MODE" \
735 -S "Found PSK KEX MODE" \
Pengyu Lv59afe492023-11-01 14:50:44 +0800[diff] [blame]736 -S "Pre shared key found" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]737 -S "No matched PSK or ticket" \
738 -S "key exchange mode: psk$" \
739 -S "key exchange mode: psk_ephemeral" \
740 -s "key exchange mode: ephemeral"
741
742requires_gnutls_tls1_3
743requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]744requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
745requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]746run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]747 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]748 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
749 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
750 localhost" \
751 0 \
752 -s "found psk key exchange modes extension" \
753 -s "found pre_shared_key extension" \
754 -s "Found PSK_EPHEMERAL KEX MODE" \
755 -s "Found PSK KEX MODE" \
756 -s "Pre shared key found" \
757 -S "No matched PSK or ticket" \
758 -S "key exchange mode: psk$" \
759 -S "key exchange mode: psk_ephemeral" \
760 -s "key exchange mode: ephemeral"
761
762requires_gnutls_tls1_3
763requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]764requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
765requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]766run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]767 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]768 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
769 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
770 localhost" \
771 1 \
772 -s "found psk key exchange modes extension" \
773 -s "found pre_shared_key extension" \
774 -s "Found PSK_EPHEMERAL KEX MODE" \
775 -s "Found PSK KEX MODE" \
776 -s "Invalid binder." \
777 -S "key exchange mode: psk$" \
778 -S "key exchange mode: psk_ephemeral" \
779 -S "key exchange mode: ephemeral"
780
781requires_gnutls_tls1_3
782requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]783requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]785run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]786 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]787 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
788 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
789 localhost" \
790 0 \
791 -s "found psk key exchange modes extension" \
792 -s "found pre_shared_key extension" \
793 -S "Found PSK_EPHEMERAL KEX MODE" \
794 -s "Found PSK KEX MODE" \
795 -s "Pre shared key found" \
796 -S "No matched PSK or ticket" \
797 -S "key exchange mode: psk$" \
798 -S "key exchange mode: psk_ephemeral" \
799 -s "key exchange mode: ephemeral"
800
801requires_gnutls_tls1_3
802requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]803requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
804requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]805run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]806 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]807 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
808 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
809 localhost" \
810 1 \
811 -s "found psk key exchange modes extension" \
812 -s "found pre_shared_key extension" \
813 -S "Found PSK_EPHEMERAL KEX MODE" \
814 -s "Found PSK KEX MODE" \
815 -s "Invalid binder." \
816 -S "key exchange mode: psk$" \
817 -S "key exchange mode: psk_ephemeral" \
818 -S "key exchange mode: ephemeral"
819
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]820requires_gnutls_tls1_3
821requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]823requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]824run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]825 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]826 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
827 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
828 localhost" \
829 0 \
830 -s "write selected_group: secp256r1" \
831 -S "key exchange mode: psk$" \
832 -s "key exchange mode: psk_ephemeral" \
833 -S "key exchange mode: ephemeral"
834
835requires_gnutls_tls1_3
836requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]837requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]838requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]839run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]840 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]841 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
842 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
843 localhost" \
844 0 \
845 -s "write selected_group: secp384r1" \
846 -S "key exchange mode: psk$" \
847 -s "key exchange mode: psk_ephemeral" \
848 -S "key exchange mode: ephemeral"
849
850requires_gnutls_tls1_3
851requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]852requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]853requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]854run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]855 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]856 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
857 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
858 localhost" \
859 0 \
860 -s "write selected_group: secp521r1" \
861 -S "key exchange mode: psk$" \
862 -s "key exchange mode: psk_ephemeral" \
863 -S "key exchange mode: ephemeral"
864
865requires_gnutls_tls1_3
866requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]867requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]868requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]869run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]870 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]871 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
872 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
873 localhost" \
874 0 \
875 -s "write selected_group: x25519" \
876 -S "key exchange mode: psk$" \
877 -s "key exchange mode: psk_ephemeral" \
878 -S "key exchange mode: ephemeral"
879
880requires_gnutls_tls1_3
881requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]882requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]883requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]884run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]885 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]886 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
887 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
888 localhost" \
889 0 \
890 -s "write selected_group: x448" \
891 -S "key exchange mode: psk$" \
892 -s "key exchange mode: psk_ephemeral" \
893 -S "key exchange mode: ephemeral"
894
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]895requires_openssl_tls1_3
896requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]897requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]898run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]899 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]900 "$O_NEXT_CLI -tls1_3 -msg \
901 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
902 1 \
903 -s "found psk key exchange modes extension" \
904 -s "found pre_shared_key extension" \
905 -s "Found PSK_EPHEMERAL KEX MODE" \
906 -S "Found PSK KEX MODE" \
907 -S "key exchange mode: psk$" \
908 -S "key exchange mode: psk_ephemeral" \
909 -S "key exchange mode: ephemeral"
910
911requires_openssl_tls1_3
912requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]913requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]914run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]915 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]916 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
917 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
918 0 \
919 -s "found psk key exchange modes extension" \
920 -s "found pre_shared_key extension" \
921 -s "Found PSK_EPHEMERAL KEX MODE" \
922 -s "Found PSK KEX MODE" \
923 -s "Pre shared key found" \
924 -S "No matched PSK or ticket" \
925 -s "key exchange mode: psk$" \
926 -S "key exchange mode: psk_ephemeral" \
927 -S "key exchange mode: ephemeral"
928
929requires_openssl_tls1_3
930requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]932run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]933 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]934 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
935 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
936 1 \
937 -s "found psk key exchange modes extension" \
938 -s "found pre_shared_key extension" \
939 -s "Found PSK_EPHEMERAL KEX MODE" \
940 -s "Found PSK KEX MODE" \
941 -s "No matched PSK or ticket" \
942 -S "key exchange mode: psk$" \
943 -S "key exchange mode: psk_ephemeral" \
944 -S "key exchange mode: ephemeral"
945
946requires_openssl_tls1_3
947requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]949run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]950 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]951 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
952 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
953 1 \
954 -s "found psk key exchange modes extension" \
955 -s "found pre_shared_key extension" \
956 -s "Found PSK_EPHEMERAL KEX MODE" \
957 -s "Found PSK KEX MODE" \
958 -s "Invalid binder." \
959 -S "key exchange mode: psk$" \
960 -S "key exchange mode: psk_ephemeral" \
961 -S "key exchange mode: ephemeral"
962
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]963requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]964requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]965requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]966run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]967 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]968 "$O_NEXT_CLI -tls1_3 -msg \
969 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
970 0 \
971 -s "found psk key exchange modes extension" \
972 -s "found pre_shared_key extension" \
973 -s "Found PSK_EPHEMERAL KEX MODE" \
974 -S "Found PSK KEX MODE" \
975 -s "Pre shared key found" \
976 -S "No matched PSK or ticket" \
977 -S "key exchange mode: psk$" \
978 -s "key exchange mode: psk_ephemeral" \
979 -S "key exchange mode: ephemeral"
980
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]981requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]982requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]983requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]984run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]985 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]986 "$O_NEXT_CLI -tls1_3 -msg \
987 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
988 1 \
989 -s "found psk key exchange modes extension" \
990 -s "found pre_shared_key extension" \
991 -s "Found PSK_EPHEMERAL KEX MODE" \
992 -S "Found PSK KEX MODE" \
993 -s "No matched PSK or ticket" \
994 -S "key exchange mode: psk$" \
995 -S "key exchange mode: psk_ephemeral" \
996 -S "key exchange mode: ephemeral"
997
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]998requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]999requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1000requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1001run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1002 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1003 "$O_NEXT_CLI -tls1_3 -msg \
1004 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1005 1 \
1006 -s "found psk key exchange modes extension" \
1007 -s "found pre_shared_key extension" \
1008 -s "Found PSK_EPHEMERAL KEX MODE" \
1009 -S "Found PSK KEX MODE" \
