Blame - tests/opt-testcases/tls13-compat.sh - mirror/mbed-tls

blob: ed19a7b21b99cfe79f2672cddc765ca160735140 [file] [log] [blame]

Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1	#!/bin/sh
				2
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3	# tls13-compat.sh
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	4	#
				5	# Copyright The Mbed TLS Contributors
				6	# SPDX-License-Identifier: Apache-2.0
				7	#
				8	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				9	# not use this file except in compliance with the License.
				10	# You may obtain a copy of the License at
				11	#
				12	# http://www.apache.org/licenses/LICENSE-2.0
				13	#
				14	# Unless required by applicable law or agreed to in writing, software
				15	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				16	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				17	# See the License for the specific language governing permissions and
				18	# limitations under the License.
				19	#
				20	# Purpose
				21	#
				22	# List TLS1.3 compat test cases. They are generated by
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	23	# `./tests/scripts/generate_tls13_compat_tests.py -a -o ./tests/opt-testcases/tls13-compat.sh`.
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	24	#
				25	# PLEASE DO NOT EDIT THIS FILE. IF NEEDED, PLEASE MODIFY `generate_tls13_compat_tests.py`
				26	# AND REGENERATE THIS FILE.
				27	#
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	28	requires_openssl_tls1_3
				29	requires_config_enabled MBEDTLS_DEBUG_C
				30	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	31	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	32	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	33	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	34	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	35	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	36	0 \
				37	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	38	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	39	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				40	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	41	-c "NamedGroup: secp256r1 ( 17 )" \
				42	-c "Verifying peer X.509 certificate... ok" \
				43	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	44
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	45	requires_gnutls_tls1_3
				46	requires_gnutls_next_no_ticket
				47	requires_gnutls_next_disable_tls13_compat
				48	requires_config_enabled MBEDTLS_DEBUG_C
				49	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	50	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	51	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	52	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	53	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	54	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	55	0 \
				56	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	57	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	58	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				59	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	60	-c "NamedGroup: secp256r1 ( 17 )" \
				61	-c "Verifying peer X.509 certificate... ok" \
				62	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	63
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	64	requires_openssl_tls1_3
				65	requires_config_enabled MBEDTLS_DEBUG_C
				66	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	67	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	68	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	69	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	70	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	71	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	72	0 \
				73	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	74	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	75	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				76	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	77	-c "NamedGroup: secp384r1 ( 18 )" \
				78	-c "Verifying peer X.509 certificate... ok" \
				79	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	80
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	81	requires_gnutls_tls1_3
				82	requires_gnutls_next_no_ticket
				83	requires_gnutls_next_disable_tls13_compat
				84	requires_config_enabled MBEDTLS_DEBUG_C
				85	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	86	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	87	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	88	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	89	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	90	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	91	0 \
				92	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	93	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	94	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				95	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	96	-c "NamedGroup: secp384r1 ( 18 )" \
				97	-c "Verifying peer X.509 certificate... ok" \
				98	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	99
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	100	requires_openssl_tls1_3
				101	requires_config_enabled MBEDTLS_DEBUG_C
				102	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	103	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	104	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	105	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	106	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	107	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	108	0 \
				109	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	110	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	111	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				112	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	113	-c "NamedGroup: secp521r1 ( 19 )" \
				114	-c "Verifying peer X.509 certificate... ok" \
				115	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	116
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	117	requires_gnutls_tls1_3
				118	requires_gnutls_next_no_ticket
				119	requires_gnutls_next_disable_tls13_compat
				120	requires_config_enabled MBEDTLS_DEBUG_C
				121	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	122	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	123	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	124	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	125	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	126	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	127	0 \
				128	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	129	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	130	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				131	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	132	-c "NamedGroup: secp521r1 ( 19 )" \
				133	-c "Verifying peer X.509 certificate... ok" \
				134	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	135
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	136	requires_openssl_tls1_3
				137	requires_config_enabled MBEDTLS_DEBUG_C
				138	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	139	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	140	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	141	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	142	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	143	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	144	0 \
				145	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	146	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	147	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				148	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	149	-c "NamedGroup: x25519 ( 1d )" \
				150	-c "Verifying peer X.509 certificate... ok" \
				151	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	152
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	153	requires_gnutls_tls1_3
				154	requires_gnutls_next_no_ticket
				155	requires_gnutls_next_disable_tls13_compat
				156	requires_config_enabled MBEDTLS_DEBUG_C
				157	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	158	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	159	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	160	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	161	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	162	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	163	0 \
				164	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	165	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	166	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				167	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	168	-c "NamedGroup: x25519 ( 1d )" \
				169	-c "Verifying peer X.509 certificate... ok" \
				170	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	171
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	172	requires_openssl_tls1_3
				173	requires_config_enabled MBEDTLS_DEBUG_C
				174	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	175	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	176	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	177	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	178	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	179	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	180	0 \
				181	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	182	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	183	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				184	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	185	-c "NamedGroup: x448 ( 1e )" \
				186	-c "Verifying peer X.509 certificate... ok" \
				187	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	188
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	189	requires_gnutls_tls1_3
				190	requires_gnutls_next_no_ticket
				191	requires_gnutls_next_disable_tls13_compat
				192	requires_config_enabled MBEDTLS_DEBUG_C
				193	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	194	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	195	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	196	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	197	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	198	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	199	0 \
				200	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	201	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	202	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				203	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	204	-c "NamedGroup: x448 ( 1e )" \
				205	-c "Verifying peer X.509 certificate... ok" \
				206	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	207
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	208	requires_openssl_tls1_3
				209	requires_config_enabled MBEDTLS_DEBUG_C
				210	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	211	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	212	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	213	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	214	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	215	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	216	0 \
				217	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	218	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	219	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				220	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	221	-c "NamedGroup: secp256r1 ( 17 )" \
				222	-c "Verifying peer X.509 certificate... ok" \
				223	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	224
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	225	requires_gnutls_tls1_3
				226	requires_gnutls_next_no_ticket
				227	requires_gnutls_next_disable_tls13_compat
				228	requires_config_enabled MBEDTLS_DEBUG_C
				229	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	230	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	231	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	232	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	233	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	234	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	235	0 \
				236	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	237	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	238	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				239	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	240	-c "NamedGroup: secp256r1 ( 17 )" \
				241	-c "Verifying peer X.509 certificate... ok" \
				242	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	243
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	244	requires_openssl_tls1_3
				245	requires_config_enabled MBEDTLS_DEBUG_C
				246	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	247	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	248	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	249	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	250	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	251	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	252	0 \
				253	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	254	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	255	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				256	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	257	-c "NamedGroup: secp384r1 ( 18 )" \
				258	-c "Verifying peer X.509 certificate... ok" \
				259	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	260
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	261	requires_gnutls_tls1_3
				262	requires_gnutls_next_no_ticket
				263	requires_gnutls_next_disable_tls13_compat
				264	requires_config_enabled MBEDTLS_DEBUG_C
				265	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	266	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	267	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	268	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	269	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	270	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	271	0 \
				272	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	273	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	274	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				275	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	276	-c "NamedGroup: secp384r1 ( 18 )" \
				277	-c "Verifying peer X.509 certificate... ok" \
				278	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	279
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	280	requires_openssl_tls1_3
				281	requires_config_enabled MBEDTLS_DEBUG_C
				282	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	283	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	284	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	285	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	286	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	287	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	288	0 \
				289	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	290	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	291	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				292	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	293	-c "NamedGroup: secp521r1 ( 19 )" \
				294	-c "Verifying peer X.509 certificate... ok" \
				295	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	296
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	297	requires_gnutls_tls1_3
				298	requires_gnutls_next_no_ticket
				299	requires_gnutls_next_disable_tls13_compat
				300	requires_config_enabled MBEDTLS_DEBUG_C
				301	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	302	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	303	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	304	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	305	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	306	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	307	0 \
				308	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	309	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	310	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				311	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	312	-c "NamedGroup: secp521r1 ( 19 )" \
				313	-c "Verifying peer X.509 certificate... ok" \
				314	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	315
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	316	requires_openssl_tls1_3
				317	requires_config_enabled MBEDTLS_DEBUG_C
				318	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	319	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	320	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	321	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	322	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	323	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	324	0 \
				325	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	326	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	327	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				328	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	329	-c "NamedGroup: x25519 ( 1d )" \
				330	-c "Verifying peer X.509 certificate... ok" \
				331	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	332
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	333	requires_gnutls_tls1_3
				334	requires_gnutls_next_no_ticket
				335	requires_gnutls_next_disable_tls13_compat
				336	requires_config_enabled MBEDTLS_DEBUG_C
				337	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	338	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	339	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	340	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	341	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	342	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	343	0 \
				344	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	345	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	346	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				347	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	348	-c "NamedGroup: x25519 ( 1d )" \
				349	-c "Verifying peer X.509 certificate... ok" \
				350	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	351
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	352	requires_openssl_tls1_3
				353	requires_config_enabled MBEDTLS_DEBUG_C
				354	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	355	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	356	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	357	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	358	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	359	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	360	0 \
				361	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	362	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	363	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				364	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	365	-c "NamedGroup: x448 ( 1e )" \
				366	-c "Verifying peer X.509 certificate... ok" \
				367	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	368
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	369	requires_gnutls_tls1_3
				370	requires_gnutls_next_no_ticket
				371	requires_gnutls_next_disable_tls13_compat
				372	requires_config_enabled MBEDTLS_DEBUG_C
				373	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	374	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	375	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	376	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	377	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	378	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	379	0 \
				380	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	381	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	382	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				383	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	384	-c "NamedGroup: x448 ( 1e )" \
				385	-c "Verifying peer X.509 certificate... ok" \
				386	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	387
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	388	requires_openssl_tls1_3
				389	requires_config_enabled MBEDTLS_DEBUG_C
				390	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	391	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	392	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	393	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	394	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	395	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	396	0 \
				397	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	398	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	399	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				400	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	401	-c "NamedGroup: secp256r1 ( 17 )" \
				402	-c "Verifying peer X.509 certificate... ok" \
				403	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	404
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	405	requires_gnutls_tls1_3
				406	requires_gnutls_next_no_ticket
				407	requires_gnutls_next_disable_tls13_compat
				408	requires_config_enabled MBEDTLS_DEBUG_C
				409	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	410	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	411	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	412	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	413	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	414	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	415	0 \
				416	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	417	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	418	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				419	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	420	-c "NamedGroup: secp256r1 ( 17 )" \
				421	-c "Verifying peer X.509 certificate... ok" \
				422	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	423
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	424	requires_openssl_tls1_3
				425	requires_config_enabled MBEDTLS_DEBUG_C
				426	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	427	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	428	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	429	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	430	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	431	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	432	0 \
