TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ab84fe8052e9dba3b61087fec604d68d59e94edf / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 155149f1c9cb895d66f0b277ccb668baf9e980d1 [file] [log] [blame]
Gilles Peskineab84fe82024-09-13 13:53:50 +0200[diff] [blame^]1# Systematic testing of TLS 1.3 key exchange modes.
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]2
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]3# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]4# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]5
Gilles Peskineab84fe82024-09-13 13:53:50 +0200[diff] [blame^]6# Copyright The Mbed TLS Contributors
7# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8#
9
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]10requires_gnutls_tls1_3
11requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]12requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]13run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]14 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]15 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
16 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
17 localhost" \
18 0 \
19 -s "found psk key exchange modes extension" \
20 -s "found pre_shared_key extension" \
21 -s "Found PSK_EPHEMERAL KEX MODE" \
22 -s "Found PSK KEX MODE" \
23 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]24 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]25 -s "key exchange mode: psk$" \
26 -S "key exchange mode: psk_ephemeral" \
27 -S "key exchange mode: ephemeral"
28
29requires_gnutls_tls1_3
30requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]31requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]32run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]33 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]34 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
35 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
36 localhost" \
37 1 \
38 -s "found psk key exchange modes extension" \
39 -s "found pre_shared_key extension" \
40 -s "Found PSK_EPHEMERAL KEX MODE" \
41 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]42 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]43 -S "key exchange mode: psk$" \
44 -S "key exchange mode: psk_ephemeral" \
45 -S "key exchange mode: ephemeral"
46
47requires_gnutls_tls1_3
48requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]49requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]50run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]51 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]52 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
53 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
54 localhost" \
55 1 \
56 -s "found psk key exchange modes extension" \
57 -s "found pre_shared_key extension" \
58 -s "Found PSK_EPHEMERAL KEX MODE" \
59 -s "Found PSK KEX MODE" \
60 -s "Invalid binder." \
61 -S "key exchange mode: psk$" \
62 -S "key exchange mode: psk_ephemeral" \
63 -S "key exchange mode: ephemeral"
64
65requires_gnutls_tls1_3
66requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]67requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]68run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]69 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]70 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
71 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
72 localhost" \
73 0 \
74 -s "found psk key exchange modes extension" \
75 -s "found pre_shared_key extension" \
76 -S "Found PSK_EPHEMERAL KEX MODE" \
77 -s "Found PSK KEX MODE" \
78 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]79 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]80 -s "key exchange mode: psk$" \
81 -S "key exchange mode: psk_ephemeral" \
82 -S "key exchange mode: ephemeral"
83
84requires_gnutls_tls1_3
85requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]86requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]87run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]88 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]89 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
90 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
91 localhost" \
92 1 \
93 -s "found psk key exchange modes extension" \
94 -s "found pre_shared_key extension" \
95 -S "Found PSK_EPHEMERAL KEX MODE" \
96 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]97 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]98 -S "key exchange mode: psk$" \
99 -S "key exchange mode: psk_ephemeral" \
100 -S "key exchange mode: ephemeral"
101
102requires_gnutls_tls1_3
103requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]104requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]105run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]106 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]107 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
108 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
109 localhost" \
110 1 \
111 -s "found psk key exchange modes extension" \
112 -s "found pre_shared_key extension" \
113 -S "Found PSK_EPHEMERAL KEX MODE" \
114 -s "Found PSK KEX MODE" \
115 -s "Invalid binder." \
116 -S "key exchange mode: psk$" \
117 -S "key exchange mode: psk_ephemeral" \
118 -S "key exchange mode: ephemeral"
119
120requires_gnutls_tls1_3
121requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]122requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]123run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]124 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]125 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
126 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
127 localhost" \
128 0 \
129 -s "found psk key exchange modes extension" \
130 -s "found pre_shared_key extension" \
131 -s "Found PSK_EPHEMERAL KEX MODE" \
132 -S "Found PSK KEX MODE" \
133 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]134 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]135 -S "key exchange mode: psk$" \
136 -s "key exchange mode: psk_ephemeral" \
137 -S "key exchange mode: ephemeral"
138
139requires_gnutls_tls1_3
140requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]141requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]142run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]143 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]144 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
145 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
146 localhost" \
147 1 \
148 -s "found psk key exchange modes extension" \
149 -s "found pre_shared_key extension" \
150 -s "Found PSK_EPHEMERAL KEX MODE" \
151 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]152 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]153 -S "key exchange mode: psk$" \
154 -S "key exchange mode: psk_ephemeral" \
155 -S "key exchange mode: ephemeral"
156
157requires_gnutls_tls1_3
158requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]159requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]160run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]161 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]162 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
163 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
164 localhost" \
165 1 \
166 -s "found psk key exchange modes extension" \
167 -s "found pre_shared_key extension" \
168 -s "Found PSK_EPHEMERAL KEX MODE" \
169 -S "Found PSK KEX MODE" \
170 -s "Invalid binder." \
171 -S "key exchange mode: psk$" \
172 -S "key exchange mode: psk_ephemeral" \
173 -S "key exchange mode: ephemeral"
174
175requires_gnutls_tls1_3
176requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]178run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]179 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]180 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
181 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
182 localhost" \
183 0 \
184 -s "found psk key exchange modes extension" \
185 -s "found pre_shared_key extension" \
186 -s "Found PSK_EPHEMERAL KEX MODE" \
187 -s "Found PSK KEX MODE" \
188 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]189 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]190 -S "key exchange mode: psk$" \
191 -s "key exchange mode: psk_ephemeral" \
192 -S "key exchange mode: ephemeral"
193
194requires_gnutls_tls1_3
195requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]196requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]197run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]198 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]199 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
200 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
201 localhost" \
202 1 \
203 -s "found psk key exchange modes extension" \
204 -s "found pre_shared_key extension" \
205 -s "Found PSK_EPHEMERAL KEX MODE" \
206 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]207 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]208 -S "key exchange mode: psk$" \
209 -S "key exchange mode: psk_ephemeral" \
210 -S "key exchange mode: ephemeral"
211
212requires_gnutls_tls1_3
213requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]214requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]215run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]216 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]217 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
218 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
219 localhost" \
220 1 \
221 -s "found psk key exchange modes extension" \
222 -s "found pre_shared_key extension" \
223 -s "Found PSK_EPHEMERAL KEX MODE" \
224 -s "Found PSK KEX MODE" \
225 -s "Invalid binder." \
226 -S "key exchange mode: psk$" \
227 -S "key exchange mode: psk_ephemeral" \
228 -S "key exchange mode: ephemeral"
229
230requires_gnutls_tls1_3
231requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]232requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]233run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]234 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]235 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
236 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
237 localhost" \
238 1 \
239 -s "found psk key exchange modes extension" \
240 -s "found pre_shared_key extension" \
241 -S "Found PSK_EPHEMERAL KEX MODE" \
242 -s "Found PSK KEX MODE" \
243 -S "key exchange mode: psk$" \
244 -S "key exchange mode: psk_ephemeral" \
245 -S "key exchange mode: ephemeral"
246
247requires_gnutls_tls1_3
248requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]249requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
250requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]251run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]252 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]253 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
254 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
255 localhost" \
256 0 \
257 -s "found psk key exchange modes extension" \
258 -s "found pre_shared_key extension" \
259 -s "Found PSK_EPHEMERAL KEX MODE" \
260 -S "Found PSK KEX MODE" \
261 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]262 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]263 -S "key exchange mode: psk$" \
264 -s "key exchange mode: psk_ephemeral" \
265 -S "key exchange mode: ephemeral"
266
267requires_gnutls_tls1_3
268requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]269requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
270requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]271run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]272 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]273 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
274 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
275 localhost" \
276 1 \
277 -s "found psk key exchange modes extension" \
278 -s "found pre_shared_key extension" \
279 -s "Found PSK_EPHEMERAL KEX MODE" \
280 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]281 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]282 -S "key exchange mode: psk$" \
283 -S "key exchange mode: psk_ephemeral" \
284 -S "key exchange mode: ephemeral"
285
286requires_gnutls_tls1_3
287requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]288requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
289requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]290run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]291 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]292 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
293 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
294 localhost" \
295 1 \
296 -s "found psk key exchange modes extension" \
297 -s "found pre_shared_key extension" \
298 -s "Found PSK_EPHEMERAL KEX MODE" \
299 -S "Found PSK KEX MODE" \
300 -s "Invalid binder." \
301 -S "key exchange mode: psk$" \
302 -S "key exchange mode: psk_ephemeral" \
303 -S "key exchange mode: ephemeral"
304
305requires_gnutls_tls1_3
306requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]307requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
308requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]309run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]310 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]311 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
312 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
313 localhost" \
314 0 \
315 -s "found psk key exchange modes extension" \
316 -s "found pre_shared_key extension" \
317 -s "Found PSK_EPHEMERAL KEX MODE" \
318 -s "Found PSK KEX MODE" \
319 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]320 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]321 -S "key exchange mode: psk$" \
322 -s "key exchange mode: psk_ephemeral" \
323 -S "key exchange mode: ephemeral"
324
325requires_gnutls_tls1_3
326requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]329run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]330 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]331 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
332 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
333 localhost" \
334 1 \
335 -s "found psk key exchange modes extension" \
336 -s "found pre_shared_key extension" \
337 -s "Found PSK_EPHEMERAL KEX MODE" \
338 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]339 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]340 -S "key exchange mode: psk$" \
341 -S "key exchange mode: psk_ephemeral" \
342 -S "key exchange mode: ephemeral"
343
344requires_gnutls_tls1_3
345requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]346requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]348run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]349 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]350 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
351 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
352 localhost" \
353 1 \
354 -s "found psk key exchange modes extension" \
355 -s "found pre_shared_key extension" \
356 -s "Found PSK_EPHEMERAL KEX MODE" \
357 -s "Found PSK KEX MODE" \
358 -s "Invalid binder." \
359 -S "key exchange mode: psk$" \
360 -S "key exchange mode: psk_ephemeral" \
361 -S "key exchange mode: ephemeral"
362
363requires_gnutls_tls1_3
364requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]365requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
366requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]367run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]368 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]369 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
370 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
371 localhost" \
372 0 \
373 -s "found psk key exchange modes extension" \