1010 -s "Invalid binder." \
1011 -S "key exchange mode: psk$" \
1012 -S "key exchange mode: psk_ephemeral" \
1013 -S "key exchange mode: ephemeral"
1014
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1015requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1016requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1017requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1018run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1019 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1020 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1021 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1022 0 \
1023 -s "found psk key exchange modes extension" \
1024 -s "found pre_shared_key extension" \
1025 -s "Found PSK_EPHEMERAL KEX MODE" \
1026 -s "Found PSK KEX MODE" \
1027 -s "Pre shared key found" \
1028 -S "No matched PSK or ticket" \
1029 -S "key exchange mode: psk$" \
1030 -s "key exchange mode: psk_ephemeral" \
1031 -S "key exchange mode: ephemeral"
1032
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1033requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1034requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1035requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1036run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1037 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1038 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1039 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1040 1 \
1041 -s "found psk key exchange modes extension" \
1042 -s "found pre_shared_key extension" \
1043 -s "Found PSK_EPHEMERAL KEX MODE" \
1044 -s "Found PSK KEX MODE" \
1045 -s "No matched PSK or ticket" \
1046 -S "key exchange mode: psk$" \
1047 -S "key exchange mode: psk_ephemeral" \
1048 -S "key exchange mode: ephemeral"
1049
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1050requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1051requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1052requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1053run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1054 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1055 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1056 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1057 1 \
1058 -s "found psk key exchange modes extension" \
1059 -s "found pre_shared_key extension" \
1060 -s "Found PSK_EPHEMERAL KEX MODE" \
1061 -s "Found PSK KEX MODE" \
1062 -s "Invalid binder." \
1063 -S "key exchange mode: psk$" \
1064 -S "key exchange mode: psk_ephemeral" \
1065 -S "key exchange mode: ephemeral"
1066
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1067requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1068requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1069requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1070requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1071run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1072 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1073 "$O_NEXT_CLI -tls1_3 -msg \
1074 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1075 0 \
1076 -s "found psk key exchange modes extension" \
1077 -s "found pre_shared_key extension" \
1078 -s "Found PSK_EPHEMERAL KEX MODE" \
1079 -S "Found PSK KEX MODE" \
1080 -s "Pre shared key found" \
1081 -S "No matched PSK or ticket" \
1082 -S "key exchange mode: psk$" \
1083 -s "key exchange mode: psk_ephemeral" \
1084 -S "key exchange mode: ephemeral"
1085
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1086requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1087requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1088requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1089requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1090run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1091 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1092 "$O_NEXT_CLI -tls1_3 -msg \
1093 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1094 1 \
1095 -s "found psk key exchange modes extension" \
1096 -s "found pre_shared_key extension" \
1097 -s "Found PSK_EPHEMERAL KEX MODE" \
1098 -S "Found PSK KEX MODE" \
1099 -s "No matched PSK or ticket" \
1100 -S "key exchange mode: psk$" \
1101 -S "key exchange mode: psk_ephemeral" \
1102 -S "key exchange mode: ephemeral"
1103
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1104requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1105requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1107requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1108run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1109 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1110 "$O_NEXT_CLI -tls1_3 -msg \
1111 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1112 1 \
1113 -s "found psk key exchange modes extension" \
1114 -s "found pre_shared_key extension" \
1115 -s "Found PSK_EPHEMERAL KEX MODE" \
1116 -S "Found PSK KEX MODE" \
1117 -s "Invalid binder." \
1118 -S "key exchange mode: psk$" \
1119 -S "key exchange mode: psk_ephemeral" \
1120 -S "key exchange mode: ephemeral"
1121
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1122requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1125requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1126run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1127 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1128 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1129 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1130 0 \
1131 -s "found psk key exchange modes extension" \
1132 -s "found pre_shared_key extension" \
1133 -s "Found PSK_EPHEMERAL KEX MODE" \
1134 -s "Found PSK KEX MODE" \
1135 -s "Pre shared key found" \
1136 -S "No matched PSK or ticket" \
1137 -S "key exchange mode: psk$" \
1138 -s "key exchange mode: psk_ephemeral" \
1139 -S "key exchange mode: ephemeral"
1140
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1141requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1142requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1145run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1146 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1147 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1148 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1149 1 \
1150 -s "found psk key exchange modes extension" \
1151 -s "found pre_shared_key extension" \
1152 -s "Found PSK_EPHEMERAL KEX MODE" \
1153 -s "Found PSK KEX MODE" \
1154 -s "No matched PSK or ticket" \
1155 -S "key exchange mode: psk$" \
1156 -S "key exchange mode: psk_ephemeral" \
1157 -S "key exchange mode: ephemeral"
1158
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1159requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1160requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1162requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1163run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1164 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1165 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1166 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1167 1 \
1168 -s "found psk key exchange modes extension" \
1169 -s "found pre_shared_key extension" \
1170 -s "Found PSK_EPHEMERAL KEX MODE" \
1171 -s "Found PSK KEX MODE" \
1172 -s "Invalid binder." \
1173 -S "key exchange mode: psk$" \
1174 -S "key exchange mode: psk_ephemeral" \
1175 -S "key exchange mode: ephemeral"
1176
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1177requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1178requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1180requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1181run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1182 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1183 "$O_NEXT_CLI -tls1_3 -msg \
1184 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1185 0 \
1186 -s "found psk key exchange modes extension" \
1187 -s "found pre_shared_key extension" \
1188 -s "Found PSK_EPHEMERAL KEX MODE" \
1189 -S "Found PSK KEX MODE" \
1190 -s "Pre shared key found" \
1191 -S "No matched PSK or ticket" \
1192 -S "key exchange mode: psk$" \
1193 -s "key exchange mode: psk_ephemeral" \
1194 -S "key exchange mode: ephemeral"
1195
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1196requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1199requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1200run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1201 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1202 "$O_NEXT_CLI -tls1_3 -msg \
1203 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1204 0 \
1205 -s "found psk key exchange modes extension" \
1206 -s "found pre_shared_key extension" \
1207 -s "Found PSK_EPHEMERAL KEX MODE" \
1208 -S "Found PSK KEX MODE" \
1209 -s "No matched PSK or ticket" \
1210 -S "key exchange mode: psk$" \
1211 -S "key exchange mode: psk_ephemeral" \
1212 -s "key exchange mode: ephemeral"
1213
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1214requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1215requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1217requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1218run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1219 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1220 "$O_NEXT_CLI -tls1_3 -msg \
1221 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1222 1 \
1223 -s "found psk key exchange modes extension" \
1224 -s "found pre_shared_key extension" \
1225 -s "Found PSK_EPHEMERAL KEX MODE" \
1226 -S "Found PSK KEX MODE" \
1227 -s "Invalid binder." \
1228 -S "key exchange mode: psk$" \
1229 -S "key exchange mode: psk_ephemeral" \
1230 -S "key exchange mode: ephemeral"
1231
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1232requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1233requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1234requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1235requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1236run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1237 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1238 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1239 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1240 0 \
1241 -s "found psk key exchange modes extension" \
1242 -s "found pre_shared_key extension" \
1243 -s "Found PSK_EPHEMERAL KEX MODE" \
1244 -s "Found PSK KEX MODE" \
1245 -s "Pre shared key found" \
1246 -S "No matched PSK or ticket" \
1247 -S "key exchange mode: psk$" \
1248 -s "key exchange mode: psk_ephemeral" \
1249 -S "key exchange mode: ephemeral"
1250
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1251requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1252requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1254requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1255run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1256 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1257 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1258 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1259 0 \
1260 -s "found psk key exchange modes extension" \
1261 -s "found pre_shared_key extension" \
1262 -s "Found PSK_EPHEMERAL KEX MODE" \
1263 -s "Found PSK KEX MODE" \
1264 -s "No matched PSK or ticket" \
1265 -S "key exchange mode: psk$" \
1266 -S "key exchange mode: psk_ephemeral" \
1267 -s "key exchange mode: ephemeral"
1268
