TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 26fc0390c939f4dee0901d3133240e4425dd45c5 / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 782bda22837fb5cabb125eeba41d9394d24a42ca [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]6# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]7#
8
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]9# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]10# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]11
12requires_gnutls_tls1_3
13requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]14requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]15run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]16 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]17 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
18 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
19 localhost" \
20 0 \
21 -s "found psk key exchange modes extension" \
22 -s "found pre_shared_key extension" \
23 -s "Found PSK_EPHEMERAL KEX MODE" \
24 -s "Found PSK KEX MODE" \
25 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]26 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]27 -s "key exchange mode: psk$" \
28 -S "key exchange mode: psk_ephemeral" \
29 -S "key exchange mode: ephemeral"
30
31requires_gnutls_tls1_3
32requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]33requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]34run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]35 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]36 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
37 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
38 localhost" \
39 1 \
40 -s "found psk key exchange modes extension" \
41 -s "found pre_shared_key extension" \
42 -s "Found PSK_EPHEMERAL KEX MODE" \
43 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]44 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]45 -S "key exchange mode: psk$" \
46 -S "key exchange mode: psk_ephemeral" \
47 -S "key exchange mode: ephemeral"
48
49requires_gnutls_tls1_3
50requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]51requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]52run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]53 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]54 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
55 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
56 localhost" \
57 1 \
58 -s "found psk key exchange modes extension" \
59 -s "found pre_shared_key extension" \
60 -s "Found PSK_EPHEMERAL KEX MODE" \
61 -s "Found PSK KEX MODE" \
62 -s "Invalid binder." \
63 -S "key exchange mode: psk$" \
64 -S "key exchange mode: psk_ephemeral" \
65 -S "key exchange mode: ephemeral"
66
67requires_gnutls_tls1_3
68requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]69requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]70run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]71 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]72 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
73 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
74 localhost" \
75 0 \
76 -s "found psk key exchange modes extension" \
77 -s "found pre_shared_key extension" \
78 -S "Found PSK_EPHEMERAL KEX MODE" \
79 -s "Found PSK KEX MODE" \
80 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]81 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]82 -s "key exchange mode: psk$" \
83 -S "key exchange mode: psk_ephemeral" \
84 -S "key exchange mode: ephemeral"
85
86requires_gnutls_tls1_3
87requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]88requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]89run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]90 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]91 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
92 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
93 localhost" \
94 1 \
95 -s "found psk key exchange modes extension" \
96 -s "found pre_shared_key extension" \
97 -S "Found PSK_EPHEMERAL KEX MODE" \
98 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]99 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]100 -S "key exchange mode: psk$" \
101 -S "key exchange mode: psk_ephemeral" \
102 -S "key exchange mode: ephemeral"
103
104requires_gnutls_tls1_3
105requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]107run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]108 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]109 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
110 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
111 localhost" \
112 1 \
113 -s "found psk key exchange modes extension" \
114 -s "found pre_shared_key extension" \
115 -S "Found PSK_EPHEMERAL KEX MODE" \
116 -s "Found PSK KEX MODE" \
117 -s "Invalid binder." \
118 -S "key exchange mode: psk$" \
119 -S "key exchange mode: psk_ephemeral" \
120 -S "key exchange mode: ephemeral"
121
122requires_gnutls_tls1_3
123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]125run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]126 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]127 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
128 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
129 localhost" \
130 0 \
131 -s "found psk key exchange modes extension" \
132 -s "found pre_shared_key extension" \
133 -s "Found PSK_EPHEMERAL KEX MODE" \
134 -S "Found PSK KEX MODE" \
135 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]136 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]137 -S "key exchange mode: psk$" \
138 -s "key exchange mode: psk_ephemeral" \
139 -S "key exchange mode: ephemeral"
140
141requires_gnutls_tls1_3
142requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]144run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]145 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]146 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
147 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
148 localhost" \
149 1 \
150 -s "found psk key exchange modes extension" \
151 -s "found pre_shared_key extension" \
152 -s "Found PSK_EPHEMERAL KEX MODE" \
153 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]154 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]155 -S "key exchange mode: psk$" \
156 -S "key exchange mode: psk_ephemeral" \
157 -S "key exchange mode: ephemeral"
158
159requires_gnutls_tls1_3
160requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]162run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]163 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]164 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
165 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
166 localhost" \
167 1 \
168 -s "found psk key exchange modes extension" \
169 -s "found pre_shared_key extension" \
170 -s "Found PSK_EPHEMERAL KEX MODE" \
171 -S "Found PSK KEX MODE" \
172 -s "Invalid binder." \
173 -S "key exchange mode: psk$" \
174 -S "key exchange mode: psk_ephemeral" \
175 -S "key exchange mode: ephemeral"
176
177requires_gnutls_tls1_3
178requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]180run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]181 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]182 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
183 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
184 localhost" \
185 0 \
186 -s "found psk key exchange modes extension" \
187 -s "found pre_shared_key extension" \
188 -s "Found PSK_EPHEMERAL KEX MODE" \
189 -s "Found PSK KEX MODE" \
190 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]191 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]192 -S "key exchange mode: psk$" \
193 -s "key exchange mode: psk_ephemeral" \
194 -S "key exchange mode: ephemeral"
195
196requires_gnutls_tls1_3
197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]199run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]200 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]201 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
202 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
203 localhost" \
204 1 \
205 -s "found psk key exchange modes extension" \
206 -s "found pre_shared_key extension" \
207 -s "Found PSK_EPHEMERAL KEX MODE" \
208 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]209 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]210 -S "key exchange mode: psk$" \
211 -S "key exchange mode: psk_ephemeral" \
212 -S "key exchange mode: ephemeral"
213
214requires_gnutls_tls1_3
215requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]217run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]218 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]219 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
220 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
221 localhost" \
222 1 \
223 -s "found psk key exchange modes extension" \
224 -s "found pre_shared_key extension" \
225 -s "Found PSK_EPHEMERAL KEX MODE" \
226 -s "Found PSK KEX MODE" \
227 -s "Invalid binder." \
228 -S "key exchange mode: psk$" \
229 -S "key exchange mode: psk_ephemeral" \
230 -S "key exchange mode: ephemeral"
231
232requires_gnutls_tls1_3
233requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]234requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]235run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]236 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]237 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
238 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
239 localhost" \
240 1 \
241 -s "found psk key exchange modes extension" \
242 -s "found pre_shared_key extension" \
243 -S "Found PSK_EPHEMERAL KEX MODE" \
244 -s "Found PSK KEX MODE" \
245 -S "key exchange mode: psk$" \
246 -S "key exchange mode: psk_ephemeral" \
247 -S "key exchange mode: ephemeral"
248
249requires_gnutls_tls1_3
250requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]251requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]253run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]254 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]255 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
256 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
257 localhost" \
258 0 \
259 -s "found psk key exchange modes extension" \
260 -s "found pre_shared_key extension" \
261 -s "Found PSK_EPHEMERAL KEX MODE" \
262 -S "Found PSK KEX MODE" \
263 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]264 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]265 -S "key exchange mode: psk$" \
266 -s "key exchange mode: psk_ephemeral" \
267 -S "key exchange mode: ephemeral"
268
269requires_gnutls_tls1_3
270requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]273run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]274 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]275 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
276 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
277 localhost" \
278 1 \
279 -s "found psk key exchange modes extension" \
280 -s "found pre_shared_key extension" \
281 -s "Found PSK_EPHEMERAL KEX MODE" \
282 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]283 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]284 -S "key exchange mode: psk$" \
285 -S "key exchange mode: psk_ephemeral" \
286 -S "key exchange mode: ephemeral"
287
288requires_gnutls_tls1_3
289requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]292run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]293 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]294 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
295 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
296 localhost" \
297 1 \
298 -s "found psk key exchange modes extension" \
299 -s "found pre_shared_key extension" \
300 -s "Found PSK_EPHEMERAL KEX MODE" \
301 -S "Found PSK KEX MODE" \
302 -s "Invalid binder." \
303 -S "key exchange mode: psk$" \
304 -S "key exchange mode: psk_ephemeral" \
305 -S "key exchange mode: ephemeral"
306
307requires_gnutls_tls1_3
308requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]311run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]312 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]313 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
314 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
315 localhost" \
316 0 \
317 -s "found psk key exchange modes extension" \
318 -s "found pre_shared_key extension" \
319 -s "Found PSK_EPHEMERAL KEX MODE" \
320 -s "Found PSK KEX MODE" \
321 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]322 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]323 -S "key exchange mode: psk$" \
324 -s "key exchange mode: psk_ephemeral" \
325 -S "key exchange mode: ephemeral"
326
327requires_gnutls_tls1_3
328requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]331run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]332 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]333 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
334 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
335 localhost" \
336 1 \
337 -s "found psk key exchange modes extension" \
338 -s "found pre_shared_key extension" \
339 -s "Found PSK_EPHEMERAL KEX MODE" \
340 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]341 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]342 -S "key exchange mode: psk$" \
343 -S "key exchange mode: psk_ephemeral" \
344 -S "key exchange mode: ephemeral"
345
346requires_gnutls_tls1_3
347requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]350run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]351 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]352 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
353 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
354 localhost" \
355 1 \
356 -s "found psk key exchange modes extension" \
357 -s "found pre_shared_key extension" \
358 -s "Found PSK_EPHEMERAL KEX MODE" \
359 -s "Found PSK KEX MODE" \
360 -s "Invalid binder." \
361 -S "key exchange mode: psk$" \
362 -S "key exchange mode: psk_ephemeral" \
363 -S "key exchange mode: ephemeral"
364
365requires_gnutls_tls1_3
366requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]367requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]369run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]370 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]371 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
372 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
373 localhost" \
374 0 \
375 -s "found psk key exchange modes extension" \
376 -s "found pre_shared_key extension" \
377 -S "Found PSK_EPHEMERAL KEX MODE" \
378 -s "Found PSK KEX MODE" \
379 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]380 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]381 -s "key exchange mode: psk$" \
382 -S "key exchange mode: psk_ephemeral" \
383 -S "key exchange mode: ephemeral"
384
385requires_gnutls_tls1_3
386requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]389run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]390 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]391 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
392 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
393 localhost" \
394 1 \
395 -s "found psk key exchange modes extension" \
396 -s "found pre_shared_key extension" \
397 -S "Found PSK_EPHEMERAL KEX MODE" \
398 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]399 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]400 -S "key exchange mode: psk$" \