374 -s "found pre_shared_key extension" \
375 -S "Found PSK_EPHEMERAL KEX MODE" \
376 -s "Found PSK KEX MODE" \
377 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]378 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]379 -s "key exchange mode: psk$" \
380 -S "key exchange mode: psk_ephemeral" \
381 -S "key exchange mode: ephemeral"
382
383requires_gnutls_tls1_3
384requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]385requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
386requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]387run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]388 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]389 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
390 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
391 localhost" \
392 1 \
393 -s "found psk key exchange modes extension" \
394 -s "found pre_shared_key extension" \
395 -S "Found PSK_EPHEMERAL KEX MODE" \
396 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]397 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]398 -S "key exchange mode: psk$" \
399 -S "key exchange mode: psk_ephemeral" \
400 -S "key exchange mode: ephemeral"
401
402requires_gnutls_tls1_3
403requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]404requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
405requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]406run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]407 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]408 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
409 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
410 localhost" \
411 1 \
412 -s "found psk key exchange modes extension" \
413 -s "found pre_shared_key extension" \
414 -S "Found PSK_EPHEMERAL KEX MODE" \
415 -s "Found PSK KEX MODE" \
416 -s "Invalid binder." \
417 -S "key exchange mode: psk$" \
418 -S "key exchange mode: psk_ephemeral" \
419 -S "key exchange mode: ephemeral"
420
421requires_gnutls_tls1_3
422requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]423requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
424requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]425run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]426 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]427 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
428 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
429 localhost" \
430 0 \
431 -s "found psk key exchange modes extension" \
432 -s "found pre_shared_key extension" \
433 -s "Found PSK_EPHEMERAL KEX MODE" \
434 -S "Found PSK KEX MODE" \
435 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]436 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]437 -S "key exchange mode: psk$" \
438 -s "key exchange mode: psk_ephemeral" \
439 -S "key exchange mode: ephemeral"
440
441requires_gnutls_tls1_3
442requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]443requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
444requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]445run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]446 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]447 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
448 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
449 localhost" \
450 0 \
451 -s "found psk key exchange modes extension" \
452 -s "found pre_shared_key extension" \
453 -s "Found PSK_EPHEMERAL KEX MODE" \
454 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]455 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]456 -S "key exchange mode: psk$" \
457 -S "key exchange mode: psk_ephemeral" \
458 -s "key exchange mode: ephemeral"
459
460requires_gnutls_tls1_3
461requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]462requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
463requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]464run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]465 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]466 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
467 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
468 localhost" \
469 1 \
470 -s "found psk key exchange modes extension" \
471 -s "found pre_shared_key extension" \
472 -s "Found PSK_EPHEMERAL KEX MODE" \
473 -S "Found PSK KEX MODE" \
474 -s "Invalid binder." \
475 -S "key exchange mode: psk$" \
476 -S "key exchange mode: psk_ephemeral" \
477 -S "key exchange mode: ephemeral"
478
479requires_gnutls_tls1_3
480requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]481requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
482requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]483run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]484 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]485 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
486 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
487 localhost" \
488 0 \
489 -s "found psk key exchange modes extension" \
490 -s "found pre_shared_key extension" \
491 -s "Found PSK_EPHEMERAL KEX MODE" \
492 -s "Found PSK KEX MODE" \
493 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]494 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]495 -S "key exchange mode: psk$" \
496 -s "key exchange mode: psk_ephemeral" \
497 -S "key exchange mode: ephemeral"
498
499requires_gnutls_tls1_3
500requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]501requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
502requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]503run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]504 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]505 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
506 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
507 localhost" \
508 0 \
509 -s "found psk key exchange modes extension" \
510 -s "found pre_shared_key extension" \
511 -s "Found PSK_EPHEMERAL KEX MODE" \
512 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]513 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]514 -S "key exchange mode: psk$" \
515 -S "key exchange mode: psk_ephemeral" \
516 -s "key exchange mode: ephemeral"
517
518requires_gnutls_tls1_3
519requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]520requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
521requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]522run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]523 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]524 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
525 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
526 localhost" \
527 1 \
528 -s "found psk key exchange modes extension" \
529 -s "found pre_shared_key extension" \
530 -s "Found PSK_EPHEMERAL KEX MODE" \
531 -s "Found PSK KEX MODE" \
532 -s "Invalid binder." \
533 -S "key exchange mode: psk$" \
534 -S "key exchange mode: psk_ephemeral" \
535 -S "key exchange mode: ephemeral"
536
537requires_gnutls_tls1_3
538requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]539requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
540requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]541run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]542 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]543 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
544 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
545 localhost" \
546 0 \
547 -s "found psk key exchange modes extension" \
548 -s "found pre_shared_key extension" \
549 -S "Found PSK_EPHEMERAL KEX MODE" \
550 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]551 -s "No suitable PSK key exchange mode" \
552 -S "Pre shared key found" \
553 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]554 -S "key exchange mode: psk$" \
555 -S "key exchange mode: psk_ephemeral" \
556 -s "key exchange mode: ephemeral"
557
558requires_gnutls_tls1_3
559requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]560requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
561requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]563run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]564 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]565 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
566 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
567 localhost" \
568 0 \
569 -s "found psk key exchange modes extension" \
570 -s "found pre_shared_key extension" \
571 -s "Found PSK_EPHEMERAL KEX MODE" \
572 -S "Found PSK KEX MODE" \
573 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]574 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]575 -S "key exchange mode: psk$" \
576 -s "key exchange mode: psk_ephemeral" \
577 -S "key exchange mode: ephemeral"
578
579requires_gnutls_tls1_3
580requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]581requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
582requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]584run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]585 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]586 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
587 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
588 localhost" \
589 0 \
590 -s "found psk key exchange modes extension" \
591 -s "found pre_shared_key extension" \
592 -s "Found PSK_EPHEMERAL KEX MODE" \
593 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]594 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]595 -S "key exchange mode: psk$" \
596 -S "key exchange mode: psk_ephemeral" \
597 -s "key exchange mode: ephemeral"
598
599requires_gnutls_tls1_3
600requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]601requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]604run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]605 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]606 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
607 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
608 localhost" \
609 1 \
610 -s "found psk key exchange modes extension" \
611 -s "found pre_shared_key extension" \
612 -s "Found PSK_EPHEMERAL KEX MODE" \
613 -S "Found PSK KEX MODE" \
614 -s "Invalid binder." \
615 -S "key exchange mode: psk$" \
616 -S "key exchange mode: psk_ephemeral" \
617 -S "key exchange mode: ephemeral"
618
619requires_gnutls_tls1_3
620requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]624run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]625 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]626 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
627 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
628 localhost" \
629 0 \
630 -s "found psk key exchange modes extension" \
631 -s "found pre_shared_key extension" \
632 -s "Found PSK_EPHEMERAL KEX MODE" \
633 -s "Found PSK KEX MODE" \
634 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]635 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]636 -S "key exchange mode: psk$" \
637 -s "key exchange mode: psk_ephemeral" \
638 -S "key exchange mode: ephemeral"
639
640requires_gnutls_tls1_3
641requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]642requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]645run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]646 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]647 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
648 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
649 localhost" \
650 0 \
651 -s "found psk key exchange modes extension" \
652 -s "found pre_shared_key extension" \
653 -s "Found PSK_EPHEMERAL KEX MODE" \
654 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]655 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]656 -S "key exchange mode: psk$" \
657 -S "key exchange mode: psk_ephemeral" \
658 -s "key exchange mode: ephemeral"
659
660requires_gnutls_tls1_3
661requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]662requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
663requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]665run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]666 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]667 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
668 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
669 localhost" \
670 1 \
671 -s "found psk key exchange modes extension" \
672 -s "found pre_shared_key extension" \
673 -s "Found PSK_EPHEMERAL KEX MODE" \
674 -s "Found PSK KEX MODE" \
675 -s "Invalid binder." \
676 -S "key exchange mode: psk$" \
677 -S "key exchange mode: psk_ephemeral" \
678 -S "key exchange mode: ephemeral"
679
680requires_gnutls_tls1_3
681requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]682requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
683requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]685run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]686 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]687 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
688 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
689 localhost" \
690 0 \
691 -s "found psk key exchange modes extension" \
692 -s "found pre_shared_key extension" \
693 -S "Found PSK_EPHEMERAL KEX MODE" \
694 -s "Found PSK KEX MODE" \
695 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]696 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]697 -S "key exchange mode: psk$" \
698 -S "key exchange mode: psk_ephemeral" \
699 -s "key exchange mode: ephemeral"
700
701requires_gnutls_tls1_3
702requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]703requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]706run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]707 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]708 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
709 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
710 localhost" \
711 1 \
712 -s "found psk key exchange modes extension" \
713 -s "found pre_shared_key extension" \
714 -S "Found PSK_EPHEMERAL KEX MODE" \
715 -s "Found PSK KEX MODE" \
716 -s "Invalid binder." \
717 -S "key exchange mode: psk$" \
718 -S "key exchange mode: psk_ephemeral" \
719 -S "key exchange mode: ephemeral"
720
721requires_gnutls_tls1_3
722requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]723requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
724requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]725run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]726 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]727 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
728 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
729 localhost" \
730 0 \
731 -s "found psk key exchange modes extension" \
732 -s "found pre_shared_key extension" \
733 -s "Found PSK_EPHEMERAL KEX MODE" \
734 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]735 -s "No suitable PSK key exchange mode" \
736 -S "Pre shared key found" \
737 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]738 -S "key exchange mode: psk$" \
739 -S "key exchange mode: psk_ephemeral" \
740 -s "key exchange mode: ephemeral"
741
742requires_gnutls_tls1_3
743requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]744requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
745requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]746run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]747 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]748 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
749 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
750 localhost" \
751 0 \
752 -s "found psk key exchange modes extension" \
753 -s "found pre_shared_key extension" \
754 -s "Found PSK_EPHEMERAL KEX MODE" \
755 -s "Found PSK KEX MODE" \
756 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]757 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]758 -S "key exchange mode: psk$" \