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1269requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1270requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1273run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1274 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1275 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1276 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1277 1 \
1278 -s "found psk key exchange modes extension" \
1279 -s "found pre_shared_key extension" \
1280 -s "Found PSK_EPHEMERAL KEX MODE" \
1281 -s "Found PSK KEX MODE" \
1282 -s "Invalid binder." \
1283 -S "key exchange mode: psk$" \
1284 -S "key exchange mode: psk_ephemeral" \
1285 -S "key exchange mode: ephemeral"
1286
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1287requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1288requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1289requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1292run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1293 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1294 "$O_NEXT_CLI -tls1_3 -msg \
1295 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1296 0 \
1297 -s "found psk key exchange modes extension" \
1298 -s "found pre_shared_key extension" \
1299 -s "Found PSK_EPHEMERAL KEX MODE" \
1300 -S "Found PSK KEX MODE" \
1301 -s "Pre shared key found" \
1302 -S "No matched PSK or ticket" \
1303 -S "key exchange mode: psk$" \
1304 -s "key exchange mode: psk_ephemeral" \
1305 -S "key exchange mode: ephemeral"
1306
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1307requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1308requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1312run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1313 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1314 "$O_NEXT_CLI -tls1_3 -msg \
1315 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1316 0 \
1317 -s "found psk key exchange modes extension" \
1318 -s "found pre_shared_key extension" \
1319 -s "Found PSK_EPHEMERAL KEX MODE" \
1320 -S "Found PSK KEX MODE" \
1321 -s "No matched PSK or ticket" \
1322 -S "key exchange mode: psk$" \
1323 -S "key exchange mode: psk_ephemeral" \
1324 -s "key exchange mode: ephemeral"
1325
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1326requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1327requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1331run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1332 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1333 "$O_NEXT_CLI -tls1_3 -msg \
1334 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1335 1 \
1336 -s "found psk key exchange modes extension" \
1337 -s "found pre_shared_key extension" \
1338 -s "Found PSK_EPHEMERAL KEX MODE" \
1339 -S "Found PSK KEX MODE" \
1340 -s "Invalid binder." \
1341 -S "key exchange mode: psk$" \
1342 -S "key exchange mode: psk_ephemeral" \
1343 -S "key exchange mode: ephemeral"
1344
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1345requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1346requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1350run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1351 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1352 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1353 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1354 0 \
1355 -s "found psk key exchange modes extension" \
1356 -s "found pre_shared_key extension" \
1357 -s "Found PSK_EPHEMERAL KEX MODE" \
1358 -s "Found PSK KEX MODE" \
1359 -s "Pre shared key found" \
1360 -S "No matched PSK or ticket" \
1361 -S "key exchange mode: psk$" \
1362 -s "key exchange mode: psk_ephemeral" \
1363 -S "key exchange mode: ephemeral"
1364
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1365requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1366requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1367requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1370run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1371 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1372 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1373 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1374 0 \
1375 -s "found psk key exchange modes extension" \
1376 -s "found pre_shared_key extension" \
1377 -s "Found PSK_EPHEMERAL KEX MODE" \
1378 -s "Found PSK KEX MODE" \
1379 -s "No matched PSK or ticket" \
1380 -S "key exchange mode: psk$" \
1381 -S "key exchange mode: psk_ephemeral" \
1382 -s "key exchange mode: ephemeral"
1383
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1384requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1385requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1386requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1389run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1390 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1391 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1392 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1393 1 \
1394 -s "found psk key exchange modes extension" \
1395 -s "found pre_shared_key extension" \
1396 -s "Found PSK_EPHEMERAL KEX MODE" \
1397 -s "Found PSK KEX MODE" \
1398 -s "Invalid binder." \
1399 -S "key exchange mode: psk$" \
1400 -S "key exchange mode: psk_ephemeral" \
1401 -S "key exchange mode: ephemeral"
1402
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1403requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1404requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1405requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1407run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1408 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1409 "$O_NEXT_CLI -tls1_3 -msg \
1410 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1411 0 \
1412 -s "found psk key exchange modes extension" \
1413 -s "found pre_shared_key extension" \
1414 -s "Found PSK_EPHEMERAL KEX MODE" \
1415 -S "Found PSK KEX MODE" \
Pengyu Lv59afe492023-11-01 14:50:44 +0800[diff] [blame]1416 -S "Pre shared key found" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1417 -S "No matched PSK or ticket" \
1418 -S "key exchange mode: psk$" \
1419 -S "key exchange mode: psk_ephemeral" \
1420 -s "key exchange mode: ephemeral"
1421
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1422requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1423requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1424requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1426run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1427 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1428 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1429 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1430 0 \
1431 -s "found psk key exchange modes extension" \
1432 -s "found pre_shared_key extension" \
1433 -s "Found PSK_EPHEMERAL KEX MODE" \
1434 -s "Found PSK KEX MODE" \
1435 -s "Pre shared key found" \
1436 -S "No matched PSK or ticket" \
1437 -S "key exchange mode: psk$" \
1438 -S "key exchange mode: psk_ephemeral" \
1439 -s "key exchange mode: ephemeral"
1440
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1441requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1442requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1443requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1444requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1445run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1446 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1447 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1448 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1449 1 \
1450 -s "found psk key exchange modes extension" \
1451 -s "found pre_shared_key extension" \
1452 -s "Found PSK_EPHEMERAL KEX MODE" \
1453 -s "Found PSK KEX MODE" \
1454 -s "Invalid binder." \
1455 -S "key exchange mode: psk$" \
1456 -S "key exchange mode: psk_ephemeral" \
1457 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1458
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1459requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1460requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1461requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1462run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1463 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1464 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1465 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1466 0 \
1467 -s "write selected_group: secp256r1" \
1468 -S "key exchange mode: psk$" \
1469 -s "key exchange mode: psk_ephemeral" \
1470 -S "key exchange mode: ephemeral"
1471
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1472requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1473requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1474requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1475run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1476 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1477 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1478 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1479 0 \
1480 -s "write selected_group: secp384r1" \
1481 -S "key exchange mode: psk$" \
1482 -s "key exchange mode: psk_ephemeral" \
1483 -S "key exchange mode: ephemeral"
1484
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1485requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1486requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1487requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1488run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1489 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1490 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1491 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1492 0 \
1493 -s "write selected_group: secp521r1" \
1494 -S "key exchange mode: psk$" \
1495 -s "key exchange mode: psk_ephemeral" \
1496 -S "key exchange mode: ephemeral"
1497
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1498requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1499requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1500requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1501run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1502 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1503 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1504 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1505 0 \
1506 -s "write selected_group: x25519" \
1507 -S "key exchange mode: psk$" \
1508 -s "key exchange mode: psk_ephemeral" \
1509 -S "key exchange mode: ephemeral"
1510
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1511requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1512requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1513requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1514run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1515 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1516 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1517 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1518 0 \
1519 -s "write selected_group: x448" \
1520 -S "key exchange mode: psk$" \
1521 -s "key exchange mode: psk_ephemeral" \
1522 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1523
1524requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1525requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1526requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1527run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1528 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1529 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1530 0 \
1531 -s "write selected_group: secp384r1" \
1532 -s "HRR selected_group: secp384r1" \
