Blame - tests/opt-testcases/tls13-compat.sh - mirror/mbed-tls

blob: 05d09f2f8042600791a43031f3f838a1601cff84 [file] [log] [blame]

XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1	#!/bin/sh
				2
				3	# tls13-compat.sh
				4	#
				5	# Copyright The Mbed TLS Contributors
				6	# SPDX-License-Identifier: Apache-2.0
				7	#
				8	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				9	# not use this file except in compliance with the License.
				10	# You may obtain a copy of the License at
				11	#
				12	# http://www.apache.org/licenses/LICENSE-2.0
				13	#
				14	# Unless required by applicable law or agreed to in writing, software
				15	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				16	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				17	# See the License for the specific language governing permissions and
				18	# limitations under the License.
				19	#
				20	# Purpose
				21	#
				22	# List TLS1.3 compat test cases. They are generated by
				23	# `./tests/scripts/generate_tls13_compat_tests.py -a -o tests/opt-testcases/tls13-compat.sh`.
				24	#
				25	# PLEASE DO NOT EDIT THIS FILE. IF NEEDED, PLEASE MODIFY `generate_tls13_compat_tests.py`
				26	# AND REGENERATE THIS FILE.
				27	#
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	28	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	29	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	30	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				31	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				32	requires_openssl_tls1_3
				33	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				34	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				35	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				36	0 \
				37	-s "Protocol is TLSv1.3" \
				38	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				39	-s "received signature algorithm: 0x403" \
				40	-s "got named group: secp256r1(0017)" \
				41	-s "Verifying peer X.509 certificate... ok" \
				42	-s "HTTP/1.0 200 OK" \
				43	-C "received HelloRetryRequest message"
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	44
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	45	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	46	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	47	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				48	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				49	requires_openssl_tls1_3
				50	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				51	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				52	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				53	0 \
				54	-s "Protocol is TLSv1.3" \
				55	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				56	-s "received signature algorithm: 0x503" \
				57	-s "got named group: secp256r1(0017)" \
				58	-s "Verifying peer X.509 certificate... ok" \
				59	-s "HTTP/1.0 200 OK" \
				60	-C "received HelloRetryRequest message"
				61
				62	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	63	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	64	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				65	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				66	requires_openssl_tls1_3
				67	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				68	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				69	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				70	0 \
				71	-s "Protocol is TLSv1.3" \
				72	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				73	-s "received signature algorithm: 0x603" \
				74	-s "got named group: secp256r1(0017)" \
				75	-s "Verifying peer X.509 certificate... ok" \
				76	-s "HTTP/1.0 200 OK" \
				77	-C "received HelloRetryRequest message"
				78
				79	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	80	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	81	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				82	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				83	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				84	requires_openssl_tls1_3
				85	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				86	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				87	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				88	0 \
				89	-s "Protocol is TLSv1.3" \
				90	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				91	-s "received signature algorithm: 0x804" \
				92	-s "got named group: secp256r1(0017)" \
				93	-s "Verifying peer X.509 certificate... ok" \
				94	-s "HTTP/1.0 200 OK" \
				95	-C "received HelloRetryRequest message"
				96
				97	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	98	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	99	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				100	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				101	requires_openssl_tls1_3
				102	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				103	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				104	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				105	0 \
				106	-s "Protocol is TLSv1.3" \
				107	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				108	-s "received signature algorithm: 0x403" \
				109	-s "got named group: secp384r1(0018)" \
				110	-s "Verifying peer X.509 certificate... ok" \
				111	-s "HTTP/1.0 200 OK" \
				112	-C "received HelloRetryRequest message"
				113
				114	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	115	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	116	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				117	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				118	requires_openssl_tls1_3
				119	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				120	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				121	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				122	0 \
				123	-s "Protocol is TLSv1.3" \
				124	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				125	-s "received signature algorithm: 0x503" \
				126	-s "got named group: secp384r1(0018)" \
				127	-s "Verifying peer X.509 certificate... ok" \
				128	-s "HTTP/1.0 200 OK" \
				129	-C "received HelloRetryRequest message"
				130
				131	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	132	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	133	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				134	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				135	requires_openssl_tls1_3
				136	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				137	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				138	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				139	0 \
				140	-s "Protocol is TLSv1.3" \
				141	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				142	-s "received signature algorithm: 0x603" \
				143	-s "got named group: secp384r1(0018)" \
				144	-s "Verifying peer X.509 certificate... ok" \
				145	-s "HTTP/1.0 200 OK" \
				146	-C "received HelloRetryRequest message"
				147
				148	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	149	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	150	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				151	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				152	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				153	requires_openssl_tls1_3
				154	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				155	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				156	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				157	0 \
				158	-s "Protocol is TLSv1.3" \
				159	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				160	-s "received signature algorithm: 0x804" \
				161	-s "got named group: secp384r1(0018)" \
				162	-s "Verifying peer X.509 certificate... ok" \
				163	-s "HTTP/1.0 200 OK" \
				164	-C "received HelloRetryRequest message"
				165
				166	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	167	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	168	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				169	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				170	requires_openssl_tls1_3
				171	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				172	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				173	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				174	0 \
				175	-s "Protocol is TLSv1.3" \
				176	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				177	-s "received signature algorithm: 0x403" \
				178	-s "got named group: secp521r1(0019)" \
				179	-s "Verifying peer X.509 certificate... ok" \
				180	-s "HTTP/1.0 200 OK" \
				181	-C "received HelloRetryRequest message"
				182
				183	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	184	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	185	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				186	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				187	requires_openssl_tls1_3
				188	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				189	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				190	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				191	0 \
				192	-s "Protocol is TLSv1.3" \
				193	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				194	-s "received signature algorithm: 0x503" \
				195	-s "got named group: secp521r1(0019)" \
				196	-s "Verifying peer X.509 certificate... ok" \
				197	-s "HTTP/1.0 200 OK" \
				198	-C "received HelloRetryRequest message"
				199
				200	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	201	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	202	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				203	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				204	requires_openssl_tls1_3
				205	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				206	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				207	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				208	0 \
				209	-s "Protocol is TLSv1.3" \
				210	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				211	-s "received signature algorithm: 0x603" \
				212	-s "got named group: secp521r1(0019)" \
				213	-s "Verifying peer X.509 certificate... ok" \
				214	-s "HTTP/1.0 200 OK" \
				215	-C "received HelloRetryRequest message"
				216
				217	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	218	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	219	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				220	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				221	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				222	requires_openssl_tls1_3
				223	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				224	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				225	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				226	0 \
				227	-s "Protocol is TLSv1.3" \
				228	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				229	-s "received signature algorithm: 0x804" \
				230	-s "got named group: secp521r1(0019)" \
				231	-s "Verifying peer X.509 certificate... ok" \
				232	-s "HTTP/1.0 200 OK" \
				233	-C "received HelloRetryRequest message"
				234
				235	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	236	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	237	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				238	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				239	requires_openssl_tls1_3
				240	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				241	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				242	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				243	0 \
				244	-s "Protocol is TLSv1.3" \
				245	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				246	-s "received signature algorithm: 0x403" \
				247	-s "got named group: x25519(001d)" \
				248	-s "Verifying peer X.509 certificate... ok" \
				249	-s "HTTP/1.0 200 OK" \
				250	-C "received HelloRetryRequest message"
				251
				252	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	253	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	254	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				255	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				256	requires_openssl_tls1_3
				257	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				258	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				259	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				260	0 \
				261	-s "Protocol is TLSv1.3" \
				262	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				263	-s "received signature algorithm: 0x503" \
				264	-s "got named group: x25519(001d)" \
				265	-s "Verifying peer X.509 certificate... ok" \
				266	-s "HTTP/1.0 200 OK" \
				267	-C "received HelloRetryRequest message"
				268
				269	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	270	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	271	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				272	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				273	requires_openssl_tls1_3
				274	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				275	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				276	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				277	0 \
				278	-s "Protocol is TLSv1.3" \
				279	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				280	-s "received signature algorithm: 0x603" \
				281	-s "got named group: x25519(001d)" \
				282	-s "Verifying peer X.509 certificate... ok" \
				283	-s "HTTP/1.0 200 OK" \
				284	-C "received HelloRetryRequest message"
				285
				286	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	287	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	288	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				289	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				290	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				291	requires_openssl_tls1_3
				292	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				293	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				294	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				295	0 \
				296	-s "Protocol is TLSv1.3" \
				297	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				298	-s "received signature algorithm: 0x804" \
				299	-s "got named group: x25519(001d)" \
				300	-s "Verifying peer X.509 certificate... ok" \
				301	-s "HTTP/1.0 200 OK" \
				302	-C "received HelloRetryRequest message"
				303
				304	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	305	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	306	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				307	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				308	requires_openssl_tls1_3
				309	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				310	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				311	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				312	0 \
				313	-s "Protocol is TLSv1.3" \
				314	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				315	-s "received signature algorithm: 0x403" \
				316	-s "got named group: x448(001e)" \
				317	-s "Verifying peer X.509 certificate... ok" \
				318	-s "HTTP/1.0 200 OK" \
				319	-C "received HelloRetryRequest message"
				320
				321	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	322	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	323	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				324	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				325	requires_openssl_tls1_3
				326	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				327	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				328	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				329	0 \
				330	-s "Protocol is TLSv1.3" \
				331	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				332	-s "received signature algorithm: 0x503" \
				333	-s "got named group: x448(001e)" \
				334	-s "Verifying peer X.509 certificate... ok" \
				335	-s "HTTP/1.0 200 OK" \
				336	-C "received HelloRetryRequest message"
				337
				338	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	339	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	340	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				341	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				342	requires_openssl_tls1_3
				343	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				344	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				345	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				346	0 \
				347	-s "Protocol is TLSv1.3" \
				348	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				349	-s "received signature algorithm: 0x603" \
				350	-s "got named group: x448(001e)" \
				351	-s "Verifying peer X.509 certificate... ok" \
				352	-s "HTTP/1.0 200 OK" \
				353	-C "received HelloRetryRequest message"
				354
				355	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	356	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	357	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				358	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				359	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				360	requires_openssl_tls1_3
				361	run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
				362	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				363	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				364	0 \
				365	-s "Protocol is TLSv1.3" \
				366	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				367	-s "received signature algorithm: 0x804" \
				368	-s "got named group: x448(001e)" \
				369	-s "Verifying peer X.509 certificate... ok" \
				370	-s "HTTP/1.0 200 OK" \
				371	-C "received HelloRetryRequest message"
				372
				373	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	374	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	375	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				376	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				377	requires_openssl_tls1_3
				378	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
				379	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				380	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				381	0 \
				382	-s "Protocol is TLSv1.3" \
				383	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				384	-s "received signature algorithm: 0x403" \
				385	-s "got named group: secp256r1(0017)" \
				386	-s "Verifying peer X.509 certificate... ok" \
				387	-s "HTTP/1.0 200 OK" \
				388	-C "received HelloRetryRequest message"
				389
				390	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	391	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	392	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				393	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				394	requires_openssl_tls1_3
				395	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
				396	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				397	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				398	0 \
				399	-s "Protocol is TLSv1.3" \
				400	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				401	-s "received signature algorithm: 0x503" \
				402	-s "got named group: secp256r1(0017)" \
				403	-s "Verifying peer X.509 certificate... ok" \
				404	-s "HTTP/1.0 200 OK" \
				405	-C "received HelloRetryRequest message"
				406
				407	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	408	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	409	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				410	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				411	requires_openssl_tls1_3
				412	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
				413	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				414	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				415	0 \
				416	-s "Protocol is TLSv1.3" \
				417	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				418	-s "received signature algorithm: 0x603" \
				419	-s "got named group: secp256r1(0017)" \
				420	-s "Verifying peer X.509 certificate... ok" \
				421	-s "HTTP/1.0 200 OK" \
				422	-C "received HelloRetryRequest message"
				423
				424	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	425	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	426	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				427	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				428	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				429	requires_openssl_tls1_3
				430	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
				431	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				432	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				433	0 \
				434	-s "Protocol is TLSv1.3" \
				435	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				436	-s "received signature algorithm: 0x804" \
				437	-s "got named group: secp256r1(0017)" \
				438	-s "Verifying peer X.509 certificate... ok" \
				439	-s "HTTP/1.0 200 OK" \
				440	-C "received HelloRetryRequest message"
				441
				442	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	443	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	444	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				445	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				446	requires_openssl_tls1_3
				447	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
				448	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				449	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				450	0 \
				451	-s "Protocol is TLSv1.3" \
				452	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				453	-s "received signature algorithm: 0x403" \
				454	-s "got named group: secp384r1(0018)" \
				455	-s "Verifying peer X.509 certificate... ok" \
				456	-s "HTTP/1.0 200 OK" \
				457	-C "received HelloRetryRequest message"
				458
				459	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	460	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	461	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				462	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				463	requires_openssl_tls1_3
				464	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
				465	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				466	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				467	0 \
				468	-s "Protocol is TLSv1.3" \
				469	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				470	-s "received signature algorithm: 0x503" \
				471	-s "got named group: secp384r1(0018)" \
				472	-s "Verifying peer X.509 certificate... ok" \
				473	-s "HTTP/1.0 200 OK" \
				474	-C "received HelloRetryRequest message"
				475
				476	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	477	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	478	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				479	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				480	requires_openssl_tls1_3
				481	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
				482	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				483	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				484	0 \
				485	-s "Protocol is TLSv1.3" \
				486	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				487	-s "received signature algorithm: 0x603" \
				488	-s "got named group: secp384r1(0018)" \
				489	-s "Verifying peer X.509 certificate... ok" \
				490	-s "HTTP/1.0 200 OK" \
				491	-C "received HelloRetryRequest message"
				492
				493	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	494	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	495	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				496	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				497	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				498	requires_openssl_tls1_3
				499	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
				500	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				501	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				502	0 \
				503	-s "Protocol is TLSv1.3" \
				504	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				505	-s "received signature algorithm: 0x804" \
				506	-s "got named group: secp384r1(0018)" \
				507	-s "Verifying peer X.509 certificate... ok" \
				508	-s "HTTP/1.0 200 OK" \
				509	-C "received HelloRetryRequest message"
				510
				511	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	512	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	513	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				514	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				515	requires_openssl_tls1_3
				516	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
				517	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				518	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				519	0 \
				520	-s "Protocol is TLSv1.3" \
				521	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				522	-s "received signature algorithm: 0x403" \
				523	-s "got named group: secp521r1(0019)" \
				524	-s "Verifying peer X.509 certificate... ok" \
				525	-s "HTTP/1.0 200 OK" \
				526	-C "received HelloRetryRequest message"
				527
				528	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	529	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	530	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				531	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				532	requires_openssl_tls1_3
				533	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
				534	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				535	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				536	0 \
				537	-s "Protocol is TLSv1.3" \
				538	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				539	-s "received signature algorithm: 0x503" \
				540	-s "got named group: secp521r1(0019)" \
				541	-s "Verifying peer X.509 certificate... ok" \
				542	-s "HTTP/1.0 200 OK" \
				543	-C "received HelloRetryRequest message"
				544
				545	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	546	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	547	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				548	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				549	requires_openssl_tls1_3
				550	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
				551	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				552	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				553	0 \
				554	-s "Protocol is TLSv1.3" \
				555	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				556	-s "received signature algorithm: 0x603" \
				557	-s "got named group: secp521r1(0019)" \
				558	-s "Verifying peer X.509 certificate... ok" \
				559	-s "HTTP/1.0 200 OK" \
				560	-C "received HelloRetryRequest message"
				561
				562	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	563	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	564	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				565	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				566	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				567	requires_openssl_tls1_3
				568	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
				569	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				570	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				571	0 \
				572	-s "Protocol is TLSv1.3" \
				573	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				574	-s "received signature algorithm: 0x804" \
				575	-s "got named group: secp521r1(0019)" \
				576	-s "Verifying peer X.509 certificate... ok" \
				577	-s "HTTP/1.0 200 OK" \
				578	-C "received HelloRetryRequest message"
				579
				580	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	581	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	582	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				583	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				584	requires_openssl_tls1_3
				585	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
				586	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				587	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				588	0 \
				589	-s "Protocol is TLSv1.3" \
				590	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				591	-s "received signature algorithm: 0x403" \
				592	-s "got named group: x25519(001d)" \
				593	-s "Verifying peer X.509 certificate... ok" \
				594	-s "HTTP/1.0 200 OK" \
				595	-C "received HelloRetryRequest message"
				596
				597	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	598	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	599	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				600	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				601	requires_openssl_tls1_3
				602	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
				603	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				604	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				605	0 \
				606	-s "Protocol is TLSv1.3" \
				607	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				608	-s "received signature algorithm: 0x503" \
				609	-s "got named group: x25519(001d)" \
				610	-s "Verifying peer X.509 certificate... ok" \
				611	-s "HTTP/1.0 200 OK" \
				612	-C "received HelloRetryRequest message"
				613
				614	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	615	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	616	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				617	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				618	requires_openssl_tls1_3
				619	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
				620	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				621	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				622	0 \
				623	-s "Protocol is TLSv1.3" \
				624	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				625	-s "received signature algorithm: 0x603" \
				626	-s "got named group: x25519(001d)" \
				627	-s "Verifying peer X.509 certificate... ok" \
				628	-s "HTTP/1.0 200 OK" \
				629	-C "received HelloRetryRequest message"
				630
				631	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	632	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	633	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				634	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				635	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				636	requires_openssl_tls1_3
				637	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
				638	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				639	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				640	0 \
				641	-s "Protocol is TLSv1.3" \
				642	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				643	-s "received signature algorithm: 0x804" \
				644	-s "got named group: x25519(001d)" \
				645	-s "Verifying peer X.509 certificate... ok" \
				646	-s "HTTP/1.0 200 OK" \
				647	-C "received HelloRetryRequest message"
				648
				649	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	650	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	651	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				652	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				653	requires_openssl_tls1_3
				654	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
				655	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				656	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				657	0 \
				658	-s "Protocol is TLSv1.3" \
				659	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				660	-s "received signature algorithm: 0x403" \
				661	-s "got named group: x448(001e)" \
				662	-s "Verifying peer X.509 certificate... ok" \
				663	-s "HTTP/1.0 200 OK" \
				664	-C "received HelloRetryRequest message"
				665
				666	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	667	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	668	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				669	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				670	requires_openssl_tls1_3
				671	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
				672	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				673	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				674	0 \
				675	-s "Protocol is TLSv1.3" \
				676	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				677	-s "received signature algorithm: 0x503" \
				678	-s "got named group: x448(001e)" \
				679	-s "Verifying peer X.509 certificate... ok" \
				680	-s "HTTP/1.0 200 OK" \
				681	-C "received HelloRetryRequest message"
				682
				683	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	684	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	685	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				686	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				687	requires_openssl_tls1_3
				688	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
				689	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				690	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				691	0 \
				692	-s "Protocol is TLSv1.3" \
				693	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				694	-s "received signature algorithm: 0x603" \
				695	-s "got named group: x448(001e)" \
				696	-s "Verifying peer X.509 certificate... ok" \
				697	-s "HTTP/1.0 200 OK" \
				698	-C "received HelloRetryRequest message"
				699
				700	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	701	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	702	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				703	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				704	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				705	requires_openssl_tls1_3
				706	run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
				707	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				708	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				709	0 \
				710	-s "Protocol is TLSv1.3" \
				711	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				712	-s "received signature algorithm: 0x804" \
				713	-s "got named group: x448(001e)" \
				714	-s "Verifying peer X.509 certificate... ok" \
				715	-s "HTTP/1.0 200 OK" \
				716	-C "received HelloRetryRequest message"
				717
				718	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	719	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	720	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				721	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				722	requires_openssl_tls1_3
				723	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				724	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				725	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				726	0 \
				727	-s "Protocol is TLSv1.3" \
				728	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				729	-s "received signature algorithm: 0x403" \
				730	-s "got named group: secp256r1(0017)" \
				731	-s "Verifying peer X.509 certificate... ok" \
				732	-s "HTTP/1.0 200 OK" \
				733	-C "received HelloRetryRequest message"
				734
				735	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	736	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	737	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				738	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				739	requires_openssl_tls1_3
				740	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				741	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				742	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				743	0 \
				744	-s "Protocol is TLSv1.3" \
				745	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				746	-s "received signature algorithm: 0x503" \
				747	-s "got named group: secp256r1(0017)" \
				748	-s "Verifying peer X.509 certificate... ok" \
				749	-s "HTTP/1.0 200 OK" \
				750	-C "received HelloRetryRequest message"
				751
				752	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	753	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	754	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				755	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				756	requires_openssl_tls1_3
				757	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				758	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				759	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				760	0 \
				761	-s "Protocol is TLSv1.3" \
				762	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				763	-s "received signature algorithm: 0x603" \
				764	-s "got named group: secp256r1(0017)" \
				765	-s "Verifying peer X.509 certificate... ok" \
				766	-s "HTTP/1.0 200 OK" \
				767	-C "received HelloRetryRequest message"
				768
				769	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	770	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	771	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				772	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				773	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				774	requires_openssl_tls1_3
				775	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				776	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				777	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				778	0 \
				779	-s "Protocol is TLSv1.3" \
				780	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				781	-s "received signature algorithm: 0x804" \
				782	-s "got named group: secp256r1(0017)" \
				783	-s "Verifying peer X.509 certificate... ok" \
				784	-s "HTTP/1.0 200 OK" \
				785	-C "received HelloRetryRequest message"
				786
				787	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	788	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	789	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				790	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				791	requires_openssl_tls1_3
				792	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				793	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				794	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				795	0 \
				796	-s "Protocol is TLSv1.3" \
				797	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				798	-s "received signature algorithm: 0x403" \
				799	-s "got named group: secp384r1(0018)" \
				800	-s "Verifying peer X.509 certificate... ok" \
				801	-s "HTTP/1.0 200 OK" \
				802	-C "received HelloRetryRequest message"
				803
				804	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	805	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	806	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				807	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				808	requires_openssl_tls1_3
				809	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				810	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				811	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				812	0 \
				813	-s "Protocol is TLSv1.3" \
				814	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				815	-s "received signature algorithm: 0x503" \
				816	-s "got named group: secp384r1(0018)" \
				817	-s "Verifying peer X.509 certificate... ok" \
				818	-s "HTTP/1.0 200 OK" \
				819	-C "received HelloRetryRequest message"
				820
				821	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	822	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	823	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				824	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				825	requires_openssl_tls1_3
				826	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				827	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				828	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				829	0 \
				830	-s "Protocol is TLSv1.3" \
				831	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				832	-s "received signature algorithm: 0x603" \
				833	-s "got named group: secp384r1(0018)" \
				834	-s "Verifying peer X.509 certificate... ok" \
				835	-s "HTTP/1.0 200 OK" \
				836	-C "received HelloRetryRequest message"
				837
				838	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	839	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	840	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				841	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				842	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				843	requires_openssl_tls1_3
				844	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				845	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				846	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				847	0 \
				848	-s "Protocol is TLSv1.3" \
				849	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				850	-s "received signature algorithm: 0x804" \
				851	-s "got named group: secp384r1(0018)" \
				852	-s "Verifying peer X.509 certificate... ok" \
				853	-s "HTTP/1.0 200 OK" \
				854	-C "received HelloRetryRequest message"
				855
				856	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	857	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	858	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				859	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				860	requires_openssl_tls1_3
				861	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				862	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				863	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				864	0 \
				865	-s "Protocol is TLSv1.3" \
				866	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				867	-s "received signature algorithm: 0x403" \
				868	-s "got named group: secp521r1(0019)" \
				869	-s "Verifying peer X.509 certificate... ok" \
				870	-s "HTTP/1.0 200 OK" \
				871	-C "received HelloRetryRequest message"
				872
				873	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	874	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	875	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				876	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				877	requires_openssl_tls1_3
				878	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				879	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				880	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				881	0 \
				882	-s "Protocol is TLSv1.3" \
				883	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				884	-s "received signature algorithm: 0x503" \
				885	-s "got named group: secp521r1(0019)" \
				886	-s "Verifying peer X.509 certificate... ok" \
				887	-s "HTTP/1.0 200 OK" \
				888	-C "received HelloRetryRequest message"
				889
				890	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	891	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	892	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				893	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				894	requires_openssl_tls1_3
				895	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				896	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				897	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				898	0 \
				899	-s "Protocol is TLSv1.3" \
				900	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				901	-s "received signature algorithm: 0x603" \
				902	-s "got named group: secp521r1(0019)" \
				903	-s "Verifying peer X.509 certificate... ok" \
				904	-s "HTTP/1.0 200 OK" \
				905	-C "received HelloRetryRequest message"
				906
				907	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	908	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	909	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				910	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				911	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				912	requires_openssl_tls1_3
				913	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				914	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				915	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				916	0 \
				917	-s "Protocol is TLSv1.3" \
				918	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				919	-s "received signature algorithm: 0x804" \
				920	-s "got named group: secp521r1(0019)" \
				921	-s "Verifying peer X.509 certificate... ok" \
				922	-s "HTTP/1.0 200 OK" \
				923	-C "received HelloRetryRequest message"
				924
				925	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	926	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	927	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				928	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				929	requires_openssl_tls1_3
				930	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
				931	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				932	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				933	0 \
				934	-s "Protocol is TLSv1.3" \
				935	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				936	-s "received signature algorithm: 0x403" \
				937	-s "got named group: x25519(001d)" \
				938	-s "Verifying peer X.509 certificate... ok" \
				939	-s "HTTP/1.0 200 OK" \
				940	-C "received HelloRetryRequest message"
				941
				942	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	943	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	944	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				945	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				946	requires_openssl_tls1_3
				947	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
				948	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				949	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				950	0 \
				951	-s "Protocol is TLSv1.3" \
				952	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				953	-s "received signature algorithm: 0x503" \
				954	-s "got named group: x25519(001d)" \
				955	-s "Verifying peer X.509 certificate... ok" \
				956	-s "HTTP/1.0 200 OK" \
				957	-C "received HelloRetryRequest message"
				958
				959	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	960	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	961	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				962	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				963	requires_openssl_tls1_3
				964	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
				965	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				966	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				967	0 \
				968	-s "Protocol is TLSv1.3" \
				969	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				970	-s "received signature algorithm: 0x603" \
				971	-s "got named group: x25519(001d)" \
				972	-s "Verifying peer X.509 certificate... ok" \
				973	-s "HTTP/1.0 200 OK" \
				974	-C "received HelloRetryRequest message"
				975
				976	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	977	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	978	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				979	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				980	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				981	requires_openssl_tls1_3
				982	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
				983	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				984	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				985	0 \
				986	-s "Protocol is TLSv1.3" \
				987	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				988	-s "received signature algorithm: 0x804" \
				989	-s "got named group: x25519(001d)" \
				990	-s "Verifying peer X.509 certificate... ok" \
				991	-s "HTTP/1.0 200 OK" \
				992	-C "received HelloRetryRequest message"
				993
				994	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	995	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	996	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				997	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				998	requires_openssl_tls1_3
				999	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
				1000	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1001	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1002	0 \
				1003	-s "Protocol is TLSv1.3" \
				1004	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				1005	-s "received signature algorithm: 0x403" \
				1006	-s "got named group: x448(001e)" \
				1007	-s "Verifying peer X.509 certificate... ok" \
				1008	-s "HTTP/1.0 200 OK" \
				1009	-C "received HelloRetryRequest message"
				1010
				1011	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1012	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1013	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1014	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1015	requires_openssl_tls1_3
				1016	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
				1017	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1018	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1019	0 \
				1020	-s "Protocol is TLSv1.3" \
				1021	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				1022	-s "received signature algorithm: 0x503" \
				1023	-s "got named group: x448(001e)" \
				1024	-s "Verifying peer X.509 certificate... ok" \
				1025	-s "HTTP/1.0 200 OK" \
				1026	-C "received HelloRetryRequest message"
				1027
				1028	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1029	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1030	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1031	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1032	requires_openssl_tls1_3
				1033	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
				1034	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1035	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1036	0 \
				1037	-s "Protocol is TLSv1.3" \
				1038	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				1039	-s "received signature algorithm: 0x603" \
				1040	-s "got named group: x448(001e)" \
				1041	-s "Verifying peer X.509 certificate... ok" \
				1042	-s "HTTP/1.0 200 OK" \
				1043	-C "received HelloRetryRequest message"
				1044
				1045	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1046	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1047	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1048	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1049	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1050	requires_openssl_tls1_3
				1051	run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
				1052	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1053	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1054	0 \
				1055	-s "Protocol is TLSv1.3" \
				1056	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				1057	-s "received signature algorithm: 0x804" \
				1058	-s "got named group: x448(001e)" \
				1059	-s "Verifying peer X.509 certificate... ok" \
				1060	-s "HTTP/1.0 200 OK" \
				1061	-C "received HelloRetryRequest message"
				1062
				1063	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1064	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1065	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1066	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1067	requires_openssl_tls1_3
				1068	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				1069	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1070	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1071	0 \
				1072	-s "Protocol is TLSv1.3" \
				1073	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1074	-s "received signature algorithm: 0x403" \
				1075	-s "got named group: secp256r1(0017)" \
				1076	-s "Verifying peer X.509 certificate... ok" \
				1077	-s "HTTP/1.0 200 OK" \
				1078	-C "received HelloRetryRequest message"
				1079
				1080	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1081	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1082	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1083	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1084	requires_openssl_tls1_3
				1085	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				1086	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1087	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1088	0 \
				1089	-s "Protocol is TLSv1.3" \
				1090	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1091	-s "received signature algorithm: 0x503" \
				1092	-s "got named group: secp256r1(0017)" \
				1093	-s "Verifying peer X.509 certificate... ok" \
				1094	-s "HTTP/1.0 200 OK" \
				1095	-C "received HelloRetryRequest message"
				1096
				1097	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1098	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1099	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1100	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1101	requires_openssl_tls1_3
				1102	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				1103	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1104	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1105	0 \
				1106	-s "Protocol is TLSv1.3" \
				1107	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1108	-s "received signature algorithm: 0x603" \
				1109	-s "got named group: secp256r1(0017)" \
				1110	-s "Verifying peer X.509 certificate... ok" \
				1111	-s "HTTP/1.0 200 OK" \
				1112	-C "received HelloRetryRequest message"
				1113
				1114	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1115	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1116	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1117	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1118	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1119	requires_openssl_tls1_3
				1120	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				1121	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1122	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1123	0 \
				1124	-s "Protocol is TLSv1.3" \
				1125	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1126	-s "received signature algorithm: 0x804" \
				1127	-s "got named group: secp256r1(0017)" \
				1128	-s "Verifying peer X.509 certificate... ok" \
				1129	-s "HTTP/1.0 200 OK" \
				1130	-C "received HelloRetryRequest message"
				1131
				1132	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1133	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1134	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1135	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1136	requires_openssl_tls1_3
				1137	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				1138	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1139	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1140	0 \
				1141	-s "Protocol is TLSv1.3" \
				1142	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1143	-s "received signature algorithm: 0x403" \
				1144	-s "got named group: secp384r1(0018)" \
				1145	-s "Verifying peer X.509 certificate... ok" \
				1146	-s "HTTP/1.0 200 OK" \
				1147	-C "received HelloRetryRequest message"
				1148
				1149	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1150	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1151	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1152	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1153	requires_openssl_tls1_3
				1154	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				1155	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1156	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1157	0 \
				1158	-s "Protocol is TLSv1.3" \
				1159	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1160	-s "received signature algorithm: 0x503" \
				1161	-s "got named group: secp384r1(0018)" \
				1162	-s "Verifying peer X.509 certificate... ok" \
				1163	-s "HTTP/1.0 200 OK" \
				1164	-C "received HelloRetryRequest message"
				1165
				1166	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1167	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1168	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1169	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1170	requires_openssl_tls1_3
				1171	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				1172	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1173	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1174	0 \
				1175	-s "Protocol is TLSv1.3" \
				1176	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1177	-s "received signature algorithm: 0x603" \
				1178	-s "got named group: secp384r1(0018)" \
				1179	-s "Verifying peer X.509 certificate... ok" \
				1180	-s "HTTP/1.0 200 OK" \
				1181	-C "received HelloRetryRequest message"
				1182
				1183	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1184	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1185	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1186	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1187	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1188	requires_openssl_tls1_3
				1189	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				1190	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1191	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1192	0 \
				1193	-s "Protocol is TLSv1.3" \
				1194	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1195	-s "received signature algorithm: 0x804" \
				1196	-s "got named group: secp384r1(0018)" \
				1197	-s "Verifying peer X.509 certificate... ok" \
				1198	-s "HTTP/1.0 200 OK" \
				1199	-C "received HelloRetryRequest message"
				1200
				1201	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1202	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1203	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1204	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1205	requires_openssl_tls1_3
				1206	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				1207	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1208	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1209	0 \
				1210	-s "Protocol is TLSv1.3" \
				1211	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1212	-s "received signature algorithm: 0x403" \
				1213	-s "got named group: secp521r1(0019)" \
				1214	-s "Verifying peer X.509 certificate... ok" \
				1215	-s "HTTP/1.0 200 OK" \
				1216	-C "received HelloRetryRequest message"
				1217
				1218	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1219	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1220	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1221	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1222	requires_openssl_tls1_3
				1223	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				1224	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1225	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1226	0 \
				1227	-s "Protocol is TLSv1.3" \
				1228	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1229	-s "received signature algorithm: 0x503" \
				1230	-s "got named group: secp521r1(0019)" \
				1231	-s "Verifying peer X.509 certificate... ok" \
				1232	-s "HTTP/1.0 200 OK" \
				1233	-C "received HelloRetryRequest message"
				1234
				1235	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1236	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1237	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1238	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1239	requires_openssl_tls1_3
				1240	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				1241	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1242	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1243	0 \
				1244	-s "Protocol is TLSv1.3" \
				1245	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1246	-s "received signature algorithm: 0x603" \
				1247	-s "got named group: secp521r1(0019)" \
				1248	-s "Verifying peer X.509 certificate... ok" \
				1249	-s "HTTP/1.0 200 OK" \
				1250	-C "received HelloRetryRequest message"
				1251
				1252	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1253	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1254	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1255	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1256	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1257	requires_openssl_tls1_3
				1258	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				1259	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1260	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1261	0 \
				1262	-s "Protocol is TLSv1.3" \
				1263	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1264	-s "received signature algorithm: 0x804" \
				1265	-s "got named group: secp521r1(0019)" \
				1266	-s "Verifying peer X.509 certificate... ok" \
				1267	-s "HTTP/1.0 200 OK" \
				1268	-C "received HelloRetryRequest message"
				1269
				1270	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1271	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1272	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1273	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1274	requires_openssl_tls1_3
				1275	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				1276	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1277	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1278	0 \
				1279	-s "Protocol is TLSv1.3" \
				1280	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1281	-s "received signature algorithm: 0x403" \
				1282	-s "got named group: x25519(001d)" \
				1283	-s "Verifying peer X.509 certificate... ok" \
				1284	-s "HTTP/1.0 200 OK" \
				1285	-C "received HelloRetryRequest message"
				1286
				1287	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1288	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1289	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1290	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1291	requires_openssl_tls1_3
				1292	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				1293	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1294	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1295	0 \
				1296	-s "Protocol is TLSv1.3" \
				1297	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1298	-s "received signature algorithm: 0x503" \
				1299	-s "got named group: x25519(001d)" \
				1300	-s "Verifying peer X.509 certificate... ok" \
				1301	-s "HTTP/1.0 200 OK" \
				1302	-C "received HelloRetryRequest message"
				1303
				1304	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1305	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1306	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1307	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1308	requires_openssl_tls1_3
				1309	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				1310	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1311	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1312	0 \
				1313	-s "Protocol is TLSv1.3" \
				1314	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1315	-s "received signature algorithm: 0x603" \
				1316	-s "got named group: x25519(001d)" \
				1317	-s "Verifying peer X.509 certificate... ok" \
				1318	-s "HTTP/1.0 200 OK" \
				1319	-C "received HelloRetryRequest message"
				1320
				1321	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1322	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1323	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1324	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1325	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1326	requires_openssl_tls1_3
				1327	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				1328	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1329	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1330	0 \
				1331	-s "Protocol is TLSv1.3" \
				1332	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1333	-s "received signature algorithm: 0x804" \
				1334	-s "got named group: x25519(001d)" \
				1335	-s "Verifying peer X.509 certificate... ok" \
				1336	-s "HTTP/1.0 200 OK" \
				1337	-C "received HelloRetryRequest message"
				1338
				1339	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1340	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1341	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1342	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1343	requires_openssl_tls1_3
				1344	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				1345	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1346	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1347	0 \
				1348	-s "Protocol is TLSv1.3" \
				1349	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1350	-s "received signature algorithm: 0x403" \
				1351	-s "got named group: x448(001e)" \
				1352	-s "Verifying peer X.509 certificate... ok" \
				1353	-s "HTTP/1.0 200 OK" \
				1354	-C "received HelloRetryRequest message"
				1355
				1356	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1357	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1358	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1359	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1360	requires_openssl_tls1_3
				1361	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				1362	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1363	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1364	0 \
				1365	-s "Protocol is TLSv1.3" \
				1366	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1367	-s "received signature algorithm: 0x503" \
				1368	-s "got named group: x448(001e)" \
				1369	-s "Verifying peer X.509 certificate... ok" \
				1370	-s "HTTP/1.0 200 OK" \
				1371	-C "received HelloRetryRequest message"
				1372
				1373	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1374	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1375	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1376	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1377	requires_openssl_tls1_3
				1378	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				1379	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1380	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1381	0 \
				1382	-s "Protocol is TLSv1.3" \
				1383	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1384	-s "received signature algorithm: 0x603" \
				1385	-s "got named group: x448(001e)" \
				1386	-s "Verifying peer X.509 certificate... ok" \
				1387	-s "HTTP/1.0 200 OK" \
				1388	-C "received HelloRetryRequest message"
				1389
				1390	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1391	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1392	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1393	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1394	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1395	requires_openssl_tls1_3
				1396	run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
				1397	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1398	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1399	0 \
				1400	-s "Protocol is TLSv1.3" \
				1401	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				1402	-s "received signature algorithm: 0x804" \
				1403	-s "got named group: x448(001e)" \
				1404	-s "Verifying peer X.509 certificate... ok" \
				1405	-s "HTTP/1.0 200 OK" \
				1406	-C "received HelloRetryRequest message"
				1407
				1408	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1409	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1410	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1411	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1412	requires_openssl_tls1_3
				1413	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				1414	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1415	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1416	0 \
				1417	-s "Protocol is TLSv1.3" \
				1418	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1419	-s "received signature algorithm: 0x403" \
				1420	-s "got named group: secp256r1(0017)" \
				1421	-s "Verifying peer X.509 certificate... ok" \
				1422	-s "HTTP/1.0 200 OK" \
				1423	-C "received HelloRetryRequest message"
				1424
				1425	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1426	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1427	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1428	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1429	requires_openssl_tls1_3
				1430	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				1431	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1432	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1433	0 \
				1434	-s "Protocol is TLSv1.3" \
				1435	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1436	-s "received signature algorithm: 0x503" \
				1437	-s "got named group: secp256r1(0017)" \
				1438	-s "Verifying peer X.509 certificate... ok" \
				1439	-s "HTTP/1.0 200 OK" \
				1440	-C "received HelloRetryRequest message"
				1441
				1442	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1443	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1444	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1445	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1446	requires_openssl_tls1_3
				1447	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				1448	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1449	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1450	0 \
				1451	-s "Protocol is TLSv1.3" \
				1452	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1453	-s "received signature algorithm: 0x603" \
				1454	-s "got named group: secp256r1(0017)" \
				1455	-s "Verifying peer X.509 certificate... ok" \
				1456	-s "HTTP/1.0 200 OK" \
				1457	-C "received HelloRetryRequest message"
				1458
				1459	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1460	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1461	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1462	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1463	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1464	requires_openssl_tls1_3
				1465	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				1466	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1467	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1468	0 \
				1469	-s "Protocol is TLSv1.3" \
				1470	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1471	-s "received signature algorithm: 0x804" \
				1472	-s "got named group: secp256r1(0017)" \
				1473	-s "Verifying peer X.509 certificate... ok" \
				1474	-s "HTTP/1.0 200 OK" \
				1475	-C "received HelloRetryRequest message"
				1476
				1477	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1478	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1479	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1480	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1481	requires_openssl_tls1_3
				1482	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				1483	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1484	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1485	0 \
				1486	-s "Protocol is TLSv1.3" \
				1487	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1488	-s "received signature algorithm: 0x403" \
				1489	-s "got named group: secp384r1(0018)" \
				1490	-s "Verifying peer X.509 certificate... ok" \
				1491	-s "HTTP/1.0 200 OK" \
				1492	-C "received HelloRetryRequest message"
				1493
				1494	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1495	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1496	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1497	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1498	requires_openssl_tls1_3
				1499	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				1500	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1501	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1502	0 \
				1503	-s "Protocol is TLSv1.3" \
				1504	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1505	-s "received signature algorithm: 0x503" \
				1506	-s "got named group: secp384r1(0018)" \
				1507	-s "Verifying peer X.509 certificate... ok" \
				1508	-s "HTTP/1.0 200 OK" \
				1509	-C "received HelloRetryRequest message"
				1510
				1511	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1512	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1513	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1514	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1515	requires_openssl_tls1_3
				1516	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				1517	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1518	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1519	0 \
				1520	-s "Protocol is TLSv1.3" \
				1521	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1522	-s "received signature algorithm: 0x603" \
				1523	-s "got named group: secp384r1(0018)" \
				1524	-s "Verifying peer X.509 certificate... ok" \
				1525	-s "HTTP/1.0 200 OK" \
				1526	-C "received HelloRetryRequest message"
				1527
				1528	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1529	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1530	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1531	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1532	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1533	requires_openssl_tls1_3
				1534	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				1535	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1536	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1537	0 \
				1538	-s "Protocol is TLSv1.3" \
				1539	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1540	-s "received signature algorithm: 0x804" \
				1541	-s "got named group: secp384r1(0018)" \
				1542	-s "Verifying peer X.509 certificate... ok" \
				1543	-s "HTTP/1.0 200 OK" \
				1544	-C "received HelloRetryRequest message"
				1545
				1546	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1547	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1548	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1549	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1550	requires_openssl_tls1_3