759 -S "key exchange mode: psk_ephemeral" \
760 -s "key exchange mode: ephemeral"
761
762requires_gnutls_tls1_3
763requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]764requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
765requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]766run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]767 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]768 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
769 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
770 localhost" \
771 1 \
772 -s "found psk key exchange modes extension" \
773 -s "found pre_shared_key extension" \
774 -s "Found PSK_EPHEMERAL KEX MODE" \
775 -s "Found PSK KEX MODE" \
776 -s "Invalid binder." \
777 -S "key exchange mode: psk$" \
778 -S "key exchange mode: psk_ephemeral" \
779 -S "key exchange mode: ephemeral"
780
781requires_gnutls_tls1_3
782requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]783requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]785run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]786 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]787 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
788 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
789 localhost" \
790 0 \
791 -s "found psk key exchange modes extension" \
792 -s "found pre_shared_key extension" \
793 -S "Found PSK_EPHEMERAL KEX MODE" \
794 -s "Found PSK KEX MODE" \
795 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]796 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]797 -S "key exchange mode: psk$" \
798 -S "key exchange mode: psk_ephemeral" \
799 -s "key exchange mode: ephemeral"
800
801requires_gnutls_tls1_3
802requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]803requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
804requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]805run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]806 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]807 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
808 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
809 localhost" \
810 1 \
811 -s "found psk key exchange modes extension" \
812 -s "found pre_shared_key extension" \
813 -S "Found PSK_EPHEMERAL KEX MODE" \
814 -s "Found PSK KEX MODE" \
815 -s "Invalid binder." \
816 -S "key exchange mode: psk$" \
817 -S "key exchange mode: psk_ephemeral" \
818 -S "key exchange mode: ephemeral"
819
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]820requires_gnutls_tls1_3
821requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]823requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]824run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]825 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]826 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
827 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
828 localhost" \
829 0 \
830 -s "write selected_group: secp256r1" \
831 -S "key exchange mode: psk$" \
832 -s "key exchange mode: psk_ephemeral" \
833 -S "key exchange mode: ephemeral"
834
835requires_gnutls_tls1_3
836requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]837requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]838requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]839run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]840 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]841 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
842 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
843 localhost" \
844 0 \
845 -s "write selected_group: secp384r1" \
846 -S "key exchange mode: psk$" \
847 -s "key exchange mode: psk_ephemeral" \
848 -S "key exchange mode: ephemeral"
849
850requires_gnutls_tls1_3
851requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]852requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]853requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]854run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]855 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]856 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
857 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
858 localhost" \
859 0 \
860 -s "write selected_group: secp521r1" \
861 -S "key exchange mode: psk$" \
862 -s "key exchange mode: psk_ephemeral" \
863 -S "key exchange mode: ephemeral"
864
865requires_gnutls_tls1_3
866requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]867requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]868requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]869run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]870 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]871 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
872 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
873 localhost" \
874 0 \
875 -s "write selected_group: x25519" \
876 -S "key exchange mode: psk$" \
877 -s "key exchange mode: psk_ephemeral" \
878 -S "key exchange mode: ephemeral"
879
880requires_gnutls_tls1_3
881requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]882requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]883requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]884run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]885 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]886 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
887 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
888 localhost" \
889 0 \
890 -s "write selected_group: x448" \
891 -S "key exchange mode: psk$" \
892 -s "key exchange mode: psk_ephemeral" \
893 -S "key exchange mode: ephemeral"
894
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]895requires_openssl_tls1_3
896requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]897requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]898run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]899 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]900 "$O_NEXT_CLI -tls1_3 -msg \
901 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
902 1 \
903 -s "found psk key exchange modes extension" \
904 -s "found pre_shared_key extension" \
905 -s "Found PSK_EPHEMERAL KEX MODE" \
906 -S "Found PSK KEX MODE" \
907 -S "key exchange mode: psk$" \
908 -S "key exchange mode: psk_ephemeral" \
909 -S "key exchange mode: ephemeral"
910
911requires_openssl_tls1_3
912requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]913requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]914run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]915 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]916 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
917 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
918 0 \
919 -s "found psk key exchange modes extension" \
920 -s "found pre_shared_key extension" \
921 -s "Found PSK_EPHEMERAL KEX MODE" \
922 -s "Found PSK KEX MODE" \
923 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]924 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]925 -s "key exchange mode: psk$" \
926 -S "key exchange mode: psk_ephemeral" \
927 -S "key exchange mode: ephemeral"
928
929requires_openssl_tls1_3
930requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]932run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]933 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]934 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
935 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
936 1 \
937 -s "found psk key exchange modes extension" \
938 -s "found pre_shared_key extension" \
939 -s "Found PSK_EPHEMERAL KEX MODE" \
940 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]941 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]942 -S "key exchange mode: psk$" \
943 -S "key exchange mode: psk_ephemeral" \
944 -S "key exchange mode: ephemeral"
945
946requires_openssl_tls1_3
947requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]949run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]950 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]951 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
952 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
953 1 \
954 -s "found psk key exchange modes extension" \
955 -s "found pre_shared_key extension" \
956 -s "Found PSK_EPHEMERAL KEX MODE" \
957 -s "Found PSK KEX MODE" \
958 -s "Invalid binder." \
959 -S "key exchange mode: psk$" \
960 -S "key exchange mode: psk_ephemeral" \
961 -S "key exchange mode: ephemeral"
962
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]963requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]964requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]965requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]966run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]967 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]968 "$O_NEXT_CLI -tls1_3 -msg \
969 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
970 0 \
971 -s "found psk key exchange modes extension" \
972 -s "found pre_shared_key extension" \
973 -s "Found PSK_EPHEMERAL KEX MODE" \
974 -S "Found PSK KEX MODE" \
975 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]976 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]977 -S "key exchange mode: psk$" \
978 -s "key exchange mode: psk_ephemeral" \
979 -S "key exchange mode: ephemeral"
980
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]981requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]982requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]983requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]984run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]985 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]986 "$O_NEXT_CLI -tls1_3 -msg \
987 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
988 1 \
989 -s "found psk key exchange modes extension" \
990 -s "found pre_shared_key extension" \
991 -s "Found PSK_EPHEMERAL KEX MODE" \
992 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]993 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]994 -S "key exchange mode: psk$" \
995 -S "key exchange mode: psk_ephemeral" \
996 -S "key exchange mode: ephemeral"
997
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]998requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]999requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1000requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1001run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1002 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1003 "$O_NEXT_CLI -tls1_3 -msg \
1004 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1005 1 \
1006 -s "found psk key exchange modes extension" \
1007 -s "found pre_shared_key extension" \
1008 -s "Found PSK_EPHEMERAL KEX MODE" \
1009 -S "Found PSK KEX MODE" \
1010 -s "Invalid binder." \
1011 -S "key exchange mode: psk$" \
1012 -S "key exchange mode: psk_ephemeral" \
1013 -S "key exchange mode: ephemeral"
1014
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1015requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1016requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1017requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1018run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1019 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1020 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1021 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1022 0 \
1023 -s "found psk key exchange modes extension" \
1024 -s "found pre_shared_key extension" \
1025 -s "Found PSK_EPHEMERAL KEX MODE" \
1026 -s "Found PSK KEX MODE" \
1027 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1028 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1029 -S "key exchange mode: psk$" \
1030 -s "key exchange mode: psk_ephemeral" \
1031 -S "key exchange mode: ephemeral"
1032
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1033requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1034requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1035requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1036run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1037 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1038 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1039 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1040 1 \
1041 -s "found psk key exchange modes extension" \
1042 -s "found pre_shared_key extension" \
1043 -s "Found PSK_EPHEMERAL KEX MODE" \
1044 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1045 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1046 -S "key exchange mode: psk$" \
1047 -S "key exchange mode: psk_ephemeral" \
1048 -S "key exchange mode: ephemeral"
1049
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1050requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1051requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1052requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1053run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1054 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1055 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1056 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1057 1 \
1058 -s "found psk key exchange modes extension" \
1059 -s "found pre_shared_key extension" \
1060 -s "Found PSK_EPHEMERAL KEX MODE" \
1061 -s "Found PSK KEX MODE" \
1062 -s "Invalid binder." \
1063 -S "key exchange mode: psk$" \
1064 -S "key exchange mode: psk_ephemeral" \
1065 -S "key exchange mode: ephemeral"
1066
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1067requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1068requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1069requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1070requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1071run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1072 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1073 "$O_NEXT_CLI -tls1_3 -msg \
1074 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1075 0 \
1076 -s "found psk key exchange modes extension" \
1077 -s "found pre_shared_key extension" \
1078 -s "Found PSK_EPHEMERAL KEX MODE" \
1079 -S "Found PSK KEX MODE" \
1080 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1081 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1082 -S "key exchange mode: psk$" \
1083 -s "key exchange mode: psk_ephemeral" \
1084 -S "key exchange mode: ephemeral"
1085
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1086requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1087requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1088requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1089requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1090run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1091 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1092 "$O_NEXT_CLI -tls1_3 -msg \
1093 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1094 1 \
1095 -s "found psk key exchange modes extension" \
1096 -s "found pre_shared_key extension" \
1097 -s "Found PSK_EPHEMERAL KEX MODE" \
1098 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1099 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1100 -S "key exchange mode: psk$" \
1101 -S "key exchange mode: psk_ephemeral" \
1102 -S "key exchange mode: ephemeral"
1103
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1104requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1105requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1107requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1108run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1109 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1110 "$O_NEXT_CLI -tls1_3 -msg \
1111 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1112 1 \
1113 -s "found psk key exchange modes extension" \
1114 -s "found pre_shared_key extension" \