				433	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	434	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	435	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				436	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	437	-c "NamedGroup: secp384r1 ( 18 )" \
				438	-c "Verifying peer X.509 certificate... ok" \
				439	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	440
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	441	requires_gnutls_tls1_3
				442	requires_gnutls_next_no_ticket
				443	requires_gnutls_next_disable_tls13_compat
				444	requires_config_enabled MBEDTLS_DEBUG_C
				445	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	446	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	447	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	448	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	449	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	450	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	451	0 \
				452	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	453	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	454	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				455	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	456	-c "NamedGroup: secp384r1 ( 18 )" \
				457	-c "Verifying peer X.509 certificate... ok" \
				458	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	459
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	460	requires_openssl_tls1_3
				461	requires_config_enabled MBEDTLS_DEBUG_C
				462	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	463	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	464	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	465	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	466	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	467	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	468	0 \
				469	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	470	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	471	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				472	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	473	-c "NamedGroup: secp521r1 ( 19 )" \
				474	-c "Verifying peer X.509 certificate... ok" \
				475	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	476
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	477	requires_gnutls_tls1_3
				478	requires_gnutls_next_no_ticket
				479	requires_gnutls_next_disable_tls13_compat
				480	requires_config_enabled MBEDTLS_DEBUG_C
				481	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	482	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	483	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	484	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	485	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	486	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	487	0 \
				488	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	489	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	490	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				491	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	492	-c "NamedGroup: secp521r1 ( 19 )" \
				493	-c "Verifying peer X.509 certificate... ok" \
				494	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	495
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	496	requires_openssl_tls1_3
				497	requires_config_enabled MBEDTLS_DEBUG_C
				498	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	499	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	500	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	501	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	502	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	503	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	504	0 \
				505	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	506	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	507	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				508	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	509	-c "NamedGroup: x25519 ( 1d )" \
				510	-c "Verifying peer X.509 certificate... ok" \
				511	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	512
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	513	requires_gnutls_tls1_3
				514	requires_gnutls_next_no_ticket
				515	requires_gnutls_next_disable_tls13_compat
				516	requires_config_enabled MBEDTLS_DEBUG_C
				517	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	518	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	519	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	520	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	521	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	522	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	523	0 \
				524	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	525	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	526	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				527	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	528	-c "NamedGroup: x25519 ( 1d )" \
				529	-c "Verifying peer X.509 certificate... ok" \
				530	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	531
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	532	requires_openssl_tls1_3
				533	requires_config_enabled MBEDTLS_DEBUG_C
				534	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	535	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	536	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	537	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	538	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	539	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	540	0 \
				541	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	542	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	543	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				544	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	545	-c "NamedGroup: x448 ( 1e )" \
				546	-c "Verifying peer X.509 certificate... ok" \
				547	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	548
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	549	requires_gnutls_tls1_3
				550	requires_gnutls_next_no_ticket
				551	requires_gnutls_next_disable_tls13_compat
				552	requires_config_enabled MBEDTLS_DEBUG_C
				553	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	554	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	555	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	556	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	557	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	558	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	559	0 \
				560	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	561	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	562	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				563	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	564	-c "NamedGroup: x448 ( 1e )" \
				565	-c "Verifying peer X.509 certificate... ok" \
				566	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	567
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	568	requires_openssl_tls1_3
				569	requires_config_enabled MBEDTLS_DEBUG_C
				570	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	571	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	572	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	573	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	574	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	575	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	576	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	577	0 \
				578	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	579	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	580	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				581	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	582	-c "NamedGroup: secp256r1 ( 17 )" \
				583	-c "Verifying peer X.509 certificate... ok" \
				584	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	585
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	586	requires_gnutls_tls1_3
				587	requires_gnutls_next_no_ticket
				588	requires_gnutls_next_disable_tls13_compat
				589	requires_config_enabled MBEDTLS_DEBUG_C
				590	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	591	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	592	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	593	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	594	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	595	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	596	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	597	0 \
				598	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	599	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	600	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				601	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	602	-c "NamedGroup: secp256r1 ( 17 )" \
				603	-c "Verifying peer X.509 certificate... ok" \
				604	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	605
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	606	requires_openssl_tls1_3
				607	requires_config_enabled MBEDTLS_DEBUG_C
				608	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	609	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	610	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	611	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	612	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	613	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	614	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	615	0 \
				616	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	617	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	618	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				619	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	620	-c "NamedGroup: secp384r1 ( 18 )" \
				621	-c "Verifying peer X.509 certificate... ok" \
				622	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	623
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	624	requires_gnutls_tls1_3
				625	requires_gnutls_next_no_ticket
				626	requires_gnutls_next_disable_tls13_compat
				627	requires_config_enabled MBEDTLS_DEBUG_C
				628	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	629	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	630	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	631	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	632	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	633	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	634	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	635	0 \
				636	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	637	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	638	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				639	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	640	-c "NamedGroup: secp384r1 ( 18 )" \
				641	-c "Verifying peer X.509 certificate... ok" \
				642	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	643
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	644	requires_openssl_tls1_3
				645	requires_config_enabled MBEDTLS_DEBUG_C
				646	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	647	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	648	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	649	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	650	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	651	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	652	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	653	0 \
				654	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	655	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	656	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				657	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	658	-c "NamedGroup: secp521r1 ( 19 )" \
				659	-c "Verifying peer X.509 certificate... ok" \
				660	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	661
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	662	requires_gnutls_tls1_3
				663	requires_gnutls_next_no_ticket
				664	requires_gnutls_next_disable_tls13_compat
				665	requires_config_enabled MBEDTLS_DEBUG_C
				666	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	667	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	668	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	669	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	670	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	671	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	672	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	673	0 \
				674	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	675	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	676	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				677	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	678	-c "NamedGroup: secp521r1 ( 19 )" \
				679	-c "Verifying peer X.509 certificate... ok" \
				680	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	681
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	682	requires_openssl_tls1_3
				683	requires_config_enabled MBEDTLS_DEBUG_C
				684	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	685	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	686	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	687	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	688	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	689	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	690	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	691	0 \
				692	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	693	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	694	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				695	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	696	-c "NamedGroup: x25519 ( 1d )" \
				697	-c "Verifying peer X.509 certificate... ok" \
				698	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	699
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	700	requires_gnutls_tls1_3
				701	requires_gnutls_next_no_ticket
				702	requires_gnutls_next_disable_tls13_compat
				703	requires_config_enabled MBEDTLS_DEBUG_C
				704	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	705	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	706	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	707	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	708	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	709	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	710	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	711	0 \
				712	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	713	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	714	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				715	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	716	-c "NamedGroup: x25519 ( 1d )" \
				717	-c "Verifying peer X.509 certificate... ok" \
				718	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	719
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	720	requires_openssl_tls1_3
				721	requires_config_enabled MBEDTLS_DEBUG_C
				722	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	723	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	724	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	725	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	726	run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	727	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	728	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	729	0 \
				730	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	731	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	732	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				733	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	734	-c "NamedGroup: x448 ( 1e )" \
				735	-c "Verifying peer X.509 certificate... ok" \
				736	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	737
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	738	requires_gnutls_tls1_3
				739	requires_gnutls_next_no_ticket
				740	requires_gnutls_next_disable_tls13_compat
				741	requires_config_enabled MBEDTLS_DEBUG_C
				742	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	743	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	744	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	745	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	746	run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	747	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	748	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	749	0 \
				750	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	751	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	752	-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
				753	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	754	-c "NamedGroup: x448 ( 1e )" \
				755	-c "Verifying peer X.509 certificate... ok" \
				756	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	757
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	758	requires_openssl_tls1_3
				759	requires_config_enabled MBEDTLS_DEBUG_C
				760	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	761	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	762	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	763	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	764	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	765	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	766	0 \
				767	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	768	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	769	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				770	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	771	-c "NamedGroup: secp256r1 ( 17 )" \
				772	-c "Verifying peer X.509 certificate... ok" \
				773	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	774
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	775	requires_gnutls_tls1_3
				776	requires_gnutls_next_no_ticket
				777	requires_gnutls_next_disable_tls13_compat
				778	requires_config_enabled MBEDTLS_DEBUG_C
				779	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	780	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	781	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	782	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	783	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	784	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	785	0 \
				786	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	787	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	788	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				789	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	790	-c "NamedGroup: secp256r1 ( 17 )" \
				791	-c "Verifying peer X.509 certificate... ok" \
				792	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	793
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	794	requires_openssl_tls1_3
				795	requires_config_enabled MBEDTLS_DEBUG_C
				796	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	797	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	798	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	799	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	800	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	801	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	802	0 \
				803	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	804	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	805	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				806	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	807	-c "NamedGroup: secp384r1 ( 18 )" \
				808	-c "Verifying peer X.509 certificate... ok" \
				809	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	810
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	811	requires_gnutls_tls1_3
				812	requires_gnutls_next_no_ticket
				813	requires_gnutls_next_disable_tls13_compat
				814	requires_config_enabled MBEDTLS_DEBUG_C
				815	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	816	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	817	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	818	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	819	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	820	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	821	0 \
				822	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	823	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	824	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				825	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	826	-c "NamedGroup: secp384r1 ( 18 )" \
				827	-c "Verifying peer X.509 certificate... ok" \
				828	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	829
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	830	requires_openssl_tls1_3
				831	requires_config_enabled MBEDTLS_DEBUG_C
				832	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	833	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	834	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	835	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	836	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	837	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	838	0 \
				839	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	840	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	841	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				842	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	843	-c "NamedGroup: secp521r1 ( 19 )" \
				844	-c "Verifying peer X.509 certificate... ok" \
				845	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	846
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	847	requires_gnutls_tls1_3
				848	requires_gnutls_next_no_ticket
				849	requires_gnutls_next_disable_tls13_compat
				850	requires_config_enabled MBEDTLS_DEBUG_C
				851	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	852	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	853	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	854	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	855	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	856	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	857	0 \
