TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a709a0f2c62b89f11a1b277bbf13a5a2d85ce96b / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 4f62ed69bfcc7d3d5689a931e619b6d05cb8aab6 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]21get_srv_psk_list ()
22{
23 case $(( TESTS % 3 )) in
24 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
25 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
26 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
27 esac
28}
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]29
Jerry Yu66f35f22022-08-22 17:27:41 +0800[diff] [blame]30requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]31requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
32requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
33requires_config_enabled MBEDTLS_SSL_SRV_C
34requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]35requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
36
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]37run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]38 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]39 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
40 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
41 localhost" \
42 1 \
43 -s "found psk key exchange modes extension" \
44 -s "found pre_shared_key extension" \
45 -s "Found PSK_EPHEMERAL KEX MODE" \
46 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]47 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]48
49requires_openssl_tls1_3
50requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
51requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
52requires_config_enabled MBEDTLS_SSL_SRV_C
53requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]54requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
55
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]56run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]57 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]58 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
59 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
60 1 \
61 -s "found psk key exchange modes extension" \
62 -s "found pre_shared_key extension" \
63 -s "Found PSK_EPHEMERAL KEX MODE" \
64 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]65 -s "No matched ciphersuite"
66
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]67requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
68 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
69requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
70 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
71requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
72 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]73run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \
74 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \
75 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
76 0 \
77 -c "Pre-configured PSK number = 2" \
78 -s "sent selected_identity: 0" \
79 -s "key exchange mode: psk_ephemeral" \
80 -S "key exchange mode: psk$" \
81 -S "key exchange mode: ephemeral$" \
82 -S "ticket is not authentic"
83
84requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
85 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
86requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
87 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
88requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
89 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
90run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]91 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
92 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
93 0 \
94 -c "Pre-configured PSK number = 2" \
95 -s "sent selected_identity: 1" \
96 -s "key exchange mode: psk_ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]97 -S "key exchange mode: psk$" \
98 -S "key exchange mode: ephemeral$" \
99 -s "ticket is not authentic"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]100
101requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
102 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
103requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
104 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
105requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
106 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]107run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]108 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
109 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
110 0 \
111 -c "Pre-configured PSK number = 1" \
112 -S "sent selected_identity:" \
113 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]114 -S "key exchange mode: psk_ephemeral" \
115 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]116 -s "ticket is not authentic" \
117 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]118 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]119 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]120 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]121
122requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
123 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
124requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
125 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
126requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
127 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]128run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]129 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
130 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
131 0 \
132 -c "Pre-configured PSK number = 1" \
133 -S "sent selected_identity:" \
134 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]135 -S "key exchange mode: psk_ephemeral" \
136 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]137 -S "ticket is not authentic" \
138 -s "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]139 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]140 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]141 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]142
143requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
144 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
145requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
146 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
147requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
148 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]149run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]150 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
151 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
152 0 \
153 -c "Pre-configured PSK number = 1" \
154 -S "sent selected_identity:" \
155 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]156 -S "key exchange mode: psk_ephemeral" \
157 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]158 -S "ticket is not authentic" \
159 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]160 -s "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]161 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]162 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]163
164requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
165 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
166requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
167 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]168requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
169 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]170run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]171 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
172 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
173 0 \
174 -c "Pre-configured PSK number = 1" \
175 -S "sent selected_identity:" \
176 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]177 -S "key exchange mode: psk_ephemeral" \
178 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]179 -S "ticket is not authentic" \
180 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]181 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]182 -s "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]183 -S "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]184
185requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
186 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
187requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
188 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]189requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
190 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]191run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]192 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
193 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
194 0 \
195 -c "Pre-configured PSK number = 1" \
196 -S "sent selected_identity:" \
197 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]198 -S "key exchange mode: psk_ephemeral" \
199 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]200 -S "ticket is not authentic" \
201 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]202 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]203 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]204 -s "Ticket age outside tolerance window"
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]205
206requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
207 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
208requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
209 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
210requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
211 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]212run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]213 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
214 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
215 0 \
216 -c "Pre-configured PSK number = 1" \
217 -S "sent selected_identity:" \
218 -s "key exchange mode: ephemeral" \
Jerry Yu63b06ea2022-10-08 14:24:46 +0800[diff] [blame]219 -S "key exchange mode: psk_ephemeral" \
220 -S "key exchange mode: psk$" \
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]221 -S "ticket is not authentic" \
222 -S "ticket is expired" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]223 -S "Invalid ticket start time" \
Jerry Yuc2bfaf02022-10-11 15:55:52 +0800[diff] [blame]224 -S "Ticket age exceeds limitation" \
Jerry Yu03aa1742022-10-10 21:48:37 +0800[diff] [blame]225 -s "Ticket age outside tolerance window"
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]226
227requires_gnutls_tls1_3
228requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]229requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]230run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]231 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]232 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
233 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
234 localhost" \
235 1 \
236 -s "found psk key exchange modes extension" \
237 -s "found pre_shared_key extension" \
238 -s "Found PSK_EPHEMERAL KEX MODE" \
239 -S "Found PSK KEX MODE" \
240 -S "key exchange mode: psk$" \
241 -S "key exchange mode: psk_ephemeral" \
242 -S "key exchange mode: ephemeral"
243
244requires_gnutls_tls1_3
245requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]247run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]248 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]249 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
250 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
251 localhost" \
252 0 \
253 -s "found psk key exchange modes extension" \
254 -s "found pre_shared_key extension" \
255 -s "Found PSK_EPHEMERAL KEX MODE" \
256 -s "Found PSK KEX MODE" \
257 -s "Pre shared key found" \
258 -S "No matched PSK or ticket" \
259 -s "key exchange mode: psk$" \
260 -S "key exchange mode: psk_ephemeral" \
261 -S "key exchange mode: ephemeral"
262
263requires_gnutls_tls1_3
264requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]265requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]266run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]267 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]268 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
269 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
270 localhost" \
271 1 \
272 -s "found psk key exchange modes extension" \
273 -s "found pre_shared_key extension" \
274 -s "Found PSK_EPHEMERAL KEX MODE" \
275 -s "Found PSK KEX MODE" \
276 -s "No matched PSK or ticket" \
277 -S "key exchange mode: psk$" \
278 -S "key exchange mode: psk_ephemeral" \
279 -S "key exchange mode: ephemeral"
280
281requires_gnutls_tls1_3
282requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]284run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]285 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]286 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
287 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
288 localhost" \
289 1 \
290 -s "found psk key exchange modes extension" \
291 -s "found pre_shared_key extension" \
292 -s "Found PSK_EPHEMERAL KEX MODE" \
293 -s "Found PSK KEX MODE" \
294 -s "Invalid binder." \
295 -S "key exchange mode: psk$" \
296 -S "key exchange mode: psk_ephemeral" \
297 -S "key exchange mode: ephemeral"
298
299requires_gnutls_tls1_3
300requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]301requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]302run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]303 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]304 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
305 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
306 localhost" \
307 0 \
308 -s "found psk key exchange modes extension" \
309 -s "found pre_shared_key extension" \
310 -S "Found PSK_EPHEMERAL KEX MODE" \
311 -s "Found PSK KEX MODE" \
312 -s "Pre shared key found" \
313 -S "No matched PSK or ticket" \
314 -s "key exchange mode: psk$" \
315 -S "key exchange mode: psk_ephemeral" \
316 -S "key exchange mode: ephemeral"
317
318requires_gnutls_tls1_3
319requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]320requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]321run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]322 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]323 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
324 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
325 localhost" \
326 1 \
327 -s "found psk key exchange modes extension" \
328 -s "found pre_shared_key extension" \
329 -S "Found PSK_EPHEMERAL KEX MODE" \
330 -s "Found PSK KEX MODE" \
331 -s "No matched PSK or ticket" \
332 -S "key exchange mode: psk$" \
333 -S "key exchange mode: psk_ephemeral" \
334 -S "key exchange mode: ephemeral"
335
336requires_gnutls_tls1_3
337requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]338requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]339run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]340 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]341 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
342 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
343 localhost" \
344 1 \
345 -s "found psk key exchange modes extension" \
346 -s "found pre_shared_key extension" \
347 -S "Found PSK_EPHEMERAL KEX MODE" \
348 -s "Found PSK KEX MODE" \
349 -s "Invalid binder." \
350 -S "key exchange mode: psk$" \
351 -S "key exchange mode: psk_ephemeral" \
352 -S "key exchange mode: ephemeral"
353
354requires_gnutls_tls1_3
355requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]357run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]358 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]359 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
360 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
361 localhost" \
362 0 \
363 -s "found psk key exchange modes extension" \
