TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6a9bebaefd9e0816a5bed830d8522c8dfc8a181b / . / tests / opt-testcases / tls13-kex-modes.sh
blob: bbd6544260b37c2e757eff0938d4f62cd4d7c242 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame^]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
21requires_openssl_tls1_3
22requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
23requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
24requires_config_enabled MBEDTLS_SSL_SRV_C
25requires_config_enabled MBEDTLS_DEBUG_C
26# SOME_PSK_ENABLED
27requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
28 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
29run_test "TLS 1.3: PSK: psk: with matched key and identity, with psk_ke and psk_dhe_ke. G->m" \
30 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
31 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
32 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
33 localhost" \
34 0 \
35 -s "found psk key exchange modes extension" \
36 -s "found pre_shared_key extension" \
37 -s "Found PSK_EPHEMERAL KEX MODE" \
38 -s "Found PSK KEX MODE" \
39 -s "Pre shared key found" \
40 -S "No matched PSK or ticket" \
41 -s "key exchange mode: psk$" \
42 -S "key exchange mode: psk_ephemeral" \
43 -S "key exchange mode: ephemeral"
44
45requires_openssl_tls1_3
46requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
47requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
48requires_config_enabled MBEDTLS_SSL_SRV_C
49requires_config_enabled MBEDTLS_DEBUG_C
50# SOME_PSK_ENABLED
51requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
52 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
53run_test "TLS 1.3: PSK: psk: with matched key and identity, with psk_ke and psk_dhe_ke. O->m" \
54 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
55 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
56 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
57 0 \
58 -s "found psk key exchange modes extension" \
59 -s "found pre_shared_key extension" \
60 -s "Found PSK_EPHEMERAL KEX MODE" \
61 -s "Found PSK KEX MODE" \
62 -s "Pre shared key found" \
63 -S "No matched PSK or ticket" \
64 -s "key exchange mode: psk$" \
65 -S "key exchange mode: psk_ephemeral" \
66 -S "key exchange mode: ephemeral"
67
68requires_openssl_tls1_3
69requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
70requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
71requires_config_enabled MBEDTLS_SSL_SRV_C
72requires_config_enabled MBEDTLS_DEBUG_C
73# SOME_PSK_ENABLED
74requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
75 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
76run_test "TLS 1.3: PSK: psk: with matched key and identity, with psk_ke. G->m" \
77 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
78 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
79 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
80 localhost" \
81 0 \
82 -s "found psk key exchange modes extension" \
83 -s "found pre_shared_key extension" \
84 -S "Found PSK_EPHEMERAL KEX MODE" \
85 -s "Found PSK KEX MODE" \
86 -s "Pre shared key found" \
87 -S "No matched PSK or ticket" \
88 -s "key exchange mode: psk$" \
89 -S "key exchange mode: psk_ephemeral" \
90 -S "key exchange mode: ephemeral"
91
92requires_openssl_tls1_3
93requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
94requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
95requires_config_enabled MBEDTLS_SSL_SRV_C
96requires_config_enabled MBEDTLS_DEBUG_C
97# SOME_PSK_ENABLED
98requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
99 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
100run_test "TLS 1.3: PSK: psk: with matched key and identity, with psk_dhe_ke. G->m" \
101 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
102 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
103 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
104 localhost" \
105 1 \
106 -s "found psk key exchange modes extension" \
107 -s "found pre_shared_key extension" \
108 -s "Found PSK_EPHEMERAL KEX MODE" \
109 -S "Found PSK KEX MODE" \
110 -s "Pre shared key found" \
111 -S "No matched PSK or ticket" \
112 -S "key exchange mode: psk$" \
113 -S "key exchange mode: psk_ephemeral" \
114 -S "key exchange mode: ephemeral"
115
116requires_openssl_tls1_3
117requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
118requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
119requires_config_enabled MBEDTLS_SSL_SRV_C
120requires_config_enabled MBEDTLS_DEBUG_C
121# SOME_PSK_ENABLED
122requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
123 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
124run_test "TLS 1.3: PSK: psk: with matched key and identity, with psk_dhe_ke. O->m" \
125 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
126 "$O_NEXT_CLI -tls1_3 -msg \
127 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
128 1 \
129 -s "found psk key exchange modes extension" \
130 -s "found pre_shared_key extension" \
131 -s "Found PSK_EPHEMERAL KEX MODE" \
132 -S "Found PSK KEX MODE" \
133 -s "Pre shared key found" \
134 -S "No matched PSK or ticket" \
135 -S "key exchange mode: psk$" \
136 -S "key exchange mode: psk_ephemeral" \
137 -S "key exchange mode: ephemeral"
138
139requires_openssl_tls1_3
140requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
141requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
142requires_config_enabled MBEDTLS_SSL_SRV_C
143requires_config_enabled MBEDTLS_DEBUG_C
144# SOME_PSK_ENABLED
145requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
146 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
147run_test "TLS 1.3: PSK: psk: with mismatched identity, with psk_ke and psk_dhe_ke. G->m" \
148 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
149 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
150 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
151 localhost" \
152 1 \
153 -s "found psk key exchange modes extension" \
154 -s "found pre_shared_key extension" \
155 -s "Found PSK_EPHEMERAL KEX MODE" \
156 -s "Found PSK KEX MODE" \
157 -S "Pre shared key found" \
158 -s "No matched PSK or ticket" \
159 -S "key exchange mode: psk$" \
160 -S "key exchange mode: psk_ephemeral" \
161 -S "key exchange mode: ephemeral"
162
163requires_openssl_tls1_3
164requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
165requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
166requires_config_enabled MBEDTLS_SSL_SRV_C
167requires_config_enabled MBEDTLS_DEBUG_C
168# SOME_PSK_ENABLED
169requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
170 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
171run_test "TLS 1.3: PSK: psk: with mismatched identity, with psk_ke and psk_dhe_ke. O->m" \
172 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
173 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
174 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
175 1 \
176 -s "found psk key exchange modes extension" \
177 -s "found pre_shared_key extension" \
178 -s "Found PSK_EPHEMERAL KEX MODE" \
179 -s "Found PSK KEX MODE" \
180 -S "Pre shared key found" \
181 -s "No matched PSK or ticket" \
182 -S "key exchange mode: psk$" \
183 -S "key exchange mode: psk_ephemeral" \
184 -S "key exchange mode: ephemeral"
185
186requires_openssl_tls1_3
187requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
188requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
189requires_config_enabled MBEDTLS_SSL_SRV_C
190requires_config_enabled MBEDTLS_DEBUG_C
191# SOME_PSK_ENABLED
192requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
193 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
194run_test "TLS 1.3: PSK: psk: with mismatched identity, with psk_ke. G->m" \
195 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
196 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
197 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
198 localhost" \
199 1 \
200 -s "found psk key exchange modes extension" \
201 -s "found pre_shared_key extension" \
202 -S "Found PSK_EPHEMERAL KEX MODE" \
203 -s "Found PSK KEX MODE" \
204 -S "Pre shared key found" \
205 -s "No matched PSK or ticket" \
206 -S "key exchange mode: psk$" \
207 -S "key exchange mode: psk_ephemeral" \
208 -S "key exchange mode: ephemeral"
209
210requires_openssl_tls1_3
211requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
212requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
213requires_config_enabled MBEDTLS_SSL_SRV_C
214requires_config_enabled MBEDTLS_DEBUG_C
215# SOME_PSK_ENABLED
216requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
217 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
218run_test "TLS 1.3: PSK: psk: with mismatched identity, with psk_dhe_ke. G->m" \