				858	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	859	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	860	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				861	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	862	-c "NamedGroup: secp521r1 ( 19 )" \
				863	-c "Verifying peer X.509 certificate... ok" \
				864	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	865
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	866	requires_openssl_tls1_3
				867	requires_config_enabled MBEDTLS_DEBUG_C
				868	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	869	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	870	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	871	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	872	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	873	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	874	0 \
				875	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	876	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	877	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				878	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	879	-c "NamedGroup: x25519 ( 1d )" \
				880	-c "Verifying peer X.509 certificate... ok" \
				881	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	882
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	883	requires_gnutls_tls1_3
				884	requires_gnutls_next_no_ticket
				885	requires_gnutls_next_disable_tls13_compat
				886	requires_config_enabled MBEDTLS_DEBUG_C
				887	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	888	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	889	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	890	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	891	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	892	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	893	0 \
				894	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	895	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	896	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				897	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	898	-c "NamedGroup: x25519 ( 1d )" \
				899	-c "Verifying peer X.509 certificate... ok" \
				900	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	901
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	902	requires_openssl_tls1_3
				903	requires_config_enabled MBEDTLS_DEBUG_C
				904	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	905	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	906	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	907	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	908	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	909	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	910	0 \
				911	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	912	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	913	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				914	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	915	-c "NamedGroup: x448 ( 1e )" \
				916	-c "Verifying peer X.509 certificate... ok" \
				917	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	918
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	919	requires_gnutls_tls1_3
				920	requires_gnutls_next_no_ticket
				921	requires_gnutls_next_disable_tls13_compat
				922	requires_config_enabled MBEDTLS_DEBUG_C
				923	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	924	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	925	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	926	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	927	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	928	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	929	0 \
				930	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	931	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	932	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				933	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	934	-c "NamedGroup: x448 ( 1e )" \
				935	-c "Verifying peer X.509 certificate... ok" \
				936	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	937
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	938	requires_openssl_tls1_3
				939	requires_config_enabled MBEDTLS_DEBUG_C
				940	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	941	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	942	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	943	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	944	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	945	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	946	0 \
				947	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	948	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	949	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				950	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	951	-c "NamedGroup: secp256r1 ( 17 )" \
				952	-c "Verifying peer X.509 certificate... ok" \
				953	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	954
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	955	requires_gnutls_tls1_3
				956	requires_gnutls_next_no_ticket
				957	requires_gnutls_next_disable_tls13_compat
				958	requires_config_enabled MBEDTLS_DEBUG_C
				959	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	960	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	961	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	962	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	963	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	964	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	965	0 \
				966	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	967	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	968	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				969	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	970	-c "NamedGroup: secp256r1 ( 17 )" \
				971	-c "Verifying peer X.509 certificate... ok" \
				972	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	973
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	974	requires_openssl_tls1_3
				975	requires_config_enabled MBEDTLS_DEBUG_C
				976	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	977	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	978	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	979	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	980	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	981	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	982	0 \
				983	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	984	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	985	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				986	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	987	-c "NamedGroup: secp384r1 ( 18 )" \
				988	-c "Verifying peer X.509 certificate... ok" \
				989	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	990
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	991	requires_gnutls_tls1_3
				992	requires_gnutls_next_no_ticket
				993	requires_gnutls_next_disable_tls13_compat
				994	requires_config_enabled MBEDTLS_DEBUG_C
				995	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	996	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	997	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	998	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	999	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1000	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1001	0 \
				1002	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1003	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1004	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1005	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1006	-c "NamedGroup: secp384r1 ( 18 )" \
				1007	-c "Verifying peer X.509 certificate... ok" \
				1008	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1009
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1010	requires_openssl_tls1_3
				1011	requires_config_enabled MBEDTLS_DEBUG_C
				1012	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1013	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1014	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1015	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1016	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1017	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1018	0 \
				1019	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1020	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1021	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1022	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1023	-c "NamedGroup: secp521r1 ( 19 )" \
				1024	-c "Verifying peer X.509 certificate... ok" \
				1025	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1026
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1027	requires_gnutls_tls1_3
				1028	requires_gnutls_next_no_ticket
				1029	requires_gnutls_next_disable_tls13_compat
				1030	requires_config_enabled MBEDTLS_DEBUG_C
				1031	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1032	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1033	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1034	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1035	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1036	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1037	0 \
				1038	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1039	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1040	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1041	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1042	-c "NamedGroup: secp521r1 ( 19 )" \
				1043	-c "Verifying peer X.509 certificate... ok" \
				1044	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1045
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1046	requires_openssl_tls1_3
				1047	requires_config_enabled MBEDTLS_DEBUG_C
				1048	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1049	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1050	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1051	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1052	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1053	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1054	0 \
				1055	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1056	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1057	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1058	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1059	-c "NamedGroup: x25519 ( 1d )" \
				1060	-c "Verifying peer X.509 certificate... ok" \
				1061	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1062
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1063	requires_gnutls_tls1_3
				1064	requires_gnutls_next_no_ticket
				1065	requires_gnutls_next_disable_tls13_compat
				1066	requires_config_enabled MBEDTLS_DEBUG_C
				1067	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1068	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1069	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1070	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1071	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1072	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1073	0 \
				1074	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1075	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1076	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1077	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1078	-c "NamedGroup: x25519 ( 1d )" \
				1079	-c "Verifying peer X.509 certificate... ok" \
				1080	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1081
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1082	requires_openssl_tls1_3
				1083	requires_config_enabled MBEDTLS_DEBUG_C
				1084	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1085	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1086	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1087	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1088	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1089	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1090	0 \
				1091	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1092	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1093	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1094	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1095	-c "NamedGroup: x448 ( 1e )" \
				1096	-c "Verifying peer X.509 certificate... ok" \
				1097	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1098
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1099	requires_gnutls_tls1_3
				1100	requires_gnutls_next_no_ticket
				1101	requires_gnutls_next_disable_tls13_compat
				1102	requires_config_enabled MBEDTLS_DEBUG_C
				1103	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1104	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1105	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1106	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1107	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1108	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1109	0 \
				1110	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1111	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1112	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1113	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1114	-c "NamedGroup: x448 ( 1e )" \
				1115	-c "Verifying peer X.509 certificate... ok" \
				1116	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1117
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1118	requires_openssl_tls1_3
				1119	requires_config_enabled MBEDTLS_DEBUG_C
				1120	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1121	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1122	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1123	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1124	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1125	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1126	0 \
				1127	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1128	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1129	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1130	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1131	-c "NamedGroup: secp256r1 ( 17 )" \
				1132	-c "Verifying peer X.509 certificate... ok" \
				1133	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1134
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1135	requires_gnutls_tls1_3
				1136	requires_gnutls_next_no_ticket
				1137	requires_gnutls_next_disable_tls13_compat
				1138	requires_config_enabled MBEDTLS_DEBUG_C
				1139	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1140	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1141	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1142	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1143	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1144	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1145	0 \
				1146	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1147	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1148	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1149	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1150	-c "NamedGroup: secp256r1 ( 17 )" \
				1151	-c "Verifying peer X.509 certificate... ok" \
				1152	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1153
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1154	requires_openssl_tls1_3
				1155	requires_config_enabled MBEDTLS_DEBUG_C
				1156	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1157	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1158	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1159	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1160	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1161	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1162	0 \
				1163	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1164	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1165	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1166	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1167	-c "NamedGroup: secp384r1 ( 18 )" \
				1168	-c "Verifying peer X.509 certificate... ok" \
				1169	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1170
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1171	requires_gnutls_tls1_3
				1172	requires_gnutls_next_no_ticket
				1173	requires_gnutls_next_disable_tls13_compat
				1174	requires_config_enabled MBEDTLS_DEBUG_C
				1175	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1176	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1177	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1178	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1179	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1180	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1181	0 \
				1182	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1183	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1184	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1185	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1186	-c "NamedGroup: secp384r1 ( 18 )" \
				1187	-c "Verifying peer X.509 certificate... ok" \
				1188	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1189
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1190	requires_openssl_tls1_3
				1191	requires_config_enabled MBEDTLS_DEBUG_C
				1192	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1193	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1194	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1195	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1196	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1197	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1198	0 \
				1199	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1200	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1201	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1202	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1203	-c "NamedGroup: secp521r1 ( 19 )" \
				1204	-c "Verifying peer X.509 certificate... ok" \
				1205	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1206
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1207	requires_gnutls_tls1_3
				1208	requires_gnutls_next_no_ticket
				1209	requires_gnutls_next_disable_tls13_compat
				1210	requires_config_enabled MBEDTLS_DEBUG_C
				1211	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1212	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1213	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1214	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1215	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1216	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1217	0 \
				1218	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1219	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1220	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1221	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1222	-c "NamedGroup: secp521r1 ( 19 )" \
				1223	-c "Verifying peer X.509 certificate... ok" \
				1224	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1225
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1226	requires_openssl_tls1_3
				1227	requires_config_enabled MBEDTLS_DEBUG_C
				1228	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1229	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1230	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1231	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1232	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1233	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1234	0 \
				1235	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1236	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1237	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1238	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1239	-c "NamedGroup: x25519 ( 1d )" \
				1240	-c "Verifying peer X.509 certificate... ok" \
				1241	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1242
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1243	requires_gnutls_tls1_3
				1244	requires_gnutls_next_no_ticket
				1245	requires_gnutls_next_disable_tls13_compat
				1246	requires_config_enabled MBEDTLS_DEBUG_C
				1247	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1248	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1249	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1250	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1251	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1252	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1253	0 \
				1254	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1255	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1256	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1257	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1258	-c "NamedGroup: x25519 ( 1d )" \
				1259	-c "Verifying peer X.509 certificate... ok" \
				1260	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1261
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1262	requires_openssl_tls1_3
				1263	requires_config_enabled MBEDTLS_DEBUG_C
				1264	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1265	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1266	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1267	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1268	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1269	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1270	0 \
				1271	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1272	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1273	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1274	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1275	-c "NamedGroup: x448 ( 1e )" \
				1276	-c "Verifying peer X.509 certificate... ok" \
				1277	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1278
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1279	requires_gnutls_tls1_3
				1280	requires_gnutls_next_no_ticket
				1281	requires_gnutls_next_disable_tls13_compat
				1282	requires_config_enabled MBEDTLS_DEBUG_C
				1283	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1284	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1285	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1286	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1287	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1288	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1289	0 \