401 -S "key exchange mode: psk_ephemeral" \
402 -S "key exchange mode: ephemeral"
403
404requires_gnutls_tls1_3
405requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]408run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]409 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]410 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
411 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
412 localhost" \
413 1 \
414 -s "found psk key exchange modes extension" \
415 -s "found pre_shared_key extension" \
416 -S "Found PSK_EPHEMERAL KEX MODE" \
417 -s "Found PSK KEX MODE" \
418 -s "Invalid binder." \
419 -S "key exchange mode: psk$" \
420 -S "key exchange mode: psk_ephemeral" \
421 -S "key exchange mode: ephemeral"
422
423requires_gnutls_tls1_3
424requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]427run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]428 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]429 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
430 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
431 localhost" \
432 0 \
433 -s "found psk key exchange modes extension" \
434 -s "found pre_shared_key extension" \
435 -s "Found PSK_EPHEMERAL KEX MODE" \
436 -S "Found PSK KEX MODE" \
437 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]438 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]439 -S "key exchange mode: psk$" \
440 -s "key exchange mode: psk_ephemeral" \
441 -S "key exchange mode: ephemeral"
442
443requires_gnutls_tls1_3
444requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]447run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]448 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]449 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
450 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
451 localhost" \
452 0 \
453 -s "found psk key exchange modes extension" \
454 -s "found pre_shared_key extension" \
455 -s "Found PSK_EPHEMERAL KEX MODE" \
456 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]457 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]458 -S "key exchange mode: psk$" \
459 -S "key exchange mode: psk_ephemeral" \
460 -s "key exchange mode: ephemeral"
461
462requires_gnutls_tls1_3
463requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]466run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]467 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]468 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
469 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
470 localhost" \
471 1 \
472 -s "found psk key exchange modes extension" \
473 -s "found pre_shared_key extension" \
474 -s "Found PSK_EPHEMERAL KEX MODE" \
475 -S "Found PSK KEX MODE" \
476 -s "Invalid binder." \
477 -S "key exchange mode: psk$" \
478 -S "key exchange mode: psk_ephemeral" \
479 -S "key exchange mode: ephemeral"
480
481requires_gnutls_tls1_3
482requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]483requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]485run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]486 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]487 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
488 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
489 localhost" \
490 0 \
491 -s "found psk key exchange modes extension" \
492 -s "found pre_shared_key extension" \
493 -s "Found PSK_EPHEMERAL KEX MODE" \
494 -s "Found PSK KEX MODE" \
495 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]496 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]497 -S "key exchange mode: psk$" \
498 -s "key exchange mode: psk_ephemeral" \
499 -S "key exchange mode: ephemeral"
500
501requires_gnutls_tls1_3
502requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]503requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
504requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]505run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]506 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]507 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
508 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
509 localhost" \
510 0 \
511 -s "found psk key exchange modes extension" \
512 -s "found pre_shared_key extension" \
513 -s "Found PSK_EPHEMERAL KEX MODE" \
514 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]515 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]516 -S "key exchange mode: psk$" \
517 -S "key exchange mode: psk_ephemeral" \
518 -s "key exchange mode: ephemeral"
519
520requires_gnutls_tls1_3
521requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]522requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]524run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]525 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]526 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
527 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
528 localhost" \
529 1 \
530 -s "found psk key exchange modes extension" \
531 -s "found pre_shared_key extension" \
532 -s "Found PSK_EPHEMERAL KEX MODE" \
533 -s "Found PSK KEX MODE" \
534 -s "Invalid binder." \
535 -S "key exchange mode: psk$" \
536 -S "key exchange mode: psk_ephemeral" \
537 -S "key exchange mode: ephemeral"
538
539requires_gnutls_tls1_3
540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]543run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]544 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]545 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
546 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
547 localhost" \
548 0 \
549 -s "found psk key exchange modes extension" \
550 -s "found pre_shared_key extension" \
551 -S "Found PSK_EPHEMERAL KEX MODE" \
552 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]553 -s "No suitable PSK key exchange mode" \
554 -S "Pre shared key found" \
555 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]556 -S "key exchange mode: psk$" \
557 -S "key exchange mode: psk_ephemeral" \
558 -s "key exchange mode: ephemeral"
559
560requires_gnutls_tls1_3
561requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
563requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
564requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]565run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]566 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]567 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
568 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
569 localhost" \
570 0 \
571 -s "found psk key exchange modes extension" \
572 -s "found pre_shared_key extension" \
573 -s "Found PSK_EPHEMERAL KEX MODE" \
574 -S "Found PSK KEX MODE" \
575 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]576 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]577 -S "key exchange mode: psk$" \
578 -s "key exchange mode: psk_ephemeral" \
579 -S "key exchange mode: ephemeral"
580
581requires_gnutls_tls1_3
582requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
585requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]586run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]587 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]588 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
589 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
590 localhost" \
591 0 \
592 -s "found psk key exchange modes extension" \
593 -s "found pre_shared_key extension" \
594 -s "Found PSK_EPHEMERAL KEX MODE" \
595 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]596 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]597 -S "key exchange mode: psk$" \
598 -S "key exchange mode: psk_ephemeral" \
599 -s "key exchange mode: ephemeral"
600
601requires_gnutls_tls1_3
602requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]606run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]607 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]608 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
609 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
610 localhost" \
611 1 \
612 -s "found psk key exchange modes extension" \
613 -s "found pre_shared_key extension" \
614 -s "Found PSK_EPHEMERAL KEX MODE" \
615 -S "Found PSK KEX MODE" \
616 -s "Invalid binder." \
617 -S "key exchange mode: psk$" \
618 -S "key exchange mode: psk_ephemeral" \
619 -S "key exchange mode: ephemeral"
620
621requires_gnutls_tls1_3
622requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
624requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
625requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]626run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]627 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]628 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
629 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
630 localhost" \
631 0 \
632 -s "found psk key exchange modes extension" \
633 -s "found pre_shared_key extension" \
634 -s "Found PSK_EPHEMERAL KEX MODE" \
635 -s "Found PSK KEX MODE" \
636 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]637 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]638 -S "key exchange mode: psk$" \
639 -s "key exchange mode: psk_ephemeral" \
640 -S "key exchange mode: ephemeral"
641
642requires_gnutls_tls1_3
643requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
646requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]647run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]648 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]649 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
650 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
651 localhost" \
652 0 \
653 -s "found psk key exchange modes extension" \
654 -s "found pre_shared_key extension" \
655 -s "Found PSK_EPHEMERAL KEX MODE" \
656 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]657 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]658 -S "key exchange mode: psk$" \
659 -S "key exchange mode: psk_ephemeral" \
660 -s "key exchange mode: ephemeral"
661
662requires_gnutls_tls1_3
663requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]667run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]668 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]669 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
670 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
671 localhost" \
672 1 \
673 -s "found psk key exchange modes extension" \
674 -s "found pre_shared_key extension" \
675 -s "Found PSK_EPHEMERAL KEX MODE" \
676 -s "Found PSK KEX MODE" \
677 -s "Invalid binder." \
678 -S "key exchange mode: psk$" \
679 -S "key exchange mode: psk_ephemeral" \
680 -S "key exchange mode: ephemeral"
681
682requires_gnutls_tls1_3
683requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
686requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]687run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]688 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]689 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
690 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
691 localhost" \
692 0 \
693 -s "found psk key exchange modes extension" \
694 -s "found pre_shared_key extension" \
695 -S "Found PSK_EPHEMERAL KEX MODE" \
696 -s "Found PSK KEX MODE" \
697 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]698 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]699 -S "key exchange mode: psk$" \
700 -S "key exchange mode: psk_ephemeral" \
701 -s "key exchange mode: ephemeral"
702
703requires_gnutls_tls1_3
704requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]708run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]709 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]710 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
711 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
712 localhost" \
713 1 \
714 -s "found psk key exchange modes extension" \
715 -s "found pre_shared_key extension" \
716 -S "Found PSK_EPHEMERAL KEX MODE" \
717 -s "Found PSK KEX MODE" \
718 -s "Invalid binder." \
719 -S "key exchange mode: psk$" \
720 -S "key exchange mode: psk_ephemeral" \
721 -S "key exchange mode: ephemeral"
722
723requires_gnutls_tls1_3
724requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]725requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
726requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]727run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]728 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]729 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
730 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
731 localhost" \
732 0 \
733 -s "found psk key exchange modes extension" \
734 -s "found pre_shared_key extension" \
735 -s "Found PSK_EPHEMERAL KEX MODE" \
736 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]737 -s "No suitable PSK key exchange mode" \
738 -S "Pre shared key found" \
739 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]740 -S "key exchange mode: psk$" \
741 -S "key exchange mode: psk_ephemeral" \
742 -s "key exchange mode: ephemeral"
743
744requires_gnutls_tls1_3
745requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]746requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
747requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]748run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]749 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]750 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
751 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
752 localhost" \
753 0 \
754 -s "found psk key exchange modes extension" \
755 -s "found pre_shared_key extension" \
756 -s "Found PSK_EPHEMERAL KEX MODE" \
757 -s "Found PSK KEX MODE" \
758 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]759 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]760 -S "key exchange mode: psk$" \
761 -S "key exchange mode: psk_ephemeral" \
762 -s "key exchange mode: ephemeral"
763
764requires_gnutls_tls1_3
765requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]766requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
767requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]768run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]769 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]770 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
771 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
772 localhost" \
773 1 \
774 -s "found psk key exchange modes extension" \
775 -s "found pre_shared_key extension" \
776 -s "Found PSK_EPHEMERAL KEX MODE" \
777 -s "Found PSK KEX MODE" \
778 -s "Invalid binder." \
779 -S "key exchange mode: psk$" \
780 -S "key exchange mode: psk_ephemeral" \
781 -S "key exchange mode: ephemeral"
782
783requires_gnutls_tls1_3
784requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]785requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
786requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]787run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]788 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]789 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
790 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
791 localhost" \
792 0 \
793 -s "found psk key exchange modes extension" \
794 -s "found pre_shared_key extension" \
795 -S "Found PSK_EPHEMERAL KEX MODE" \
796 -s "Found PSK KEX MODE" \
797 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]798 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]799 -S "key exchange mode: psk$" \
800 -S "key exchange mode: psk_ephemeral" \
801 -s "key exchange mode: ephemeral"