1533 -S "key exchange mode: psk$" \
1534 -s "key exchange mode: psk_ephemeral" \
1535 -S "key exchange mode: ephemeral"
1536
1537requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1538requires_gnutls_tls1_3
1539requires_gnutls_next_no_ticket
1540requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]1542requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1543run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1544 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1545 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1546 0 \
1547 -s "write selected_group: secp384r1" \
1548 -s "HRR selected_group: secp384r1" \
1549 -S "key exchange mode: psk$" \
1550 -s "key exchange mode: psk_ephemeral" \
1551 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1552
1553
1554# Add psk test cases for mbedtls client code
1555
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1556# MbedTls->MbedTLS kinds of tls13_kex_modes
1557# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1558requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1559requires_config_enabled MBEDTLS_SSL_SRV_C
1560requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1561requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1562run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1563 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1564 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1565 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1566 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1567 -c "client hello, adding psk_key_exchange_modes extension" \
1568 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1569 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1570 -c "HTTP/1.0 200 OK"
1571
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1572requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1573requires_config_enabled MBEDTLS_SSL_SRV_C
1574requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1576run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1577 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1578 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1579 1 \
1580 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1581 -c "client hello, adding psk_key_exchange_modes extension" \
1582 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1583 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1584
1585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1586requires_config_enabled MBEDTLS_SSL_SRV_C
1587requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1588requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1589run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1590 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1591 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1592 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1593 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1594 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1595 -c "client hello, adding PSK binder list" \
1596 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1597
1598requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1599requires_config_enabled MBEDTLS_SSL_SRV_C
1600requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1601requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1603run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1604 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1605 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1606 1 \
1607 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1608 -c "client hello, adding psk_key_exchange_modes extension" \
1609 -c "client hello, adding PSK binder list" \
1610 -s "ClientHello message misses mandatory extensions."
1611
1612requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1613requires_config_enabled MBEDTLS_SSL_SRV_C
1614requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1616requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1617run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1618 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1619 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1620 1 \
1621 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1622 -c "client hello, adding psk_key_exchange_modes extension" \
1623 -c "client hello, adding PSK binder list" \
1624 -s "ClientHello message misses mandatory extensions."
1625
1626requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1627requires_config_enabled MBEDTLS_SSL_SRV_C
1628requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1629requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1630requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1631requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1632run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1633 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1634 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1635 1 \
1636 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1637 -c "client hello, adding psk_key_exchange_modes extension" \
1638 -c "client hello, adding PSK binder list" \
1639 -s "ClientHello message misses mandatory extensions."
1640
1641requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1642requires_config_enabled MBEDTLS_SSL_SRV_C
1643requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1646run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1647 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1648 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1649 0 \
1650 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1651 -c "client hello, adding psk_key_exchange_modes extension" \
1652 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1653 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1654 -c "HTTP/1.0 200 OK"
1655
1656requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1657requires_config_enabled MBEDTLS_SSL_SRV_C
1658requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1659requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1660requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1661run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1662 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1663 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1664 1 \
1665 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1666 -c "client hello, adding psk_key_exchange_modes extension" \
1667 -c "client hello, adding PSK binder list" \
1668 -s "No matched PSK or ticket" \
1669 -s "ClientHello message misses mandatory extensions."
1670
1671requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1672requires_config_enabled MBEDTLS_SSL_SRV_C
1673requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1674requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1675requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1676run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1677 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1678 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1679 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1680 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1681 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1682 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1683 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1684
1685requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1686requires_config_enabled MBEDTLS_SSL_SRV_C
1687requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1689requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1690requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1691run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1692 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1693 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1694 0 \
1695 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1696 -c "client hello, adding psk_key_exchange_modes extension" \
1697 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1698 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1699 -c "HTTP/1.0 200 OK"
1700
1701requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1702requires_config_enabled MBEDTLS_SSL_SRV_C
1703requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1707run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1708 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1709 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1710 1 \
1711 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1712 -c "client hello, adding psk_key_exchange_modes extension" \
1713 -c "client hello, adding PSK binder list" \
1714 -s "No matched PSK or ticket" \
1715 -s "ClientHello message misses mandatory extensions."
1716
1717requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1718requires_config_enabled MBEDTLS_SSL_SRV_C
1719requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1720requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1721requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1722requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1723run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1724 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1725 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1726 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1727 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1728 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1729 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1730 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1731
1732# psk_ephemeral mode in client
1733requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1734requires_config_enabled MBEDTLS_SSL_SRV_C
1735requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1737requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1738run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1739 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1740 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1741 1 \
1742 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1743 -c "client hello, adding psk_key_exchange_modes extension" \
1744 -c "client hello, adding PSK binder list" \
1745 -s "ClientHello message misses mandatory extensions."
1746
1747requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1748requires_config_enabled MBEDTLS_SSL_SRV_C
1749requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1750requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1751run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1752 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1753 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1754 0 \
1755 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1756 -c "client hello, adding psk_key_exchange_modes extension" \
1757 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1758 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1759 -c "HTTP/1.0 200 OK"
1760
1761requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1762requires_config_enabled MBEDTLS_SSL_SRV_C
1763requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1764requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1765run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1766 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1767 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1768 1 \
1769 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1770 -c "client hello, adding psk_key_exchange_modes extension" \
1771 -c "client hello, adding PSK binder list" \
1772 -s "No matched PSK or ticket" \
1773 -s "ClientHello message misses mandatory extensions."