				1290	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1291	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1292	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1293	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1294	-c "NamedGroup: x448 ( 1e )" \
				1295	-c "Verifying peer X.509 certificate... ok" \
				1296	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1297
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1298	requires_openssl_tls1_3
				1299	requires_config_enabled MBEDTLS_DEBUG_C
				1300	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1301	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1302	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1303	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1304	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1305	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1306	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1307	0 \
				1308	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1309	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1310	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1311	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1312	-c "NamedGroup: secp256r1 ( 17 )" \
				1313	-c "Verifying peer X.509 certificate... ok" \
				1314	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1315
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1316	requires_gnutls_tls1_3
				1317	requires_gnutls_next_no_ticket
				1318	requires_gnutls_next_disable_tls13_compat
				1319	requires_config_enabled MBEDTLS_DEBUG_C
				1320	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1321	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1322	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1323	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1324	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1325	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1326	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1327	0 \
				1328	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1329	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1330	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1331	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1332	-c "NamedGroup: secp256r1 ( 17 )" \
				1333	-c "Verifying peer X.509 certificate... ok" \
				1334	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1335
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1336	requires_openssl_tls1_3
				1337	requires_config_enabled MBEDTLS_DEBUG_C
				1338	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1339	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1340	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1341	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1342	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1343	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1344	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1345	0 \
				1346	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1347	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1348	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1349	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1350	-c "NamedGroup: secp384r1 ( 18 )" \
				1351	-c "Verifying peer X.509 certificate... ok" \
				1352	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1353
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1354	requires_gnutls_tls1_3
				1355	requires_gnutls_next_no_ticket
				1356	requires_gnutls_next_disable_tls13_compat
				1357	requires_config_enabled MBEDTLS_DEBUG_C
				1358	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1359	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1360	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1361	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1362	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1363	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1364	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1365	0 \
				1366	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1367	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1368	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1369	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1370	-c "NamedGroup: secp384r1 ( 18 )" \
				1371	-c "Verifying peer X.509 certificate... ok" \
				1372	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1373
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1374	requires_openssl_tls1_3
				1375	requires_config_enabled MBEDTLS_DEBUG_C
				1376	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1377	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1378	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1379	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1380	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1381	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1382	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1383	0 \
				1384	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1385	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1386	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1387	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1388	-c "NamedGroup: secp521r1 ( 19 )" \
				1389	-c "Verifying peer X.509 certificate... ok" \
				1390	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1391
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1392	requires_gnutls_tls1_3
				1393	requires_gnutls_next_no_ticket
				1394	requires_gnutls_next_disable_tls13_compat
				1395	requires_config_enabled MBEDTLS_DEBUG_C
				1396	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1397	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1398	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1399	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1400	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1401	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1402	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1403	0 \
				1404	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1405	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1406	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1407	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1408	-c "NamedGroup: secp521r1 ( 19 )" \
				1409	-c "Verifying peer X.509 certificate... ok" \
				1410	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1411
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1412	requires_openssl_tls1_3
				1413	requires_config_enabled MBEDTLS_DEBUG_C
				1414	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1415	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1416	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1417	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1418	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1419	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1420	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1421	0 \
				1422	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1423	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1424	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1425	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1426	-c "NamedGroup: x25519 ( 1d )" \
				1427	-c "Verifying peer X.509 certificate... ok" \
				1428	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1429
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1430	requires_gnutls_tls1_3
				1431	requires_gnutls_next_no_ticket
				1432	requires_gnutls_next_disable_tls13_compat
				1433	requires_config_enabled MBEDTLS_DEBUG_C
				1434	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1435	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1436	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1437	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1438	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1439	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1440	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1441	0 \
				1442	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1443	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1444	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1445	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1446	-c "NamedGroup: x25519 ( 1d )" \
				1447	-c "Verifying peer X.509 certificate... ok" \
				1448	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1449
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1450	requires_openssl_tls1_3
				1451	requires_config_enabled MBEDTLS_DEBUG_C
				1452	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1453	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1454	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1455	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1456	run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1457	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1458	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1459	0 \
				1460	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1461	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1462	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1463	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1464	-c "NamedGroup: x448 ( 1e )" \
				1465	-c "Verifying peer X.509 certificate... ok" \
				1466	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1467
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1468	requires_gnutls_tls1_3
				1469	requires_gnutls_next_no_ticket
				1470	requires_gnutls_next_disable_tls13_compat
				1471	requires_config_enabled MBEDTLS_DEBUG_C
				1472	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1473	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1474	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1475	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1476	run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1477	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1478	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1479	0 \
				1480	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1481	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1482	-c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
				1483	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1484	-c "NamedGroup: x448 ( 1e )" \
				1485	-c "Verifying peer X.509 certificate... ok" \
				1486	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1487
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1488	requires_openssl_tls1_3
				1489	requires_config_enabled MBEDTLS_DEBUG_C
				1490	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1491	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1492	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1493	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1494	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1495	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1496	0 \
				1497	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1498	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1499	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1500	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1501	-c "NamedGroup: secp256r1 ( 17 )" \
				1502	-c "Verifying peer X.509 certificate... ok" \
				1503	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1504
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1505	requires_gnutls_tls1_3
				1506	requires_gnutls_next_no_ticket
				1507	requires_gnutls_next_disable_tls13_compat
				1508	requires_config_enabled MBEDTLS_DEBUG_C
				1509	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1510	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1511	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1512	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1513	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1514	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1515	0 \
				1516	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1517	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1518	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1519	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1520	-c "NamedGroup: secp256r1 ( 17 )" \
				1521	-c "Verifying peer X.509 certificate... ok" \
				1522	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1523
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1524	requires_openssl_tls1_3
				1525	requires_config_enabled MBEDTLS_DEBUG_C
				1526	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1527	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1528	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1529	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1530	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1531	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1532	0 \
				1533	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1534	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1535	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1536	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1537	-c "NamedGroup: secp384r1 ( 18 )" \
				1538	-c "Verifying peer X.509 certificate... ok" \
				1539	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1540
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1541	requires_gnutls_tls1_3
				1542	requires_gnutls_next_no_ticket
				1543	requires_gnutls_next_disable_tls13_compat
				1544	requires_config_enabled MBEDTLS_DEBUG_C
				1545	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1546	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1547	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1548	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1549	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1550	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1551	0 \
				1552	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1553	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1554	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1555	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1556	-c "NamedGroup: secp384r1 ( 18 )" \
				1557	-c "Verifying peer X.509 certificate... ok" \
				1558	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1559
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1560	requires_openssl_tls1_3
				1561	requires_config_enabled MBEDTLS_DEBUG_C
				1562	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1563	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1564	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1565	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1566	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1567	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1568	0 \
				1569	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1570	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1571	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1572	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1573	-c "NamedGroup: secp521r1 ( 19 )" \
				1574	-c "Verifying peer X.509 certificate... ok" \
				1575	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1576
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1577	requires_gnutls_tls1_3
				1578	requires_gnutls_next_no_ticket
				1579	requires_gnutls_next_disable_tls13_compat
				1580	requires_config_enabled MBEDTLS_DEBUG_C
				1581	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1582	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1583	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1584	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1585	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1586	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1587	0 \
				1588	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1589	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1590	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1591	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1592	-c "NamedGroup: secp521r1 ( 19 )" \
				1593	-c "Verifying peer X.509 certificate... ok" \
				1594	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1595
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1596	requires_openssl_tls1_3
				1597	requires_config_enabled MBEDTLS_DEBUG_C
				1598	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1599	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1600	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1601	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1602	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1603	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1604	0 \
				1605	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1606	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1607	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1608	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1609	-c "NamedGroup: x25519 ( 1d )" \
				1610	-c "Verifying peer X.509 certificate... ok" \
				1611	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1612
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1613	requires_gnutls_tls1_3
				1614	requires_gnutls_next_no_ticket
				1615	requires_gnutls_next_disable_tls13_compat
				1616	requires_config_enabled MBEDTLS_DEBUG_C
				1617	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1618	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1619	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1620	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1621	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1622	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1623	0 \
				1624	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1625	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1626	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1627	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1628	-c "NamedGroup: x25519 ( 1d )" \
				1629	-c "Verifying peer X.509 certificate... ok" \
				1630	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1631
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1632	requires_openssl_tls1_3
				1633	requires_config_enabled MBEDTLS_DEBUG_C
				1634	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1635	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1636	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1637	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1638	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1639	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1640	0 \
				1641	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1642	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1643	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1644	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1645	-c "NamedGroup: x448 ( 1e )" \
				1646	-c "Verifying peer X.509 certificate... ok" \
				1647	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1648
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1649	requires_gnutls_tls1_3
				1650	requires_gnutls_next_no_ticket
				1651	requires_gnutls_next_disable_tls13_compat
				1652	requires_config_enabled MBEDTLS_DEBUG_C
				1653	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1654	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1655	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1656	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1657	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1658	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1659	0 \
				1660	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1661	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1662	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1663	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1664	-c "NamedGroup: x448 ( 1e )" \
				1665	-c "Verifying peer X.509 certificate... ok" \
				1666	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1667
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1668	requires_openssl_tls1_3
				1669	requires_config_enabled MBEDTLS_DEBUG_C
				1670	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1671	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1672	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1673	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1674	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1675	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1676	0 \
				1677	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1678	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1679	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1680	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1681	-c "NamedGroup: secp256r1 ( 17 )" \
				1682	-c "Verifying peer X.509 certificate... ok" \
				1683	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1684
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1685	requires_gnutls_tls1_3
				1686	requires_gnutls_next_no_ticket
				1687	requires_gnutls_next_disable_tls13_compat
				1688	requires_config_enabled MBEDTLS_DEBUG_C
				1689	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1690	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1691	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1692	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1693	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1694	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1695	0 \
				1696	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1697	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1698	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1699	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1700	-c "NamedGroup: secp256r1 ( 17 )" \
				1701	-c "Verifying peer X.509 certificate... ok" \
				1702	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1703
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1704	requires_openssl_tls1_3
				1705	requires_config_enabled MBEDTLS_DEBUG_C
				1706	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1707	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1708	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1709	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1710	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1711	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1712	0 \
				1713	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1714	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1715	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1716	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1717	-c "NamedGroup: secp384r1 ( 18 )" \