364 -s "found pre_shared_key extension" \
365 -s "Found PSK_EPHEMERAL KEX MODE" \
366 -S "Found PSK KEX MODE" \
367 -s "Pre shared key found" \
368 -S "No matched PSK or ticket" \
369 -S "key exchange mode: psk$" \
370 -s "key exchange mode: psk_ephemeral" \
371 -S "key exchange mode: ephemeral"
372
373requires_gnutls_tls1_3
374requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]375requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]376run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]377 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]378 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
379 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
380 localhost" \
381 1 \
382 -s "found psk key exchange modes extension" \
383 -s "found pre_shared_key extension" \
384 -s "Found PSK_EPHEMERAL KEX MODE" \
385 -S "Found PSK KEX MODE" \
386 -s "No matched PSK or ticket" \
387 -S "key exchange mode: psk$" \
388 -S "key exchange mode: psk_ephemeral" \
389 -S "key exchange mode: ephemeral"
390
391requires_gnutls_tls1_3
392requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]393requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]394run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]395 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]396 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
397 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
398 localhost" \
399 1 \
400 -s "found psk key exchange modes extension" \
401 -s "found pre_shared_key extension" \
402 -s "Found PSK_EPHEMERAL KEX MODE" \
403 -S "Found PSK KEX MODE" \
404 -s "Invalid binder." \
405 -S "key exchange mode: psk$" \
406 -S "key exchange mode: psk_ephemeral" \
407 -S "key exchange mode: ephemeral"
408
409requires_gnutls_tls1_3
410requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]411requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]412run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]413 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]414 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
415 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
416 localhost" \
417 0 \
418 -s "found psk key exchange modes extension" \
419 -s "found pre_shared_key extension" \
420 -s "Found PSK_EPHEMERAL KEX MODE" \
421 -s "Found PSK KEX MODE" \
422 -s "Pre shared key found" \
423 -S "No matched PSK or ticket" \
424 -S "key exchange mode: psk$" \
425 -s "key exchange mode: psk_ephemeral" \
426 -S "key exchange mode: ephemeral"
427
428requires_gnutls_tls1_3
429requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]430requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]431run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]432 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]433 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
434 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
435 localhost" \
436 1 \
437 -s "found psk key exchange modes extension" \
438 -s "found pre_shared_key extension" \
439 -s "Found PSK_EPHEMERAL KEX MODE" \
440 -s "Found PSK KEX MODE" \
441 -s "No matched PSK or ticket" \
442 -S "key exchange mode: psk$" \
443 -S "key exchange mode: psk_ephemeral" \
444 -S "key exchange mode: ephemeral"
445
446requires_gnutls_tls1_3
447requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]448requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]449run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]450 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]451 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
452 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
453 localhost" \
454 1 \
455 -s "found psk key exchange modes extension" \
456 -s "found pre_shared_key extension" \
457 -s "Found PSK_EPHEMERAL KEX MODE" \
458 -s "Found PSK KEX MODE" \
459 -s "Invalid binder." \
460 -S "key exchange mode: psk$" \
461 -S "key exchange mode: psk_ephemeral" \
462 -S "key exchange mode: ephemeral"
463
464requires_gnutls_tls1_3
465requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]466requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]467run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]468 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]469 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
470 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
471 localhost" \
472 1 \
473 -s "found psk key exchange modes extension" \
474 -s "found pre_shared_key extension" \
475 -S "Found PSK_EPHEMERAL KEX MODE" \
476 -s "Found PSK KEX MODE" \
477 -S "key exchange mode: psk$" \
478 -S "key exchange mode: psk_ephemeral" \
479 -S "key exchange mode: ephemeral"
480
481requires_gnutls_tls1_3
482requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]483requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]485run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]486 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]487 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
488 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
489 localhost" \
490 0 \
491 -s "found psk key exchange modes extension" \
492 -s "found pre_shared_key extension" \
493 -s "Found PSK_EPHEMERAL KEX MODE" \
494 -S "Found PSK KEX MODE" \
495 -s "Pre shared key found" \
496 -S "No matched PSK or ticket" \
497 -S "key exchange mode: psk$" \
498 -s "key exchange mode: psk_ephemeral" \
499 -S "key exchange mode: ephemeral"
500
501requires_gnutls_tls1_3
502requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]503requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
504requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]505run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]506 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]507 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
508 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
509 localhost" \
510 1 \
511 -s "found psk key exchange modes extension" \
512 -s "found pre_shared_key extension" \
513 -s "Found PSK_EPHEMERAL KEX MODE" \
514 -S "Found PSK KEX MODE" \
515 -s "No matched PSK or ticket" \
516 -S "key exchange mode: psk$" \
517 -S "key exchange mode: psk_ephemeral" \
518 -S "key exchange mode: ephemeral"
519
520requires_gnutls_tls1_3
521requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]522requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]524run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]525 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]526 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
527 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
528 localhost" \
529 1 \
530 -s "found psk key exchange modes extension" \
531 -s "found pre_shared_key extension" \
532 -s "Found PSK_EPHEMERAL KEX MODE" \
533 -S "Found PSK KEX MODE" \
534 -s "Invalid binder." \
535 -S "key exchange mode: psk$" \
536 -S "key exchange mode: psk_ephemeral" \
537 -S "key exchange mode: ephemeral"
538
539requires_gnutls_tls1_3
540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]543run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]544 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]545 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
546 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
547 localhost" \
548 0 \
549 -s "found psk key exchange modes extension" \
550 -s "found pre_shared_key extension" \
551 -s "Found PSK_EPHEMERAL KEX MODE" \
552 -s "Found PSK KEX MODE" \
553 -s "Pre shared key found" \
554 -S "No matched PSK or ticket" \
555 -S "key exchange mode: psk$" \
556 -s "key exchange mode: psk_ephemeral" \
557 -S "key exchange mode: ephemeral"
558
559requires_gnutls_tls1_3
560requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]561requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]563run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]564 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]565 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
566 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
567 localhost" \
568 1 \
569 -s "found psk key exchange modes extension" \
570 -s "found pre_shared_key extension" \
571 -s "Found PSK_EPHEMERAL KEX MODE" \
572 -s "Found PSK KEX MODE" \
573 -s "No matched PSK or ticket" \
574 -S "key exchange mode: psk$" \
575 -S "key exchange mode: psk_ephemeral" \
576 -S "key exchange mode: ephemeral"
577
578requires_gnutls_tls1_3
579requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]580requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
581requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]582run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]583 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]584 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
585 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
586 localhost" \
587 1 \
588 -s "found psk key exchange modes extension" \
589 -s "found pre_shared_key extension" \
590 -s "Found PSK_EPHEMERAL KEX MODE" \
591 -s "Found PSK KEX MODE" \
592 -s "Invalid binder." \
593 -S "key exchange mode: psk$" \
594 -S "key exchange mode: psk_ephemeral" \
595 -S "key exchange mode: ephemeral"
596
597requires_gnutls_tls1_3
598requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]599requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
600requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]601run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]602 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]603 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
604 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
605 localhost" \
606 0 \
607 -s "found psk key exchange modes extension" \
608 -s "found pre_shared_key extension" \
609 -S "Found PSK_EPHEMERAL KEX MODE" \
610 -s "Found PSK KEX MODE" \
611 -s "Pre shared key found" \
612 -S "No matched PSK or ticket" \
613 -s "key exchange mode: psk$" \
614 -S "key exchange mode: psk_ephemeral" \
615 -S "key exchange mode: ephemeral"
616
617requires_gnutls_tls1_3
618requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]619requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
620requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]621run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]622 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]623 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
624 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
625 localhost" \
626 1 \
627 -s "found psk key exchange modes extension" \
628 -s "found pre_shared_key extension" \
629 -S "Found PSK_EPHEMERAL KEX MODE" \
630 -s "Found PSK KEX MODE" \
631 -s "No matched PSK or ticket" \
632 -S "key exchange mode: psk$" \
633 -S "key exchange mode: psk_ephemeral" \
634 -S "key exchange mode: ephemeral"
635
636requires_gnutls_tls1_3
637requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]638requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
639requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]640run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]641 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]642 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
643 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
644 localhost" \
645 1 \
646 -s "found psk key exchange modes extension" \
647 -s "found pre_shared_key extension" \
648 -S "Found PSK_EPHEMERAL KEX MODE" \
649 -s "Found PSK KEX MODE" \
650 -s "Invalid binder." \
651 -S "key exchange mode: psk$" \
652 -S "key exchange mode: psk_ephemeral" \
653 -S "key exchange mode: ephemeral"
654
655requires_gnutls_tls1_3
656requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
658requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]659run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]660 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]661 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
662 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
663 localhost" \
664 0 \
665 -s "found psk key exchange modes extension" \
666 -s "found pre_shared_key extension" \
667 -s "Found PSK_EPHEMERAL KEX MODE" \
668 -S "Found PSK KEX MODE" \
669 -s "Pre shared key found" \
670 -S "No matched PSK or ticket" \
671 -S "key exchange mode: psk$" \
672 -s "key exchange mode: psk_ephemeral" \
673 -S "key exchange mode: ephemeral"
674
675requires_gnutls_tls1_3
676requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]677requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
678requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]679run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]680 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]681 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
682 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
683 localhost" \
684 0 \
685 -s "found psk key exchange modes extension" \
686 -s "found pre_shared_key extension" \
687 -s "Found PSK_EPHEMERAL KEX MODE" \
688 -S "Found PSK KEX MODE" \
689 -s "No matched PSK or ticket" \
690 -S "key exchange mode: psk$" \
691 -S "key exchange mode: psk_ephemeral" \
692 -s "key exchange mode: ephemeral"
693
694requires_gnutls_tls1_3
695requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]698run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]699 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]700 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
701 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
702 localhost" \
703 1 \
704 -s "found psk key exchange modes extension" \
705 -s "found pre_shared_key extension" \
706 -s "Found PSK_EPHEMERAL KEX MODE" \
707 -S "Found PSK KEX MODE" \
708 -s "Invalid binder." \
709 -S "key exchange mode: psk$" \
710 -S "key exchange mode: psk_ephemeral" \
711 -S "key exchange mode: ephemeral"
712
713requires_gnutls_tls1_3
714requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]715requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
716requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]717run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]718 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]719 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
720 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
721 localhost" \
722 0 \
723 -s "found psk key exchange modes extension" \
724 -s "found pre_shared_key extension" \
725 -s "Found PSK_EPHEMERAL KEX MODE" \
726 -s "Found PSK KEX MODE" \
727 -s "Pre shared key found" \
728 -S "No matched PSK or ticket" \
729 -S "key exchange mode: psk$" \
730 -s "key exchange mode: psk_ephemeral" \
731 -S "key exchange mode: ephemeral"
732
733requires_gnutls_tls1_3
734requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]735requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]737run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]738 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]739 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
740 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
741 localhost" \
742 0 \
743 -s "found psk key exchange modes extension" \
744 -s "found pre_shared_key extension" \
745 -s "Found PSK_EPHEMERAL KEX MODE" \
746 -s "Found PSK KEX MODE" \
747 -s "No matched PSK or ticket" \
748 -S "key exchange mode: psk$" \
749 -S "key exchange mode: psk_ephemeral" \
750 -s "key exchange mode: ephemeral"
751
752requires_gnutls_tls1_3
753requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]754requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
755requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]756run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]757 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]758 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
759 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
760 localhost" \
761 1 \
762 -s "found psk key exchange modes extension" \
763 -s "found pre_shared_key extension" \
764 -s "Found PSK_EPHEMERAL KEX MODE" \
765 -s "Found PSK KEX MODE" \
766 -s "Invalid binder." \