1115 -s "Found PSK_EPHEMERAL KEX MODE" \
1116 -S "Found PSK KEX MODE" \
1117 -s "Invalid binder." \
1118 -S "key exchange mode: psk$" \
1119 -S "key exchange mode: psk_ephemeral" \
1120 -S "key exchange mode: ephemeral"
1121
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1122requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1125requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1126run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1127 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1128 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1129 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1130 0 \
1131 -s "found psk key exchange modes extension" \
1132 -s "found pre_shared_key extension" \
1133 -s "Found PSK_EPHEMERAL KEX MODE" \
1134 -s "Found PSK KEX MODE" \
1135 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1136 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1137 -S "key exchange mode: psk$" \
1138 -s "key exchange mode: psk_ephemeral" \
1139 -S "key exchange mode: ephemeral"
1140
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1141requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1142requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1145run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1146 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1147 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1148 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1149 1 \
1150 -s "found psk key exchange modes extension" \
1151 -s "found pre_shared_key extension" \
1152 -s "Found PSK_EPHEMERAL KEX MODE" \
1153 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1154 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1155 -S "key exchange mode: psk$" \
1156 -S "key exchange mode: psk_ephemeral" \
1157 -S "key exchange mode: ephemeral"
1158
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1159requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1160requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1162requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1163run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1164 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1165 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1166 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1167 1 \
1168 -s "found psk key exchange modes extension" \
1169 -s "found pre_shared_key extension" \
1170 -s "Found PSK_EPHEMERAL KEX MODE" \
1171 -s "Found PSK KEX MODE" \
1172 -s "Invalid binder." \
1173 -S "key exchange mode: psk$" \
1174 -S "key exchange mode: psk_ephemeral" \
1175 -S "key exchange mode: ephemeral"
1176
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1177requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1178requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1180requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1181run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1182 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1183 "$O_NEXT_CLI -tls1_3 -msg \
1184 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1185 0 \
1186 -s "found psk key exchange modes extension" \
1187 -s "found pre_shared_key extension" \
1188 -s "Found PSK_EPHEMERAL KEX MODE" \
1189 -S "Found PSK KEX MODE" \
1190 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1191 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1192 -S "key exchange mode: psk$" \
1193 -s "key exchange mode: psk_ephemeral" \
1194 -S "key exchange mode: ephemeral"
1195
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1196requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1199requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1200run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1201 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1202 "$O_NEXT_CLI -tls1_3 -msg \
1203 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1204 0 \
1205 -s "found psk key exchange modes extension" \
1206 -s "found pre_shared_key extension" \
1207 -s "Found PSK_EPHEMERAL KEX MODE" \
1208 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1209 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1210 -S "key exchange mode: psk$" \
1211 -S "key exchange mode: psk_ephemeral" \
1212 -s "key exchange mode: ephemeral"
1213
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1214requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1215requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1217requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1218run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1219 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1220 "$O_NEXT_CLI -tls1_3 -msg \
1221 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1222 1 \
1223 -s "found psk key exchange modes extension" \
1224 -s "found pre_shared_key extension" \
1225 -s "Found PSK_EPHEMERAL KEX MODE" \
1226 -S "Found PSK KEX MODE" \
1227 -s "Invalid binder." \
1228 -S "key exchange mode: psk$" \
1229 -S "key exchange mode: psk_ephemeral" \
1230 -S "key exchange mode: ephemeral"
1231
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1232requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1233requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1234requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1235requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1236run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1237 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1238 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1239 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1240 0 \
1241 -s "found psk key exchange modes extension" \
1242 -s "found pre_shared_key extension" \
1243 -s "Found PSK_EPHEMERAL KEX MODE" \
1244 -s "Found PSK KEX MODE" \
1245 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1246 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1247 -S "key exchange mode: psk$" \
1248 -s "key exchange mode: psk_ephemeral" \
1249 -S "key exchange mode: ephemeral"
1250
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1251requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1252requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1254requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1255run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1256 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1257 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1258 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1259 0 \
1260 -s "found psk key exchange modes extension" \
1261 -s "found pre_shared_key extension" \
1262 -s "Found PSK_EPHEMERAL KEX MODE" \
1263 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1264 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1265 -S "key exchange mode: psk$" \
1266 -S "key exchange mode: psk_ephemeral" \
1267 -s "key exchange mode: ephemeral"
1268
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1269requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1270requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1273run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1274 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1275 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1276 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1277 1 \
1278 -s "found psk key exchange modes extension" \
1279 -s "found pre_shared_key extension" \
1280 -s "Found PSK_EPHEMERAL KEX MODE" \
1281 -s "Found PSK KEX MODE" \
1282 -s "Invalid binder." \
1283 -S "key exchange mode: psk$" \
1284 -S "key exchange mode: psk_ephemeral" \
1285 -S "key exchange mode: ephemeral"
1286
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1287requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1288requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1289requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1292run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1293 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1294 "$O_NEXT_CLI -tls1_3 -msg \
1295 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1296 0 \
1297 -s "found psk key exchange modes extension" \
1298 -s "found pre_shared_key extension" \
1299 -s "Found PSK_EPHEMERAL KEX MODE" \
1300 -S "Found PSK KEX MODE" \
1301 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1302 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1303 -S "key exchange mode: psk$" \
1304 -s "key exchange mode: psk_ephemeral" \
1305 -S "key exchange mode: ephemeral"
1306
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1307requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1308requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1312run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1313 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1314 "$O_NEXT_CLI -tls1_3 -msg \
1315 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1316 0 \
1317 -s "found psk key exchange modes extension" \
1318 -s "found pre_shared_key extension" \
1319 -s "Found PSK_EPHEMERAL KEX MODE" \
1320 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1321 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1322 -S "key exchange mode: psk$" \
1323 -S "key exchange mode: psk_ephemeral" \
1324 -s "key exchange mode: ephemeral"
1325
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1326requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1327requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1331run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1332 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1333 "$O_NEXT_CLI -tls1_3 -msg \
1334 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1335 1 \
1336 -s "found psk key exchange modes extension" \
1337 -s "found pre_shared_key extension" \
1338 -s "Found PSK_EPHEMERAL KEX MODE" \
1339 -S "Found PSK KEX MODE" \
1340 -s "Invalid binder." \
1341 -S "key exchange mode: psk$" \
1342 -S "key exchange mode: psk_ephemeral" \
1343 -S "key exchange mode: ephemeral"
1344
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1345requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1346requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1347requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1350run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1351 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1352 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1353 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1354 0 \
1355 -s "found psk key exchange modes extension" \
1356 -s "found pre_shared_key extension" \
1357 -s "Found PSK_EPHEMERAL KEX MODE" \
1358 -s "Found PSK KEX MODE" \
1359 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1360 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1361 -S "key exchange mode: psk$" \
1362 -s "key exchange mode: psk_ephemeral" \
1363 -S "key exchange mode: ephemeral"
1364
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1365requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1366requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1367requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1370run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1371 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1372 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1373 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1374 0 \
1375 -s "found psk key exchange modes extension" \
1376 -s "found pre_shared_key extension" \
1377 -s "Found PSK_EPHEMERAL KEX MODE" \
1378 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1379 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1380 -S "key exchange mode: psk$" \
1381 -S "key exchange mode: psk_ephemeral" \
1382 -s "key exchange mode: ephemeral"
1383
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1384requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1385requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1386requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1389run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1390 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1391 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1392 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1393 1 \
1394 -s "found psk key exchange modes extension" \
1395 -s "found pre_shared_key extension" \
1396 -s "Found PSK_EPHEMERAL KEX MODE" \
1397 -s "Found PSK KEX MODE" \
1398 -s "Invalid binder." \
1399 -S "key exchange mode: psk$" \
1400 -S "key exchange mode: psk_ephemeral" \
1401 -S "key exchange mode: ephemeral"
1402
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1403requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1404requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1405requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1407run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1408 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1409 "$O_NEXT_CLI -tls1_3 -msg \
1410 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1411 0 \
1412 -s "found psk key exchange modes extension" \
1413 -s "found pre_shared_key extension" \
1414 -s "Found PSK_EPHEMERAL KEX MODE" \
1415 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1416 -s "No suitable PSK key exchange mode" \
1417 -S "Pre shared key found" \
1418 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1419 -S "key exchange mode: psk$" \
1420 -S "key exchange mode: psk_ephemeral" \
1421 -s "key exchange mode: ephemeral"
1422
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1423requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1424requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1427run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1428 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1429 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1430 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1431 0 \
1432 -s "found psk key exchange modes extension" \
1433 -s "found pre_shared_key extension" \
1434 -s "Found PSK_EPHEMERAL KEX MODE" \
1435 -s "Found PSK KEX MODE" \
1436 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1437 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1438 -S "key exchange mode: psk$" \
1439 -S "key exchange mode: psk_ephemeral" \
1440 -s "key exchange mode: ephemeral"
1441
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1442requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1443requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1444requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1446run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1447 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1448 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1449 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1450 1 \
1451 -s "found psk key exchange modes extension" \
1452 -s "found pre_shared_key extension" \
1453 -s "Found PSK_EPHEMERAL KEX MODE" \
1454 -s "Found PSK KEX MODE" \
1455 -s "Invalid binder." \
1456 -S "key exchange mode: psk$" \
1457 -S "key exchange mode: psk_ephemeral" \
1458 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1459
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1460requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1461requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1462 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1463 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1464 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_256
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1465run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1466 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1467 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1468 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1469 0 \
1470 -s "write selected_group: secp256r1" \
1471 -S "key exchange mode: psk$" \
1472 -s "key exchange mode: psk_ephemeral" \