				1718	-c "Verifying peer X.509 certificate... ok" \
				1719	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1720
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1721	requires_gnutls_tls1_3
				1722	requires_gnutls_next_no_ticket
				1723	requires_gnutls_next_disable_tls13_compat
				1724	requires_config_enabled MBEDTLS_DEBUG_C
				1725	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1726	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1727	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1728	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1729	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1730	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1731	0 \
				1732	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1733	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1734	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1735	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1736	-c "NamedGroup: secp384r1 ( 18 )" \
				1737	-c "Verifying peer X.509 certificate... ok" \
				1738	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1739
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1740	requires_openssl_tls1_3
				1741	requires_config_enabled MBEDTLS_DEBUG_C
				1742	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1743	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1744	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1745	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1746	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1747	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1748	0 \
				1749	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1750	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1751	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1752	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1753	-c "NamedGroup: secp521r1 ( 19 )" \
				1754	-c "Verifying peer X.509 certificate... ok" \
				1755	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1756
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1757	requires_gnutls_tls1_3
				1758	requires_gnutls_next_no_ticket
				1759	requires_gnutls_next_disable_tls13_compat
				1760	requires_config_enabled MBEDTLS_DEBUG_C
				1761	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1762	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1763	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1764	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1765	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1766	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1767	0 \
				1768	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1769	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1770	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1771	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1772	-c "NamedGroup: secp521r1 ( 19 )" \
				1773	-c "Verifying peer X.509 certificate... ok" \
				1774	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1775
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1776	requires_openssl_tls1_3
				1777	requires_config_enabled MBEDTLS_DEBUG_C
				1778	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1779	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1780	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1781	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1782	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1783	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1784	0 \
				1785	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1786	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1787	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1788	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1789	-c "NamedGroup: x25519 ( 1d )" \
				1790	-c "Verifying peer X.509 certificate... ok" \
				1791	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1792
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1793	requires_gnutls_tls1_3
				1794	requires_gnutls_next_no_ticket
				1795	requires_gnutls_next_disable_tls13_compat
				1796	requires_config_enabled MBEDTLS_DEBUG_C
				1797	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1798	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1799	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1800	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1801	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1802	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1803	0 \
				1804	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1805	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1806	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1807	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1808	-c "NamedGroup: x25519 ( 1d )" \
				1809	-c "Verifying peer X.509 certificate... ok" \
				1810	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1811
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1812	requires_openssl_tls1_3
				1813	requires_config_enabled MBEDTLS_DEBUG_C
				1814	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1815	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1816	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1817	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1818	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1819	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1820	0 \
				1821	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1822	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1823	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1824	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1825	-c "NamedGroup: x448 ( 1e )" \
				1826	-c "Verifying peer X.509 certificate... ok" \
				1827	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1828
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1829	requires_gnutls_tls1_3
				1830	requires_gnutls_next_no_ticket
				1831	requires_gnutls_next_disable_tls13_compat
				1832	requires_config_enabled MBEDTLS_DEBUG_C
				1833	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1834	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1835	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1836	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1837	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1838	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1839	0 \
				1840	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1841	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1842	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1843	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1844	-c "NamedGroup: x448 ( 1e )" \
				1845	-c "Verifying peer X.509 certificate... ok" \
				1846	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1847
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1848	requires_openssl_tls1_3
				1849	requires_config_enabled MBEDTLS_DEBUG_C
				1850	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1851	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1852	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1853	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1854	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1855	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1856	0 \
				1857	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1858	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1859	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1860	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1861	-c "NamedGroup: secp256r1 ( 17 )" \
				1862	-c "Verifying peer X.509 certificate... ok" \
				1863	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1864
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1865	requires_gnutls_tls1_3
				1866	requires_gnutls_next_no_ticket
				1867	requires_gnutls_next_disable_tls13_compat
				1868	requires_config_enabled MBEDTLS_DEBUG_C
				1869	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1870	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1871	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1872	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1873	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1874	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1875	0 \
				1876	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1877	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1878	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1879	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1880	-c "NamedGroup: secp256r1 ( 17 )" \
				1881	-c "Verifying peer X.509 certificate... ok" \
				1882	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1883
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1884	requires_openssl_tls1_3
				1885	requires_config_enabled MBEDTLS_DEBUG_C
				1886	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1887	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1888	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1889	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1890	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1891	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1892	0 \
				1893	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1894	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1895	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1896	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1897	-c "NamedGroup: secp384r1 ( 18 )" \
				1898	-c "Verifying peer X.509 certificate... ok" \
				1899	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1900
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1901	requires_gnutls_tls1_3
				1902	requires_gnutls_next_no_ticket
				1903	requires_gnutls_next_disable_tls13_compat
				1904	requires_config_enabled MBEDTLS_DEBUG_C
				1905	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1906	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1907	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1908	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1909	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1910	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1911	0 \
				1912	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1913	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1914	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1915	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1916	-c "NamedGroup: secp384r1 ( 18 )" \
				1917	-c "Verifying peer X.509 certificate... ok" \
				1918	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1919
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1920	requires_openssl_tls1_3
				1921	requires_config_enabled MBEDTLS_DEBUG_C
				1922	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1923	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1924	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1925	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1926	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1927	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1928	0 \
				1929	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1930	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1931	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1932	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1933	-c "NamedGroup: secp521r1 ( 19 )" \
				1934	-c "Verifying peer X.509 certificate... ok" \
				1935	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1936
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1937	requires_gnutls_tls1_3
				1938	requires_gnutls_next_no_ticket
				1939	requires_gnutls_next_disable_tls13_compat
				1940	requires_config_enabled MBEDTLS_DEBUG_C
				1941	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1942	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1943	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1944	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1945	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1946	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1947	0 \
				1948	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1949	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1950	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1951	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1952	-c "NamedGroup: secp521r1 ( 19 )" \
				1953	-c "Verifying peer X.509 certificate... ok" \
				1954	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1955
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1956	requires_openssl_tls1_3
				1957	requires_config_enabled MBEDTLS_DEBUG_C
				1958	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1959	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1960	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1961	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1962	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1963	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1964	0 \
				1965	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1966	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1967	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1968	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1969	-c "NamedGroup: x25519 ( 1d )" \
				1970	-c "Verifying peer X.509 certificate... ok" \
				1971	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1972
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1973	requires_gnutls_tls1_3
				1974	requires_gnutls_next_no_ticket
				1975	requires_gnutls_next_disable_tls13_compat
				1976	requires_config_enabled MBEDTLS_DEBUG_C
				1977	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1978	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1979	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1980	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1981	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1982	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1983	0 \
				1984	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1985	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	1986	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				1987	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	1988	-c "NamedGroup: x25519 ( 1d )" \
				1989	-c "Verifying peer X.509 certificate... ok" \
				1990	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	1991
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	1992	requires_openssl_tls1_3
				1993	requires_config_enabled MBEDTLS_DEBUG_C
				1994	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	1995	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	1996	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	1997	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	1998	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	1999	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2000	0 \
				2001	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2002	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2003	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2004	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2005	-c "NamedGroup: x448 ( 1e )" \
				2006	-c "Verifying peer X.509 certificate... ok" \
				2007	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2008
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2009	requires_gnutls_tls1_3
				2010	requires_gnutls_next_no_ticket
				2011	requires_gnutls_next_disable_tls13_compat
				2012	requires_config_enabled MBEDTLS_DEBUG_C
				2013	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2014	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2015	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2016	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2017	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2018	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2019	0 \
				2020	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2021	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2022	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2023	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2024	-c "NamedGroup: x448 ( 1e )" \
				2025	-c "Verifying peer X.509 certificate... ok" \
				2026	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2027
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2028	requires_openssl_tls1_3
				2029	requires_config_enabled MBEDTLS_DEBUG_C
				2030	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2031	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2032	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2033	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2034	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2035	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2036	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2037	0 \
				2038	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2039	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2040	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2041	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2042	-c "NamedGroup: secp256r1 ( 17 )" \
				2043	-c "Verifying peer X.509 certificate... ok" \
				2044	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2045
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2046	requires_gnutls_tls1_3
				2047	requires_gnutls_next_no_ticket
				2048	requires_gnutls_next_disable_tls13_compat
				2049	requires_config_enabled MBEDTLS_DEBUG_C
				2050	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2051	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2052	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2053	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2054	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2055	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2056	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2057	0 \
				2058	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2059	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2060	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2061	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2062	-c "NamedGroup: secp256r1 ( 17 )" \
				2063	-c "Verifying peer X.509 certificate... ok" \
				2064	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2065
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2066	requires_openssl_tls1_3
				2067	requires_config_enabled MBEDTLS_DEBUG_C
				2068	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2069	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2070	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2071	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2072	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2073	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2074	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2075	0 \
				2076	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2077	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2078	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2079	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2080	-c "NamedGroup: secp384r1 ( 18 )" \
				2081	-c "Verifying peer X.509 certificate... ok" \
				2082	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2083
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2084	requires_gnutls_tls1_3
				2085	requires_gnutls_next_no_ticket
				2086	requires_gnutls_next_disable_tls13_compat
				2087	requires_config_enabled MBEDTLS_DEBUG_C
				2088	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2089	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2090	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2091	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2092	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2093	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2094	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2095	0 \
				2096	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2097	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2098	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2099	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2100	-c "NamedGroup: secp384r1 ( 18 )" \
				2101	-c "Verifying peer X.509 certificate... ok" \
				2102	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2103
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2104	requires_openssl_tls1_3
				2105	requires_config_enabled MBEDTLS_DEBUG_C
				2106	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2107	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2108	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2109	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2110	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2111	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2112	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2113	0 \
				2114	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2115	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2116	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2117	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2118	-c "NamedGroup: secp521r1 ( 19 )" \
				2119	-c "Verifying peer X.509 certificate... ok" \
				2120	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2121
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2122	requires_gnutls_tls1_3
				2123	requires_gnutls_next_no_ticket
				2124	requires_gnutls_next_disable_tls13_compat
				2125	requires_config_enabled MBEDTLS_DEBUG_C
				2126	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2127	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2128	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2129	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2130	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2131	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2132	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2133	0 \
				2134	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2135	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2136	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2137	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2138	-c "NamedGroup: secp521r1 ( 19 )" \
				2139	-c "Verifying peer X.509 certificate... ok" \
				2140	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2141
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2142	requires_openssl_tls1_3