767 -S "key exchange mode: psk$" \
768 -S "key exchange mode: psk_ephemeral" \
769 -S "key exchange mode: ephemeral"
770
771requires_gnutls_tls1_3
772requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]773requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
774requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]775run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]776 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]777 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
778 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
779 localhost" \
780 0 \
781 -s "found psk key exchange modes extension" \
782 -s "found pre_shared_key extension" \
783 -S "Found PSK_EPHEMERAL KEX MODE" \
784 -s "Found PSK KEX MODE" \
785 -s "Pre shared key found" \
786 -S "No matched PSK or ticket" \
787 -S "key exchange mode: psk$" \
788 -S "key exchange mode: psk_ephemeral" \
789 -s "key exchange mode: ephemeral"
790
791requires_gnutls_tls1_3
792requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]793requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
794requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
795requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]796run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]797 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]798 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
799 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
800 localhost" \
801 0 \
802 -s "found psk key exchange modes extension" \
803 -s "found pre_shared_key extension" \
804 -s "Found PSK_EPHEMERAL KEX MODE" \
805 -S "Found PSK KEX MODE" \
806 -s "Pre shared key found" \
807 -S "No matched PSK or ticket" \
808 -S "key exchange mode: psk$" \
809 -s "key exchange mode: psk_ephemeral" \
810 -S "key exchange mode: ephemeral"
811
812requires_gnutls_tls1_3
813requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]814requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
815requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]817run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]818 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]819 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
820 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
821 localhost" \
822 0 \
823 -s "found psk key exchange modes extension" \
824 -s "found pre_shared_key extension" \
825 -s "Found PSK_EPHEMERAL KEX MODE" \
826 -S "Found PSK KEX MODE" \
827 -s "No matched PSK or ticket" \
828 -S "key exchange mode: psk$" \
829 -S "key exchange mode: psk_ephemeral" \
830 -s "key exchange mode: ephemeral"
831
832requires_gnutls_tls1_3
833requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]834requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
835requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
836requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]837run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]838 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]839 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
840 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
841 localhost" \
842 1 \
843 -s "found psk key exchange modes extension" \
844 -s "found pre_shared_key extension" \
845 -s "Found PSK_EPHEMERAL KEX MODE" \
846 -S "Found PSK KEX MODE" \
847 -s "Invalid binder." \
848 -S "key exchange mode: psk$" \
849 -S "key exchange mode: psk_ephemeral" \
850 -S "key exchange mode: ephemeral"
851
852requires_gnutls_tls1_3
853requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]854requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
855requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
856requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]857run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]858 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]859 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
860 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
861 localhost" \
862 0 \
863 -s "found psk key exchange modes extension" \
864 -s "found pre_shared_key extension" \
865 -s "Found PSK_EPHEMERAL KEX MODE" \
866 -s "Found PSK KEX MODE" \
867 -s "Pre shared key found" \
868 -S "No matched PSK or ticket" \
869 -S "key exchange mode: psk$" \
870 -s "key exchange mode: psk_ephemeral" \
871 -S "key exchange mode: ephemeral"
872
873requires_gnutls_tls1_3
874requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]875requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
876requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
877requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]878run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]879 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]880 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
881 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
882 localhost" \
883 0 \
884 -s "found psk key exchange modes extension" \
885 -s "found pre_shared_key extension" \
886 -s "Found PSK_EPHEMERAL KEX MODE" \
887 -s "Found PSK KEX MODE" \
888 -s "No matched PSK or ticket" \
889 -S "key exchange mode: psk$" \
890 -S "key exchange mode: psk_ephemeral" \
891 -s "key exchange mode: ephemeral"
892
893requires_gnutls_tls1_3
894requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]895requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
896requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
897requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]898run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]899 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]900 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
901 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
902 localhost" \
903 1 \
904 -s "found psk key exchange modes extension" \
905 -s "found pre_shared_key extension" \
906 -s "Found PSK_EPHEMERAL KEX MODE" \
907 -s "Found PSK KEX MODE" \
908 -s "Invalid binder." \
909 -S "key exchange mode: psk$" \
910 -S "key exchange mode: psk_ephemeral" \
911 -S "key exchange mode: ephemeral"
912
913requires_gnutls_tls1_3
914requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
916requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
917requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]918run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]919 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]920 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
921 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
922 localhost" \
923 0 \
924 -s "found psk key exchange modes extension" \
925 -s "found pre_shared_key extension" \
926 -S "Found PSK_EPHEMERAL KEX MODE" \
927 -s "Found PSK KEX MODE" \
928 -s "Pre shared key found" \
929 -S "No matched PSK or ticket" \
930 -S "key exchange mode: psk$" \
931 -S "key exchange mode: psk_ephemeral" \
932 -s "key exchange mode: ephemeral"
933
934requires_gnutls_tls1_3
935requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]936requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
937requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
938requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]939run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]940 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]941 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
942 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
943 localhost" \
944 1 \
945 -s "found psk key exchange modes extension" \
946 -s "found pre_shared_key extension" \
947 -S "Found PSK_EPHEMERAL KEX MODE" \
948 -s "Found PSK KEX MODE" \
949 -s "Invalid binder." \
950 -S "key exchange mode: psk$" \
951 -S "key exchange mode: psk_ephemeral" \
952 -S "key exchange mode: ephemeral"
953
954requires_gnutls_tls1_3
955requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]956requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
957requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]958run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]959 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]960 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
961 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
962 localhost" \
963 0 \
964 -s "found psk key exchange modes extension" \
965 -s "found pre_shared_key extension" \
966 -s "Found PSK_EPHEMERAL KEX MODE" \
967 -S "Found PSK KEX MODE" \
968 -s "Pre shared key found" \
969 -S "No matched PSK or ticket" \
970 -S "key exchange mode: psk$" \
971 -S "key exchange mode: psk_ephemeral" \
972 -s "key exchange mode: ephemeral"
973
974requires_gnutls_tls1_3
975requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
977requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]978run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]979 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]980 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
981 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
982 localhost" \
983 0 \
984 -s "found psk key exchange modes extension" \
985 -s "found pre_shared_key extension" \
986 -s "Found PSK_EPHEMERAL KEX MODE" \
987 -s "Found PSK KEX MODE" \
988 -s "Pre shared key found" \
989 -S "No matched PSK or ticket" \
990 -S "key exchange mode: psk$" \
991 -S "key exchange mode: psk_ephemeral" \
992 -s "key exchange mode: ephemeral"
993
994requires_gnutls_tls1_3
995requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]996requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
997requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]998run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]999 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1000 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
1001 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1002 localhost" \
1003 1 \
1004 -s "found psk key exchange modes extension" \
1005 -s "found pre_shared_key extension" \
1006 -s "Found PSK_EPHEMERAL KEX MODE" \
1007 -s "Found PSK KEX MODE" \
1008 -s "Invalid binder." \
1009 -S "key exchange mode: psk$" \
1010 -S "key exchange mode: psk_ephemeral" \
1011 -S "key exchange mode: ephemeral"
1012
1013requires_gnutls_tls1_3
1014requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1015requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1016requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1017run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1018 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1019 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1020 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1021 localhost" \
1022 0 \
1023 -s "found psk key exchange modes extension" \
1024 -s "found pre_shared_key extension" \
1025 -S "Found PSK_EPHEMERAL KEX MODE" \
1026 -s "Found PSK KEX MODE" \
1027 -s "Pre shared key found" \
1028 -S "No matched PSK or ticket" \
1029 -S "key exchange mode: psk$" \
1030 -S "key exchange mode: psk_ephemeral" \
1031 -s "key exchange mode: ephemeral"
1032
1033requires_gnutls_tls1_3
1034requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1035requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1036requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1037run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1038 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1039 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1040 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1041 localhost" \
1042 1 \
1043 -s "found psk key exchange modes extension" \
1044 -s "found pre_shared_key extension" \
1045 -S "Found PSK_EPHEMERAL KEX MODE" \
1046 -s "Found PSK KEX MODE" \
1047 -s "Invalid binder." \
1048 -S "key exchange mode: psk$" \
1049 -S "key exchange mode: psk_ephemeral" \
1050 -S "key exchange mode: ephemeral"
1051
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1052requires_gnutls_tls1_3
1053requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1054requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1055run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
1056 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1057 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
1058 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1059 localhost" \
1060 0 \
1061 -s "write selected_group: secp256r1" \
1062 -S "key exchange mode: psk$" \
1063 -s "key exchange mode: psk_ephemeral" \
1064 -S "key exchange mode: ephemeral"
1065
1066requires_gnutls_tls1_3
1067requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1068requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1069run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
1070 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1071 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
1072 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1073 localhost" \
1074 0 \
1075 -s "write selected_group: secp384r1" \
1076 -S "key exchange mode: psk$" \
1077 -s "key exchange mode: psk_ephemeral" \
1078 -S "key exchange mode: ephemeral"
1079
1080requires_gnutls_tls1_3
1081requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1082requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1083run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
1084 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1085 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
1086 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1087 localhost" \
1088 0 \
1089 -s "write selected_group: secp521r1" \
1090 -S "key exchange mode: psk$" \
1091 -s "key exchange mode: psk_ephemeral" \
1092 -S "key exchange mode: ephemeral"
1093
1094requires_gnutls_tls1_3
1095requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1096requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1097run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
1098 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1099 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
1100 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1101 localhost" \
1102 0 \
1103 -s "write selected_group: x25519" \
1104 -S "key exchange mode: psk$" \
1105 -s "key exchange mode: psk_ephemeral" \
1106 -S "key exchange mode: ephemeral"
1107
1108requires_gnutls_tls1_3
1109requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1110requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1111run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
1112 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1113 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
1114 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1115 localhost" \
1116 0 \
1117 -s "write selected_group: x448" \
1118 -S "key exchange mode: psk$" \
1119 -s "key exchange mode: psk_ephemeral" \
1120 -S "key exchange mode: ephemeral"
1121
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1122requires_openssl_tls1_3
1123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1125run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1126 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1127 "$O_NEXT_CLI -tls1_3 -msg \
1128 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1129 1 \
1130 -s "found psk key exchange modes extension" \
1131 -s "found pre_shared_key extension" \
1132 -s "Found PSK_EPHEMERAL KEX MODE" \
1133 -S "Found PSK KEX MODE" \
1134 -S "key exchange mode: psk$" \
1135 -S "key exchange mode: psk_ephemeral" \
1136 -S "key exchange mode: ephemeral"
1137
1138requires_openssl_tls1_3
1139requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1140requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1141run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1142 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1143 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1144 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1145 0 \
1146 -s "found psk key exchange modes extension" \
1147 -s "found pre_shared_key extension" \
1148 -s "Found PSK_EPHEMERAL KEX MODE" \
1149 -s "Found PSK KEX MODE" \
1150 -s "Pre shared key found" \
1151 -S "No matched PSK or ticket" \