802
803requires_gnutls_tls1_3
804requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]807run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]808 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]809 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
810 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
811 localhost" \
812 1 \
813 -s "found psk key exchange modes extension" \
814 -s "found pre_shared_key extension" \
815 -S "Found PSK_EPHEMERAL KEX MODE" \
816 -s "Found PSK KEX MODE" \
817 -s "Invalid binder." \
818 -S "key exchange mode: psk$" \
819 -S "key exchange mode: psk_ephemeral" \
820 -S "key exchange mode: ephemeral"
821
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]822requires_gnutls_tls1_3
823requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]824requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]825requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]826run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]827 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]828 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
829 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
830 localhost" \
831 0 \
832 -s "write selected_group: secp256r1" \
833 -S "key exchange mode: psk$" \
834 -s "key exchange mode: psk_ephemeral" \
835 -S "key exchange mode: ephemeral"
836
837requires_gnutls_tls1_3
838requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]839requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]840requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]841run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]842 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]843 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
844 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
845 localhost" \
846 0 \
847 -s "write selected_group: secp384r1" \
848 -S "key exchange mode: psk$" \
849 -s "key exchange mode: psk_ephemeral" \
850 -S "key exchange mode: ephemeral"
851
852requires_gnutls_tls1_3
853requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]854requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]855requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]856run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]857 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]858 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
859 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
860 localhost" \
861 0 \
862 -s "write selected_group: secp521r1" \
863 -S "key exchange mode: psk$" \
864 -s "key exchange mode: psk_ephemeral" \
865 -S "key exchange mode: ephemeral"
866
867requires_gnutls_tls1_3
868requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]869requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]870requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]871run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]872 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]873 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
874 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
875 localhost" \
876 0 \
877 -s "write selected_group: x25519" \
878 -S "key exchange mode: psk$" \
879 -s "key exchange mode: psk_ephemeral" \
880 -S "key exchange mode: ephemeral"
881
882requires_gnutls_tls1_3
883requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]884requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]885requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]886run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]887 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]888 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
889 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
890 localhost" \
891 0 \
892 -s "write selected_group: x448" \
893 -S "key exchange mode: psk$" \
894 -s "key exchange mode: psk_ephemeral" \
895 -S "key exchange mode: ephemeral"
896
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]897requires_openssl_tls1_3
898requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]899requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]900run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]901 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]902 "$O_NEXT_CLI -tls1_3 -msg \
903 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
904 1 \
905 -s "found psk key exchange modes extension" \
906 -s "found pre_shared_key extension" \
907 -s "Found PSK_EPHEMERAL KEX MODE" \
908 -S "Found PSK KEX MODE" \
909 -S "key exchange mode: psk$" \
910 -S "key exchange mode: psk_ephemeral" \
911 -S "key exchange mode: ephemeral"
912
913requires_openssl_tls1_3
914requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]916run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]917 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]918 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
919 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
920 0 \
921 -s "found psk key exchange modes extension" \
922 -s "found pre_shared_key extension" \
923 -s "Found PSK_EPHEMERAL KEX MODE" \
924 -s "Found PSK KEX MODE" \
925 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]926 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]927 -s "key exchange mode: psk$" \
928 -S "key exchange mode: psk_ephemeral" \
929 -S "key exchange mode: ephemeral"
930
931requires_openssl_tls1_3
932requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]933requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]934run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]935 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]936 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
937 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
938 1 \
939 -s "found psk key exchange modes extension" \
940 -s "found pre_shared_key extension" \
941 -s "Found PSK_EPHEMERAL KEX MODE" \
942 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]943 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]944 -S "key exchange mode: psk$" \
945 -S "key exchange mode: psk_ephemeral" \
946 -S "key exchange mode: ephemeral"
947
948requires_openssl_tls1_3
949requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]950requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]951run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]952 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]953 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
954 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
955 1 \
956 -s "found psk key exchange modes extension" \
957 -s "found pre_shared_key extension" \
958 -s "Found PSK_EPHEMERAL KEX MODE" \
959 -s "Found PSK KEX MODE" \
960 -s "Invalid binder." \
961 -S "key exchange mode: psk$" \
962 -S "key exchange mode: psk_ephemeral" \
963 -S "key exchange mode: ephemeral"
964
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]965requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]966requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]967requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]968run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]969 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]970 "$O_NEXT_CLI -tls1_3 -msg \
971 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
972 0 \
973 -s "found psk key exchange modes extension" \
974 -s "found pre_shared_key extension" \
975 -s "Found PSK_EPHEMERAL KEX MODE" \
976 -S "Found PSK KEX MODE" \
977 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]978 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]979 -S "key exchange mode: psk$" \
980 -s "key exchange mode: psk_ephemeral" \
981 -S "key exchange mode: ephemeral"
982
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]983requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]984requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]985requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]986run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]987 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]988 "$O_NEXT_CLI -tls1_3 -msg \
989 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
990 1 \
991 -s "found psk key exchange modes extension" \
992 -s "found pre_shared_key extension" \
993 -s "Found PSK_EPHEMERAL KEX MODE" \
994 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]995 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]996 -S "key exchange mode: psk$" \
997 -S "key exchange mode: psk_ephemeral" \
998 -S "key exchange mode: ephemeral"
999
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1000requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1001requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1002requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1003run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1004 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1005 "$O_NEXT_CLI -tls1_3 -msg \
1006 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1007 1 \
1008 -s "found psk key exchange modes extension" \
1009 -s "found pre_shared_key extension" \
1010 -s "Found PSK_EPHEMERAL KEX MODE" \
1011 -S "Found PSK KEX MODE" \
1012 -s "Invalid binder." \
1013 -S "key exchange mode: psk$" \
1014 -S "key exchange mode: psk_ephemeral" \
1015 -S "key exchange mode: ephemeral"
1016
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1017requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1018requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1019requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1020run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1021 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1022 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1023 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1024 0 \
1025 -s "found psk key exchange modes extension" \
1026 -s "found pre_shared_key extension" \
1027 -s "Found PSK_EPHEMERAL KEX MODE" \
1028 -s "Found PSK KEX MODE" \
1029 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1030 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1031 -S "key exchange mode: psk$" \
1032 -s "key exchange mode: psk_ephemeral" \
1033 -S "key exchange mode: ephemeral"
1034
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1035requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1036requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1037requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1038run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1039 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1040 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1041 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1042 1 \
1043 -s "found psk key exchange modes extension" \
1044 -s "found pre_shared_key extension" \
1045 -s "Found PSK_EPHEMERAL KEX MODE" \
1046 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1047 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1048 -S "key exchange mode: psk$" \
1049 -S "key exchange mode: psk_ephemeral" \
1050 -S "key exchange mode: ephemeral"
1051
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1052requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1053requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1054requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1055run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1056 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1057 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1058 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1059 1 \
1060 -s "found psk key exchange modes extension" \
1061 -s "found pre_shared_key extension" \
1062 -s "Found PSK_EPHEMERAL KEX MODE" \
1063 -s "Found PSK KEX MODE" \
1064 -s "Invalid binder." \
1065 -S "key exchange mode: psk$" \
1066 -S "key exchange mode: psk_ephemeral" \
1067 -S "key exchange mode: ephemeral"
1068
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1069requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1070requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1071requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1072requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1073run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1074 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1075 "$O_NEXT_CLI -tls1_3 -msg \
1076 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1077 0 \
1078 -s "found psk key exchange modes extension" \
1079 -s "found pre_shared_key extension" \
1080 -s "Found PSK_EPHEMERAL KEX MODE" \
1081 -S "Found PSK KEX MODE" \
1082 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1083 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1084 -S "key exchange mode: psk$" \
1085 -s "key exchange mode: psk_ephemeral" \
1086 -S "key exchange mode: ephemeral"
1087
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1088requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1089requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1090requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1092run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1093 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1094 "$O_NEXT_CLI -tls1_3 -msg \
1095 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1096 1 \
1097 -s "found psk key exchange modes extension" \
1098 -s "found pre_shared_key extension" \
1099 -s "Found PSK_EPHEMERAL KEX MODE" \
1100 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1101 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1102 -S "key exchange mode: psk$" \
1103 -S "key exchange mode: psk_ephemeral" \
1104 -S "key exchange mode: ephemeral"
1105
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1106requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1107requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1108requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1109requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1110run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1111 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1112 "$O_NEXT_CLI -tls1_3 -msg \
1113 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1114 1 \
1115 -s "found psk key exchange modes extension" \
1116 -s "found pre_shared_key extension" \
1117 -s "Found PSK_EPHEMERAL KEX MODE" \
1118 -S "Found PSK KEX MODE" \
1119 -s "Invalid binder." \
1120 -S "key exchange mode: psk$" \
1121 -S "key exchange mode: psk_ephemeral" \
1122 -S "key exchange mode: ephemeral"
1123
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1124requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1125requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1126requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1127requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1128run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1129 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1130 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1131 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1132 0 \
1133 -s "found psk key exchange modes extension" \
1134 -s "found pre_shared_key extension" \
1135 -s "Found PSK_EPHEMERAL KEX MODE" \
1136 -s "Found PSK KEX MODE" \
1137 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1138 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1139 -S "key exchange mode: psk$" \
1140 -s "key exchange mode: psk_ephemeral" \
1141 -S "key exchange mode: ephemeral"
1142
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1143requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1144requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1147run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1148 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1149 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1150 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1151 1 \