1774
1775requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1776requires_config_enabled MBEDTLS_SSL_SRV_C
1777requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1778requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1779run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1780 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1781 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1782 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1783 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1784 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1785 -c "client hello, adding PSK binder list" \
1786 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1787
1788requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1789requires_config_enabled MBEDTLS_SSL_SRV_C
1790requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1791requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1792requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1793requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1794run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1795 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1796 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1797 1 \
1798 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1799 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1800 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1801
1802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1803requires_config_enabled MBEDTLS_SSL_SRV_C
1804requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1807run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1808 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1809 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1810 0 \
1811 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1812 -c "client hello, adding psk_key_exchange_modes extension" \
1813 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1814 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1815 -c "HTTP/1.0 200 OK"
1816
1817requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1818requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1819requires_config_enabled MBEDTLS_SSL_SRV_C
1820requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1821requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1823run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1824 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1825 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1826 1 \
1827 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1828 -c "client hello, adding psk_key_exchange_modes extension" \
1829 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1830 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1831
1832requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1833requires_config_enabled MBEDTLS_SSL_SRV_C
1834requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1835requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1836requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1837run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1838 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1839 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1840 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1841 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1842 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1843 -c "client hello, adding PSK binder list" \
1844 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1845
1846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1847requires_config_enabled MBEDTLS_SSL_SRV_C
1848requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1849requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1850requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1851run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1852 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1853 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1854 0 \
1855 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1856 -c "client hello, adding psk_key_exchange_modes extension" \
1857 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1858 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1859 -c "HTTP/1.0 200 OK"
1860
1861requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1862requires_config_enabled MBEDTLS_SSL_SRV_C
1863requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1864requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1865requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1866run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1867 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1868 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1869 1 \
1870 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1871 -c "client hello, adding psk_key_exchange_modes extension" \
1872 -c "client hello, adding PSK binder list" \
1873 -s "No matched PSK or ticket" \
1874 -s "ClientHello message misses mandatory extensions."
1875
1876requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1877requires_config_enabled MBEDTLS_SSL_SRV_C
1878requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1879requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1880requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1881run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1882 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1883 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1884 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1885 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1886 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1887 -c "client hello, adding PSK binder list" \
1888 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1889
1890requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1891requires_config_enabled MBEDTLS_SSL_SRV_C
1892requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1893requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1894requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1895requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1896run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1897 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1898 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1899 0 \
1900 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1901 -c "client hello, adding psk_key_exchange_modes extension" \
1902 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1903 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1904 -c "HTTP/1.0 200 OK"
1905
1906requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1907requires_config_enabled MBEDTLS_SSL_SRV_C
1908requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1910requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1911requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1912run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1913 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1914 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1915 1 \
1916 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1917 -c "client hello, adding psk_key_exchange_modes extension" \
1918 -c "client hello, adding PSK binder list" \
1919 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1920
1921requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1922requires_config_enabled MBEDTLS_SSL_SRV_C
1923requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1924requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1926requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1927run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1928 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1929 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1930 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1931 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1932 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1933 -c "client hello, adding PSK binder list" \
1934 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1935
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1936# ephemeral mode in client
1937requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1938requires_config_enabled MBEDTLS_SSL_SRV_C
1939requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1940requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1941requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1942run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1943 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1944 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1945 1 \
1946 -s "ClientHello message misses mandatory extensions."
1947
1948requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1949requires_config_enabled MBEDTLS_SSL_SRV_C
1950requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1951requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1952requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1953run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1954 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1955 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1956 1 \
1957 -s "ClientHello message misses mandatory extensions."
1958
1959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1960requires_config_enabled MBEDTLS_SSL_SRV_C
1961requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1962requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1963run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1964 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1965 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1966 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1967 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1968 -c "HTTP/1.0 200 OK"
1969
1970requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1971requires_config_enabled MBEDTLS_SSL_SRV_C
1972requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1973requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1974requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1975run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1976 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1977 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1978 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1979 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1980 -c "HTTP/1.0 200 OK"
1981
1982requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1983requires_config_enabled MBEDTLS_SSL_SRV_C
1984requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1985requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1986requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1987requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1988run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1989 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1990 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1991 1 \
1992 -s "ClientHello message misses mandatory extensions."
1993
1994requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1995requires_config_enabled MBEDTLS_SSL_SRV_C
1996requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1997requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1998requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1999requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2000run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2001 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2002 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2003 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2004 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2005 -c "HTTP/1.0 200 OK"
2006
2007# ephemeral_all mode in client
2008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2009requires_config_enabled MBEDTLS_SSL_SRV_C
2010requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2011requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2012requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2013requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2014run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2015 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2016 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2017 1 \
2018 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2019 -c "client hello, adding psk_key_exchange_modes extension" \
2020 -c "client hello, adding PSK binder list" \
2021 -s "ClientHello message misses mandatory extensions."
2022
2023requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2024requires_config_enabled MBEDTLS_SSL_SRV_C
2025requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2026requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2027requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2028run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2029 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2030 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2031 0 \
2032 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2033 -c "client hello, adding psk_key_exchange_modes extension" \
2034 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2035 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2036 -c "HTTP/1.0 200 OK"
2037
2038requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2039requires_config_enabled MBEDTLS_SSL_SRV_C
2040requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2041requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2042requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2043run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2044 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2045 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2046 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2047 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2048 -c "client hello, adding psk_key_exchange_modes extension" \
2049 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2050 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2051
2052requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2053requires_config_enabled MBEDTLS_SSL_SRV_C
2054requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2055requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2056requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2057run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2058 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2059 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2060 1 \
2061 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2062 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2063 -c "client hello, adding PSK binder list" \
2064 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2065
2066requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2067requires_config_enabled MBEDTLS_SSL_SRV_C
2068requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2069requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2070requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2071run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2072 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2073 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2074 0 \
2075 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2076 -c "client hello, adding psk_key_exchange_modes extension" \
2077 -c "client hello, adding PSK binder list" \
2078 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2079 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2080 -c "HTTP/1.0 200 OK"
2081
2082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2083requires_config_enabled MBEDTLS_SSL_SRV_C
2084requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2085requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2086requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2087run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2088 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2089 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2090 0 \
2091 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2092 -c "client hello, adding psk_key_exchange_modes extension" \
2093 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2094 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2095 -c "HTTP/1.0 200 OK"
2096
2097requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2098requires_config_enabled MBEDTLS_SSL_SRV_C
2099requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2102run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2103 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2104 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2105 0 \
2106 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2107 -c "client hello, adding psk_key_exchange_modes extension" \
2108 -c "client hello, adding PSK binder list" \
2109 -s "No matched PSK or ticket" \
2110 -s "key exchange mode: ephemeral"
2111
2112requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2113requires_config_enabled MBEDTLS_SSL_SRV_C
2114requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2115requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2116requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2117run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2118 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2119 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2120 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2121 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2122 -c "client hello, adding psk_key_exchange_modes extension" \
2123 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2124 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2125
2126requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2127requires_config_enabled MBEDTLS_SSL_SRV_C
2128requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2129requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2130requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2131requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2132run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2133 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2134 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2135 0 \
2136 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2137 -c "client hello, adding psk_key_exchange_modes extension" \
2138 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2139 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2140 -c "HTTP/1.0 200 OK"
2141
2142requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2143requires_config_enabled MBEDTLS_SSL_SRV_C
2144requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2147requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2148run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2149 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2150 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2151 1 \
2152 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2153 -c "client hello, adding psk_key_exchange_modes extension" \
2154 -c "client hello, adding PSK binder list" \
2155 -s "No matched PSK or ticket" \
2156 -s "ClientHello message misses mandatory extensions."