1152 -s "key exchange mode: psk$" \
1153 -S "key exchange mode: psk_ephemeral" \
1154 -S "key exchange mode: ephemeral"
1155
1156requires_openssl_tls1_3
1157requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1158requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1159run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1160 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1161 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1162 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1163 1 \
1164 -s "found psk key exchange modes extension" \
1165 -s "found pre_shared_key extension" \
1166 -s "Found PSK_EPHEMERAL KEX MODE" \
1167 -s "Found PSK KEX MODE" \
1168 -s "No matched PSK or ticket" \
1169 -S "key exchange mode: psk$" \
1170 -S "key exchange mode: psk_ephemeral" \
1171 -S "key exchange mode: ephemeral"
1172
1173requires_openssl_tls1_3
1174requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1175requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1176run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1177 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1178 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1179 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1180 1 \
1181 -s "found psk key exchange modes extension" \
1182 -s "found pre_shared_key extension" \
1183 -s "Found PSK_EPHEMERAL KEX MODE" \
1184 -s "Found PSK KEX MODE" \
1185 -s "Invalid binder." \
1186 -S "key exchange mode: psk$" \
1187 -S "key exchange mode: psk_ephemeral" \
1188 -S "key exchange mode: ephemeral"
1189
1190requires_openssl_tls1_3
1191requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1192requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1193run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1194 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1195 "$O_NEXT_CLI -tls1_3 -msg \
1196 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1197 0 \
1198 -s "found psk key exchange modes extension" \
1199 -s "found pre_shared_key extension" \
1200 -s "Found PSK_EPHEMERAL KEX MODE" \
1201 -S "Found PSK KEX MODE" \
1202 -s "Pre shared key found" \
1203 -S "No matched PSK or ticket" \
1204 -S "key exchange mode: psk$" \
1205 -s "key exchange mode: psk_ephemeral" \
1206 -S "key exchange mode: ephemeral"
1207
1208requires_openssl_tls1_3
1209requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1211run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1212 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1213 "$O_NEXT_CLI -tls1_3 -msg \
1214 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1215 1 \
1216 -s "found psk key exchange modes extension" \
1217 -s "found pre_shared_key extension" \
1218 -s "Found PSK_EPHEMERAL KEX MODE" \
1219 -S "Found PSK KEX MODE" \
1220 -s "No matched PSK or ticket" \
1221 -S "key exchange mode: psk$" \
1222 -S "key exchange mode: psk_ephemeral" \
1223 -S "key exchange mode: ephemeral"
1224
1225requires_openssl_tls1_3
1226requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1227requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1228run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1229 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1230 "$O_NEXT_CLI -tls1_3 -msg \
1231 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1232 1 \
1233 -s "found psk key exchange modes extension" \
1234 -s "found pre_shared_key extension" \
1235 -s "Found PSK_EPHEMERAL KEX MODE" \
1236 -S "Found PSK KEX MODE" \
1237 -s "Invalid binder." \
1238 -S "key exchange mode: psk$" \
1239 -S "key exchange mode: psk_ephemeral" \
1240 -S "key exchange mode: ephemeral"
1241
1242requires_openssl_tls1_3
1243requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1244requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1245run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1246 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1247 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1248 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1249 0 \
1250 -s "found psk key exchange modes extension" \
1251 -s "found pre_shared_key extension" \
1252 -s "Found PSK_EPHEMERAL KEX MODE" \
1253 -s "Found PSK KEX MODE" \
1254 -s "Pre shared key found" \
1255 -S "No matched PSK or ticket" \
1256 -S "key exchange mode: psk$" \
1257 -s "key exchange mode: psk_ephemeral" \
1258 -S "key exchange mode: ephemeral"
1259
1260requires_openssl_tls1_3
1261requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1262requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1263run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1264 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1265 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1266 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1267 1 \
1268 -s "found psk key exchange modes extension" \
1269 -s "found pre_shared_key extension" \
1270 -s "Found PSK_EPHEMERAL KEX MODE" \
1271 -s "Found PSK KEX MODE" \
1272 -s "No matched PSK or ticket" \
1273 -S "key exchange mode: psk$" \
1274 -S "key exchange mode: psk_ephemeral" \
1275 -S "key exchange mode: ephemeral"
1276
1277requires_openssl_tls1_3
1278requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1279requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1280run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1281 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1282 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1283 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1284 1 \
1285 -s "found psk key exchange modes extension" \
1286 -s "found pre_shared_key extension" \
1287 -s "Found PSK_EPHEMERAL KEX MODE" \
1288 -s "Found PSK KEX MODE" \
1289 -s "Invalid binder." \
1290 -S "key exchange mode: psk$" \
1291 -S "key exchange mode: psk_ephemeral" \
1292 -S "key exchange mode: ephemeral"
1293
1294requires_openssl_tls1_3
1295requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1296requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1297requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1298run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1299 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1300 "$O_NEXT_CLI -tls1_3 -msg \
1301 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1302 0 \
1303 -s "found psk key exchange modes extension" \
1304 -s "found pre_shared_key extension" \
1305 -s "Found PSK_EPHEMERAL KEX MODE" \
1306 -S "Found PSK KEX MODE" \
1307 -s "Pre shared key found" \
1308 -S "No matched PSK or ticket" \
1309 -S "key exchange mode: psk$" \
1310 -s "key exchange mode: psk_ephemeral" \
1311 -S "key exchange mode: ephemeral"
1312
1313requires_openssl_tls1_3
1314requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1315requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1316requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1317run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1318 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1319 "$O_NEXT_CLI -tls1_3 -msg \
1320 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1321 1 \
1322 -s "found psk key exchange modes extension" \
1323 -s "found pre_shared_key extension" \
1324 -s "Found PSK_EPHEMERAL KEX MODE" \
1325 -S "Found PSK KEX MODE" \
1326 -s "No matched PSK or ticket" \
1327 -S "key exchange mode: psk$" \
1328 -S "key exchange mode: psk_ephemeral" \
1329 -S "key exchange mode: ephemeral"
1330
1331requires_openssl_tls1_3
1332requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1333requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1334requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1335run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1336 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1337 "$O_NEXT_CLI -tls1_3 -msg \
1338 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1339 1 \
1340 -s "found psk key exchange modes extension" \
1341 -s "found pre_shared_key extension" \
1342 -s "Found PSK_EPHEMERAL KEX MODE" \
1343 -S "Found PSK KEX MODE" \
1344 -s "Invalid binder." \
1345 -S "key exchange mode: psk$" \
1346 -S "key exchange mode: psk_ephemeral" \
1347 -S "key exchange mode: ephemeral"
1348
1349requires_openssl_tls1_3
1350requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1351requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1352requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1353run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1354 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1355 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1356 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1357 0 \
1358 -s "found psk key exchange modes extension" \
1359 -s "found pre_shared_key extension" \
1360 -s "Found PSK_EPHEMERAL KEX MODE" \
1361 -s "Found PSK KEX MODE" \
1362 -s "Pre shared key found" \
1363 -S "No matched PSK or ticket" \
1364 -S "key exchange mode: psk$" \
1365 -s "key exchange mode: psk_ephemeral" \
1366 -S "key exchange mode: ephemeral"
1367
1368requires_openssl_tls1_3
1369requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1372run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1373 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1374 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1375 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1376 1 \
1377 -s "found psk key exchange modes extension" \
1378 -s "found pre_shared_key extension" \
1379 -s "Found PSK_EPHEMERAL KEX MODE" \
1380 -s "Found PSK KEX MODE" \
1381 -s "No matched PSK or ticket" \
1382 -S "key exchange mode: psk$" \
1383 -S "key exchange mode: psk_ephemeral" \
1384 -S "key exchange mode: ephemeral"
1385
1386requires_openssl_tls1_3
1387requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1390run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1391 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1392 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1393 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1394 1 \
1395 -s "found psk key exchange modes extension" \
1396 -s "found pre_shared_key extension" \
1397 -s "Found PSK_EPHEMERAL KEX MODE" \
1398 -s "Found PSK KEX MODE" \
1399 -s "Invalid binder." \
1400 -S "key exchange mode: psk$" \
1401 -S "key exchange mode: psk_ephemeral" \
1402 -S "key exchange mode: ephemeral"
1403
1404requires_openssl_tls1_3
1405requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1408run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1409 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1410 "$O_NEXT_CLI -tls1_3 -msg \
1411 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1412 0 \
1413 -s "found psk key exchange modes extension" \
1414 -s "found pre_shared_key extension" \
1415 -s "Found PSK_EPHEMERAL KEX MODE" \
1416 -S "Found PSK KEX MODE" \
1417 -s "Pre shared key found" \
1418 -S "No matched PSK or ticket" \
1419 -S "key exchange mode: psk$" \
1420 -s "key exchange mode: psk_ephemeral" \
1421 -S "key exchange mode: ephemeral"
1422
1423requires_openssl_tls1_3
1424requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1427run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1428 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1429 "$O_NEXT_CLI -tls1_3 -msg \
1430 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1431 0 \
1432 -s "found psk key exchange modes extension" \
1433 -s "found pre_shared_key extension" \
1434 -s "Found PSK_EPHEMERAL KEX MODE" \
1435 -S "Found PSK KEX MODE" \
1436 -s "No matched PSK or ticket" \
1437 -S "key exchange mode: psk$" \
1438 -S "key exchange mode: psk_ephemeral" \
1439 -s "key exchange mode: ephemeral"
1440
1441requires_openssl_tls1_3
1442requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1443requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1444requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1445run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1446 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1447 "$O_NEXT_CLI -tls1_3 -msg \
1448 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1449 1 \
1450 -s "found psk key exchange modes extension" \
1451 -s "found pre_shared_key extension" \
1452 -s "Found PSK_EPHEMERAL KEX MODE" \
1453 -S "Found PSK KEX MODE" \
1454 -s "Invalid binder." \
1455 -S "key exchange mode: psk$" \
1456 -S "key exchange mode: psk_ephemeral" \
1457 -S "key exchange mode: ephemeral"
1458
1459requires_openssl_tls1_3
1460requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1461requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1462requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1463run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1464 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1465 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1466 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1467 0 \
1468 -s "found psk key exchange modes extension" \
1469 -s "found pre_shared_key extension" \
1470 -s "Found PSK_EPHEMERAL KEX MODE" \
1471 -s "Found PSK KEX MODE" \
1472 -s "Pre shared key found" \
1473 -S "No matched PSK or ticket" \
1474 -S "key exchange mode: psk$" \
1475 -s "key exchange mode: psk_ephemeral" \
1476 -S "key exchange mode: ephemeral"
1477
1478requires_openssl_tls1_3
1479requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1480requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1481requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1482run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1483 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1484 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1485 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1486 0 \
1487 -s "found psk key exchange modes extension" \
1488 -s "found pre_shared_key extension" \
1489 -s "Found PSK_EPHEMERAL KEX MODE" \
1490 -s "Found PSK KEX MODE" \
1491 -s "No matched PSK or ticket" \
1492 -S "key exchange mode: psk$" \
1493 -S "key exchange mode: psk_ephemeral" \
1494 -s "key exchange mode: ephemeral"
1495
1496requires_openssl_tls1_3
1497requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1498requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1499requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1500run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1501 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1502 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1503 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1504 1 \
1505 -s "found psk key exchange modes extension" \
1506 -s "found pre_shared_key extension" \
1507 -s "Found PSK_EPHEMERAL KEX MODE" \
1508 -s "Found PSK KEX MODE" \
1509 -s "Invalid binder." \
1510 -S "key exchange mode: psk$" \
1511 -S "key exchange mode: psk_ephemeral" \
1512 -S "key exchange mode: ephemeral"
1513
1514requires_openssl_tls1_3
1515requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1517requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1518requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1519run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1520 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1521 "$O_NEXT_CLI -tls1_3 -msg \
1522 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1523 0 \
1524 -s "found psk key exchange modes extension" \
1525 -s "found pre_shared_key extension" \
1526 -s "Found PSK_EPHEMERAL KEX MODE" \
1527 -S "Found PSK KEX MODE" \
1528 -s "Pre shared key found" \
1529 -S "No matched PSK or ticket" \
1530 -S "key exchange mode: psk$" \
1531 -s "key exchange mode: psk_ephemeral" \
1532 -S "key exchange mode: ephemeral"
1533
1534requires_openssl_tls1_3
1535requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1536requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1537requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1539run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1540 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1541 "$O_NEXT_CLI -tls1_3 -msg \
1542 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1543 0 \