				1551	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				1552	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1553	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1554	0 \
				1555	-s "Protocol is TLSv1.3" \
				1556	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1557	-s "received signature algorithm: 0x403" \
				1558	-s "got named group: secp521r1(0019)" \
				1559	-s "Verifying peer X.509 certificate... ok" \
				1560	-s "HTTP/1.0 200 OK" \
				1561	-C "received HelloRetryRequest message"
				1562
				1563	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1564	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1565	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1566	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1567	requires_openssl_tls1_3
				1568	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				1569	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1570	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1571	0 \
				1572	-s "Protocol is TLSv1.3" \
				1573	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1574	-s "received signature algorithm: 0x503" \
				1575	-s "got named group: secp521r1(0019)" \
				1576	-s "Verifying peer X.509 certificate... ok" \
				1577	-s "HTTP/1.0 200 OK" \
				1578	-C "received HelloRetryRequest message"
				1579
				1580	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1581	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1582	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1583	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1584	requires_openssl_tls1_3
				1585	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				1586	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1587	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1588	0 \
				1589	-s "Protocol is TLSv1.3" \
				1590	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1591	-s "received signature algorithm: 0x603" \
				1592	-s "got named group: secp521r1(0019)" \
				1593	-s "Verifying peer X.509 certificate... ok" \
				1594	-s "HTTP/1.0 200 OK" \
				1595	-C "received HelloRetryRequest message"
				1596
				1597	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1598	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1599	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1600	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1601	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1602	requires_openssl_tls1_3
				1603	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				1604	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1605	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1606	0 \
				1607	-s "Protocol is TLSv1.3" \
				1608	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1609	-s "received signature algorithm: 0x804" \
				1610	-s "got named group: secp521r1(0019)" \
				1611	-s "Verifying peer X.509 certificate... ok" \
				1612	-s "HTTP/1.0 200 OK" \
				1613	-C "received HelloRetryRequest message"
				1614
				1615	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1616	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1617	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1618	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1619	requires_openssl_tls1_3
				1620	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
				1621	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1622	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1623	0 \
				1624	-s "Protocol is TLSv1.3" \
				1625	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1626	-s "received signature algorithm: 0x403" \
				1627	-s "got named group: x25519(001d)" \
				1628	-s "Verifying peer X.509 certificate... ok" \
				1629	-s "HTTP/1.0 200 OK" \
				1630	-C "received HelloRetryRequest message"
				1631
				1632	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1633	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1634	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1635	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1636	requires_openssl_tls1_3
				1637	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
				1638	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1639	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1640	0 \
				1641	-s "Protocol is TLSv1.3" \
				1642	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1643	-s "received signature algorithm: 0x503" \
				1644	-s "got named group: x25519(001d)" \
				1645	-s "Verifying peer X.509 certificate... ok" \
				1646	-s "HTTP/1.0 200 OK" \
				1647	-C "received HelloRetryRequest message"
				1648
				1649	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1650	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1651	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1652	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1653	requires_openssl_tls1_3
				1654	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
				1655	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1656	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1657	0 \
				1658	-s "Protocol is TLSv1.3" \
				1659	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1660	-s "received signature algorithm: 0x603" \
				1661	-s "got named group: x25519(001d)" \
				1662	-s "Verifying peer X.509 certificate... ok" \
				1663	-s "HTTP/1.0 200 OK" \
				1664	-C "received HelloRetryRequest message"
				1665
				1666	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1667	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1668	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1669	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1670	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1671	requires_openssl_tls1_3
				1672	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
				1673	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1674	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1675	0 \
				1676	-s "Protocol is TLSv1.3" \
				1677	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1678	-s "received signature algorithm: 0x804" \
				1679	-s "got named group: x25519(001d)" \
				1680	-s "Verifying peer X.509 certificate... ok" \
				1681	-s "HTTP/1.0 200 OK" \
				1682	-C "received HelloRetryRequest message"
				1683
				1684	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1685	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1686	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1687	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1688	requires_openssl_tls1_3
				1689	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
				1690	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1691	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1692	0 \
				1693	-s "Protocol is TLSv1.3" \
				1694	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1695	-s "received signature algorithm: 0x403" \
				1696	-s "got named group: x448(001e)" \
				1697	-s "Verifying peer X.509 certificate... ok" \
				1698	-s "HTTP/1.0 200 OK" \
				1699	-C "received HelloRetryRequest message"
				1700
				1701	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1702	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1703	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1704	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1705	requires_openssl_tls1_3
				1706	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
				1707	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1708	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1709	0 \
				1710	-s "Protocol is TLSv1.3" \
				1711	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1712	-s "received signature algorithm: 0x503" \
				1713	-s "got named group: x448(001e)" \
				1714	-s "Verifying peer X.509 certificate... ok" \
				1715	-s "HTTP/1.0 200 OK" \
				1716	-C "received HelloRetryRequest message"
				1717
				1718	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1719	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1720	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1721	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1722	requires_openssl_tls1_3
				1723	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
				1724	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1725	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				1726	0 \
				1727	-s "Protocol is TLSv1.3" \
				1728	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1729	-s "received signature algorithm: 0x603" \
				1730	-s "got named group: x448(001e)" \
				1731	-s "Verifying peer X.509 certificate... ok" \
				1732	-s "HTTP/1.0 200 OK" \
				1733	-C "received HelloRetryRequest message"
				1734
				1735	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1736	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1737	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1738	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1739	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1740	requires_openssl_tls1_3
				1741	run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
				1742	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				1743	"$O_NEXT_CLI_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -CAfile data_files/test-ca_cat12.crt" \
				1744	0 \
				1745	-s "Protocol is TLSv1.3" \
				1746	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				1747	-s "received signature algorithm: 0x804" \
				1748	-s "got named group: x448(001e)" \
				1749	-s "Verifying peer X.509 certificate... ok" \
				1750	-s "HTTP/1.0 200 OK" \
				1751	-C "received HelloRetryRequest message"
				1752
				1753	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1754	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1755	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1756	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1757	requires_gnutls_tls1_3
				1758	requires_gnutls_next_no_ticket
				1759	requires_gnutls_next_disable_tls13_compat
				1760	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				1761	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1762	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1763	0 \
				1764	-s "Protocol is TLSv1.3" \
				1765	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1766	-s "received signature algorithm: 0x403" \
				1767	-s "got named group: secp256r1(0017)" \
				1768	-s "Verifying peer X.509 certificate... ok" \
				1769	-c "HTTP/1.0 200 OK" \
				1770	-C "received HelloRetryRequest message"
				1771
				1772	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1773	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1774	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1775	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1776	requires_gnutls_tls1_3
				1777	requires_gnutls_next_no_ticket
				1778	requires_gnutls_next_disable_tls13_compat
				1779	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				1780	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1781	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1782	0 \
				1783	-s "Protocol is TLSv1.3" \
				1784	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1785	-s "received signature algorithm: 0x503" \
				1786	-s "got named group: secp256r1(0017)" \
				1787	-s "Verifying peer X.509 certificate... ok" \
				1788	-c "HTTP/1.0 200 OK" \
				1789	-C "received HelloRetryRequest message"
				1790
				1791	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1792	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1793	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1794	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1795	requires_gnutls_tls1_3
				1796	requires_gnutls_next_no_ticket
				1797	requires_gnutls_next_disable_tls13_compat
				1798	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				1799	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1800	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1801	0 \
				1802	-s "Protocol is TLSv1.3" \
				1803	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1804	-s "received signature algorithm: 0x603" \
				1805	-s "got named group: secp256r1(0017)" \
				1806	-s "Verifying peer X.509 certificate... ok" \
				1807	-c "HTTP/1.0 200 OK" \
				1808	-C "received HelloRetryRequest message"
				1809
				1810	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1811	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1812	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1813	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1814	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1815	requires_gnutls_tls1_3
				1816	requires_gnutls_next_no_ticket
				1817	requires_gnutls_next_disable_tls13_compat
				1818	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				1819	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1820	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1821	0 \
				1822	-s "Protocol is TLSv1.3" \
				1823	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1824	-s "received signature algorithm: 0x804" \
				1825	-s "got named group: secp256r1(0017)" \
				1826	-s "Verifying peer X.509 certificate... ok" \
				1827	-c "HTTP/1.0 200 OK" \
				1828	-C "received HelloRetryRequest message"
				1829
				1830	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1831	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1832	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1833	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1834	requires_gnutls_tls1_3
				1835	requires_gnutls_next_no_ticket
				1836	requires_gnutls_next_disable_tls13_compat
				1837	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				1838	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1839	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1840	0 \
				1841	-s "Protocol is TLSv1.3" \
				1842	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1843	-s "received signature algorithm: 0x403" \
				1844	-s "got named group: secp384r1(0018)" \
				1845	-s "Verifying peer X.509 certificate... ok" \
				1846	-c "HTTP/1.0 200 OK" \
				1847	-C "received HelloRetryRequest message"
				1848
				1849	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1850	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1851	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1852	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1853	requires_gnutls_tls1_3
				1854	requires_gnutls_next_no_ticket
				1855	requires_gnutls_next_disable_tls13_compat
				1856	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				1857	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1858	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1859	0 \
				1860	-s "Protocol is TLSv1.3" \
				1861	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1862	-s "received signature algorithm: 0x503" \
				1863	-s "got named group: secp384r1(0018)" \
				1864	-s "Verifying peer X.509 certificate... ok" \
				1865	-c "HTTP/1.0 200 OK" \
				1866	-C "received HelloRetryRequest message"
				1867
				1868	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1869	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1870	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1871	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1872	requires_gnutls_tls1_3
				1873	requires_gnutls_next_no_ticket
				1874	requires_gnutls_next_disable_tls13_compat
				1875	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				1876	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1877	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1878	0 \
				1879	-s "Protocol is TLSv1.3" \
				1880	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1881	-s "received signature algorithm: 0x603" \
				1882	-s "got named group: secp384r1(0018)" \
				1883	-s "Verifying peer X.509 certificate... ok" \
				1884	-c "HTTP/1.0 200 OK" \
				1885	-C "received HelloRetryRequest message"
				1886
				1887	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1888	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1889	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1890	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1891	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1892	requires_gnutls_tls1_3
				1893	requires_gnutls_next_no_ticket
				1894	requires_gnutls_next_disable_tls13_compat
				1895	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				1896	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1897	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1898	0 \
				1899	-s "Protocol is TLSv1.3" \
				1900	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1901	-s "received signature algorithm: 0x804" \
				1902	-s "got named group: secp384r1(0018)" \
				1903	-s "Verifying peer X.509 certificate... ok" \
				1904	-c "HTTP/1.0 200 OK" \
				1905	-C "received HelloRetryRequest message"
				1906
				1907	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1908	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1909	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1910	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1911	requires_gnutls_tls1_3
				1912	requires_gnutls_next_no_ticket
				1913	requires_gnutls_next_disable_tls13_compat
				1914	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				1915	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1916	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1917	0 \
				1918	-s "Protocol is TLSv1.3" \
				1919	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1920	-s "received signature algorithm: 0x403" \
				1921	-s "got named group: secp521r1(0019)" \
				1922	-s "Verifying peer X.509 certificate... ok" \
				1923	-c "HTTP/1.0 200 OK" \
				1924	-C "received HelloRetryRequest message"
				1925
				1926	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1927	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1928	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1929	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1930	requires_gnutls_tls1_3
				1931	requires_gnutls_next_no_ticket
				1932	requires_gnutls_next_disable_tls13_compat
				1933	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				1934	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1935	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1936	0 \
				1937	-s "Protocol is TLSv1.3" \
				1938	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1939	-s "received signature algorithm: 0x503" \
				1940	-s "got named group: secp521r1(0019)" \
				1941	-s "Verifying peer X.509 certificate... ok" \
				1942	-c "HTTP/1.0 200 OK" \
				1943	-C "received HelloRetryRequest message"
				1944
				1945	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1946	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1947	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1948	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1949	requires_gnutls_tls1_3
				1950	requires_gnutls_next_no_ticket
				1951	requires_gnutls_next_disable_tls13_compat
				1952	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				1953	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1954	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1955	0 \
				1956	-s "Protocol is TLSv1.3" \
				1957	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1958	-s "received signature algorithm: 0x603" \
				1959	-s "got named group: secp521r1(0019)" \
				1960	-s "Verifying peer X.509 certificate... ok" \
				1961	-c "HTTP/1.0 200 OK" \
				1962	-C "received HelloRetryRequest message"
				1963
				1964	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1965	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1966	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1967	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1968	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				1969	requires_gnutls_tls1_3
				1970	requires_gnutls_next_no_ticket
				1971	requires_gnutls_next_disable_tls13_compat
				1972	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				1973	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1974	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1975	0 \
				1976	-s "Protocol is TLSv1.3" \
				1977	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1978	-s "received signature algorithm: 0x804" \
				1979	-s "got named group: secp521r1(0019)" \
				1980	-s "Verifying peer X.509 certificate... ok" \
				1981	-c "HTTP/1.0 200 OK" \
				1982	-C "received HelloRetryRequest message"
				1983
				1984	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1985	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1986	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				1987	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				1988	requires_gnutls_tls1_3
				1989	requires_gnutls_next_no_ticket
				1990	requires_gnutls_next_disable_tls13_compat
				1991	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				1992	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	1993	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	1994	0 \
				1995	-s "Protocol is TLSv1.3" \
				1996	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				1997	-s "received signature algorithm: 0x403" \
				1998	-s "got named group: x25519(001d)" \
				1999	-s "Verifying peer X.509 certificate... ok" \
				2000	-c "HTTP/1.0 200 OK" \
				2001	-C "received HelloRetryRequest message"
				2002
				2003	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2004	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2005	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2006	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2007	requires_gnutls_tls1_3
				2008	requires_gnutls_next_no_ticket
				2009	requires_gnutls_next_disable_tls13_compat
				2010	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				2011	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2012	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2013	0 \
				2014	-s "Protocol is TLSv1.3" \
				2015	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2016	-s "received signature algorithm: 0x503" \
				2017	-s "got named group: x25519(001d)" \
				2018	-s "Verifying peer X.509 certificate... ok" \
				2019	-c "HTTP/1.0 200 OK" \
				2020	-C "received HelloRetryRequest message"
				2021
				2022	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2023	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2024	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2025	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2026	requires_gnutls_tls1_3
				2027	requires_gnutls_next_no_ticket
				2028	requires_gnutls_next_disable_tls13_compat
				2029	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				2030	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2031	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2032	0 \
				2033	-s "Protocol is TLSv1.3" \
				2034	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2035	-s "received signature algorithm: 0x603" \
				2036	-s "got named group: x25519(001d)" \
				2037	-s "Verifying peer X.509 certificate... ok" \
				2038	-c "HTTP/1.0 200 OK" \
				2039	-C "received HelloRetryRequest message"
				2040
				2041	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2042	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2043	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2044	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2045	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2046	requires_gnutls_tls1_3
				2047	requires_gnutls_next_no_ticket
				2048	requires_gnutls_next_disable_tls13_compat
				2049	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				2050	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2051	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2052	0 \
				2053	-s "Protocol is TLSv1.3" \
				2054	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2055	-s "received signature algorithm: 0x804" \
				2056	-s "got named group: x25519(001d)" \
				2057	-s "Verifying peer X.509 certificate... ok" \
				2058	-c "HTTP/1.0 200 OK" \
				2059	-C "received HelloRetryRequest message"
				2060
				2061	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2062	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2063	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2064	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2065	requires_gnutls_tls1_3
				2066	requires_gnutls_next_no_ticket
				2067	requires_gnutls_next_disable_tls13_compat
				2068	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				2069	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2070	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2071	0 \
				2072	-s "Protocol is TLSv1.3" \
				2073	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2074	-s "received signature algorithm: 0x403" \
				2075	-s "got named group: x448(001e)" \
				2076	-s "Verifying peer X.509 certificate... ok" \
				2077	-c "HTTP/1.0 200 OK" \
				2078	-C "received HelloRetryRequest message"
				2079
				2080	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2081	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2082	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2083	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2084	requires_gnutls_tls1_3
				2085	requires_gnutls_next_no_ticket
				2086	requires_gnutls_next_disable_tls13_compat
				2087	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				2088	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2089	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2090	0 \
				2091	-s "Protocol is TLSv1.3" \
				2092	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2093	-s "received signature algorithm: 0x503" \
				2094	-s "got named group: x448(001e)" \
				2095	-s "Verifying peer X.509 certificate... ok" \
				2096	-c "HTTP/1.0 200 OK" \
				2097	-C "received HelloRetryRequest message"
				2098
				2099	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2100	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2101	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2102	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2103	requires_gnutls_tls1_3
				2104	requires_gnutls_next_no_ticket
				2105	requires_gnutls_next_disable_tls13_compat
				2106	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				2107	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2108	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2109	0 \
				2110	-s "Protocol is TLSv1.3" \
				2111	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2112	-s "received signature algorithm: 0x603" \
				2113	-s "got named group: x448(001e)" \
				2114	-s "Verifying peer X.509 certificate... ok" \
				2115	-c "HTTP/1.0 200 OK" \
				2116	-C "received HelloRetryRequest message"
				2117
				2118	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2119	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2120	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2121	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2122	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2123	requires_gnutls_tls1_3
				2124	requires_gnutls_next_no_ticket
				2125	requires_gnutls_next_disable_tls13_compat
				2126	run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
				2127	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2128	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2129	0 \
				2130	-s "Protocol is TLSv1.3" \
				2131	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				2132	-s "received signature algorithm: 0x804" \
				2133	-s "got named group: x448(001e)" \
				2134	-s "Verifying peer X.509 certificate... ok" \
				2135	-c "HTTP/1.0 200 OK" \
				2136	-C "received HelloRetryRequest message"
				2137
				2138	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2139	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2140	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2141	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2142	requires_gnutls_tls1_3
				2143	requires_gnutls_next_no_ticket
				2144	requires_gnutls_next_disable_tls13_compat
				2145	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
				2146	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2147	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2148	0 \
				2149	-s "Protocol is TLSv1.3" \
				2150	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2151	-s "received signature algorithm: 0x403" \
				2152	-s "got named group: secp256r1(0017)" \
				2153	-s "Verifying peer X.509 certificate... ok" \
				2154	-c "HTTP/1.0 200 OK" \
				2155	-C "received HelloRetryRequest message"
				2156
				2157	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2158	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2159	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2160	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2161	requires_gnutls_tls1_3
				2162	requires_gnutls_next_no_ticket
				2163	requires_gnutls_next_disable_tls13_compat
				2164	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
				2165	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2166	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2167	0 \
				2168	-s "Protocol is TLSv1.3" \
				2169	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2170	-s "received signature algorithm: 0x503" \
				2171	-s "got named group: secp256r1(0017)" \
				2172	-s "Verifying peer X.509 certificate... ok" \
				2173	-c "HTTP/1.0 200 OK" \
				2174	-C "received HelloRetryRequest message"
				2175
				2176	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2177	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2178	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2179	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2180	requires_gnutls_tls1_3
				2181	requires_gnutls_next_no_ticket
				2182	requires_gnutls_next_disable_tls13_compat
				2183	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
				2184	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2185	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2186	0 \
				2187	-s "Protocol is TLSv1.3" \
				2188	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2189	-s "received signature algorithm: 0x603" \
				2190	-s "got named group: secp256r1(0017)" \
				2191	-s "Verifying peer X.509 certificate... ok" \
				2192	-c "HTTP/1.0 200 OK" \
				2193	-C "received HelloRetryRequest message"
				2194
				2195	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2196	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2197	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2198	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2199	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2200	requires_gnutls_tls1_3
				2201	requires_gnutls_next_no_ticket
				2202	requires_gnutls_next_disable_tls13_compat
				2203	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
				2204	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2205	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2206	0 \
				2207	-s "Protocol is TLSv1.3" \
				2208	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2209	-s "received signature algorithm: 0x804" \
				2210	-s "got named group: secp256r1(0017)" \
				2211	-s "Verifying peer X.509 certificate... ok" \
				2212	-c "HTTP/1.0 200 OK" \
				2213	-C "received HelloRetryRequest message"
				2214
				2215	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2216	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2217	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2218	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2219	requires_gnutls_tls1_3
				2220	requires_gnutls_next_no_ticket
				2221	requires_gnutls_next_disable_tls13_compat
				2222	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
				2223	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2224	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2225	0 \
				2226	-s "Protocol is TLSv1.3" \
				2227	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2228	-s "received signature algorithm: 0x403" \
				2229	-s "got named group: secp384r1(0018)" \
				2230	-s "Verifying peer X.509 certificate... ok" \
				2231	-c "HTTP/1.0 200 OK" \
				2232	-C "received HelloRetryRequest message"
				2233
				2234	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2235	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2236	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2237	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2238	requires_gnutls_tls1_3
				2239	requires_gnutls_next_no_ticket
				2240	requires_gnutls_next_disable_tls13_compat
				2241	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
				2242	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2243	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2244	0 \
				2245	-s "Protocol is TLSv1.3" \
				2246	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2247	-s "received signature algorithm: 0x503" \
				2248	-s "got named group: secp384r1(0018)" \
				2249	-s "Verifying peer X.509 certificate... ok" \
				2250	-c "HTTP/1.0 200 OK" \
				2251	-C "received HelloRetryRequest message"
				2252
				2253	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2254	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2255	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2256	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2257	requires_gnutls_tls1_3
				2258	requires_gnutls_next_no_ticket
				2259	requires_gnutls_next_disable_tls13_compat
				2260	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
				2261	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2262	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2263	0 \
				2264	-s "Protocol is TLSv1.3" \
				2265	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2266	-s "received signature algorithm: 0x603" \
				2267	-s "got named group: secp384r1(0018)" \
				2268	-s "Verifying peer X.509 certificate... ok" \
				2269	-c "HTTP/1.0 200 OK" \
				2270	-C "received HelloRetryRequest message"
				2271
				2272	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2273	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2274	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2275	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2276	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2277	requires_gnutls_tls1_3
				2278	requires_gnutls_next_no_ticket
				2279	requires_gnutls_next_disable_tls13_compat
				2280	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
				2281	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2282	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2283	0 \
				2284	-s "Protocol is TLSv1.3" \
				2285	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2286	-s "received signature algorithm: 0x804" \
				2287	-s "got named group: secp384r1(0018)" \
				2288	-s "Verifying peer X.509 certificate... ok" \
				2289	-c "HTTP/1.0 200 OK" \
				2290	-C "received HelloRetryRequest message"
				2291
				2292	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2293	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2294	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2295	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2296	requires_gnutls_tls1_3
				2297	requires_gnutls_next_no_ticket
				2298	requires_gnutls_next_disable_tls13_compat
				2299	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
				2300	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2301	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2302	0 \
				2303	-s "Protocol is TLSv1.3" \
				2304	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2305	-s "received signature algorithm: 0x403" \
				2306	-s "got named group: secp521r1(0019)" \
				2307	-s "Verifying peer X.509 certificate... ok" \
				2308	-c "HTTP/1.0 200 OK" \
				2309	-C "received HelloRetryRequest message"
				2310
				2311	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2312	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2313	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2314	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2315	requires_gnutls_tls1_3
				2316	requires_gnutls_next_no_ticket
				2317	requires_gnutls_next_disable_tls13_compat
				2318	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
				2319	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2320	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2321	0 \
				2322	-s "Protocol is TLSv1.3" \
				2323	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2324	-s "received signature algorithm: 0x503" \
				2325	-s "got named group: secp521r1(0019)" \
				2326	-s "Verifying peer X.509 certificate... ok" \
				2327	-c "HTTP/1.0 200 OK" \
				2328	-C "received HelloRetryRequest message"
				2329
				2330	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2331	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2332	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2333	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2334	requires_gnutls_tls1_3
				2335	requires_gnutls_next_no_ticket
				2336	requires_gnutls_next_disable_tls13_compat
				2337	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
				2338	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2339	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2340	0 \
				2341	-s "Protocol is TLSv1.3" \
				2342	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2343	-s "received signature algorithm: 0x603" \
				2344	-s "got named group: secp521r1(0019)" \
				2345	-s "Verifying peer X.509 certificate... ok" \
				2346	-c "HTTP/1.0 200 OK" \
				2347	-C "received HelloRetryRequest message"
				2348
				2349	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2350	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2351	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2352	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2353	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2354	requires_gnutls_tls1_3
				2355	requires_gnutls_next_no_ticket
				2356	requires_gnutls_next_disable_tls13_compat
				2357	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
				2358	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2359	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2360	0 \
				2361	-s "Protocol is TLSv1.3" \
				2362	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2363	-s "received signature algorithm: 0x804" \
				2364	-s "got named group: secp521r1(0019)" \
				2365	-s "Verifying peer X.509 certificate... ok" \
				2366	-c "HTTP/1.0 200 OK" \
				2367	-C "received HelloRetryRequest message"
				2368
				2369	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2370	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2371	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2372	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2373	requires_gnutls_tls1_3
				2374	requires_gnutls_next_no_ticket
				2375	requires_gnutls_next_disable_tls13_compat
				2376	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
				2377	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2378	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2379	0 \
				2380	-s "Protocol is TLSv1.3" \
				2381	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2382	-s "received signature algorithm: 0x403" \
				2383	-s "got named group: x25519(001d)" \
				2384	-s "Verifying peer X.509 certificate... ok" \
				2385	-c "HTTP/1.0 200 OK" \
				2386	-C "received HelloRetryRequest message"
				2387
				2388	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2389	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2390	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2391	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2392	requires_gnutls_tls1_3
				2393	requires_gnutls_next_no_ticket
				2394	requires_gnutls_next_disable_tls13_compat
				2395	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
				2396	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2397	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2398	0 \
				2399	-s "Protocol is TLSv1.3" \
				2400	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2401	-s "received signature algorithm: 0x503" \
				2402	-s "got named group: x25519(001d)" \
				2403	-s "Verifying peer X.509 certificate... ok" \
				2404	-c "HTTP/1.0 200 OK" \
				2405	-C "received HelloRetryRequest message"
				2406
				2407	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2408	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2409	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2410	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2411	requires_gnutls_tls1_3
				2412	requires_gnutls_next_no_ticket
				2413	requires_gnutls_next_disable_tls13_compat
				2414	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
				2415	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2416	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2417	0 \
				2418	-s "Protocol is TLSv1.3" \
				2419	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2420	-s "received signature algorithm: 0x603" \
				2421	-s "got named group: x25519(001d)" \
				2422	-s "Verifying peer X.509 certificate... ok" \
				2423	-c "HTTP/1.0 200 OK" \
				2424	-C "received HelloRetryRequest message"
				2425
				2426	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2427	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2428	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2429	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2430	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2431	requires_gnutls_tls1_3
				2432	requires_gnutls_next_no_ticket
				2433	requires_gnutls_next_disable_tls13_compat
				2434	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
				2435	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2436	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2437	0 \
				2438	-s "Protocol is TLSv1.3" \
				2439	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2440	-s "received signature algorithm: 0x804" \
				2441	-s "got named group: x25519(001d)" \
				2442	-s "Verifying peer X.509 certificate... ok" \
				2443	-c "HTTP/1.0 200 OK" \
				2444	-C "received HelloRetryRequest message"
				2445
				2446	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2447	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2448	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2449	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2450	requires_gnutls_tls1_3
				2451	requires_gnutls_next_no_ticket
				2452	requires_gnutls_next_disable_tls13_compat
				2453	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
				2454	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2455	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2456	0 \
				2457	-s "Protocol is TLSv1.3" \
				2458	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2459	-s "received signature algorithm: 0x403" \
				2460	-s "got named group: x448(001e)" \
				2461	-s "Verifying peer X.509 certificate... ok" \
				2462	-c "HTTP/1.0 200 OK" \
				2463	-C "received HelloRetryRequest message"
				2464
				2465	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2466	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2467	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2468	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2469	requires_gnutls_tls1_3
				2470	requires_gnutls_next_no_ticket
				2471	requires_gnutls_next_disable_tls13_compat
				2472	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
				2473	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2474	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2475	0 \
				2476	-s "Protocol is TLSv1.3" \
				2477	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2478	-s "received signature algorithm: 0x503" \
				2479	-s "got named group: x448(001e)" \
				2480	-s "Verifying peer X.509 certificate... ok" \
				2481	-c "HTTP/1.0 200 OK" \
				2482	-C "received HelloRetryRequest message"
				2483
				2484	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2485	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2486	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2487	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2488	requires_gnutls_tls1_3
				2489	requires_gnutls_next_no_ticket
				2490	requires_gnutls_next_disable_tls13_compat
				2491	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
				2492	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2493	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2494	0 \
				2495	-s "Protocol is TLSv1.3" \
				2496	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2497	-s "received signature algorithm: 0x603" \
				2498	-s "got named group: x448(001e)" \
				2499	-s "Verifying peer X.509 certificate... ok" \
				2500	-c "HTTP/1.0 200 OK" \
				2501	-C "received HelloRetryRequest message"
				2502
				2503	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2504	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2505	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2506	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2507	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2508	requires_gnutls_tls1_3
				2509	requires_gnutls_next_no_ticket
				2510	requires_gnutls_next_disable_tls13_compat
				2511	run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
				2512	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2513	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2514	0 \
				2515	-s "Protocol is TLSv1.3" \
				2516	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				2517	-s "received signature algorithm: 0x804" \
				2518	-s "got named group: x448(001e)" \
				2519	-s "Verifying peer X.509 certificate... ok" \
				2520	-c "HTTP/1.0 200 OK" \
				2521	-C "received HelloRetryRequest message"
				2522
				2523	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2524	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2525	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2526	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2527	requires_gnutls_tls1_3
				2528	requires_gnutls_next_no_ticket
				2529	requires_gnutls_next_disable_tls13_compat
				2530	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				2531	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2532	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2533	0 \
				2534	-s "Protocol is TLSv1.3" \
				2535	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2536	-s "received signature algorithm: 0x403" \
				2537	-s "got named group: secp256r1(0017)" \
				2538	-s "Verifying peer X.509 certificate... ok" \
				2539	-c "HTTP/1.0 200 OK" \
				2540	-C "received HelloRetryRequest message"
				2541
				2542	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2543	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2544	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2545	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2546	requires_gnutls_tls1_3
				2547	requires_gnutls_next_no_ticket
				2548	requires_gnutls_next_disable_tls13_compat
				2549	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				2550	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2551	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2552	0 \
				2553	-s "Protocol is TLSv1.3" \
				2554	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2555	-s "received signature algorithm: 0x503" \
				2556	-s "got named group: secp256r1(0017)" \
				2557	-s "Verifying peer X.509 certificate... ok" \
				2558	-c "HTTP/1.0 200 OK" \
				2559	-C "received HelloRetryRequest message"
				2560
				2561	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2562	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2563	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2564	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2565	requires_gnutls_tls1_3
				2566	requires_gnutls_next_no_ticket
				2567	requires_gnutls_next_disable_tls13_compat
				2568	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				2569	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2570	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2571	0 \
				2572	-s "Protocol is TLSv1.3" \
				2573	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2574	-s "received signature algorithm: 0x603" \
				2575	-s "got named group: secp256r1(0017)" \
				2576	-s "Verifying peer X.509 certificate... ok" \
				2577	-c "HTTP/1.0 200 OK" \
				2578	-C "received HelloRetryRequest message"
				2579
				2580	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2581	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2582	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2583	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2584	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2585	requires_gnutls_tls1_3
				2586	requires_gnutls_next_no_ticket
				2587	requires_gnutls_next_disable_tls13_compat
				2588	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				2589	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2590	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2591	0 \
				2592	-s "Protocol is TLSv1.3" \
				2593	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2594	-s "received signature algorithm: 0x804" \
				2595	-s "got named group: secp256r1(0017)" \
				2596	-s "Verifying peer X.509 certificate... ok" \
				2597	-c "HTTP/1.0 200 OK" \
				2598	-C "received HelloRetryRequest message"
				2599
				2600	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2601	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2602	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2603	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2604	requires_gnutls_tls1_3
				2605	requires_gnutls_next_no_ticket
				2606	requires_gnutls_next_disable_tls13_compat
				2607	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				2608	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2609	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2610	0 \
				2611	-s "Protocol is TLSv1.3" \
				2612	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2613	-s "received signature algorithm: 0x403" \
				2614	-s "got named group: secp384r1(0018)" \
				2615	-s "Verifying peer X.509 certificate... ok" \
				2616	-c "HTTP/1.0 200 OK" \
				2617	-C "received HelloRetryRequest message"
				2618
				2619	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2620	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2621	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2622	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2623	requires_gnutls_tls1_3
				2624	requires_gnutls_next_no_ticket
				2625	requires_gnutls_next_disable_tls13_compat
				2626	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				2627	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2628	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2629	0 \
				2630	-s "Protocol is TLSv1.3" \
				2631	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2632	-s "received signature algorithm: 0x503" \
				2633	-s "got named group: secp384r1(0018)" \
				2634	-s "Verifying peer X.509 certificate... ok" \
				2635	-c "HTTP/1.0 200 OK" \
				2636	-C "received HelloRetryRequest message"
				2637
				2638	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2639	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2640	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2641	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2642	requires_gnutls_tls1_3
				2643	requires_gnutls_next_no_ticket
				2644	requires_gnutls_next_disable_tls13_compat
				2645	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				2646	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2647	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2648	0 \
				2649	-s "Protocol is TLSv1.3" \
				2650	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2651	-s "received signature algorithm: 0x603" \
				2652	-s "got named group: secp384r1(0018)" \
				2653	-s "Verifying peer X.509 certificate... ok" \
				2654	-c "HTTP/1.0 200 OK" \
				2655	-C "received HelloRetryRequest message"
				2656
				2657	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2658	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2659	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2660	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2661	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2662	requires_gnutls_tls1_3
				2663	requires_gnutls_next_no_ticket
				2664	requires_gnutls_next_disable_tls13_compat
				2665	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				2666	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2667	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2668	0 \
				2669	-s "Protocol is TLSv1.3" \
				2670	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2671	-s "received signature algorithm: 0x804" \
				2672	-s "got named group: secp384r1(0018)" \
				2673	-s "Verifying peer X.509 certificate... ok" \
				2674	-c "HTTP/1.0 200 OK" \
				2675	-C "received HelloRetryRequest message"
				2676
				2677	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2678	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2679	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2680	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2681	requires_gnutls_tls1_3
				2682	requires_gnutls_next_no_ticket
				2683	requires_gnutls_next_disable_tls13_compat
				2684	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				2685	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2686	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2687	0 \
				2688	-s "Protocol is TLSv1.3" \
				2689	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2690	-s "received signature algorithm: 0x403" \
				2691	-s "got named group: secp521r1(0019)" \
				2692	-s "Verifying peer X.509 certificate... ok" \
				2693	-c "HTTP/1.0 200 OK" \
				2694	-C "received HelloRetryRequest message"
				2695
				2696	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2697	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2698	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2699	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2700	requires_gnutls_tls1_3
				2701	requires_gnutls_next_no_ticket
				2702	requires_gnutls_next_disable_tls13_compat
				2703	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				2704	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2705	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2706	0 \
				2707	-s "Protocol is TLSv1.3" \
				2708	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2709	-s "received signature algorithm: 0x503" \
				2710	-s "got named group: secp521r1(0019)" \
				2711	-s "Verifying peer X.509 certificate... ok" \
				2712	-c "HTTP/1.0 200 OK" \
				2713	-C "received HelloRetryRequest message"
				2714
				2715	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2716	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2717	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2718	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2719	requires_gnutls_tls1_3
				2720	requires_gnutls_next_no_ticket
				2721	requires_gnutls_next_disable_tls13_compat
				2722	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				2723	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2724	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2725	0 \
				2726	-s "Protocol is TLSv1.3" \
				2727	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2728	-s "received signature algorithm: 0x603" \
				2729	-s "got named group: secp521r1(0019)" \
				2730	-s "Verifying peer X.509 certificate... ok" \
				2731	-c "HTTP/1.0 200 OK" \
				2732	-C "received HelloRetryRequest message"
				2733
				2734	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2735	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2736	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2737	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2738	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2739	requires_gnutls_tls1_3
				2740	requires_gnutls_next_no_ticket
				2741	requires_gnutls_next_disable_tls13_compat
				2742	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				2743	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2744	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2745	0 \
				2746	-s "Protocol is TLSv1.3" \
				2747	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2748	-s "received signature algorithm: 0x804" \
				2749	-s "got named group: secp521r1(0019)" \
				2750	-s "Verifying peer X.509 certificate... ok" \
				2751	-c "HTTP/1.0 200 OK" \
				2752	-C "received HelloRetryRequest message"
				2753
				2754	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2755	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2756	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2757	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2758	requires_gnutls_tls1_3
				2759	requires_gnutls_next_no_ticket
				2760	requires_gnutls_next_disable_tls13_compat
				2761	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
				2762	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2763	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2764	0 \
				2765	-s "Protocol is TLSv1.3" \
				2766	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2767	-s "received signature algorithm: 0x403" \
				2768	-s "got named group: x25519(001d)" \
				2769	-s "Verifying peer X.509 certificate... ok" \
				2770	-c "HTTP/1.0 200 OK" \
				2771	-C "received HelloRetryRequest message"
				2772
				2773	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2774	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2775	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2776	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2777	requires_gnutls_tls1_3
				2778	requires_gnutls_next_no_ticket
				2779	requires_gnutls_next_disable_tls13_compat
				2780	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
				2781	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2782	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2783	0 \
				2784	-s "Protocol is TLSv1.3" \
				2785	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2786	-s "received signature algorithm: 0x503" \
				2787	-s "got named group: x25519(001d)" \
				2788	-s "Verifying peer X.509 certificate... ok" \
				2789	-c "HTTP/1.0 200 OK" \
				2790	-C "received HelloRetryRequest message"
				2791
				2792	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2793	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2794	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2795	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2796	requires_gnutls_tls1_3
				2797	requires_gnutls_next_no_ticket
				2798	requires_gnutls_next_disable_tls13_compat
				2799	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
				2800	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2801	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2802	0 \
				2803	-s "Protocol is TLSv1.3" \
				2804	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2805	-s "received signature algorithm: 0x603" \
				2806	-s "got named group: x25519(001d)" \
				2807	-s "Verifying peer X.509 certificate... ok" \
				2808	-c "HTTP/1.0 200 OK" \
				2809	-C "received HelloRetryRequest message"
				2810
				2811	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2812	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2813	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2814	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2815	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2816	requires_gnutls_tls1_3
				2817	requires_gnutls_next_no_ticket
				2818	requires_gnutls_next_disable_tls13_compat
				2819	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
				2820	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2821	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2822	0 \
				2823	-s "Protocol is TLSv1.3" \
				2824	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2825	-s "received signature algorithm: 0x804" \
				2826	-s "got named group: x25519(001d)" \
				2827	-s "Verifying peer X.509 certificate... ok" \
				2828	-c "HTTP/1.0 200 OK" \
				2829	-C "received HelloRetryRequest message"
				2830
				2831	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2832	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2833	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2834	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2835	requires_gnutls_tls1_3
				2836	requires_gnutls_next_no_ticket
				2837	requires_gnutls_next_disable_tls13_compat
				2838	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
				2839	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2840	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2841	0 \
				2842	-s "Protocol is TLSv1.3" \
				2843	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2844	-s "received signature algorithm: 0x403" \
				2845	-s "got named group: x448(001e)" \
				2846	-s "Verifying peer X.509 certificate... ok" \
				2847	-c "HTTP/1.0 200 OK" \
				2848	-C "received HelloRetryRequest message"
				2849
				2850	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2851	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2852	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2853	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2854	requires_gnutls_tls1_3
				2855	requires_gnutls_next_no_ticket
				2856	requires_gnutls_next_disable_tls13_compat
				2857	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
				2858	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2859	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2860	0 \
				2861	-s "Protocol is TLSv1.3" \
				2862	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2863	-s "received signature algorithm: 0x503" \
				2864	-s "got named group: x448(001e)" \
				2865	-s "Verifying peer X.509 certificate... ok" \
				2866	-c "HTTP/1.0 200 OK" \
				2867	-C "received HelloRetryRequest message"
				2868
				2869	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2870	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2871	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2872	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2873	requires_gnutls_tls1_3
				2874	requires_gnutls_next_no_ticket
				2875	requires_gnutls_next_disable_tls13_compat
				2876	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
				2877	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2878	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2879	0 \
				2880	-s "Protocol is TLSv1.3" \
				2881	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2882	-s "received signature algorithm: 0x603" \
				2883	-s "got named group: x448(001e)" \
				2884	-s "Verifying peer X.509 certificate... ok" \
				2885	-c "HTTP/1.0 200 OK" \
				2886	-C "received HelloRetryRequest message"
				2887
				2888	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2889	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2890	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2891	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2892	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2893	requires_gnutls_tls1_3
				2894	requires_gnutls_next_no_ticket
				2895	requires_gnutls_next_disable_tls13_compat
				2896	run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
				2897	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2898	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2899	0 \
				2900	-s "Protocol is TLSv1.3" \
				2901	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				2902	-s "received signature algorithm: 0x804" \
				2903	-s "got named group: x448(001e)" \
				2904	-s "Verifying peer X.509 certificate... ok" \
				2905	-c "HTTP/1.0 200 OK" \
				2906	-C "received HelloRetryRequest message"
				2907
				2908	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2909	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2910	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2911	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2912	requires_gnutls_tls1_3
				2913	requires_gnutls_next_no_ticket
				2914	requires_gnutls_next_disable_tls13_compat
				2915	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				2916	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2917	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2918	0 \
				2919	-s "Protocol is TLSv1.3" \
				2920	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				2921	-s "received signature algorithm: 0x403" \
				2922	-s "got named group: secp256r1(0017)" \
				2923	-s "Verifying peer X.509 certificate... ok" \
				2924	-c "HTTP/1.0 200 OK" \
				2925	-C "received HelloRetryRequest message"
				2926
				2927	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2928	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2929	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2930	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2931	requires_gnutls_tls1_3
				2932	requires_gnutls_next_no_ticket
				2933	requires_gnutls_next_disable_tls13_compat
				2934	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				2935	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2936	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2937	0 \
				2938	-s "Protocol is TLSv1.3" \
				2939	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				2940	-s "received signature algorithm: 0x503" \
				2941	-s "got named group: secp256r1(0017)" \
				2942	-s "Verifying peer X.509 certificate... ok" \
				2943	-c "HTTP/1.0 200 OK" \
				2944	-C "received HelloRetryRequest message"
				2945
				2946	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2947	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2948	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2949	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2950	requires_gnutls_tls1_3
				2951	requires_gnutls_next_no_ticket
				2952	requires_gnutls_next_disable_tls13_compat
				2953	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				2954	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2955	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2956	0 \
				2957	-s "Protocol is TLSv1.3" \
				2958	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				2959	-s "received signature algorithm: 0x603" \
				2960	-s "got named group: secp256r1(0017)" \
				2961	-s "Verifying peer X.509 certificate... ok" \
				2962	-c "HTTP/1.0 200 OK" \
				2963	-C "received HelloRetryRequest message"
				2964
				2965	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2966	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2967	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2968	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2969	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				2970	requires_gnutls_tls1_3
				2971	requires_gnutls_next_no_ticket
				2972	requires_gnutls_next_disable_tls13_compat
				2973	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				2974	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2975	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2976	0 \
				2977	-s "Protocol is TLSv1.3" \
				2978	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				2979	-s "received signature algorithm: 0x804" \
				2980	-s "got named group: secp256r1(0017)" \
				2981	-s "Verifying peer X.509 certificate... ok" \
				2982	-c "HTTP/1.0 200 OK" \
				2983	-C "received HelloRetryRequest message"
				2984
				2985	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2986	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2987	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				2988	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				2989	requires_gnutls_tls1_3
				2990	requires_gnutls_next_no_ticket
				2991	requires_gnutls_next_disable_tls13_compat
				2992	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				2993	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	2994	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	2995	0 \
				2996	-s "Protocol is TLSv1.3" \
				2997	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				2998	-s "received signature algorithm: 0x403" \
				2999	-s "got named group: secp384r1(0018)" \
				3000	-s "Verifying peer X.509 certificate... ok" \
				3001	-c "HTTP/1.0 200 OK" \
				3002	-C "received HelloRetryRequest message"
				3003
				3004	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3005	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3006	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3007	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3008	requires_gnutls_tls1_3
				3009	requires_gnutls_next_no_ticket
				3010	requires_gnutls_next_disable_tls13_compat
				3011	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				3012	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3013	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3014	0 \
				3015	-s "Protocol is TLSv1.3" \
				3016	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3017	-s "received signature algorithm: 0x503" \
				3018	-s "got named group: secp384r1(0018)" \
				3019	-s "Verifying peer X.509 certificate... ok" \
				3020	-c "HTTP/1.0 200 OK" \
				3021	-C "received HelloRetryRequest message"
				3022
				3023	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3024	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3025	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3026	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3027	requires_gnutls_tls1_3
				3028	requires_gnutls_next_no_ticket
				3029	requires_gnutls_next_disable_tls13_compat
				3030	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				3031	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3032	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3033	0 \
				3034	-s "Protocol is TLSv1.3" \
				3035	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3036	-s "received signature algorithm: 0x603" \
				3037	-s "got named group: secp384r1(0018)" \
				3038	-s "Verifying peer X.509 certificate... ok" \
				3039	-c "HTTP/1.0 200 OK" \
				3040	-C "received HelloRetryRequest message"
				3041
				3042	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3043	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3044	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3045	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3046	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3047	requires_gnutls_tls1_3
				3048	requires_gnutls_next_no_ticket
				3049	requires_gnutls_next_disable_tls13_compat
				3050	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				3051	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3052	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3053	0 \
				3054	-s "Protocol is TLSv1.3" \
				3055	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3056	-s "received signature algorithm: 0x804" \
				3057	-s "got named group: secp384r1(0018)" \
				3058	-s "Verifying peer X.509 certificate... ok" \
				3059	-c "HTTP/1.0 200 OK" \
				3060	-C "received HelloRetryRequest message"
				3061
				3062	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3063	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3064	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3065	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3066	requires_gnutls_tls1_3
				3067	requires_gnutls_next_no_ticket
				3068	requires_gnutls_next_disable_tls13_compat
				3069	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				3070	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3071	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3072	0 \
				3073	-s "Protocol is TLSv1.3" \
				3074	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3075	-s "received signature algorithm: 0x403" \
				3076	-s "got named group: secp521r1(0019)" \
				3077	-s "Verifying peer X.509 certificate... ok" \
				3078	-c "HTTP/1.0 200 OK" \
				3079	-C "received HelloRetryRequest message"
				3080
				3081	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3082	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3083	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3084	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3085	requires_gnutls_tls1_3
				3086	requires_gnutls_next_no_ticket
				3087	requires_gnutls_next_disable_tls13_compat
				3088	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				3089	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3090	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3091	0 \
				3092	-s "Protocol is TLSv1.3" \
				3093	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3094	-s "received signature algorithm: 0x503" \
				3095	-s "got named group: secp521r1(0019)" \
				3096	-s "Verifying peer X.509 certificate... ok" \
				3097	-c "HTTP/1.0 200 OK" \
				3098	-C "received HelloRetryRequest message"
				3099
				3100	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3101	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3102	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3103	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3104	requires_gnutls_tls1_3
				3105	requires_gnutls_next_no_ticket
				3106	requires_gnutls_next_disable_tls13_compat
				3107	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				3108	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3109	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3110	0 \