2157
2158requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2159requires_config_enabled MBEDTLS_SSL_SRV_C
2160requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2162requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2163requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2164run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2165 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2166 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2167 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2168 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2169 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2170 -c "client hello, adding PSK binder list" \
2171 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2172
2173requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2174requires_config_enabled MBEDTLS_SSL_SRV_C
2175requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2176requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2178requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2179run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2180 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2181 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2182 0 \
2183 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2184 -c "client hello, adding psk_key_exchange_modes extension" \
2185 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2186 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2187 -c "HTTP/1.0 200 OK"
2188
2189requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2190requires_config_enabled MBEDTLS_SSL_SRV_C
2191requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2192requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2193requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2194requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2195run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2196 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2197 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2198 0 \
2199 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2200 -c "client hello, adding psk_key_exchange_modes extension" \
2201 -c "client hello, adding PSK binder list" \
2202 -s "No matched PSK or ticket" \
2203 -s "key exchange mode: ephemeral"
2204
2205requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2206requires_config_enabled MBEDTLS_SSL_SRV_C
2207requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2208requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2209requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2211run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2212 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2213 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2214 1 \
2215 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2216 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2217 -c "client hello, adding PSK binder list" \
2218 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2219
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2220# psk_all mode in client
2221requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2222requires_config_enabled MBEDTLS_SSL_SRV_C
2223requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2225requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2226run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2227 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2228 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2229 0 \
2230 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2231 -c "client hello, adding psk_key_exchange_modes extension" \
2232 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2233 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2234 -c "HTTP/1.0 200 OK"
2235
2236requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2237requires_config_enabled MBEDTLS_SSL_SRV_C
2238requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2239requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2240requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2241run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2242 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2243 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2244 1 \
2245 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2246 -c "client hello, adding psk_key_exchange_modes extension" \
2247 -c "client hello, adding PSK binder list" \
2248 -s "ClientHello message misses mandatory extensions."
2249
2250requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2251requires_config_enabled MBEDTLS_SSL_SRV_C
2252requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2254requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2255run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2256 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2257 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2258 1 \
2259 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2260 -c "client hello, adding psk_key_exchange_modes extension" \
2261 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2262 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2263
2264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2265requires_config_enabled MBEDTLS_SSL_SRV_C
2266requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2267requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2269run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2270 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2271 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2272 0 \
2273 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2274 -c "client hello, adding psk_key_exchange_modes extension" \
2275 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2276 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2277 -c "HTTP/1.0 200 OK"
2278
2279requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2280requires_config_enabled MBEDTLS_SSL_SRV_C
2281requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2282requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2284run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2285 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2286 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2287 1 \
2288 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2289 -c "client hello, adding psk_key_exchange_modes extension" \
2290 -c "client hello, adding PSK binder list" \
2291 -s "No matched PSK or ticket" \
2292 -s "ClientHello message misses mandatory extensions."
2293
2294requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2295requires_config_enabled MBEDTLS_SSL_SRV_C
2296requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2297requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2298requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2299run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2300 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2301 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2302 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2303 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2304 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2305 -c "client hello, adding PSK binder list" \
2306 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2307
2308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2309requires_config_enabled MBEDTLS_SSL_SRV_C
2310requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2314run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2315 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2316 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2317 1 \
2318 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2319 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2320 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2321
2322requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2323requires_config_enabled MBEDTLS_SSL_SRV_C
2324requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2325requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2326requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2328run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2329 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2330 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2331 0 \
2332 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2333 -c "client hello, adding psk_key_exchange_modes extension" \
2334 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2335 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2336 -c "HTTP/1.0 200 OK"
2337
2338requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2339requires_config_enabled MBEDTLS_SSL_SRV_C
2340requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2343requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2344run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2345 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2346 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2347 1 \
2348 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2349 -c "client hello, adding psk_key_exchange_modes extension" \
2350 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2351 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2352
2353requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2354requires_config_enabled MBEDTLS_SSL_SRV_C
2355requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2357requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2358requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2359run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2360 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2361 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2362 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2363 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2364 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2365 -c "client hello, adding PSK binder list" \
2366 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2367
2368requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2369requires_config_enabled MBEDTLS_SSL_SRV_C
2370requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2372requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2373run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2374 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2375 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2376 0 \
2377 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2378 -c "client hello, adding psk_key_exchange_modes extension" \
2379 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2380 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2381 -c "HTTP/1.0 200 OK"
2382
2383requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2384requires_config_enabled MBEDTLS_SSL_SRV_C
2385requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2386requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2388run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2389 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2390 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2391 1 \
2392 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2393 -c "client hello, adding psk_key_exchange_modes extension" \
2394 -c "client hello, adding PSK binder list" \
2395 -s "No matched PSK or ticket" \
2396 -s "ClientHello message misses mandatory extensions."
2397
2398requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2399requires_config_enabled MBEDTLS_SSL_SRV_C
2400requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2401requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2402requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2403run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2404 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2405 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2406 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2407 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2408 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2409 -c "client hello, adding PSK binder list" \
2410 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2411
2412requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2413requires_config_enabled MBEDTLS_SSL_SRV_C
2414requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2415requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2416requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2417requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2418run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2419 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2420 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2421 0 \
2422 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2423 -c "client hello, adding psk_key_exchange_modes extension" \
2424 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2425 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2426 -c "HTTP/1.0 200 OK"
2427
2428requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2429requires_config_enabled MBEDTLS_SSL_SRV_C
2430requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2431requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2432requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2433requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2434run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2435 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2436 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437 1 \
2438 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2439 -c "client hello, adding psk_key_exchange_modes extension" \
2440 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2441 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2442
2443requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2444requires_config_enabled MBEDTLS_SSL_SRV_C
2445requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2448requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2449run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2450 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2451 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2452 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2453 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2454 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2455 -c "client hello, adding PSK binder list" \
2456 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2457
2458# all mode in client
2459requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2460requires_config_enabled MBEDTLS_SSL_SRV_C
2461requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2462requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2463requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2465run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2466 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2467 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 0 \
2469 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2470 -c "client hello, adding psk_key_exchange_modes extension" \
2471 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2472 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2473 -c "HTTP/1.0 200 OK"
2474
2475requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2476requires_config_enabled MBEDTLS_SSL_SRV_C
2477requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2478requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2479requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2480requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2481run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2482 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2483 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2484 1 \
2485 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2486 -c "client hello, adding psk_key_exchange_modes extension" \
2487 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2488 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489 -s "ClientHello message misses mandatory extensions."
2490
2491requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2492requires_config_enabled MBEDTLS_SSL_SRV_C
2493requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2496requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2497run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2498 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2499 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2500 1 \
2501 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2502 -c "client hello, adding psk_key_exchange_modes extension" \
2503 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2504 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2505
2506requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2507requires_config_enabled MBEDTLS_SSL_SRV_C
2508requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2509requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2510requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2511requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2512run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2513 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2514 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2515 0 \
2516 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2517 -c "client hello, adding psk_key_exchange_modes extension" \
2518 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2519 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2520 -c "HTTP/1.0 200 OK"
2521
2522requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2523requires_config_enabled MBEDTLS_SSL_SRV_C
2524requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2526requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2527requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2528run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2529 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2530 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2531 1 \
2532 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2533 -c "client hello, adding psk_key_exchange_modes extension" \
2534 -c "client hello, adding PSK binder list" \
2535 -s "No matched PSK or ticket" \
2536 -s "ClientHello message misses mandatory extensions."