				2143	requires_config_enabled MBEDTLS_DEBUG_C
				2144	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2145	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2146	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2147	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2148	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2149	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2150	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2151	0 \
				2152	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2153	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2154	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2155	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2156	-c "NamedGroup: x25519 ( 1d )" \
				2157	-c "Verifying peer X.509 certificate... ok" \
				2158	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2159
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2160	requires_gnutls_tls1_3
				2161	requires_gnutls_next_no_ticket
				2162	requires_gnutls_next_disable_tls13_compat
				2163	requires_config_enabled MBEDTLS_DEBUG_C
				2164	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2165	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2166	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2167	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2168	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2169	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2170	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2171	0 \
				2172	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2173	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2174	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2175	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2176	-c "NamedGroup: x25519 ( 1d )" \
				2177	-c "Verifying peer X.509 certificate... ok" \
				2178	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2179
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2180	requires_openssl_tls1_3
				2181	requires_config_enabled MBEDTLS_DEBUG_C
				2182	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2183	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2184	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2185	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2186	run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2187	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2188	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2189	0 \
				2190	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2191	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2192	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2193	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2194	-c "NamedGroup: x448 ( 1e )" \
				2195	-c "Verifying peer X.509 certificate... ok" \
				2196	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2197
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2198	requires_gnutls_tls1_3
				2199	requires_gnutls_next_no_ticket
				2200	requires_gnutls_next_disable_tls13_compat
				2201	requires_config_enabled MBEDTLS_DEBUG_C
				2202	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2203	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2204	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2205	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2206	run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2207	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2208	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2209	0 \
				2210	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2211	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2212	-c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
				2213	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2214	-c "NamedGroup: x448 ( 1e )" \
				2215	-c "Verifying peer X.509 certificate... ok" \
				2216	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2217
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2218	requires_openssl_tls1_3
				2219	requires_config_enabled MBEDTLS_DEBUG_C
				2220	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2221	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2222	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2223	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2224	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2225	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2226	0 \
				2227	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2228	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2229	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2230	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2231	-c "NamedGroup: secp256r1 ( 17 )" \
				2232	-c "Verifying peer X.509 certificate... ok" \
				2233	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2234
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2235	requires_gnutls_tls1_3
				2236	requires_gnutls_next_no_ticket
				2237	requires_gnutls_next_disable_tls13_compat
				2238	requires_config_enabled MBEDTLS_DEBUG_C
				2239	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2240	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2241	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2242	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2243	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2244	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2245	0 \
				2246	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2247	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2248	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2249	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2250	-c "NamedGroup: secp256r1 ( 17 )" \
				2251	-c "Verifying peer X.509 certificate... ok" \
				2252	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2253
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2254	requires_openssl_tls1_3
				2255	requires_config_enabled MBEDTLS_DEBUG_C
				2256	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2257	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2258	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2259	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2260	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2261	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2262	0 \
				2263	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2264	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2265	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2266	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2267	-c "NamedGroup: secp384r1 ( 18 )" \
				2268	-c "Verifying peer X.509 certificate... ok" \
				2269	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2270
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2271	requires_gnutls_tls1_3
				2272	requires_gnutls_next_no_ticket
				2273	requires_gnutls_next_disable_tls13_compat
				2274	requires_config_enabled MBEDTLS_DEBUG_C
				2275	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2276	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2277	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2278	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2279	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2280	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2281	0 \
				2282	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2283	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2284	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2285	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2286	-c "NamedGroup: secp384r1 ( 18 )" \
				2287	-c "Verifying peer X.509 certificate... ok" \
				2288	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2289
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2290	requires_openssl_tls1_3
				2291	requires_config_enabled MBEDTLS_DEBUG_C
				2292	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2293	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2294	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2295	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2296	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2297	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2298	0 \
				2299	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2300	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2301	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2302	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2303	-c "NamedGroup: secp521r1 ( 19 )" \
				2304	-c "Verifying peer X.509 certificate... ok" \
				2305	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2306
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2307	requires_gnutls_tls1_3
				2308	requires_gnutls_next_no_ticket
				2309	requires_gnutls_next_disable_tls13_compat
				2310	requires_config_enabled MBEDTLS_DEBUG_C
				2311	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2312	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2313	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2314	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2315	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2316	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2317	0 \
				2318	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2319	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2320	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2321	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2322	-c "NamedGroup: secp521r1 ( 19 )" \
				2323	-c "Verifying peer X.509 certificate... ok" \
				2324	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2325
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2326	requires_openssl_tls1_3
				2327	requires_config_enabled MBEDTLS_DEBUG_C
				2328	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2329	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2330	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2331	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2332	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2333	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2334	0 \
				2335	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2336	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2337	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2338	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2339	-c "NamedGroup: x25519 ( 1d )" \
				2340	-c "Verifying peer X.509 certificate... ok" \
				2341	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2342
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2343	requires_gnutls_tls1_3
				2344	requires_gnutls_next_no_ticket
				2345	requires_gnutls_next_disable_tls13_compat
				2346	requires_config_enabled MBEDTLS_DEBUG_C
				2347	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2348	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2349	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2350	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2351	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2352	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2353	0 \
				2354	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2355	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2356	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2357	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2358	-c "NamedGroup: x25519 ( 1d )" \
				2359	-c "Verifying peer X.509 certificate... ok" \
				2360	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2361
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2362	requires_openssl_tls1_3
				2363	requires_config_enabled MBEDTLS_DEBUG_C
				2364	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2365	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2366	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2367	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2368	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2369	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2370	0 \
				2371	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2372	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2373	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2374	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2375	-c "NamedGroup: x448 ( 1e )" \
				2376	-c "Verifying peer X.509 certificate... ok" \
				2377	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2378
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2379	requires_gnutls_tls1_3
				2380	requires_gnutls_next_no_ticket
				2381	requires_gnutls_next_disable_tls13_compat
				2382	requires_config_enabled MBEDTLS_DEBUG_C
				2383	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2384	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2385	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2386	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2387	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2388	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2389	0 \
				2390	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2391	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2392	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2393	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2394	-c "NamedGroup: x448 ( 1e )" \
				2395	-c "Verifying peer X.509 certificate... ok" \
				2396	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2397
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2398	requires_openssl_tls1_3
				2399	requires_config_enabled MBEDTLS_DEBUG_C
				2400	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2401	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2402	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2403	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2404	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2405	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2406	0 \
				2407	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2408	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2409	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2410	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2411	-c "NamedGroup: secp256r1 ( 17 )" \
				2412	-c "Verifying peer X.509 certificate... ok" \
				2413	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2414
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2415	requires_gnutls_tls1_3
				2416	requires_gnutls_next_no_ticket
				2417	requires_gnutls_next_disable_tls13_compat
				2418	requires_config_enabled MBEDTLS_DEBUG_C
				2419	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2420	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2421	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2422	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2423	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2424	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2425	0 \
				2426	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2427	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2428	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2429	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2430	-c "NamedGroup: secp256r1 ( 17 )" \
				2431	-c "Verifying peer X.509 certificate... ok" \
				2432	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2433
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2434	requires_openssl_tls1_3
				2435	requires_config_enabled MBEDTLS_DEBUG_C
				2436	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2437	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2438	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2439	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2440	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2441	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2442	0 \
				2443	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2444	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2445	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2446	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2447	-c "NamedGroup: secp384r1 ( 18 )" \
				2448	-c "Verifying peer X.509 certificate... ok" \
				2449	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2450
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2451	requires_gnutls_tls1_3
				2452	requires_gnutls_next_no_ticket
				2453	requires_gnutls_next_disable_tls13_compat
				2454	requires_config_enabled MBEDTLS_DEBUG_C
				2455	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2456	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2457	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2458	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2459	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2460	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2461	0 \
				2462	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2463	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2464	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2465	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2466	-c "NamedGroup: secp384r1 ( 18 )" \
				2467	-c "Verifying peer X.509 certificate... ok" \
				2468	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2469
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2470	requires_openssl_tls1_3
				2471	requires_config_enabled MBEDTLS_DEBUG_C
				2472	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2473	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2474	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2475	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2476	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2477	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2478	0 \
				2479	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2480	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2481	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2482	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2483	-c "NamedGroup: secp521r1 ( 19 )" \
				2484	-c "Verifying peer X.509 certificate... ok" \
				2485	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2486
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2487	requires_gnutls_tls1_3
				2488	requires_gnutls_next_no_ticket
				2489	requires_gnutls_next_disable_tls13_compat
				2490	requires_config_enabled MBEDTLS_DEBUG_C
				2491	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2492	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2493	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2494	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2495	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2496	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2497	0 \
				2498	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2499	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2500	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2501	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2502	-c "NamedGroup: secp521r1 ( 19 )" \
				2503	-c "Verifying peer X.509 certificate... ok" \
				2504	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2505
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2506	requires_openssl_tls1_3
				2507	requires_config_enabled MBEDTLS_DEBUG_C
				2508	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2509	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2510	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2511	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2512	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2513	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2514	0 \
				2515	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2516	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2517	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2518	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2519	-c "NamedGroup: x25519 ( 1d )" \
				2520	-c "Verifying peer X.509 certificate... ok" \
				2521	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2522
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2523	requires_gnutls_tls1_3
				2524	requires_gnutls_next_no_ticket
				2525	requires_gnutls_next_disable_tls13_compat
				2526	requires_config_enabled MBEDTLS_DEBUG_C
				2527	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2528	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2529	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2530	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2531	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2532	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2533	0 \
				2534	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2535	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2536	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2537	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2538	-c "NamedGroup: x25519 ( 1d )" \
				2539	-c "Verifying peer X.509 certificate... ok" \
				2540	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2541
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2542	requires_openssl_tls1_3
				2543	requires_config_enabled MBEDTLS_DEBUG_C
				2544	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2545	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2546	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2547	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2548	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2549	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2550	0 \
				2551	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2552	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2553	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2554	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2555	-c "NamedGroup: x448 ( 1e )" \
				2556	-c "Verifying peer X.509 certificate... ok" \
				2557	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2558
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2559	requires_gnutls_tls1_3
				2560	requires_gnutls_next_no_ticket
				2561	requires_gnutls_next_disable_tls13_compat
				2562	requires_config_enabled MBEDTLS_DEBUG_C
				2563	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2564	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2565	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2566	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2567	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2568	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2569	0 \