1473 -S "key exchange mode: ephemeral"
1474
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1475requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1476requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1477 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1478 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1479 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1480run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1481 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1482 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1483 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1484 0 \
1485 -s "write selected_group: secp384r1" \
1486 -S "key exchange mode: psk$" \
1487 -s "key exchange mode: psk_ephemeral" \
1488 -S "key exchange mode: ephemeral"
1489
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1490requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1491requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1492 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1493 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1494 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_521
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1495run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1496 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1497 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1498 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1499 0 \
1500 -s "write selected_group: secp521r1" \
1501 -S "key exchange mode: psk$" \
1502 -s "key exchange mode: psk_ephemeral" \
1503 -S "key exchange mode: ephemeral"
1504
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1505requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1506requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1507 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1508 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1509 PSA_WANT_ALG_ECDH PSA_WANT_ECC_MONTGOMERY_255
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1510run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1511 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1512 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1513 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1514 0 \
1515 -s "write selected_group: x25519" \
1516 -S "key exchange mode: psk$" \
1517 -s "key exchange mode: psk_ephemeral" \
1518 -S "key exchange mode: ephemeral"
1519
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1520requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1521requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1522 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1523 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1524 PSA_WANT_ALG_ECDH PSA_WANT_ECC_MONTGOMERY_448
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1525run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1526 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1527 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1528 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1529 0 \
1530 -s "write selected_group: x448" \
1531 -S "key exchange mode: psk$" \
1532 -s "key exchange mode: psk_ephemeral" \
1533 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1534
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1535requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1536requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1537 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1538 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1539 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1540run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1541 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1542 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1543 0 \
1544 -s "write selected_group: secp384r1" \
1545 -s "HRR selected_group: secp384r1" \
1546 -S "key exchange mode: psk$" \
1547 -s "key exchange mode: psk_ephemeral" \
1548 -S "key exchange mode: ephemeral"
1549
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1550requires_gnutls_tls1_3
1551requires_gnutls_next_no_ticket
1552requires_gnutls_next_disable_tls13_compat
Ronald Croncfb9f4d2024-04-02 17:03:53 +0200[diff] [blame]1553requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
1554 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \
1555 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \
1556 PSA_WANT_ALG_ECDH PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1557run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1558 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1559 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1560 0 \
1561 -s "write selected_group: secp384r1" \
1562 -s "HRR selected_group: secp384r1" \
1563 -S "key exchange mode: psk$" \
1564 -s "key exchange mode: psk_ephemeral" \
1565 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1566
1567
1568# Add psk test cases for mbedtls client code
1569
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1570# MbedTls->MbedTLS kinds of tls13_kex_modes
1571# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1572requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1573requires_config_enabled MBEDTLS_SSL_SRV_C
1574requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1576run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1577 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1578 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1579 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1580 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1581 -c "client hello, adding psk_key_exchange_modes extension" \
1582 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1583 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1584 -c "HTTP/1.0 200 OK"
1585
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1586requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1587requires_config_enabled MBEDTLS_SSL_SRV_C
1588requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1589requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1590run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1591 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1592 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1593 1 \
1594 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1595 -c "client hello, adding psk_key_exchange_modes extension" \
1596 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1597 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1598
1599requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1600requires_config_enabled MBEDTLS_SSL_SRV_C
1601requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1603run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1604 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1605 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1606 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1607 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1608 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1609 -c "client hello, adding PSK binder list" \
1610 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1611
1612requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1613requires_config_enabled MBEDTLS_SSL_SRV_C
1614requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1616requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1617run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1618 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1619 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1620 1 \
1621 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1622 -c "client hello, adding psk_key_exchange_modes extension" \
1623 -c "client hello, adding PSK binder list" \
1624 -s "ClientHello message misses mandatory extensions."
1625
1626requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1627requires_config_enabled MBEDTLS_SSL_SRV_C
1628requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1629requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1630requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1631run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1632 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1633 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1634 1 \
1635 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1636 -c "client hello, adding psk_key_exchange_modes extension" \
1637 -c "client hello, adding PSK binder list" \
1638 -s "ClientHello message misses mandatory extensions."
1639
1640requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1641requires_config_enabled MBEDTLS_SSL_SRV_C
1642requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1646run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1647 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1648 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1649 1 \
1650 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1651 -c "client hello, adding psk_key_exchange_modes extension" \
1652 -c "client hello, adding PSK binder list" \
1653 -s "ClientHello message misses mandatory extensions."
1654
1655requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1656requires_config_enabled MBEDTLS_SSL_SRV_C
1657requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1658requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1659requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1660run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1661 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1662 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1663 0 \
1664 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1665 -c "client hello, adding psk_key_exchange_modes extension" \
1666 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1667 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1668 -c "HTTP/1.0 200 OK"
1669
1670requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1671requires_config_enabled MBEDTLS_SSL_SRV_C
1672requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1673requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1674requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1675run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1676 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1677 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1678 1 \
1679 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1680 -c "client hello, adding psk_key_exchange_modes extension" \
1681 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1682 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1683 -s "ClientHello message misses mandatory extensions."
1684
1685requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1686requires_config_enabled MBEDTLS_SSL_SRV_C
1687requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1689requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1690run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1691 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1692 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1693 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1694 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1695 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1696 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1697 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1698
1699requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1700requires_config_enabled MBEDTLS_SSL_SRV_C
1701requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1702requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1703requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1705run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1706 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1707 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1708 0 \
1709 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1710 -c "client hello, adding psk_key_exchange_modes extension" \
1711 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1712 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1713 -c "HTTP/1.0 200 OK"
1714
1715requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1716requires_config_enabled MBEDTLS_SSL_SRV_C
1717requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1718requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1719requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1720requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1721run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1722 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1723 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1724 1 \
1725 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1726 -c "client hello, adding psk_key_exchange_modes extension" \
1727 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1728 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1729 -s "ClientHello message misses mandatory extensions."
1730
1731requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1732requires_config_enabled MBEDTLS_SSL_SRV_C
1733requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1734requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1735requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1737run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1738 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1739 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1740 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1741 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1742 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1743 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1744 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1745
1746# psk_ephemeral mode in client
1747requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1748requires_config_enabled MBEDTLS_SSL_SRV_C
1749requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1750requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1751requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1752run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1753 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1754 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1755 1 \
1756 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1757 -c "client hello, adding psk_key_exchange_modes extension" \
1758 -c "client hello, adding PSK binder list" \
1759 -s "ClientHello message misses mandatory extensions."
1760
1761requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1762requires_config_enabled MBEDTLS_SSL_SRV_C
1763requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1764requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1765run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1766 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1767 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1768 0 \
1769 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1770 -c "client hello, adding psk_key_exchange_modes extension" \
1771 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1772 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1773 -c "HTTP/1.0 200 OK"
1774
1775requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1776requires_config_enabled MBEDTLS_SSL_SRV_C
1777requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1778requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1779run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1780 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1781 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1782 1 \
1783 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1784 -c "client hello, adding psk_key_exchange_modes extension" \
1785 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1786 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1787 -s "ClientHello message misses mandatory extensions."