				3111	-s "Protocol is TLSv1.3" \
				3112	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3113	-s "received signature algorithm: 0x603" \
				3114	-s "got named group: secp521r1(0019)" \
				3115	-s "Verifying peer X.509 certificate... ok" \
				3116	-c "HTTP/1.0 200 OK" \
				3117	-C "received HelloRetryRequest message"
				3118
				3119	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3120	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3121	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3122	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3123	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3124	requires_gnutls_tls1_3
				3125	requires_gnutls_next_no_ticket
				3126	requires_gnutls_next_disable_tls13_compat
				3127	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				3128	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3129	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3130	0 \
				3131	-s "Protocol is TLSv1.3" \
				3132	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3133	-s "received signature algorithm: 0x804" \
				3134	-s "got named group: secp521r1(0019)" \
				3135	-s "Verifying peer X.509 certificate... ok" \
				3136	-c "HTTP/1.0 200 OK" \
				3137	-C "received HelloRetryRequest message"
				3138
				3139	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3140	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3141	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3142	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3143	requires_gnutls_tls1_3
				3144	requires_gnutls_next_no_ticket
				3145	requires_gnutls_next_disable_tls13_compat
				3146	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				3147	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3148	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3149	0 \
				3150	-s "Protocol is TLSv1.3" \
				3151	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3152	-s "received signature algorithm: 0x403" \
				3153	-s "got named group: x25519(001d)" \
				3154	-s "Verifying peer X.509 certificate... ok" \
				3155	-c "HTTP/1.0 200 OK" \
				3156	-C "received HelloRetryRequest message"
				3157
				3158	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3159	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3160	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3161	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3162	requires_gnutls_tls1_3
				3163	requires_gnutls_next_no_ticket
				3164	requires_gnutls_next_disable_tls13_compat
				3165	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				3166	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3167	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3168	0 \
				3169	-s "Protocol is TLSv1.3" \
				3170	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3171	-s "received signature algorithm: 0x503" \
				3172	-s "got named group: x25519(001d)" \
				3173	-s "Verifying peer X.509 certificate... ok" \
				3174	-c "HTTP/1.0 200 OK" \
				3175	-C "received HelloRetryRequest message"
				3176
				3177	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3178	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3179	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3180	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3181	requires_gnutls_tls1_3
				3182	requires_gnutls_next_no_ticket
				3183	requires_gnutls_next_disable_tls13_compat
				3184	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				3185	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3186	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3187	0 \
				3188	-s "Protocol is TLSv1.3" \
				3189	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3190	-s "received signature algorithm: 0x603" \
				3191	-s "got named group: x25519(001d)" \
				3192	-s "Verifying peer X.509 certificate... ok" \
				3193	-c "HTTP/1.0 200 OK" \
				3194	-C "received HelloRetryRequest message"
				3195
				3196	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3197	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3198	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3199	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3200	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3201	requires_gnutls_tls1_3
				3202	requires_gnutls_next_no_ticket
				3203	requires_gnutls_next_disable_tls13_compat
				3204	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				3205	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3206	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3207	0 \
				3208	-s "Protocol is TLSv1.3" \
				3209	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3210	-s "received signature algorithm: 0x804" \
				3211	-s "got named group: x25519(001d)" \
				3212	-s "Verifying peer X.509 certificate... ok" \
				3213	-c "HTTP/1.0 200 OK" \
				3214	-C "received HelloRetryRequest message"
				3215
				3216	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3217	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3218	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3219	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3220	requires_gnutls_tls1_3
				3221	requires_gnutls_next_no_ticket
				3222	requires_gnutls_next_disable_tls13_compat
				3223	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				3224	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3225	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3226	0 \
				3227	-s "Protocol is TLSv1.3" \
				3228	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3229	-s "received signature algorithm: 0x403" \
				3230	-s "got named group: x448(001e)" \
				3231	-s "Verifying peer X.509 certificate... ok" \
				3232	-c "HTTP/1.0 200 OK" \
				3233	-C "received HelloRetryRequest message"
				3234
				3235	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3236	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3237	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3238	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3239	requires_gnutls_tls1_3
				3240	requires_gnutls_next_no_ticket
				3241	requires_gnutls_next_disable_tls13_compat
				3242	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				3243	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3244	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3245	0 \
				3246	-s "Protocol is TLSv1.3" \
				3247	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3248	-s "received signature algorithm: 0x503" \
				3249	-s "got named group: x448(001e)" \
				3250	-s "Verifying peer X.509 certificate... ok" \
				3251	-c "HTTP/1.0 200 OK" \
				3252	-C "received HelloRetryRequest message"
				3253
				3254	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3255	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3256	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3257	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3258	requires_gnutls_tls1_3
				3259	requires_gnutls_next_no_ticket
				3260	requires_gnutls_next_disable_tls13_compat
				3261	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				3262	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3263	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3264	0 \
				3265	-s "Protocol is TLSv1.3" \
				3266	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3267	-s "received signature algorithm: 0x603" \
				3268	-s "got named group: x448(001e)" \
				3269	-s "Verifying peer X.509 certificate... ok" \
				3270	-c "HTTP/1.0 200 OK" \
				3271	-C "received HelloRetryRequest message"
				3272
				3273	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3274	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3275	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3276	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3277	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3278	requires_gnutls_tls1_3
				3279	requires_gnutls_next_no_ticket
				3280	requires_gnutls_next_disable_tls13_compat
				3281	run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
				3282	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3283	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3284	0 \
				3285	-s "Protocol is TLSv1.3" \
				3286	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				3287	-s "received signature algorithm: 0x804" \
				3288	-s "got named group: x448(001e)" \
				3289	-s "Verifying peer X.509 certificate... ok" \
				3290	-c "HTTP/1.0 200 OK" \
				3291	-C "received HelloRetryRequest message"
				3292
				3293	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3294	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3295	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3296	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3297	requires_gnutls_tls1_3
				3298	requires_gnutls_next_no_ticket
				3299	requires_gnutls_next_disable_tls13_compat
				3300	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				3301	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3302	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3303	0 \
				3304	-s "Protocol is TLSv1.3" \
				3305	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3306	-s "received signature algorithm: 0x403" \
				3307	-s "got named group: secp256r1(0017)" \
				3308	-s "Verifying peer X.509 certificate... ok" \
				3309	-c "HTTP/1.0 200 OK" \
				3310	-C "received HelloRetryRequest message"
				3311
				3312	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3313	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3314	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3315	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3316	requires_gnutls_tls1_3
				3317	requires_gnutls_next_no_ticket
				3318	requires_gnutls_next_disable_tls13_compat
				3319	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				3320	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3321	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3322	0 \
				3323	-s "Protocol is TLSv1.3" \
				3324	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3325	-s "received signature algorithm: 0x503" \
				3326	-s "got named group: secp256r1(0017)" \
				3327	-s "Verifying peer X.509 certificate... ok" \
				3328	-c "HTTP/1.0 200 OK" \
				3329	-C "received HelloRetryRequest message"
				3330
				3331	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3332	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3333	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3334	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3335	requires_gnutls_tls1_3
				3336	requires_gnutls_next_no_ticket
				3337	requires_gnutls_next_disable_tls13_compat
				3338	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				3339	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3340	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3341	0 \
				3342	-s "Protocol is TLSv1.3" \
				3343	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3344	-s "received signature algorithm: 0x603" \
				3345	-s "got named group: secp256r1(0017)" \
				3346	-s "Verifying peer X.509 certificate... ok" \
				3347	-c "HTTP/1.0 200 OK" \
				3348	-C "received HelloRetryRequest message"
				3349
				3350	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3351	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3352	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3353	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3354	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3355	requires_gnutls_tls1_3
				3356	requires_gnutls_next_no_ticket
				3357	requires_gnutls_next_disable_tls13_compat
				3358	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				3359	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3360	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3361	0 \
				3362	-s "Protocol is TLSv1.3" \
				3363	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3364	-s "received signature algorithm: 0x804" \
				3365	-s "got named group: secp256r1(0017)" \
				3366	-s "Verifying peer X.509 certificate... ok" \
				3367	-c "HTTP/1.0 200 OK" \
				3368	-C "received HelloRetryRequest message"
				3369
				3370	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3371	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3372	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3373	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3374	requires_gnutls_tls1_3
				3375	requires_gnutls_next_no_ticket
				3376	requires_gnutls_next_disable_tls13_compat
				3377	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				3378	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3379	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3380	0 \
				3381	-s "Protocol is TLSv1.3" \
				3382	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3383	-s "received signature algorithm: 0x403" \
				3384	-s "got named group: secp384r1(0018)" \
				3385	-s "Verifying peer X.509 certificate... ok" \
				3386	-c "HTTP/1.0 200 OK" \
				3387	-C "received HelloRetryRequest message"
				3388
				3389	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3390	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3391	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3392	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3393	requires_gnutls_tls1_3
				3394	requires_gnutls_next_no_ticket
				3395	requires_gnutls_next_disable_tls13_compat
				3396	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				3397	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3398	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3399	0 \
				3400	-s "Protocol is TLSv1.3" \
				3401	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3402	-s "received signature algorithm: 0x503" \
				3403	-s "got named group: secp384r1(0018)" \
				3404	-s "Verifying peer X.509 certificate... ok" \
				3405	-c "HTTP/1.0 200 OK" \
				3406	-C "received HelloRetryRequest message"
				3407
				3408	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3409	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3410	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3411	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3412	requires_gnutls_tls1_3
				3413	requires_gnutls_next_no_ticket
				3414	requires_gnutls_next_disable_tls13_compat
				3415	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				3416	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3417	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3418	0 \
				3419	-s "Protocol is TLSv1.3" \
				3420	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3421	-s "received signature algorithm: 0x603" \
				3422	-s "got named group: secp384r1(0018)" \
				3423	-s "Verifying peer X.509 certificate... ok" \
				3424	-c "HTTP/1.0 200 OK" \
				3425	-C "received HelloRetryRequest message"
				3426
				3427	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3428	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3429	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3430	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3431	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3432	requires_gnutls_tls1_3
				3433	requires_gnutls_next_no_ticket
				3434	requires_gnutls_next_disable_tls13_compat
				3435	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				3436	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3437	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3438	0 \
				3439	-s "Protocol is TLSv1.3" \
				3440	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3441	-s "received signature algorithm: 0x804" \
				3442	-s "got named group: secp384r1(0018)" \
				3443	-s "Verifying peer X.509 certificate... ok" \
				3444	-c "HTTP/1.0 200 OK" \
				3445	-C "received HelloRetryRequest message"
				3446
				3447	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3448	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3449	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3450	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3451	requires_gnutls_tls1_3
				3452	requires_gnutls_next_no_ticket
				3453	requires_gnutls_next_disable_tls13_compat
				3454	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				3455	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3456	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3457	0 \
				3458	-s "Protocol is TLSv1.3" \
				3459	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3460	-s "received signature algorithm: 0x403" \
				3461	-s "got named group: secp521r1(0019)" \
				3462	-s "Verifying peer X.509 certificate... ok" \
				3463	-c "HTTP/1.0 200 OK" \
				3464	-C "received HelloRetryRequest message"
				3465
				3466	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3467	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3468	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3469	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3470	requires_gnutls_tls1_3
				3471	requires_gnutls_next_no_ticket
				3472	requires_gnutls_next_disable_tls13_compat
				3473	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				3474	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3475	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3476	0 \
				3477	-s "Protocol is TLSv1.3" \
				3478	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3479	-s "received signature algorithm: 0x503" \
				3480	-s "got named group: secp521r1(0019)" \
				3481	-s "Verifying peer X.509 certificate... ok" \
				3482	-c "HTTP/1.0 200 OK" \
				3483	-C "received HelloRetryRequest message"
				3484
				3485	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3486	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3487	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3488	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3489	requires_gnutls_tls1_3
				3490	requires_gnutls_next_no_ticket
				3491	requires_gnutls_next_disable_tls13_compat
				3492	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				3493	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3494	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3495	0 \
				3496	-s "Protocol is TLSv1.3" \
				3497	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3498	-s "received signature algorithm: 0x603" \
				3499	-s "got named group: secp521r1(0019)" \
				3500	-s "Verifying peer X.509 certificate... ok" \
				3501	-c "HTTP/1.0 200 OK" \
				3502	-C "received HelloRetryRequest message"
				3503
				3504	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3505	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3506	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3507	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3508	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3509	requires_gnutls_tls1_3
				3510	requires_gnutls_next_no_ticket
				3511	requires_gnutls_next_disable_tls13_compat
				3512	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				3513	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3514	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3515	0 \
				3516	-s "Protocol is TLSv1.3" \
				3517	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3518	-s "received signature algorithm: 0x804" \
				3519	-s "got named group: secp521r1(0019)" \
				3520	-s "Verifying peer X.509 certificate... ok" \
				3521	-c "HTTP/1.0 200 OK" \
				3522	-C "received HelloRetryRequest message"
				3523
				3524	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3525	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3526	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3527	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3528	requires_gnutls_tls1_3
				3529	requires_gnutls_next_no_ticket
				3530	requires_gnutls_next_disable_tls13_compat
				3531	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
				3532	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3533	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3534	0 \
				3535	-s "Protocol is TLSv1.3" \
				3536	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3537	-s "received signature algorithm: 0x403" \
				3538	-s "got named group: x25519(001d)" \
				3539	-s "Verifying peer X.509 certificate... ok" \
				3540	-c "HTTP/1.0 200 OK" \
				3541	-C "received HelloRetryRequest message"
				3542
				3543	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3544	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3545	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3546	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3547	requires_gnutls_tls1_3
				3548	requires_gnutls_next_no_ticket
				3549	requires_gnutls_next_disable_tls13_compat
				3550	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
				3551	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3552	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3553	0 \
				3554	-s "Protocol is TLSv1.3" \
				3555	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3556	-s "received signature algorithm: 0x503" \
				3557	-s "got named group: x25519(001d)" \
				3558	-s "Verifying peer X.509 certificate... ok" \
				3559	-c "HTTP/1.0 200 OK" \
				3560	-C "received HelloRetryRequest message"
				3561
				3562	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3563	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3564	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3565	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3566	requires_gnutls_tls1_3
				3567	requires_gnutls_next_no_ticket
				3568	requires_gnutls_next_disable_tls13_compat
				3569	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
				3570	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3571	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3572	0 \
				3573	-s "Protocol is TLSv1.3" \
				3574	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3575	-s "received signature algorithm: 0x603" \
				3576	-s "got named group: x25519(001d)" \
				3577	-s "Verifying peer X.509 certificate... ok" \
				3578	-c "HTTP/1.0 200 OK" \
				3579	-C "received HelloRetryRequest message"
				3580
				3581	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3582	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3583	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3584	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3585	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3586	requires_gnutls_tls1_3
				3587	requires_gnutls_next_no_ticket
				3588	requires_gnutls_next_disable_tls13_compat
				3589	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
				3590	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3591	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3592	0 \
				3593	-s "Protocol is TLSv1.3" \
				3594	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3595	-s "received signature algorithm: 0x804" \
				3596	-s "got named group: x25519(001d)" \
				3597	-s "Verifying peer X.509 certificate... ok" \
				3598	-c "HTTP/1.0 200 OK" \
				3599	-C "received HelloRetryRequest message"
				3600
				3601	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3602	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3603	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3604	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3605	requires_gnutls_tls1_3
				3606	requires_gnutls_next_no_ticket
				3607	requires_gnutls_next_disable_tls13_compat
				3608	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
				3609	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3610	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3611	0 \
				3612	-s "Protocol is TLSv1.3" \
				3613	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3614	-s "received signature algorithm: 0x403" \
				3615	-s "got named group: x448(001e)" \
				3616	-s "Verifying peer X.509 certificate... ok" \
				3617	-c "HTTP/1.0 200 OK" \
				3618	-C "received HelloRetryRequest message"
				3619
				3620	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3621	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3622	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3623	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3624	requires_gnutls_tls1_3
				3625	requires_gnutls_next_no_ticket
				3626	requires_gnutls_next_disable_tls13_compat
				3627	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
				3628	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3629	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3630	0 \
				3631	-s "Protocol is TLSv1.3" \
				3632	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3633	-s "received signature algorithm: 0x503" \
				3634	-s "got named group: x448(001e)" \
				3635	-s "Verifying peer X.509 certificate... ok" \
				3636	-c "HTTP/1.0 200 OK" \
				3637	-C "received HelloRetryRequest message"
				3638
				3639	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3640	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3641	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3642	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3643	requires_gnutls_tls1_3
				3644	requires_gnutls_next_no_ticket
				3645	requires_gnutls_next_disable_tls13_compat
				3646	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
				3647	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3648	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3649	0 \
				3650	-s "Protocol is TLSv1.3" \
				3651	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3652	-s "received signature algorithm: 0x603" \
				3653	-s "got named group: x448(001e)" \
				3654	-s "Verifying peer X.509 certificate... ok" \
				3655	-c "HTTP/1.0 200 OK" \
				3656	-C "received HelloRetryRequest message"
				3657
				3658	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3659	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3660	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3661	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3662	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				3663	requires_gnutls_tls1_3
				3664	requires_gnutls_next_no_ticket
				3665	requires_gnutls_next_disable_tls13_compat
				3666	run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
				3667	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	3668	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca_cat12.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3669	0 \
				3670	-s "Protocol is TLSv1.3" \
				3671	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				3672	-s "received signature algorithm: 0x804" \
				3673	-s "got named group: x448(001e)" \
				3674	-s "Verifying peer X.509 certificate... ok" \
				3675	-c "HTTP/1.0 200 OK" \
				3676	-C "received HelloRetryRequest message"
				3677
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3678	requires_openssl_tls1_3
				3679	requires_config_enabled MBEDTLS_DEBUG_C
				3680	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3681	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3682	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3683	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3684	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3685	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3686	0 \
				3687	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3688	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3689	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3690	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3691	-c "NamedGroup: secp256r1 ( 17 )" \
				3692	-c "Verifying peer X.509 certificate... ok" \
				3693	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3694
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3695	requires_openssl_tls1_3
				3696	requires_config_enabled MBEDTLS_DEBUG_C
				3697	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3698	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3699	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3700	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3701	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3702	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3703	0 \
				3704	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3705	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3706	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3707	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3708	-c "NamedGroup: secp256r1 ( 17 )" \
				3709	-c "Verifying peer X.509 certificate... ok" \
				3710	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3711
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3712	requires_openssl_tls1_3
				3713	requires_config_enabled MBEDTLS_DEBUG_C
				3714	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3715	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3716	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3717	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3718	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3719	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3720	0 \
				3721	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3722	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3723	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3724	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3725	-c "NamedGroup: secp256r1 ( 17 )" \
				3726	-c "Verifying peer X.509 certificate... ok" \
				3727	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3728
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3729	requires_openssl_tls1_3
				3730	requires_config_enabled MBEDTLS_DEBUG_C
				3731	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3732	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3733	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3734	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3735	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3736	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3737	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3738	0 \
				3739	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3740	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3741	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3742	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3743	-c "NamedGroup: secp256r1 ( 17 )" \
				3744	-c "Verifying peer X.509 certificate... ok" \
				3745	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3746
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3747	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3748	requires_config_enabled MBEDTLS_DEBUG_C
				3749	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3750	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3751	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3752	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3753	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3754	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3755	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3756	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3757	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3758	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3759	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				3760	-c "NamedGroup: secp384r1 ( 18 )" \
				3761	-c "Verifying peer X.509 certificate... ok" \
				3762	-C "received HelloRetryRequest message"
				3763
				3764	requires_openssl_tls1_3
				3765	requires_config_enabled MBEDTLS_DEBUG_C
				3766	requires_config_enabled MBEDTLS_SSL_CLI_C
				3767	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3768	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3769	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3770	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3771	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				3772	0 \
				3773	-c "HTTP/1.0 200 ok" \
				3774	-c "Protocol is TLSv1.3" \
				3775	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3776	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				3777	-c "NamedGroup: secp384r1 ( 18 )" \
				3778	-c "Verifying peer X.509 certificate... ok" \
				3779	-C "received HelloRetryRequest message"
				3780
				3781	requires_openssl_tls1_3
				3782	requires_config_enabled MBEDTLS_DEBUG_C
				3783	requires_config_enabled MBEDTLS_SSL_CLI_C
				3784	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3785	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3786	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3787	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3788	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				3789	0 \
				3790	-c "HTTP/1.0 200 ok" \
				3791	-c "Protocol is TLSv1.3" \
				3792	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3793	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				3794	-c "NamedGroup: secp384r1 ( 18 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3795	-c "Verifying peer X.509 certificate... ok" \
				3796	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3797
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3798	requires_openssl_tls1_3
				3799	requires_config_enabled MBEDTLS_DEBUG_C
				3800	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3801	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3802	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3803	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3804	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3805	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3806	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3807	0 \
				3808	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3809	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3810	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3811	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3812	-c "NamedGroup: secp384r1 ( 18 )" \
				3813	-c "Verifying peer X.509 certificate... ok" \
				3814	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3815
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3816	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3817	requires_config_enabled MBEDTLS_DEBUG_C
				3818	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3819	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3820	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3821	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3822	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3823	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3824	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3825	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3826	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3827	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3828	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				3829	-c "NamedGroup: secp521r1 ( 19 )" \
				3830	-c "Verifying peer X.509 certificate... ok" \
				3831	-C "received HelloRetryRequest message"
				3832
				3833	requires_openssl_tls1_3
				3834	requires_config_enabled MBEDTLS_DEBUG_C
				3835	requires_config_enabled MBEDTLS_SSL_CLI_C
				3836	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3837	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3838	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3839	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3840	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				3841	0 \
				3842	-c "HTTP/1.0 200 ok" \
				3843	-c "Protocol is TLSv1.3" \
				3844	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3845	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				3846	-c "NamedGroup: secp521r1 ( 19 )" \
				3847	-c "Verifying peer X.509 certificate... ok" \
				3848	-C "received HelloRetryRequest message"
				3849
				3850	requires_openssl_tls1_3
				3851	requires_config_enabled MBEDTLS_DEBUG_C
				3852	requires_config_enabled MBEDTLS_SSL_CLI_C
				3853	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3854	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3855	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3856	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3857	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				3858	0 \
				3859	-c "HTTP/1.0 200 ok" \
				3860	-c "Protocol is TLSv1.3" \
				3861	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3862	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				3863	-c "NamedGroup: secp521r1 ( 19 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3864	-c "Verifying peer X.509 certificate... ok" \
				3865	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3866
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3867	requires_openssl_tls1_3
				3868	requires_config_enabled MBEDTLS_DEBUG_C
				3869	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3870	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3871	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3872	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3873	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3874	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3875	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3876	0 \
				3877	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3878	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3879	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3880	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3881	-c "NamedGroup: secp521r1 ( 19 )" \
				3882	-c "Verifying peer X.509 certificate... ok" \
				3883	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3884
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3885	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3886	requires_config_enabled MBEDTLS_DEBUG_C
				3887	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3888	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3889	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3890	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3891	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3892	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3893	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3894	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3895	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3896	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3897	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				3898	-c "NamedGroup: x25519 ( 1d )" \
				3899	-c "Verifying peer X.509 certificate... ok" \
				3900	-C "received HelloRetryRequest message"
				3901
				3902	requires_openssl_tls1_3
				3903	requires_config_enabled MBEDTLS_DEBUG_C
				3904	requires_config_enabled MBEDTLS_SSL_CLI_C
				3905	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3906	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3907	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3908	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3909	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				3910	0 \
				3911	-c "HTTP/1.0 200 ok" \
				3912	-c "Protocol is TLSv1.3" \
				3913	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3914	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				3915	-c "NamedGroup: x25519 ( 1d )" \
				3916	-c "Verifying peer X.509 certificate... ok" \
				3917	-C "received HelloRetryRequest message"
				3918
				3919	requires_openssl_tls1_3
				3920	requires_config_enabled MBEDTLS_DEBUG_C
				3921	requires_config_enabled MBEDTLS_SSL_CLI_C
				3922	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3923	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3924	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3925	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3926	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				3927	0 \
				3928	-c "HTTP/1.0 200 ok" \
				3929	-c "Protocol is TLSv1.3" \
				3930	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3931	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				3932	-c "NamedGroup: x25519 ( 1d )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3933	-c "Verifying peer X.509 certificate... ok" \
				3934	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3935
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3936	requires_openssl_tls1_3
				3937	requires_config_enabled MBEDTLS_DEBUG_C
				3938	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3939	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3940	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3941	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	3942	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3943	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3944	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3945	0 \
				3946	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3947	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3948	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3949	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3950	-c "NamedGroup: x25519 ( 1d )" \
				3951	-c "Verifying peer X.509 certificate... ok" \
				3952	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3953
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3954	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3955	requires_config_enabled MBEDTLS_DEBUG_C
				3956	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3957	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3958	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3959	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3960	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3961	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3962	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3963	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3964	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3965	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3966	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				3967	-c "NamedGroup: x448 ( 1e )" \
				3968	-c "Verifying peer X.509 certificate... ok" \
				3969	-C "received HelloRetryRequest message"
				3970
				3971	requires_openssl_tls1_3
				3972	requires_config_enabled MBEDTLS_DEBUG_C
				3973	requires_config_enabled MBEDTLS_SSL_CLI_C
				3974	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3975	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3976	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3977	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3978	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				3979	0 \
				3980	-c "HTTP/1.0 200 ok" \
				3981	-c "Protocol is TLSv1.3" \
				3982	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				3983	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				3984	-c "NamedGroup: x448 ( 1e )" \
				3985	-c "Verifying peer X.509 certificate... ok" \
				3986	-C "received HelloRetryRequest message"
				3987
				3988	requires_openssl_tls1_3
				3989	requires_config_enabled MBEDTLS_DEBUG_C
				3990	requires_config_enabled MBEDTLS_SSL_CLI_C
				3991	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3992	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3993	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	3994	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	3995	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				3996	0 \
				3997	-c "HTTP/1.0 200 ok" \
				3998	-c "Protocol is TLSv1.3" \
				3999	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				4000	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4001	-c "NamedGroup: x448 ( 1e )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4002	-c "Verifying peer X.509 certificate... ok" \
				4003	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4004
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4005	requires_openssl_tls1_3
				4006	requires_config_enabled MBEDTLS_DEBUG_C
				4007	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4008	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4009	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4010	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4011	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4012	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4013	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4014	0 \
				4015	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4016	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4017	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				4018	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4019	-c "NamedGroup: x448 ( 1e )" \
				4020	-c "Verifying peer X.509 certificate... ok" \
				4021	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4022
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4023	requires_openssl_tls1_3
				4024	requires_config_enabled MBEDTLS_DEBUG_C
				4025	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4026	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4027	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4028	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4029	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4030	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4031	0 \
				4032	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4033	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4034	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4035	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4036	-c "NamedGroup: secp256r1 ( 17 )" \
				4037	-c "Verifying peer X.509 certificate... ok" \
				4038	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4039
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4040	requires_openssl_tls1_3
				4041	requires_config_enabled MBEDTLS_DEBUG_C
				4042	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4043	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4044	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4045	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4046	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4047	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4048	0 \
				4049	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4050	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4051	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4052	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4053	-c "NamedGroup: secp256r1 ( 17 )" \
				4054	-c "Verifying peer X.509 certificate... ok" \
				4055	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4056
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4057	requires_openssl_tls1_3
				4058	requires_config_enabled MBEDTLS_DEBUG_C
				4059	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4060	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4061	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4062	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4063	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4064	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4065	0 \
				4066	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4067	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4068	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4069	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4070	-c "NamedGroup: secp256r1 ( 17 )" \
				4071	-c "Verifying peer X.509 certificate... ok" \
				4072	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4073
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4074	requires_openssl_tls1_3
				4075	requires_config_enabled MBEDTLS_DEBUG_C
				4076	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4077	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4078	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4079	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4080	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4081	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4082	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4083	0 \
				4084	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4085	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4086	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4087	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4088	-c "NamedGroup: secp256r1 ( 17 )" \
				4089	-c "Verifying peer X.509 certificate... ok" \
				4090	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4091
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4092	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4093	requires_config_enabled MBEDTLS_DEBUG_C
				4094	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4095	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4096	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4097	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4098	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4099	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4100	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4101	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4102	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4103	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4104	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4105	-c "NamedGroup: secp384r1 ( 18 )" \
				4106	-c "Verifying peer X.509 certificate... ok" \
				4107	-C "received HelloRetryRequest message"
				4108
				4109	requires_openssl_tls1_3
				4110	requires_config_enabled MBEDTLS_DEBUG_C
				4111	requires_config_enabled MBEDTLS_SSL_CLI_C
				4112	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4113	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4114	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4115	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4116	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				4117	0 \
				4118	-c "HTTP/1.0 200 ok" \
				4119	-c "Protocol is TLSv1.3" \
				4120	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4121	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4122	-c "NamedGroup: secp384r1 ( 18 )" \
				4123	-c "Verifying peer X.509 certificate... ok" \
				4124	-C "received HelloRetryRequest message"
				4125
				4126	requires_openssl_tls1_3
				4127	requires_config_enabled MBEDTLS_DEBUG_C
				4128	requires_config_enabled MBEDTLS_SSL_CLI_C
				4129	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4130	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4131	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4132	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4133	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				4134	0 \
				4135	-c "HTTP/1.0 200 ok" \
				4136	-c "Protocol is TLSv1.3" \
				4137	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4138	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4139	-c "NamedGroup: secp384r1 ( 18 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4140	-c "Verifying peer X.509 certificate... ok" \
				4141	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4142
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4143	requires_openssl_tls1_3
				4144	requires_config_enabled MBEDTLS_DEBUG_C
				4145	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4146	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4147	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4148	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4149	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4150	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4151	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4152	0 \
				4153	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4154	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4155	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4156	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4157	-c "NamedGroup: secp384r1 ( 18 )" \
				4158	-c "Verifying peer X.509 certificate... ok" \
				4159	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4160
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4161	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4162	requires_config_enabled MBEDTLS_DEBUG_C
				4163	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4164	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4165	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4166	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4167	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4168	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4169	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4170	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4171	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4172	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4173	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4174	-c "NamedGroup: secp521r1 ( 19 )" \
				4175	-c "Verifying peer X.509 certificate... ok" \
				4176	-C "received HelloRetryRequest message"
				4177
				4178	requires_openssl_tls1_3
				4179	requires_config_enabled MBEDTLS_DEBUG_C
				4180	requires_config_enabled MBEDTLS_SSL_CLI_C
				4181	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4182	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4183	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4184	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4185	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				4186	0 \
				4187	-c "HTTP/1.0 200 ok" \
				4188	-c "Protocol is TLSv1.3" \
				4189	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4190	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4191	-c "NamedGroup: secp521r1 ( 19 )" \
				4192	-c "Verifying peer X.509 certificate... ok" \
				4193	-C "received HelloRetryRequest message"
				4194
				4195	requires_openssl_tls1_3
				4196	requires_config_enabled MBEDTLS_DEBUG_C
				4197	requires_config_enabled MBEDTLS_SSL_CLI_C
				4198	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4199	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4200	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4201	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4202	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				4203	0 \
				4204	-c "HTTP/1.0 200 ok" \
				4205	-c "Protocol is TLSv1.3" \
				4206	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4207	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4208	-c "NamedGroup: secp521r1 ( 19 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4209	-c "Verifying peer X.509 certificate... ok" \
				4210	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4211
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4212	requires_openssl_tls1_3
				4213	requires_config_enabled MBEDTLS_DEBUG_C
				4214	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4215	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4216	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4217	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4218	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4219	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4220	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4221	0 \
				4222	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4223	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4224	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4225	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4226	-c "NamedGroup: secp521r1 ( 19 )" \
				4227	-c "Verifying peer X.509 certificate... ok" \
				4228	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4229
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4230	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4231	requires_config_enabled MBEDTLS_DEBUG_C
				4232	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4233	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4234	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4235	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4236	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4237	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4238	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4239	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4240	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4241	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4242	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4243	-c "NamedGroup: x25519 ( 1d )" \
				4244	-c "Verifying peer X.509 certificate... ok" \
				4245	-C "received HelloRetryRequest message"
				4246
				4247	requires_openssl_tls1_3
				4248	requires_config_enabled MBEDTLS_DEBUG_C
				4249	requires_config_enabled MBEDTLS_SSL_CLI_C
				4250	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4251	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4252	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4253	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4254	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				4255	0 \
				4256	-c "HTTP/1.0 200 ok" \
				4257	-c "Protocol is TLSv1.3" \
				4258	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4259	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4260	-c "NamedGroup: x25519 ( 1d )" \
				4261	-c "Verifying peer X.509 certificate... ok" \
				4262	-C "received HelloRetryRequest message"
				4263
				4264	requires_openssl_tls1_3
				4265	requires_config_enabled MBEDTLS_DEBUG_C
				4266	requires_config_enabled MBEDTLS_SSL_CLI_C
				4267	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4268	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4269	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4270	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4271	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				4272	0 \
				4273	-c "HTTP/1.0 200 ok" \
				4274	-c "Protocol is TLSv1.3" \
				4275	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4276	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4277	-c "NamedGroup: x25519 ( 1d )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4278	-c "Verifying peer X.509 certificate... ok" \
				4279	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4280
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4281	requires_openssl_tls1_3
				4282	requires_config_enabled MBEDTLS_DEBUG_C
				4283	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4284	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4285	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4286	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4287	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4288	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4289	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4290	0 \
				4291	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4292	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4293	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4294	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4295	-c "NamedGroup: x25519 ( 1d )" \
				4296	-c "Verifying peer X.509 certificate... ok" \
				4297	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4298
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4299	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4300	requires_config_enabled MBEDTLS_DEBUG_C
				4301	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4302	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4303	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4304	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4305	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4306	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4307	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4308	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4309	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4310	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4311	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4312	-c "NamedGroup: x448 ( 1e )" \
				4313	-c "Verifying peer X.509 certificate... ok" \
				4314	-C "received HelloRetryRequest message"
				4315
				4316	requires_openssl_tls1_3
				4317	requires_config_enabled MBEDTLS_DEBUG_C
				4318	requires_config_enabled MBEDTLS_SSL_CLI_C
				4319	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4320	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4321	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4322	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4323	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				4324	0 \
				4325	-c "HTTP/1.0 200 ok" \
				4326	-c "Protocol is TLSv1.3" \
				4327	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4328	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4329	-c "NamedGroup: x448 ( 1e )" \
				4330	-c "Verifying peer X.509 certificate... ok" \
				4331	-C "received HelloRetryRequest message"
				4332
				4333	requires_openssl_tls1_3
				4334	requires_config_enabled MBEDTLS_DEBUG_C
				4335	requires_config_enabled MBEDTLS_SSL_CLI_C
				4336	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4337	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4338	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4339	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4340	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				4341	0 \
				4342	-c "HTTP/1.0 200 ok" \
				4343	-c "Protocol is TLSv1.3" \
				4344	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4345	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4346	-c "NamedGroup: x448 ( 1e )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4347	-c "Verifying peer X.509 certificate... ok" \
				4348	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4349
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4350	requires_openssl_tls1_3
				4351	requires_config_enabled MBEDTLS_DEBUG_C
				4352	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4353	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4354	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4355	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4356	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4357	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4358	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4359	0 \
				4360	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4361	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4362	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				4363	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4364	-c "NamedGroup: x448 ( 1e )" \
				4365	-c "Verifying peer X.509 certificate... ok" \
				4366	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4367
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4368	requires_openssl_tls1_3
				4369	requires_config_enabled MBEDTLS_DEBUG_C
				4370	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4371	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4372	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4373	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4374	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4375	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4376	0 \
				4377	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4378	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4379	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4380	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4381	-c "NamedGroup: secp256r1 ( 17 )" \
				4382	-c "Verifying peer X.509 certificate... ok" \
				4383	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4384
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4385	requires_openssl_tls1_3
				4386	requires_config_enabled MBEDTLS_DEBUG_C
				4387	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4388	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4389	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4390	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4391	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4392	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4393	0 \
				4394	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4395	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4396	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4397	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4398	-c "NamedGroup: secp256r1 ( 17 )" \
				4399	-c "Verifying peer X.509 certificate... ok" \
				4400	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4401
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4402	requires_openssl_tls1_3
				4403	requires_config_enabled MBEDTLS_DEBUG_C
				4404	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4405	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4406	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4407	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4408	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4409	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4410	0 \
				4411	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4412	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4413	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4414	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4415	-c "NamedGroup: secp256r1 ( 17 )" \
				4416	-c "Verifying peer X.509 certificate... ok" \
				4417	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4418
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4419	requires_openssl_tls1_3
				4420	requires_config_enabled MBEDTLS_DEBUG_C
				4421	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4422	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4423	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4424	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4425	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4426	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4427	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4428	0 \
				4429	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4430	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4431	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4432	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4433	-c "NamedGroup: secp256r1 ( 17 )" \
				4434	-c "Verifying peer X.509 certificate... ok" \
				4435	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4436
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4437	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4438	requires_config_enabled MBEDTLS_DEBUG_C
				4439	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4440	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4441	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4442	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4443	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4444	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4445	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4446	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4447	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4448	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4449	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4450	-c "NamedGroup: secp384r1 ( 18 )" \
				4451	-c "Verifying peer X.509 certificate... ok" \
				4452	-C "received HelloRetryRequest message"
				4453
				4454	requires_openssl_tls1_3
				4455	requires_config_enabled MBEDTLS_DEBUG_C
				4456	requires_config_enabled MBEDTLS_SSL_CLI_C
				4457	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4458	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4459	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4460	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4461	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				4462	0 \
				4463	-c "HTTP/1.0 200 ok" \
				4464	-c "Protocol is TLSv1.3" \
				4465	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4466	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4467	-c "NamedGroup: secp384r1 ( 18 )" \
				4468	-c "Verifying peer X.509 certificate... ok" \
				4469	-C "received HelloRetryRequest message"
				4470
				4471	requires_openssl_tls1_3
				4472	requires_config_enabled MBEDTLS_DEBUG_C
				4473	requires_config_enabled MBEDTLS_SSL_CLI_C
				4474	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4475	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4476	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4477	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4478	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				4479	0 \
				4480	-c "HTTP/1.0 200 ok" \
				4481	-c "Protocol is TLSv1.3" \
				4482	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4483	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4484	-c "NamedGroup: secp384r1 ( 18 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4485	-c "Verifying peer X.509 certificate... ok" \
				4486	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4487
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4488	requires_openssl_tls1_3
				4489	requires_config_enabled MBEDTLS_DEBUG_C
				4490	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4491	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4492	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4493	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4494	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4495	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4496	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4497	0 \
				4498	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4499	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4500	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4501	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4502	-c "NamedGroup: secp384r1 ( 18 )" \
				4503	-c "Verifying peer X.509 certificate... ok" \
				4504	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4505
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4506	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4507	requires_config_enabled MBEDTLS_DEBUG_C
				4508	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4509	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4510	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4511	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4512	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4513	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4514	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4515	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4516	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4517	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4518	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4519	-c "NamedGroup: secp521r1 ( 19 )" \
				4520	-c "Verifying peer X.509 certificate... ok" \
				4521	-C "received HelloRetryRequest message"
				4522
				4523	requires_openssl_tls1_3
				4524	requires_config_enabled MBEDTLS_DEBUG_C
				4525	requires_config_enabled MBEDTLS_SSL_CLI_C
				4526	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4527	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4528	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4529	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4530	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				4531	0 \
				4532	-c "HTTP/1.0 200 ok" \
				4533	-c "Protocol is TLSv1.3" \
				4534	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4535	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4536	-c "NamedGroup: secp521r1 ( 19 )" \
				4537	-c "Verifying peer X.509 certificate... ok" \
				4538	-C "received HelloRetryRequest message"
				4539
				4540	requires_openssl_tls1_3
				4541	requires_config_enabled MBEDTLS_DEBUG_C
				4542	requires_config_enabled MBEDTLS_SSL_CLI_C
				4543	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4544	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4545	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4546	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4547	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				4548	0 \
				4549	-c "HTTP/1.0 200 ok" \
				4550	-c "Protocol is TLSv1.3" \
				4551	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4552	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4553	-c "NamedGroup: secp521r1 ( 19 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4554	-c "Verifying peer X.509 certificate... ok" \
				4555	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4556
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4557	requires_openssl_tls1_3
				4558	requires_config_enabled MBEDTLS_DEBUG_C
				4559	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4560	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4561	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4562	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4563	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4564	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4565	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4566	0 \
				4567	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4568	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4569	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4570	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4571	-c "NamedGroup: secp521r1 ( 19 )" \
				4572	-c "Verifying peer X.509 certificate... ok" \
				4573	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4574
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4575	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4576	requires_config_enabled MBEDTLS_DEBUG_C