1152 -s "found psk key exchange modes extension" \
1153 -s "found pre_shared_key extension" \
1154 -s "Found PSK_EPHEMERAL KEX MODE" \
1155 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1156 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1157 -S "key exchange mode: psk$" \
1158 -S "key exchange mode: psk_ephemeral" \
1159 -S "key exchange mode: ephemeral"
1160
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1161requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1162requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1163requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1164requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1165run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1166 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1167 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1168 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1169 1 \
1170 -s "found psk key exchange modes extension" \
1171 -s "found pre_shared_key extension" \
1172 -s "Found PSK_EPHEMERAL KEX MODE" \
1173 -s "Found PSK KEX MODE" \
1174 -s "Invalid binder." \
1175 -S "key exchange mode: psk$" \
1176 -S "key exchange mode: psk_ephemeral" \
1177 -S "key exchange mode: ephemeral"
1178
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1179requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1180requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1181requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1182requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1183run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1184 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1185 "$O_NEXT_CLI -tls1_3 -msg \
1186 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1187 0 \
1188 -s "found psk key exchange modes extension" \
1189 -s "found pre_shared_key extension" \
1190 -s "Found PSK_EPHEMERAL KEX MODE" \
1191 -S "Found PSK KEX MODE" \
1192 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1193 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1194 -S "key exchange mode: psk$" \
1195 -s "key exchange mode: psk_ephemeral" \
1196 -S "key exchange mode: ephemeral"
1197
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1198requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1199requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1200requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1201requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1202run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1203 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1204 "$O_NEXT_CLI -tls1_3 -msg \
1205 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1206 0 \
1207 -s "found psk key exchange modes extension" \
1208 -s "found pre_shared_key extension" \
1209 -s "Found PSK_EPHEMERAL KEX MODE" \
1210 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1211 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1212 -S "key exchange mode: psk$" \
1213 -S "key exchange mode: psk_ephemeral" \
1214 -s "key exchange mode: ephemeral"
1215
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1216requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1217requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1218requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1219requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1220run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1221 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1222 "$O_NEXT_CLI -tls1_3 -msg \
1223 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1224 1 \
1225 -s "found psk key exchange modes extension" \
1226 -s "found pre_shared_key extension" \
1227 -s "Found PSK_EPHEMERAL KEX MODE" \
1228 -S "Found PSK KEX MODE" \
1229 -s "Invalid binder." \
1230 -S "key exchange mode: psk$" \
1231 -S "key exchange mode: psk_ephemeral" \
1232 -S "key exchange mode: ephemeral"
1233
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1234requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1235requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1236requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1238run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1239 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1240 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1241 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1242 0 \
1243 -s "found psk key exchange modes extension" \
1244 -s "found pre_shared_key extension" \
1245 -s "Found PSK_EPHEMERAL KEX MODE" \
1246 -s "Found PSK KEX MODE" \
1247 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1248 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1249 -S "key exchange mode: psk$" \
1250 -s "key exchange mode: psk_ephemeral" \
1251 -S "key exchange mode: ephemeral"
1252
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1253requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1254requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1255requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1257run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1258 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1259 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1260 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1261 0 \
1262 -s "found psk key exchange modes extension" \
1263 -s "found pre_shared_key extension" \
1264 -s "Found PSK_EPHEMERAL KEX MODE" \
1265 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1266 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1267 -S "key exchange mode: psk$" \
1268 -S "key exchange mode: psk_ephemeral" \
1269 -s "key exchange mode: ephemeral"
1270
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1271requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1272requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1273requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1274requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1275run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1276 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1277 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1278 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1279 1 \
1280 -s "found psk key exchange modes extension" \
1281 -s "found pre_shared_key extension" \
1282 -s "Found PSK_EPHEMERAL KEX MODE" \
1283 -s "Found PSK KEX MODE" \
1284 -s "Invalid binder." \
1285 -S "key exchange mode: psk$" \
1286 -S "key exchange mode: psk_ephemeral" \
1287 -S "key exchange mode: ephemeral"
1288
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1289requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1290requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1292requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1293requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1294run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1295 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1296 "$O_NEXT_CLI -tls1_3 -msg \
1297 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1298 0 \
1299 -s "found psk key exchange modes extension" \
1300 -s "found pre_shared_key extension" \
1301 -s "Found PSK_EPHEMERAL KEX MODE" \
1302 -S "Found PSK KEX MODE" \
1303 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1304 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1305 -S "key exchange mode: psk$" \
1306 -s "key exchange mode: psk_ephemeral" \
1307 -S "key exchange mode: ephemeral"
1308
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1309requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1310requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1314run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1315 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1316 "$O_NEXT_CLI -tls1_3 -msg \
1317 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1318 0 \
1319 -s "found psk key exchange modes extension" \
1320 -s "found pre_shared_key extension" \
1321 -s "Found PSK_EPHEMERAL KEX MODE" \
1322 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1323 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1324 -S "key exchange mode: psk$" \
1325 -S "key exchange mode: psk_ephemeral" \
1326 -s "key exchange mode: ephemeral"
1327
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1328requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1329requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1331requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1332requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1333run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1334 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1335 "$O_NEXT_CLI -tls1_3 -msg \
1336 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1337 1 \
1338 -s "found psk key exchange modes extension" \
1339 -s "found pre_shared_key extension" \
1340 -s "Found PSK_EPHEMERAL KEX MODE" \
1341 -S "Found PSK KEX MODE" \
1342 -s "Invalid binder." \
1343 -S "key exchange mode: psk$" \
1344 -S "key exchange mode: psk_ephemeral" \
1345 -S "key exchange mode: ephemeral"
1346
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1347requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1348requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1350requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1351requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1352run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1353 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1354 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1355 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1356 0 \
1357 -s "found psk key exchange modes extension" \
1358 -s "found pre_shared_key extension" \
1359 -s "Found PSK_EPHEMERAL KEX MODE" \
1360 -s "Found PSK KEX MODE" \
1361 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1362 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1363 -S "key exchange mode: psk$" \
1364 -s "key exchange mode: psk_ephemeral" \
1365 -S "key exchange mode: ephemeral"
1366
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1367requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1368requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1372run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1373 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1374 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1375 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1376 0 \
1377 -s "found psk key exchange modes extension" \
1378 -s "found pre_shared_key extension" \
1379 -s "Found PSK_EPHEMERAL KEX MODE" \
1380 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1381 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1382 -S "key exchange mode: psk$" \
1383 -S "key exchange mode: psk_ephemeral" \
1384 -s "key exchange mode: ephemeral"
1385
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1386requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1387requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1390requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1391run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1392 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1393 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1394 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1395 1 \
1396 -s "found psk key exchange modes extension" \
1397 -s "found pre_shared_key extension" \
1398 -s "Found PSK_EPHEMERAL KEX MODE" \
1399 -s "Found PSK KEX MODE" \
1400 -s "Invalid binder." \
1401 -S "key exchange mode: psk$" \
1402 -S "key exchange mode: psk_ephemeral" \
1403 -S "key exchange mode: ephemeral"
1404
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1405requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1406requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1408requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1409run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1410 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1411 "$O_NEXT_CLI -tls1_3 -msg \
1412 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1413 0 \
1414 -s "found psk key exchange modes extension" \
1415 -s "found pre_shared_key extension" \
1416 -s "Found PSK_EPHEMERAL KEX MODE" \
1417 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1418 -s "No suitable PSK key exchange mode" \
1419 -S "Pre shared key found" \
1420 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1421 -S "key exchange mode: psk$" \
1422 -S "key exchange mode: psk_ephemeral" \
1423 -s "key exchange mode: ephemeral"
1424
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1425requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1426requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1427requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1428requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1429run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1430 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1431 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1432 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1433 0 \
1434 -s "found psk key exchange modes extension" \
1435 -s "found pre_shared_key extension" \
1436 -s "Found PSK_EPHEMERAL KEX MODE" \
1437 -s "Found PSK KEX MODE" \
1438 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1439 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1440 -S "key exchange mode: psk$" \
1441 -S "key exchange mode: psk_ephemeral" \
1442 -s "key exchange mode: ephemeral"
1443
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1444requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1445requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1448run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1449 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1450 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1451 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1452 1 \
1453 -s "found psk key exchange modes extension" \
1454 -s "found pre_shared_key extension" \
1455 -s "Found PSK_EPHEMERAL KEX MODE" \
1456 -s "Found PSK KEX MODE" \
1457 -s "Invalid binder." \
1458 -S "key exchange mode: psk$" \
1459 -S "key exchange mode: psk_ephemeral" \
1460 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1461
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1462requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1463requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1464 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1465 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1466 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_256
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1467run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1468 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1469 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1470 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1471 0 \
1472 -s "write selected_group: secp256r1" \
1473 -S "key exchange mode: psk$" \
1474 -s "key exchange mode: psk_ephemeral" \
1475 -S "key exchange mode: ephemeral"
1476
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1477requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1478requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1479 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1480 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1481 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1482run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1483 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1484 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1485 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1486 0 \