1544 -s "found psk key exchange modes extension" \
1545 -s "found pre_shared_key extension" \
1546 -s "Found PSK_EPHEMERAL KEX MODE" \
1547 -S "Found PSK KEX MODE" \
1548 -s "No matched PSK or ticket" \
1549 -S "key exchange mode: psk$" \
1550 -S "key exchange mode: psk_ephemeral" \
1551 -s "key exchange mode: ephemeral"
1552
1553requires_openssl_tls1_3
1554requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1555requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1556requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1557requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1558run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1559 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1560 "$O_NEXT_CLI -tls1_3 -msg \
1561 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1562 1 \
1563 -s "found psk key exchange modes extension" \
1564 -s "found pre_shared_key extension" \
1565 -s "Found PSK_EPHEMERAL KEX MODE" \
1566 -S "Found PSK KEX MODE" \
1567 -s "Invalid binder." \
1568 -S "key exchange mode: psk$" \
1569 -S "key exchange mode: psk_ephemeral" \
1570 -S "key exchange mode: ephemeral"
1571
1572requires_openssl_tls1_3
1573requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1576requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1577run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1578 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1579 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1580 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1581 0 \
1582 -s "found psk key exchange modes extension" \
1583 -s "found pre_shared_key extension" \
1584 -s "Found PSK_EPHEMERAL KEX MODE" \
1585 -s "Found PSK KEX MODE" \
1586 -s "Pre shared key found" \
1587 -S "No matched PSK or ticket" \
1588 -S "key exchange mode: psk$" \
1589 -s "key exchange mode: psk_ephemeral" \
1590 -S "key exchange mode: ephemeral"
1591
1592requires_openssl_tls1_3
1593requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1594requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1595requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1596requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1597run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1598 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1599 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1600 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1601 0 \
1602 -s "found psk key exchange modes extension" \
1603 -s "found pre_shared_key extension" \
1604 -s "Found PSK_EPHEMERAL KEX MODE" \
1605 -s "Found PSK KEX MODE" \
1606 -s "No matched PSK or ticket" \
1607 -S "key exchange mode: psk$" \
1608 -S "key exchange mode: psk_ephemeral" \
1609 -s "key exchange mode: ephemeral"
1610
1611requires_openssl_tls1_3
1612requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1613requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1614requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1616run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1617 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1618 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1619 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1620 1 \
1621 -s "found psk key exchange modes extension" \
1622 -s "found pre_shared_key extension" \
1623 -s "Found PSK_EPHEMERAL KEX MODE" \
1624 -s "Found PSK KEX MODE" \
1625 -s "Invalid binder." \
1626 -S "key exchange mode: psk$" \
1627 -S "key exchange mode: psk_ephemeral" \
1628 -S "key exchange mode: ephemeral"
1629
1630requires_openssl_tls1_3
1631requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1632requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1633requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1634run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1635 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1636 "$O_NEXT_CLI -tls1_3 -msg \
1637 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1638 0 \
1639 -s "found psk key exchange modes extension" \
1640 -s "found pre_shared_key extension" \
1641 -s "Found PSK_EPHEMERAL KEX MODE" \
1642 -S "Found PSK KEX MODE" \
1643 -s "Pre shared key found" \
1644 -S "No matched PSK or ticket" \
1645 -S "key exchange mode: psk$" \
1646 -S "key exchange mode: psk_ephemeral" \
1647 -s "key exchange mode: ephemeral"
1648
1649requires_openssl_tls1_3
1650requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1651requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1652requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1653run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1654 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1655 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1656 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1657 0 \
1658 -s "found psk key exchange modes extension" \
1659 -s "found pre_shared_key extension" \
1660 -s "Found PSK_EPHEMERAL KEX MODE" \
1661 -s "Found PSK KEX MODE" \
1662 -s "Pre shared key found" \
1663 -S "No matched PSK or ticket" \
1664 -S "key exchange mode: psk$" \
1665 -S "key exchange mode: psk_ephemeral" \
1666 -s "key exchange mode: ephemeral"
1667
1668requires_openssl_tls1_3
1669requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1670requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1671requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1672run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1673 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1674 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1675 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1676 1 \
1677 -s "found psk key exchange modes extension" \
1678 -s "found pre_shared_key extension" \
1679 -s "Found PSK_EPHEMERAL KEX MODE" \
1680 -s "Found PSK KEX MODE" \
1681 -s "Invalid binder." \
1682 -S "key exchange mode: psk$" \
1683 -S "key exchange mode: psk_ephemeral" \
1684 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1685
1686requires_openssl_tls1_3
1687requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1689run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1690 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1691 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1692 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1693 0 \
1694 -s "write selected_group: secp256r1" \
1695 -S "key exchange mode: psk$" \
1696 -s "key exchange mode: psk_ephemeral" \
1697 -S "key exchange mode: ephemeral"
1698
1699requires_openssl_tls1_3
1700requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1701requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1702run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1703 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1704 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1705 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1706 0 \
1707 -s "write selected_group: secp384r1" \
1708 -S "key exchange mode: psk$" \
1709 -s "key exchange mode: psk_ephemeral" \
1710 -S "key exchange mode: ephemeral"
1711
1712requires_openssl_tls1_3
1713requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1714requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1715run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1716 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1717 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1718 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1719 0 \
1720 -s "write selected_group: secp521r1" \
1721 -S "key exchange mode: psk$" \
1722 -s "key exchange mode: psk_ephemeral" \
1723 -S "key exchange mode: ephemeral"
1724
1725requires_openssl_tls1_3
1726requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1727requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1728run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1729 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1730 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1731 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1732 0 \
1733 -s "write selected_group: x25519" \
1734 -S "key exchange mode: psk$" \
1735 -s "key exchange mode: psk_ephemeral" \
1736 -S "key exchange mode: ephemeral"
1737
1738requires_openssl_tls1_3
1739requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1740requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1741run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1742 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1743 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1744 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1745 0 \
1746 -s "write selected_group: x448" \
1747 -S "key exchange mode: psk$" \
1748 -s "key exchange mode: psk_ephemeral" \
1749 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1750
1751requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1752requires_openssl_tls1_3
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1753requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1754run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1755 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1756 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1757 0 \
1758 -s "write selected_group: secp384r1" \
1759 -s "HRR selected_group: secp384r1" \
1760 -S "key exchange mode: psk$" \
1761 -s "key exchange mode: psk_ephemeral" \
1762 -S "key exchange mode: ephemeral"
1763
1764requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1765requires_gnutls_tls1_3
1766requires_gnutls_next_no_ticket
1767requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1768requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1769run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1770 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1771 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1772 0 \
1773 -s "write selected_group: secp384r1" \
1774 -s "HRR selected_group: secp384r1" \
1775 -S "key exchange mode: psk$" \
1776 -s "key exchange mode: psk_ephemeral" \
1777 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1778
1779
1780# Add psk test cases for mbedtls client code
1781
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1782# MbedTls->MbedTLS kinds of tls13_kex_modes
1783# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1785requires_config_enabled MBEDTLS_SSL_SRV_C
1786requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1787requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1788run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1789 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1790 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1791 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1792 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1793 -c "client hello, adding psk_key_exchange_modes extension" \
1794 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1795 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1796 -c "HTTP/1.0 200 OK"
1797
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1798requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1799requires_config_enabled MBEDTLS_SSL_SRV_C
1800requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1801requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1802run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1803 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1804 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1805 1 \
1806 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1807 -c "client hello, adding psk_key_exchange_modes extension" \
1808 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1809 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1810
1811requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1812requires_config_enabled MBEDTLS_SSL_SRV_C
1813requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1814requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1815run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1816 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1817 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1818 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1819 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1820 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1821 -c "client hello, adding PSK binder list" \
1822 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1823
1824requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1825requires_config_enabled MBEDTLS_SSL_SRV_C
1826requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1827requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1828requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1829run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1830 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1831 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1832 1 \
1833 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1834 -c "client hello, adding psk_key_exchange_modes extension" \
1835 -c "client hello, adding PSK binder list" \
1836 -s "ClientHello message misses mandatory extensions."
1837
1838requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1839requires_config_enabled MBEDTLS_SSL_SRV_C
1840requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1841requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1842requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1843run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1844 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1845 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1846 1 \
1847 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1848 -c "client hello, adding psk_key_exchange_modes extension" \
1849 -c "client hello, adding PSK binder list" \
1850 -s "ClientHello message misses mandatory extensions."
1851
1852requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1853requires_config_enabled MBEDTLS_SSL_SRV_C
1854requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1855requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1856requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1857requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1858run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1859 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1860 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1861 1 \
1862 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1863 -c "client hello, adding psk_key_exchange_modes extension" \
1864 -c "client hello, adding PSK binder list" \
1865 -s "ClientHello message misses mandatory extensions."
1866
1867requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1868requires_config_enabled MBEDTLS_SSL_SRV_C
1869requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1870requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1871requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1872run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1873 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1874 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1875 0 \
1876 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1877 -c "client hello, adding psk_key_exchange_modes extension" \
1878 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1879 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1880 -c "HTTP/1.0 200 OK"
1881
1882requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1883requires_config_enabled MBEDTLS_SSL_SRV_C
1884requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1885requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1886requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1887run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1888 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1889 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1890 1 \
1891 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1892 -c "client hello, adding psk_key_exchange_modes extension" \
1893 -c "client hello, adding PSK binder list" \
1894 -s "No matched PSK or ticket" \
1895 -s "ClientHello message misses mandatory extensions."