219 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
220 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
221 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
222 localhost" \
223 1 \
224 -s "found psk key exchange modes extension" \
225 -s "found pre_shared_key extension" \
226 -s "Found PSK_EPHEMERAL KEX MODE" \
227 -S "Found PSK KEX MODE" \
228 -S "Pre shared key found" \
229 -s "No matched PSK or ticket" \
230 -S "key exchange mode: psk$" \
231 -S "key exchange mode: psk_ephemeral" \
232 -S "key exchange mode: ephemeral"
233
234requires_openssl_tls1_3
235requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
236requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
237requires_config_enabled MBEDTLS_SSL_SRV_C
238requires_config_enabled MBEDTLS_DEBUG_C
239# SOME_PSK_ENABLED
240requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
241 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
242run_test "TLS 1.3: PSK: psk: with mismatched identity, with psk_dhe_ke. O->m" \
243 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
244 "$O_NEXT_CLI -tls1_3 -msg \
245 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
246 1 \
247 -s "found psk key exchange modes extension" \
248 -s "found pre_shared_key extension" \
249 -s "Found PSK_EPHEMERAL KEX MODE" \
250 -S "Found PSK KEX MODE" \
251 -S "Pre shared key found" \
252 -s "No matched PSK or ticket" \
253 -S "key exchange mode: psk$" \
254 -S "key exchange mode: psk_ephemeral" \
255 -S "key exchange mode: ephemeral"
256
257requires_openssl_tls1_3
258requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
259requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
260requires_config_enabled MBEDTLS_SSL_SRV_C
261requires_config_enabled MBEDTLS_DEBUG_C
262# SOME_PSK_ENABLED
263requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
264 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
265run_test "TLS 1.3: PSK: psk: without pre_shared_key,with psk_ke and psk_dhe_ke. G->m" \
266 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
267 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+VERS-TLS1.3 \
268 localhost" \
269 1 \
270 -s "found psk key exchange modes extension" \
271 -S "found pre_shared_key extension" \
272 -s "Found PSK_EPHEMERAL KEX MODE" \
273 -s "Found PSK KEX MODE" \
274 -S "Pre shared key found" \
275 -S "No matched PSK or ticket" \
276 -S "key exchange mode: psk$" \
277 -S "key exchange mode: psk_ephemeral" \
278 -S "key exchange mode: ephemeral"
279
280requires_openssl_tls1_3
281requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
282requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
283requires_config_enabled MBEDTLS_SSL_SRV_C
284requires_config_enabled MBEDTLS_DEBUG_C
285# SOME_PSK_ENABLED
286requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
287 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
288run_test "TLS 1.3: PSK: psk: without pre_shared_key,with psk_ke and psk_dhe_ke. O->m" \
289 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
290 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex " \
291 1 \
292 -s "found psk key exchange modes extension" \
293 -S "found pre_shared_key extension" \
294 -s "Found PSK_EPHEMERAL KEX MODE" \
295 -s "Found PSK KEX MODE" \
296 -S "Pre shared key found" \
297 -S "No matched PSK or ticket" \
298 -S "key exchange mode: psk$" \
299 -S "key exchange mode: psk_ephemeral" \
300 -S "key exchange mode: ephemeral"
301
302requires_openssl_tls1_3
303requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
304requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
305requires_config_enabled MBEDTLS_SSL_SRV_C
306requires_config_enabled MBEDTLS_DEBUG_C
307# SOME_PSK_ENABLED
308requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
309 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
310run_test "TLS 1.3: PSK: psk: without pre_shared_key,with psk_dhe_ke. O->m" \
311 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
312 "$O_NEXT_CLI -tls1_3 -msg " \
313 1 \
314 -s "found psk key exchange modes extension" \
315 -S "found pre_shared_key extension" \
316 -s "Found PSK_EPHEMERAL KEX MODE" \
317 -S "Found PSK KEX MODE" \
318 -S "Pre shared key found" \
319 -S "No matched PSK or ticket" \
320 -S "key exchange mode: psk$" \
321 -S "key exchange mode: psk_ephemeral" \
322 -S "key exchange mode: ephemeral"