2537
2538requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2539requires_config_enabled MBEDTLS_SSL_SRV_C
2540requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2543requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2544run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2545 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2546 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2547 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2548 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2549 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2550 -c "client hello, adding PSK binder list" \
2551 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2552
2553requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2554requires_config_enabled MBEDTLS_SSL_SRV_C
2555requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2556requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2557requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2558requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2559run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2560 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2561 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2562 0 \
2563 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2564 -c "client hello, adding psk_key_exchange_modes extension" \
2565 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2566 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2567 -c "HTTP/1.0 200 OK"
2568
2569requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2570requires_config_enabled MBEDTLS_SSL_SRV_C
2571requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2572requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2575run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2576 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2577 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2578 0 \
2579 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2580 -c "client hello, adding psk_key_exchange_modes extension" \
2581 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2582 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2583 -c "HTTP/1.0 200 OK"
2584
2585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2586requires_config_enabled MBEDTLS_SSL_SRV_C
2587requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2588requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2589requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2590requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2591run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2592 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2593 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2594 0 \
2595 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2596 -c "client hello, adding psk_key_exchange_modes extension" \
2597 -c "client hello, adding PSK binder list" \
2598 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2599 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2600 -c "HTTP/1.0 200 OK"
2601
2602requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2603requires_config_enabled MBEDTLS_SSL_SRV_C
2604requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2606requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2607requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2608run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2609 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2610 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2611 1 \
2612 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2613 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2614 -c "client hello, adding PSK binder list" \
2615 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2616
2617requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2618requires_config_enabled MBEDTLS_SSL_SRV_C
2619requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2620requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2623run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2624 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2625 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2626 0 \
2627 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2628 -c "client hello, adding psk_key_exchange_modes extension" \
2629 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2630 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2631 -c "HTTP/1.0 200 OK"
2632
2633requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2634requires_config_enabled MBEDTLS_SSL_SRV_C
2635requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2637requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2638requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2639run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2640 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2641 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2642 1 \
2643 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2644 -c "client hello, adding psk_key_exchange_modes extension" \
2645 -c "client hello, adding PSK binder list" \
2646 -s "No matched PSK or ticket" \
2647 -s "ClientHello message misses mandatory extensions."
2648
2649requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2650requires_config_enabled MBEDTLS_SSL_SRV_C
2651requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2652requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2653requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2654requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2655run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2656 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2657 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2658 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2659 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2660 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2661 -c "client hello, adding PSK binder list" \
2662 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2663
2664requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2665requires_config_enabled MBEDTLS_SSL_SRV_C
2666requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2667requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2668requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2669requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2670run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2671 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2672 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2673 0 \
2674 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2675 -c "client hello, adding psk_key_exchange_modes extension" \
2676 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2677 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2678 -c "HTTP/1.0 200 OK"
2679
2680requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2681requires_config_enabled MBEDTLS_SSL_SRV_C
2682requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2683requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2686run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2687 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2688 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2689 0 \
2690 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2691 -c "client hello, adding psk_key_exchange_modes extension" \
2692 -c "client hello, adding PSK binder list" \
2693 -s "No matched PSK or ticket" \
2694 -s "key exchange mode: ephemeral"
2695
2696requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2697requires_config_enabled MBEDTLS_SSL_SRV_C
2698requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2699requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2700requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2701requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2702run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2703 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2704 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2705 1 \
2706 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2707 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2708 -c "client hello, adding PSK binder list" \
2709 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2710
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2711#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2712requires_openssl_tls1_3
2713requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2714requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2715requires_config_enabled MBEDTLS_DEBUG_C
2716requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2717requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2718run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2719 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2720 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2721 0 \
2722 -c "=> write client hello" \
2723 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2724 -c "client hello, adding psk_key_exchange_modes extension" \
2725 -c "client hello, adding PSK binder list" \
2726 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2727 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2728 -c "HTTP/1.0 200 ok"
2729
2730requires_openssl_tls1_3
2731requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2732requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2733requires_config_enabled MBEDTLS_DEBUG_C
2734requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2735requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2736run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2737 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2738 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2739 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2740 -c "=> write client hello" \
2741 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2742 -c "client hello, adding psk_key_exchange_modes extension" \
2743 -c "client hello, adding PSK binder list" \
2744 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2745 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2746
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2747#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2748requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2749requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2750requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2751requires_config_enabled MBEDTLS_DEBUG_C
2752requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2753requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2754requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2755run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2756 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2757 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2758 0 \
2759 -c "=> write client hello" \
2760 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2761 -c "client hello, adding psk_key_exchange_modes extension" \
2762 -c "client hello, adding PSK binder list" \
2763 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2764 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2765 -c "HTTP/1.0 200 ok"
2766
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2767requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2768requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2769requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2770requires_config_enabled MBEDTLS_DEBUG_C
2771requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2772requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2773requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2774run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2775 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2776 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2777 0 \
2778 -c "=> write client hello" \
2779 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2780 -c "client hello, adding psk_key_exchange_modes extension" \
2781 -c "client hello, adding PSK binder list" \
2782 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2783 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2784 -c "HTTP/1.0 200 ok"
2785
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2786#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2787requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2788requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2789requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2790requires_config_enabled MBEDTLS_DEBUG_C
2791requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2792requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2793run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2794 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2795 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2796 0 \
2797 -c "=> write client hello" \
2798 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2799 -c "client hello, adding psk_key_exchange_modes extension" \
2800 -c "client hello, adding PSK binder list" \
2801 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2802 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2803 -c "HTTP/1.0 200 ok"
2804
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2805requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2806requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2807requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2808requires_config_enabled MBEDTLS_DEBUG_C
2809requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2810requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2811run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2812 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2813 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2814 0 \
2815 -c "=> write client hello" \
2816 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2817 -c "client hello, adding psk_key_exchange_modes extension" \
2818 -c "client hello, adding PSK binder list" \
2819 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2820 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2821 -c "HTTP/1.0 200 ok"
2822
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2823#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2824requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2825requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2826requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2827requires_config_enabled MBEDTLS_DEBUG_C
2828requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2829requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2830run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2831 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2832 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2833 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2834 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2835 -c "HTTP/1.0 200 ok"
2836
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2837requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2838requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2839requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2840requires_config_enabled MBEDTLS_DEBUG_C
2841requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2842requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2843run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2844 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2845 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2846 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2847 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2848 -c "HTTP/1.0 200 ok"
2849
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2850#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2851requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2852requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2853requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2854requires_config_enabled MBEDTLS_DEBUG_C