1896
1897requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1898requires_config_enabled MBEDTLS_SSL_SRV_C
1899requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1900requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1901requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1902run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1903 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1904 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1905 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1906 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1907 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1908 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1909 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1910
1911requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1912requires_config_enabled MBEDTLS_SSL_SRV_C
1913requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1914requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1916requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1917run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1918 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1919 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1920 0 \
1921 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1922 -c "client hello, adding psk_key_exchange_modes extension" \
1923 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1924 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1925 -c "HTTP/1.0 200 OK"
1926
1927requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1928requires_config_enabled MBEDTLS_SSL_SRV_C
1929requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1930requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1932requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1933run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1934 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1935 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1936 1 \
1937 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1938 -c "client hello, adding psk_key_exchange_modes extension" \
1939 -c "client hello, adding PSK binder list" \
1940 -s "No matched PSK or ticket" \
1941 -s "ClientHello message misses mandatory extensions."
1942
1943requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1944requires_config_enabled MBEDTLS_SSL_SRV_C
1945requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1946requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1947requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1949run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1950 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1951 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1952 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1953 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1954 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1955 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1956 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1957
1958# psk_ephemeral mode in client
1959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1960requires_config_enabled MBEDTLS_SSL_SRV_C
1961requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1962requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1963requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1964run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1965 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1966 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1967 1 \
1968 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1969 -c "client hello, adding psk_key_exchange_modes extension" \
1970 -c "client hello, adding PSK binder list" \
1971 -s "ClientHello message misses mandatory extensions."
1972
1973requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1974requires_config_enabled MBEDTLS_SSL_SRV_C
1975requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1977run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1978 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1979 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1980 0 \
1981 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1982 -c "client hello, adding psk_key_exchange_modes extension" \
1983 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1984 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1985 -c "HTTP/1.0 200 OK"
1986
1987requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1988requires_config_enabled MBEDTLS_SSL_SRV_C
1989requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1991run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1992 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1993 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1994 1 \
1995 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1996 -c "client hello, adding psk_key_exchange_modes extension" \
1997 -c "client hello, adding PSK binder list" \
1998 -s "No matched PSK or ticket" \
1999 -s "ClientHello message misses mandatory extensions."
2000
2001requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2002requires_config_enabled MBEDTLS_SSL_SRV_C
2003requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2004requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2005run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2006 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2007 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2008 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2009 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2010 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2011 -c "client hello, adding PSK binder list" \
2012 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2013
2014requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2015requires_config_enabled MBEDTLS_SSL_SRV_C
2016requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2017requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2018requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2019requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2020run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2021 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2022 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2023 1 \
2024 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2025 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2026 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2027
2028requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2029requires_config_enabled MBEDTLS_SSL_SRV_C
2030requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2031requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2032requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2033run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2034 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2035 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2036 0 \
2037 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2038 -c "client hello, adding psk_key_exchange_modes extension" \
2039 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2040 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2041 -c "HTTP/1.0 200 OK"
2042
2043requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2044requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2045requires_config_enabled MBEDTLS_SSL_SRV_C
2046requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2047requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2048requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2049run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2050 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2051 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2052 1 \
2053 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2054 -c "client hello, adding psk_key_exchange_modes extension" \
2055 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2056 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2057
2058requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2059requires_config_enabled MBEDTLS_SSL_SRV_C
2060requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2061requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2062requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2063run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2064 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2065 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2066 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2067 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2068 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2069 -c "client hello, adding PSK binder list" \
2070 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2071
2072requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2073requires_config_enabled MBEDTLS_SSL_SRV_C
2074requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2075requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2077run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2078 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2079 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2080 0 \
2081 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2082 -c "client hello, adding psk_key_exchange_modes extension" \
2083 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2084 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2085 -c "HTTP/1.0 200 OK"
2086
2087requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2088requires_config_enabled MBEDTLS_SSL_SRV_C
2089requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2090requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2092run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2093 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2094 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2095 1 \
2096 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2097 -c "client hello, adding psk_key_exchange_modes extension" \
2098 -c "client hello, adding PSK binder list" \
2099 -s "No matched PSK or ticket" \
2100 -s "ClientHello message misses mandatory extensions."
2101
2102requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2103requires_config_enabled MBEDTLS_SSL_SRV_C
2104requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2105requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2107run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2108 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2109 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2110 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2111 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2112 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2113 -c "client hello, adding PSK binder list" \
2114 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2115
2116requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2117requires_config_enabled MBEDTLS_SSL_SRV_C
2118requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2119requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2120requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2121requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2122run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2123 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2124 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2125 0 \
2126 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2127 -c "client hello, adding psk_key_exchange_modes extension" \
2128 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2129 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2130 -c "HTTP/1.0 200 OK"
2131
2132requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2133requires_config_enabled MBEDTLS_SSL_SRV_C
2134requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2135requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2137requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2138run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2139 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2140 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2141 1 \
2142 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2143 -c "client hello, adding psk_key_exchange_modes extension" \
2144 -c "client hello, adding PSK binder list" \
2145 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2146
2147requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2148requires_config_enabled MBEDTLS_SSL_SRV_C
2149requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2150requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2151requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2152requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2153run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2154 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2155 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2156 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2157 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2158 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2159 -c "client hello, adding PSK binder list" \
2160 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2161
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2162# ephemeral mode in client
2163requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2164requires_config_enabled MBEDTLS_SSL_SRV_C
2165requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2167requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2168run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2169 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2170 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2171 1 \
2172 -s "ClientHello message misses mandatory extensions."
2173
2174requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2175requires_config_enabled MBEDTLS_SSL_SRV_C
2176requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2178requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2179run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2180 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2181 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2182 1 \
2183 -s "ClientHello message misses mandatory extensions."
2184
2185requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2186requires_config_enabled MBEDTLS_SSL_SRV_C
2187requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2188requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2189run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2190 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2191 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2192 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2193 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2194 -c "HTTP/1.0 200 OK"
2195
2196requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2197requires_config_enabled MBEDTLS_SSL_SRV_C
2198requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2199requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2200requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2201run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2202 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2203 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2204 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2205 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2206 -c "HTTP/1.0 200 OK"
2207
2208requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2209requires_config_enabled MBEDTLS_SSL_SRV_C
2210requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2211requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2212requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2213requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2214run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2215 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2216 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2217 1 \
2218 -s "ClientHello message misses mandatory extensions."
2219
2220requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2221requires_config_enabled MBEDTLS_SSL_SRV_C
2222requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2225requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2226run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2227 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2228 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2229 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2230 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2231 -c "HTTP/1.0 200 OK"
2232
2233# ephemeral_all mode in client
2234requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2235requires_config_enabled MBEDTLS_SSL_SRV_C
2236requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2238requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2239requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2240run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2241 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2242 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2243 1 \
2244 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2245 -c "client hello, adding psk_key_exchange_modes extension" \
2246 -c "client hello, adding PSK binder list" \
2247 -s "ClientHello message misses mandatory extensions."
2248
2249requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2250requires_config_enabled MBEDTLS_SSL_SRV_C
2251requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2254run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2255 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2256 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2257 0 \
2258 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2259 -c "client hello, adding psk_key_exchange_modes extension" \
2260 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2261 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2262 -c "HTTP/1.0 200 OK"
2263
2264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2265requires_config_enabled MBEDTLS_SSL_SRV_C
2266requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2267requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2269run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2270 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2271 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2272 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2273 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2274 -c "client hello, adding psk_key_exchange_modes extension" \
2275 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2276 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2277
2278requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2279requires_config_enabled MBEDTLS_SSL_SRV_C
2280requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2281requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2282requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2283run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2284 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2285 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2286 1 \
2287 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2288 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2289 -c "client hello, adding PSK binder list" \
2290 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2291
2292requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2293requires_config_enabled MBEDTLS_SSL_SRV_C
2294requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2295requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2296requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2297run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2298 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2299 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2300 0 \
2301 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2302 -c "client hello, adding psk_key_exchange_modes extension" \
2303 -c "client hello, adding PSK binder list" \
2304 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2305 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2306 -c "HTTP/1.0 200 OK"
2307
2308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2309requires_config_enabled MBEDTLS_SSL_SRV_C
2310requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2313run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2314 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2315 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2316 0 \
2317 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2318 -c "client hello, adding psk_key_exchange_modes extension" \
2319 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2320 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2321 -c "HTTP/1.0 200 OK"
2322
2323requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2324requires_config_enabled MBEDTLS_SSL_SRV_C
2325requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2326requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2328run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2329 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2330 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2331 0 \
2332 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2333 -c "client hello, adding psk_key_exchange_modes extension" \
2334 -c "client hello, adding PSK binder list" \
2335 -s "No matched PSK or ticket" \
2336 -s "key exchange mode: ephemeral"
2337
2338requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2339requires_config_enabled MBEDTLS_SSL_SRV_C
2340requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2343run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2344 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2345 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2346 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2347 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2348 -c "client hello, adding psk_key_exchange_modes extension" \
2349 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2350 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2351
2352requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2353requires_config_enabled MBEDTLS_SSL_SRV_C
2354requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2355requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2357requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2358run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2359 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2360 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2361 0 \
2362 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2363 -c "client hello, adding psk_key_exchange_modes extension" \
2364 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2365 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2366 -c "HTTP/1.0 200 OK"
2367
2368requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2369requires_config_enabled MBEDTLS_SSL_SRV_C
2370requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2372requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2373requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2374run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2375 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2376 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2377 1 \
2378 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2379 -c "client hello, adding psk_key_exchange_modes extension" \
2380 -c "client hello, adding PSK binder list" \
2381 -s "No matched PSK or ticket" \
2382 -s "ClientHello message misses mandatory extensions."