1788
1789requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1790requires_config_enabled MBEDTLS_SSL_SRV_C
1791requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1792requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1793run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1794 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1795 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1796 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1797 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1798 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1799 -c "client hello, adding PSK binder list" \
1800 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1801
1802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1803requires_config_enabled MBEDTLS_SSL_SRV_C
1804requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1805requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1807requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1808run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1809 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1810 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1811 1 \
1812 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1813 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1814 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1815
1816requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1817requires_config_enabled MBEDTLS_SSL_SRV_C
1818requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1819requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1820requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1821run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1822 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1823 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1824 0 \
1825 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1826 -c "client hello, adding psk_key_exchange_modes extension" \
1827 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1828 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1829 -c "HTTP/1.0 200 OK"
1830
1831requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1832requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1833requires_config_enabled MBEDTLS_SSL_SRV_C
1834requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1835requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1836requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1837run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1838 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1839 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1840 1 \
1841 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1842 -c "client hello, adding psk_key_exchange_modes extension" \
1843 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1844 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1845
1846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1847requires_config_enabled MBEDTLS_SSL_SRV_C
1848requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1849requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1850requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1851run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1852 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1853 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1854 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1855 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1856 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1857 -c "client hello, adding PSK binder list" \
1858 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1859
1860requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1861requires_config_enabled MBEDTLS_SSL_SRV_C
1862requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1863requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1864requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1865run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1866 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1867 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1868 0 \
1869 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1870 -c "client hello, adding psk_key_exchange_modes extension" \
1871 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1872 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1873 -c "HTTP/1.0 200 OK"
1874
1875requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1876requires_config_enabled MBEDTLS_SSL_SRV_C
1877requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1878requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1879requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1880run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1881 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1882 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1883 1 \
1884 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1885 -c "client hello, adding psk_key_exchange_modes extension" \
1886 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1887 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1888 -s "ClientHello message misses mandatory extensions."
1889
1890requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1891requires_config_enabled MBEDTLS_SSL_SRV_C
1892requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1893requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1894requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1895run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1896 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1897 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1898 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1899 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1900 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1901 -c "client hello, adding PSK binder list" \
1902 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1903
1904requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1905requires_config_enabled MBEDTLS_SSL_SRV_C
1906requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1907requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1908requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1910run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1911 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1912 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1913 0 \
1914 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1915 -c "client hello, adding psk_key_exchange_modes extension" \
1916 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1917 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1918 -c "HTTP/1.0 200 OK"
1919
1920requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1921requires_config_enabled MBEDTLS_SSL_SRV_C
1922requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1923requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1924requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1926run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1927 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1928 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1929 1 \
1930 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1931 -c "client hello, adding psk_key_exchange_modes extension" \
1932 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1933 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1934
1935requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1936requires_config_enabled MBEDTLS_SSL_SRV_C
1937requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1938requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1939requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1940requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1941run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1942 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1943 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1944 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1945 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1946 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1947 -c "client hello, adding PSK binder list" \
1948 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1949
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1950# ephemeral mode in client
1951requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1952requires_config_enabled MBEDTLS_SSL_SRV_C
1953requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1954requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1955requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1956run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1957 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1958 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1959 1 \
1960 -s "ClientHello message misses mandatory extensions."
1961
1962requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1963requires_config_enabled MBEDTLS_SSL_SRV_C
1964requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1965requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1966requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1967run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1968 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1969 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1970 1 \
1971 -s "ClientHello message misses mandatory extensions."
1972
1973requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1974requires_config_enabled MBEDTLS_SSL_SRV_C
1975requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1977run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1978 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1979 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1980 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1981 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1982 -c "HTTP/1.0 200 OK"
1983
1984requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1985requires_config_enabled MBEDTLS_SSL_SRV_C
1986requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1987requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1988requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1989run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1990 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1991 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1992 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1993 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1994 -c "HTTP/1.0 200 OK"
1995
1996requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1997requires_config_enabled MBEDTLS_SSL_SRV_C
1998requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1999requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2000requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2001requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2002run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2003 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2004 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2005 1 \
2006 -s "ClientHello message misses mandatory extensions."
2007
2008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2009requires_config_enabled MBEDTLS_SSL_SRV_C
2010requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2011requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2012requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2013requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2014run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2015 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2016 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2017 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2018 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2019 -c "HTTP/1.0 200 OK"
2020
2021# ephemeral_all mode in client
2022requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2023requires_config_enabled MBEDTLS_SSL_SRV_C
2024requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2025requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2026requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2027requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2028run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2029 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2030 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2031 1 \
2032 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2033 -c "client hello, adding psk_key_exchange_modes extension" \
2034 -c "client hello, adding PSK binder list" \
2035 -s "ClientHello message misses mandatory extensions."
2036
2037requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2038requires_config_enabled MBEDTLS_SSL_SRV_C
2039requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2040requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2041requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2042run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2043 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2044 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2045 0 \
2046 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2047 -c "client hello, adding psk_key_exchange_modes extension" \
2048 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2049 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2050 -c "HTTP/1.0 200 OK"
2051
2052requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2053requires_config_enabled MBEDTLS_SSL_SRV_C
2054requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2055requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2056requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2057run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2058 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2059 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2060 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2061 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2062 -c "client hello, adding psk_key_exchange_modes extension" \
2063 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2064 -s "No usable PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2065
2066requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2067requires_config_enabled MBEDTLS_SSL_SRV_C
2068requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2069requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2070requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2071run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2072 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2073 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2074 1 \
2075 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2076 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2077 -c "client hello, adding PSK binder list" \
2078 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2079
2080requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2081requires_config_enabled MBEDTLS_SSL_SRV_C
2082requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2083requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2084requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2085run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2086 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2087 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2088 0 \
2089 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2090 -c "client hello, adding psk_key_exchange_modes extension" \
2091 -c "client hello, adding PSK binder list" \
2092 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2093 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2094 -c "HTTP/1.0 200 OK"
2095
2096requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2097requires_config_enabled MBEDTLS_SSL_SRV_C
2098requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2099requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2101run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2102 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2103 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2104 0 \
2105 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2106 -c "client hello, adding psk_key_exchange_modes extension" \
2107 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2108 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2109 -c "HTTP/1.0 200 OK"
2110
2111requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2112requires_config_enabled MBEDTLS_SSL_SRV_C
2113requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2114requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2115requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2116run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2117 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2118 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2119 0 \
2120 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2121 -c "client hello, adding psk_key_exchange_modes extension" \
2122 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2123 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2124 -s "key exchange mode: ephemeral"
2125
2126requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2127requires_config_enabled MBEDTLS_SSL_SRV_C
2128requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2129requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2130requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2131run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2132 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2133 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2134 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2135 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2136 -c "client hello, adding psk_key_exchange_modes extension" \
2137 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2138 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2139
2140requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2141requires_config_enabled MBEDTLS_SSL_SRV_C
2142requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2146run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2147 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2148 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2149 0 \
2150 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2151 -c "client hello, adding psk_key_exchange_modes extension" \
2152 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2153 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2154 -c "HTTP/1.0 200 OK"
2155
2156requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2157requires_config_enabled MBEDTLS_SSL_SRV_C
2158requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2159requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2160requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2162run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2163 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2164 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2165 1 \
2166 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2167 -c "client hello, adding psk_key_exchange_modes extension" \
2168 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2169 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2170 -s "ClientHello message misses mandatory extensions."
2171
2172requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2173requires_config_enabled MBEDTLS_SSL_SRV_C
2174requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2175requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2176requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2178run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2179 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2180 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2181 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2182 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2183 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2184 -c "client hello, adding PSK binder list" \
2185 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2186
2187requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2188requires_config_enabled MBEDTLS_SSL_SRV_C
2189requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2190requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2191requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2192requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2193run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2194 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2195 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2196 0 \
2197 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2198 -c "client hello, adding psk_key_exchange_modes extension" \
2199 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2200 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2201 -c "HTTP/1.0 200 OK"
2202
2203requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2204requires_config_enabled MBEDTLS_SSL_SRV_C
2205requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2206requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2207requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2208requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2209run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2210 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2211 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2212 0 \
2213 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2214 -c "client hello, adding psk_key_exchange_modes extension" \
2215 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2216 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2217 -s "key exchange mode: ephemeral"
2218
2219requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2220requires_config_enabled MBEDTLS_SSL_SRV_C
2221requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2222requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2225run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2226 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2227 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2228 1 \
2229 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2230 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2231 -c "client hello, adding PSK binder list" \
2232 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2233
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2234# psk_all mode in client
2235requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2236requires_config_enabled MBEDTLS_SSL_SRV_C
2237requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2238requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2239requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2240run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2241 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2242 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2243 0 \
2244 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2245 -c "client hello, adding psk_key_exchange_modes extension" \
2246 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2247 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2248 -c "HTTP/1.0 200 OK"
2249
2250requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2251requires_config_enabled MBEDTLS_SSL_SRV_C
2252requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2253requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2254requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2255run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2256 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2257 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2258 1 \
2259 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2260 -c "client hello, adding psk_key_exchange_modes extension" \
2261 -c "client hello, adding PSK binder list" \
2262 -s "ClientHello message misses mandatory extensions."
2263
2264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2265requires_config_enabled MBEDTLS_SSL_SRV_C
2266requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2267requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2269run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2270 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2271 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2272 1 \
2273 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2274 -c "client hello, adding psk_key_exchange_modes extension" \
2275 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2276 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2277
2278requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2279requires_config_enabled MBEDTLS_SSL_SRV_C
2280requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2281requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2282requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2283run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2284 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2285 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2286 0 \
2287 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2288 -c "client hello, adding psk_key_exchange_modes extension" \
2289 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2290 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2291 -c "HTTP/1.0 200 OK"
2292
2293requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2294requires_config_enabled MBEDTLS_SSL_SRV_C
2295requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2296requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2297requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2298run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2299 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2300 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2301 1 \
2302 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2303 -c "client hello, adding psk_key_exchange_modes extension" \
2304 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2305 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2306 -s "ClientHello message misses mandatory extensions."