				2570	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2571	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2572	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2573	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2574	-c "NamedGroup: x448 ( 1e )" \
				2575	-c "Verifying peer X.509 certificate... ok" \
				2576	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2577
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2578	requires_openssl_tls1_3
				2579	requires_config_enabled MBEDTLS_DEBUG_C
				2580	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2581	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2582	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2583	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2584	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2585	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2586	0 \
				2587	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2588	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2589	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2590	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2591	-c "NamedGroup: secp256r1 ( 17 )" \
				2592	-c "Verifying peer X.509 certificate... ok" \
				2593	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2594
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2595	requires_gnutls_tls1_3
				2596	requires_gnutls_next_no_ticket
				2597	requires_gnutls_next_disable_tls13_compat
				2598	requires_config_enabled MBEDTLS_DEBUG_C
				2599	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2600	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2601	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2602	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2603	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2604	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2605	0 \
				2606	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2607	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2608	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2609	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2610	-c "NamedGroup: secp256r1 ( 17 )" \
				2611	-c "Verifying peer X.509 certificate... ok" \
				2612	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2613
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2614	requires_openssl_tls1_3
				2615	requires_config_enabled MBEDTLS_DEBUG_C
				2616	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2617	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2618	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2619	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2620	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2621	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2622	0 \
				2623	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2624	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2625	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2626	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2627	-c "NamedGroup: secp384r1 ( 18 )" \
				2628	-c "Verifying peer X.509 certificate... ok" \
				2629	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2630
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2631	requires_gnutls_tls1_3
				2632	requires_gnutls_next_no_ticket
				2633	requires_gnutls_next_disable_tls13_compat
				2634	requires_config_enabled MBEDTLS_DEBUG_C
				2635	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2636	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2637	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2638	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2639	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2640	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2641	0 \
				2642	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2643	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2644	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2645	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2646	-c "NamedGroup: secp384r1 ( 18 )" \
				2647	-c "Verifying peer X.509 certificate... ok" \
				2648	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2649
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2650	requires_openssl_tls1_3
				2651	requires_config_enabled MBEDTLS_DEBUG_C
				2652	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2653	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2654	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2655	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2656	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2657	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2658	0 \
				2659	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2660	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2661	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2662	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2663	-c "NamedGroup: secp521r1 ( 19 )" \
				2664	-c "Verifying peer X.509 certificate... ok" \
				2665	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2666
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2667	requires_gnutls_tls1_3
				2668	requires_gnutls_next_no_ticket
				2669	requires_gnutls_next_disable_tls13_compat
				2670	requires_config_enabled MBEDTLS_DEBUG_C
				2671	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2672	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2673	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2674	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2675	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2676	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2677	0 \
				2678	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2679	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2680	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2681	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2682	-c "NamedGroup: secp521r1 ( 19 )" \
				2683	-c "Verifying peer X.509 certificate... ok" \
				2684	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2685
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2686	requires_openssl_tls1_3
				2687	requires_config_enabled MBEDTLS_DEBUG_C
				2688	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2689	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2690	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2691	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2692	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2693	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2694	0 \
				2695	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2696	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2697	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2698	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2699	-c "NamedGroup: x25519 ( 1d )" \
				2700	-c "Verifying peer X.509 certificate... ok" \
				2701	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2702
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2703	requires_gnutls_tls1_3
				2704	requires_gnutls_next_no_ticket
				2705	requires_gnutls_next_disable_tls13_compat
				2706	requires_config_enabled MBEDTLS_DEBUG_C
				2707	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2708	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2709	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2710	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2711	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2712	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2713	0 \
				2714	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2715	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2716	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2717	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2718	-c "NamedGroup: x25519 ( 1d )" \
				2719	-c "Verifying peer X.509 certificate... ok" \
				2720	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2721
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2722	requires_openssl_tls1_3
				2723	requires_config_enabled MBEDTLS_DEBUG_C
				2724	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2725	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2726	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2727	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2728	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2729	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2730	0 \
				2731	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2732	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2733	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2734	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2735	-c "NamedGroup: x448 ( 1e )" \
				2736	-c "Verifying peer X.509 certificate... ok" \
				2737	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2738
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2739	requires_gnutls_tls1_3
				2740	requires_gnutls_next_no_ticket
				2741	requires_gnutls_next_disable_tls13_compat
				2742	requires_config_enabled MBEDTLS_DEBUG_C
				2743	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2744	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2745	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2746	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2747	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2748	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2749	0 \
				2750	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2751	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2752	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2753	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2754	-c "NamedGroup: x448 ( 1e )" \
				2755	-c "Verifying peer X.509 certificate... ok" \
				2756	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2757
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2758	requires_openssl_tls1_3
				2759	requires_config_enabled MBEDTLS_DEBUG_C
				2760	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2761	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2762	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2763	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2764	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2765	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2766	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2767	0 \
				2768	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2769	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2770	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2771	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2772	-c "NamedGroup: secp256r1 ( 17 )" \
				2773	-c "Verifying peer X.509 certificate... ok" \
				2774	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2775
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2776	requires_gnutls_tls1_3
				2777	requires_gnutls_next_no_ticket
				2778	requires_gnutls_next_disable_tls13_compat
				2779	requires_config_enabled MBEDTLS_DEBUG_C
				2780	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2781	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2782	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2783	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2784	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2785	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2786	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2787	0 \
				2788	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2789	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2790	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2791	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2792	-c "NamedGroup: secp256r1 ( 17 )" \
				2793	-c "Verifying peer X.509 certificate... ok" \
				2794	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2795
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2796	requires_openssl_tls1_3
				2797	requires_config_enabled MBEDTLS_DEBUG_C
				2798	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2799	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2800	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2801	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2802	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2803	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2804	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2805	0 \
				2806	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2807	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2808	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2809	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2810	-c "NamedGroup: secp384r1 ( 18 )" \
				2811	-c "Verifying peer X.509 certificate... ok" \
				2812	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2813
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2814	requires_gnutls_tls1_3
				2815	requires_gnutls_next_no_ticket
				2816	requires_gnutls_next_disable_tls13_compat
				2817	requires_config_enabled MBEDTLS_DEBUG_C
				2818	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2819	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2820	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2821	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2822	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2823	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2824	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2825	0 \
				2826	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2827	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2828	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2829	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2830	-c "NamedGroup: secp384r1 ( 18 )" \
				2831	-c "Verifying peer X.509 certificate... ok" \
				2832	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2833
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2834	requires_openssl_tls1_3
				2835	requires_config_enabled MBEDTLS_DEBUG_C
				2836	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2837	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2838	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2839	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2840	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2841	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2842	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2843	0 \
				2844	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2845	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2846	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2847	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2848	-c "NamedGroup: secp521r1 ( 19 )" \
				2849	-c "Verifying peer X.509 certificate... ok" \
				2850	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2851
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2852	requires_gnutls_tls1_3
				2853	requires_gnutls_next_no_ticket
				2854	requires_gnutls_next_disable_tls13_compat
				2855	requires_config_enabled MBEDTLS_DEBUG_C
				2856	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2857	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2858	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2859	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2860	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2861	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2862	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2863	0 \
				2864	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2865	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2866	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2867	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2868	-c "NamedGroup: secp521r1 ( 19 )" \
				2869	-c "Verifying peer X.509 certificate... ok" \
				2870	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2871
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2872	requires_openssl_tls1_3
				2873	requires_config_enabled MBEDTLS_DEBUG_C
				2874	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2875	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2876	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2877	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2878	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2879	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2880	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2881	0 \
				2882	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2883	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2884	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2885	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2886	-c "NamedGroup: x25519 ( 1d )" \
				2887	-c "Verifying peer X.509 certificate... ok" \
				2888	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2889
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2890	requires_gnutls_tls1_3
				2891	requires_gnutls_next_no_ticket
				2892	requires_gnutls_next_disable_tls13_compat
				2893	requires_config_enabled MBEDTLS_DEBUG_C
				2894	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2895	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2896	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2897	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2898	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2899	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2900	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2901	0 \
				2902	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2903	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2904	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2905	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2906	-c "NamedGroup: x25519 ( 1d )" \
				2907	-c "Verifying peer X.509 certificate... ok" \
				2908	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2909
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2910	requires_openssl_tls1_3
				2911	requires_config_enabled MBEDTLS_DEBUG_C
				2912	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2913	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2914	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2915	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2916	run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2917	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2918	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2919	0 \
				2920	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2921	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2922	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2923	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2924	-c "NamedGroup: x448 ( 1e )" \
				2925	-c "Verifying peer X.509 certificate... ok" \
				2926	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2927
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2928	requires_gnutls_tls1_3
				2929	requires_gnutls_next_no_ticket
				2930	requires_gnutls_next_disable_tls13_compat
				2931	requires_config_enabled MBEDTLS_DEBUG_C
				2932	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2933	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2934	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2935	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2936	run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2937	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2938	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2939	0 \
				2940	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2941	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2942	-c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
				2943	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2944	-c "NamedGroup: x448 ( 1e )" \
				2945	-c "Verifying peer X.509 certificate... ok" \
				2946	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2947
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2948	requires_openssl_tls1_3
				2949	requires_config_enabled MBEDTLS_DEBUG_C
				2950	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2951	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2952	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2953	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2954	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2955	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2956	0 \
				2957	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2958	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2959	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2960	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2961	-c "NamedGroup: secp256r1 ( 17 )" \
				2962	-c "Verifying peer X.509 certificate... ok" \
				2963	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2964
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2965	requires_gnutls_tls1_3
				2966	requires_gnutls_next_no_ticket
				2967	requires_gnutls_next_disable_tls13_compat
				2968	requires_config_enabled MBEDTLS_DEBUG_C
				2969	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2970	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2971	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2972	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2973	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2974	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2975	0 \
				2976	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2977	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2978	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2979	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2980	-c "NamedGroup: secp256r1 ( 17 )" \
				2981	-c "Verifying peer X.509 certificate... ok" \
				2982	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	2983
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	2984	requires_openssl_tls1_3
				2985	requires_config_enabled MBEDTLS_DEBUG_C
				2986	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	2987	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	2988	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	2989	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	2990	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2991	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2992	0 \
				2993	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	2994	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	2995	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				2996	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	2997	-c "NamedGroup: secp384r1 ( 18 )" \