				4577	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4578	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4579	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4580	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4581	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4582	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4583	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4584	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4585	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4586	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4587	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4588	-c "NamedGroup: x25519 ( 1d )" \
				4589	-c "Verifying peer X.509 certificate... ok" \
				4590	-C "received HelloRetryRequest message"
				4591
				4592	requires_openssl_tls1_3
				4593	requires_config_enabled MBEDTLS_DEBUG_C
				4594	requires_config_enabled MBEDTLS_SSL_CLI_C
				4595	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4596	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4597	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4598	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4599	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				4600	0 \
				4601	-c "HTTP/1.0 200 ok" \
				4602	-c "Protocol is TLSv1.3" \
				4603	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4604	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4605	-c "NamedGroup: x25519 ( 1d )" \
				4606	-c "Verifying peer X.509 certificate... ok" \
				4607	-C "received HelloRetryRequest message"
				4608
				4609	requires_openssl_tls1_3
				4610	requires_config_enabled MBEDTLS_DEBUG_C
				4611	requires_config_enabled MBEDTLS_SSL_CLI_C
				4612	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4613	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4614	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4615	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4616	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				4617	0 \
				4618	-c "HTTP/1.0 200 ok" \
				4619	-c "Protocol is TLSv1.3" \
				4620	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4621	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4622	-c "NamedGroup: x25519 ( 1d )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4623	-c "Verifying peer X.509 certificate... ok" \
				4624	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4625
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4626	requires_openssl_tls1_3
				4627	requires_config_enabled MBEDTLS_DEBUG_C
				4628	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4629	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4630	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4631	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4632	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4633	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4634	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4635	0 \
				4636	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4637	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4638	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4639	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4640	-c "NamedGroup: x25519 ( 1d )" \
				4641	-c "Verifying peer X.509 certificate... ok" \
				4642	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4643
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4644	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4645	requires_config_enabled MBEDTLS_DEBUG_C
				4646	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4647	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4648	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4649	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4650	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4651	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4652	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4653	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4654	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4655	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4656	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4657	-c "NamedGroup: x448 ( 1e )" \
				4658	-c "Verifying peer X.509 certificate... ok" \
				4659	-C "received HelloRetryRequest message"
				4660
				4661	requires_openssl_tls1_3
				4662	requires_config_enabled MBEDTLS_DEBUG_C
				4663	requires_config_enabled MBEDTLS_SSL_CLI_C
				4664	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4665	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4666	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4667	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4668	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				4669	0 \
				4670	-c "HTTP/1.0 200 ok" \
				4671	-c "Protocol is TLSv1.3" \
				4672	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4673	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4674	-c "NamedGroup: x448 ( 1e )" \
				4675	-c "Verifying peer X.509 certificate... ok" \
				4676	-C "received HelloRetryRequest message"
				4677
				4678	requires_openssl_tls1_3
				4679	requires_config_enabled MBEDTLS_DEBUG_C
				4680	requires_config_enabled MBEDTLS_SSL_CLI_C
				4681	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4682	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4683	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4684	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4685	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				4686	0 \
				4687	-c "HTTP/1.0 200 ok" \
				4688	-c "Protocol is TLSv1.3" \
				4689	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4690	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4691	-c "NamedGroup: x448 ( 1e )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4692	-c "Verifying peer X.509 certificate... ok" \
				4693	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4694
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4695	requires_openssl_tls1_3
				4696	requires_config_enabled MBEDTLS_DEBUG_C
				4697	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4698	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4699	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4700	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4701	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4702	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4703	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4704	0 \
				4705	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4706	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4707	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				4708	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4709	-c "NamedGroup: x448 ( 1e )" \
				4710	-c "Verifying peer X.509 certificate... ok" \
				4711	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4712
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4713	requires_openssl_tls1_3
				4714	requires_config_enabled MBEDTLS_DEBUG_C
				4715	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4716	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4717	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4718	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4719	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4720	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4721	0 \
				4722	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4723	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4724	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4725	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4726	-c "NamedGroup: secp256r1 ( 17 )" \
				4727	-c "Verifying peer X.509 certificate... ok" \
				4728	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4729
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4730	requires_openssl_tls1_3
				4731	requires_config_enabled MBEDTLS_DEBUG_C
				4732	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4733	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4734	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4735	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4736	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4737	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4738	0 \
				4739	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4740	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4741	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4742	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4743	-c "NamedGroup: secp256r1 ( 17 )" \
				4744	-c "Verifying peer X.509 certificate... ok" \
				4745	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4746
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4747	requires_openssl_tls1_3
				4748	requires_config_enabled MBEDTLS_DEBUG_C
				4749	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4750	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4751	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4752	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4753	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4754	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4755	0 \
				4756	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4757	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4758	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4759	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4760	-c "NamedGroup: secp256r1 ( 17 )" \
				4761	-c "Verifying peer X.509 certificate... ok" \
				4762	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4763
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4764	requires_openssl_tls1_3
				4765	requires_config_enabled MBEDTLS_DEBUG_C
				4766	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4767	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4768	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4769	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4770	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4771	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4772	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4773	0 \
				4774	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4775	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4776	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4777	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4778	-c "NamedGroup: secp256r1 ( 17 )" \
				4779	-c "Verifying peer X.509 certificate... ok" \
				4780	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4781
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4782	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4783	requires_config_enabled MBEDTLS_DEBUG_C
				4784	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4785	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4786	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4787	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4788	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4789	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4790	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4791	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4792	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4793	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4794	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4795	-c "NamedGroup: secp384r1 ( 18 )" \
				4796	-c "Verifying peer X.509 certificate... ok" \
				4797	-C "received HelloRetryRequest message"
				4798
				4799	requires_openssl_tls1_3
				4800	requires_config_enabled MBEDTLS_DEBUG_C
				4801	requires_config_enabled MBEDTLS_SSL_CLI_C
				4802	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4803	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4804	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4805	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4806	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				4807	0 \
				4808	-c "HTTP/1.0 200 ok" \
				4809	-c "Protocol is TLSv1.3" \
				4810	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4811	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4812	-c "NamedGroup: secp384r1 ( 18 )" \
				4813	-c "Verifying peer X.509 certificate... ok" \
				4814	-C "received HelloRetryRequest message"
				4815
				4816	requires_openssl_tls1_3
				4817	requires_config_enabled MBEDTLS_DEBUG_C
				4818	requires_config_enabled MBEDTLS_SSL_CLI_C
				4819	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4820	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4821	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4822	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4823	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				4824	0 \
				4825	-c "HTTP/1.0 200 ok" \
				4826	-c "Protocol is TLSv1.3" \
				4827	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4828	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4829	-c "NamedGroup: secp384r1 ( 18 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4830	-c "Verifying peer X.509 certificate... ok" \
				4831	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4832
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4833	requires_openssl_tls1_3
				4834	requires_config_enabled MBEDTLS_DEBUG_C
				4835	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4836	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4837	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4838	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4839	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4840	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4841	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4842	0 \
				4843	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4844	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4845	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4846	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4847	-c "NamedGroup: secp384r1 ( 18 )" \
				4848	-c "Verifying peer X.509 certificate... ok" \
				4849	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4850
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4851	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4852	requires_config_enabled MBEDTLS_DEBUG_C
				4853	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4854	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4855	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4856	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4857	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4858	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4859	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4860	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4861	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4862	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4863	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4864	-c "NamedGroup: secp521r1 ( 19 )" \
				4865	-c "Verifying peer X.509 certificate... ok" \
				4866	-C "received HelloRetryRequest message"
				4867
				4868	requires_openssl_tls1_3
				4869	requires_config_enabled MBEDTLS_DEBUG_C
				4870	requires_config_enabled MBEDTLS_SSL_CLI_C
				4871	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4872	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4873	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4874	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4875	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				4876	0 \
				4877	-c "HTTP/1.0 200 ok" \
				4878	-c "Protocol is TLSv1.3" \
				4879	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4880	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4881	-c "NamedGroup: secp521r1 ( 19 )" \
				4882	-c "Verifying peer X.509 certificate... ok" \
				4883	-C "received HelloRetryRequest message"
				4884
				4885	requires_openssl_tls1_3
				4886	requires_config_enabled MBEDTLS_DEBUG_C
				4887	requires_config_enabled MBEDTLS_SSL_CLI_C
				4888	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4889	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4890	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4891	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4892	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				4893	0 \
				4894	-c "HTTP/1.0 200 ok" \
				4895	-c "Protocol is TLSv1.3" \
				4896	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4897	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4898	-c "NamedGroup: secp521r1 ( 19 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4899	-c "Verifying peer X.509 certificate... ok" \
				4900	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4901
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4902	requires_openssl_tls1_3
				4903	requires_config_enabled MBEDTLS_DEBUG_C
				4904	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4905	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4906	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4907	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4908	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4909	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4910	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4911	0 \
				4912	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4913	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4914	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4915	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4916	-c "NamedGroup: secp521r1 ( 19 )" \
				4917	-c "Verifying peer X.509 certificate... ok" \
				4918	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4919
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4920	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4921	requires_config_enabled MBEDTLS_DEBUG_C
				4922	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4923	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4924	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4925	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4926	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4927	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4928	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4929	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4930	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4931	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4932	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				4933	-c "NamedGroup: x25519 ( 1d )" \
				4934	-c "Verifying peer X.509 certificate... ok" \
				4935	-C "received HelloRetryRequest message"
				4936
				4937	requires_openssl_tls1_3
				4938	requires_config_enabled MBEDTLS_DEBUG_C
				4939	requires_config_enabled MBEDTLS_SSL_CLI_C
				4940	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4941	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4942	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4943	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4944	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				4945	0 \
				4946	-c "HTTP/1.0 200 ok" \
				4947	-c "Protocol is TLSv1.3" \
				4948	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4949	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				4950	-c "NamedGroup: x25519 ( 1d )" \
				4951	-c "Verifying peer X.509 certificate... ok" \
				4952	-C "received HelloRetryRequest message"
				4953
				4954	requires_openssl_tls1_3
				4955	requires_config_enabled MBEDTLS_DEBUG_C
				4956	requires_config_enabled MBEDTLS_SSL_CLI_C
				4957	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4958	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4959	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4960	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4961	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				4962	0 \
				4963	-c "HTTP/1.0 200 ok" \
				4964	-c "Protocol is TLSv1.3" \
				4965	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4966	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				4967	-c "NamedGroup: x25519 ( 1d )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4968	-c "Verifying peer X.509 certificate... ok" \
				4969	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4970
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4971	requires_openssl_tls1_3
				4972	requires_config_enabled MBEDTLS_DEBUG_C
				4973	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4974	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4975	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4976	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	4977	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4978	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4979	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4980	0 \
				4981	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4982	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4983	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				4984	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	4985	-c "NamedGroup: x25519 ( 1d )" \
				4986	-c "Verifying peer X.509 certificate... ok" \
				4987	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	4988
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4989	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4990	requires_config_enabled MBEDTLS_DEBUG_C
				4991	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	4992	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	4993	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4994	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	4995	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4996	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	4997	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	4998	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	4999	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5000	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5001	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5002	-c "NamedGroup: x448 ( 1e )" \
				5003	-c "Verifying peer X.509 certificate... ok" \
				5004	-C "received HelloRetryRequest message"
				5005
				5006	requires_openssl_tls1_3
				5007	requires_config_enabled MBEDTLS_DEBUG_C
				5008	requires_config_enabled MBEDTLS_SSL_CLI_C
				5009	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5010	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5011	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5012	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5013	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				5014	0 \
				5015	-c "HTTP/1.0 200 ok" \
				5016	-c "Protocol is TLSv1.3" \
				5017	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				5018	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5019	-c "NamedGroup: x448 ( 1e )" \
				5020	-c "Verifying peer X.509 certificate... ok" \
				5021	-C "received HelloRetryRequest message"
				5022
				5023	requires_openssl_tls1_3
				5024	requires_config_enabled MBEDTLS_DEBUG_C
				5025	requires_config_enabled MBEDTLS_SSL_CLI_C
				5026	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5027	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5028	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5029	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5030	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				5031	0 \
				5032	-c "HTTP/1.0 200 ok" \
				5033	-c "Protocol is TLSv1.3" \
				5034	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				5035	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5036	-c "NamedGroup: x448 ( 1e )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5037	-c "Verifying peer X.509 certificate... ok" \
				5038	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5039
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5040	requires_openssl_tls1_3
				5041	requires_config_enabled MBEDTLS_DEBUG_C
				5042	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5043	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5044	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5045	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5046	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5047	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5048	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5049	0 \
				5050	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5051	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5052	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				5053	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5054	-c "NamedGroup: x448 ( 1e )" \
				5055	-c "Verifying peer X.509 certificate... ok" \
				5056	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5057
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5058	requires_openssl_tls1_3
				5059	requires_config_enabled MBEDTLS_DEBUG_C
				5060	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5061	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5062	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5063	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5064	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5065	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5066	0 \
				5067	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5068	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5069	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5070	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5071	-c "NamedGroup: secp256r1 ( 17 )" \
				5072	-c "Verifying peer X.509 certificate... ok" \
				5073	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5074
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5075	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5076	requires_config_enabled MBEDTLS_DEBUG_C
				5077	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5078	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5079	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5080	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5081	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5082	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5083	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5084	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5085	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5086	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5087	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5088	-c "NamedGroup: secp256r1 ( 17 )" \
				5089	-c "Verifying peer X.509 certificate... ok" \
				5090	-C "received HelloRetryRequest message"
				5091
				5092	requires_openssl_tls1_3
				5093	requires_config_enabled MBEDTLS_DEBUG_C
				5094	requires_config_enabled MBEDTLS_SSL_CLI_C
				5095	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5096	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5097	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5098	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5099	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				5100	0 \
				5101	-c "HTTP/1.0 200 ok" \
				5102	-c "Protocol is TLSv1.3" \
				5103	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5104	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5105	-c "NamedGroup: secp256r1 ( 17 )" \
				5106	-c "Verifying peer X.509 certificate... ok" \
				5107	-C "received HelloRetryRequest message"
				5108
				5109	requires_openssl_tls1_3
				5110	requires_config_enabled MBEDTLS_DEBUG_C
				5111	requires_config_enabled MBEDTLS_SSL_CLI_C
				5112	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5113	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5114	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5115	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5116	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5117	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				5118	0 \
				5119	-c "HTTP/1.0 200 ok" \
				5120	-c "Protocol is TLSv1.3" \
				5121	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5122	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5123	-c "NamedGroup: secp256r1 ( 17 )" \
				5124	-c "Verifying peer X.509 certificate... ok" \
				5125	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5126
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5127	requires_openssl_tls1_3
				5128	requires_config_enabled MBEDTLS_DEBUG_C
				5129	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5130	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5131	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5132	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5133	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5134	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5135	0 \
				5136	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5137	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5138	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5139	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5140	-c "NamedGroup: secp384r1 ( 18 )" \
				5141	-c "Verifying peer X.509 certificate... ok" \
				5142	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5143
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5144	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5145	requires_config_enabled MBEDTLS_DEBUG_C
				5146	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5147	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5148	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5149	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5150	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5151	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5152	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5153	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5154	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5155	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5156	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5157	-c "NamedGroup: secp384r1 ( 18 )" \
				5158	-c "Verifying peer X.509 certificate... ok" \
				5159	-C "received HelloRetryRequest message"
				5160
				5161	requires_openssl_tls1_3
				5162	requires_config_enabled MBEDTLS_DEBUG_C
				5163	requires_config_enabled MBEDTLS_SSL_CLI_C
				5164	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5165	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5166	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5167	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5168	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				5169	0 \
				5170	-c "HTTP/1.0 200 ok" \
				5171	-c "Protocol is TLSv1.3" \
				5172	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5173	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5174	-c "NamedGroup: secp384r1 ( 18 )" \
				5175	-c "Verifying peer X.509 certificate... ok" \
				5176	-C "received HelloRetryRequest message"
				5177
				5178	requires_openssl_tls1_3
				5179	requires_config_enabled MBEDTLS_DEBUG_C
				5180	requires_config_enabled MBEDTLS_SSL_CLI_C
				5181	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5182	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5183	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5184	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5185	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5186	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				5187	0 \
				5188	-c "HTTP/1.0 200 ok" \
				5189	-c "Protocol is TLSv1.3" \
				5190	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5191	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5192	-c "NamedGroup: secp384r1 ( 18 )" \
				5193	-c "Verifying peer X.509 certificate... ok" \
				5194	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5195
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5196	requires_openssl_tls1_3
				5197	requires_config_enabled MBEDTLS_DEBUG_C
				5198	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5199	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5200	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5201	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5202	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5203	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5204	0 \
				5205	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5206	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5207	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5208	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5209	-c "NamedGroup: secp521r1 ( 19 )" \
				5210	-c "Verifying peer X.509 certificate... ok" \
				5211	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5212
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5213	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5214	requires_config_enabled MBEDTLS_DEBUG_C
				5215	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5216	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5217	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5218	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5219	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5220	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5221	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5222	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5223	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5224	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5225	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5226	-c "NamedGroup: secp521r1 ( 19 )" \
				5227	-c "Verifying peer X.509 certificate... ok" \
				5228	-C "received HelloRetryRequest message"
				5229
				5230	requires_openssl_tls1_3
				5231	requires_config_enabled MBEDTLS_DEBUG_C
				5232	requires_config_enabled MBEDTLS_SSL_CLI_C
				5233	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5234	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5235	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5236	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5237	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				5238	0 \
				5239	-c "HTTP/1.0 200 ok" \
				5240	-c "Protocol is TLSv1.3" \
				5241	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5242	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5243	-c "NamedGroup: secp521r1 ( 19 )" \
				5244	-c "Verifying peer X.509 certificate... ok" \
				5245	-C "received HelloRetryRequest message"
				5246
				5247	requires_openssl_tls1_3
				5248	requires_config_enabled MBEDTLS_DEBUG_C
				5249	requires_config_enabled MBEDTLS_SSL_CLI_C
				5250	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5251	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5252	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5253	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5254	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5255	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				5256	0 \
				5257	-c "HTTP/1.0 200 ok" \
				5258	-c "Protocol is TLSv1.3" \
				5259	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5260	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5261	-c "NamedGroup: secp521r1 ( 19 )" \
				5262	-c "Verifying peer X.509 certificate... ok" \
				5263	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5264
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5265	requires_openssl_tls1_3
				5266	requires_config_enabled MBEDTLS_DEBUG_C
				5267	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5268	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5269	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5270	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5271	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5272	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5273	0 \
				5274	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5275	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5276	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5277	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5278	-c "NamedGroup: x25519 ( 1d )" \
				5279	-c "Verifying peer X.509 certificate... ok" \
				5280	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5281
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5282	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5283	requires_config_enabled MBEDTLS_DEBUG_C
				5284	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5285	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5286	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5287	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5288	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5289	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5290	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5291	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5292	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5293	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5294	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5295	-c "NamedGroup: x25519 ( 1d )" \
				5296	-c "Verifying peer X.509 certificate... ok" \
				5297	-C "received HelloRetryRequest message"
				5298
				5299	requires_openssl_tls1_3
				5300	requires_config_enabled MBEDTLS_DEBUG_C
				5301	requires_config_enabled MBEDTLS_SSL_CLI_C
				5302	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5303	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5304	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5305	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5306	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				5307	0 \
				5308	-c "HTTP/1.0 200 ok" \
				5309	-c "Protocol is TLSv1.3" \
				5310	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5311	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5312	-c "NamedGroup: x25519 ( 1d )" \
				5313	-c "Verifying peer X.509 certificate... ok" \
				5314	-C "received HelloRetryRequest message"
				5315
				5316	requires_openssl_tls1_3
				5317	requires_config_enabled MBEDTLS_DEBUG_C
				5318	requires_config_enabled MBEDTLS_SSL_CLI_C
				5319	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5320	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5321	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5322	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5323	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5324	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				5325	0 \
				5326	-c "HTTP/1.0 200 ok" \
				5327	-c "Protocol is TLSv1.3" \
				5328	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5329	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5330	-c "NamedGroup: x25519 ( 1d )" \
				5331	-c "Verifying peer X.509 certificate... ok" \
				5332	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5333
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5334	requires_openssl_tls1_3
				5335	requires_config_enabled MBEDTLS_DEBUG_C
				5336	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5337	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5338	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	5339	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5340	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5341	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5342	0 \
				5343	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5344	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5345	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5346	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5347	-c "NamedGroup: x448 ( 1e )" \
				5348	-c "Verifying peer X.509 certificate... ok" \
				5349	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5350
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5351	requires_openssl_tls1_3
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5352	requires_config_enabled MBEDTLS_DEBUG_C
				5353	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5354	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5355	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5356	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5357	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5358	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5359	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5360	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5361	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5362	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5363	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5364	-c "NamedGroup: x448 ( 1e )" \
				5365	-c "Verifying peer X.509 certificate... ok" \
				5366	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5367
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5368	requires_openssl_tls1_3
				5369	requires_config_enabled MBEDTLS_DEBUG_C
				5370	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5371	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5372	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5373	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5374	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5375	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5376	0 \
				5377	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	5378	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5379	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5380	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5381	-c "NamedGroup: x448 ( 1e )" \
				5382	-c "Verifying peer X.509 certificate... ok" \
				5383	-C "received HelloRetryRequest message"
				5384
				5385	requires_openssl_tls1_3
				5386	requires_config_enabled MBEDTLS_DEBUG_C
				5387	requires_config_enabled MBEDTLS_SSL_CLI_C
				5388	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5389	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5390	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5391	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	5392	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5393	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				5394	0 \
				5395	-c "HTTP/1.0 200 ok" \
				5396	-c "Protocol is TLSv1.3" \
				5397	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				5398	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5399	-c "NamedGroup: x448 ( 1e )" \
				5400	-c "Verifying peer X.509 certificate... ok" \
				5401	-C "received HelloRetryRequest message"
				5402
				5403	requires_gnutls_tls1_3
				5404	requires_gnutls_next_no_ticket
				5405	requires_gnutls_next_disable_tls13_compat
				5406	requires_config_enabled MBEDTLS_DEBUG_C
				5407	requires_config_enabled MBEDTLS_SSL_CLI_C
				5408	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5409	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5410	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5411	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5412	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				5413	0 \
				5414	-c "HTTP/1.0 200 OK" \
				5415	-c "Protocol is TLSv1.3" \
				5416	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5417	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5418	-c "NamedGroup: secp256r1 ( 17 )" \
				5419	-c "Verifying peer X.509 certificate... ok" \
				5420	-C "received HelloRetryRequest message"
				5421
				5422	requires_gnutls_tls1_3
				5423	requires_gnutls_next_no_ticket
				5424	requires_gnutls_next_disable_tls13_compat
				5425	requires_config_enabled MBEDTLS_DEBUG_C
				5426	requires_config_enabled MBEDTLS_SSL_CLI_C
				5427	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5428	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5429	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5430	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5431	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				5432	0 \
				5433	-c "HTTP/1.0 200 OK" \
				5434	-c "Protocol is TLSv1.3" \
				5435	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	5436	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	5437	-c "NamedGroup: secp256r1 ( 17 )" \
				5438	-c "Verifying peer X.509 certificate... ok" \
				5439	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	5440
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	5441	requires_gnutls_tls1_3
				5442	requires_gnutls_next_no_ticket
				5443	requires_gnutls_next_disable_tls13_compat
				5444	requires_config_enabled MBEDTLS_DEBUG_C
				5445	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	5446	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	5447	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5448	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5449	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5450	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				5451	0 \
				5452	-c "HTTP/1.0 200 OK" \
				5453	-c "Protocol is TLSv1.3" \
				5454	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5455	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5456	-c "NamedGroup: secp256r1 ( 17 )" \
				5457	-c "Verifying peer X.509 certificate... ok" \
				5458	-C "received HelloRetryRequest message"
				5459
				5460	requires_gnutls_tls1_3
				5461	requires_gnutls_next_no_ticket
				5462	requires_gnutls_next_disable_tls13_compat
				5463	requires_config_enabled MBEDTLS_DEBUG_C
				5464	requires_config_enabled MBEDTLS_SSL_CLI_C
				5465	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5466	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5467	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5468	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5469	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5470	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				5471	0 \
				5472	-c "HTTP/1.0 200 OK" \
				5473	-c "Protocol is TLSv1.3" \
				5474	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5475	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5476	-c "NamedGroup: secp256r1 ( 17 )" \
				5477	-c "Verifying peer X.509 certificate... ok" \
				5478	-C "received HelloRetryRequest message"
				5479
				5480	requires_gnutls_tls1_3
				5481	requires_gnutls_next_no_ticket
				5482	requires_gnutls_next_disable_tls13_compat
				5483	requires_config_enabled MBEDTLS_DEBUG_C
				5484	requires_config_enabled MBEDTLS_SSL_CLI_C
				5485	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5486	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5487	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5488	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5489	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				5490	0 \
				5491	-c "HTTP/1.0 200 OK" \
				5492	-c "Protocol is TLSv1.3" \
				5493	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5494	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5495	-c "NamedGroup: secp384r1 ( 18 )" \
				5496	-c "Verifying peer X.509 certificate... ok" \
				5497	-C "received HelloRetryRequest message"
				5498
				5499	requires_gnutls_tls1_3
				5500	requires_gnutls_next_no_ticket
				5501	requires_gnutls_next_disable_tls13_compat
				5502	requires_config_enabled MBEDTLS_DEBUG_C
				5503	requires_config_enabled MBEDTLS_SSL_CLI_C
				5504	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5505	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5506	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5507	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5508	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				5509	0 \
				5510	-c "HTTP/1.0 200 OK" \
				5511	-c "Protocol is TLSv1.3" \
				5512	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5513	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5514	-c "NamedGroup: secp384r1 ( 18 )" \
				5515	-c "Verifying peer X.509 certificate... ok" \
				5516	-C "received HelloRetryRequest message"
				5517
				5518	requires_gnutls_tls1_3
				5519	requires_gnutls_next_no_ticket
				5520	requires_gnutls_next_disable_tls13_compat
				5521	requires_config_enabled MBEDTLS_DEBUG_C
				5522	requires_config_enabled MBEDTLS_SSL_CLI_C
				5523	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5524	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5525	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5526	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5527	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				5528	0 \
				5529	-c "HTTP/1.0 200 OK" \
				5530	-c "Protocol is TLSv1.3" \
				5531	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5532	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5533	-c "NamedGroup: secp384r1 ( 18 )" \
				5534	-c "Verifying peer X.509 certificate... ok" \
				5535	-C "received HelloRetryRequest message"
				5536
				5537	requires_gnutls_tls1_3
				5538	requires_gnutls_next_no_ticket
				5539	requires_gnutls_next_disable_tls13_compat
				5540	requires_config_enabled MBEDTLS_DEBUG_C
				5541	requires_config_enabled MBEDTLS_SSL_CLI_C
				5542	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5543	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5544	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5545	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5546	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5547	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				5548	0 \
				5549	-c "HTTP/1.0 200 OK" \
				5550	-c "Protocol is TLSv1.3" \
				5551	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5552	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5553	-c "NamedGroup: secp384r1 ( 18 )" \
				5554	-c "Verifying peer X.509 certificate... ok" \
				5555	-C "received HelloRetryRequest message"
				5556
				5557	requires_gnutls_tls1_3
				5558	requires_gnutls_next_no_ticket
				5559	requires_gnutls_next_disable_tls13_compat
				5560	requires_config_enabled MBEDTLS_DEBUG_C
				5561	requires_config_enabled MBEDTLS_SSL_CLI_C
				5562	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5563	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5564	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5565	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5566	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				5567	0 \
				5568	-c "HTTP/1.0 200 OK" \
				5569	-c "Protocol is TLSv1.3" \
				5570	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5571	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5572	-c "NamedGroup: secp521r1 ( 19 )" \
				5573	-c "Verifying peer X.509 certificate... ok" \
				5574	-C "received HelloRetryRequest message"
				5575
				5576	requires_gnutls_tls1_3
				5577	requires_gnutls_next_no_ticket
				5578	requires_gnutls_next_disable_tls13_compat
				5579	requires_config_enabled MBEDTLS_DEBUG_C
				5580	requires_config_enabled MBEDTLS_SSL_CLI_C
				5581	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5582	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5583	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5584	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5585	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				5586	0 \
				5587	-c "HTTP/1.0 200 OK" \
				5588	-c "Protocol is TLSv1.3" \
				5589	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5590	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5591	-c "NamedGroup: secp521r1 ( 19 )" \
				5592	-c "Verifying peer X.509 certificate... ok" \
				5593	-C "received HelloRetryRequest message"
				5594
				5595	requires_gnutls_tls1_3
				5596	requires_gnutls_next_no_ticket
				5597	requires_gnutls_next_disable_tls13_compat
				5598	requires_config_enabled MBEDTLS_DEBUG_C
				5599	requires_config_enabled MBEDTLS_SSL_CLI_C
				5600	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5601	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5602	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5603	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5604	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				5605	0 \
				5606	-c "HTTP/1.0 200 OK" \
				5607	-c "Protocol is TLSv1.3" \
				5608	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5609	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5610	-c "NamedGroup: secp521r1 ( 19 )" \
				5611	-c "Verifying peer X.509 certificate... ok" \
				5612	-C "received HelloRetryRequest message"
				5613
				5614	requires_gnutls_tls1_3
				5615	requires_gnutls_next_no_ticket
				5616	requires_gnutls_next_disable_tls13_compat
				5617	requires_config_enabled MBEDTLS_DEBUG_C
				5618	requires_config_enabled MBEDTLS_SSL_CLI_C
				5619	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5620	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5621	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5622	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5623	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5624	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				5625	0 \
				5626	-c "HTTP/1.0 200 OK" \
				5627	-c "Protocol is TLSv1.3" \
				5628	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5629	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5630	-c "NamedGroup: secp521r1 ( 19 )" \
				5631	-c "Verifying peer X.509 certificate... ok" \
				5632	-C "received HelloRetryRequest message"
				5633
				5634	requires_gnutls_tls1_3
				5635	requires_gnutls_next_no_ticket
				5636	requires_gnutls_next_disable_tls13_compat
				5637	requires_config_enabled MBEDTLS_DEBUG_C
				5638	requires_config_enabled MBEDTLS_SSL_CLI_C
				5639	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5640	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5641	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5642	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5643	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				5644	0 \
				5645	-c "HTTP/1.0 200 OK" \
				5646	-c "Protocol is TLSv1.3" \
				5647	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5648	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5649	-c "NamedGroup: x25519 ( 1d )" \
				5650	-c "Verifying peer X.509 certificate... ok" \
				5651	-C "received HelloRetryRequest message"
				5652
				5653	requires_gnutls_tls1_3
				5654	requires_gnutls_next_no_ticket
				5655	requires_gnutls_next_disable_tls13_compat
				5656	requires_config_enabled MBEDTLS_DEBUG_C
				5657	requires_config_enabled MBEDTLS_SSL_CLI_C
				5658	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5659	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5660	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5661	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5662	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				5663	0 \
				5664	-c "HTTP/1.0 200 OK" \
				5665	-c "Protocol is TLSv1.3" \
				5666	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5667	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5668	-c "NamedGroup: x25519 ( 1d )" \
				5669	-c "Verifying peer X.509 certificate... ok" \
				5670	-C "received HelloRetryRequest message"
				5671
				5672	requires_gnutls_tls1_3
				5673	requires_gnutls_next_no_ticket
				5674	requires_gnutls_next_disable_tls13_compat
				5675	requires_config_enabled MBEDTLS_DEBUG_C
				5676	requires_config_enabled MBEDTLS_SSL_CLI_C
				5677	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5678	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5679	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5680	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5681	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				5682	0 \
				5683	-c "HTTP/1.0 200 OK" \
				5684	-c "Protocol is TLSv1.3" \
				5685	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5686	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5687	-c "NamedGroup: x25519 ( 1d )" \
				5688	-c "Verifying peer X.509 certificate... ok" \
				5689	-C "received HelloRetryRequest message"
				5690
				5691	requires_gnutls_tls1_3
				5692	requires_gnutls_next_no_ticket
				5693	requires_gnutls_next_disable_tls13_compat
				5694	requires_config_enabled MBEDTLS_DEBUG_C
				5695	requires_config_enabled MBEDTLS_SSL_CLI_C
				5696	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5697	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5698	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5699	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5700	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5701	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				5702	0 \
				5703	-c "HTTP/1.0 200 OK" \
				5704	-c "Protocol is TLSv1.3" \
				5705	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5706	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5707	-c "NamedGroup: x25519 ( 1d )" \
				5708	-c "Verifying peer X.509 certificate... ok" \
				5709	-C "received HelloRetryRequest message"
				5710
				5711	requires_gnutls_tls1_3
				5712	requires_gnutls_next_no_ticket
				5713	requires_gnutls_next_disable_tls13_compat
				5714	requires_config_enabled MBEDTLS_DEBUG_C
				5715	requires_config_enabled MBEDTLS_SSL_CLI_C
				5716	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5717	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5718	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5719	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5720	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				5721	0 \
				5722	-c "HTTP/1.0 200 OK" \
				5723	-c "Protocol is TLSv1.3" \
				5724	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5725	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5726	-c "NamedGroup: x448 ( 1e )" \
				5727	-c "Verifying peer X.509 certificate... ok" \
				5728	-C "received HelloRetryRequest message"
				5729
				5730	requires_gnutls_tls1_3
				5731	requires_gnutls_next_no_ticket
				5732	requires_gnutls_next_disable_tls13_compat
				5733	requires_config_enabled MBEDTLS_DEBUG_C
				5734	requires_config_enabled MBEDTLS_SSL_CLI_C
				5735	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5736	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5737	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5738	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5739	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				5740	0 \
				5741	-c "HTTP/1.0 200 OK" \
				5742	-c "Protocol is TLSv1.3" \
				5743	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5744	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5745	-c "NamedGroup: x448 ( 1e )" \
				5746	-c "Verifying peer X.509 certificate... ok" \
				5747	-C "received HelloRetryRequest message"
				5748
				5749	requires_gnutls_tls1_3
				5750	requires_gnutls_next_no_ticket
				5751	requires_gnutls_next_disable_tls13_compat
				5752	requires_config_enabled MBEDTLS_DEBUG_C
				5753	requires_config_enabled MBEDTLS_SSL_CLI_C
				5754	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5755	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5756	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5757	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5758	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				5759	0 \
				5760	-c "HTTP/1.0 200 OK" \
				5761	-c "Protocol is TLSv1.3" \
				5762	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5763	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5764	-c "NamedGroup: x448 ( 1e )" \
				5765	-c "Verifying peer X.509 certificate... ok" \
				5766	-C "received HelloRetryRequest message"
				5767
				5768	requires_gnutls_tls1_3
				5769	requires_gnutls_next_no_ticket
				5770	requires_gnutls_next_disable_tls13_compat
				5771	requires_config_enabled MBEDTLS_DEBUG_C
				5772	requires_config_enabled MBEDTLS_SSL_CLI_C
				5773	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5774	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5775	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5776	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5777	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5778	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				5779	0 \
				5780	-c "HTTP/1.0 200 OK" \
				5781	-c "Protocol is TLSv1.3" \
				5782	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				5783	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5784	-c "NamedGroup: x448 ( 1e )" \
				5785	-c "Verifying peer X.509 certificate... ok" \
				5786	-C "received HelloRetryRequest message"
				5787
				5788	requires_gnutls_tls1_3
				5789	requires_gnutls_next_no_ticket
				5790	requires_gnutls_next_disable_tls13_compat
				5791	requires_config_enabled MBEDTLS_DEBUG_C
				5792	requires_config_enabled MBEDTLS_SSL_CLI_C
				5793	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5794	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5795	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5796	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5797	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				5798	0 \
				5799	-c "HTTP/1.0 200 OK" \
				5800	-c "Protocol is TLSv1.3" \
				5801	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5802	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5803	-c "NamedGroup: secp256r1 ( 17 )" \
				5804	-c "Verifying peer X.509 certificate... ok" \
				5805	-C "received HelloRetryRequest message"
				5806
				5807	requires_gnutls_tls1_3
				5808	requires_gnutls_next_no_ticket
				5809	requires_gnutls_next_disable_tls13_compat
				5810	requires_config_enabled MBEDTLS_DEBUG_C
				5811	requires_config_enabled MBEDTLS_SSL_CLI_C
				5812	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5813	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5814	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5815	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5816	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				5817	0 \
				5818	-c "HTTP/1.0 200 OK" \
				5819	-c "Protocol is TLSv1.3" \
				5820	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5821	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5822	-c "NamedGroup: secp256r1 ( 17 )" \
				5823	-c "Verifying peer X.509 certificate... ok" \
				5824	-C "received HelloRetryRequest message"
				5825
				5826	requires_gnutls_tls1_3
				5827	requires_gnutls_next_no_ticket
				5828	requires_gnutls_next_disable_tls13_compat
				5829	requires_config_enabled MBEDTLS_DEBUG_C
				5830	requires_config_enabled MBEDTLS_SSL_CLI_C
				5831	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5832	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5833	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5834	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5835	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				5836	0 \
				5837	-c "HTTP/1.0 200 OK" \
				5838	-c "Protocol is TLSv1.3" \
				5839	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5840	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5841	-c "NamedGroup: secp256r1 ( 17 )" \
				5842	-c "Verifying peer X.509 certificate... ok" \
				5843	-C "received HelloRetryRequest message"
				5844
				5845	requires_gnutls_tls1_3
				5846	requires_gnutls_next_no_ticket
				5847	requires_gnutls_next_disable_tls13_compat
				5848	requires_config_enabled MBEDTLS_DEBUG_C
				5849	requires_config_enabled MBEDTLS_SSL_CLI_C
				5850	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5851	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5852	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5853	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5854	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5855	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				5856	0 \
				5857	-c "HTTP/1.0 200 OK" \
				5858	-c "Protocol is TLSv1.3" \
				5859	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5860	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5861	-c "NamedGroup: secp256r1 ( 17 )" \
				5862	-c "Verifying peer X.509 certificate... ok" \
				5863	-C "received HelloRetryRequest message"
				5864
				5865	requires_gnutls_tls1_3
				5866	requires_gnutls_next_no_ticket
				5867	requires_gnutls_next_disable_tls13_compat
				5868	requires_config_enabled MBEDTLS_DEBUG_C
				5869	requires_config_enabled MBEDTLS_SSL_CLI_C
				5870	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5871	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5872	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5873	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5874	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				5875	0 \
				5876	-c "HTTP/1.0 200 OK" \
				5877	-c "Protocol is TLSv1.3" \
				5878	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5879	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5880	-c "NamedGroup: secp384r1 ( 18 )" \
				5881	-c "Verifying peer X.509 certificate... ok" \
				5882	-C "received HelloRetryRequest message"
				5883
				5884	requires_gnutls_tls1_3
				5885	requires_gnutls_next_no_ticket
				5886	requires_gnutls_next_disable_tls13_compat
				5887	requires_config_enabled MBEDTLS_DEBUG_C
				5888	requires_config_enabled MBEDTLS_SSL_CLI_C
				5889	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5890	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5891	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5892	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5893	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				5894	0 \
				5895	-c "HTTP/1.0 200 OK" \
				5896	-c "Protocol is TLSv1.3" \
				5897	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5898	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5899	-c "NamedGroup: secp384r1 ( 18 )" \
				5900	-c "Verifying peer X.509 certificate... ok" \
				5901	-C "received HelloRetryRequest message"
				5902
				5903	requires_gnutls_tls1_3
				5904	requires_gnutls_next_no_ticket
				5905	requires_gnutls_next_disable_tls13_compat
				5906	requires_config_enabled MBEDTLS_DEBUG_C
				5907	requires_config_enabled MBEDTLS_SSL_CLI_C
				5908	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5909	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5910	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5911	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5912	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				5913	0 \
				5914	-c "HTTP/1.0 200 OK" \
				5915	-c "Protocol is TLSv1.3" \
				5916	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5917	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5918	-c "NamedGroup: secp384r1 ( 18 )" \
				5919	-c "Verifying peer X.509 certificate... ok" \
				5920	-C "received HelloRetryRequest message"
				5921
				5922	requires_gnutls_tls1_3
				5923	requires_gnutls_next_no_ticket
				5924	requires_gnutls_next_disable_tls13_compat
				5925	requires_config_enabled MBEDTLS_DEBUG_C
				5926	requires_config_enabled MBEDTLS_SSL_CLI_C
				5927	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5928	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5929	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				5930	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5931	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5932	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				5933	0 \
				5934	-c "HTTP/1.0 200 OK" \
				5935	-c "Protocol is TLSv1.3" \
				5936	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5937	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				5938	-c "NamedGroup: secp384r1 ( 18 )" \
				5939	-c "Verifying peer X.509 certificate... ok" \
				5940	-C "received HelloRetryRequest message"
				5941
				5942	requires_gnutls_tls1_3
				5943	requires_gnutls_next_no_ticket
				5944	requires_gnutls_next_disable_tls13_compat
				5945	requires_config_enabled MBEDTLS_DEBUG_C
				5946	requires_config_enabled MBEDTLS_SSL_CLI_C
				5947	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5948	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5949	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5950	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5951	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				5952	0 \
				5953	-c "HTTP/1.0 200 OK" \
				5954	-c "Protocol is TLSv1.3" \
				5955	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5956	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				5957	-c "NamedGroup: secp521r1 ( 19 )" \
				5958	-c "Verifying peer X.509 certificate... ok" \
				5959	-C "received HelloRetryRequest message"
				5960
				5961	requires_gnutls_tls1_3
				5962	requires_gnutls_next_no_ticket
				5963	requires_gnutls_next_disable_tls13_compat
				5964	requires_config_enabled MBEDTLS_DEBUG_C
				5965	requires_config_enabled MBEDTLS_SSL_CLI_C
				5966	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5967	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5968	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5969	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5970	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				5971	0 \
				5972	-c "HTTP/1.0 200 OK" \
				5973	-c "Protocol is TLSv1.3" \
				5974	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5975	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				5976	-c "NamedGroup: secp521r1 ( 19 )" \
				5977	-c "Verifying peer X.509 certificate... ok" \
				5978	-C "received HelloRetryRequest message"
				5979
				5980	requires_gnutls_tls1_3
				5981	requires_gnutls_next_no_ticket
				5982	requires_gnutls_next_disable_tls13_compat
				5983	requires_config_enabled MBEDTLS_DEBUG_C
				5984	requires_config_enabled MBEDTLS_SSL_CLI_C
				5985	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				5986	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				5987	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	5988	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	5989	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				5990	0 \
				5991	-c "HTTP/1.0 200 OK" \
				5992	-c "Protocol is TLSv1.3" \
				5993	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				5994	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				5995	-c "NamedGroup: secp521r1 ( 19 )" \
				5996	-c "Verifying peer X.509 certificate... ok" \
				5997	-C "received HelloRetryRequest message"
				5998
				5999	requires_gnutls_tls1_3
				6000	requires_gnutls_next_no_ticket
				6001	requires_gnutls_next_disable_tls13_compat
				6002	requires_config_enabled MBEDTLS_DEBUG_C
				6003	requires_config_enabled MBEDTLS_SSL_CLI_C
				6004	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6005	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6006	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6007	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6008	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6009	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				6010	0 \
				6011	-c "HTTP/1.0 200 OK" \
				6012	-c "Protocol is TLSv1.3" \
				6013	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6014	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6015	-c "NamedGroup: secp521r1 ( 19 )" \
				6016	-c "Verifying peer X.509 certificate... ok" \
				6017	-C "received HelloRetryRequest message"
				6018
				6019	requires_gnutls_tls1_3
				6020	requires_gnutls_next_no_ticket
				6021	requires_gnutls_next_disable_tls13_compat
				6022	requires_config_enabled MBEDTLS_DEBUG_C
				6023	requires_config_enabled MBEDTLS_SSL_CLI_C
				6024	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6025	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6026	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6027	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6028	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				6029	0 \
				6030	-c "HTTP/1.0 200 OK" \
				6031	-c "Protocol is TLSv1.3" \
				6032	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6033	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6034	-c "NamedGroup: x25519 ( 1d )" \
				6035	-c "Verifying peer X.509 certificate... ok" \
				6036	-C "received HelloRetryRequest message"
				6037
				6038	requires_gnutls_tls1_3
				6039	requires_gnutls_next_no_ticket
				6040	requires_gnutls_next_disable_tls13_compat
				6041	requires_config_enabled MBEDTLS_DEBUG_C
				6042	requires_config_enabled MBEDTLS_SSL_CLI_C
				6043	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6044	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6045	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6046	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6047	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				6048	0 \
				6049	-c "HTTP/1.0 200 OK" \
				6050	-c "Protocol is TLSv1.3" \
				6051	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6052	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6053	-c "NamedGroup: x25519 ( 1d )" \
				6054	-c "Verifying peer X.509 certificate... ok" \
				6055	-C "received HelloRetryRequest message"
				6056
				6057	requires_gnutls_tls1_3
				6058	requires_gnutls_next_no_ticket
				6059	requires_gnutls_next_disable_tls13_compat
				6060	requires_config_enabled MBEDTLS_DEBUG_C
				6061	requires_config_enabled MBEDTLS_SSL_CLI_C
				6062	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6063	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6064	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6065	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6066	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				6067	0 \
				6068	-c "HTTP/1.0 200 OK" \
				6069	-c "Protocol is TLSv1.3" \
				6070	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6071	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6072	-c "NamedGroup: x25519 ( 1d )" \
				6073	-c "Verifying peer X.509 certificate... ok" \
				6074	-C "received HelloRetryRequest message"
				6075
				6076	requires_gnutls_tls1_3
				6077	requires_gnutls_next_no_ticket
				6078	requires_gnutls_next_disable_tls13_compat
				6079	requires_config_enabled MBEDTLS_DEBUG_C
				6080	requires_config_enabled MBEDTLS_SSL_CLI_C