1487 -s "write selected_group: secp384r1" \
1488 -S "key exchange mode: psk$" \
1489 -s "key exchange mode: psk_ephemeral" \
1490 -S "key exchange mode: ephemeral"
1491
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1492requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1493requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1494 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1495 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1496 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_521
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1497run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1498 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1499 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1500 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1501 0 \
1502 -s "write selected_group: secp521r1" \
1503 -S "key exchange mode: psk$" \
1504 -s "key exchange mode: psk_ephemeral" \
1505 -S "key exchange mode: ephemeral"
1506
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1507requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1508requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1509 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1510 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1511 PSA_WANT_ALG_ECDH PSA_WANT_ECC_MONTGOMERY_255
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1512run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1513 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1514 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1515 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1516 0 \
1517 -s "write selected_group: x25519" \
1518 -S "key exchange mode: psk$" \
1519 -s "key exchange mode: psk_ephemeral" \
1520 -S "key exchange mode: ephemeral"
1521
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1522requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1523requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1524 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1525 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1526 PSA_WANT_ALG_ECDH PSA_WANT_ECC_MONTGOMERY_448
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1527run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1528 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1529 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1530 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1531 0 \
1532 -s "write selected_group: x448" \
1533 -S "key exchange mode: psk$" \
1534 -s "key exchange mode: psk_ephemeral" \
1535 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1536
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1537requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1538requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1539 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1540 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1541 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1542run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1543 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1544 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1545 0 \
1546 -s "write selected_group: secp384r1" \
1547 -s "HRR selected_group: secp384r1" \
1548 -S "key exchange mode: psk$" \
1549 -s "key exchange mode: psk_ephemeral" \
1550 -S "key exchange mode: ephemeral"
1551
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1552requires_gnutls_tls1_3
1553requires_gnutls_next_no_ticket
1554requires_gnutls_next_disable_tls13_compat
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1555requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1556 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1557 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1558 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1559run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1560 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1561 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1562 0 \
1563 -s "write selected_group: secp384r1" \
1564 -s "HRR selected_group: secp384r1" \
1565 -S "key exchange mode: psk$" \
1566 -s "key exchange mode: psk_ephemeral" \
1567 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1568
1569
1570# Add psk test cases for mbedtls client code
1571
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1572# MbedTls->MbedTLS kinds of tls13_kex_modes
1573# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1574requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1575requires_config_enabled MBEDTLS_SSL_SRV_C
1576requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1577requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1578run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1579 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1580 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1581 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1582 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1583 -c "client hello, adding psk_key_exchange_modes extension" \
1584 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1585 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1586 -c "HTTP/1.0 200 OK"
1587
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1588requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1589requires_config_enabled MBEDTLS_SSL_SRV_C
1590requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1591requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1592run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1593 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1594 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1595 1 \
1596 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1597 -c "client hello, adding psk_key_exchange_modes extension" \
1598 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1599 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1600
1601requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1602requires_config_enabled MBEDTLS_SSL_SRV_C
1603requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1605run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1606 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1607 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1608 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1609 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1610 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1611 -c "client hello, adding PSK binder list" \
1612 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1613
1614requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1615requires_config_enabled MBEDTLS_SSL_SRV_C
1616requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1617requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1618requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1619run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1620 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1621 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1622 1 \
1623 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1624 -c "client hello, adding psk_key_exchange_modes extension" \
1625 -c "client hello, adding PSK binder list" \
1626 -s "ClientHello message misses mandatory extensions."
1627
1628requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1629requires_config_enabled MBEDTLS_SSL_SRV_C
1630requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1631requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1632requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1633run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1634 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1635 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1636 1 \
1637 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1638 -c "client hello, adding psk_key_exchange_modes extension" \
1639 -c "client hello, adding PSK binder list" \
1640 -s "ClientHello message misses mandatory extensions."
1641
1642requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1643requires_config_enabled MBEDTLS_SSL_SRV_C
1644requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1646requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1647requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1648run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1649 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1650 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1651 1 \
1652 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1653 -c "client hello, adding psk_key_exchange_modes extension" \
1654 -c "client hello, adding PSK binder list" \
1655 -s "ClientHello message misses mandatory extensions."
1656
1657requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1658requires_config_enabled MBEDTLS_SSL_SRV_C
1659requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1660requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1661requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1662run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1663 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1664 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1665 0 \
1666 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1667 -c "client hello, adding psk_key_exchange_modes extension" \
1668 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1669 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1670 -c "HTTP/1.0 200 OK"
1671
1672requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1673requires_config_enabled MBEDTLS_SSL_SRV_C
1674requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1675requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1676requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1677run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1678 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1679 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1680 1 \
1681 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1682 -c "client hello, adding psk_key_exchange_modes extension" \
1683 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1684 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1685 -s "ClientHello message misses mandatory extensions."
1686
1687requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1688requires_config_enabled MBEDTLS_SSL_SRV_C
1689requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1690requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1691requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1692run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1693 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1694 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1695 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1696 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1697 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1698 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1699 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1700
1701requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1702requires_config_enabled MBEDTLS_SSL_SRV_C
1703requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1707run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1708 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1709 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1710 0 \
1711 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1712 -c "client hello, adding psk_key_exchange_modes extension" \
1713 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1714 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1715 -c "HTTP/1.0 200 OK"
1716
1717requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1718requires_config_enabled MBEDTLS_SSL_SRV_C
1719requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1720requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1721requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1722requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1723run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1724 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1725 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1726 1 \
1727 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1728 -c "client hello, adding psk_key_exchange_modes extension" \
1729 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1730 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1731 -s "ClientHello message misses mandatory extensions."
1732
1733requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1734requires_config_enabled MBEDTLS_SSL_SRV_C
1735requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1737requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1738requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1739run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1740 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1741 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1742 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1743 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1744 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1745 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1746 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1747
1748# psk_ephemeral mode in client
1749requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1750requires_config_enabled MBEDTLS_SSL_SRV_C
1751requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1752requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1753requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1754run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1755 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1756 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1757 1 \
1758 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1759 -c "client hello, adding psk_key_exchange_modes extension" \
1760 -c "client hello, adding PSK binder list" \
1761 -s "ClientHello message misses mandatory extensions."
1762
1763requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1764requires_config_enabled MBEDTLS_SSL_SRV_C
1765requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1766requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1767run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1768 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1769 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1770 0 \
1771 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1772 -c "client hello, adding psk_key_exchange_modes extension" \
1773 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1774 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1775 -c "HTTP/1.0 200 OK"
1776
1777requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1778requires_config_enabled MBEDTLS_SSL_SRV_C
1779requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1780requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1781run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1782 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1783 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1784 1 \
1785 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1786 -c "client hello, adding psk_key_exchange_modes extension" \
1787 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1788 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1789 -s "ClientHello message misses mandatory extensions."