2307
2308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2309requires_config_enabled MBEDTLS_SSL_SRV_C
2310requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2313run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2314 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2315 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2316 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2317 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2318 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2319 -c "client hello, adding PSK binder list" \
2320 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2321
2322requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2323requires_config_enabled MBEDTLS_SSL_SRV_C
2324requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2325requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2326requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2328run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2329 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2330 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2331 1 \
2332 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2333 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2334 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2335
2336requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2337requires_config_enabled MBEDTLS_SSL_SRV_C
2338requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2339requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2340requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2342run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2343 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2344 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2345 0 \
2346 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2347 -c "client hello, adding psk_key_exchange_modes extension" \
2348 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2349 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2350 -c "HTTP/1.0 200 OK"
2351
2352requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2353requires_config_enabled MBEDTLS_SSL_SRV_C
2354requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2355requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2356requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2357requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2358run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2359 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2360 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2361 1 \
2362 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2363 -c "client hello, adding psk_key_exchange_modes extension" \
2364 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2365 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2366
2367requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2368requires_config_enabled MBEDTLS_SSL_SRV_C
2369requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2372requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2373run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2374 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2375 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2376 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2377 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2378 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2379 -c "client hello, adding PSK binder list" \
2380 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2381
2382requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2383requires_config_enabled MBEDTLS_SSL_SRV_C
2384requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2385requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2386requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2387run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2388 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2389 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2390 0 \
2391 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2392 -c "client hello, adding psk_key_exchange_modes extension" \
2393 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2394 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2395 -c "HTTP/1.0 200 OK"
2396
2397requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2398requires_config_enabled MBEDTLS_SSL_SRV_C
2399requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2400requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2401requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2402run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2403 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2404 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2405 1 \
2406 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2407 -c "client hello, adding psk_key_exchange_modes extension" \
2408 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2409 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2410 -s "ClientHello message misses mandatory extensions."
2411
2412requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2413requires_config_enabled MBEDTLS_SSL_SRV_C
2414requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2415requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2416requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2417run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2418 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2419 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2420 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2421 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2422 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2423 -c "client hello, adding PSK binder list" \
2424 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2425
2426requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2427requires_config_enabled MBEDTLS_SSL_SRV_C
2428requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2429requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2430requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2431requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2432run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2433 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2434 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2435 0 \
2436 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2437 -c "client hello, adding psk_key_exchange_modes extension" \
2438 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2439 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2440 -c "HTTP/1.0 200 OK"
2441
2442requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2443requires_config_enabled MBEDTLS_SSL_SRV_C
2444requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2448run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2449 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2450 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2451 1 \
2452 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2453 -c "client hello, adding psk_key_exchange_modes extension" \
2454 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2455 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2456
2457requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2458requires_config_enabled MBEDTLS_SSL_SRV_C
2459requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2460requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2461requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2462requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2463run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2464 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2465 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2466 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2467 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2469 -c "client hello, adding PSK binder list" \
2470 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2471
2472# all mode in client
2473requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2474requires_config_enabled MBEDTLS_SSL_SRV_C
2475requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2476requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2477requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2478requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2479run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2480 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2481 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2482 0 \
2483 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2484 -c "client hello, adding psk_key_exchange_modes extension" \
2485 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2486 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2487 -c "HTTP/1.0 200 OK"
2488
2489requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2490requires_config_enabled MBEDTLS_SSL_SRV_C
2491requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2492requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2493requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2495run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2496 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2497 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2498 1 \
2499 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2500 -c "client hello, adding psk_key_exchange_modes extension" \
2501 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2502 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503 -s "ClientHello message misses mandatory extensions."
2504
2505requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2506requires_config_enabled MBEDTLS_SSL_SRV_C
2507requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2508requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2509requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2510requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2511run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2512 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2513 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2514 1 \
2515 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2516 -c "client hello, adding psk_key_exchange_modes extension" \
2517 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2518 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2519
2520requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2521requires_config_enabled MBEDTLS_SSL_SRV_C
2522requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2524requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2526run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2527 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2528 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2529 0 \
2530 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2531 -c "client hello, adding psk_key_exchange_modes extension" \
2532 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2533 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2534 -c "HTTP/1.0 200 OK"
2535
2536requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2537requires_config_enabled MBEDTLS_SSL_SRV_C
2538requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2539requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2540requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2542run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2543 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2544 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2545 1 \
2546 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2547 -c "client hello, adding psk_key_exchange_modes extension" \
2548 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2549 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2550 -s "ClientHello message misses mandatory extensions."
2551
2552requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2553requires_config_enabled MBEDTLS_SSL_SRV_C
2554requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2555requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2556requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2557requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2558run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2559 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2560 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2561 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2562 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2563 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2564 -c "client hello, adding PSK binder list" \
2565 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2566
2567requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2568requires_config_enabled MBEDTLS_SSL_SRV_C
2569requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2570requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2571requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2572requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2573run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2574 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2575 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2576 0 \
2577 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2578 -c "client hello, adding psk_key_exchange_modes extension" \
2579 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2580 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2581 -c "HTTP/1.0 200 OK"
2582
2583requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2584requires_config_enabled MBEDTLS_SSL_SRV_C
2585requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2586requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2587requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2588requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2589run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2590 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2591 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2592 0 \
2593 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2594 -c "client hello, adding psk_key_exchange_modes extension" \
2595 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2596 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2597 -c "HTTP/1.0 200 OK"
2598
2599requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2600requires_config_enabled MBEDTLS_SSL_SRV_C
2601requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2605run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2606 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2607 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2608 0 \
2609 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2610 -c "client hello, adding psk_key_exchange_modes extension" \
2611 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2612 -s "No usable PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2613 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2614 -c "HTTP/1.0 200 OK"
2615
2616requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2617requires_config_enabled MBEDTLS_SSL_SRV_C
2618requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2619requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2620requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2622run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2623 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2624 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2625 1 \
2626 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2627 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2628 -c "client hello, adding PSK binder list" \
2629 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2630
2631requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2632requires_config_enabled MBEDTLS_SSL_SRV_C
2633requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2635requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2637run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2638 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2639 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2640 0 \
2641 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2642 -c "client hello, adding psk_key_exchange_modes extension" \
2643 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2644 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2645 -c "HTTP/1.0 200 OK"
2646
2647requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2648requires_config_enabled MBEDTLS_SSL_SRV_C
2649requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2650requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2651requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2652requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2653run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2654 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2655 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2656 1 \
2657 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2658 -c "client hello, adding psk_key_exchange_modes extension" \
2659 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2660 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2661 -s "ClientHello message misses mandatory extensions."