				6081	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6082	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6083	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6084	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6085	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6086	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				6087	0 \
				6088	-c "HTTP/1.0 200 OK" \
				6089	-c "Protocol is TLSv1.3" \
				6090	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6091	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6092	-c "NamedGroup: x25519 ( 1d )" \
				6093	-c "Verifying peer X.509 certificate... ok" \
				6094	-C "received HelloRetryRequest message"
				6095
				6096	requires_gnutls_tls1_3
				6097	requires_gnutls_next_no_ticket
				6098	requires_gnutls_next_disable_tls13_compat
				6099	requires_config_enabled MBEDTLS_DEBUG_C
				6100	requires_config_enabled MBEDTLS_SSL_CLI_C
				6101	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6102	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6103	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6104	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6105	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				6106	0 \
				6107	-c "HTTP/1.0 200 OK" \
				6108	-c "Protocol is TLSv1.3" \
				6109	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6110	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6111	-c "NamedGroup: x448 ( 1e )" \
				6112	-c "Verifying peer X.509 certificate... ok" \
				6113	-C "received HelloRetryRequest message"
				6114
				6115	requires_gnutls_tls1_3
				6116	requires_gnutls_next_no_ticket
				6117	requires_gnutls_next_disable_tls13_compat
				6118	requires_config_enabled MBEDTLS_DEBUG_C
				6119	requires_config_enabled MBEDTLS_SSL_CLI_C
				6120	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6121	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6122	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6123	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6124	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				6125	0 \
				6126	-c "HTTP/1.0 200 OK" \
				6127	-c "Protocol is TLSv1.3" \
				6128	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6129	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6130	-c "NamedGroup: x448 ( 1e )" \
				6131	-c "Verifying peer X.509 certificate... ok" \
				6132	-C "received HelloRetryRequest message"
				6133
				6134	requires_gnutls_tls1_3
				6135	requires_gnutls_next_no_ticket
				6136	requires_gnutls_next_disable_tls13_compat
				6137	requires_config_enabled MBEDTLS_DEBUG_C
				6138	requires_config_enabled MBEDTLS_SSL_CLI_C
				6139	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6140	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6141	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6142	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6143	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				6144	0 \
				6145	-c "HTTP/1.0 200 OK" \
				6146	-c "Protocol is TLSv1.3" \
				6147	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6148	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6149	-c "NamedGroup: x448 ( 1e )" \
				6150	-c "Verifying peer X.509 certificate... ok" \
				6151	-C "received HelloRetryRequest message"
				6152
				6153	requires_gnutls_tls1_3
				6154	requires_gnutls_next_no_ticket
				6155	requires_gnutls_next_disable_tls13_compat
				6156	requires_config_enabled MBEDTLS_DEBUG_C
				6157	requires_config_enabled MBEDTLS_SSL_CLI_C
				6158	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6159	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6160	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6161	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6162	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6163	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				6164	0 \
				6165	-c "HTTP/1.0 200 OK" \
				6166	-c "Protocol is TLSv1.3" \
				6167	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				6168	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6169	-c "NamedGroup: x448 ( 1e )" \
				6170	-c "Verifying peer X.509 certificate... ok" \
				6171	-C "received HelloRetryRequest message"
				6172
				6173	requires_gnutls_tls1_3
				6174	requires_gnutls_next_no_ticket
				6175	requires_gnutls_next_disable_tls13_compat
				6176	requires_config_enabled MBEDTLS_DEBUG_C
				6177	requires_config_enabled MBEDTLS_SSL_CLI_C
				6178	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6179	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6180	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6181	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6182	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				6183	0 \
				6184	-c "HTTP/1.0 200 OK" \
				6185	-c "Protocol is TLSv1.3" \
				6186	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6187	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6188	-c "NamedGroup: secp256r1 ( 17 )" \
				6189	-c "Verifying peer X.509 certificate... ok" \
				6190	-C "received HelloRetryRequest message"
				6191
				6192	requires_gnutls_tls1_3
				6193	requires_gnutls_next_no_ticket
				6194	requires_gnutls_next_disable_tls13_compat
				6195	requires_config_enabled MBEDTLS_DEBUG_C
				6196	requires_config_enabled MBEDTLS_SSL_CLI_C
				6197	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6198	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6199	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6200	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6201	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				6202	0 \
				6203	-c "HTTP/1.0 200 OK" \
				6204	-c "Protocol is TLSv1.3" \
				6205	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6206	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6207	-c "NamedGroup: secp256r1 ( 17 )" \
				6208	-c "Verifying peer X.509 certificate... ok" \
				6209	-C "received HelloRetryRequest message"
				6210
				6211	requires_gnutls_tls1_3
				6212	requires_gnutls_next_no_ticket
				6213	requires_gnutls_next_disable_tls13_compat
				6214	requires_config_enabled MBEDTLS_DEBUG_C
				6215	requires_config_enabled MBEDTLS_SSL_CLI_C
				6216	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6217	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6218	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6219	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6220	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				6221	0 \
				6222	-c "HTTP/1.0 200 OK" \
				6223	-c "Protocol is TLSv1.3" \
				6224	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6225	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6226	-c "NamedGroup: secp256r1 ( 17 )" \
				6227	-c "Verifying peer X.509 certificate... ok" \
				6228	-C "received HelloRetryRequest message"
				6229
				6230	requires_gnutls_tls1_3
				6231	requires_gnutls_next_no_ticket
				6232	requires_gnutls_next_disable_tls13_compat
				6233	requires_config_enabled MBEDTLS_DEBUG_C
				6234	requires_config_enabled MBEDTLS_SSL_CLI_C
				6235	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6236	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6237	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6238	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6239	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6240	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				6241	0 \
				6242	-c "HTTP/1.0 200 OK" \
				6243	-c "Protocol is TLSv1.3" \
				6244	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6245	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6246	-c "NamedGroup: secp256r1 ( 17 )" \
				6247	-c "Verifying peer X.509 certificate... ok" \
				6248	-C "received HelloRetryRequest message"
				6249
				6250	requires_gnutls_tls1_3
				6251	requires_gnutls_next_no_ticket
				6252	requires_gnutls_next_disable_tls13_compat
				6253	requires_config_enabled MBEDTLS_DEBUG_C
				6254	requires_config_enabled MBEDTLS_SSL_CLI_C
				6255	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6256	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6257	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6258	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6259	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				6260	0 \
				6261	-c "HTTP/1.0 200 OK" \
				6262	-c "Protocol is TLSv1.3" \
				6263	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6264	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6265	-c "NamedGroup: secp384r1 ( 18 )" \
				6266	-c "Verifying peer X.509 certificate... ok" \
				6267	-C "received HelloRetryRequest message"
				6268
				6269	requires_gnutls_tls1_3
				6270	requires_gnutls_next_no_ticket
				6271	requires_gnutls_next_disable_tls13_compat
				6272	requires_config_enabled MBEDTLS_DEBUG_C
				6273	requires_config_enabled MBEDTLS_SSL_CLI_C
				6274	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6275	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6276	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6277	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6278	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				6279	0 \
				6280	-c "HTTP/1.0 200 OK" \
				6281	-c "Protocol is TLSv1.3" \
				6282	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6283	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6284	-c "NamedGroup: secp384r1 ( 18 )" \
				6285	-c "Verifying peer X.509 certificate... ok" \
				6286	-C "received HelloRetryRequest message"
				6287
				6288	requires_gnutls_tls1_3
				6289	requires_gnutls_next_no_ticket
				6290	requires_gnutls_next_disable_tls13_compat
				6291	requires_config_enabled MBEDTLS_DEBUG_C
				6292	requires_config_enabled MBEDTLS_SSL_CLI_C
				6293	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6294	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6295	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6296	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6297	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				6298	0 \
				6299	-c "HTTP/1.0 200 OK" \
				6300	-c "Protocol is TLSv1.3" \
				6301	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6302	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6303	-c "NamedGroup: secp384r1 ( 18 )" \
				6304	-c "Verifying peer X.509 certificate... ok" \
				6305	-C "received HelloRetryRequest message"
				6306
				6307	requires_gnutls_tls1_3
				6308	requires_gnutls_next_no_ticket
				6309	requires_gnutls_next_disable_tls13_compat
				6310	requires_config_enabled MBEDTLS_DEBUG_C
				6311	requires_config_enabled MBEDTLS_SSL_CLI_C
				6312	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6313	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6314	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6315	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6316	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6317	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				6318	0 \
				6319	-c "HTTP/1.0 200 OK" \
				6320	-c "Protocol is TLSv1.3" \
				6321	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6322	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6323	-c "NamedGroup: secp384r1 ( 18 )" \
				6324	-c "Verifying peer X.509 certificate... ok" \
				6325	-C "received HelloRetryRequest message"
				6326
				6327	requires_gnutls_tls1_3
				6328	requires_gnutls_next_no_ticket
				6329	requires_gnutls_next_disable_tls13_compat
				6330	requires_config_enabled MBEDTLS_DEBUG_C
				6331	requires_config_enabled MBEDTLS_SSL_CLI_C
				6332	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6333	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6334	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6335	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6336	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				6337	0 \
				6338	-c "HTTP/1.0 200 OK" \
				6339	-c "Protocol is TLSv1.3" \
				6340	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6341	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6342	-c "NamedGroup: secp521r1 ( 19 )" \
				6343	-c "Verifying peer X.509 certificate... ok" \
				6344	-C "received HelloRetryRequest message"
				6345
				6346	requires_gnutls_tls1_3
				6347	requires_gnutls_next_no_ticket
				6348	requires_gnutls_next_disable_tls13_compat
				6349	requires_config_enabled MBEDTLS_DEBUG_C
				6350	requires_config_enabled MBEDTLS_SSL_CLI_C
				6351	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6352	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6353	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6354	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6355	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				6356	0 \
				6357	-c "HTTP/1.0 200 OK" \
				6358	-c "Protocol is TLSv1.3" \
				6359	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6360	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6361	-c "NamedGroup: secp521r1 ( 19 )" \
				6362	-c "Verifying peer X.509 certificate... ok" \
				6363	-C "received HelloRetryRequest message"
				6364
				6365	requires_gnutls_tls1_3
				6366	requires_gnutls_next_no_ticket
				6367	requires_gnutls_next_disable_tls13_compat
				6368	requires_config_enabled MBEDTLS_DEBUG_C
				6369	requires_config_enabled MBEDTLS_SSL_CLI_C
				6370	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6371	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6372	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6373	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6374	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				6375	0 \
				6376	-c "HTTP/1.0 200 OK" \
				6377	-c "Protocol is TLSv1.3" \
				6378	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6379	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6380	-c "NamedGroup: secp521r1 ( 19 )" \
				6381	-c "Verifying peer X.509 certificate... ok" \
				6382	-C "received HelloRetryRequest message"
				6383
				6384	requires_gnutls_tls1_3
				6385	requires_gnutls_next_no_ticket
				6386	requires_gnutls_next_disable_tls13_compat
				6387	requires_config_enabled MBEDTLS_DEBUG_C
				6388	requires_config_enabled MBEDTLS_SSL_CLI_C
				6389	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6390	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6391	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6392	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6393	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6394	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				6395	0 \
				6396	-c "HTTP/1.0 200 OK" \
				6397	-c "Protocol is TLSv1.3" \
				6398	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6399	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6400	-c "NamedGroup: secp521r1 ( 19 )" \
				6401	-c "Verifying peer X.509 certificate... ok" \
				6402	-C "received HelloRetryRequest message"
				6403
				6404	requires_gnutls_tls1_3
				6405	requires_gnutls_next_no_ticket
				6406	requires_gnutls_next_disable_tls13_compat
				6407	requires_config_enabled MBEDTLS_DEBUG_C
				6408	requires_config_enabled MBEDTLS_SSL_CLI_C
				6409	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6410	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6411	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6412	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6413	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				6414	0 \
				6415	-c "HTTP/1.0 200 OK" \
				6416	-c "Protocol is TLSv1.3" \
				6417	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6418	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6419	-c "NamedGroup: x25519 ( 1d )" \
				6420	-c "Verifying peer X.509 certificate... ok" \
				6421	-C "received HelloRetryRequest message"
				6422
				6423	requires_gnutls_tls1_3
				6424	requires_gnutls_next_no_ticket
				6425	requires_gnutls_next_disable_tls13_compat
				6426	requires_config_enabled MBEDTLS_DEBUG_C
				6427	requires_config_enabled MBEDTLS_SSL_CLI_C
				6428	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6429	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6430	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6431	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6432	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				6433	0 \
				6434	-c "HTTP/1.0 200 OK" \
				6435	-c "Protocol is TLSv1.3" \
				6436	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6437	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6438	-c "NamedGroup: x25519 ( 1d )" \
				6439	-c "Verifying peer X.509 certificate... ok" \
				6440	-C "received HelloRetryRequest message"
				6441
				6442	requires_gnutls_tls1_3
				6443	requires_gnutls_next_no_ticket
				6444	requires_gnutls_next_disable_tls13_compat
				6445	requires_config_enabled MBEDTLS_DEBUG_C
				6446	requires_config_enabled MBEDTLS_SSL_CLI_C
				6447	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6448	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6449	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6450	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6451	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				6452	0 \
				6453	-c "HTTP/1.0 200 OK" \
				6454	-c "Protocol is TLSv1.3" \
				6455	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6456	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6457	-c "NamedGroup: x25519 ( 1d )" \
				6458	-c "Verifying peer X.509 certificate... ok" \
				6459	-C "received HelloRetryRequest message"
				6460
				6461	requires_gnutls_tls1_3
				6462	requires_gnutls_next_no_ticket
				6463	requires_gnutls_next_disable_tls13_compat
				6464	requires_config_enabled MBEDTLS_DEBUG_C
				6465	requires_config_enabled MBEDTLS_SSL_CLI_C
				6466	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6467	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6468	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6469	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6470	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6471	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				6472	0 \
				6473	-c "HTTP/1.0 200 OK" \
				6474	-c "Protocol is TLSv1.3" \
				6475	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6476	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6477	-c "NamedGroup: x25519 ( 1d )" \
				6478	-c "Verifying peer X.509 certificate... ok" \
				6479	-C "received HelloRetryRequest message"
				6480
				6481	requires_gnutls_tls1_3
				6482	requires_gnutls_next_no_ticket
				6483	requires_gnutls_next_disable_tls13_compat
				6484	requires_config_enabled MBEDTLS_DEBUG_C
				6485	requires_config_enabled MBEDTLS_SSL_CLI_C
				6486	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6487	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6488	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6489	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6490	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				6491	0 \
				6492	-c "HTTP/1.0 200 OK" \
				6493	-c "Protocol is TLSv1.3" \
				6494	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6495	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6496	-c "NamedGroup: x448 ( 1e )" \
				6497	-c "Verifying peer X.509 certificate... ok" \
				6498	-C "received HelloRetryRequest message"
				6499
				6500	requires_gnutls_tls1_3
				6501	requires_gnutls_next_no_ticket
				6502	requires_gnutls_next_disable_tls13_compat
				6503	requires_config_enabled MBEDTLS_DEBUG_C
				6504	requires_config_enabled MBEDTLS_SSL_CLI_C
				6505	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6506	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6507	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6508	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6509	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				6510	0 \
				6511	-c "HTTP/1.0 200 OK" \
				6512	-c "Protocol is TLSv1.3" \
				6513	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6514	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6515	-c "NamedGroup: x448 ( 1e )" \
				6516	-c "Verifying peer X.509 certificate... ok" \
				6517	-C "received HelloRetryRequest message"
				6518
				6519	requires_gnutls_tls1_3
				6520	requires_gnutls_next_no_ticket
				6521	requires_gnutls_next_disable_tls13_compat
				6522	requires_config_enabled MBEDTLS_DEBUG_C
				6523	requires_config_enabled MBEDTLS_SSL_CLI_C
				6524	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6525	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6526	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6527	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6528	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				6529	0 \
				6530	-c "HTTP/1.0 200 OK" \
				6531	-c "Protocol is TLSv1.3" \
				6532	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6533	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6534	-c "NamedGroup: x448 ( 1e )" \
				6535	-c "Verifying peer X.509 certificate... ok" \
				6536	-C "received HelloRetryRequest message"
				6537
				6538	requires_gnutls_tls1_3
				6539	requires_gnutls_next_no_ticket
				6540	requires_gnutls_next_disable_tls13_compat
				6541	requires_config_enabled MBEDTLS_DEBUG_C
				6542	requires_config_enabled MBEDTLS_SSL_CLI_C
				6543	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6544	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6545	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6546	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6547	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6548	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				6549	0 \
				6550	-c "HTTP/1.0 200 OK" \
				6551	-c "Protocol is TLSv1.3" \
				6552	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				6553	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6554	-c "NamedGroup: x448 ( 1e )" \
				6555	-c "Verifying peer X.509 certificate... ok" \
				6556	-C "received HelloRetryRequest message"
				6557
				6558	requires_gnutls_tls1_3
				6559	requires_gnutls_next_no_ticket
				6560	requires_gnutls_next_disable_tls13_compat
				6561	requires_config_enabled MBEDTLS_DEBUG_C
				6562	requires_config_enabled MBEDTLS_SSL_CLI_C
				6563	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6564	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6565	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6566	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6567	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				6568	0 \
				6569	-c "HTTP/1.0 200 OK" \
				6570	-c "Protocol is TLSv1.3" \
				6571	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6572	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6573	-c "NamedGroup: secp256r1 ( 17 )" \
				6574	-c "Verifying peer X.509 certificate... ok" \
				6575	-C "received HelloRetryRequest message"
				6576
				6577	requires_gnutls_tls1_3
				6578	requires_gnutls_next_no_ticket
				6579	requires_gnutls_next_disable_tls13_compat
				6580	requires_config_enabled MBEDTLS_DEBUG_C
				6581	requires_config_enabled MBEDTLS_SSL_CLI_C
				6582	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6583	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6584	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6585	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6586	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				6587	0 \
				6588	-c "HTTP/1.0 200 OK" \
				6589	-c "Protocol is TLSv1.3" \
				6590	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6591	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6592	-c "NamedGroup: secp256r1 ( 17 )" \
				6593	-c "Verifying peer X.509 certificate... ok" \
				6594	-C "received HelloRetryRequest message"
				6595
				6596	requires_gnutls_tls1_3
				6597	requires_gnutls_next_no_ticket
				6598	requires_gnutls_next_disable_tls13_compat
				6599	requires_config_enabled MBEDTLS_DEBUG_C
				6600	requires_config_enabled MBEDTLS_SSL_CLI_C
				6601	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6602	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6603	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6604	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6605	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				6606	0 \
				6607	-c "HTTP/1.0 200 OK" \
				6608	-c "Protocol is TLSv1.3" \
				6609	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6610	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6611	-c "NamedGroup: secp256r1 ( 17 )" \
				6612	-c "Verifying peer X.509 certificate... ok" \
				6613	-C "received HelloRetryRequest message"
				6614
				6615	requires_gnutls_tls1_3
				6616	requires_gnutls_next_no_ticket
				6617	requires_gnutls_next_disable_tls13_compat
				6618	requires_config_enabled MBEDTLS_DEBUG_C
				6619	requires_config_enabled MBEDTLS_SSL_CLI_C
				6620	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6621	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6622	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6623	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6624	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6625	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				6626	0 \
				6627	-c "HTTP/1.0 200 OK" \
				6628	-c "Protocol is TLSv1.3" \
				6629	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6630	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6631	-c "NamedGroup: secp256r1 ( 17 )" \
				6632	-c "Verifying peer X.509 certificate... ok" \
				6633	-C "received HelloRetryRequest message"
				6634
				6635	requires_gnutls_tls1_3
				6636	requires_gnutls_next_no_ticket
				6637	requires_gnutls_next_disable_tls13_compat
				6638	requires_config_enabled MBEDTLS_DEBUG_C
				6639	requires_config_enabled MBEDTLS_SSL_CLI_C
				6640	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6641	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6642	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6643	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6644	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				6645	0 \
				6646	-c "HTTP/1.0 200 OK" \
				6647	-c "Protocol is TLSv1.3" \
				6648	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6649	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6650	-c "NamedGroup: secp384r1 ( 18 )" \
				6651	-c "Verifying peer X.509 certificate... ok" \
				6652	-C "received HelloRetryRequest message"
				6653
				6654	requires_gnutls_tls1_3
				6655	requires_gnutls_next_no_ticket
				6656	requires_gnutls_next_disable_tls13_compat
				6657	requires_config_enabled MBEDTLS_DEBUG_C
				6658	requires_config_enabled MBEDTLS_SSL_CLI_C
				6659	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6660	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6661	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6662	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6663	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				6664	0 \
				6665	-c "HTTP/1.0 200 OK" \
				6666	-c "Protocol is TLSv1.3" \
				6667	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6668	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6669	-c "NamedGroup: secp384r1 ( 18 )" \
				6670	-c "Verifying peer X.509 certificate... ok" \
				6671	-C "received HelloRetryRequest message"
				6672
				6673	requires_gnutls_tls1_3
				6674	requires_gnutls_next_no_ticket
				6675	requires_gnutls_next_disable_tls13_compat
				6676	requires_config_enabled MBEDTLS_DEBUG_C
				6677	requires_config_enabled MBEDTLS_SSL_CLI_C
				6678	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6679	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6680	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6681	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6682	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				6683	0 \
				6684	-c "HTTP/1.0 200 OK" \
				6685	-c "Protocol is TLSv1.3" \
				6686	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6687	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6688	-c "NamedGroup: secp384r1 ( 18 )" \
				6689	-c "Verifying peer X.509 certificate... ok" \
				6690	-C "received HelloRetryRequest message"
				6691
				6692	requires_gnutls_tls1_3
				6693	requires_gnutls_next_no_ticket
				6694	requires_gnutls_next_disable_tls13_compat
				6695	requires_config_enabled MBEDTLS_DEBUG_C
				6696	requires_config_enabled MBEDTLS_SSL_CLI_C
				6697	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6698	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6699	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6700	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6701	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6702	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				6703	0 \
				6704	-c "HTTP/1.0 200 OK" \
				6705	-c "Protocol is TLSv1.3" \
				6706	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6707	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6708	-c "NamedGroup: secp384r1 ( 18 )" \
				6709	-c "Verifying peer X.509 certificate... ok" \
				6710	-C "received HelloRetryRequest message"
				6711
				6712	requires_gnutls_tls1_3
				6713	requires_gnutls_next_no_ticket
				6714	requires_gnutls_next_disable_tls13_compat
				6715	requires_config_enabled MBEDTLS_DEBUG_C
				6716	requires_config_enabled MBEDTLS_SSL_CLI_C
				6717	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6718	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6719	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6720	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6721	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				6722	0 \
				6723	-c "HTTP/1.0 200 OK" \
				6724	-c "Protocol is TLSv1.3" \
				6725	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6726	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6727	-c "NamedGroup: secp521r1 ( 19 )" \
				6728	-c "Verifying peer X.509 certificate... ok" \
				6729	-C "received HelloRetryRequest message"
				6730
				6731	requires_gnutls_tls1_3
				6732	requires_gnutls_next_no_ticket
				6733	requires_gnutls_next_disable_tls13_compat
				6734	requires_config_enabled MBEDTLS_DEBUG_C
				6735	requires_config_enabled MBEDTLS_SSL_CLI_C
				6736	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6737	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6738	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6739	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6740	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				6741	0 \
				6742	-c "HTTP/1.0 200 OK" \
				6743	-c "Protocol is TLSv1.3" \
				6744	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6745	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6746	-c "NamedGroup: secp521r1 ( 19 )" \
				6747	-c "Verifying peer X.509 certificate... ok" \
				6748	-C "received HelloRetryRequest message"
				6749
				6750	requires_gnutls_tls1_3
				6751	requires_gnutls_next_no_ticket
				6752	requires_gnutls_next_disable_tls13_compat
				6753	requires_config_enabled MBEDTLS_DEBUG_C
				6754	requires_config_enabled MBEDTLS_SSL_CLI_C
				6755	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6756	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6757	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6758	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6759	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				6760	0 \
				6761	-c "HTTP/1.0 200 OK" \
				6762	-c "Protocol is TLSv1.3" \
				6763	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6764	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6765	-c "NamedGroup: secp521r1 ( 19 )" \
				6766	-c "Verifying peer X.509 certificate... ok" \
				6767	-C "received HelloRetryRequest message"
				6768
				6769	requires_gnutls_tls1_3
				6770	requires_gnutls_next_no_ticket
				6771	requires_gnutls_next_disable_tls13_compat
				6772	requires_config_enabled MBEDTLS_DEBUG_C
				6773	requires_config_enabled MBEDTLS_SSL_CLI_C
				6774	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6775	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6776	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6777	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6778	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6779	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				6780	0 \
				6781	-c "HTTP/1.0 200 OK" \
				6782	-c "Protocol is TLSv1.3" \
				6783	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6784	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6785	-c "NamedGroup: secp521r1 ( 19 )" \
				6786	-c "Verifying peer X.509 certificate... ok" \
				6787	-C "received HelloRetryRequest message"
				6788
				6789	requires_gnutls_tls1_3
				6790	requires_gnutls_next_no_ticket
				6791	requires_gnutls_next_disable_tls13_compat
				6792	requires_config_enabled MBEDTLS_DEBUG_C
				6793	requires_config_enabled MBEDTLS_SSL_CLI_C
				6794	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6795	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6796	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6797	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6798	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				6799	0 \
				6800	-c "HTTP/1.0 200 OK" \
				6801	-c "Protocol is TLSv1.3" \
				6802	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6803	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6804	-c "NamedGroup: x25519 ( 1d )" \
				6805	-c "Verifying peer X.509 certificate... ok" \
				6806	-C "received HelloRetryRequest message"
				6807
				6808	requires_gnutls_tls1_3
				6809	requires_gnutls_next_no_ticket
				6810	requires_gnutls_next_disable_tls13_compat
				6811	requires_config_enabled MBEDTLS_DEBUG_C
				6812	requires_config_enabled MBEDTLS_SSL_CLI_C
				6813	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6814	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6815	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6816	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6817	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				6818	0 \
				6819	-c "HTTP/1.0 200 OK" \
				6820	-c "Protocol is TLSv1.3" \
				6821	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6822	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6823	-c "NamedGroup: x25519 ( 1d )" \
				6824	-c "Verifying peer X.509 certificate... ok" \
				6825	-C "received HelloRetryRequest message"
				6826
				6827	requires_gnutls_tls1_3
				6828	requires_gnutls_next_no_ticket
				6829	requires_gnutls_next_disable_tls13_compat
				6830	requires_config_enabled MBEDTLS_DEBUG_C
				6831	requires_config_enabled MBEDTLS_SSL_CLI_C
				6832	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6833	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6834	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6835	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6836	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				6837	0 \
				6838	-c "HTTP/1.0 200 OK" \
				6839	-c "Protocol is TLSv1.3" \
				6840	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6841	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6842	-c "NamedGroup: x25519 ( 1d )" \
				6843	-c "Verifying peer X.509 certificate... ok" \
				6844	-C "received HelloRetryRequest message"
				6845
				6846	requires_gnutls_tls1_3
				6847	requires_gnutls_next_no_ticket
				6848	requires_gnutls_next_disable_tls13_compat
				6849	requires_config_enabled MBEDTLS_DEBUG_C
				6850	requires_config_enabled MBEDTLS_SSL_CLI_C
				6851	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6852	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6853	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6854	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6855	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6856	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				6857	0 \
				6858	-c "HTTP/1.0 200 OK" \
				6859	-c "Protocol is TLSv1.3" \
				6860	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6861	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6862	-c "NamedGroup: x25519 ( 1d )" \
				6863	-c "Verifying peer X.509 certificate... ok" \
				6864	-C "received HelloRetryRequest message"
				6865
				6866	requires_gnutls_tls1_3
				6867	requires_gnutls_next_no_ticket
				6868	requires_gnutls_next_disable_tls13_compat
				6869	requires_config_enabled MBEDTLS_DEBUG_C
				6870	requires_config_enabled MBEDTLS_SSL_CLI_C
				6871	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6872	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6873	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6874	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6875	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				6876	0 \
				6877	-c "HTTP/1.0 200 OK" \
				6878	-c "Protocol is TLSv1.3" \
				6879	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6880	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6881	-c "NamedGroup: x448 ( 1e )" \
				6882	-c "Verifying peer X.509 certificate... ok" \
				6883	-C "received HelloRetryRequest message"
				6884
				6885	requires_gnutls_tls1_3
				6886	requires_gnutls_next_no_ticket
				6887	requires_gnutls_next_disable_tls13_compat
				6888	requires_config_enabled MBEDTLS_DEBUG_C
				6889	requires_config_enabled MBEDTLS_SSL_CLI_C
				6890	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6891	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6892	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6893	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6894	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				6895	0 \
				6896	-c "HTTP/1.0 200 OK" \
				6897	-c "Protocol is TLSv1.3" \
				6898	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6899	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				6900	-c "NamedGroup: x448 ( 1e )" \
				6901	-c "Verifying peer X.509 certificate... ok" \
				6902	-C "received HelloRetryRequest message"
				6903
				6904	requires_gnutls_tls1_3
				6905	requires_gnutls_next_no_ticket
				6906	requires_gnutls_next_disable_tls13_compat
				6907	requires_config_enabled MBEDTLS_DEBUG_C
				6908	requires_config_enabled MBEDTLS_SSL_CLI_C
				6909	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6910	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6911	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6912	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6913	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				6914	0 \
				6915	-c "HTTP/1.0 200 OK" \
				6916	-c "Protocol is TLSv1.3" \
				6917	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6918	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				6919	-c "NamedGroup: x448 ( 1e )" \
				6920	-c "Verifying peer X.509 certificate... ok" \
				6921	-C "received HelloRetryRequest message"
				6922
				6923	requires_gnutls_tls1_3
				6924	requires_gnutls_next_no_ticket
				6925	requires_gnutls_next_disable_tls13_compat
				6926	requires_config_enabled MBEDTLS_DEBUG_C
				6927	requires_config_enabled MBEDTLS_SSL_CLI_C
				6928	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6929	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6930	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				6931	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6932	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6933	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				6934	0 \
				6935	-c "HTTP/1.0 200 OK" \
				6936	-c "Protocol is TLSv1.3" \
				6937	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				6938	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				6939	-c "NamedGroup: x448 ( 1e )" \
				6940	-c "Verifying peer X.509 certificate... ok" \
				6941	-C "received HelloRetryRequest message"
				6942
				6943	requires_gnutls_tls1_3
				6944	requires_gnutls_next_no_ticket
				6945	requires_gnutls_next_disable_tls13_compat
				6946	requires_config_enabled MBEDTLS_DEBUG_C
				6947	requires_config_enabled MBEDTLS_SSL_CLI_C
				6948	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6949	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				6950	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6951	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	6952	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				6953	0 \
				6954	-c "HTTP/1.0 200 OK" \
				6955	-c "Protocol is TLSv1.3" \
				6956	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				6957	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				6958	-c "NamedGroup: secp256r1 ( 17 )" \
				6959	-c "Verifying peer X.509 certificate... ok" \
				6960	-C "received HelloRetryRequest message"
				6961
				6962	requires_gnutls_tls1_3
				6963	requires_gnutls_next_no_ticket
				6964	requires_gnutls_next_disable_tls13_compat
				6965	requires_config_enabled MBEDTLS_DEBUG_C
				6966	requires_config_enabled MBEDTLS_SSL_CLI_C
				6967	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				6968	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	6969	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6970	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	6971	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	6972	0 \
				6973	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	6974	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	6975	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				6976	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	6977	-c "NamedGroup: secp256r1 ( 17 )" \
				6978	-c "Verifying peer X.509 certificate... ok" \
				6979	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	6980
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	6981	requires_gnutls_tls1_3
				6982	requires_gnutls_next_no_ticket
				6983	requires_gnutls_next_disable_tls13_compat
				6984	requires_config_enabled MBEDTLS_DEBUG_C
				6985	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	6986	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	6987	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	6988	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	6989	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	6990	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	6991	0 \
				6992	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	6993	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	6994	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				6995	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	6996	-c "NamedGroup: secp256r1 ( 17 )" \
				6997	-c "Verifying peer X.509 certificate... ok" \
				6998	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	6999
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7000	requires_gnutls_tls1_3
				7001	requires_gnutls_next_no_ticket
				7002	requires_gnutls_next_disable_tls13_compat
				7003	requires_config_enabled MBEDTLS_DEBUG_C
				7004	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7005	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7006	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7007	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	7008	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7009	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7010	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7011	0 \
				7012	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7013	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7014	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7015	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7016	-c "NamedGroup: secp256r1 ( 17 )" \
				7017	-c "Verifying peer X.509 certificate... ok" \
				7018	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7019
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7020	requires_gnutls_tls1_3
				7021	requires_gnutls_next_no_ticket
				7022	requires_gnutls_next_disable_tls13_compat
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7023	requires_config_enabled MBEDTLS_DEBUG_C
				7024	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7025	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7026	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7027	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7028	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7029	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7030	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7031	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7032	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7033	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7034	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7035	-c "NamedGroup: secp384r1 ( 18 )" \
				7036	-c "Verifying peer X.509 certificate... ok" \
				7037	-C "received HelloRetryRequest message"
				7038
				7039	requires_gnutls_tls1_3
				7040	requires_gnutls_next_no_ticket
				7041	requires_gnutls_next_disable_tls13_compat
				7042	requires_config_enabled MBEDTLS_DEBUG_C
				7043	requires_config_enabled MBEDTLS_SSL_CLI_C
				7044	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7045	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7046	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7047	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7048	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				7049	0 \
				7050	-c "HTTP/1.0 200 OK" \
				7051	-c "Protocol is TLSv1.3" \
				7052	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7053	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7054	-c "NamedGroup: secp384r1 ( 18 )" \
				7055	-c "Verifying peer X.509 certificate... ok" \
				7056	-C "received HelloRetryRequest message"
				7057
				7058	requires_gnutls_tls1_3
				7059	requires_gnutls_next_no_ticket
				7060	requires_gnutls_next_disable_tls13_compat
				7061	requires_config_enabled MBEDTLS_DEBUG_C
				7062	requires_config_enabled MBEDTLS_SSL_CLI_C
				7063	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7064	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7065	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7066	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7067	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				7068	0 \
				7069	-c "HTTP/1.0 200 OK" \
				7070	-c "Protocol is TLSv1.3" \
				7071	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7072	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7073	-c "NamedGroup: secp384r1 ( 18 )" \
				7074	-c "Verifying peer X.509 certificate... ok" \
				7075	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7076
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7077	requires_gnutls_tls1_3
				7078	requires_gnutls_next_no_ticket
				7079	requires_gnutls_next_disable_tls13_compat
				7080	requires_config_enabled MBEDTLS_DEBUG_C
				7081	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7082	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7083	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7084	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	7085	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7086	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7087	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7088	0 \
				7089	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7090	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7091	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7092	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7093	-c "NamedGroup: secp384r1 ( 18 )" \
				7094	-c "Verifying peer X.509 certificate... ok" \
				7095	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7096
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7097	requires_gnutls_tls1_3
				7098	requires_gnutls_next_no_ticket
				7099	requires_gnutls_next_disable_tls13_compat
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7100	requires_config_enabled MBEDTLS_DEBUG_C
				7101	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7102	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7103	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7104	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7105	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7106	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7107	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7108	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7109	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7110	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7111	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7112	-c "NamedGroup: secp521r1 ( 19 )" \
				7113	-c "Verifying peer X.509 certificate... ok" \
				7114	-C "received HelloRetryRequest message"
				7115
				7116	requires_gnutls_tls1_3
				7117	requires_gnutls_next_no_ticket
				7118	requires_gnutls_next_disable_tls13_compat
				7119	requires_config_enabled MBEDTLS_DEBUG_C
				7120	requires_config_enabled MBEDTLS_SSL_CLI_C
				7121	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7122	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7123	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7124	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7125	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				7126	0 \
				7127	-c "HTTP/1.0 200 OK" \
				7128	-c "Protocol is TLSv1.3" \
				7129	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7130	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7131	-c "NamedGroup: secp521r1 ( 19 )" \
				7132	-c "Verifying peer X.509 certificate... ok" \
				7133	-C "received HelloRetryRequest message"
				7134
				7135	requires_gnutls_tls1_3
				7136	requires_gnutls_next_no_ticket
				7137	requires_gnutls_next_disable_tls13_compat
				7138	requires_config_enabled MBEDTLS_DEBUG_C
				7139	requires_config_enabled MBEDTLS_SSL_CLI_C
				7140	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7141	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7142	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7143	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7144	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				7145	0 \
				7146	-c "HTTP/1.0 200 OK" \
				7147	-c "Protocol is TLSv1.3" \
				7148	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7149	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7150	-c "NamedGroup: secp521r1 ( 19 )" \
				7151	-c "Verifying peer X.509 certificate... ok" \
				7152	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7153
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7154	requires_gnutls_tls1_3
				7155	requires_gnutls_next_no_ticket
				7156	requires_gnutls_next_disable_tls13_compat
				7157	requires_config_enabled MBEDTLS_DEBUG_C
				7158	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7159	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7160	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7161	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	7162	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7163	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7164	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7165	0 \
				7166	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7167	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7168	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7169	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7170	-c "NamedGroup: secp521r1 ( 19 )" \
				7171	-c "Verifying peer X.509 certificate... ok" \
				7172	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7173
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7174	requires_gnutls_tls1_3
				7175	requires_gnutls_next_no_ticket
				7176	requires_gnutls_next_disable_tls13_compat
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7177	requires_config_enabled MBEDTLS_DEBUG_C
				7178	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7179	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7180	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7181	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7182	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7183	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7184	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7185	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7186	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7187	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7188	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7189	-c "NamedGroup: x25519 ( 1d )" \
				7190	-c "Verifying peer X.509 certificate... ok" \
				7191	-C "received HelloRetryRequest message"
				7192
				7193	requires_gnutls_tls1_3
				7194	requires_gnutls_next_no_ticket
				7195	requires_gnutls_next_disable_tls13_compat
				7196	requires_config_enabled MBEDTLS_DEBUG_C
				7197	requires_config_enabled MBEDTLS_SSL_CLI_C
				7198	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7199	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7200	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7201	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7202	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				7203	0 \
				7204	-c "HTTP/1.0 200 OK" \
				7205	-c "Protocol is TLSv1.3" \
				7206	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7207	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7208	-c "NamedGroup: x25519 ( 1d )" \
				7209	-c "Verifying peer X.509 certificate... ok" \
				7210	-C "received HelloRetryRequest message"
				7211
				7212	requires_gnutls_tls1_3
				7213	requires_gnutls_next_no_ticket
				7214	requires_gnutls_next_disable_tls13_compat
				7215	requires_config_enabled MBEDTLS_DEBUG_C
				7216	requires_config_enabled MBEDTLS_SSL_CLI_C
				7217	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7218	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7219	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7220	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7221	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				7222	0 \
				7223	-c "HTTP/1.0 200 OK" \
				7224	-c "Protocol is TLSv1.3" \
				7225	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7226	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7227	-c "NamedGroup: x25519 ( 1d )" \
				7228	-c "Verifying peer X.509 certificate... ok" \
				7229	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7230
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7231	requires_gnutls_tls1_3
				7232	requires_gnutls_next_no_ticket
				7233	requires_gnutls_next_disable_tls13_compat
				7234	requires_config_enabled MBEDTLS_DEBUG_C
				7235	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7236	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7237	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7238	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	7239	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7240	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7241	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7242	0 \
				7243	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7244	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7245	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7246	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7247	-c "NamedGroup: x25519 ( 1d )" \
				7248	-c "Verifying peer X.509 certificate... ok" \
				7249	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7250
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7251	requires_gnutls_tls1_3
				7252	requires_gnutls_next_no_ticket
				7253	requires_gnutls_next_disable_tls13_compat
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7254	requires_config_enabled MBEDTLS_DEBUG_C
				7255	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7256	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7257	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7258	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7259	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7260	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7261	0 \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7262	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7263	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7264	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7265	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7266	-c "NamedGroup: x448 ( 1e )" \
				7267	-c "Verifying peer X.509 certificate... ok" \
				7268	-C "received HelloRetryRequest message"
				7269
				7270	requires_gnutls_tls1_3
				7271	requires_gnutls_next_no_ticket
				7272	requires_gnutls_next_disable_tls13_compat
				7273	requires_config_enabled MBEDTLS_DEBUG_C
				7274	requires_config_enabled MBEDTLS_SSL_CLI_C
				7275	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7276	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7277	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7278	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7279	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				7280	0 \
				7281	-c "HTTP/1.0 200 OK" \
				7282	-c "Protocol is TLSv1.3" \
				7283	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7284	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7285	-c "NamedGroup: x448 ( 1e )" \
				7286	-c "Verifying peer X.509 certificate... ok" \
				7287	-C "received HelloRetryRequest message"
				7288
				7289	requires_gnutls_tls1_3
				7290	requires_gnutls_next_no_ticket
				7291	requires_gnutls_next_disable_tls13_compat
				7292	requires_config_enabled MBEDTLS_DEBUG_C
				7293	requires_config_enabled MBEDTLS_SSL_CLI_C
				7294	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7295	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7296	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7297	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	9d0a3e8	2022-04-05 16:13:38 +0200	[diff] [blame]	7298	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				7299	0 \
				7300	-c "HTTP/1.0 200 OK" \
				7301	-c "Protocol is TLSv1.3" \
				7302	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				7303	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7304	-c "NamedGroup: x448 ( 1e )" \
				7305	-c "Verifying peer X.509 certificate... ok" \
				7306	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	7307
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7308	requires_gnutls_tls1_3
				7309	requires_gnutls_next_no_ticket
				7310	requires_gnutls_next_disable_tls13_compat
				7311	requires_config_enabled MBEDTLS_DEBUG_C
				7312	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	7313	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	7314	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	7315	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	7316	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7317	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7318	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7319	0 \
				7320	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	7321	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	7322	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	7323	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	7324	-c "NamedGroup: x448 ( 1e )" \
				7325	-c "Verifying peer X.509 certificate... ok" \
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	7326	-C "received HelloRetryRequest message"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	7327
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7328	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7329	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7330	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7331	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7332	requires_config_enabled MBEDTLS_DEBUG_C
				7333	requires_config_enabled MBEDTLS_SSL_CLI_C
				7334	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7335	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7336	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				7337	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7338	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				7339	0 \
				7340	-s "Protocol is TLSv1.3" \
				7341	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7342	-s "received signature algorithm: 0x403" \
				7343	-s "got named group: secp256r1(0017)" \
				7344	-s "Verifying peer X.509 certificate... ok" \
				7345	-c "Protocol is TLSv1.3" \
				7346	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7347	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7348	-c "NamedGroup: secp256r1 ( 17 )" \
				7349	-c "Verifying peer X.509 certificate... ok" \
				7350	-C "received HelloRetryRequest message"
				7351
				7352	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7353	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7354	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7355	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7356	requires_config_enabled MBEDTLS_DEBUG_C
				7357	requires_config_enabled MBEDTLS_SSL_CLI_C
				7358	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7359	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7360	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				7361	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7362	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				7363	0 \
				7364	-s "Protocol is TLSv1.3" \
				7365	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7366	-s "received signature algorithm: 0x503" \
				7367	-s "got named group: secp256r1(0017)" \
				7368	-s "Verifying peer X.509 certificate... ok" \
				7369	-c "Protocol is TLSv1.3" \
				7370	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7371	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7372	-c "NamedGroup: secp256r1 ( 17 )" \
				7373	-c "Verifying peer X.509 certificate... ok" \
				7374	-C "received HelloRetryRequest message"
				7375
				7376	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7377	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7378	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7379	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7380	requires_config_enabled MBEDTLS_DEBUG_C
				7381	requires_config_enabled MBEDTLS_SSL_CLI_C
				7382	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7383	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7384	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				7385	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7386	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				7387	0 \
				7388	-s "Protocol is TLSv1.3" \
				7389	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7390	-s "received signature algorithm: 0x603" \
				7391	-s "got named group: secp256r1(0017)" \
				7392	-s "Verifying peer X.509 certificate... ok" \
				7393	-c "Protocol is TLSv1.3" \
				7394	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7395	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7396	-c "NamedGroup: secp256r1 ( 17 )" \
				7397	-c "Verifying peer X.509 certificate... ok" \
				7398	-C "received HelloRetryRequest message"
				7399
				7400	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7401	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7402	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7403	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7404	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7405	requires_config_enabled MBEDTLS_DEBUG_C
				7406	requires_config_enabled MBEDTLS_SSL_CLI_C
				7407	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7408	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7409	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7410	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				7411	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7412	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				7413	0 \
				7414	-s "Protocol is TLSv1.3" \
				7415	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7416	-s "received signature algorithm: 0x804" \
				7417	-s "got named group: secp256r1(0017)" \
				7418	-s "Verifying peer X.509 certificate... ok" \
				7419	-c "Protocol is TLSv1.3" \
				7420	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7421	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7422	-c "NamedGroup: secp256r1 ( 17 )" \
				7423	-c "Verifying peer X.509 certificate... ok" \
				7424	-C "received HelloRetryRequest message"
				7425
				7426	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7427	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7428	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7429	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7430	requires_config_enabled MBEDTLS_DEBUG_C
				7431	requires_config_enabled MBEDTLS_SSL_CLI_C
				7432	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7433	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7434	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				7435	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7436	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				7437	0 \
				7438	-s "Protocol is TLSv1.3" \
				7439	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7440	-s "received signature algorithm: 0x403" \
				7441	-s "got named group: secp384r1(0018)" \
				7442	-s "Verifying peer X.509 certificate... ok" \
				7443	-c "Protocol is TLSv1.3" \
				7444	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7445	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7446	-c "NamedGroup: secp384r1 ( 18 )" \
				7447	-c "Verifying peer X.509 certificate... ok" \
				7448	-C "received HelloRetryRequest message"
				7449
				7450	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7451	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7452	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7453	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7454	requires_config_enabled MBEDTLS_DEBUG_C
				7455	requires_config_enabled MBEDTLS_SSL_CLI_C
				7456	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7457	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7458	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				7459	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7460	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				7461	0 \
				7462	-s "Protocol is TLSv1.3" \
				7463	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7464	-s "received signature algorithm: 0x503" \
				7465	-s "got named group: secp384r1(0018)" \
				7466	-s "Verifying peer X.509 certificate... ok" \
				7467	-c "Protocol is TLSv1.3" \
				7468	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7469	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7470	-c "NamedGroup: secp384r1 ( 18 )" \
				7471	-c "Verifying peer X.509 certificate... ok" \
				7472	-C "received HelloRetryRequest message"
				7473
				7474	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7475	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7476	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7477	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7478	requires_config_enabled MBEDTLS_DEBUG_C
				7479	requires_config_enabled MBEDTLS_SSL_CLI_C
				7480	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7481	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7482	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				7483	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7484	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				7485	0 \
				7486	-s "Protocol is TLSv1.3" \
				7487	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7488	-s "received signature algorithm: 0x603" \
				7489	-s "got named group: secp384r1(0018)" \
				7490	-s "Verifying peer X.509 certificate... ok" \
				7491	-c "Protocol is TLSv1.3" \
				7492	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7493	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7494	-c "NamedGroup: secp384r1 ( 18 )" \
				7495	-c "Verifying peer X.509 certificate... ok" \
				7496	-C "received HelloRetryRequest message"
				7497
				7498	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7499	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7500	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7501	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7502	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7503	requires_config_enabled MBEDTLS_DEBUG_C
				7504	requires_config_enabled MBEDTLS_SSL_CLI_C
				7505	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7506	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7507	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7508	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				7509	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7510	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				7511	0 \
				7512	-s "Protocol is TLSv1.3" \
				7513	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7514	-s "received signature algorithm: 0x804" \
				7515	-s "got named group: secp384r1(0018)" \
				7516	-s "Verifying peer X.509 certificate... ok" \
				7517	-c "Protocol is TLSv1.3" \
				7518	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7519	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7520	-c "NamedGroup: secp384r1 ( 18 )" \
				7521	-c "Verifying peer X.509 certificate... ok" \
				7522	-C "received HelloRetryRequest message"
				7523
				7524	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7525	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7526	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7527	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7528	requires_config_enabled MBEDTLS_DEBUG_C
				7529	requires_config_enabled MBEDTLS_SSL_CLI_C
				7530	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7531	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7532	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				7533	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7534	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				7535	0 \
				7536	-s "Protocol is TLSv1.3" \
				7537	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7538	-s "received signature algorithm: 0x403" \
				7539	-s "got named group: secp521r1(0019)" \
				7540	-s "Verifying peer X.509 certificate... ok" \
				7541	-c "Protocol is TLSv1.3" \
				7542	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7543	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7544	-c "NamedGroup: secp521r1 ( 19 )" \
				7545	-c "Verifying peer X.509 certificate... ok" \
				7546	-C "received HelloRetryRequest message"
				7547
				7548	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7549	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7550	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7551	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7552	requires_config_enabled MBEDTLS_DEBUG_C
				7553	requires_config_enabled MBEDTLS_SSL_CLI_C
				7554	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7555	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7556	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				7557	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7558	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				7559	0 \
				7560	-s "Protocol is TLSv1.3" \
				7561	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7562	-s "received signature algorithm: 0x503" \
				7563	-s "got named group: secp521r1(0019)" \
				7564	-s "Verifying peer X.509 certificate... ok" \
				7565	-c "Protocol is TLSv1.3" \
				7566	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7567	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7568	-c "NamedGroup: secp521r1 ( 19 )" \
				7569	-c "Verifying peer X.509 certificate... ok" \
				7570	-C "received HelloRetryRequest message"
				7571
				7572	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7573	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7574	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7575	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7576	requires_config_enabled MBEDTLS_DEBUG_C
				7577	requires_config_enabled MBEDTLS_SSL_CLI_C
				7578	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7579	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7580	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				7581	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7582	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				7583	0 \
				7584	-s "Protocol is TLSv1.3" \
				7585	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7586	-s "received signature algorithm: 0x603" \
				7587	-s "got named group: secp521r1(0019)" \
				7588	-s "Verifying peer X.509 certificate... ok" \
				7589	-c "Protocol is TLSv1.3" \
				7590	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7591	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7592	-c "NamedGroup: secp521r1 ( 19 )" \
				7593	-c "Verifying peer X.509 certificate... ok" \
				7594	-C "received HelloRetryRequest message"
				7595
				7596	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7597	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7598	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7599	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7600	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7601	requires_config_enabled MBEDTLS_DEBUG_C
				7602	requires_config_enabled MBEDTLS_SSL_CLI_C