1790
1791requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1792requires_config_enabled MBEDTLS_SSL_SRV_C
1793requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1794requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1795run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1796 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1797 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1798 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1799 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1800 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1801 -c "client hello, adding PSK binder list" \
1802 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1803
1804requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1805requires_config_enabled MBEDTLS_SSL_SRV_C
1806requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1807requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1808requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1809requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1810run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1811 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1812 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1813 1 \
1814 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1815 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1816 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1817
1818requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1819requires_config_enabled MBEDTLS_SSL_SRV_C
1820requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1821requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1823run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1824 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1825 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1826 0 \
1827 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1828 -c "client hello, adding psk_key_exchange_modes extension" \
1829 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1830 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1831 -c "HTTP/1.0 200 OK"
1832
1833requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1834requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1835requires_config_enabled MBEDTLS_SSL_SRV_C
1836requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1837requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1838requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1839run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1840 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1841 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1842 1 \
1843 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1844 -c "client hello, adding psk_key_exchange_modes extension" \
1845 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1846 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1847
1848requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1849requires_config_enabled MBEDTLS_SSL_SRV_C
1850requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1851requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1852requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1853run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1854 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1855 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1856 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1857 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1858 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1859 -c "client hello, adding PSK binder list" \
1860 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1861
1862requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1863requires_config_enabled MBEDTLS_SSL_SRV_C
1864requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1865requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1866requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1867run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1868 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1869 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1870 0 \
1871 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1872 -c "client hello, adding psk_key_exchange_modes extension" \
1873 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1874 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1875 -c "HTTP/1.0 200 OK"
1876
1877requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1878requires_config_enabled MBEDTLS_SSL_SRV_C
1879requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1880requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1881requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1882run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1883 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1884 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1885 1 \
1886 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1887 -c "client hello, adding psk_key_exchange_modes extension" \
1888 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1889 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1890 -s "ClientHello message misses mandatory extensions."
1891
1892requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1893requires_config_enabled MBEDTLS_SSL_SRV_C
1894requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1895requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1896requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1897run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1898 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1899 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1900 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1901 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1902 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1903 -c "client hello, adding PSK binder list" \
1904 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1905
1906requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1907requires_config_enabled MBEDTLS_SSL_SRV_C
1908requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1910requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1911requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1912run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1913 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1914 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1915 0 \
1916 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1917 -c "client hello, adding psk_key_exchange_modes extension" \
1918 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1919 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1920 -c "HTTP/1.0 200 OK"
1921
1922requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1923requires_config_enabled MBEDTLS_SSL_SRV_C
1924requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1926requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1927requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1928run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1929 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1930 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1931 1 \
1932 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1933 -c "client hello, adding psk_key_exchange_modes extension" \
1934 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1935 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1936
1937requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1938requires_config_enabled MBEDTLS_SSL_SRV_C
1939requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1940requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1941requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1942requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1943run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1944 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1945 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1946 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1947 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1948 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1949 -c "client hello, adding PSK binder list" \
1950 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1951
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1952# ephemeral mode in client
1953requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1954requires_config_enabled MBEDTLS_SSL_SRV_C
1955requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1956requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1957requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1958run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1959 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1960 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1961 1 \
1962 -s "ClientHello message misses mandatory extensions."
1963
1964requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1965requires_config_enabled MBEDTLS_SSL_SRV_C
1966requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1967requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1968requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1969run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1970 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1971 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1972 1 \
1973 -s "ClientHello message misses mandatory extensions."
1974
1975requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1976requires_config_enabled MBEDTLS_SSL_SRV_C
1977requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1978requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1979run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1980 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1981 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1982 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1983 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1984 -c "HTTP/1.0 200 OK"
1985
1986requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1987requires_config_enabled MBEDTLS_SSL_SRV_C
1988requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1989requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1991run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1992 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1993 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1994 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1995 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1996 -c "HTTP/1.0 200 OK"
1997
1998requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1999requires_config_enabled MBEDTLS_SSL_SRV_C
2000requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2001requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2002requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2003requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2004run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2005 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2006 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2007 1 \
2008 -s "ClientHello message misses mandatory extensions."
2009
2010requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2011requires_config_enabled MBEDTLS_SSL_SRV_C
2012requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2013requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2014requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2015requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2016run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2017 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2018 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2019 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2020 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2021 -c "HTTP/1.0 200 OK"
2022
2023# ephemeral_all mode in client
2024requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2025requires_config_enabled MBEDTLS_SSL_SRV_C
2026requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2027requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2028requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2029requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2030run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2031 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2032 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2033 1 \
2034 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2035 -c "client hello, adding psk_key_exchange_modes extension" \
2036 -c "client hello, adding PSK binder list" \
2037 -s "ClientHello message misses mandatory extensions."
2038
2039requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2040requires_config_enabled MBEDTLS_SSL_SRV_C
2041requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2042requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2043requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2044run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2045 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2046 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2047 0 \
2048 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2049 -c "client hello, adding psk_key_exchange_modes extension" \
2050 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2051 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2052 -c "HTTP/1.0 200 OK"
2053
2054requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2055requires_config_enabled MBEDTLS_SSL_SRV_C
2056requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2057requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2058requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2059run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2060 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2061 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2062 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2063 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2064 -c "client hello, adding psk_key_exchange_modes extension" \
2065 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2066 -s "No usable PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2067
2068requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2069requires_config_enabled MBEDTLS_SSL_SRV_C
2070requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2071requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2072requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2073run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2074 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2075 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2076 1 \
2077 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2078 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2079 -c "client hello, adding PSK binder list" \
2080 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2081
2082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2083requires_config_enabled MBEDTLS_SSL_SRV_C
2084requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2085requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2086requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2087run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2088 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2089 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2090 0 \
2091 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2092 -c "client hello, adding psk_key_exchange_modes extension" \
2093 -c "client hello, adding PSK binder list" \
2094 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2095 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2096 -c "HTTP/1.0 200 OK"
2097
2098requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2099requires_config_enabled MBEDTLS_SSL_SRV_C
2100requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2102requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2103run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2104 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2105 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2106 0 \
2107 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2108 -c "client hello, adding psk_key_exchange_modes extension" \
2109 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2110 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2111 -c "HTTP/1.0 200 OK"
2112
2113requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2114requires_config_enabled MBEDTLS_SSL_SRV_C
2115requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2116requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2117requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2118run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2119 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2120 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2121 0 \
2122 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2123 -c "client hello, adding psk_key_exchange_modes extension" \
2124 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2125 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2126 -s "key exchange mode: ephemeral"
2127
2128requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2129requires_config_enabled MBEDTLS_SSL_SRV_C
2130requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2131requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2132requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2133run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2134 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2135 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2136 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2137 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2138 -c "client hello, adding psk_key_exchange_modes extension" \
2139 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2140 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2141
2142requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2143requires_config_enabled MBEDTLS_SSL_SRV_C
2144requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2147requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2148run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2149 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2150 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2151 0 \
2152 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2153 -c "client hello, adding psk_key_exchange_modes extension" \
2154 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2155 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2156 -c "HTTP/1.0 200 OK"
2157
2158requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2159requires_config_enabled MBEDTLS_SSL_SRV_C
2160requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2162requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2163requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2164run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2165 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2166 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2167 1 \
2168 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2169 -c "client hello, adding psk_key_exchange_modes extension" \
2170 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2171 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2172 -s "ClientHello message misses mandatory extensions."
2173
2174requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2175requires_config_enabled MBEDTLS_SSL_SRV_C
2176requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2178requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2180run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2181 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2182 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2183 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2184 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2185 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2186 -c "client hello, adding PSK binder list" \
2187 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2188
2189requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2190requires_config_enabled MBEDTLS_SSL_SRV_C
2191requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2192requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2193requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2194requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2195run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2196 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2197 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2198 0 \
2199 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2200 -c "client hello, adding psk_key_exchange_modes extension" \
2201 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2202 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2203 -c "HTTP/1.0 200 OK"
2204
2205requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2206requires_config_enabled MBEDTLS_SSL_SRV_C
2207requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2208requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2209requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2211run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2212 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2213 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2214 0 \
2215 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2216 -c "client hello, adding psk_key_exchange_modes extension" \
2217 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2218 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2219 -s "key exchange mode: ephemeral"
2220
2221requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2222requires_config_enabled MBEDTLS_SSL_SRV_C
2223requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2225requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2226requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2227run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2228 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2229 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2230 1 \
2231 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2232 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2233 -c "client hello, adding PSK binder list" \
2234 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2235
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2236# psk_all mode in client
2237requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2238requires_config_enabled MBEDTLS_SSL_SRV_C
2239requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2240requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2241requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2242run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2243 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2244 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2245 0 \
2246 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2247 -c "client hello, adding psk_key_exchange_modes extension" \
2248 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2249 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2250 -c "HTTP/1.0 200 OK"
2251
2252requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2253requires_config_enabled MBEDTLS_SSL_SRV_C
2254requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2255requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2257run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2258 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2259 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2260 1 \
2261 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2262 -c "client hello, adding psk_key_exchange_modes extension" \
2263 -c "client hello, adding PSK binder list" \
2264 -s "ClientHello message misses mandatory extensions."
2265
2266requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2267requires_config_enabled MBEDTLS_SSL_SRV_C
2268requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2269requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2270requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2271run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2272 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2273 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2274 1 \
2275 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2276 -c "client hello, adding psk_key_exchange_modes extension" \
2277 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2278 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2279
2280requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2281requires_config_enabled MBEDTLS_SSL_SRV_C
2282requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2284requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2285run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2286 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2287 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2288 0 \
2289 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2290 -c "client hello, adding psk_key_exchange_modes extension" \
2291 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2292 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2293 -c "HTTP/1.0 200 OK"
2294
2295requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2296requires_config_enabled MBEDTLS_SSL_SRV_C
2297requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2298requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2299requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2300run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2301 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2302 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2303 1 \
2304 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2305 -c "client hello, adding psk_key_exchange_modes extension" \
2306 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2307 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2308 -s "ClientHello message misses mandatory extensions."