2855requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2856requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2857requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2858run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2859 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2860 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2861 0 \
2862 -c "=> write client hello" \
2863 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2864 -c "client hello, adding psk_key_exchange_modes extension" \
2865 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2866 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2867 -c "<= write client hello" \
2868 -c "HTTP/1.0 200 ok"
2869
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2870requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2871requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2872requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2873requires_config_enabled MBEDTLS_DEBUG_C
2874requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2875requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2876requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2877run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2878 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2879 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2880 0 \
2881 -c "=> write client hello" \
2882 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2883 -c "client hello, adding psk_key_exchange_modes extension" \
2884 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2885 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2886 -c "<= write client hello" \
2887 -c "HTTP/1.0 200 ok"
2888
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2889#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2890requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2891requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2892requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2893requires_config_enabled MBEDTLS_DEBUG_C
2894requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2895requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2896requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2897requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2898run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2899 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2900 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2901 0 \
2902 -c "=> write client hello" \
2903 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2904 -c "client hello, adding psk_key_exchange_modes extension" \
2905 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2906 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2907 -c "<= write client hello" \
2908 -c "HTTP/1.0 200 ok"
2909
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2910requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2911requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2912requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2913requires_config_enabled MBEDTLS_DEBUG_C
2914requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2916requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2917requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2918run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2919 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2920 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2921 0 \
2922 -c "=> write client hello" \
2923 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2924 -c "client hello, adding psk_key_exchange_modes extension" \
2925 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2926 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2927 -c "<= write client hello" \
2928 -c "HTTP/1.0 200 ok"
2929
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2930#GNUTLS-SERVER psk mode
2931requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2932requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2933requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2934requires_config_enabled MBEDTLS_DEBUG_C
2935requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2936requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2937run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2938 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2939 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2940 0 \
2941 -c "=> write client hello" \
2942 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2943 -c "client hello, adding psk_key_exchange_modes extension" \
2944 -c "client hello, adding PSK binder list" \
2945 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2946 -s "Parsing extension 'Pre Shared Key/41'" \
2947 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2948 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2949 -c "HTTP/1.0 200 OK"
2950
2951requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2952requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2953requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2954requires_config_enabled MBEDTLS_DEBUG_C
2955requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2956requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2957run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2958 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2959 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2960 1 \
2961 -c "=> write client hello" \
2962 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2963 -c "client hello, adding psk_key_exchange_modes extension" \
2964 -c "client hello, adding PSK binder list" \
2965 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2966 -s "Parsing extension 'Pre Shared Key/41'" \
2967 -c "<= write client hello" \
2968 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2969
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2970#GNUTLS-SERVER psk_all mode
2971requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2972requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2973requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2974requires_config_enabled MBEDTLS_DEBUG_C
2975requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2977requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2978run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2979 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2980 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2981 0 \
2982 -c "=> write client hello" \
2983 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2984 -c "client hello, adding psk_key_exchange_modes extension" \
2985 -c "client hello, adding PSK binder list" \
2986 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2987 -s "Parsing extension 'Pre Shared Key/41'" \
2988 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]2989 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2990 -c "HTTP/1.0 200 OK"
2991
2992requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2993requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2994requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2995requires_config_enabled MBEDTLS_DEBUG_C
2996requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2997requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2998requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]2999run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3000 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3001 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3002 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3003 -c "=> write client hello" \
3004 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3005 -c "client hello, adding psk_key_exchange_modes extension" \
3006 -c "client hello, adding PSK binder list" \
3007 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3008 -s "Parsing extension 'Pre Shared Key/41'" \
3009 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3010 -c "Selected key exchange mode: psk_ephemeral" \
3011 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3012
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3013#GNUTLS-SERVER psk_ephemeral mode
3014requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3015requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3016requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3017requires_config_enabled MBEDTLS_DEBUG_C
3018requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3019requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3020run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3021 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3022 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3023 0 \
3024 -c "=> write client hello" \
3025 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3026 -c "client hello, adding psk_key_exchange_modes extension" \
3027 -c "client hello, adding PSK binder list" \
3028 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3029 -s "Parsing extension 'Pre Shared Key/41'" \
3030 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3031 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3032 -c "HTTP/1.0 200 OK"
3033
3034requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3035requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3036requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3037requires_config_enabled MBEDTLS_DEBUG_C
3038requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3039requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3040run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3041 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3042 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3043 0 \
3044 -c "=> write client hello" \
3045 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3046 -c "client hello, adding psk_key_exchange_modes extension" \
3047 -c "client hello, adding PSK binder list" \
3048 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3049 -s "Parsing extension 'Pre Shared Key/41'" \
3050 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3051 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3052 -c "HTTP/1.0 200 OK"
3053
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3054#GNUTLS-SERVER ephemeral mode
3055requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3056requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3057requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3058requires_config_enabled MBEDTLS_DEBUG_C
3059requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3060requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3061run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3062 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3063 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3064 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3065 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3066 -c "HTTP/1.0 200 OK"
3067
3068requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3069requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3070requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3071requires_config_enabled MBEDTLS_DEBUG_C
3072requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3073requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3074run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3075 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3076 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3077 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3078 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3079 -c "HTTP/1.0 200 OK"
3080
3081#GNUTLS-SERVER ephemeral_all mode
3082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3083requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3084requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3085requires_config_enabled MBEDTLS_DEBUG_C
3086requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3087requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3088requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3089run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3090 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3091 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3092 0 \
3093 -c "=> write client hello" \
3094 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3095 -c "client hello, adding psk_key_exchange_modes extension" \
3096 -c "client hello, adding PSK binder list" \
3097 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3098 -s "Parsing extension 'Pre Shared Key/41'" \
3099 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3100 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3101 -c "HTTP/1.0 200 OK"
3102
3103requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3104requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3105requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3106requires_config_enabled MBEDTLS_DEBUG_C
3107requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3108requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3109requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3110run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3111 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3112 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3113 0 \
3114 -c "=> write client hello" \
3115 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3116 -c "client hello, adding psk_key_exchange_modes extension" \
3117 -c "client hello, adding PSK binder list" \
3118 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3119 -s "Parsing extension 'Pre Shared Key/41'" \
3120 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3121 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3122 -c "HTTP/1.0 200 OK"
3123
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3124#GNUTLS-SERVER all mode
3125requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3126requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3127requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3128requires_config_enabled MBEDTLS_DEBUG_C
3129requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3130requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3131requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3132requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3133run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3134 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3135 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3136 0 \
3137 -c "=> write client hello" \
3138 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3139 -c "client hello, adding psk_key_exchange_modes extension" \
3140 -c "client hello, adding PSK binder list" \
3141 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3142 -s "Parsing extension 'Pre Shared Key/41'" \
3143 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3144 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3145 -c "HTTP/1.0 200 OK"
3146
3147requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3148requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3149requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3150requires_config_enabled MBEDTLS_DEBUG_C
3151requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3152requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3153requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3154requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3155run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3156 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3157 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3158 0 \
3159 -c "=> write client hello" \
3160 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3161 -c "client hello, adding psk_key_exchange_modes extension" \
3162 -c "client hello, adding PSK binder list" \
3163 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3164 -s "Parsing extension 'Pre Shared Key/41'" \
3165 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3166 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3167 -c "HTTP/1.0 200 OK"