2383
2384requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2385requires_config_enabled MBEDTLS_SSL_SRV_C
2386requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2390run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2391 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2392 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2393 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2394 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2395 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2396 -c "client hello, adding PSK binder list" \
2397 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2398
2399requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2400requires_config_enabled MBEDTLS_SSL_SRV_C
2401requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2402requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2403requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2404requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2405run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2406 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2407 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2408 0 \
2409 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2410 -c "client hello, adding psk_key_exchange_modes extension" \
2411 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2412 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2413 -c "HTTP/1.0 200 OK"
2414
2415requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2416requires_config_enabled MBEDTLS_SSL_SRV_C
2417requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2419requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2420requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2421run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2422 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2423 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2424 0 \
2425 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2426 -c "client hello, adding psk_key_exchange_modes extension" \
2427 -c "client hello, adding PSK binder list" \
2428 -s "No matched PSK or ticket" \
2429 -s "key exchange mode: ephemeral"
2430
2431requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2432requires_config_enabled MBEDTLS_SSL_SRV_C
2433requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2434requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2435requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2436requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2437run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2438 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2439 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2440 1 \
2441 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2442 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2443 -c "client hello, adding PSK binder list" \
2444 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2445
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2446# psk_all mode in client
2447requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2448requires_config_enabled MBEDTLS_SSL_SRV_C
2449requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2450requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2451requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2452run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2453 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2454 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2455 0 \
2456 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2457 -c "client hello, adding psk_key_exchange_modes extension" \
2458 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2459 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2460 -c "HTTP/1.0 200 OK"
2461
2462requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2463requires_config_enabled MBEDTLS_SSL_SRV_C
2464requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2466requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2467run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2469 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2470 1 \
2471 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2472 -c "client hello, adding psk_key_exchange_modes extension" \
2473 -c "client hello, adding PSK binder list" \
2474 -s "ClientHello message misses mandatory extensions."
2475
2476requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2477requires_config_enabled MBEDTLS_SSL_SRV_C
2478requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2479requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2480requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2481run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2482 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2483 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2484 1 \
2485 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2486 -c "client hello, adding psk_key_exchange_modes extension" \
2487 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2488 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489
2490requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2491requires_config_enabled MBEDTLS_SSL_SRV_C
2492requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2493requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2495run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2496 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2497 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2498 0 \
2499 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2500 -c "client hello, adding psk_key_exchange_modes extension" \
2501 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2502 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503 -c "HTTP/1.0 200 OK"
2504
2505requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2506requires_config_enabled MBEDTLS_SSL_SRV_C
2507requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2508requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2509requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2510run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2511 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2512 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2513 1 \
2514 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2515 -c "client hello, adding psk_key_exchange_modes extension" \
2516 -c "client hello, adding PSK binder list" \
2517 -s "No matched PSK or ticket" \
2518 -s "ClientHello message misses mandatory extensions."
2519
2520requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2521requires_config_enabled MBEDTLS_SSL_SRV_C
2522requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2524requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2525run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2526 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2527 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2528 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2529 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2530 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2531 -c "client hello, adding PSK binder list" \
2532 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2533
2534requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2535requires_config_enabled MBEDTLS_SSL_SRV_C
2536requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2537requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2539requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2540run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2541 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2542 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2543 1 \
2544 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2545 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2546 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2547
2548requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2549requires_config_enabled MBEDTLS_SSL_SRV_C
2550requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2551requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2552requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2554run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2555 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2556 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2557 0 \
2558 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2559 -c "client hello, adding psk_key_exchange_modes extension" \
2560 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2561 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2562 -c "HTTP/1.0 200 OK"
2563
2564requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2565requires_config_enabled MBEDTLS_SSL_SRV_C
2566requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2567requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2568requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2569requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2570run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2571 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2572 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2573 1 \
2574 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2575 -c "client hello, adding psk_key_exchange_modes extension" \
2576 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2577 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2578
2579requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2580requires_config_enabled MBEDTLS_SSL_SRV_C
2581requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2582requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2585run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2586 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2587 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2588 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2589 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2590 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2591 -c "client hello, adding PSK binder list" \
2592 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2593
2594requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2595requires_config_enabled MBEDTLS_SSL_SRV_C
2596requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2597requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2598requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2599run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2600 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2601 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2602 0 \
2603 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2604 -c "client hello, adding psk_key_exchange_modes extension" \
2605 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2606 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2607 -c "HTTP/1.0 200 OK"
2608
2609requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2610requires_config_enabled MBEDTLS_SSL_SRV_C
2611requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2612requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2613requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2614run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2615 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2616 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2617 1 \
2618 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2619 -c "client hello, adding psk_key_exchange_modes extension" \
2620 -c "client hello, adding PSK binder list" \
2621 -s "No matched PSK or ticket" \
2622 -s "ClientHello message misses mandatory extensions."
2623
2624requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2625requires_config_enabled MBEDTLS_SSL_SRV_C
2626requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2627requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2628requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2629run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2630 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2631 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2632 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2633 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2634 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2635 -c "client hello, adding PSK binder list" \
2636 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2637
2638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2639requires_config_enabled MBEDTLS_SSL_SRV_C
2640requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2641requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2642requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2644run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2645 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2646 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2647 0 \
2648 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2649 -c "client hello, adding psk_key_exchange_modes extension" \
2650 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2651 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2652 -c "HTTP/1.0 200 OK"
2653
2654requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2655requires_config_enabled MBEDTLS_SSL_SRV_C
2656requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2658requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2659requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2660run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2661 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2662 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2663 1 \
2664 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2665 -c "client hello, adding psk_key_exchange_modes extension" \
2666 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2667 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2668
2669requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2670requires_config_enabled MBEDTLS_SSL_SRV_C
2671requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2672requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2673requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2674requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2675run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2676 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2677 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2678 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2679 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2680 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2681 -c "client hello, adding PSK binder list" \
2682 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2683
2684# all mode in client
2685requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2686requires_config_enabled MBEDTLS_SSL_SRV_C
2687requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2689requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2690requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2691run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2692 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2693 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2694 0 \
2695 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2696 -c "client hello, adding psk_key_exchange_modes extension" \
2697 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2698 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2699 -c "HTTP/1.0 200 OK"
2700
2701requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2702requires_config_enabled MBEDTLS_SSL_SRV_C
2703requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2707run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2708 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2709 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2710 1 \
2711 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2712 -c "client hello, adding psk_key_exchange_modes extension" \
2713 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2714 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2715 -s "ClientHello message misses mandatory extensions."
2716
2717requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2718requires_config_enabled MBEDTLS_SSL_SRV_C
2719requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2720requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2721requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2722requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2723run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2724 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2725 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2726 1 \
2727 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2728 -c "client hello, adding psk_key_exchange_modes extension" \
2729 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2730 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2731
2732requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2733requires_config_enabled MBEDTLS_SSL_SRV_C
2734requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2735requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2737requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2738run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2739 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2740 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2741 0 \
2742 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2743 -c "client hello, adding psk_key_exchange_modes extension" \
2744 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2745 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2746 -c "HTTP/1.0 200 OK"
2747
2748requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2749requires_config_enabled MBEDTLS_SSL_SRV_C
2750requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2751requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2752requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2753requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2754run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2755 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2756 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2757 1 \
2758 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2759 -c "client hello, adding psk_key_exchange_modes extension" \
2760 -c "client hello, adding PSK binder list" \
2761 -s "No matched PSK or ticket" \
2762 -s "ClientHello message misses mandatory extensions."
2763
2764requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2765requires_config_enabled MBEDTLS_SSL_SRV_C
2766requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2767requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2768requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2769requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2770run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2771 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2772 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2773 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2774 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2775 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2776 -c "client hello, adding PSK binder list" \
2777 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2778
2779requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2780requires_config_enabled MBEDTLS_SSL_SRV_C
2781requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2782requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2783requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2785run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2786 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2787 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2788 0 \
2789 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2790 -c "client hello, adding psk_key_exchange_modes extension" \
2791 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2792 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2793 -c "HTTP/1.0 200 OK"
2794
2795requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2796requires_config_enabled MBEDTLS_SSL_SRV_C
2797requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2798requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2799requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2800requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2801run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2802 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2803 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2804 0 \
2805 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2806 -c "client hello, adding psk_key_exchange_modes extension" \
2807 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2808 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2809 -c "HTTP/1.0 200 OK"
2810
2811requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2812requires_config_enabled MBEDTLS_SSL_SRV_C
2813requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2814requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2815requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2817run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2818 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2819 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2820 0 \
2821 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2822 -c "client hello, adding psk_key_exchange_modes extension" \
2823 -c "client hello, adding PSK binder list" \
2824 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2825 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2826 -c "HTTP/1.0 200 OK"
2827
2828requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2829requires_config_enabled MBEDTLS_SSL_SRV_C
2830requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2831requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2832requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2833requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2834run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2835 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2836 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2837 1 \
2838 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2839 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2840 -c "client hello, adding PSK binder list" \
2841 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2842
2843requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2844requires_config_enabled MBEDTLS_SSL_SRV_C
2845requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2846requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2847requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2848requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2849run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2850 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2851 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2852 0 \
2853 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2854 -c "client hello, adding psk_key_exchange_modes extension" \
2855 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2856 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2857 -c "HTTP/1.0 200 OK"
2858
2859requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2860requires_config_enabled MBEDTLS_SSL_SRV_C
2861requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2862requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2863requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2864requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2865run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2866 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2867 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2868 1 \
2869 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2870 -c "client hello, adding psk_key_exchange_modes extension" \
2871 -c "client hello, adding PSK binder list" \
2872 -s "No matched PSK or ticket" \
2873 -s "ClientHello message misses mandatory extensions."