2309
2310requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2311requires_config_enabled MBEDTLS_SSL_SRV_C
2312requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2314requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2315run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2316 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2317 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2318 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2319 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2320 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2321 -c "client hello, adding PSK binder list" \
2322 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2323
2324requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2325requires_config_enabled MBEDTLS_SSL_SRV_C
2326requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2330run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2331 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2332 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2333 1 \
2334 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2335 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2336 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2337
2338requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2339requires_config_enabled MBEDTLS_SSL_SRV_C
2340requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2343requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2344run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2345 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2346 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2347 0 \
2348 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2349 -c "client hello, adding psk_key_exchange_modes extension" \
2350 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2351 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2352 -c "HTTP/1.0 200 OK"
2353
2354requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2355requires_config_enabled MBEDTLS_SSL_SRV_C
2356requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2357requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2358requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2359requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2360run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2361 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2362 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2363 1 \
2364 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2365 -c "client hello, adding psk_key_exchange_modes extension" \
2366 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2367 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2368
2369requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2370requires_config_enabled MBEDTLS_SSL_SRV_C
2371requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2372requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2373requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2374requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2375run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2376 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2377 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2378 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2379 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2380 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2381 -c "client hello, adding PSK binder list" \
2382 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2383
2384requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2385requires_config_enabled MBEDTLS_SSL_SRV_C
2386requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2389run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2390 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2391 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2392 0 \
2393 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2394 -c "client hello, adding psk_key_exchange_modes extension" \
2395 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2396 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2397 -c "HTTP/1.0 200 OK"
2398
2399requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2400requires_config_enabled MBEDTLS_SSL_SRV_C
2401requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2402requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2403requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2404run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2405 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2406 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2407 1 \
2408 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2409 -c "client hello, adding psk_key_exchange_modes extension" \
2410 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2411 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2412 -s "ClientHello message misses mandatory extensions."
2413
2414requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2415requires_config_enabled MBEDTLS_SSL_SRV_C
2416requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2417requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2419run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2420 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2421 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2422 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2423 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2424 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2425 -c "client hello, adding PSK binder list" \
2426 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2427
2428requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2429requires_config_enabled MBEDTLS_SSL_SRV_C
2430requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2431requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2432requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2433requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2434run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2435 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2436 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437 0 \
2438 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2439 -c "client hello, adding psk_key_exchange_modes extension" \
2440 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2441 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2442 -c "HTTP/1.0 200 OK"
2443
2444requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2445requires_config_enabled MBEDTLS_SSL_SRV_C
2446requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2448requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2449requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2450run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2451 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2452 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2453 1 \
2454 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2455 -c "client hello, adding psk_key_exchange_modes extension" \
2456 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2457 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2458
2459requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2460requires_config_enabled MBEDTLS_SSL_SRV_C
2461requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2462requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2463requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2465run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2466 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2467 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2469 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2470 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2471 -c "client hello, adding PSK binder list" \
2472 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2473
2474# all mode in client
2475requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2476requires_config_enabled MBEDTLS_SSL_SRV_C
2477requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2478requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2479requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2480requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2481run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2482 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2483 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2484 0 \
2485 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2486 -c "client hello, adding psk_key_exchange_modes extension" \
2487 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2488 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489 -c "HTTP/1.0 200 OK"
2490
2491requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2492requires_config_enabled MBEDTLS_SSL_SRV_C
2493requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2496requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2497run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2498 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2499 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2500 1 \
2501 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2502 -c "client hello, adding psk_key_exchange_modes extension" \
2503 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2504 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2505 -s "ClientHello message misses mandatory extensions."
2506
2507requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2508requires_config_enabled MBEDTLS_SSL_SRV_C
2509requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2510requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2511requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2512requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2513run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2514 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2515 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2516 1 \
2517 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2518 -c "client hello, adding psk_key_exchange_modes extension" \
2519 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2520 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2521
2522requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2523requires_config_enabled MBEDTLS_SSL_SRV_C
2524requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2526requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2527requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2528run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2529 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2530 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2531 0 \
2532 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2533 -c "client hello, adding psk_key_exchange_modes extension" \
2534 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2535 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2536 -c "HTTP/1.0 200 OK"
2537
2538requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2539requires_config_enabled MBEDTLS_SSL_SRV_C
2540requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2543requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2544run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2545 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2546 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2547 1 \
2548 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2549 -c "client hello, adding psk_key_exchange_modes extension" \
2550 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2551 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2552 -s "ClientHello message misses mandatory extensions."
2553
2554requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2555requires_config_enabled MBEDTLS_SSL_SRV_C
2556requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2557requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2558requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2559requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2560run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2561 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2562 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2563 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2564 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2565 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2566 -c "client hello, adding PSK binder list" \
2567 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2568
2569requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2570requires_config_enabled MBEDTLS_SSL_SRV_C
2571requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2572requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2575run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2576 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2577 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2578 0 \
2579 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2580 -c "client hello, adding psk_key_exchange_modes extension" \
2581 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2582 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2583 -c "HTTP/1.0 200 OK"
2584
2585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2586requires_config_enabled MBEDTLS_SSL_SRV_C
2587requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2588requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2589requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2590requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2591run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2592 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2593 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2594 0 \
2595 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2596 -c "client hello, adding psk_key_exchange_modes extension" \
2597 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2598 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2599 -c "HTTP/1.0 200 OK"
2600
2601requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2602requires_config_enabled MBEDTLS_SSL_SRV_C
2603requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2606requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2607run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2608 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2609 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2610 0 \
2611 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2612 -c "client hello, adding psk_key_exchange_modes extension" \
2613 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2614 -s "No usable PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2615 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2616 -c "HTTP/1.0 200 OK"
2617
2618requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2619requires_config_enabled MBEDTLS_SSL_SRV_C
2620requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2624run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2625 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2626 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2627 1 \
2628 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2629 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2630 -c "client hello, adding PSK binder list" \
2631 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2632
2633requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2634requires_config_enabled MBEDTLS_SSL_SRV_C
2635requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2637requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2638requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2639run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2640 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2641 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2642 0 \
2643 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2644 -c "client hello, adding psk_key_exchange_modes extension" \
2645 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2646 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2647 -c "HTTP/1.0 200 OK"
2648
2649requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2650requires_config_enabled MBEDTLS_SSL_SRV_C
2651requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2652requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2653requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2654requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2655run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2656 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2657 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2658 1 \
2659 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2660 -c "client hello, adding psk_key_exchange_modes extension" \
2661 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2662 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2663 -s "ClientHello message misses mandatory extensions."