2662
2663requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2664requires_config_enabled MBEDTLS_SSL_SRV_C
2665requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2667requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2668requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2669run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2670 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2671 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2672 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2673 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2674 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2675 -c "client hello, adding PSK binder list" \
2676 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2677
2678requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2679requires_config_enabled MBEDTLS_SSL_SRV_C
2680requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2681requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2682requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2683requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2684run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2685 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2686 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2687 0 \
2688 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2689 -c "client hello, adding psk_key_exchange_modes extension" \
2690 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2691 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2692 -c "HTTP/1.0 200 OK"
2693
2694requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2695requires_config_enabled MBEDTLS_SSL_SRV_C
2696requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2698requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2699requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2700run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2701 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2702 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2703 0 \
2704 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2705 -c "client hello, adding psk_key_exchange_modes extension" \
2706 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2707 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2708 -s "key exchange mode: ephemeral"
2709
2710requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2711requires_config_enabled MBEDTLS_SSL_SRV_C
2712requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2713requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2714requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2715requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2716run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2717 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2718 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2719 1 \
2720 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2721 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2722 -c "client hello, adding PSK binder list" \
2723 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2724
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2725#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2726requires_openssl_tls1_3
2727requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2728requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2729requires_config_enabled MBEDTLS_DEBUG_C
2730requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2731requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2732run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2733 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2734 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2735 0 \
2736 -c "=> write client hello" \
2737 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2738 -c "client hello, adding psk_key_exchange_modes extension" \
2739 -c "client hello, adding PSK binder list" \
2740 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2741 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2742 -c "HTTP/1.0 200 ok"
2743
2744requires_openssl_tls1_3
2745requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2746requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2747requires_config_enabled MBEDTLS_DEBUG_C
2748requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2749requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2750run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2751 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2752 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2753 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2754 -c "=> write client hello" \
2755 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2756 -c "client hello, adding psk_key_exchange_modes extension" \
2757 -c "client hello, adding PSK binder list" \
2758 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2759 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2760
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2761#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2762requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2763requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2764requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2765requires_config_enabled MBEDTLS_DEBUG_C
2766requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2767requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2768requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2769run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2770 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2771 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2772 0 \
2773 -c "=> write client hello" \
2774 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2775 -c "client hello, adding psk_key_exchange_modes extension" \
2776 -c "client hello, adding PSK binder list" \
2777 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2778 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2779 -c "HTTP/1.0 200 ok"
2780
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2781requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2782requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2783requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2784requires_config_enabled MBEDTLS_DEBUG_C
2785requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2786requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2787requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2788run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2789 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2790 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2791 0 \
2792 -c "=> write client hello" \
2793 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2794 -c "client hello, adding psk_key_exchange_modes extension" \
2795 -c "client hello, adding PSK binder list" \
2796 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2797 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2798 -c "HTTP/1.0 200 ok"
2799
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2800#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2801requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2803requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2804requires_config_enabled MBEDTLS_DEBUG_C
2805requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2807run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2808 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2809 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2810 0 \
2811 -c "=> write client hello" \
2812 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2813 -c "client hello, adding psk_key_exchange_modes extension" \
2814 -c "client hello, adding PSK binder list" \
2815 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2816 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2817 -c "HTTP/1.0 200 ok"
2818
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2819requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2820requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2821requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2822requires_config_enabled MBEDTLS_DEBUG_C
2823requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2824requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2825run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2826 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2827 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2828 0 \
2829 -c "=> write client hello" \
2830 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2831 -c "client hello, adding psk_key_exchange_modes extension" \
2832 -c "client hello, adding PSK binder list" \
2833 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2834 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2835 -c "HTTP/1.0 200 ok"
2836
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2837#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2838requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2839requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2840requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2841requires_config_enabled MBEDTLS_DEBUG_C
2842requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2843requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2844run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2845 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2846 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2847 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2848 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2849 -c "HTTP/1.0 200 ok"
2850
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2851requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2852requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2853requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2854requires_config_enabled MBEDTLS_DEBUG_C
2855requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2856requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2857run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2858 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2859 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2860 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2861 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2862 -c "HTTP/1.0 200 ok"
2863
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2864#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2865requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2866requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2867requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2868requires_config_enabled MBEDTLS_DEBUG_C
2869requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2870requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2871requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2872run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2873 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2874 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2875 0 \
2876 -c "=> write client hello" \
2877 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2878 -c "client hello, adding psk_key_exchange_modes extension" \
2879 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2880 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2881 -c "<= write client hello" \
2882 -c "HTTP/1.0 200 ok"
2883
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2884requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2885requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2886requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2887requires_config_enabled MBEDTLS_DEBUG_C
2888requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2889requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2890requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2891run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2892 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2893 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2894 0 \
2895 -c "=> write client hello" \
2896 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2897 -c "client hello, adding psk_key_exchange_modes extension" \
2898 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2899 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2900 -c "<= write client hello" \
2901 -c "HTTP/1.0 200 ok"
2902
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2903#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2904requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2905requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2906requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2907requires_config_enabled MBEDTLS_DEBUG_C
2908requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2910requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2911requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2912run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2913 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2914 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2915 0 \
2916 -c "=> write client hello" \
2917 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2918 -c "client hello, adding psk_key_exchange_modes extension" \
2919 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2920 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2921 -c "<= write client hello" \
2922 -c "HTTP/1.0 200 ok"
2923
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2924requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2925requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2926requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2927requires_config_enabled MBEDTLS_DEBUG_C
2928requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2929requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2930requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2931requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2932run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2933 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2934 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2935 0 \
2936 -c "=> write client hello" \
2937 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2938 -c "client hello, adding psk_key_exchange_modes extension" \
2939 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2940 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2941 -c "<= write client hello" \
2942 -c "HTTP/1.0 200 ok"
2943
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2944#GNUTLS-SERVER psk mode
2945requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2946requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2947requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2948requires_config_enabled MBEDTLS_DEBUG_C
2949requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2950requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2951run_test "TLS 1.3: m->G: psk/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2952 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2953 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2954 0 \
2955 -c "=> write client hello" \
2956 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2957 -c "client hello, adding psk_key_exchange_modes extension" \
2958 -c "client hello, adding PSK binder list" \
2959 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2960 -s "Parsing extension 'Pre Shared Key/41'" \
2961 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2962 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2963 -c "HTTP/1.0 200 OK"
2964
2965requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2966requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2967requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2968requires_config_enabled MBEDTLS_DEBUG_C
2969requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2970requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2971run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2972 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2973 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2974 1 \
2975 -c "=> write client hello" \
2976 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2977 -c "client hello, adding psk_key_exchange_modes extension" \
2978 -c "client hello, adding PSK binder list" \
2979 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2980 -s "Parsing extension 'Pre Shared Key/41'" \
2981 -c "<= write client hello" \
2982 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2983
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2984#GNUTLS-SERVER psk_all mode
2985requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2986requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2987requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2988requires_config_enabled MBEDTLS_DEBUG_C
2989requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2991requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2992run_test "TLS 1.3: m->G: psk_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]2993 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2994 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2995 0 \
2996 -c "=> write client hello" \
2997 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2998 -c "client hello, adding psk_key_exchange_modes extension" \
2999 -c "client hello, adding PSK binder list" \
3000 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3001 -s "Parsing extension 'Pre Shared Key/41'" \
3002 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3003 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3004 -c "HTTP/1.0 200 OK"
3005
3006requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3007requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3008requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3009requires_config_enabled MBEDTLS_DEBUG_C
3010requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3011requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3012requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3013run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3014 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3015 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3016 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3017 -c "=> write client hello" \
3018 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3019 -c "client hello, adding psk_key_exchange_modes extension" \
3020 -c "client hello, adding PSK binder list" \
3021 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3022 -s "Parsing extension 'Pre Shared Key/41'" \
3023 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3024 -c "Selected key exchange mode: psk_ephemeral" \
3025 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3026
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3027#GNUTLS-SERVER psk_ephemeral mode
3028requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3029requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3030requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3031requires_config_enabled MBEDTLS_DEBUG_C
3032requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3033requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3034run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3035 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3036 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3037 0 \
3038 -c "=> write client hello" \
3039 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3040 -c "client hello, adding psk_key_exchange_modes extension" \
3041 -c "client hello, adding PSK binder list" \
3042 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3043 -s "Parsing extension 'Pre Shared Key/41'" \
3044 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3045 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3046 -c "HTTP/1.0 200 OK"
3047
3048requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3049requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3050requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3051requires_config_enabled MBEDTLS_DEBUG_C
3052requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3053requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3054run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3055 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3056 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3057 0 \
3058 -c "=> write client hello" \
3059 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3060 -c "client hello, adding psk_key_exchange_modes extension" \
3061 -c "client hello, adding PSK binder list" \
3062 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3063 -s "Parsing extension 'Pre Shared Key/41'" \
3064 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3065 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3066 -c "HTTP/1.0 200 OK"
3067
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3068#GNUTLS-SERVER ephemeral mode
3069requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3070requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3071requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3072requires_config_enabled MBEDTLS_DEBUG_C
3073requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3074requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3075run_test "TLS 1.3: m->G: ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3076 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3077 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3078 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3079 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3080 -c "HTTP/1.0 200 OK"
3081
3082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3083requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3084requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3085requires_config_enabled MBEDTLS_DEBUG_C
3086requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3087requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3088run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3089 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3090 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3091 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3092 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3093 -c "HTTP/1.0 200 OK"
3094
3095#GNUTLS-SERVER ephemeral_all mode
3096requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3097requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3098requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3099requires_config_enabled MBEDTLS_DEBUG_C
3100requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3102requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3103run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3104 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3105 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3106 0 \
3107 -c "=> write client hello" \
3108 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3109 -c "client hello, adding psk_key_exchange_modes extension" \
3110 -c "client hello, adding PSK binder list" \
3111 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3112 -s "Parsing extension 'Pre Shared Key/41'" \
3113 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3114 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3115 -c "HTTP/1.0 200 OK"
3116
3117requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3118requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3119requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3120requires_config_enabled MBEDTLS_DEBUG_C
3121requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3122requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3123requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3124run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3125 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3126 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3127 0 \
3128 -c "=> write client hello" \
3129 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3130 -c "client hello, adding psk_key_exchange_modes extension" \
3131 -c "client hello, adding PSK binder list" \
3132 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3133 -s "Parsing extension 'Pre Shared Key/41'" \
3134 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3135 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3136 -c "HTTP/1.0 200 OK"
3137
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3138#GNUTLS-SERVER all mode
3139requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3140requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3141requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3142requires_config_enabled MBEDTLS_DEBUG_C
3143requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3147run_test "TLS 1.3: m->G: all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3148 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3149 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3150 0 \
3151 -c "=> write client hello" \
3152 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3153 -c "client hello, adding psk_key_exchange_modes extension" \
3154 -c "client hello, adding PSK binder list" \
3155 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3156 -s "Parsing extension 'Pre Shared Key/41'" \
3157 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3158 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3159 -c "HTTP/1.0 200 OK"
3160
3161requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3162requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3163requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3164requires_config_enabled MBEDTLS_DEBUG_C
3165requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3167requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3169run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3170 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3171 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3172 0 \
3173 -c "=> write client hello" \
3174 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3175 -c "client hello, adding psk_key_exchange_modes extension" \
3176 -c "client hello, adding PSK binder list" \
3177 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3178 -s "Parsing extension 'Pre Shared Key/41'" \
3179 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3180 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3181 -c "HTTP/1.0 200 OK"