2874
2875requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2876requires_config_enabled MBEDTLS_SSL_SRV_C
2877requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2878requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2879requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2880requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2881run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2882 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2883 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2884 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2885 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2886 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2887 -c "client hello, adding PSK binder list" \
2888 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2889
2890requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2891requires_config_enabled MBEDTLS_SSL_SRV_C
2892requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2893requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2894requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2895requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2896run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2897 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2898 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2899 0 \
2900 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2901 -c "client hello, adding psk_key_exchange_modes extension" \
2902 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2903 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2904 -c "HTTP/1.0 200 OK"
2905
2906requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2907requires_config_enabled MBEDTLS_SSL_SRV_C
2908requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2910requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2911requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2912run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2913 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2914 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2915 0 \
2916 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2917 -c "client hello, adding psk_key_exchange_modes extension" \
2918 -c "client hello, adding PSK binder list" \
2919 -s "No matched PSK or ticket" \
2920 -s "key exchange mode: ephemeral"
2921
2922requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2923requires_config_enabled MBEDTLS_SSL_SRV_C
2924requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2926requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2927requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2928run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2929 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2930 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2931 1 \
2932 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2933 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2934 -c "client hello, adding PSK binder list" \
2935 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2936
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2937#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2938requires_openssl_tls1_3
2939requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2940requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2941requires_config_enabled MBEDTLS_DEBUG_C
2942requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2943requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2944run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2945 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2946 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2947 0 \
2948 -c "=> write client hello" \
2949 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2950 -c "client hello, adding psk_key_exchange_modes extension" \
2951 -c "client hello, adding PSK binder list" \
2952 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2953 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2954 -c "HTTP/1.0 200 ok"
2955
2956requires_openssl_tls1_3
2957requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2958requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2959requires_config_enabled MBEDTLS_DEBUG_C
2960requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2961requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2962run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2963 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2964 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2965 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2966 -c "=> write client hello" \
2967 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2968 -c "client hello, adding psk_key_exchange_modes extension" \
2969 -c "client hello, adding PSK binder list" \
2970 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2971 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2972
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2973#OPENSSL-SERVER psk_all mode
2974requires_openssl_tls1_3
2975requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2976requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2977requires_config_enabled MBEDTLS_DEBUG_C
2978requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2979requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2980requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2981run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2982 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2983 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2984 0 \
2985 -c "=> write client hello" \
2986 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2987 -c "client hello, adding psk_key_exchange_modes extension" \
2988 -c "client hello, adding PSK binder list" \
2989 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2990 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2991 -c "HTTP/1.0 200 ok"
2992
2993requires_openssl_tls1_3
2994requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2995requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2996requires_config_enabled MBEDTLS_DEBUG_C
2997requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2998requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2999requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3000run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]3001 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]3002 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]3003 0 \
3004 -c "=> write client hello" \
3005 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3006 -c "client hello, adding psk_key_exchange_modes extension" \
3007 -c "client hello, adding PSK binder list" \
3008 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3009 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]3010 -c "HTTP/1.0 200 ok"
3011
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3012#OPENSSL-SERVER psk_ephemeral mode
3013requires_openssl_tls1_3
3014requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3015requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3016requires_config_enabled MBEDTLS_DEBUG_C
3017requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3018requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3019run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3020 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3021 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3022 0 \
3023 -c "=> write client hello" \
3024 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3025 -c "client hello, adding psk_key_exchange_modes extension" \
3026 -c "client hello, adding PSK binder list" \
3027 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3028 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3029 -c "HTTP/1.0 200 ok"
3030
3031requires_openssl_tls1_3
3032requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3033requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3034requires_config_enabled MBEDTLS_DEBUG_C
3035requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3036requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3037run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3038 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]3039 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3040 0 \
3041 -c "=> write client hello" \
3042 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3043 -c "client hello, adding psk_key_exchange_modes extension" \
3044 -c "client hello, adding PSK binder list" \
3045 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3046 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]3047 -c "HTTP/1.0 200 ok"
3048
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3049#OPENSSL-SERVER ephemeral mode
3050requires_openssl_tls1_3
3051requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3052requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3053requires_config_enabled MBEDTLS_DEBUG_C
3054requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3055requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3056run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3057 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3058 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3059 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3060 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3061 -c "HTTP/1.0 200 ok"
3062
3063requires_openssl_tls1_3
3064requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3065requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3066requires_config_enabled MBEDTLS_DEBUG_C
3067requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3068requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3069run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3070 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3071 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3072 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3073 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3074 -c "HTTP/1.0 200 ok"
3075
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3076#OPENSSL-SERVER ephemeral_all mode
3077requires_openssl_tls1_3
3078requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3079requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3080requires_config_enabled MBEDTLS_DEBUG_C
3081requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3082requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3083requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3084run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3085 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3086 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3087 0 \
3088 -c "=> write client hello" \
3089 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3090 -c "client hello, adding psk_key_exchange_modes extension" \
3091 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3092 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3093 -c "<= write client hello" \
3094 -c "HTTP/1.0 200 ok"
3095
3096requires_openssl_tls1_3
3097requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3098requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3099requires_config_enabled MBEDTLS_DEBUG_C
3100requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3102requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3103run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3104 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3105 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3106 0 \
3107 -c "=> write client hello" \
3108 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3109 -c "client hello, adding psk_key_exchange_modes extension" \
3110 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3111 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3112 -c "<= write client hello" \
3113 -c "HTTP/1.0 200 ok"
3114
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3115#OPENSSL-SERVER all mode
3116requires_openssl_tls1_3
3117requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3118requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3119requires_config_enabled MBEDTLS_DEBUG_C
3120requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3121requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3122requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3123requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3124run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3125 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3126 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3127 0 \
3128 -c "=> write client hello" \
3129 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3130 -c "client hello, adding psk_key_exchange_modes extension" \
3131 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3132 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3133 -c "<= write client hello" \
3134 -c "HTTP/1.0 200 ok"
3135
3136requires_openssl_tls1_3
3137requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3138requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3139requires_config_enabled MBEDTLS_DEBUG_C
3140requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3141requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3142requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3144run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3145 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3146 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
3147 0 \
3148 -c "=> write client hello" \
3149 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3150 -c "client hello, adding psk_key_exchange_modes extension" \
3151 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3152 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3153 -c "<= write client hello" \
3154 -c "HTTP/1.0 200 ok"
3155
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3156#GNUTLS-SERVER psk mode
3157requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3158requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3159requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3160requires_config_enabled MBEDTLS_DEBUG_C
3161requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3162requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3163run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3164 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3165 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3166 0 \
3167 -c "=> write client hello" \
3168 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3169 -c "client hello, adding psk_key_exchange_modes extension" \
3170 -c "client hello, adding PSK binder list" \
3171 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3172 -s "Parsing extension 'Pre Shared Key/41'" \
3173 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3174 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3175 -c "HTTP/1.0 200 OK"
3176
3177requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3178requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3179requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3180requires_config_enabled MBEDTLS_DEBUG_C
3181requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3182requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3183run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3184 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3185 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3186 1 \
3187 -c "=> write client hello" \
3188 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3189 -c "client hello, adding psk_key_exchange_modes extension" \
3190 -c "client hello, adding PSK binder list" \
3191 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3192 -s "Parsing extension 'Pre Shared Key/41'" \
3193 -c "<= write client hello" \
3194 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3195
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3196#GNUTLS-SERVER psk_all mode
3197requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3198requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3199requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3200requires_config_enabled MBEDTLS_DEBUG_C
3201requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3202requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3203requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3204run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3205 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3206 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3207 0 \
3208 -c "=> write client hello" \
3209 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3210 -c "client hello, adding psk_key_exchange_modes extension" \
3211 -c "client hello, adding PSK binder list" \
3212 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3213 -s "Parsing extension 'Pre Shared Key/41'" \
3214 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3215 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3216 -c "HTTP/1.0 200 OK"
3217
3218requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3219requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3220requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3221requires_config_enabled MBEDTLS_DEBUG_C
3222requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3225run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3226 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3227 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3228 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3229 -c "=> write client hello" \
3230 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3231 -c "client hello, adding psk_key_exchange_modes extension" \
3232 -c "client hello, adding PSK binder list" \
3233 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3234 -s "Parsing extension 'Pre Shared Key/41'" \
3235 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3236 -c "Selected key exchange mode: psk_ephemeral" \
3237 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3238
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3239#GNUTLS-SERVER psk_ephemeral mode
3240requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3241requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3242requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3243requires_config_enabled MBEDTLS_DEBUG_C
3244requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3245requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3246run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3247 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3248 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3249 0 \
3250 -c "=> write client hello" \
3251 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3252 -c "client hello, adding psk_key_exchange_modes extension" \
3253 -c "client hello, adding PSK binder list" \
3254 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3255 -s "Parsing extension 'Pre Shared Key/41'" \
3256 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3257 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3258 -c "HTTP/1.0 200 OK"
3259
3260requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3261requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3262requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3263requires_config_enabled MBEDTLS_DEBUG_C
3264requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3265requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3266run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3267 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3268 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3269 0 \
3270 -c "=> write client hello" \
3271 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3272 -c "client hello, adding psk_key_exchange_modes extension" \
3273 -c "client hello, adding PSK binder list" \
3274 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3275 -s "Parsing extension 'Pre Shared Key/41'" \
3276 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3277 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3278 -c "HTTP/1.0 200 OK"
3279
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3280#GNUTLS-SERVER ephemeral mode
3281requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3282requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3283requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3284requires_config_enabled MBEDTLS_DEBUG_C
3285requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3286requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3287run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3288 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3289 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3290 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3291 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3292 -c "HTTP/1.0 200 OK"
3293
3294requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3295requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3296requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3297requires_config_enabled MBEDTLS_DEBUG_C
3298requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3299requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3300run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3301 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3302 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3303 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3304 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3305 -c "HTTP/1.0 200 OK"
3306
3307#GNUTLS-SERVER ephemeral_all mode
3308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3309requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3310requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3311requires_config_enabled MBEDTLS_DEBUG_C
3312requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3314requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3315run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3316 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3317 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3318 0 \
3319 -c "=> write client hello" \
3320 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3321 -c "client hello, adding psk_key_exchange_modes extension" \
3322 -c "client hello, adding PSK binder list" \
3323 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3324 -s "Parsing extension 'Pre Shared Key/41'" \
3325 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3326 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3327 -c "HTTP/1.0 200 OK"
3328
3329requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3330requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3331requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3332requires_config_enabled MBEDTLS_DEBUG_C
3333requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3334requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3335requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3336run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3337 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3338 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3339 0 \
3340 -c "=> write client hello" \
3341 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3342 -c "client hello, adding psk_key_exchange_modes extension" \
3343 -c "client hello, adding PSK binder list" \
3344 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3345 -s "Parsing extension 'Pre Shared Key/41'" \
3346 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3347 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3348 -c "HTTP/1.0 200 OK"
3349
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3350#GNUTLS-SERVER all mode
3351requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3352requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3353requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3354requires_config_enabled MBEDTLS_DEBUG_C
3355requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3357requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3358requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3359run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3360 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3361 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3362 0 \
3363 -c "=> write client hello" \
3364 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3365 -c "client hello, adding psk_key_exchange_modes extension" \
3366 -c "client hello, adding PSK binder list" \
3367 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3368 -s "Parsing extension 'Pre Shared Key/41'" \
3369 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3370 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3371 -c "HTTP/1.0 200 OK"
3372
3373requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3374requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3375requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3376requires_config_enabled MBEDTLS_DEBUG_C
3377requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3378requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3381run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3382 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3383 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3384 0 \
3385 -c "=> write client hello" \
3386 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3387 -c "client hello, adding psk_key_exchange_modes extension" \
3388 -c "client hello, adding PSK binder list" \
3389 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3390 -s "Parsing extension 'Pre Shared Key/41'" \
3391 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame^]3392 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3393 -c "HTTP/1.0 200 OK"