				7603	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7604	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7605	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7606	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				7607	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7608	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				7609	0 \
				7610	-s "Protocol is TLSv1.3" \
				7611	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7612	-s "received signature algorithm: 0x804" \
				7613	-s "got named group: secp521r1(0019)" \
				7614	-s "Verifying peer X.509 certificate... ok" \
				7615	-c "Protocol is TLSv1.3" \
				7616	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7617	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7618	-c "NamedGroup: secp521r1 ( 19 )" \
				7619	-c "Verifying peer X.509 certificate... ok" \
				7620	-C "received HelloRetryRequest message"
				7621
				7622	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7623	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7624	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7625	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7626	requires_config_enabled MBEDTLS_DEBUG_C
				7627	requires_config_enabled MBEDTLS_SSL_CLI_C
				7628	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7629	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7630	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				7631	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7632	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				7633	0 \
				7634	-s "Protocol is TLSv1.3" \
				7635	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7636	-s "received signature algorithm: 0x403" \
				7637	-s "got named group: x25519(001d)" \
				7638	-s "Verifying peer X.509 certificate... ok" \
				7639	-c "Protocol is TLSv1.3" \
				7640	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7641	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7642	-c "NamedGroup: x25519 ( 1d )" \
				7643	-c "Verifying peer X.509 certificate... ok" \
				7644	-C "received HelloRetryRequest message"
				7645
				7646	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7647	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7648	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7649	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7650	requires_config_enabled MBEDTLS_DEBUG_C
				7651	requires_config_enabled MBEDTLS_SSL_CLI_C
				7652	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7653	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7654	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				7655	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7656	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				7657	0 \
				7658	-s "Protocol is TLSv1.3" \
				7659	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7660	-s "received signature algorithm: 0x503" \
				7661	-s "got named group: x25519(001d)" \
				7662	-s "Verifying peer X.509 certificate... ok" \
				7663	-c "Protocol is TLSv1.3" \
				7664	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7665	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7666	-c "NamedGroup: x25519 ( 1d )" \
				7667	-c "Verifying peer X.509 certificate... ok" \
				7668	-C "received HelloRetryRequest message"
				7669
				7670	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7671	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7672	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7673	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7674	requires_config_enabled MBEDTLS_DEBUG_C
				7675	requires_config_enabled MBEDTLS_SSL_CLI_C
				7676	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7677	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7678	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				7679	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7680	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				7681	0 \
				7682	-s "Protocol is TLSv1.3" \
				7683	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7684	-s "received signature algorithm: 0x603" \
				7685	-s "got named group: x25519(001d)" \
				7686	-s "Verifying peer X.509 certificate... ok" \
				7687	-c "Protocol is TLSv1.3" \
				7688	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7689	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7690	-c "NamedGroup: x25519 ( 1d )" \
				7691	-c "Verifying peer X.509 certificate... ok" \
				7692	-C "received HelloRetryRequest message"
				7693
				7694	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7695	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7696	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7697	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7698	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7699	requires_config_enabled MBEDTLS_DEBUG_C
				7700	requires_config_enabled MBEDTLS_SSL_CLI_C
				7701	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7702	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7703	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7704	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				7705	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7706	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				7707	0 \
				7708	-s "Protocol is TLSv1.3" \
				7709	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7710	-s "received signature algorithm: 0x804" \
				7711	-s "got named group: x25519(001d)" \
				7712	-s "Verifying peer X.509 certificate... ok" \
				7713	-c "Protocol is TLSv1.3" \
				7714	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7715	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7716	-c "NamedGroup: x25519 ( 1d )" \
				7717	-c "Verifying peer X.509 certificate... ok" \
				7718	-C "received HelloRetryRequest message"
				7719
				7720	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7721	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7722	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7723	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7724	requires_config_enabled MBEDTLS_DEBUG_C
				7725	requires_config_enabled MBEDTLS_SSL_CLI_C
				7726	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7727	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7728	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				7729	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7730	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				7731	0 \
				7732	-s "Protocol is TLSv1.3" \
				7733	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7734	-s "received signature algorithm: 0x403" \
				7735	-s "got named group: x448(001e)" \
				7736	-s "Verifying peer X.509 certificate... ok" \
				7737	-c "Protocol is TLSv1.3" \
				7738	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7739	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7740	-c "NamedGroup: x448 ( 1e )" \
				7741	-c "Verifying peer X.509 certificate... ok" \
				7742	-C "received HelloRetryRequest message"
				7743
				7744	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7745	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7746	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7747	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7748	requires_config_enabled MBEDTLS_DEBUG_C
				7749	requires_config_enabled MBEDTLS_SSL_CLI_C
				7750	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7751	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7752	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				7753	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7754	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				7755	0 \
				7756	-s "Protocol is TLSv1.3" \
				7757	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7758	-s "received signature algorithm: 0x503" \
				7759	-s "got named group: x448(001e)" \
				7760	-s "Verifying peer X.509 certificate... ok" \
				7761	-c "Protocol is TLSv1.3" \
				7762	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7763	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7764	-c "NamedGroup: x448 ( 1e )" \
				7765	-c "Verifying peer X.509 certificate... ok" \
				7766	-C "received HelloRetryRequest message"
				7767
				7768	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7769	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7770	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7771	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7772	requires_config_enabled MBEDTLS_DEBUG_C
				7773	requires_config_enabled MBEDTLS_SSL_CLI_C
				7774	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7775	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7776	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				7777	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7778	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				7779	0 \
				7780	-s "Protocol is TLSv1.3" \
				7781	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7782	-s "received signature algorithm: 0x603" \
				7783	-s "got named group: x448(001e)" \
				7784	-s "Verifying peer X.509 certificate... ok" \
				7785	-c "Protocol is TLSv1.3" \
				7786	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7787	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7788	-c "NamedGroup: x448 ( 1e )" \
				7789	-c "Verifying peer X.509 certificate... ok" \
				7790	-C "received HelloRetryRequest message"
				7791
				7792	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7793	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7794	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7795	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7796	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7797	requires_config_enabled MBEDTLS_DEBUG_C
				7798	requires_config_enabled MBEDTLS_SSL_CLI_C
				7799	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7800	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7801	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7802	run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
				7803	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7804	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				7805	0 \
				7806	-s "Protocol is TLSv1.3" \
				7807	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
				7808	-s "received signature algorithm: 0x804" \
				7809	-s "got named group: x448(001e)" \
				7810	-s "Verifying peer X.509 certificate... ok" \
				7811	-c "Protocol is TLSv1.3" \
				7812	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				7813	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7814	-c "NamedGroup: x448 ( 1e )" \
				7815	-c "Verifying peer X.509 certificate... ok" \
				7816	-C "received HelloRetryRequest message"
				7817
				7818	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7819	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7820	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7821	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7822	requires_config_enabled MBEDTLS_DEBUG_C
				7823	requires_config_enabled MBEDTLS_SSL_CLI_C
				7824	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7825	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7826	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
				7827	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7828	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				7829	0 \
				7830	-s "Protocol is TLSv1.3" \
				7831	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7832	-s "received signature algorithm: 0x403" \
				7833	-s "got named group: secp256r1(0017)" \
				7834	-s "Verifying peer X.509 certificate... ok" \
				7835	-c "Protocol is TLSv1.3" \
				7836	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7837	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7838	-c "NamedGroup: secp256r1 ( 17 )" \
				7839	-c "Verifying peer X.509 certificate... ok" \
				7840	-C "received HelloRetryRequest message"
				7841
				7842	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7843	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7844	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7845	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7846	requires_config_enabled MBEDTLS_DEBUG_C
				7847	requires_config_enabled MBEDTLS_SSL_CLI_C
				7848	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7849	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7850	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
				7851	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7852	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				7853	0 \
				7854	-s "Protocol is TLSv1.3" \
				7855	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7856	-s "received signature algorithm: 0x503" \
				7857	-s "got named group: secp256r1(0017)" \
				7858	-s "Verifying peer X.509 certificate... ok" \
				7859	-c "Protocol is TLSv1.3" \
				7860	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7861	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7862	-c "NamedGroup: secp256r1 ( 17 )" \
				7863	-c "Verifying peer X.509 certificate... ok" \
				7864	-C "received HelloRetryRequest message"
				7865
				7866	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7867	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7868	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7869	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7870	requires_config_enabled MBEDTLS_DEBUG_C
				7871	requires_config_enabled MBEDTLS_SSL_CLI_C
				7872	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7873	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7874	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
				7875	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7876	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				7877	0 \
				7878	-s "Protocol is TLSv1.3" \
				7879	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7880	-s "received signature algorithm: 0x603" \
				7881	-s "got named group: secp256r1(0017)" \
				7882	-s "Verifying peer X.509 certificate... ok" \
				7883	-c "Protocol is TLSv1.3" \
				7884	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7885	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7886	-c "NamedGroup: secp256r1 ( 17 )" \
				7887	-c "Verifying peer X.509 certificate... ok" \
				7888	-C "received HelloRetryRequest message"
				7889
				7890	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7891	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7892	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7893	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7894	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7895	requires_config_enabled MBEDTLS_DEBUG_C
				7896	requires_config_enabled MBEDTLS_SSL_CLI_C
				7897	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7898	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7899	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7900	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
				7901	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7902	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				7903	0 \
				7904	-s "Protocol is TLSv1.3" \
				7905	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7906	-s "received signature algorithm: 0x804" \
				7907	-s "got named group: secp256r1(0017)" \
				7908	-s "Verifying peer X.509 certificate... ok" \
				7909	-c "Protocol is TLSv1.3" \
				7910	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7911	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				7912	-c "NamedGroup: secp256r1 ( 17 )" \
				7913	-c "Verifying peer X.509 certificate... ok" \
				7914	-C "received HelloRetryRequest message"
				7915
				7916	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7917	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7918	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7919	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7920	requires_config_enabled MBEDTLS_DEBUG_C
				7921	requires_config_enabled MBEDTLS_SSL_CLI_C
				7922	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7923	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7924	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
				7925	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7926	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				7927	0 \
				7928	-s "Protocol is TLSv1.3" \
				7929	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7930	-s "received signature algorithm: 0x403" \
				7931	-s "got named group: secp384r1(0018)" \
				7932	-s "Verifying peer X.509 certificate... ok" \
				7933	-c "Protocol is TLSv1.3" \
				7934	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7935	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				7936	-c "NamedGroup: secp384r1 ( 18 )" \
				7937	-c "Verifying peer X.509 certificate... ok" \
				7938	-C "received HelloRetryRequest message"
				7939
				7940	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7941	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7942	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7943	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7944	requires_config_enabled MBEDTLS_DEBUG_C
				7945	requires_config_enabled MBEDTLS_SSL_CLI_C
				7946	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7947	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7948	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
				7949	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7950	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				7951	0 \
				7952	-s "Protocol is TLSv1.3" \
				7953	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7954	-s "received signature algorithm: 0x503" \
				7955	-s "got named group: secp384r1(0018)" \
				7956	-s "Verifying peer X.509 certificate... ok" \
				7957	-c "Protocol is TLSv1.3" \
				7958	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7959	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				7960	-c "NamedGroup: secp384r1 ( 18 )" \
				7961	-c "Verifying peer X.509 certificate... ok" \
				7962	-C "received HelloRetryRequest message"
				7963
				7964	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7965	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7966	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7967	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7968	requires_config_enabled MBEDTLS_DEBUG_C
				7969	requires_config_enabled MBEDTLS_SSL_CLI_C
				7970	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7971	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7972	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
				7973	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				7974	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				7975	0 \
				7976	-s "Protocol is TLSv1.3" \
				7977	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				7978	-s "received signature algorithm: 0x603" \
				7979	-s "got named group: secp384r1(0018)" \
				7980	-s "Verifying peer X.509 certificate... ok" \
				7981	-c "Protocol is TLSv1.3" \
				7982	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				7983	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				7984	-c "NamedGroup: secp384r1 ( 18 )" \
				7985	-c "Verifying peer X.509 certificate... ok" \
				7986	-C "received HelloRetryRequest message"
				7987
				7988	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	7989	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	7990	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7991	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7992	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7993	requires_config_enabled MBEDTLS_DEBUG_C
				7994	requires_config_enabled MBEDTLS_SSL_CLI_C
				7995	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				7996	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				7997	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				7998	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
				7999	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8000	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				8001	0 \
				8002	-s "Protocol is TLSv1.3" \
				8003	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8004	-s "received signature algorithm: 0x804" \
				8005	-s "got named group: secp384r1(0018)" \
				8006	-s "Verifying peer X.509 certificate... ok" \
				8007	-c "Protocol is TLSv1.3" \
				8008	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8009	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8010	-c "NamedGroup: secp384r1 ( 18 )" \
				8011	-c "Verifying peer X.509 certificate... ok" \
				8012	-C "received HelloRetryRequest message"
				8013
				8014	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8015	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8016	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8017	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8018	requires_config_enabled MBEDTLS_DEBUG_C
				8019	requires_config_enabled MBEDTLS_SSL_CLI_C
				8020	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8021	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8022	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
				8023	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8024	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				8025	0 \
				8026	-s "Protocol is TLSv1.3" \
				8027	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8028	-s "received signature algorithm: 0x403" \
				8029	-s "got named group: secp521r1(0019)" \
				8030	-s "Verifying peer X.509 certificate... ok" \
				8031	-c "Protocol is TLSv1.3" \
				8032	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8033	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8034	-c "NamedGroup: secp521r1 ( 19 )" \
				8035	-c "Verifying peer X.509 certificate... ok" \
				8036	-C "received HelloRetryRequest message"
				8037
				8038	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8039	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8040	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8041	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8042	requires_config_enabled MBEDTLS_DEBUG_C
				8043	requires_config_enabled MBEDTLS_SSL_CLI_C
				8044	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8045	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8046	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
				8047	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8048	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				8049	0 \
				8050	-s "Protocol is TLSv1.3" \
				8051	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8052	-s "received signature algorithm: 0x503" \
				8053	-s "got named group: secp521r1(0019)" \
				8054	-s "Verifying peer X.509 certificate... ok" \
				8055	-c "Protocol is TLSv1.3" \
				8056	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8057	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8058	-c "NamedGroup: secp521r1 ( 19 )" \
				8059	-c "Verifying peer X.509 certificate... ok" \
				8060	-C "received HelloRetryRequest message"
				8061
				8062	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8063	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8064	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8065	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8066	requires_config_enabled MBEDTLS_DEBUG_C
				8067	requires_config_enabled MBEDTLS_SSL_CLI_C
				8068	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8069	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8070	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
				8071	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8072	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				8073	0 \
				8074	-s "Protocol is TLSv1.3" \
				8075	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8076	-s "received signature algorithm: 0x603" \
				8077	-s "got named group: secp521r1(0019)" \
				8078	-s "Verifying peer X.509 certificate... ok" \
				8079	-c "Protocol is TLSv1.3" \
				8080	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8081	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8082	-c "NamedGroup: secp521r1 ( 19 )" \
				8083	-c "Verifying peer X.509 certificate... ok" \
				8084	-C "received HelloRetryRequest message"
				8085
				8086	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8087	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8088	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8089	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8090	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8091	requires_config_enabled MBEDTLS_DEBUG_C
				8092	requires_config_enabled MBEDTLS_SSL_CLI_C
				8093	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8094	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8095	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8096	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
				8097	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8098	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				8099	0 \
				8100	-s "Protocol is TLSv1.3" \
				8101	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8102	-s "received signature algorithm: 0x804" \
				8103	-s "got named group: secp521r1(0019)" \
				8104	-s "Verifying peer X.509 certificate... ok" \
				8105	-c "Protocol is TLSv1.3" \
				8106	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8107	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8108	-c "NamedGroup: secp521r1 ( 19 )" \
				8109	-c "Verifying peer X.509 certificate... ok" \
				8110	-C "received HelloRetryRequest message"
				8111
				8112	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8113	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8114	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8115	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8116	requires_config_enabled MBEDTLS_DEBUG_C
				8117	requires_config_enabled MBEDTLS_SSL_CLI_C
				8118	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8119	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8120	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
				8121	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8122	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				8123	0 \
				8124	-s "Protocol is TLSv1.3" \
				8125	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8126	-s "received signature algorithm: 0x403" \
				8127	-s "got named group: x25519(001d)" \
				8128	-s "Verifying peer X.509 certificate... ok" \
				8129	-c "Protocol is TLSv1.3" \
				8130	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8131	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8132	-c "NamedGroup: x25519 ( 1d )" \
				8133	-c "Verifying peer X.509 certificate... ok" \
				8134	-C "received HelloRetryRequest message"
				8135
				8136	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8137	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8138	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8139	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8140	requires_config_enabled MBEDTLS_DEBUG_C
				8141	requires_config_enabled MBEDTLS_SSL_CLI_C
				8142	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8143	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8144	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
				8145	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8146	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				8147	0 \
				8148	-s "Protocol is TLSv1.3" \
				8149	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8150	-s "received signature algorithm: 0x503" \
				8151	-s "got named group: x25519(001d)" \
				8152	-s "Verifying peer X.509 certificate... ok" \
				8153	-c "Protocol is TLSv1.3" \
				8154	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8155	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8156	-c "NamedGroup: x25519 ( 1d )" \
				8157	-c "Verifying peer X.509 certificate... ok" \
				8158	-C "received HelloRetryRequest message"
				8159
				8160	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8161	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8162	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8163	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8164	requires_config_enabled MBEDTLS_DEBUG_C
				8165	requires_config_enabled MBEDTLS_SSL_CLI_C
				8166	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8167	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8168	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
				8169	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8170	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				8171	0 \
				8172	-s "Protocol is TLSv1.3" \
				8173	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8174	-s "received signature algorithm: 0x603" \
				8175	-s "got named group: x25519(001d)" \
				8176	-s "Verifying peer X.509 certificate... ok" \
				8177	-c "Protocol is TLSv1.3" \
				8178	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8179	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8180	-c "NamedGroup: x25519 ( 1d )" \
				8181	-c "Verifying peer X.509 certificate... ok" \
				8182	-C "received HelloRetryRequest message"
				8183
				8184	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8185	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8186	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8187	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8188	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8189	requires_config_enabled MBEDTLS_DEBUG_C
				8190	requires_config_enabled MBEDTLS_SSL_CLI_C
				8191	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8192	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8193	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8194	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
				8195	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8196	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				8197	0 \
				8198	-s "Protocol is TLSv1.3" \
				8199	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8200	-s "received signature algorithm: 0x804" \
				8201	-s "got named group: x25519(001d)" \
				8202	-s "Verifying peer X.509 certificate... ok" \
				8203	-c "Protocol is TLSv1.3" \
				8204	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8205	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8206	-c "NamedGroup: x25519 ( 1d )" \
				8207	-c "Verifying peer X.509 certificate... ok" \
				8208	-C "received HelloRetryRequest message"
				8209
				8210	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8211	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8212	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8213	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8214	requires_config_enabled MBEDTLS_DEBUG_C
				8215	requires_config_enabled MBEDTLS_SSL_CLI_C
				8216	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8217	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8218	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
				8219	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8220	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				8221	0 \
				8222	-s "Protocol is TLSv1.3" \
				8223	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8224	-s "received signature algorithm: 0x403" \
				8225	-s "got named group: x448(001e)" \
				8226	-s "Verifying peer X.509 certificate... ok" \
				8227	-c "Protocol is TLSv1.3" \
				8228	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8229	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8230	-c "NamedGroup: x448 ( 1e )" \
				8231	-c "Verifying peer X.509 certificate... ok" \
				8232	-C "received HelloRetryRequest message"
				8233
				8234	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8235	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8236	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8237	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8238	requires_config_enabled MBEDTLS_DEBUG_C
				8239	requires_config_enabled MBEDTLS_SSL_CLI_C
				8240	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8241	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8242	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
				8243	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8244	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				8245	0 \
				8246	-s "Protocol is TLSv1.3" \
				8247	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8248	-s "received signature algorithm: 0x503" \
				8249	-s "got named group: x448(001e)" \
				8250	-s "Verifying peer X.509 certificate... ok" \
				8251	-c "Protocol is TLSv1.3" \
				8252	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8253	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8254	-c "NamedGroup: x448 ( 1e )" \
				8255	-c "Verifying peer X.509 certificate... ok" \
				8256	-C "received HelloRetryRequest message"
				8257
				8258	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8259	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8260	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8261	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8262	requires_config_enabled MBEDTLS_DEBUG_C
				8263	requires_config_enabled MBEDTLS_SSL_CLI_C
				8264	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8265	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8266	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
				8267	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8268	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				8269	0 \
				8270	-s "Protocol is TLSv1.3" \
				8271	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8272	-s "received signature algorithm: 0x603" \
				8273	-s "got named group: x448(001e)" \
				8274	-s "Verifying peer X.509 certificate... ok" \
				8275	-c "Protocol is TLSv1.3" \
				8276	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8277	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8278	-c "NamedGroup: x448 ( 1e )" \
				8279	-c "Verifying peer X.509 certificate... ok" \
				8280	-C "received HelloRetryRequest message"
				8281
				8282	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8283	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8284	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8285	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8286	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8287	requires_config_enabled MBEDTLS_DEBUG_C
				8288	requires_config_enabled MBEDTLS_SSL_CLI_C
				8289	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8290	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8291	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8292	run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
				8293	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8294	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				8295	0 \
				8296	-s "Protocol is TLSv1.3" \
				8297	-s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \
				8298	-s "received signature algorithm: 0x804" \
				8299	-s "got named group: x448(001e)" \
				8300	-s "Verifying peer X.509 certificate... ok" \
				8301	-c "Protocol is TLSv1.3" \
				8302	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				8303	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8304	-c "NamedGroup: x448 ( 1e )" \
				8305	-c "Verifying peer X.509 certificate... ok" \
				8306	-C "received HelloRetryRequest message"
				8307
				8308	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8309	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8310	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8311	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8312	requires_config_enabled MBEDTLS_DEBUG_C
				8313	requires_config_enabled MBEDTLS_SSL_CLI_C
				8314	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8315	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8316	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				8317	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8318	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				8319	0 \
				8320	-s "Protocol is TLSv1.3" \
				8321	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8322	-s "received signature algorithm: 0x403" \
				8323	-s "got named group: secp256r1(0017)" \
				8324	-s "Verifying peer X.509 certificate... ok" \
				8325	-c "Protocol is TLSv1.3" \
				8326	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8327	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8328	-c "NamedGroup: secp256r1 ( 17 )" \
				8329	-c "Verifying peer X.509 certificate... ok" \
				8330	-C "received HelloRetryRequest message"
				8331
				8332	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8333	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8334	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8335	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8336	requires_config_enabled MBEDTLS_DEBUG_C
				8337	requires_config_enabled MBEDTLS_SSL_CLI_C
				8338	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8339	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8340	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				8341	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8342	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				8343	0 \
				8344	-s "Protocol is TLSv1.3" \
				8345	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8346	-s "received signature algorithm: 0x503" \
				8347	-s "got named group: secp256r1(0017)" \
				8348	-s "Verifying peer X.509 certificate... ok" \
				8349	-c "Protocol is TLSv1.3" \
				8350	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8351	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8352	-c "NamedGroup: secp256r1 ( 17 )" \
				8353	-c "Verifying peer X.509 certificate... ok" \
				8354	-C "received HelloRetryRequest message"
				8355
				8356	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8357	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8358	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8359	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8360	requires_config_enabled MBEDTLS_DEBUG_C
				8361	requires_config_enabled MBEDTLS_SSL_CLI_C
				8362	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8363	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8364	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				8365	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8366	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				8367	0 \
				8368	-s "Protocol is TLSv1.3" \
				8369	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8370	-s "received signature algorithm: 0x603" \
				8371	-s "got named group: secp256r1(0017)" \
				8372	-s "Verifying peer X.509 certificate... ok" \
				8373	-c "Protocol is TLSv1.3" \
				8374	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8375	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8376	-c "NamedGroup: secp256r1 ( 17 )" \
				8377	-c "Verifying peer X.509 certificate... ok" \
				8378	-C "received HelloRetryRequest message"
				8379
				8380	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8381	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8382	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8383	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8384	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8385	requires_config_enabled MBEDTLS_DEBUG_C
				8386	requires_config_enabled MBEDTLS_SSL_CLI_C
				8387	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8388	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8389	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8390	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				8391	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8392	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				8393	0 \
				8394	-s "Protocol is TLSv1.3" \
				8395	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8396	-s "received signature algorithm: 0x804" \
				8397	-s "got named group: secp256r1(0017)" \
				8398	-s "Verifying peer X.509 certificate... ok" \
				8399	-c "Protocol is TLSv1.3" \
				8400	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8401	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8402	-c "NamedGroup: secp256r1 ( 17 )" \
				8403	-c "Verifying peer X.509 certificate... ok" \
				8404	-C "received HelloRetryRequest message"
				8405
				8406	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8407	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8408	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8409	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8410	requires_config_enabled MBEDTLS_DEBUG_C
				8411	requires_config_enabled MBEDTLS_SSL_CLI_C
				8412	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8413	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8414	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				8415	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8416	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				8417	0 \
				8418	-s "Protocol is TLSv1.3" \
				8419	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8420	-s "received signature algorithm: 0x403" \
				8421	-s "got named group: secp384r1(0018)" \
				8422	-s "Verifying peer X.509 certificate... ok" \
				8423	-c "Protocol is TLSv1.3" \
				8424	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8425	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8426	-c "NamedGroup: secp384r1 ( 18 )" \
				8427	-c "Verifying peer X.509 certificate... ok" \
				8428	-C "received HelloRetryRequest message"
				8429
				8430	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8431	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8432	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8433	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8434	requires_config_enabled MBEDTLS_DEBUG_C
				8435	requires_config_enabled MBEDTLS_SSL_CLI_C
				8436	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8437	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8438	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				8439	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8440	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				8441	0 \
				8442	-s "Protocol is TLSv1.3" \
				8443	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8444	-s "received signature algorithm: 0x503" \
				8445	-s "got named group: secp384r1(0018)" \
				8446	-s "Verifying peer X.509 certificate... ok" \
				8447	-c "Protocol is TLSv1.3" \
				8448	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8449	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8450	-c "NamedGroup: secp384r1 ( 18 )" \
				8451	-c "Verifying peer X.509 certificate... ok" \
				8452	-C "received HelloRetryRequest message"
				8453
				8454	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8455	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8456	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8457	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8458	requires_config_enabled MBEDTLS_DEBUG_C
				8459	requires_config_enabled MBEDTLS_SSL_CLI_C
				8460	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8461	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8462	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				8463	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8464	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				8465	0 \
				8466	-s "Protocol is TLSv1.3" \
				8467	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8468	-s "received signature algorithm: 0x603" \
				8469	-s "got named group: secp384r1(0018)" \
				8470	-s "Verifying peer X.509 certificate... ok" \
				8471	-c "Protocol is TLSv1.3" \
				8472	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8473	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8474	-c "NamedGroup: secp384r1 ( 18 )" \
				8475	-c "Verifying peer X.509 certificate... ok" \
				8476	-C "received HelloRetryRequest message"
				8477
				8478	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8479	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8480	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8481	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8482	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8483	requires_config_enabled MBEDTLS_DEBUG_C
				8484	requires_config_enabled MBEDTLS_SSL_CLI_C
				8485	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8486	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8487	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8488	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				8489	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8490	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				8491	0 \
				8492	-s "Protocol is TLSv1.3" \
				8493	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8494	-s "received signature algorithm: 0x804" \
				8495	-s "got named group: secp384r1(0018)" \
				8496	-s "Verifying peer X.509 certificate... ok" \
				8497	-c "Protocol is TLSv1.3" \
				8498	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8499	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8500	-c "NamedGroup: secp384r1 ( 18 )" \
				8501	-c "Verifying peer X.509 certificate... ok" \
				8502	-C "received HelloRetryRequest message"
				8503
				8504	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8505	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8506	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8507	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8508	requires_config_enabled MBEDTLS_DEBUG_C
				8509	requires_config_enabled MBEDTLS_SSL_CLI_C
				8510	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8511	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8512	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				8513	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8514	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				8515	0 \
				8516	-s "Protocol is TLSv1.3" \
				8517	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8518	-s "received signature algorithm: 0x403" \
				8519	-s "got named group: secp521r1(0019)" \
				8520	-s "Verifying peer X.509 certificate... ok" \
				8521	-c "Protocol is TLSv1.3" \
				8522	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8523	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8524	-c "NamedGroup: secp521r1 ( 19 )" \
				8525	-c "Verifying peer X.509 certificate... ok" \
				8526	-C "received HelloRetryRequest message"
				8527
				8528	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8529	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8530	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8531	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8532	requires_config_enabled MBEDTLS_DEBUG_C
				8533	requires_config_enabled MBEDTLS_SSL_CLI_C
				8534	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8535	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8536	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				8537	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8538	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				8539	0 \
				8540	-s "Protocol is TLSv1.3" \
				8541	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8542	-s "received signature algorithm: 0x503" \
				8543	-s "got named group: secp521r1(0019)" \
				8544	-s "Verifying peer X.509 certificate... ok" \
				8545	-c "Protocol is TLSv1.3" \
				8546	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8547	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8548	-c "NamedGroup: secp521r1 ( 19 )" \
				8549	-c "Verifying peer X.509 certificate... ok" \
				8550	-C "received HelloRetryRequest message"
				8551
				8552	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8553	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8554	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8555	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8556	requires_config_enabled MBEDTLS_DEBUG_C
				8557	requires_config_enabled MBEDTLS_SSL_CLI_C
				8558	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8559	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8560	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				8561	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8562	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				8563	0 \
				8564	-s "Protocol is TLSv1.3" \
				8565	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8566	-s "received signature algorithm: 0x603" \
				8567	-s "got named group: secp521r1(0019)" \
				8568	-s "Verifying peer X.509 certificate... ok" \
				8569	-c "Protocol is TLSv1.3" \
				8570	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8571	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8572	-c "NamedGroup: secp521r1 ( 19 )" \
				8573	-c "Verifying peer X.509 certificate... ok" \
				8574	-C "received HelloRetryRequest message"
				8575
				8576	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8577	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8578	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8579	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8580	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8581	requires_config_enabled MBEDTLS_DEBUG_C
				8582	requires_config_enabled MBEDTLS_SSL_CLI_C
				8583	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8584	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8585	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8586	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				8587	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8588	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				8589	0 \
				8590	-s "Protocol is TLSv1.3" \
				8591	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8592	-s "received signature algorithm: 0x804" \
				8593	-s "got named group: secp521r1(0019)" \
				8594	-s "Verifying peer X.509 certificate... ok" \
				8595	-c "Protocol is TLSv1.3" \
				8596	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8597	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8598	-c "NamedGroup: secp521r1 ( 19 )" \
				8599	-c "Verifying peer X.509 certificate... ok" \
				8600	-C "received HelloRetryRequest message"
				8601
				8602	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8603	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8604	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8605	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8606	requires_config_enabled MBEDTLS_DEBUG_C
				8607	requires_config_enabled MBEDTLS_SSL_CLI_C
				8608	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8609	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8610	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
				8611	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8612	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				8613	0 \
				8614	-s "Protocol is TLSv1.3" \
				8615	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8616	-s "received signature algorithm: 0x403" \
				8617	-s "got named group: x25519(001d)" \
				8618	-s "Verifying peer X.509 certificate... ok" \
				8619	-c "Protocol is TLSv1.3" \
				8620	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8621	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8622	-c "NamedGroup: x25519 ( 1d )" \
				8623	-c "Verifying peer X.509 certificate... ok" \
				8624	-C "received HelloRetryRequest message"
				8625
				8626	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8627	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8628	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8629	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8630	requires_config_enabled MBEDTLS_DEBUG_C
				8631	requires_config_enabled MBEDTLS_SSL_CLI_C
				8632	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8633	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8634	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
				8635	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8636	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				8637	0 \
				8638	-s "Protocol is TLSv1.3" \
				8639	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8640	-s "received signature algorithm: 0x503" \
				8641	-s "got named group: x25519(001d)" \
				8642	-s "Verifying peer X.509 certificate... ok" \
				8643	-c "Protocol is TLSv1.3" \
				8644	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8645	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8646	-c "NamedGroup: x25519 ( 1d )" \
				8647	-c "Verifying peer X.509 certificate... ok" \
				8648	-C "received HelloRetryRequest message"
				8649
				8650	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8651	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8652	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8653	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8654	requires_config_enabled MBEDTLS_DEBUG_C
				8655	requires_config_enabled MBEDTLS_SSL_CLI_C
				8656	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8657	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8658	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
				8659	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8660	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				8661	0 \
				8662	-s "Protocol is TLSv1.3" \
				8663	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8664	-s "received signature algorithm: 0x603" \
				8665	-s "got named group: x25519(001d)" \
				8666	-s "Verifying peer X.509 certificate... ok" \
				8667	-c "Protocol is TLSv1.3" \
				8668	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8669	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8670	-c "NamedGroup: x25519 ( 1d )" \
				8671	-c "Verifying peer X.509 certificate... ok" \
				8672	-C "received HelloRetryRequest message"
				8673
				8674	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8675	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8676	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8677	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8678	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8679	requires_config_enabled MBEDTLS_DEBUG_C
				8680	requires_config_enabled MBEDTLS_SSL_CLI_C
				8681	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8682	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8683	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8684	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
				8685	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8686	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				8687	0 \
				8688	-s "Protocol is TLSv1.3" \
				8689	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8690	-s "received signature algorithm: 0x804" \
				8691	-s "got named group: x25519(001d)" \
				8692	-s "Verifying peer X.509 certificate... ok" \
				8693	-c "Protocol is TLSv1.3" \
				8694	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8695	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8696	-c "NamedGroup: x25519 ( 1d )" \
				8697	-c "Verifying peer X.509 certificate... ok" \
				8698	-C "received HelloRetryRequest message"
				8699
				8700	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8701	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8702	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8703	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8704	requires_config_enabled MBEDTLS_DEBUG_C
				8705	requires_config_enabled MBEDTLS_SSL_CLI_C
				8706	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8707	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8708	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
				8709	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8710	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				8711	0 \
				8712	-s "Protocol is TLSv1.3" \
				8713	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8714	-s "received signature algorithm: 0x403" \
				8715	-s "got named group: x448(001e)" \
				8716	-s "Verifying peer X.509 certificate... ok" \
				8717	-c "Protocol is TLSv1.3" \
				8718	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8719	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8720	-c "NamedGroup: x448 ( 1e )" \
				8721	-c "Verifying peer X.509 certificate... ok" \
				8722	-C "received HelloRetryRequest message"
				8723
				8724	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8725	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8726	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8727	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8728	requires_config_enabled MBEDTLS_DEBUG_C
				8729	requires_config_enabled MBEDTLS_SSL_CLI_C
				8730	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8731	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8732	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
				8733	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8734	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				8735	0 \
				8736	-s "Protocol is TLSv1.3" \
				8737	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8738	-s "received signature algorithm: 0x503" \
				8739	-s "got named group: x448(001e)" \
				8740	-s "Verifying peer X.509 certificate... ok" \
				8741	-c "Protocol is TLSv1.3" \
				8742	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8743	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8744	-c "NamedGroup: x448 ( 1e )" \
				8745	-c "Verifying peer X.509 certificate... ok" \
				8746	-C "received HelloRetryRequest message"
				8747
				8748	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8749	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8750	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8751	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8752	requires_config_enabled MBEDTLS_DEBUG_C
				8753	requires_config_enabled MBEDTLS_SSL_CLI_C
				8754	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8755	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8756	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
				8757	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8758	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				8759	0 \
				8760	-s "Protocol is TLSv1.3" \
				8761	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8762	-s "received signature algorithm: 0x603" \
				8763	-s "got named group: x448(001e)" \
				8764	-s "Verifying peer X.509 certificate... ok" \
				8765	-c "Protocol is TLSv1.3" \
				8766	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8767	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8768	-c "NamedGroup: x448 ( 1e )" \
				8769	-c "Verifying peer X.509 certificate... ok" \
				8770	-C "received HelloRetryRequest message"
				8771
				8772	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8773	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8774	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8775	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8776	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8777	requires_config_enabled MBEDTLS_DEBUG_C
				8778	requires_config_enabled MBEDTLS_SSL_CLI_C
				8779	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8780	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8781	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8782	run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
				8783	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8784	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				8785	0 \
				8786	-s "Protocol is TLSv1.3" \
				8787	-s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \
				8788	-s "received signature algorithm: 0x804" \
				8789	-s "got named group: x448(001e)" \
				8790	-s "Verifying peer X.509 certificate... ok" \
				8791	-c "Protocol is TLSv1.3" \
				8792	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				8793	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8794	-c "NamedGroup: x448 ( 1e )" \
				8795	-c "Verifying peer X.509 certificate... ok" \
				8796	-C "received HelloRetryRequest message"
				8797
				8798	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8799	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8800	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8801	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8802	requires_config_enabled MBEDTLS_DEBUG_C
				8803	requires_config_enabled MBEDTLS_SSL_CLI_C
				8804	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8805	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8806	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				8807	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8808	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				8809	0 \
				8810	-s "Protocol is TLSv1.3" \
				8811	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8812	-s "received signature algorithm: 0x403" \
				8813	-s "got named group: secp256r1(0017)" \
				8814	-s "Verifying peer X.509 certificate... ok" \
				8815	-c "Protocol is TLSv1.3" \
				8816	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8817	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8818	-c "NamedGroup: secp256r1 ( 17 )" \
				8819	-c "Verifying peer X.509 certificate... ok" \
				8820	-C "received HelloRetryRequest message"
				8821
				8822	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8823	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8824	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8825	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8826	requires_config_enabled MBEDTLS_DEBUG_C
				8827	requires_config_enabled MBEDTLS_SSL_CLI_C
				8828	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8829	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8830	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				8831	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8832	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				8833	0 \
				8834	-s "Protocol is TLSv1.3" \
				8835	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8836	-s "received signature algorithm: 0x503" \
				8837	-s "got named group: secp256r1(0017)" \
				8838	-s "Verifying peer X.509 certificate... ok" \
				8839	-c "Protocol is TLSv1.3" \
				8840	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8841	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8842	-c "NamedGroup: secp256r1 ( 17 )" \
				8843	-c "Verifying peer X.509 certificate... ok" \
				8844	-C "received HelloRetryRequest message"
				8845
				8846	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8847	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8848	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8849	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8850	requires_config_enabled MBEDTLS_DEBUG_C
				8851	requires_config_enabled MBEDTLS_SSL_CLI_C
				8852	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8853	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8854	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				8855	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8856	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				8857	0 \
				8858	-s "Protocol is TLSv1.3" \
				8859	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8860	-s "received signature algorithm: 0x603" \
				8861	-s "got named group: secp256r1(0017)" \
				8862	-s "Verifying peer X.509 certificate... ok" \
				8863	-c "Protocol is TLSv1.3" \
				8864	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8865	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8866	-c "NamedGroup: secp256r1 ( 17 )" \
				8867	-c "Verifying peer X.509 certificate... ok" \
				8868	-C "received HelloRetryRequest message"
				8869
				8870	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8871	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8872	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8873	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8874	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8875	requires_config_enabled MBEDTLS_DEBUG_C
				8876	requires_config_enabled MBEDTLS_SSL_CLI_C
				8877	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8878	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8879	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8880	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				8881	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8882	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				8883	0 \
				8884	-s "Protocol is TLSv1.3" \
				8885	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8886	-s "received signature algorithm: 0x804" \
				8887	-s "got named group: secp256r1(0017)" \
				8888	-s "Verifying peer X.509 certificate... ok" \
				8889	-c "Protocol is TLSv1.3" \
				8890	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8891	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8892	-c "NamedGroup: secp256r1 ( 17 )" \
				8893	-c "Verifying peer X.509 certificate... ok" \
				8894	-C "received HelloRetryRequest message"
				8895
				8896	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8897	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8898	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8899	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8900	requires_config_enabled MBEDTLS_DEBUG_C
				8901	requires_config_enabled MBEDTLS_SSL_CLI_C
				8902	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8903	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8904	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				8905	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8906	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				8907	0 \
				8908	-s "Protocol is TLSv1.3" \
				8909	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8910	-s "received signature algorithm: 0x403" \
				8911	-s "got named group: secp384r1(0018)" \
				8912	-s "Verifying peer X.509 certificate... ok" \
				8913	-c "Protocol is TLSv1.3" \
				8914	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8915	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				8916	-c "NamedGroup: secp384r1 ( 18 )" \
				8917	-c "Verifying peer X.509 certificate... ok" \
				8918	-C "received HelloRetryRequest message"
				8919
				8920	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8921	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8922	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8923	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8924	requires_config_enabled MBEDTLS_DEBUG_C
				8925	requires_config_enabled MBEDTLS_SSL_CLI_C
				8926	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8927	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8928	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				8929	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8930	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				8931	0 \
				8932	-s "Protocol is TLSv1.3" \
				8933	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8934	-s "received signature algorithm: 0x503" \
				8935	-s "got named group: secp384r1(0018)" \
				8936	-s "Verifying peer X.509 certificate... ok" \
				8937	-c "Protocol is TLSv1.3" \
				8938	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8939	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				8940	-c "NamedGroup: secp384r1 ( 18 )" \
				8941	-c "Verifying peer X.509 certificate... ok" \
				8942	-C "received HelloRetryRequest message"
				8943
				8944	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8945	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8946	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8947	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8948	requires_config_enabled MBEDTLS_DEBUG_C
				8949	requires_config_enabled MBEDTLS_SSL_CLI_C
				8950	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8951	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8952	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				8953	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8954	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				8955	0 \
				8956	-s "Protocol is TLSv1.3" \
				8957	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8958	-s "received signature algorithm: 0x603" \
				8959	-s "got named group: secp384r1(0018)" \
				8960	-s "Verifying peer X.509 certificate... ok" \
				8961	-c "Protocol is TLSv1.3" \
				8962	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8963	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				8964	-c "NamedGroup: secp384r1 ( 18 )" \
				8965	-c "Verifying peer X.509 certificate... ok" \
				8966	-C "received HelloRetryRequest message"
				8967
				8968	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8969	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8970	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8971	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8972	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8973	requires_config_enabled MBEDTLS_DEBUG_C
				8974	requires_config_enabled MBEDTLS_SSL_CLI_C
				8975	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8976	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8977	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				8978	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				8979	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				8980	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				8981	0 \
				8982	-s "Protocol is TLSv1.3" \
				8983	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				8984	-s "received signature algorithm: 0x804" \
				8985	-s "got named group: secp384r1(0018)" \
				8986	-s "Verifying peer X.509 certificate... ok" \
				8987	-c "Protocol is TLSv1.3" \
				8988	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				8989	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				8990	-c "NamedGroup: secp384r1 ( 18 )" \
				8991	-c "Verifying peer X.509 certificate... ok" \
				8992	-C "received HelloRetryRequest message"
				8993
				8994	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	8995	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	8996	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				8997	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				8998	requires_config_enabled MBEDTLS_DEBUG_C
				8999	requires_config_enabled MBEDTLS_SSL_CLI_C
				9000	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9001	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9002	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				9003	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9004	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				9005	0 \
				9006	-s "Protocol is TLSv1.3" \
				9007	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9008	-s "received signature algorithm: 0x403" \
				9009	-s "got named group: secp521r1(0019)" \
				9010	-s "Verifying peer X.509 certificate... ok" \
				9011	-c "Protocol is TLSv1.3" \
				9012	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9013	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9014	-c "NamedGroup: secp521r1 ( 19 )" \
				9015	-c "Verifying peer X.509 certificate... ok" \
				9016	-C "received HelloRetryRequest message"
				9017
				9018	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9019	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9020	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9021	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9022	requires_config_enabled MBEDTLS_DEBUG_C
				9023	requires_config_enabled MBEDTLS_SSL_CLI_C
				9024	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9025	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9026	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				9027	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9028	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				9029	0 \
				9030	-s "Protocol is TLSv1.3" \
				9031	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9032	-s "received signature algorithm: 0x503" \
				9033	-s "got named group: secp521r1(0019)" \
				9034	-s "Verifying peer X.509 certificate... ok" \
				9035	-c "Protocol is TLSv1.3" \
				9036	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9037	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9038	-c "NamedGroup: secp521r1 ( 19 )" \
				9039	-c "Verifying peer X.509 certificate... ok" \
				9040	-C "received HelloRetryRequest message"
				9041
				9042	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9043	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9044	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9045	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9046	requires_config_enabled MBEDTLS_DEBUG_C
				9047	requires_config_enabled MBEDTLS_SSL_CLI_C
				9048	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9049	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9050	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				9051	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9052	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				9053	0 \
				9054	-s "Protocol is TLSv1.3" \
				9055	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9056	-s "received signature algorithm: 0x603" \
				9057	-s "got named group: secp521r1(0019)" \
				9058	-s "Verifying peer X.509 certificate... ok" \