2664
2665requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2666requires_config_enabled MBEDTLS_SSL_SRV_C
2667requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2668requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2669requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2670requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2671run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2672 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2673 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2674 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2675 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2676 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2677 -c "client hello, adding PSK binder list" \
2678 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2679
2680requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2681requires_config_enabled MBEDTLS_SSL_SRV_C
2682requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2683requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2686run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2687 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2688 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2689 0 \
2690 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2691 -c "client hello, adding psk_key_exchange_modes extension" \
2692 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2693 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2694 -c "HTTP/1.0 200 OK"
2695
2696requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2697requires_config_enabled MBEDTLS_SSL_SRV_C
2698requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2699requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2700requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2701requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2702run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2703 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2704 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2705 0 \
2706 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2707 -c "client hello, adding psk_key_exchange_modes extension" \
2708 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2709 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2710 -s "key exchange mode: ephemeral"
2711
2712requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2713requires_config_enabled MBEDTLS_SSL_SRV_C
2714requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2715requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2716requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2717requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2718run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2719 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2720 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2721 1 \
2722 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2723 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2724 -c "client hello, adding PSK binder list" \
2725 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2726
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2727#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2728requires_openssl_tls1_3
2729requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2730requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2731requires_config_enabled MBEDTLS_DEBUG_C
2732requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2733requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2734run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2735 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2736 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2737 0 \
2738 -c "=> write client hello" \
2739 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2740 -c "client hello, adding psk_key_exchange_modes extension" \
2741 -c "client hello, adding PSK binder list" \
2742 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2743 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2744 -c "HTTP/1.0 200 ok"
2745
2746requires_openssl_tls1_3
2747requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2748requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2749requires_config_enabled MBEDTLS_DEBUG_C
2750requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2751requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2752run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2753 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2754 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2755 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2756 -c "=> write client hello" \
2757 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2758 -c "client hello, adding psk_key_exchange_modes extension" \
2759 -c "client hello, adding PSK binder list" \
2760 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2761 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2762
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2763#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2764requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2765requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2766requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2767requires_config_enabled MBEDTLS_DEBUG_C
2768requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2769requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2770requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2771run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2772 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2773 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2774 0 \
2775 -c "=> write client hello" \
2776 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2777 -c "client hello, adding psk_key_exchange_modes extension" \
2778 -c "client hello, adding PSK binder list" \
2779 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2780 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2781 -c "HTTP/1.0 200 ok"
2782
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2783requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2785requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2786requires_config_enabled MBEDTLS_DEBUG_C
2787requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2788requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2789requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2790run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2791 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2792 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2793 0 \
2794 -c "=> write client hello" \
2795 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2796 -c "client hello, adding psk_key_exchange_modes extension" \
2797 -c "client hello, adding PSK binder list" \
2798 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2799 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2800 -c "HTTP/1.0 200 ok"
2801
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2802#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2803requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2804requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2805requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2806requires_config_enabled MBEDTLS_DEBUG_C
2807requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2808requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2809run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2810 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2811 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2812 0 \
2813 -c "=> write client hello" \
2814 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2815 -c "client hello, adding psk_key_exchange_modes extension" \
2816 -c "client hello, adding PSK binder list" \
2817 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2818 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2819 -c "HTTP/1.0 200 ok"
2820
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2821requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2822requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2823requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2824requires_config_enabled MBEDTLS_DEBUG_C
2825requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2826requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2827run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2828 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2829 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2830 0 \
2831 -c "=> write client hello" \
2832 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2833 -c "client hello, adding psk_key_exchange_modes extension" \
2834 -c "client hello, adding PSK binder list" \
2835 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2836 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2837 -c "HTTP/1.0 200 ok"
2838
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2839#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2840requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2841requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2842requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2843requires_config_enabled MBEDTLS_DEBUG_C
2844requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2845requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2846run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2847 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2848 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2849 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2850 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2851 -c "HTTP/1.0 200 ok"
2852
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2853requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2854requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2855requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2856requires_config_enabled MBEDTLS_DEBUG_C
2857requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2858requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2859run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2860 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2861 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2862 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2863 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2864 -c "HTTP/1.0 200 ok"
2865
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2866#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2867requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2868requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2869requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2870requires_config_enabled MBEDTLS_DEBUG_C
2871requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2872requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2873requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2874run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2875 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2876 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2877 0 \
2878 -c "=> write client hello" \
2879 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2880 -c "client hello, adding psk_key_exchange_modes extension" \
2881 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2882 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2883 -c "<= write client hello" \
2884 -c "HTTP/1.0 200 ok"
2885
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2886requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2887requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2888requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2889requires_config_enabled MBEDTLS_DEBUG_C
2890requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2891requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2892requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2893run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2894 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2895 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2896 0 \
2897 -c "=> write client hello" \
2898 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2899 -c "client hello, adding psk_key_exchange_modes extension" \
2900 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2901 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2902 -c "<= write client hello" \
2903 -c "HTTP/1.0 200 ok"
2904
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2905#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2906requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2907requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2908requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2909requires_config_enabled MBEDTLS_DEBUG_C
2910requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2911requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2912requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2913requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2914run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2915 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2916 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2917 0 \
2918 -c "=> write client hello" \
2919 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2920 -c "client hello, adding psk_key_exchange_modes extension" \
2921 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2922 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2923 -c "<= write client hello" \
2924 -c "HTTP/1.0 200 ok"
2925
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2926requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2927requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2928requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2929requires_config_enabled MBEDTLS_DEBUG_C
2930requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2932requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2933requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2934run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2935 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2936 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2937 0 \
2938 -c "=> write client hello" \
2939 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2940 -c "client hello, adding psk_key_exchange_modes extension" \
2941 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2942 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2943 -c "<= write client hello" \
2944 -c "HTTP/1.0 200 ok"
2945
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2946#GNUTLS-SERVER psk mode
2947requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2948requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2949requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2950requires_config_enabled MBEDTLS_DEBUG_C
2951requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2952requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2953run_test "TLS 1.3: m->G: psk/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2954 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2955 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2956 0 \
2957 -c "=> write client hello" \
2958 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2959 -c "client hello, adding psk_key_exchange_modes extension" \
2960 -c "client hello, adding PSK binder list" \
2961 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2962 -s "Parsing extension 'Pre Shared Key/41'" \
2963 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2964 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2965 -c "HTTP/1.0 200 OK"
2966
2967requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2968requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2969requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2970requires_config_enabled MBEDTLS_DEBUG_C
2971requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2972requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2973run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2974 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2975 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2976 1 \
2977 -c "=> write client hello" \
2978 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2979 -c "client hello, adding psk_key_exchange_modes extension" \
2980 -c "client hello, adding PSK binder list" \
2981 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2982 -s "Parsing extension 'Pre Shared Key/41'" \
2983 -c "<= write client hello" \
2984 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2985
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2986#GNUTLS-SERVER psk_all mode
2987requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2988requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2989requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2990requires_config_enabled MBEDTLS_DEBUG_C
2991requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2992requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2993requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2994run_test "TLS 1.3: m->G: psk_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2995 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2996 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2997 0 \
2998 -c "=> write client hello" \
2999 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3000 -c "client hello, adding psk_key_exchange_modes extension" \
3001 -c "client hello, adding PSK binder list" \
3002 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3003 -s "Parsing extension 'Pre Shared Key/41'" \
3004 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3005 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3006 -c "HTTP/1.0 200 OK"
3007
3008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3009requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3010requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3011requires_config_enabled MBEDTLS_DEBUG_C
3012requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3013requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3014requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3015run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3016 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3017 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3018 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3019 -c "=> write client hello" \
3020 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3021 -c "client hello, adding psk_key_exchange_modes extension" \
3022 -c "client hello, adding PSK binder list" \
3023 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3024 -s "Parsing extension 'Pre Shared Key/41'" \
3025 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3026 -c "Selected key exchange mode: psk_ephemeral" \
3027 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3028
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3029#GNUTLS-SERVER psk_ephemeral mode
3030requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3031requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3032requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3033requires_config_enabled MBEDTLS_DEBUG_C
3034requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3035requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3036run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3037 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3038 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3039 0 \
3040 -c "=> write client hello" \
3041 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3042 -c "client hello, adding psk_key_exchange_modes extension" \
3043 -c "client hello, adding PSK binder list" \
3044 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3045 -s "Parsing extension 'Pre Shared Key/41'" \
3046 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3047 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3048 -c "HTTP/1.0 200 OK"
3049
3050requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3051requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3052requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3053requires_config_enabled MBEDTLS_DEBUG_C
3054requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3055requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3056run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3057 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3058 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3059 0 \
3060 -c "=> write client hello" \
3061 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3062 -c "client hello, adding psk_key_exchange_modes extension" \
3063 -c "client hello, adding PSK binder list" \
3064 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3065 -s "Parsing extension 'Pre Shared Key/41'" \
3066 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3067 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3068 -c "HTTP/1.0 200 OK"
3069
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3070#GNUTLS-SERVER ephemeral mode
3071requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3072requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3073requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3074requires_config_enabled MBEDTLS_DEBUG_C
3075requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3077run_test "TLS 1.3: m->G: ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3078 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3079 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3080 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3081 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3082 -c "HTTP/1.0 200 OK"
3083
3084requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3085requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3086requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3087requires_config_enabled MBEDTLS_DEBUG_C
3088requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3089requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3090run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3091 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3092 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3093 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3094 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3095 -c "HTTP/1.0 200 OK"
3096
3097#GNUTLS-SERVER ephemeral_all mode
3098requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3099requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3100requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3101requires_config_enabled MBEDTLS_DEBUG_C
3102requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3103requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3104requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3105run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3106 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3107 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3108 0 \
3109 -c "=> write client hello" \
3110 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3111 -c "client hello, adding psk_key_exchange_modes extension" \
3112 -c "client hello, adding PSK binder list" \
3113 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3114 -s "Parsing extension 'Pre Shared Key/41'" \
3115 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3116 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3117 -c "HTTP/1.0 200 OK"
3118
3119requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3120requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3121requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3122requires_config_enabled MBEDTLS_DEBUG_C
3123requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3125requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3126run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3127 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3128 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3129 0 \
3130 -c "=> write client hello" \
3131 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3132 -c "client hello, adding psk_key_exchange_modes extension" \
3133 -c "client hello, adding PSK binder list" \
3134 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3135 -s "Parsing extension 'Pre Shared Key/41'" \
3136 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3137 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3138 -c "HTTP/1.0 200 OK"
3139
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3140#GNUTLS-SERVER all mode
3141requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3142requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3143requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3144requires_config_enabled MBEDTLS_DEBUG_C
3145requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3147requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3148requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3149run_test "TLS 1.3: m->G: all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3150 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3151 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3152 0 \
3153 -c "=> write client hello" \
3154 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3155 -c "client hello, adding psk_key_exchange_modes extension" \
3156 -c "client hello, adding PSK binder list" \
3157 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3158 -s "Parsing extension 'Pre Shared Key/41'" \
3159 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3160 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3161 -c "HTTP/1.0 200 OK"
3162
3163requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3164requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3165requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3166requires_config_enabled MBEDTLS_DEBUG_C
3167requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3169requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3170requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3171run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3172 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3173 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3174 0 \
3175 -c "=> write client hello" \
3176 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3177 -c "client hello, adding psk_key_exchange_modes extension" \
3178 -c "client hello, adding PSK binder list" \
3179 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3180 -s "Parsing extension 'Pre Shared Key/41'" \
3181 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3182 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3183 -c "HTTP/1.0 200 OK"