				9059	-c "Protocol is TLSv1.3" \
				9060	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9061	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9062	-c "NamedGroup: secp521r1 ( 19 )" \
				9063	-c "Verifying peer X.509 certificate... ok" \
				9064	-C "received HelloRetryRequest message"
				9065
				9066	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9067	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9068	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9069	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9070	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9071	requires_config_enabled MBEDTLS_DEBUG_C
				9072	requires_config_enabled MBEDTLS_SSL_CLI_C
				9073	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9074	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9075	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9076	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				9077	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9078	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				9079	0 \
				9080	-s "Protocol is TLSv1.3" \
				9081	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9082	-s "received signature algorithm: 0x804" \
				9083	-s "got named group: secp521r1(0019)" \
				9084	-s "Verifying peer X.509 certificate... ok" \
				9085	-c "Protocol is TLSv1.3" \
				9086	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9087	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9088	-c "NamedGroup: secp521r1 ( 19 )" \
				9089	-c "Verifying peer X.509 certificate... ok" \
				9090	-C "received HelloRetryRequest message"
				9091
				9092	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9093	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9094	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9095	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9096	requires_config_enabled MBEDTLS_DEBUG_C
				9097	requires_config_enabled MBEDTLS_SSL_CLI_C
				9098	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9099	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9100	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
				9101	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9102	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				9103	0 \
				9104	-s "Protocol is TLSv1.3" \
				9105	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9106	-s "received signature algorithm: 0x403" \
				9107	-s "got named group: x25519(001d)" \
				9108	-s "Verifying peer X.509 certificate... ok" \
				9109	-c "Protocol is TLSv1.3" \
				9110	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9111	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9112	-c "NamedGroup: x25519 ( 1d )" \
				9113	-c "Verifying peer X.509 certificate... ok" \
				9114	-C "received HelloRetryRequest message"
				9115
				9116	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9117	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9118	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9119	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9120	requires_config_enabled MBEDTLS_DEBUG_C
				9121	requires_config_enabled MBEDTLS_SSL_CLI_C
				9122	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9123	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9124	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
				9125	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9126	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				9127	0 \
				9128	-s "Protocol is TLSv1.3" \
				9129	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9130	-s "received signature algorithm: 0x503" \
				9131	-s "got named group: x25519(001d)" \
				9132	-s "Verifying peer X.509 certificate... ok" \
				9133	-c "Protocol is TLSv1.3" \
				9134	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9135	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9136	-c "NamedGroup: x25519 ( 1d )" \
				9137	-c "Verifying peer X.509 certificate... ok" \
				9138	-C "received HelloRetryRequest message"
				9139
				9140	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9141	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9142	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9143	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9144	requires_config_enabled MBEDTLS_DEBUG_C
				9145	requires_config_enabled MBEDTLS_SSL_CLI_C
				9146	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9147	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9148	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
				9149	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9150	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				9151	0 \
				9152	-s "Protocol is TLSv1.3" \
				9153	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9154	-s "received signature algorithm: 0x603" \
				9155	-s "got named group: x25519(001d)" \
				9156	-s "Verifying peer X.509 certificate... ok" \
				9157	-c "Protocol is TLSv1.3" \
				9158	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9159	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9160	-c "NamedGroup: x25519 ( 1d )" \
				9161	-c "Verifying peer X.509 certificate... ok" \
				9162	-C "received HelloRetryRequest message"
				9163
				9164	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9165	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9166	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9167	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9168	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9169	requires_config_enabled MBEDTLS_DEBUG_C
				9170	requires_config_enabled MBEDTLS_SSL_CLI_C
				9171	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9172	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9173	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9174	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
				9175	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9176	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				9177	0 \
				9178	-s "Protocol is TLSv1.3" \
				9179	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9180	-s "received signature algorithm: 0x804" \
				9181	-s "got named group: x25519(001d)" \
				9182	-s "Verifying peer X.509 certificate... ok" \
				9183	-c "Protocol is TLSv1.3" \
				9184	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9185	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9186	-c "NamedGroup: x25519 ( 1d )" \
				9187	-c "Verifying peer X.509 certificate... ok" \
				9188	-C "received HelloRetryRequest message"
				9189
				9190	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9191	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9192	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9193	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9194	requires_config_enabled MBEDTLS_DEBUG_C
				9195	requires_config_enabled MBEDTLS_SSL_CLI_C
				9196	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9197	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9198	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
				9199	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9200	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				9201	0 \
				9202	-s "Protocol is TLSv1.3" \
				9203	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9204	-s "received signature algorithm: 0x403" \
				9205	-s "got named group: x448(001e)" \
				9206	-s "Verifying peer X.509 certificate... ok" \
				9207	-c "Protocol is TLSv1.3" \
				9208	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9209	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9210	-c "NamedGroup: x448 ( 1e )" \
				9211	-c "Verifying peer X.509 certificate... ok" \
				9212	-C "received HelloRetryRequest message"
				9213
				9214	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9215	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9216	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9217	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9218	requires_config_enabled MBEDTLS_DEBUG_C
				9219	requires_config_enabled MBEDTLS_SSL_CLI_C
				9220	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9221	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9222	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
				9223	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9224	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				9225	0 \
				9226	-s "Protocol is TLSv1.3" \
				9227	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9228	-s "received signature algorithm: 0x503" \
				9229	-s "got named group: x448(001e)" \
				9230	-s "Verifying peer X.509 certificate... ok" \
				9231	-c "Protocol is TLSv1.3" \
				9232	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9233	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9234	-c "NamedGroup: x448 ( 1e )" \
				9235	-c "Verifying peer X.509 certificate... ok" \
				9236	-C "received HelloRetryRequest message"
				9237
				9238	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9239	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9240	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9241	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9242	requires_config_enabled MBEDTLS_DEBUG_C
				9243	requires_config_enabled MBEDTLS_SSL_CLI_C
				9244	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9245	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9246	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
				9247	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9248	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				9249	0 \
				9250	-s "Protocol is TLSv1.3" \
				9251	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9252	-s "received signature algorithm: 0x603" \
				9253	-s "got named group: x448(001e)" \
				9254	-s "Verifying peer X.509 certificate... ok" \
				9255	-c "Protocol is TLSv1.3" \
				9256	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9257	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9258	-c "NamedGroup: x448 ( 1e )" \
				9259	-c "Verifying peer X.509 certificate... ok" \
				9260	-C "received HelloRetryRequest message"
				9261
				9262	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9263	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9264	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9265	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9266	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9267	requires_config_enabled MBEDTLS_DEBUG_C
				9268	requires_config_enabled MBEDTLS_SSL_CLI_C
				9269	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9270	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9271	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9272	run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
				9273	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9274	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				9275	0 \
				9276	-s "Protocol is TLSv1.3" \
				9277	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \
				9278	-s "received signature algorithm: 0x804" \
				9279	-s "got named group: x448(001e)" \
				9280	-s "Verifying peer X.509 certificate... ok" \
				9281	-c "Protocol is TLSv1.3" \
				9282	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				9283	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9284	-c "NamedGroup: x448 ( 1e )" \
				9285	-c "Verifying peer X.509 certificate... ok" \
				9286	-C "received HelloRetryRequest message"
				9287
				9288	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9289	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9290	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9291	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9292	requires_config_enabled MBEDTLS_DEBUG_C
				9293	requires_config_enabled MBEDTLS_SSL_CLI_C
				9294	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9295	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9296	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
				9297	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9298	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
				9299	0 \
				9300	-s "Protocol is TLSv1.3" \
				9301	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9302	-s "received signature algorithm: 0x403" \
				9303	-s "got named group: secp256r1(0017)" \
				9304	-s "Verifying peer X.509 certificate... ok" \
				9305	-c "Protocol is TLSv1.3" \
				9306	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9307	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9308	-c "NamedGroup: secp256r1 ( 17 )" \
				9309	-c "Verifying peer X.509 certificate... ok" \
				9310	-C "received HelloRetryRequest message"
				9311
				9312	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9313	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9314	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9315	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9316	requires_config_enabled MBEDTLS_DEBUG_C
				9317	requires_config_enabled MBEDTLS_SSL_CLI_C
				9318	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9319	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9320	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
				9321	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9322	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
				9323	0 \
				9324	-s "Protocol is TLSv1.3" \
				9325	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9326	-s "received signature algorithm: 0x503" \
				9327	-s "got named group: secp256r1(0017)" \
				9328	-s "Verifying peer X.509 certificate... ok" \
				9329	-c "Protocol is TLSv1.3" \
				9330	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9331	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9332	-c "NamedGroup: secp256r1 ( 17 )" \
				9333	-c "Verifying peer X.509 certificate... ok" \
				9334	-C "received HelloRetryRequest message"
				9335
				9336	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9337	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9338	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9339	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9340	requires_config_enabled MBEDTLS_DEBUG_C
				9341	requires_config_enabled MBEDTLS_SSL_CLI_C
				9342	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9343	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9344	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
				9345	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9346	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
				9347	0 \
				9348	-s "Protocol is TLSv1.3" \
				9349	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9350	-s "received signature algorithm: 0x603" \
				9351	-s "got named group: secp256r1(0017)" \
				9352	-s "Verifying peer X.509 certificate... ok" \
				9353	-c "Protocol is TLSv1.3" \
				9354	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9355	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9356	-c "NamedGroup: secp256r1 ( 17 )" \
				9357	-c "Verifying peer X.509 certificate... ok" \
				9358	-C "received HelloRetryRequest message"
				9359
				9360	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9361	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9362	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9363	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9364	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9365	requires_config_enabled MBEDTLS_DEBUG_C
				9366	requires_config_enabled MBEDTLS_SSL_CLI_C
				9367	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9368	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9369	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9370	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
				9371	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9372	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
				9373	0 \
				9374	-s "Protocol is TLSv1.3" \
				9375	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9376	-s "received signature algorithm: 0x804" \
				9377	-s "got named group: secp256r1(0017)" \
				9378	-s "Verifying peer X.509 certificate... ok" \
				9379	-c "Protocol is TLSv1.3" \
				9380	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9381	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9382	-c "NamedGroup: secp256r1 ( 17 )" \
				9383	-c "Verifying peer X.509 certificate... ok" \
				9384	-C "received HelloRetryRequest message"
				9385
				9386	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9387	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9388	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9389	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9390	requires_config_enabled MBEDTLS_DEBUG_C
				9391	requires_config_enabled MBEDTLS_SSL_CLI_C
				9392	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9393	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9394	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
				9395	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9396	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
				9397	0 \
				9398	-s "Protocol is TLSv1.3" \
				9399	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9400	-s "received signature algorithm: 0x403" \
				9401	-s "got named group: secp384r1(0018)" \
				9402	-s "Verifying peer X.509 certificate... ok" \
				9403	-c "Protocol is TLSv1.3" \
				9404	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9405	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9406	-c "NamedGroup: secp384r1 ( 18 )" \
				9407	-c "Verifying peer X.509 certificate... ok" \
				9408	-C "received HelloRetryRequest message"
				9409
				9410	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9411	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9412	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9413	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9414	requires_config_enabled MBEDTLS_DEBUG_C
				9415	requires_config_enabled MBEDTLS_SSL_CLI_C
				9416	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9417	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9418	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
				9419	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9420	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
				9421	0 \
				9422	-s "Protocol is TLSv1.3" \
				9423	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9424	-s "received signature algorithm: 0x503" \
				9425	-s "got named group: secp384r1(0018)" \
				9426	-s "Verifying peer X.509 certificate... ok" \
				9427	-c "Protocol is TLSv1.3" \
				9428	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9429	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9430	-c "NamedGroup: secp384r1 ( 18 )" \
				9431	-c "Verifying peer X.509 certificate... ok" \
				9432	-C "received HelloRetryRequest message"
				9433
				9434	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9435	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9436	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9437	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9438	requires_config_enabled MBEDTLS_DEBUG_C
				9439	requires_config_enabled MBEDTLS_SSL_CLI_C
				9440	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9441	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9442	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
				9443	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9444	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
				9445	0 \
				9446	-s "Protocol is TLSv1.3" \
				9447	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9448	-s "received signature algorithm: 0x603" \
				9449	-s "got named group: secp384r1(0018)" \
				9450	-s "Verifying peer X.509 certificate... ok" \
				9451	-c "Protocol is TLSv1.3" \
				9452	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9453	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9454	-c "NamedGroup: secp384r1 ( 18 )" \
				9455	-c "Verifying peer X.509 certificate... ok" \
				9456	-C "received HelloRetryRequest message"
				9457
				9458	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9459	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9460	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9461	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9462	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9463	requires_config_enabled MBEDTLS_DEBUG_C
				9464	requires_config_enabled MBEDTLS_SSL_CLI_C
				9465	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9466	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9467	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9468	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
				9469	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9470	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
				9471	0 \
				9472	-s "Protocol is TLSv1.3" \
				9473	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9474	-s "received signature algorithm: 0x804" \
				9475	-s "got named group: secp384r1(0018)" \
				9476	-s "Verifying peer X.509 certificate... ok" \
				9477	-c "Protocol is TLSv1.3" \
				9478	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9479	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9480	-c "NamedGroup: secp384r1 ( 18 )" \
				9481	-c "Verifying peer X.509 certificate... ok" \
				9482	-C "received HelloRetryRequest message"
				9483
				9484	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9485	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9486	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9487	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9488	requires_config_enabled MBEDTLS_DEBUG_C
				9489	requires_config_enabled MBEDTLS_SSL_CLI_C
				9490	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9491	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9492	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
				9493	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9494	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
				9495	0 \
				9496	-s "Protocol is TLSv1.3" \
				9497	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9498	-s "received signature algorithm: 0x403" \
				9499	-s "got named group: secp521r1(0019)" \
				9500	-s "Verifying peer X.509 certificate... ok" \
				9501	-c "Protocol is TLSv1.3" \
				9502	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9503	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9504	-c "NamedGroup: secp521r1 ( 19 )" \
				9505	-c "Verifying peer X.509 certificate... ok" \
				9506	-C "received HelloRetryRequest message"
				9507
				9508	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9509	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9510	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9511	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9512	requires_config_enabled MBEDTLS_DEBUG_C
				9513	requires_config_enabled MBEDTLS_SSL_CLI_C
				9514	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9515	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9516	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
				9517	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9518	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
				9519	0 \
				9520	-s "Protocol is TLSv1.3" \
				9521	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9522	-s "received signature algorithm: 0x503" \
				9523	-s "got named group: secp521r1(0019)" \
				9524	-s "Verifying peer X.509 certificate... ok" \
				9525	-c "Protocol is TLSv1.3" \
				9526	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9527	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9528	-c "NamedGroup: secp521r1 ( 19 )" \
				9529	-c "Verifying peer X.509 certificate... ok" \
				9530	-C "received HelloRetryRequest message"
				9531
				9532	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9533	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9534	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9535	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9536	requires_config_enabled MBEDTLS_DEBUG_C
				9537	requires_config_enabled MBEDTLS_SSL_CLI_C
				9538	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9539	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9540	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
				9541	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9542	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
				9543	0 \
				9544	-s "Protocol is TLSv1.3" \
				9545	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9546	-s "received signature algorithm: 0x603" \
				9547	-s "got named group: secp521r1(0019)" \
				9548	-s "Verifying peer X.509 certificate... ok" \
				9549	-c "Protocol is TLSv1.3" \
				9550	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9551	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9552	-c "NamedGroup: secp521r1 ( 19 )" \
				9553	-c "Verifying peer X.509 certificate... ok" \
				9554	-C "received HelloRetryRequest message"
				9555
				9556	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9557	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9558	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9559	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9560	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9561	requires_config_enabled MBEDTLS_DEBUG_C
				9562	requires_config_enabled MBEDTLS_SSL_CLI_C
				9563	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9564	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9565	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9566	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
				9567	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9568	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
				9569	0 \
				9570	-s "Protocol is TLSv1.3" \
				9571	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9572	-s "received signature algorithm: 0x804" \
				9573	-s "got named group: secp521r1(0019)" \
				9574	-s "Verifying peer X.509 certificate... ok" \
				9575	-c "Protocol is TLSv1.3" \
				9576	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9577	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9578	-c "NamedGroup: secp521r1 ( 19 )" \
				9579	-c "Verifying peer X.509 certificate... ok" \
				9580	-C "received HelloRetryRequest message"
				9581
				9582	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9583	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9584	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9585	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9586	requires_config_enabled MBEDTLS_DEBUG_C
				9587	requires_config_enabled MBEDTLS_SSL_CLI_C
				9588	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9589	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9590	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
				9591	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9592	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
				9593	0 \
				9594	-s "Protocol is TLSv1.3" \
				9595	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9596	-s "received signature algorithm: 0x403" \
				9597	-s "got named group: x25519(001d)" \
				9598	-s "Verifying peer X.509 certificate... ok" \
				9599	-c "Protocol is TLSv1.3" \
				9600	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9601	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9602	-c "NamedGroup: x25519 ( 1d )" \
				9603	-c "Verifying peer X.509 certificate... ok" \
				9604	-C "received HelloRetryRequest message"
				9605
				9606	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9607	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9608	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9609	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9610	requires_config_enabled MBEDTLS_DEBUG_C
				9611	requires_config_enabled MBEDTLS_SSL_CLI_C
				9612	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9613	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9614	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
				9615	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9616	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
				9617	0 \
				9618	-s "Protocol is TLSv1.3" \
				9619	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9620	-s "received signature algorithm: 0x503" \
				9621	-s "got named group: x25519(001d)" \
				9622	-s "Verifying peer X.509 certificate... ok" \
				9623	-c "Protocol is TLSv1.3" \
				9624	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9625	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9626	-c "NamedGroup: x25519 ( 1d )" \
				9627	-c "Verifying peer X.509 certificate... ok" \
				9628	-C "received HelloRetryRequest message"
				9629
				9630	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9631	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9632	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9633	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9634	requires_config_enabled MBEDTLS_DEBUG_C
				9635	requires_config_enabled MBEDTLS_SSL_CLI_C
				9636	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9637	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9638	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
				9639	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9640	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
				9641	0 \
				9642	-s "Protocol is TLSv1.3" \
				9643	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9644	-s "received signature algorithm: 0x603" \
				9645	-s "got named group: x25519(001d)" \
				9646	-s "Verifying peer X.509 certificate... ok" \
				9647	-c "Protocol is TLSv1.3" \
				9648	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9649	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9650	-c "NamedGroup: x25519 ( 1d )" \
				9651	-c "Verifying peer X.509 certificate... ok" \
				9652	-C "received HelloRetryRequest message"
				9653
				9654	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9655	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9656	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9657	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9658	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9659	requires_config_enabled MBEDTLS_DEBUG_C
				9660	requires_config_enabled MBEDTLS_SSL_CLI_C
				9661	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9662	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9663	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9664	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
				9665	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9666	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
				9667	0 \
				9668	-s "Protocol is TLSv1.3" \
				9669	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9670	-s "received signature algorithm: 0x804" \
				9671	-s "got named group: x25519(001d)" \
				9672	-s "Verifying peer X.509 certificate... ok" \
				9673	-c "Protocol is TLSv1.3" \
				9674	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9675	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9676	-c "NamedGroup: x25519 ( 1d )" \
				9677	-c "Verifying peer X.509 certificate... ok" \
				9678	-C "received HelloRetryRequest message"
				9679
				9680	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9681	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9682	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9683	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9684	requires_config_enabled MBEDTLS_DEBUG_C
				9685	requires_config_enabled MBEDTLS_SSL_CLI_C
				9686	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9687	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9688	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
				9689	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9690	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
				9691	0 \
				9692	-s "Protocol is TLSv1.3" \
				9693	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9694	-s "received signature algorithm: 0x403" \
				9695	-s "got named group: x448(001e)" \
				9696	-s "Verifying peer X.509 certificate... ok" \
				9697	-c "Protocol is TLSv1.3" \
				9698	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9699	-c "Certificate Verify: Signature algorithm ( 0403 )" \
				9700	-c "NamedGroup: x448 ( 1e )" \
				9701	-c "Verifying peer X.509 certificate... ok" \
				9702	-C "received HelloRetryRequest message"
				9703
				9704	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9705	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9706	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9707	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9708	requires_config_enabled MBEDTLS_DEBUG_C
				9709	requires_config_enabled MBEDTLS_SSL_CLI_C
				9710	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9711	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9712	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
				9713	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9714	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
				9715	0 \
				9716	-s "Protocol is TLSv1.3" \
				9717	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9718	-s "received signature algorithm: 0x503" \
				9719	-s "got named group: x448(001e)" \
				9720	-s "Verifying peer X.509 certificate... ok" \
				9721	-c "Protocol is TLSv1.3" \
				9722	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9723	-c "Certificate Verify: Signature algorithm ( 0503 )" \
				9724	-c "NamedGroup: x448 ( 1e )" \
				9725	-c "Verifying peer X.509 certificate... ok" \
				9726	-C "received HelloRetryRequest message"
				9727
				9728	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9729	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9730	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9731	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9732	requires_config_enabled MBEDTLS_DEBUG_C
				9733	requires_config_enabled MBEDTLS_SSL_CLI_C
				9734	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9735	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9736	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
				9737	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9738	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
				9739	0 \
				9740	-s "Protocol is TLSv1.3" \
				9741	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9742	-s "received signature algorithm: 0x603" \
				9743	-s "got named group: x448(001e)" \
				9744	-s "Verifying peer X.509 certificate... ok" \
				9745	-c "Protocol is TLSv1.3" \
				9746	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9747	-c "Certificate Verify: Signature algorithm ( 0603 )" \
				9748	-c "NamedGroup: x448 ( 1e )" \
				9749	-c "Verifying peer X.509 certificate... ok" \
				9750	-C "received HelloRetryRequest message"
				9751
				9752	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	9753	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9754	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9755	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9756	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9757	requires_config_enabled MBEDTLS_DEBUG_C
				9758	requires_config_enabled MBEDTLS_SSL_CLI_C
				9759	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9760	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9761	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
				9762	run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
				9763	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				9764	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
				9765	0 \
				9766	-s "Protocol is TLSv1.3" \
				9767	-s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \
				9768	-s "received signature algorithm: 0x804" \
				9769	-s "got named group: x448(001e)" \
				9770	-s "Verifying peer X.509 certificate... ok" \
				9771	-c "Protocol is TLSv1.3" \
				9772	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				9773	-c "Certificate Verify: Signature algorithm ( 0804 )" \
				9774	-c "NamedGroup: x448 ( 1e )" \
				9775	-c "Verifying peer X.509 certificate... ok" \
				9776	-C "received HelloRetryRequest message"
				9777
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9778	requires_openssl_tls1_3
				9779	requires_config_enabled MBEDTLS_DEBUG_C
				9780	requires_config_enabled MBEDTLS_SSL_CLI_C
				9781	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9782	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9783	run_test "TLS 1.3 m->O: HRR secp256r1 -> secp384r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9784	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9785	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9786	0 \
				9787	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9788	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9789	-c "NamedGroup: secp256r1 ( 17 )" \
				9790	-c "NamedGroup: secp384r1 ( 18 )" \
				9791	-c "Verifying peer X.509 certificate... ok" \
				9792	-c "received HelloRetryRequest message" \
				9793	-c "selected_group ( 24 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9794
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9795	requires_openssl_tls1_3
				9796	requires_config_enabled MBEDTLS_DEBUG_C
				9797	requires_config_enabled MBEDTLS_SSL_CLI_C
				9798	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9799	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	9800	run_test "TLS 1.3 m->O: HRR secp256r1 -> secp521r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9801	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9802	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9803	0 \
				9804	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9805	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9806	-c "NamedGroup: secp256r1 ( 17 )" \
				9807	-c "NamedGroup: secp521r1 ( 19 )" \
				9808	-c "Verifying peer X.509 certificate... ok" \
				9809	-c "received HelloRetryRequest message" \
				9810	-c "selected_group ( 25 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9811
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9812	requires_openssl_tls1_3
				9813	requires_config_enabled MBEDTLS_DEBUG_C
				9814	requires_config_enabled MBEDTLS_SSL_CLI_C
				9815	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9816	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	9817	run_test "TLS 1.3 m->O: HRR secp256r1 -> x25519" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9818	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9819	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9820	0 \
				9821	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9822	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9823	-c "NamedGroup: secp256r1 ( 17 )" \
				9824	-c "NamedGroup: x25519 ( 1d )" \
				9825	-c "Verifying peer X.509 certificate... ok" \
				9826	-c "received HelloRetryRequest message" \
				9827	-c "selected_group ( 29 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9828
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9829	requires_openssl_tls1_3
				9830	requires_config_enabled MBEDTLS_DEBUG_C
				9831	requires_config_enabled MBEDTLS_SSL_CLI_C
				9832	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9833	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	9834	run_test "TLS 1.3 m->O: HRR secp256r1 -> x448" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9835	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9836	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9837	0 \
				9838	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9839	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	9840	-c "NamedGroup: secp256r1 ( 17 )" \
				9841	-c "NamedGroup: x448 ( 1e )" \
				9842	-c "Verifying peer X.509 certificate... ok" \
				9843	-c "received HelloRetryRequest message" \
				9844	-c "selected_group ( 30 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	9845
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9846	requires_openssl_tls1_3
				9847	requires_config_enabled MBEDTLS_DEBUG_C
				9848	requires_config_enabled MBEDTLS_SSL_CLI_C
				9849	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9850	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9851	run_test "TLS 1.3 m->O: HRR secp384r1 -> secp256r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9852	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9853	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9854	0 \
				9855	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9856	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9857	-c "NamedGroup: secp384r1 ( 18 )" \
				9858	-c "NamedGroup: secp256r1 ( 17 )" \
				9859	-c "Verifying peer X.509 certificate... ok" \
				9860	-c "received HelloRetryRequest message" \
				9861	-c "selected_group ( 23 )"
				9862
				9863	requires_openssl_tls1_3
				9864	requires_config_enabled MBEDTLS_DEBUG_C
				9865	requires_config_enabled MBEDTLS_SSL_CLI_C
				9866	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9867	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9868	run_test "TLS 1.3 m->O: HRR secp384r1 -> secp521r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9869	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9870	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9871	0 \
				9872	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9873	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9874	-c "NamedGroup: secp384r1 ( 18 )" \
				9875	-c "NamedGroup: secp521r1 ( 19 )" \
				9876	-c "Verifying peer X.509 certificate... ok" \
				9877	-c "received HelloRetryRequest message" \
				9878	-c "selected_group ( 25 )"
				9879
				9880	requires_openssl_tls1_3
				9881	requires_config_enabled MBEDTLS_DEBUG_C
				9882	requires_config_enabled MBEDTLS_SSL_CLI_C
				9883	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9884	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9885	run_test "TLS 1.3 m->O: HRR secp384r1 -> x25519" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9886	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9887	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9888	0 \
				9889	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9890	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9891	-c "NamedGroup: secp384r1 ( 18 )" \
				9892	-c "NamedGroup: x25519 ( 1d )" \
				9893	-c "Verifying peer X.509 certificate... ok" \
				9894	-c "received HelloRetryRequest message" \
				9895	-c "selected_group ( 29 )"
				9896
				9897	requires_openssl_tls1_3
				9898	requires_config_enabled MBEDTLS_DEBUG_C
				9899	requires_config_enabled MBEDTLS_SSL_CLI_C
				9900	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9901	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9902	run_test "TLS 1.3 m->O: HRR secp384r1 -> x448" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9903	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9904	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9905	0 \
				9906	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9907	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9908	-c "NamedGroup: secp384r1 ( 18 )" \
				9909	-c "NamedGroup: x448 ( 1e )" \
				9910	-c "Verifying peer X.509 certificate... ok" \
				9911	-c "received HelloRetryRequest message" \
				9912	-c "selected_group ( 30 )"
				9913
				9914	requires_openssl_tls1_3
				9915	requires_config_enabled MBEDTLS_DEBUG_C
				9916	requires_config_enabled MBEDTLS_SSL_CLI_C
				9917	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9918	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9919	run_test "TLS 1.3 m->O: HRR secp521r1 -> secp256r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9920	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9921	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9922	0 \
				9923	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9924	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9925	-c "NamedGroup: secp521r1 ( 19 )" \
				9926	-c "NamedGroup: secp256r1 ( 17 )" \
				9927	-c "Verifying peer X.509 certificate... ok" \
				9928	-c "received HelloRetryRequest message" \
				9929	-c "selected_group ( 23 )"
				9930
				9931	requires_openssl_tls1_3
				9932	requires_config_enabled MBEDTLS_DEBUG_C
				9933	requires_config_enabled MBEDTLS_SSL_CLI_C
				9934	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9935	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9936	run_test "TLS 1.3 m->O: HRR secp521r1 -> secp384r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9937	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9938	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9939	0 \
				9940	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9941	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9942	-c "NamedGroup: secp521r1 ( 19 )" \
				9943	-c "NamedGroup: secp384r1 ( 18 )" \
				9944	-c "Verifying peer X.509 certificate... ok" \
				9945	-c "received HelloRetryRequest message" \
				9946	-c "selected_group ( 24 )"
				9947
				9948	requires_openssl_tls1_3
				9949	requires_config_enabled MBEDTLS_DEBUG_C
				9950	requires_config_enabled MBEDTLS_SSL_CLI_C
				9951	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9952	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9953	run_test "TLS 1.3 m->O: HRR secp521r1 -> x25519" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9954	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9955	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9956	0 \
				9957	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9958	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9959	-c "NamedGroup: secp521r1 ( 19 )" \
				9960	-c "NamedGroup: x25519 ( 1d )" \
				9961	-c "Verifying peer X.509 certificate... ok" \
				9962	-c "received HelloRetryRequest message" \
				9963	-c "selected_group ( 29 )"
				9964
				9965	requires_openssl_tls1_3
				9966	requires_config_enabled MBEDTLS_DEBUG_C
				9967	requires_config_enabled MBEDTLS_SSL_CLI_C
				9968	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9969	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9970	run_test "TLS 1.3 m->O: HRR secp521r1 -> x448" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9971	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9972	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9973	0 \
				9974	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9975	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9976	-c "NamedGroup: secp521r1 ( 19 )" \
				9977	-c "NamedGroup: x448 ( 1e )" \
				9978	-c "Verifying peer X.509 certificate... ok" \
				9979	-c "received HelloRetryRequest message" \
				9980	-c "selected_group ( 30 )"
				9981
				9982	requires_openssl_tls1_3
				9983	requires_config_enabled MBEDTLS_DEBUG_C
				9984	requires_config_enabled MBEDTLS_SSL_CLI_C
				9985	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				9986	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				9987	run_test "TLS 1.3 m->O: HRR x25519 -> secp256r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	9988	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9989	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9990	0 \
				9991	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	9992	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	9993	-c "NamedGroup: x25519 ( 1d )" \
				9994	-c "NamedGroup: secp256r1 ( 17 )" \
				9995	-c "Verifying peer X.509 certificate... ok" \
				9996	-c "received HelloRetryRequest message" \
				9997	-c "selected_group ( 23 )"
				9998
				9999	requires_openssl_tls1_3
				10000	requires_config_enabled MBEDTLS_DEBUG_C
				10001	requires_config_enabled MBEDTLS_SSL_CLI_C
				10002	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10003	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10004	run_test "TLS 1.3 m->O: HRR x25519 -> secp384r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10005	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10006	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10007	0 \
				10008	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10009	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10010	-c "NamedGroup: x25519 ( 1d )" \
				10011	-c "NamedGroup: secp384r1 ( 18 )" \
				10012	-c "Verifying peer X.509 certificate... ok" \
				10013	-c "received HelloRetryRequest message" \
				10014	-c "selected_group ( 24 )"
				10015
				10016	requires_openssl_tls1_3
				10017	requires_config_enabled MBEDTLS_DEBUG_C
				10018	requires_config_enabled MBEDTLS_SSL_CLI_C
				10019	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10020	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10021	run_test "TLS 1.3 m->O: HRR x25519 -> secp521r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10022	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10023	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10024	0 \
				10025	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10026	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10027	-c "NamedGroup: x25519 ( 1d )" \
				10028	-c "NamedGroup: secp521r1 ( 19 )" \
				10029	-c "Verifying peer X.509 certificate... ok" \
				10030	-c "received HelloRetryRequest message" \
				10031	-c "selected_group ( 25 )"
				10032
				10033	requires_openssl_tls1_3
				10034	requires_config_enabled MBEDTLS_DEBUG_C
				10035	requires_config_enabled MBEDTLS_SSL_CLI_C
				10036	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10037	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10038	run_test "TLS 1.3 m->O: HRR x25519 -> x448" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10039	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10040	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10041	0 \
				10042	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10043	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10044	-c "NamedGroup: x25519 ( 1d )" \
				10045	-c "NamedGroup: x448 ( 1e )" \
				10046	-c "Verifying peer X.509 certificate... ok" \
				10047	-c "received HelloRetryRequest message" \
				10048	-c "selected_group ( 30 )"
				10049
				10050	requires_openssl_tls1_3
				10051	requires_config_enabled MBEDTLS_DEBUG_C
				10052	requires_config_enabled MBEDTLS_SSL_CLI_C
				10053	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10054	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10055	run_test "TLS 1.3 m->O: HRR x448 -> secp256r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10056	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10057	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10058	0 \
				10059	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10060	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10061	-c "NamedGroup: x448 ( 1e )" \
				10062	-c "NamedGroup: secp256r1 ( 17 )" \
				10063	-c "Verifying peer X.509 certificate... ok" \
				10064	-c "received HelloRetryRequest message" \
				10065	-c "selected_group ( 23 )"
				10066
				10067	requires_openssl_tls1_3
				10068	requires_config_enabled MBEDTLS_DEBUG_C
				10069	requires_config_enabled MBEDTLS_SSL_CLI_C
				10070	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10071	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10072	run_test "TLS 1.3 m->O: HRR x448 -> secp384r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10073	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10074	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10075	0 \
				10076	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10077	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10078	-c "NamedGroup: x448 ( 1e )" \
				10079	-c "NamedGroup: secp384r1 ( 18 )" \
				10080	-c "Verifying peer X.509 certificate... ok" \
				10081	-c "received HelloRetryRequest message" \
				10082	-c "selected_group ( 24 )"
				10083
				10084	requires_openssl_tls1_3
				10085	requires_config_enabled MBEDTLS_DEBUG_C
				10086	requires_config_enabled MBEDTLS_SSL_CLI_C
				10087	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10088	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10089	run_test "TLS 1.3 m->O: HRR x448 -> secp521r1" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10090	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10091	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10092	0 \
				10093	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10094	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10095	-c "NamedGroup: x448 ( 1e )" \
				10096	-c "NamedGroup: secp521r1 ( 19 )" \
				10097	-c "Verifying peer X.509 certificate... ok" \
				10098	-c "received HelloRetryRequest message" \
				10099	-c "selected_group ( 25 )"
				10100
				10101	requires_openssl_tls1_3
				10102	requires_config_enabled MBEDTLS_DEBUG_C
				10103	requires_config_enabled MBEDTLS_SSL_CLI_C
				10104	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10105	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10106	run_test "TLS 1.3 m->O: HRR x448 -> x25519" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10107	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -accept $SRV_PORT -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10108	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10109	0 \
				10110	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10111	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10112	-c "NamedGroup: x448 ( 1e )" \
				10113	-c "NamedGroup: x25519 ( 1d )" \
				10114	-c "Verifying peer X.509 certificate... ok" \
				10115	-c "received HelloRetryRequest message" \
				10116	-c "selected_group ( 29 )"
				10117
				10118	requires_gnutls_tls1_3
				10119	requires_gnutls_next_no_ticket
				10120	requires_gnutls_next_disable_tls13_compat
				10121	requires_config_enabled MBEDTLS_DEBUG_C
				10122	requires_config_enabled MBEDTLS_SSL_CLI_C
				10123	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10124	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10125	run_test "TLS 1.3 m->G: HRR secp256r1 -> secp384r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10126	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10127	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10128	0 \
				10129	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10130	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10131	-c "NamedGroup: secp256r1 ( 17 )" \
				10132	-c "NamedGroup: secp384r1 ( 18 )" \
				10133	-c "Verifying peer X.509 certificate... ok" \
				10134	-c "received HelloRetryRequest message" \
				10135	-c "selected_group ( 24 )"
				10136
				10137	requires_gnutls_tls1_3
				10138	requires_gnutls_next_no_ticket
				10139	requires_gnutls_next_disable_tls13_compat
				10140	requires_config_enabled MBEDTLS_DEBUG_C
				10141	requires_config_enabled MBEDTLS_SSL_CLI_C
				10142	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10143	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10144	run_test "TLS 1.3 m->G: HRR secp256r1 -> secp521r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10145	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10146	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10147	0 \
				10148	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10149	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10150	-c "NamedGroup: secp256r1 ( 17 )" \
				10151	-c "NamedGroup: secp521r1 ( 19 )" \
				10152	-c "Verifying peer X.509 certificate... ok" \
				10153	-c "received HelloRetryRequest message" \
				10154	-c "selected_group ( 25 )"
				10155
				10156	requires_gnutls_tls1_3
				10157	requires_gnutls_next_no_ticket
				10158	requires_gnutls_next_disable_tls13_compat
				10159	requires_config_enabled MBEDTLS_DEBUG_C
				10160	requires_config_enabled MBEDTLS_SSL_CLI_C
				10161	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10162	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10163	run_test "TLS 1.3 m->G: HRR secp256r1 -> x25519" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10164	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10165	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10166	0 \
				10167	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10168	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10169	-c "NamedGroup: secp256r1 ( 17 )" \
				10170	-c "NamedGroup: x25519 ( 1d )" \
				10171	-c "Verifying peer X.509 certificate... ok" \
				10172	-c "received HelloRetryRequest message" \
				10173	-c "selected_group ( 29 )"
				10174
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	10175	requires_gnutls_tls1_3
				10176	requires_gnutls_next_no_ticket
				10177	requires_gnutls_next_disable_tls13_compat
				10178	requires_config_enabled MBEDTLS_DEBUG_C
				10179	requires_config_enabled MBEDTLS_SSL_CLI_C
				10180	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10181	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	10182	run_test "TLS 1.3 m->G: HRR secp256r1 -> x448" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10183	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10184	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	10185	0 \
				10186	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10187	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	10188	-c "NamedGroup: secp256r1 ( 17 )" \
				10189	-c "NamedGroup: x448 ( 1e )" \
				10190	-c "Verifying peer X.509 certificate... ok" \
				10191	-c "received HelloRetryRequest message" \
				10192	-c "selected_group ( 30 )"
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10193
				10194	requires_gnutls_tls1_3
				10195	requires_gnutls_next_no_ticket
				10196	requires_gnutls_next_disable_tls13_compat
				10197	requires_config_enabled MBEDTLS_DEBUG_C
				10198	requires_config_enabled MBEDTLS_SSL_CLI_C
				10199	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10200	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10201	run_test "TLS 1.3 m->G: HRR secp384r1 -> secp256r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10202	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10203	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10204	0 \
				10205	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10206	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10207	-c "NamedGroup: secp384r1 ( 18 )" \
				10208	-c "NamedGroup: secp256r1 ( 17 )" \
				10209	-c "Verifying peer X.509 certificate... ok" \
				10210	-c "received HelloRetryRequest message" \
				10211	-c "selected_group ( 23 )"
				10212
				10213	requires_gnutls_tls1_3
				10214	requires_gnutls_next_no_ticket
				10215	requires_gnutls_next_disable_tls13_compat
				10216	requires_config_enabled MBEDTLS_DEBUG_C
				10217	requires_config_enabled MBEDTLS_SSL_CLI_C
				10218	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10219	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10220	run_test "TLS 1.3 m->G: HRR secp384r1 -> secp521r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10221	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10222	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10223	0 \
				10224	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10225	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10226	-c "NamedGroup: secp384r1 ( 18 )" \
				10227	-c "NamedGroup: secp521r1 ( 19 )" \
				10228	-c "Verifying peer X.509 certificate... ok" \
				10229	-c "received HelloRetryRequest message" \
				10230	-c "selected_group ( 25 )"
				10231
				10232	requires_gnutls_tls1_3
				10233	requires_gnutls_next_no_ticket
				10234	requires_gnutls_next_disable_tls13_compat
				10235	requires_config_enabled MBEDTLS_DEBUG_C
				10236	requires_config_enabled MBEDTLS_SSL_CLI_C
				10237	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10238	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10239	run_test "TLS 1.3 m->G: HRR secp384r1 -> x25519" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10240	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10241	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10242	0 \
				10243	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10244	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10245	-c "NamedGroup: secp384r1 ( 18 )" \
				10246	-c "NamedGroup: x25519 ( 1d )" \
				10247	-c "Verifying peer X.509 certificate... ok" \
				10248	-c "received HelloRetryRequest message" \
				10249	-c "selected_group ( 29 )"
				10250
				10251	requires_gnutls_tls1_3
				10252	requires_gnutls_next_no_ticket
				10253	requires_gnutls_next_disable_tls13_compat
				10254	requires_config_enabled MBEDTLS_DEBUG_C
				10255	requires_config_enabled MBEDTLS_SSL_CLI_C
				10256	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10257	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10258	run_test "TLS 1.3 m->G: HRR secp384r1 -> x448" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10259	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10260	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10261	0 \
				10262	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10263	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10264	-c "NamedGroup: secp384r1 ( 18 )" \
				10265	-c "NamedGroup: x448 ( 1e )" \
				10266	-c "Verifying peer X.509 certificate... ok" \
				10267	-c "received HelloRetryRequest message" \
				10268	-c "selected_group ( 30 )"
				10269
				10270	requires_gnutls_tls1_3
				10271	requires_gnutls_next_no_ticket
				10272	requires_gnutls_next_disable_tls13_compat
				10273	requires_config_enabled MBEDTLS_DEBUG_C
				10274	requires_config_enabled MBEDTLS_SSL_CLI_C
				10275	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10276	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10277	run_test "TLS 1.3 m->G: HRR secp521r1 -> secp256r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10278	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10279	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10280	0 \
				10281	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10282	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10283	-c "NamedGroup: secp521r1 ( 19 )" \
				10284	-c "NamedGroup: secp256r1 ( 17 )" \
				10285	-c "Verifying peer X.509 certificate... ok" \
				10286	-c "received HelloRetryRequest message" \
				10287	-c "selected_group ( 23 )"
				10288
				10289	requires_gnutls_tls1_3
				10290	requires_gnutls_next_no_ticket
				10291	requires_gnutls_next_disable_tls13_compat
				10292	requires_config_enabled MBEDTLS_DEBUG_C
				10293	requires_config_enabled MBEDTLS_SSL_CLI_C
				10294	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10295	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10296	run_test "TLS 1.3 m->G: HRR secp521r1 -> secp384r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10297	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10298	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10299	0 \
				10300	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10301	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10302	-c "NamedGroup: secp521r1 ( 19 )" \
				10303	-c "NamedGroup: secp384r1 ( 18 )" \
				10304	-c "Verifying peer X.509 certificate... ok" \
				10305	-c "received HelloRetryRequest message" \
				10306	-c "selected_group ( 24 )"
				10307
				10308	requires_gnutls_tls1_3
				10309	requires_gnutls_next_no_ticket
				10310	requires_gnutls_next_disable_tls13_compat
				10311	requires_config_enabled MBEDTLS_DEBUG_C
				10312	requires_config_enabled MBEDTLS_SSL_CLI_C
				10313	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10314	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10315	run_test "TLS 1.3 m->G: HRR secp521r1 -> x25519" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10316	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10317	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10318	0 \
				10319	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10320	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10321	-c "NamedGroup: secp521r1 ( 19 )" \
				10322	-c "NamedGroup: x25519 ( 1d )" \
				10323	-c "Verifying peer X.509 certificate... ok" \
				10324	-c "received HelloRetryRequest message" \
				10325	-c "selected_group ( 29 )"
				10326
				10327	requires_gnutls_tls1_3
				10328	requires_gnutls_next_no_ticket
				10329	requires_gnutls_next_disable_tls13_compat
				10330	requires_config_enabled MBEDTLS_DEBUG_C
				10331	requires_config_enabled MBEDTLS_SSL_CLI_C
				10332	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10333	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10334	run_test "TLS 1.3 m->G: HRR secp521r1 -> x448" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10335	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10336	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10337	0 \
				10338	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10339	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10340	-c "NamedGroup: secp521r1 ( 19 )" \
				10341	-c "NamedGroup: x448 ( 1e )" \
				10342	-c "Verifying peer X.509 certificate... ok" \
				10343	-c "received HelloRetryRequest message" \
				10344	-c "selected_group ( 30 )"
				10345
				10346	requires_gnutls_tls1_3
				10347	requires_gnutls_next_no_ticket
				10348	requires_gnutls_next_disable_tls13_compat
				10349	requires_config_enabled MBEDTLS_DEBUG_C
				10350	requires_config_enabled MBEDTLS_SSL_CLI_C
				10351	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10352	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10353	run_test "TLS 1.3 m->G: HRR x25519 -> secp256r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10354	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10355	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10356	0 \
				10357	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10358	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10359	-c "NamedGroup: x25519 ( 1d )" \
				10360	-c "NamedGroup: secp256r1 ( 17 )" \
				10361	-c "Verifying peer X.509 certificate... ok" \
				10362	-c "received HelloRetryRequest message" \
				10363	-c "selected_group ( 23 )"
				10364
				10365	requires_gnutls_tls1_3
				10366	requires_gnutls_next_no_ticket
				10367	requires_gnutls_next_disable_tls13_compat
				10368	requires_config_enabled MBEDTLS_DEBUG_C
				10369	requires_config_enabled MBEDTLS_SSL_CLI_C
				10370	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10371	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10372	run_test "TLS 1.3 m->G: HRR x25519 -> secp384r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10373	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10374	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10375	0 \
				10376	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10377	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10378	-c "NamedGroup: x25519 ( 1d )" \
				10379	-c "NamedGroup: secp384r1 ( 18 )" \
				10380	-c "Verifying peer X.509 certificate... ok" \
				10381	-c "received HelloRetryRequest message" \
				10382	-c "selected_group ( 24 )"
				10383
				10384	requires_gnutls_tls1_3
				10385	requires_gnutls_next_no_ticket
				10386	requires_gnutls_next_disable_tls13_compat
				10387	requires_config_enabled MBEDTLS_DEBUG_C
				10388	requires_config_enabled MBEDTLS_SSL_CLI_C
				10389	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10390	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10391	run_test "TLS 1.3 m->G: HRR x25519 -> secp521r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10392	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10393	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10394	0 \
				10395	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10396	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10397	-c "NamedGroup: x25519 ( 1d )" \
				10398	-c "NamedGroup: secp521r1 ( 19 )" \
				10399	-c "Verifying peer X.509 certificate... ok" \
				10400	-c "received HelloRetryRequest message" \
				10401	-c "selected_group ( 25 )"
				10402
				10403	requires_gnutls_tls1_3
				10404	requires_gnutls_next_no_ticket
				10405	requires_gnutls_next_disable_tls13_compat
				10406	requires_config_enabled MBEDTLS_DEBUG_C
				10407	requires_config_enabled MBEDTLS_SSL_CLI_C
				10408	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10409	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10410	run_test "TLS 1.3 m->G: HRR x25519 -> x448" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10411	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10412	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10413	0 \
				10414	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10415	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10416	-c "NamedGroup: x25519 ( 1d )" \
				10417	-c "NamedGroup: x448 ( 1e )" \
				10418	-c "Verifying peer X.509 certificate... ok" \
				10419	-c "received HelloRetryRequest message" \
				10420	-c "selected_group ( 30 )"
				10421
				10422	requires_gnutls_tls1_3
				10423	requires_gnutls_next_no_ticket
				10424	requires_gnutls_next_disable_tls13_compat
				10425	requires_config_enabled MBEDTLS_DEBUG_C
				10426	requires_config_enabled MBEDTLS_SSL_CLI_C
				10427	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10428	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10429	run_test "TLS 1.3 m->G: HRR x448 -> secp256r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10430	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10431	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10432	0 \
				10433	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10434	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10435	-c "NamedGroup: x448 ( 1e )" \
				10436	-c "NamedGroup: secp256r1 ( 17 )" \
				10437	-c "Verifying peer X.509 certificate... ok" \
				10438	-c "received HelloRetryRequest message" \
				10439	-c "selected_group ( 23 )"
				10440
				10441	requires_gnutls_tls1_3
				10442	requires_gnutls_next_no_ticket
				10443	requires_gnutls_next_disable_tls13_compat
				10444	requires_config_enabled MBEDTLS_DEBUG_C
				10445	requires_config_enabled MBEDTLS_SSL_CLI_C
				10446	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10447	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10448	run_test "TLS 1.3 m->G: HRR x448 -> secp384r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10449	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10450	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10451	0 \
				10452	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10453	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10454	-c "NamedGroup: x448 ( 1e )" \
				10455	-c "NamedGroup: secp384r1 ( 18 )" \
				10456	-c "Verifying peer X.509 certificate... ok" \
				10457	-c "received HelloRetryRequest message" \
				10458	-c "selected_group ( 24 )"
				10459
				10460	requires_gnutls_tls1_3
				10461	requires_gnutls_next_no_ticket
				10462	requires_gnutls_next_disable_tls13_compat
				10463	requires_config_enabled MBEDTLS_DEBUG_C
				10464	requires_config_enabled MBEDTLS_SSL_CLI_C
				10465	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10466	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10467	run_test "TLS 1.3 m->G: HRR x448 -> secp521r1" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10468	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10469	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10470	0 \
				10471	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10472	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10473	-c "NamedGroup: x448 ( 1e )" \
				10474	-c "NamedGroup: secp521r1 ( 19 )" \
				10475	-c "Verifying peer X.509 certificate... ok" \
				10476	-c "received HelloRetryRequest message" \
				10477	-c "selected_group ( 25 )"
				10478
				10479	requires_gnutls_tls1_3
				10480	requires_gnutls_next_no_ticket
				10481	requires_gnutls_next_disable_tls13_compat
				10482	requires_config_enabled MBEDTLS_DEBUG_C
				10483	requires_config_enabled MBEDTLS_SSL_CLI_C
				10484	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10485	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10486	run_test "TLS 1.3 m->G: HRR x448 -> x25519" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10487	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10488	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10489	0 \
				10490	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame]	10491	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	10492	-c "NamedGroup: x448 ( 1e )" \
				10493	-c "NamedGroup: x25519 ( 1d )" \
				10494	-c "Verifying peer X.509 certificate... ok" \
				10495	-c "received HelloRetryRequest message" \
				10496	-c "selected_group ( 29 )"
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10497
				10498	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10499	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10500	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10501	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10502	requires_config_enabled MBEDTLS_DEBUG_C
				10503	requires_config_enabled MBEDTLS_SSL_CLI_C
				10504	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10505	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10506	run_test "TLS 1.3 m->m: HRR secp256r1 -> secp384r1" \
				10507	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10508	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
				10509	0 \
				10510	-s "Protocol is TLSv1.3" \
				10511	-s "got named group: secp384r1(0018)" \
				10512	-s "Verifying peer X.509 certificate... ok" \
				10513	-c "Protocol is TLSv1.3" \
				10514	-c "NamedGroup: secp256r1 ( 17 )" \
				10515	-c "NamedGroup: secp384r1 ( 18 )" \
				10516	-c "Verifying peer X.509 certificate... ok" \
				10517	-c "received HelloRetryRequest message" \
				10518	-c "selected_group ( 24 )"
				10519
				10520	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10521	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10522	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10523	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10524	requires_config_enabled MBEDTLS_DEBUG_C
				10525	requires_config_enabled MBEDTLS_SSL_CLI_C
				10526	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10527	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10528	run_test "TLS 1.3 m->m: HRR secp256r1 -> secp521r1" \
				10529	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10530	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
				10531	0 \
				10532	-s "Protocol is TLSv1.3" \
				10533	-s "got named group: secp521r1(0019)" \
				10534	-s "Verifying peer X.509 certificate... ok" \
				10535	-c "Protocol is TLSv1.3" \
				10536	-c "NamedGroup: secp256r1 ( 17 )" \
				10537	-c "NamedGroup: secp521r1 ( 19 )" \
				10538	-c "Verifying peer X.509 certificate... ok" \
				10539	-c "received HelloRetryRequest message" \
				10540	-c "selected_group ( 25 )"
				10541
				10542	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10543	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10544	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10545	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10546	requires_config_enabled MBEDTLS_DEBUG_C
				10547	requires_config_enabled MBEDTLS_SSL_CLI_C
				10548	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10549	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10550	run_test "TLS 1.3 m->m: HRR secp256r1 -> x25519" \
				10551	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10552	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
				10553	0 \
				10554	-s "Protocol is TLSv1.3" \
				10555	-s "got named group: x25519(001d)" \
				10556	-s "Verifying peer X.509 certificate... ok" \
				10557	-c "Protocol is TLSv1.3" \
				10558	-c "NamedGroup: secp256r1 ( 17 )" \
				10559	-c "NamedGroup: x25519 ( 1d )" \
				10560	-c "Verifying peer X.509 certificate... ok" \
				10561	-c "received HelloRetryRequest message" \
				10562	-c "selected_group ( 29 )"
				10563
				10564	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10565	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10566	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10567	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10568	requires_config_enabled MBEDTLS_DEBUG_C
				10569	requires_config_enabled MBEDTLS_SSL_CLI_C
				10570	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10571	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10572	run_test "TLS 1.3 m->m: HRR secp256r1 -> x448" \
				10573	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10574	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
				10575	0 \
				10576	-s "Protocol is TLSv1.3" \
				10577	-s "got named group: x448(001e)" \
				10578	-s "Verifying peer X.509 certificate... ok" \
				10579	-c "Protocol is TLSv1.3" \
				10580	-c "NamedGroup: secp256r1 ( 17 )" \
				10581	-c "NamedGroup: x448 ( 1e )" \
				10582	-c "Verifying peer X.509 certificate... ok" \
				10583	-c "received HelloRetryRequest message" \
				10584	-c "selected_group ( 30 )"
				10585
				10586	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10587	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10588	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10589	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10590	requires_config_enabled MBEDTLS_DEBUG_C
				10591	requires_config_enabled MBEDTLS_SSL_CLI_C
				10592	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10593	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10594	run_test "TLS 1.3 m->m: HRR secp384r1 -> secp256r1" \
				10595	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10596	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
				10597	0 \
				10598	-s "Protocol is TLSv1.3" \
				10599	-s "got named group: secp256r1(0017)" \
				10600	-s "Verifying peer X.509 certificate... ok" \
				10601	-c "Protocol is TLSv1.3" \
				10602	-c "NamedGroup: secp384r1 ( 18 )" \
				10603	-c "NamedGroup: secp256r1 ( 17 )" \
				10604	-c "Verifying peer X.509 certificate... ok" \
				10605	-c "received HelloRetryRequest message" \
				10606	-c "selected_group ( 23 )"
				10607
				10608	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10609	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10610	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10611	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10612	requires_config_enabled MBEDTLS_DEBUG_C
				10613	requires_config_enabled MBEDTLS_SSL_CLI_C
				10614	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10615	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10616	run_test "TLS 1.3 m->m: HRR secp384r1 -> secp521r1" \
				10617	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10618	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
				10619	0 \
				10620	-s "Protocol is TLSv1.3" \
				10621	-s "got named group: secp521r1(0019)" \
				10622	-s "Verifying peer X.509 certificate... ok" \
				10623	-c "Protocol is TLSv1.3" \
				10624	-c "NamedGroup: secp384r1 ( 18 )" \
				10625	-c "NamedGroup: secp521r1 ( 19 )" \
				10626	-c "Verifying peer X.509 certificate... ok" \
				10627	-c "received HelloRetryRequest message" \
				10628	-c "selected_group ( 25 )"
				10629
				10630	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10631	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10632	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10633	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10634	requires_config_enabled MBEDTLS_DEBUG_C
				10635	requires_config_enabled MBEDTLS_SSL_CLI_C
				10636	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10637	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10638	run_test "TLS 1.3 m->m: HRR secp384r1 -> x25519" \
				10639	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10640	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
				10641	0 \
				10642	-s "Protocol is TLSv1.3" \
				10643	-s "got named group: x25519(001d)" \
				10644	-s "Verifying peer X.509 certificate... ok" \
				10645	-c "Protocol is TLSv1.3" \
				10646	-c "NamedGroup: secp384r1 ( 18 )" \
				10647	-c "NamedGroup: x25519 ( 1d )" \
				10648	-c "Verifying peer X.509 certificate... ok" \
				10649	-c "received HelloRetryRequest message" \
				10650	-c "selected_group ( 29 )"
				10651
				10652	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10653	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10654	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10655	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10656	requires_config_enabled MBEDTLS_DEBUG_C
				10657	requires_config_enabled MBEDTLS_SSL_CLI_C
				10658	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10659	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10660	run_test "TLS 1.3 m->m: HRR secp384r1 -> x448" \
				10661	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10662	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
				10663	0 \
				10664	-s "Protocol is TLSv1.3" \
				10665	-s "got named group: x448(001e)" \
				10666	-s "Verifying peer X.509 certificate... ok" \
				10667	-c "Protocol is TLSv1.3" \
				10668	-c "NamedGroup: secp384r1 ( 18 )" \
				10669	-c "NamedGroup: x448 ( 1e )" \
				10670	-c "Verifying peer X.509 certificate... ok" \
				10671	-c "received HelloRetryRequest message" \
				10672	-c "selected_group ( 30 )"
				10673
				10674	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10675	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10676	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10677	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10678	requires_config_enabled MBEDTLS_DEBUG_C
				10679	requires_config_enabled MBEDTLS_SSL_CLI_C
				10680	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10681	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10682	run_test "TLS 1.3 m->m: HRR secp521r1 -> secp256r1" \
				10683	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10684	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
				10685	0 \
				10686	-s "Protocol is TLSv1.3" \
				10687	-s "got named group: secp256r1(0017)" \
				10688	-s "Verifying peer X.509 certificate... ok" \
				10689	-c "Protocol is TLSv1.3" \
				10690	-c "NamedGroup: secp521r1 ( 19 )" \
				10691	-c "NamedGroup: secp256r1 ( 17 )" \
				10692	-c "Verifying peer X.509 certificate... ok" \
				10693	-c "received HelloRetryRequest message" \
				10694	-c "selected_group ( 23 )"
				10695
				10696	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10697	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10698	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10699	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10700	requires_config_enabled MBEDTLS_DEBUG_C
				10701	requires_config_enabled MBEDTLS_SSL_CLI_C
				10702	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10703	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10704	run_test "TLS 1.3 m->m: HRR secp521r1 -> secp384r1" \
				10705	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10706	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
				10707	0 \
				10708	-s "Protocol is TLSv1.3" \
				10709	-s "got named group: secp384r1(0018)" \
				10710	-s "Verifying peer X.509 certificate... ok" \
				10711	-c "Protocol is TLSv1.3" \
				10712	-c "NamedGroup: secp521r1 ( 19 )" \
				10713	-c "NamedGroup: secp384r1 ( 18 )" \
				10714	-c "Verifying peer X.509 certificate... ok" \
				10715	-c "received HelloRetryRequest message" \
				10716	-c "selected_group ( 24 )"
				10717
				10718	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10719	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10720	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10721	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10722	requires_config_enabled MBEDTLS_DEBUG_C
				10723	requires_config_enabled MBEDTLS_SSL_CLI_C
				10724	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10725	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10726	run_test "TLS 1.3 m->m: HRR secp521r1 -> x25519" \
				10727	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10728	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
				10729	0 \
				10730	-s "Protocol is TLSv1.3" \
				10731	-s "got named group: x25519(001d)" \
				10732	-s "Verifying peer X.509 certificate... ok" \
				10733	-c "Protocol is TLSv1.3" \
				10734	-c "NamedGroup: secp521r1 ( 19 )" \
				10735	-c "NamedGroup: x25519 ( 1d )" \
				10736	-c "Verifying peer X.509 certificate... ok" \
				10737	-c "received HelloRetryRequest message" \
				10738	-c "selected_group ( 29 )"
				10739
				10740	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10741	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10742	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10743	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10744	requires_config_enabled MBEDTLS_DEBUG_C
				10745	requires_config_enabled MBEDTLS_SSL_CLI_C
				10746	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10747	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10748	run_test "TLS 1.3 m->m: HRR secp521r1 -> x448" \
				10749	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10750	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
				10751	0 \
				10752	-s "Protocol is TLSv1.3" \
				10753	-s "got named group: x448(001e)" \
				10754	-s "Verifying peer X.509 certificate... ok" \
				10755	-c "Protocol is TLSv1.3" \
				10756	-c "NamedGroup: secp521r1 ( 19 )" \
				10757	-c "NamedGroup: x448 ( 1e )" \
				10758	-c "Verifying peer X.509 certificate... ok" \
				10759	-c "received HelloRetryRequest message" \
				10760	-c "selected_group ( 30 )"
				10761
				10762	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10763	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10764	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10765	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10766	requires_config_enabled MBEDTLS_DEBUG_C
				10767	requires_config_enabled MBEDTLS_SSL_CLI_C
				10768	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10769	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10770	run_test "TLS 1.3 m->m: HRR x25519 -> secp256r1" \
				10771	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10772	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
				10773	0 \
				10774	-s "Protocol is TLSv1.3" \
				10775	-s "got named group: secp256r1(0017)" \
				10776	-s "Verifying peer X.509 certificate... ok" \
				10777	-c "Protocol is TLSv1.3" \
				10778	-c "NamedGroup: x25519 ( 1d )" \
				10779	-c "NamedGroup: secp256r1 ( 17 )" \
				10780	-c "Verifying peer X.509 certificate... ok" \
				10781	-c "received HelloRetryRequest message" \
				10782	-c "selected_group ( 23 )"
				10783
				10784	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10785	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10786	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10787	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10788	requires_config_enabled MBEDTLS_DEBUG_C
				10789	requires_config_enabled MBEDTLS_SSL_CLI_C
				10790	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10791	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10792	run_test "TLS 1.3 m->m: HRR x25519 -> secp384r1" \
				10793	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10794	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
				10795	0 \
				10796	-s "Protocol is TLSv1.3" \
				10797	-s "got named group: secp384r1(0018)" \
				10798	-s "Verifying peer X.509 certificate... ok" \
				10799	-c "Protocol is TLSv1.3" \
				10800	-c "NamedGroup: x25519 ( 1d )" \
				10801	-c "NamedGroup: secp384r1 ( 18 )" \
				10802	-c "Verifying peer X.509 certificate... ok" \
				10803	-c "received HelloRetryRequest message" \
				10804	-c "selected_group ( 24 )"
				10805
				10806	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10807	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10808	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10809	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10810	requires_config_enabled MBEDTLS_DEBUG_C
				10811	requires_config_enabled MBEDTLS_SSL_CLI_C
				10812	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10813	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10814	run_test "TLS 1.3 m->m: HRR x25519 -> secp521r1" \
				10815	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10816	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
				10817	0 \
				10818	-s "Protocol is TLSv1.3" \
				10819	-s "got named group: secp521r1(0019)" \
				10820	-s "Verifying peer X.509 certificate... ok" \
				10821	-c "Protocol is TLSv1.3" \
				10822	-c "NamedGroup: x25519 ( 1d )" \
				10823	-c "NamedGroup: secp521r1 ( 19 )" \
				10824	-c "Verifying peer X.509 certificate... ok" \
				10825	-c "received HelloRetryRequest message" \
				10826	-c "selected_group ( 25 )"
				10827
				10828	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10829	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10830	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10831	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10832	requires_config_enabled MBEDTLS_DEBUG_C
				10833	requires_config_enabled MBEDTLS_SSL_CLI_C
				10834	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10835	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10836	run_test "TLS 1.3 m->m: HRR x25519 -> x448" \
				10837	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10838	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
				10839	0 \
				10840	-s "Protocol is TLSv1.3" \
				10841	-s "got named group: x448(001e)" \
				10842	-s "Verifying peer X.509 certificate... ok" \
				10843	-c "Protocol is TLSv1.3" \
				10844	-c "NamedGroup: x25519 ( 1d )" \
				10845	-c "NamedGroup: x448 ( 1e )" \
				10846	-c "Verifying peer X.509 certificate... ok" \
				10847	-c "received HelloRetryRequest message" \
				10848	-c "selected_group ( 30 )"
				10849
				10850	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10851	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10852	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10853	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10854	requires_config_enabled MBEDTLS_DEBUG_C
				10855	requires_config_enabled MBEDTLS_SSL_CLI_C
				10856	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10857	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10858	run_test "TLS 1.3 m->m: HRR x448 -> secp256r1" \
				10859	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10860	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
				10861	0 \
				10862	-s "Protocol is TLSv1.3" \
				10863	-s "got named group: secp256r1(0017)" \
				10864	-s "Verifying peer X.509 certificate... ok" \
				10865	-c "Protocol is TLSv1.3" \
				10866	-c "NamedGroup: x448 ( 1e )" \
				10867	-c "NamedGroup: secp256r1 ( 17 )" \
				10868	-c "Verifying peer X.509 certificate... ok" \
				10869	-c "received HelloRetryRequest message" \
				10870	-c "selected_group ( 23 )"
				10871
				10872	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10873	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10874	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10875	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10876	requires_config_enabled MBEDTLS_DEBUG_C
				10877	requires_config_enabled MBEDTLS_SSL_CLI_C
				10878	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10879	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10880	run_test "TLS 1.3 m->m: HRR x448 -> secp384r1" \
				10881	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10882	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
				10883	0 \
				10884	-s "Protocol is TLSv1.3" \
				10885	-s "got named group: secp384r1(0018)" \
				10886	-s "Verifying peer X.509 certificate... ok" \
				10887	-c "Protocol is TLSv1.3" \
				10888	-c "NamedGroup: x448 ( 1e )" \
				10889	-c "NamedGroup: secp384r1 ( 18 )" \
				10890	-c "Verifying peer X.509 certificate... ok" \
				10891	-c "received HelloRetryRequest message" \
				10892	-c "selected_group ( 24 )"
				10893
				10894	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10895	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10896	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10897	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10898	requires_config_enabled MBEDTLS_DEBUG_C
				10899	requires_config_enabled MBEDTLS_SSL_CLI_C
				10900	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10901	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10902	run_test "TLS 1.3 m->m: HRR x448 -> secp521r1" \
				10903	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10904	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
				10905	0 \
				10906	-s "Protocol is TLSv1.3" \
				10907	-s "got named group: secp521r1(0019)" \
				10908	-s "Verifying peer X.509 certificate... ok" \
				10909	-c "Protocol is TLSv1.3" \
				10910	-c "NamedGroup: x448 ( 1e )" \
				10911	-c "NamedGroup: secp521r1 ( 19 )" \
				10912	-c "Verifying peer X.509 certificate... ok" \
				10913	-c "received HelloRetryRequest message" \
				10914	-c "selected_group ( 25 )"
				10915
				10916	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10917	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10918	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10919	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10920	requires_config_enabled MBEDTLS_DEBUG_C
				10921	requires_config_enabled MBEDTLS_SSL_CLI_C
				10922	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10923	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10924	run_test "TLS 1.3 m->m: HRR x448 -> x25519" \
				10925	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10926	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
				10927	0 \
				10928	-s "Protocol is TLSv1.3" \
				10929	-s "got named group: x25519(001d)" \
				10930	-s "Verifying peer X.509 certificate... ok" \
				10931	-c "Protocol is TLSv1.3" \
				10932	-c "NamedGroup: x448 ( 1e )" \
				10933	-c "NamedGroup: x25519 ( 1d )" \
				10934	-c "Verifying peer X.509 certificate... ok" \
				10935	-c "received HelloRetryRequest message" \
				10936	-c "selected_group ( 29 )"
				10937
				10938	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10939	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10940	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10941	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10942	requires_openssl_tls1_3
				10943	run_test "TLS 1.3 O->m: Server HRR secp256r1 -> secp384r1" \
				10944	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10945	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256:P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				10946	0 \
				10947	-s "Protocol is TLSv1.3" \
				10948	-s "got named group: secp384r1(0018)" \
				10949	-s "Verifying peer X.509 certificate... ok" \
				10950	-s "HTTP/1.0 200 OK" \
				10951	-s "HRR selected_group: secp384r1"
				10952
				10953	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10954	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10955	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10956	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10957	requires_openssl_tls1_3
				10958	run_test "TLS 1.3 O->m: Server HRR secp256r1 -> secp521r1" \
				10959	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10960	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256:P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				10961	0 \
				10962	-s "Protocol is TLSv1.3" \
				10963	-s "got named group: secp521r1(0019)" \
				10964	-s "Verifying peer X.509 certificate... ok" \
				10965	-s "HTTP/1.0 200 OK" \
				10966	-s "HRR selected_group: secp521r1"
				10967
				10968	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10969	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10970	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10971	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10972	requires_openssl_tls1_3
				10973	run_test "TLS 1.3 O->m: Server HRR secp256r1 -> x25519" \
				10974	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10975	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256:X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				10976	0 \
				10977	-s "Protocol is TLSv1.3" \
				10978	-s "got named group: x25519(001d)" \
				10979	-s "Verifying peer X.509 certificate... ok" \
				10980	-s "HTTP/1.0 200 OK" \
				10981	-s "HRR selected_group: x25519"
				10982
				10983	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10984	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	10985	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				10986	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				10987	requires_openssl_tls1_3
				10988	run_test "TLS 1.3 O->m: Server HRR secp256r1 -> x448" \
				10989	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				10990	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256:X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				10991	0 \
				10992	-s "Protocol is TLSv1.3" \
				10993	-s "got named group: x448(001e)" \
				10994	-s "Verifying peer X.509 certificate... ok" \
				10995	-s "HTTP/1.0 200 OK" \
				10996	-s "HRR selected_group: x448"
				10997
				10998	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	10999	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11000	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11001	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11002	requires_openssl_tls1_3
				11003	run_test "TLS 1.3 O->m: Server HRR secp384r1 -> secp256r1" \
				11004	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11005	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384:P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11006	0 \
				11007	-s "Protocol is TLSv1.3" \
				11008	-s "got named group: secp256r1(0017)" \
				11009	-s "Verifying peer X.509 certificate... ok" \
				11010	-s "HTTP/1.0 200 OK" \
				11011	-s "HRR selected_group: secp256r1"
				11012
				11013	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11014	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11015	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11016	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11017	requires_openssl_tls1_3
				11018	run_test "TLS 1.3 O->m: Server HRR secp384r1 -> secp521r1" \
				11019	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11020	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384:P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11021	0 \
				11022	-s "Protocol is TLSv1.3" \
				11023	-s "got named group: secp521r1(0019)" \
				11024	-s "Verifying peer X.509 certificate... ok" \
				11025	-s "HTTP/1.0 200 OK" \
				11026	-s "HRR selected_group: secp521r1"
				11027
				11028	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11029	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11030	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11031	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11032	requires_openssl_tls1_3
				11033	run_test "TLS 1.3 O->m: Server HRR secp384r1 -> x25519" \
				11034	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11035	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384:X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11036	0 \
				11037	-s "Protocol is TLSv1.3" \
				11038	-s "got named group: x25519(001d)" \
				11039	-s "Verifying peer X.509 certificate... ok" \
				11040	-s "HTTP/1.0 200 OK" \
				11041	-s "HRR selected_group: x25519"
				11042
				11043	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11044	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11045	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11046	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11047	requires_openssl_tls1_3
				11048	run_test "TLS 1.3 O->m: Server HRR secp384r1 -> x448" \
				11049	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11050	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384:X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11051	0 \
				11052	-s "Protocol is TLSv1.3" \
				11053	-s "got named group: x448(001e)" \
				11054	-s "Verifying peer X.509 certificate... ok" \
				11055	-s "HTTP/1.0 200 OK" \
				11056	-s "HRR selected_group: x448"
				11057
				11058	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11059	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11060	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11061	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11062	requires_openssl_tls1_3
				11063	run_test "TLS 1.3 O->m: Server HRR secp521r1 -> secp256r1" \
				11064	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11065	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521:P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11066	0 \
				11067	-s "Protocol is TLSv1.3" \
				11068	-s "got named group: secp256r1(0017)" \
				11069	-s "Verifying peer X.509 certificate... ok" \
				11070	-s "HTTP/1.0 200 OK" \
				11071	-s "HRR selected_group: secp256r1"
				11072
				11073	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11074	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11075	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11076	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11077	requires_openssl_tls1_3
				11078	run_test "TLS 1.3 O->m: Server HRR secp521r1 -> secp384r1" \
				11079	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11080	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521:P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11081	0 \
				11082	-s "Protocol is TLSv1.3" \
				11083	-s "got named group: secp384r1(0018)" \
				11084	-s "Verifying peer X.509 certificate... ok" \
				11085	-s "HTTP/1.0 200 OK" \
				11086	-s "HRR selected_group: secp384r1"
				11087
				11088	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11089	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11090	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11091	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11092	requires_openssl_tls1_3
				11093	run_test "TLS 1.3 O->m: Server HRR secp521r1 -> x25519" \
				11094	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11095	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521:X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11096	0 \
				11097	-s "Protocol is TLSv1.3" \
				11098	-s "got named group: x25519(001d)" \
				11099	-s "Verifying peer X.509 certificate... ok" \
				11100	-s "HTTP/1.0 200 OK" \
				11101	-s "HRR selected_group: x25519"
				11102
				11103	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11104	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11105	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11106	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11107	requires_openssl_tls1_3
				11108	run_test "TLS 1.3 O->m: Server HRR secp521r1 -> x448" \
				11109	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11110	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521:X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11111	0 \
				11112	-s "Protocol is TLSv1.3" \
				11113	-s "got named group: x448(001e)" \
				11114	-s "Verifying peer X.509 certificate... ok" \
				11115	-s "HTTP/1.0 200 OK" \
				11116	-s "HRR selected_group: x448"
				11117
				11118	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11119	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11120	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11121	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11122	requires_openssl_tls1_3
				11123	run_test "TLS 1.3 O->m: Server HRR x25519 -> secp256r1" \
				11124	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11125	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519:P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11126	0 \
				11127	-s "Protocol is TLSv1.3" \
				11128	-s "got named group: secp256r1(0017)" \
				11129	-s "Verifying peer X.509 certificate... ok" \
				11130	-s "HTTP/1.0 200 OK" \
				11131	-s "HRR selected_group: secp256r1"
				11132
				11133	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11134	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11135	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11136	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11137	requires_openssl_tls1_3
				11138	run_test "TLS 1.3 O->m: Server HRR x25519 -> secp384r1" \
				11139	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11140	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519:P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11141	0 \
				11142	-s "Protocol is TLSv1.3" \
				11143	-s "got named group: secp384r1(0018)" \
				11144	-s "Verifying peer X.509 certificate... ok" \
				11145	-s "HTTP/1.0 200 OK" \
				11146	-s "HRR selected_group: secp384r1"
				11147
				11148	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11149	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11150	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11151	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11152	requires_openssl_tls1_3
				11153	run_test "TLS 1.3 O->m: Server HRR x25519 -> secp521r1" \
				11154	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11155	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519:P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11156	0 \
				11157	-s "Protocol is TLSv1.3" \
				11158	-s "got named group: secp521r1(0019)" \
				11159	-s "Verifying peer X.509 certificate... ok" \
				11160	-s "HTTP/1.0 200 OK" \
				11161	-s "HRR selected_group: secp521r1"
				11162
				11163	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11164	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11165	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11166	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11167	requires_openssl_tls1_3
				11168	run_test "TLS 1.3 O->m: Server HRR x25519 -> x448" \
				11169	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11170	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519:X448 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11171	0 \
				11172	-s "Protocol is TLSv1.3" \
				11173	-s "got named group: x448(001e)" \
				11174	-s "Verifying peer X.509 certificate... ok" \
				11175	-s "HTTP/1.0 200 OK" \
				11176	-s "HRR selected_group: x448"
				11177
				11178	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11179	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11180	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11181	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11182	requires_openssl_tls1_3
				11183	run_test "TLS 1.3 O->m: Server HRR x448 -> secp256r1" \
				11184	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11185	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448:P-256 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11186	0 \
				11187	-s "Protocol is TLSv1.3" \
				11188	-s "got named group: secp256r1(0017)" \
				11189	-s "Verifying peer X.509 certificate... ok" \
				11190	-s "HTTP/1.0 200 OK" \
				11191	-s "HRR selected_group: secp256r1"
				11192
				11193	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11194	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11195	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11196	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11197	requires_openssl_tls1_3
				11198	run_test "TLS 1.3 O->m: Server HRR x448 -> secp384r1" \
				11199	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11200	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448:P-384 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11201	0 \
				11202	-s "Protocol is TLSv1.3" \
				11203	-s "got named group: secp384r1(0018)" \
				11204	-s "Verifying peer X.509 certificate... ok" \
				11205	-s "HTTP/1.0 200 OK" \
				11206	-s "HRR selected_group: secp384r1"
				11207
				11208	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11209	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11210	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11211	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11212	requires_openssl_tls1_3
				11213	run_test "TLS 1.3 O->m: Server HRR x448 -> secp521r1" \
				11214	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11215	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448:P-521 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11216	0 \
				11217	-s "Protocol is TLSv1.3" \
				11218	-s "got named group: secp521r1(0019)" \
				11219	-s "Verifying peer X.509 certificate... ok" \
				11220	-s "HTTP/1.0 200 OK" \
				11221	-s "HRR selected_group: secp521r1"
				11222
				11223	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11224	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11225	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11226	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11227	requires_openssl_tls1_3
				11228	run_test "TLS 1.3 O->m: Server HRR x448 -> x25519" \
				11229	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11230	"$O_NEXT_CLI_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448:X25519 -msg -tls1_3 -CAfile data_files/test-ca2.crt" \
				11231	0 \
				11232	-s "Protocol is TLSv1.3" \
				11233	-s "got named group: x25519(001d)" \
				11234	-s "Verifying peer X.509 certificate... ok" \
				11235	-s "HTTP/1.0 200 OK" \
				11236	-s "HRR selected_group: x25519"
				11237
				11238	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11239	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11240	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11241	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11242	requires_gnutls_tls1_3
				11243	requires_gnutls_next_no_ticket
				11244	requires_gnutls_next_disable_tls13_compat
				11245	run_test "TLS 1.3 G->m: Server HRR secp256r1 -> secp384r1" \
				11246	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11247	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11248	0 \
				11249	-s "Protocol is TLSv1.3" \
				11250	-s "got named group: secp384r1(0018)" \
				11251	-s "Verifying peer X.509 certificate... ok" \
				11252	-c "HTTP/1.0 200 OK" \
				11253	-s "HRR selected_group: secp384r1"
				11254
				11255	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11256	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11257	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11258	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11259	requires_gnutls_tls1_3
				11260	requires_gnutls_next_no_ticket
				11261	requires_gnutls_next_disable_tls13_compat
				11262	run_test "TLS 1.3 G->m: Server HRR secp256r1 -> secp521r1" \
				11263	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11264	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11265	0 \
				11266	-s "Protocol is TLSv1.3" \
				11267	-s "got named group: secp521r1(0019)" \
				11268	-s "Verifying peer X.509 certificate... ok" \
				11269	-c "HTTP/1.0 200 OK" \
				11270	-s "HRR selected_group: secp521r1"
				11271
				11272	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11273	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11274	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11275	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11276	requires_gnutls_tls1_3
				11277	requires_gnutls_next_no_ticket
				11278	requires_gnutls_next_disable_tls13_compat
				11279	run_test "TLS 1.3 G->m: Server HRR secp256r1 -> x25519" \
				11280	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11281	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11282	0 \
				11283	-s "Protocol is TLSv1.3" \
				11284	-s "got named group: x25519(001d)" \
				11285	-s "Verifying peer X.509 certificate... ok" \
				11286	-c "HTTP/1.0 200 OK" \
				11287	-s "HRR selected_group: x25519"
				11288
				11289	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11290	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11291	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11292	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11293	requires_gnutls_tls1_3
				11294	requires_gnutls_next_no_ticket
				11295	requires_gnutls_next_disable_tls13_compat
				11296	run_test "TLS 1.3 G->m: Server HRR secp256r1 -> x448" \
				11297	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11298	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11299	0 \
				11300	-s "Protocol is TLSv1.3" \
				11301	-s "got named group: x448(001e)" \
				11302	-s "Verifying peer X.509 certificate... ok" \
				11303	-c "HTTP/1.0 200 OK" \
				11304	-s "HRR selected_group: x448"
				11305
				11306	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11307	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11308	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11309	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11310	requires_gnutls_tls1_3
				11311	requires_gnutls_next_no_ticket
				11312	requires_gnutls_next_disable_tls13_compat
				11313	run_test "TLS 1.3 G->m: Server HRR secp384r1 -> secp256r1" \
				11314	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11315	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11316	0 \
				11317	-s "Protocol is TLSv1.3" \
				11318	-s "got named group: secp256r1(0017)" \
				11319	-s "Verifying peer X.509 certificate... ok" \
				11320	-c "HTTP/1.0 200 OK" \
				11321	-s "HRR selected_group: secp256r1"
				11322
				11323	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11324	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11325	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11326	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11327	requires_gnutls_tls1_3
				11328	requires_gnutls_next_no_ticket
				11329	requires_gnutls_next_disable_tls13_compat
				11330	run_test "TLS 1.3 G->m: Server HRR secp384r1 -> secp521r1" \
				11331	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11332	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11333	0 \
				11334	-s "Protocol is TLSv1.3" \
				11335	-s "got named group: secp521r1(0019)" \
				11336	-s "Verifying peer X.509 certificate... ok" \
				11337	-c "HTTP/1.0 200 OK" \
				11338	-s "HRR selected_group: secp521r1"
				11339
				11340	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11341	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11342	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11343	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11344	requires_gnutls_tls1_3
				11345	requires_gnutls_next_no_ticket
				11346	requires_gnutls_next_disable_tls13_compat
				11347	run_test "TLS 1.3 G->m: Server HRR secp384r1 -> x25519" \
				11348	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11349	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11350	0 \
				11351	-s "Protocol is TLSv1.3" \
				11352	-s "got named group: x25519(001d)" \
				11353	-s "Verifying peer X.509 certificate... ok" \
				11354	-c "HTTP/1.0 200 OK" \
				11355	-s "HRR selected_group: x25519"
				11356
				11357	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11358	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11359	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11360	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11361	requires_gnutls_tls1_3
				11362	requires_gnutls_next_no_ticket
				11363	requires_gnutls_next_disable_tls13_compat
				11364	run_test "TLS 1.3 G->m: Server HRR secp384r1 -> x448" \
				11365	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11366	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11367	0 \
				11368	-s "Protocol is TLSv1.3" \
				11369	-s "got named group: x448(001e)" \
				11370	-s "Verifying peer X.509 certificate... ok" \
				11371	-c "HTTP/1.0 200 OK" \
				11372	-s "HRR selected_group: x448"
				11373
				11374	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11375	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11376	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11377	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11378	requires_gnutls_tls1_3
				11379	requires_gnutls_next_no_ticket
				11380	requires_gnutls_next_disable_tls13_compat
				11381	run_test "TLS 1.3 G->m: Server HRR secp521r1 -> secp256r1" \
				11382	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11383	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11384	0 \
				11385	-s "Protocol is TLSv1.3" \
				11386	-s "got named group: secp256r1(0017)" \
				11387	-s "Verifying peer X.509 certificate... ok" \
				11388	-c "HTTP/1.0 200 OK" \
				11389	-s "HRR selected_group: secp256r1"
				11390
				11391	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11392	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11393	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11394	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11395	requires_gnutls_tls1_3
				11396	requires_gnutls_next_no_ticket
				11397	requires_gnutls_next_disable_tls13_compat
				11398	run_test "TLS 1.3 G->m: Server HRR secp521r1 -> secp384r1" \
				11399	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11400	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11401	0 \
				11402	-s "Protocol is TLSv1.3" \
				11403	-s "got named group: secp384r1(0018)" \
				11404	-s "Verifying peer X.509 certificate... ok" \
				11405	-c "HTTP/1.0 200 OK" \
				11406	-s "HRR selected_group: secp384r1"
				11407
				11408	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11409	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11410	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11411	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11412	requires_gnutls_tls1_3
				11413	requires_gnutls_next_no_ticket
				11414	requires_gnutls_next_disable_tls13_compat
				11415	run_test "TLS 1.3 G->m: Server HRR secp521r1 -> x25519" \
				11416	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11417	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11418	0 \
				11419	-s "Protocol is TLSv1.3" \
				11420	-s "got named group: x25519(001d)" \
				11421	-s "Verifying peer X.509 certificate... ok" \
				11422	-c "HTTP/1.0 200 OK" \
				11423	-s "HRR selected_group: x25519"
				11424
				11425	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11426	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11427	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11428	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11429	requires_gnutls_tls1_3
				11430	requires_gnutls_next_no_ticket
				11431	requires_gnutls_next_disable_tls13_compat
				11432	run_test "TLS 1.3 G->m: Server HRR secp521r1 -> x448" \
				11433	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11434	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11435	0 \
				11436	-s "Protocol is TLSv1.3" \
				11437	-s "got named group: x448(001e)" \
				11438	-s "Verifying peer X.509 certificate... ok" \
				11439	-c "HTTP/1.0 200 OK" \
				11440	-s "HRR selected_group: x448"
				11441
				11442	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11443	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11444	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11445	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11446	requires_gnutls_tls1_3
				11447	requires_gnutls_next_no_ticket
				11448	requires_gnutls_next_disable_tls13_compat
				11449	run_test "TLS 1.3 G->m: Server HRR x25519 -> secp256r1" \
				11450	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11451	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11452	0 \
				11453	-s "Protocol is TLSv1.3" \
				11454	-s "got named group: secp256r1(0017)" \
				11455	-s "Verifying peer X.509 certificate... ok" \
				11456	-c "HTTP/1.0 200 OK" \
				11457	-s "HRR selected_group: secp256r1"
				11458
				11459	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11460	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11461	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11462	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11463	requires_gnutls_tls1_3
				11464	requires_gnutls_next_no_ticket
				11465	requires_gnutls_next_disable_tls13_compat
				11466	run_test "TLS 1.3 G->m: Server HRR x25519 -> secp384r1" \
				11467	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11468	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11469	0 \
				11470	-s "Protocol is TLSv1.3" \
				11471	-s "got named group: secp384r1(0018)" \
				11472	-s "Verifying peer X.509 certificate... ok" \
				11473	-c "HTTP/1.0 200 OK" \
				11474	-s "HRR selected_group: secp384r1"
				11475
				11476	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11477	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11478	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11479	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11480	requires_gnutls_tls1_3
				11481	requires_gnutls_next_no_ticket
				11482	requires_gnutls_next_disable_tls13_compat
				11483	run_test "TLS 1.3 G->m: Server HRR x25519 -> secp521r1" \
				11484	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11485	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11486	0 \
				11487	-s "Protocol is TLSv1.3" \
				11488	-s "got named group: secp521r1(0019)" \
				11489	-s "Verifying peer X.509 certificate... ok" \
				11490	-c "HTTP/1.0 200 OK" \
				11491	-s "HRR selected_group: secp521r1"
				11492
				11493	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11494	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11495	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11496	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11497	requires_gnutls_tls1_3
				11498	requires_gnutls_next_no_ticket
				11499	requires_gnutls_next_disable_tls13_compat
				11500	run_test "TLS 1.3 G->m: Server HRR x25519 -> x448" \
				11501	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11502	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11503	0 \
				11504	-s "Protocol is TLSv1.3" \
				11505	-s "got named group: x448(001e)" \
				11506	-s "Verifying peer X.509 certificate... ok" \
				11507	-c "HTTP/1.0 200 OK" \
				11508	-s "HRR selected_group: x448"
				11509
				11510	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11511	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11512	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11513	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11514	requires_gnutls_tls1_3
				11515	requires_gnutls_next_no_ticket
				11516	requires_gnutls_next_disable_tls13_compat
				11517	run_test "TLS 1.3 G->m: Server HRR x448 -> secp256r1" \
				11518	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11519	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11520	0 \
				11521	-s "Protocol is TLSv1.3" \
				11522	-s "got named group: secp256r1(0017)" \
				11523	-s "Verifying peer X.509 certificate... ok" \
				11524	-c "HTTP/1.0 200 OK" \
				11525	-s "HRR selected_group: secp256r1"
				11526
				11527	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11528	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11529	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11530	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11531	requires_gnutls_tls1_3
				11532	requires_gnutls_next_no_ticket
				11533	requires_gnutls_next_disable_tls13_compat
				11534	run_test "TLS 1.3 G->m: Server HRR x448 -> secp384r1" \
				11535	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11536	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11537	0 \
				11538	-s "Protocol is TLSv1.3" \
				11539	-s "got named group: secp384r1(0018)" \
				11540	-s "Verifying peer X.509 certificate... ok" \
				11541	-c "HTTP/1.0 200 OK" \
				11542	-s "HRR selected_group: secp384r1"
				11543
				11544	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11545	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11546	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11547	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11548	requires_gnutls_tls1_3
				11549	requires_gnutls_next_no_ticket
				11550	requires_gnutls_next_disable_tls13_compat
				11551	run_test "TLS 1.3 G->m: Server HRR x448 -> secp521r1" \
				11552	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11553	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11554	0 \
				11555	-s "Protocol is TLSv1.3" \
				11556	-s "got named group: secp521r1(0019)" \
				11557	-s "Verifying peer X.509 certificate... ok" \
				11558	-c "HTTP/1.0 200 OK" \
				11559	-s "HRR selected_group: secp521r1"
				11560
				11561	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11562	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11563	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11564	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11565	requires_gnutls_tls1_3
				11566	requires_gnutls_next_no_ticket
				11567	requires_gnutls_next_disable_tls13_compat
				11568	run_test "TLS 1.3 G->m: Server HRR x448 -> x25519" \
				11569	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11570	"$G_NEXT_CLI_NO_CERT --debug=4 localhost -p $SRV_PORT --single-key-share --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS --x509cafile data_files/test-ca2.crt" \
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11571	0 \
				11572	-s "Protocol is TLSv1.3" \
				11573	-s "got named group: x25519(001d)" \
				11574	-s "Verifying peer X.509 certificate... ok" \
				11575	-c "HTTP/1.0 200 OK" \
				11576	-s "HRR selected_group: x25519"
				11577
				11578	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11579	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11580	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11581	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11582	requires_config_enabled MBEDTLS_DEBUG_C
				11583	requires_config_enabled MBEDTLS_SSL_CLI_C
				11584	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11585	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11586	run_test "TLS 1.3 m->m: Server HRR secp256r1 -> secp384r1" \
				11587	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11588	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
				11589	0 \
				11590	-s "Protocol is TLSv1.3" \
				11591	-s "got named group: secp384r1(0018)" \
				11592	-s "Verifying peer X.509 certificate... ok" \
				11593	-c "Protocol is TLSv1.3" \
				11594	-c "NamedGroup: secp256r1 ( 17 )" \
				11595	-c "NamedGroup: secp384r1 ( 18 )" \
				11596	-c "Verifying peer X.509 certificate... ok" \
				11597	-s "HRR selected_group: secp384r1"
				11598
				11599	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11600	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11601	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11602	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11603	requires_config_enabled MBEDTLS_DEBUG_C
				11604	requires_config_enabled MBEDTLS_SSL_CLI_C
				11605	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11606	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11607	run_test "TLS 1.3 m->m: Server HRR secp256r1 -> secp521r1" \
				11608	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11609	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
				11610	0 \
				11611	-s "Protocol is TLSv1.3" \
				11612	-s "got named group: secp521r1(0019)" \
				11613	-s "Verifying peer X.509 certificate... ok" \
				11614	-c "Protocol is TLSv1.3" \
				11615	-c "NamedGroup: secp256r1 ( 17 )" \
				11616	-c "NamedGroup: secp521r1 ( 19 )" \
				11617	-c "Verifying peer X.509 certificate... ok" \
				11618	-s "HRR selected_group: secp521r1"
				11619
				11620	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11621	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11622	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11623	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11624	requires_config_enabled MBEDTLS_DEBUG_C
				11625	requires_config_enabled MBEDTLS_SSL_CLI_C
				11626	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11627	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11628	run_test "TLS 1.3 m->m: Server HRR secp256r1 -> x25519" \
				11629	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11630	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
				11631	0 \
				11632	-s "Protocol is TLSv1.3" \
				11633	-s "got named group: x25519(001d)" \
				11634	-s "Verifying peer X.509 certificate... ok" \
				11635	-c "Protocol is TLSv1.3" \
				11636	-c "NamedGroup: secp256r1 ( 17 )" \
				11637	-c "NamedGroup: x25519 ( 1d )" \
				11638	-c "Verifying peer X.509 certificate... ok" \
				11639	-s "HRR selected_group: x25519"
				11640
				11641	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11642	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11643	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11644	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11645	requires_config_enabled MBEDTLS_DEBUG_C
				11646	requires_config_enabled MBEDTLS_SSL_CLI_C
				11647	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11648	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11649	run_test "TLS 1.3 m->m: Server HRR secp256r1 -> x448" \
				11650	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11651	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
				11652	0 \
				11653	-s "Protocol is TLSv1.3" \
				11654	-s "got named group: x448(001e)" \
				11655	-s "Verifying peer X.509 certificate... ok" \
				11656	-c "Protocol is TLSv1.3" \
				11657	-c "NamedGroup: secp256r1 ( 17 )" \
				11658	-c "NamedGroup: x448 ( 1e )" \
				11659	-c "Verifying peer X.509 certificate... ok" \
				11660	-s "HRR selected_group: x448"
				11661
				11662	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11663	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11664	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11665	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11666	requires_config_enabled MBEDTLS_DEBUG_C
				11667	requires_config_enabled MBEDTLS_SSL_CLI_C
				11668	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11669	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11670	run_test "TLS 1.3 m->m: Server HRR secp384r1 -> secp256r1" \
				11671	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11672	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
				11673	0 \
				11674	-s "Protocol is TLSv1.3" \
				11675	-s "got named group: secp256r1(0017)" \
				11676	-s "Verifying peer X.509 certificate... ok" \
				11677	-c "Protocol is TLSv1.3" \
				11678	-c "NamedGroup: secp384r1 ( 18 )" \
				11679	-c "NamedGroup: secp256r1 ( 17 )" \
				11680	-c "Verifying peer X.509 certificate... ok" \
				11681	-s "HRR selected_group: secp256r1"
				11682
				11683	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11684	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11685	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11686	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11687	requires_config_enabled MBEDTLS_DEBUG_C
				11688	requires_config_enabled MBEDTLS_SSL_CLI_C
				11689	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11690	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11691	run_test "TLS 1.3 m->m: Server HRR secp384r1 -> secp521r1" \
				11692	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11693	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
				11694	0 \
				11695	-s "Protocol is TLSv1.3" \
				11696	-s "got named group: secp521r1(0019)" \
				11697	-s "Verifying peer X.509 certificate... ok" \
				11698	-c "Protocol is TLSv1.3" \
				11699	-c "NamedGroup: secp384r1 ( 18 )" \
				11700	-c "NamedGroup: secp521r1 ( 19 )" \
				11701	-c "Verifying peer X.509 certificate... ok" \
				11702	-s "HRR selected_group: secp521r1"
				11703
				11704	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11705	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11706	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11707	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11708	requires_config_enabled MBEDTLS_DEBUG_C
				11709	requires_config_enabled MBEDTLS_SSL_CLI_C
				11710	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11711	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11712	run_test "TLS 1.3 m->m: Server HRR secp384r1 -> x25519" \
				11713	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11714	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
				11715	0 \
				11716	-s "Protocol is TLSv1.3" \
				11717	-s "got named group: x25519(001d)" \
				11718	-s "Verifying peer X.509 certificate... ok" \
				11719	-c "Protocol is TLSv1.3" \
				11720	-c "NamedGroup: secp384r1 ( 18 )" \
				11721	-c "NamedGroup: x25519 ( 1d )" \
				11722	-c "Verifying peer X.509 certificate... ok" \
				11723	-s "HRR selected_group: x25519"
				11724
				11725	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11726	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11727	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11728	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11729	requires_config_enabled MBEDTLS_DEBUG_C
				11730	requires_config_enabled MBEDTLS_SSL_CLI_C
				11731	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11732	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11733	run_test "TLS 1.3 m->m: Server HRR secp384r1 -> x448" \
				11734	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11735	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
				11736	0 \
				11737	-s "Protocol is TLSv1.3" \
				11738	-s "got named group: x448(001e)" \
				11739	-s "Verifying peer X.509 certificate... ok" \
				11740	-c "Protocol is TLSv1.3" \
				11741	-c "NamedGroup: secp384r1 ( 18 )" \
				11742	-c "NamedGroup: x448 ( 1e )" \
				11743	-c "Verifying peer X.509 certificate... ok" \
				11744	-s "HRR selected_group: x448"
				11745
				11746	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11747	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11748	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11749	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11750	requires_config_enabled MBEDTLS_DEBUG_C
				11751	requires_config_enabled MBEDTLS_SSL_CLI_C
				11752	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11753	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11754	run_test "TLS 1.3 m->m: Server HRR secp521r1 -> secp256r1" \
				11755	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11756	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
				11757	0 \
				11758	-s "Protocol is TLSv1.3" \
				11759	-s "got named group: secp256r1(0017)" \
				11760	-s "Verifying peer X.509 certificate... ok" \
				11761	-c "Protocol is TLSv1.3" \
				11762	-c "NamedGroup: secp521r1 ( 19 )" \
				11763	-c "NamedGroup: secp256r1 ( 17 )" \
				11764	-c "Verifying peer X.509 certificate... ok" \
				11765	-s "HRR selected_group: secp256r1"
				11766
				11767	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11768	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11769	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11770	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11771	requires_config_enabled MBEDTLS_DEBUG_C
				11772	requires_config_enabled MBEDTLS_SSL_CLI_C
				11773	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11774	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11775	run_test "TLS 1.3 m->m: Server HRR secp521r1 -> secp384r1" \
				11776	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11777	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
				11778	0 \
				11779	-s "Protocol is TLSv1.3" \
				11780	-s "got named group: secp384r1(0018)" \
				11781	-s "Verifying peer X.509 certificate... ok" \
				11782	-c "Protocol is TLSv1.3" \
				11783	-c "NamedGroup: secp521r1 ( 19 )" \
				11784	-c "NamedGroup: secp384r1 ( 18 )" \
				11785	-c "Verifying peer X.509 certificate... ok" \
				11786	-s "HRR selected_group: secp384r1"
				11787
				11788	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11789	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11790	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11791	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11792	requires_config_enabled MBEDTLS_DEBUG_C
				11793	requires_config_enabled MBEDTLS_SSL_CLI_C
				11794	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11795	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11796	run_test "TLS 1.3 m->m: Server HRR secp521r1 -> x25519" \
				11797	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11798	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
				11799	0 \
				11800	-s "Protocol is TLSv1.3" \
				11801	-s "got named group: x25519(001d)" \
				11802	-s "Verifying peer X.509 certificate... ok" \
				11803	-c "Protocol is TLSv1.3" \
				11804	-c "NamedGroup: secp521r1 ( 19 )" \
				11805	-c "NamedGroup: x25519 ( 1d )" \
				11806	-c "Verifying peer X.509 certificate... ok" \
				11807	-s "HRR selected_group: x25519"
				11808
				11809	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11810	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11811	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11812	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11813	requires_config_enabled MBEDTLS_DEBUG_C
				11814	requires_config_enabled MBEDTLS_SSL_CLI_C
				11815	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11816	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11817	run_test "TLS 1.3 m->m: Server HRR secp521r1 -> x448" \
				11818	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11819	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
				11820	0 \
				11821	-s "Protocol is TLSv1.3" \
				11822	-s "got named group: x448(001e)" \
				11823	-s "Verifying peer X.509 certificate... ok" \
				11824	-c "Protocol is TLSv1.3" \
				11825	-c "NamedGroup: secp521r1 ( 19 )" \
				11826	-c "NamedGroup: x448 ( 1e )" \
				11827	-c "Verifying peer X.509 certificate... ok" \
				11828	-s "HRR selected_group: x448"
				11829
				11830	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11831	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11832	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11833	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11834	requires_config_enabled MBEDTLS_DEBUG_C
				11835	requires_config_enabled MBEDTLS_SSL_CLI_C
				11836	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11837	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11838	run_test "TLS 1.3 m->m: Server HRR x25519 -> secp256r1" \
				11839	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11840	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
				11841	0 \
				11842	-s "Protocol is TLSv1.3" \
				11843	-s "got named group: secp256r1(0017)" \
				11844	-s "Verifying peer X.509 certificate... ok" \
				11845	-c "Protocol is TLSv1.3" \
				11846	-c "NamedGroup: x25519 ( 1d )" \
				11847	-c "NamedGroup: secp256r1 ( 17 )" \
				11848	-c "Verifying peer X.509 certificate... ok" \
				11849	-s "HRR selected_group: secp256r1"
				11850
				11851	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11852	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11853	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11854	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11855	requires_config_enabled MBEDTLS_DEBUG_C
				11856	requires_config_enabled MBEDTLS_SSL_CLI_C
				11857	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11858	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11859	run_test "TLS 1.3 m->m: Server HRR x25519 -> secp384r1" \
				11860	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11861	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
				11862	0 \
				11863	-s "Protocol is TLSv1.3" \
				11864	-s "got named group: secp384r1(0018)" \
				11865	-s "Verifying peer X.509 certificate... ok" \
				11866	-c "Protocol is TLSv1.3" \
				11867	-c "NamedGroup: x25519 ( 1d )" \
				11868	-c "NamedGroup: secp384r1 ( 18 )" \
				11869	-c "Verifying peer X.509 certificate... ok" \
				11870	-s "HRR selected_group: secp384r1"
				11871
				11872	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11873	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11874	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11875	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11876	requires_config_enabled MBEDTLS_DEBUG_C
				11877	requires_config_enabled MBEDTLS_SSL_CLI_C
				11878	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11879	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11880	run_test "TLS 1.3 m->m: Server HRR x25519 -> secp521r1" \
				11881	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11882	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
				11883	0 \
				11884	-s "Protocol is TLSv1.3" \
				11885	-s "got named group: secp521r1(0019)" \
				11886	-s "Verifying peer X.509 certificate... ok" \
				11887	-c "Protocol is TLSv1.3" \
				11888	-c "NamedGroup: x25519 ( 1d )" \
				11889	-c "NamedGroup: secp521r1 ( 19 )" \
				11890	-c "Verifying peer X.509 certificate... ok" \
				11891	-s "HRR selected_group: secp521r1"
				11892
				11893	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11894	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11895	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11896	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11897	requires_config_enabled MBEDTLS_DEBUG_C
				11898	requires_config_enabled MBEDTLS_SSL_CLI_C
				11899	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11900	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11901	run_test "TLS 1.3 m->m: Server HRR x25519 -> x448" \
				11902	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11903	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
				11904	0 \
				11905	-s "Protocol is TLSv1.3" \
				11906	-s "got named group: x448(001e)" \
				11907	-s "Verifying peer X.509 certificate... ok" \
				11908	-c "Protocol is TLSv1.3" \
				11909	-c "NamedGroup: x25519 ( 1d )" \
				11910	-c "NamedGroup: x448 ( 1e )" \
				11911	-c "Verifying peer X.509 certificate... ok" \
				11912	-s "HRR selected_group: x448"
				11913
				11914	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11915	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11916	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11917	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11918	requires_config_enabled MBEDTLS_DEBUG_C
				11919	requires_config_enabled MBEDTLS_SSL_CLI_C
				11920	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11921	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11922	run_test "TLS 1.3 m->m: Server HRR x448 -> secp256r1" \
				11923	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11924	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
				11925	0 \
				11926	-s "Protocol is TLSv1.3" \
				11927	-s "got named group: secp256r1(0017)" \
				11928	-s "Verifying peer X.509 certificate... ok" \
				11929	-c "Protocol is TLSv1.3" \
				11930	-c "NamedGroup: x448 ( 1e )" \
				11931	-c "NamedGroup: secp256r1 ( 17 )" \
				11932	-c "Verifying peer X.509 certificate... ok" \
				11933	-s "HRR selected_group: secp256r1"
				11934
				11935	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11936	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11937	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11938	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11939	requires_config_enabled MBEDTLS_DEBUG_C
				11940	requires_config_enabled MBEDTLS_SSL_CLI_C
				11941	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11942	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11943	run_test "TLS 1.3 m->m: Server HRR x448 -> secp384r1" \
				11944	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11945	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
				11946	0 \
				11947	-s "Protocol is TLSv1.3" \
				11948	-s "got named group: secp384r1(0018)" \
				11949	-s "Verifying peer X.509 certificate... ok" \
				11950	-c "Protocol is TLSv1.3" \
				11951	-c "NamedGroup: x448 ( 1e )" \
				11952	-c "NamedGroup: secp384r1 ( 18 )" \
				11953	-c "Verifying peer X.509 certificate... ok" \
				11954	-s "HRR selected_group: secp384r1"
				11955
				11956	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11957	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11958	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11959	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11960	requires_config_enabled MBEDTLS_DEBUG_C
				11961	requires_config_enabled MBEDTLS_SSL_CLI_C
				11962	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11963	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11964	run_test "TLS 1.3 m->m: Server HRR x448 -> secp521r1" \
				11965	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11966	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
				11967	0 \
				11968	-s "Protocol is TLSv1.3" \
				11969	-s "got named group: secp521r1(0019)" \
				11970	-s "Verifying peer X.509 certificate... ok" \
				11971	-c "Protocol is TLSv1.3" \
				11972	-c "NamedGroup: x448 ( 1e )" \
				11973	-c "NamedGroup: secp521r1 ( 19 )" \
				11974	-c "Verifying peer X.509 certificate... ok" \
				11975	-s "HRR selected_group: secp521r1"
				11976
				11977	requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian	fb1a3fe	2022-06-09 06:37:33 +0000	[diff] [blame^]	11978	requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQian	b1847a2	2022-06-08 07:49:31 +0000	[diff] [blame]	11979	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11980	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11981	requires_config_enabled MBEDTLS_DEBUG_C
				11982	requires_config_enabled MBEDTLS_SSL_CLI_C
				11983	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				11984	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				11985	run_test "TLS 1.3 m->m: Server HRR x448 -> x25519" \
				11986	"$P_SRV_NO_CERT server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key tls13_kex_modes=ephemeral cookies=0 tickets=0" \
				11987	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
				11988	0 \
				11989	-s "Protocol is TLSv1.3" \
				11990	-s "got named group: x25519(001d)" \
				11991	-s "Verifying peer X.509 certificate... ok" \
				11992	-c "Protocol is TLSv1.3" \
				11993	-c "NamedGroup: x448 ( 1e )" \
				11994	-c "NamedGroup: x25519 ( 1d )" \
				11995	-c "Verifying peer X.509 certificate... ok" \
				11996	-s "HRR selected_group: x25519"