				2998	-c "Verifying peer X.509 certificate... ok" \
				2999	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3000
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3001	requires_gnutls_tls1_3
				3002	requires_gnutls_next_no_ticket
				3003	requires_gnutls_next_disable_tls13_compat
				3004	requires_config_enabled MBEDTLS_DEBUG_C
				3005	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3006	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3007	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3008	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3009	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3010	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3011	0 \
				3012	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3013	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3014	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3015	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3016	-c "NamedGroup: secp384r1 ( 18 )" \
				3017	-c "Verifying peer X.509 certificate... ok" \
				3018	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3019
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3020	requires_openssl_tls1_3
				3021	requires_config_enabled MBEDTLS_DEBUG_C
				3022	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3023	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3024	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3025	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3026	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3027	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3028	0 \
				3029	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3030	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3031	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3032	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3033	-c "NamedGroup: secp521r1 ( 19 )" \
				3034	-c "Verifying peer X.509 certificate... ok" \
				3035	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3036
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3037	requires_gnutls_tls1_3
				3038	requires_gnutls_next_no_ticket
				3039	requires_gnutls_next_disable_tls13_compat
				3040	requires_config_enabled MBEDTLS_DEBUG_C
				3041	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3042	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3043	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3044	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3045	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3046	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3047	0 \
				3048	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3049	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3050	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3051	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3052	-c "NamedGroup: secp521r1 ( 19 )" \
				3053	-c "Verifying peer X.509 certificate... ok" \
				3054	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3055
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3056	requires_openssl_tls1_3
				3057	requires_config_enabled MBEDTLS_DEBUG_C
				3058	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3059	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3060	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3061	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3062	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3063	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3064	0 \
				3065	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3066	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3067	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3068	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3069	-c "NamedGroup: x25519 ( 1d )" \
				3070	-c "Verifying peer X.509 certificate... ok" \
				3071	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3072
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3073	requires_gnutls_tls1_3
				3074	requires_gnutls_next_no_ticket
				3075	requires_gnutls_next_disable_tls13_compat
				3076	requires_config_enabled MBEDTLS_DEBUG_C
				3077	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3078	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3079	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3080	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3081	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3082	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3083	0 \
				3084	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3085	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3086	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3087	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3088	-c "NamedGroup: x25519 ( 1d )" \
				3089	-c "Verifying peer X.509 certificate... ok" \
				3090	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3091
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3092	requires_openssl_tls1_3
				3093	requires_config_enabled MBEDTLS_DEBUG_C
				3094	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3095	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3096	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3097	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3098	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3099	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3100	0 \
				3101	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3102	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3103	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3104	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3105	-c "NamedGroup: x448 ( 1e )" \
				3106	-c "Verifying peer X.509 certificate... ok" \
				3107	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3108
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3109	requires_gnutls_tls1_3
				3110	requires_gnutls_next_no_ticket
				3111	requires_gnutls_next_disable_tls13_compat
				3112	requires_config_enabled MBEDTLS_DEBUG_C
				3113	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3114	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3115	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3116	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3117	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3118	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3119	0 \
				3120	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3121	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3122	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3123	-c "Certificate Verify: Signature algorithm ( 0403 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3124	-c "NamedGroup: x448 ( 1e )" \
				3125	-c "Verifying peer X.509 certificate... ok" \
				3126	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3127
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3128	requires_openssl_tls1_3
				3129	requires_config_enabled MBEDTLS_DEBUG_C
				3130	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3131	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3132	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3133	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3134	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3135	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3136	0 \
				3137	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3138	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3139	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3140	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3141	-c "NamedGroup: secp256r1 ( 17 )" \
				3142	-c "Verifying peer X.509 certificate... ok" \
				3143	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3144
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3145	requires_gnutls_tls1_3
				3146	requires_gnutls_next_no_ticket
				3147	requires_gnutls_next_disable_tls13_compat
				3148	requires_config_enabled MBEDTLS_DEBUG_C
				3149	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3150	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3151	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3152	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3153	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3154	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3155	0 \
				3156	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3157	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3158	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3159	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3160	-c "NamedGroup: secp256r1 ( 17 )" \
				3161	-c "Verifying peer X.509 certificate... ok" \
				3162	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3163
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3164	requires_openssl_tls1_3
				3165	requires_config_enabled MBEDTLS_DEBUG_C
				3166	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3167	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3168	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3169	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3170	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3171	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3172	0 \
				3173	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3174	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3175	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3176	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3177	-c "NamedGroup: secp384r1 ( 18 )" \
				3178	-c "Verifying peer X.509 certificate... ok" \
				3179	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3180
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3181	requires_gnutls_tls1_3
				3182	requires_gnutls_next_no_ticket
				3183	requires_gnutls_next_disable_tls13_compat
				3184	requires_config_enabled MBEDTLS_DEBUG_C
				3185	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3186	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3187	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3188	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3189	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3190	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3191	0 \
				3192	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3193	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3194	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3195	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3196	-c "NamedGroup: secp384r1 ( 18 )" \
				3197	-c "Verifying peer X.509 certificate... ok" \
				3198	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3199
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3200	requires_openssl_tls1_3
				3201	requires_config_enabled MBEDTLS_DEBUG_C
				3202	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3203	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3204	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3205	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3206	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3207	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3208	0 \
				3209	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3210	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3211	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3212	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3213	-c "NamedGroup: secp521r1 ( 19 )" \
				3214	-c "Verifying peer X.509 certificate... ok" \
				3215	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3216
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3217	requires_gnutls_tls1_3
				3218	requires_gnutls_next_no_ticket
				3219	requires_gnutls_next_disable_tls13_compat
				3220	requires_config_enabled MBEDTLS_DEBUG_C
				3221	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3222	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3223	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3224	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3225	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3226	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3227	0 \
				3228	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3229	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3230	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3231	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3232	-c "NamedGroup: secp521r1 ( 19 )" \
				3233	-c "Verifying peer X.509 certificate... ok" \
				3234	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3235
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3236	requires_openssl_tls1_3
				3237	requires_config_enabled MBEDTLS_DEBUG_C
				3238	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3239	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3240	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3241	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3242	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3243	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3244	0 \
				3245	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3246	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3247	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3248	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3249	-c "NamedGroup: x25519 ( 1d )" \
				3250	-c "Verifying peer X.509 certificate... ok" \
				3251	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3252
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3253	requires_gnutls_tls1_3
				3254	requires_gnutls_next_no_ticket
				3255	requires_gnutls_next_disable_tls13_compat
				3256	requires_config_enabled MBEDTLS_DEBUG_C
				3257	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3258	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3259	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3260	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3261	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3262	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3263	0 \
				3264	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3265	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3266	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3267	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3268	-c "NamedGroup: x25519 ( 1d )" \
				3269	-c "Verifying peer X.509 certificate... ok" \
				3270	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3271
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3272	requires_openssl_tls1_3
				3273	requires_config_enabled MBEDTLS_DEBUG_C
				3274	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3275	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3276	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3277	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3278	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3279	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3280	0 \
				3281	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3282	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3283	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3284	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3285	-c "NamedGroup: x448 ( 1e )" \
				3286	-c "Verifying peer X.509 certificate... ok" \
				3287	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3288
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3289	requires_gnutls_tls1_3
				3290	requires_gnutls_next_no_ticket
				3291	requires_gnutls_next_disable_tls13_compat
				3292	requires_config_enabled MBEDTLS_DEBUG_C
				3293	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3294	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3295	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3296	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3297	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3298	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3299	0 \
				3300	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3301	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3302	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3303	-c "Certificate Verify: Signature algorithm ( 0503 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3304	-c "NamedGroup: x448 ( 1e )" \
				3305	-c "Verifying peer X.509 certificate... ok" \
				3306	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3307
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3308	requires_openssl_tls1_3
				3309	requires_config_enabled MBEDTLS_DEBUG_C
				3310	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3311	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3312	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3313	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3314	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3315	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3316	0 \
				3317	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3318	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3319	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3320	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3321	-c "NamedGroup: secp256r1 ( 17 )" \
				3322	-c "Verifying peer X.509 certificate... ok" \
				3323	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3324
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3325	requires_gnutls_tls1_3
				3326	requires_gnutls_next_no_ticket
				3327	requires_gnutls_next_disable_tls13_compat
				3328	requires_config_enabled MBEDTLS_DEBUG_C
				3329	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3330	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3331	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3332	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3333	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3334	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3335	0 \
				3336	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3337	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3338	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3339	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3340	-c "NamedGroup: secp256r1 ( 17 )" \
				3341	-c "Verifying peer X.509 certificate... ok" \
				3342	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3343
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3344	requires_openssl_tls1_3
				3345	requires_config_enabled MBEDTLS_DEBUG_C
				3346	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3347	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3348	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3349	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3350	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3351	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3352	0 \
				3353	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3354	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3355	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3356	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3357	-c "NamedGroup: secp384r1 ( 18 )" \
				3358	-c "Verifying peer X.509 certificate... ok" \
				3359	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3360
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3361	requires_gnutls_tls1_3
				3362	requires_gnutls_next_no_ticket
				3363	requires_gnutls_next_disable_tls13_compat
				3364	requires_config_enabled MBEDTLS_DEBUG_C
				3365	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3366	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3367	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3368	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3369	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3370	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3371	0 \
				3372	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3373	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3374	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3375	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3376	-c "NamedGroup: secp384r1 ( 18 )" \
				3377	-c "Verifying peer X.509 certificate... ok" \
				3378	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3379
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3380	requires_openssl_tls1_3
				3381	requires_config_enabled MBEDTLS_DEBUG_C
				3382	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3383	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3384	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3385	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3386	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3387	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3388	0 \
				3389	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3390	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3391	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3392	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3393	-c "NamedGroup: secp521r1 ( 19 )" \
				3394	-c "Verifying peer X.509 certificate... ok" \
				3395	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3396
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3397	requires_gnutls_tls1_3
				3398	requires_gnutls_next_no_ticket
				3399	requires_gnutls_next_disable_tls13_compat
				3400	requires_config_enabled MBEDTLS_DEBUG_C
				3401	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3402	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3403	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3404	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3405	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3406	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3407	0 \
				3408	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3409	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3410	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3411	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3412	-c "NamedGroup: secp521r1 ( 19 )" \
				3413	-c "Verifying peer X.509 certificate... ok" \
				3414	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3415
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3416	requires_openssl_tls1_3
				3417	requires_config_enabled MBEDTLS_DEBUG_C
				3418	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3419	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3420	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3421	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3422	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3423	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3424	0 \
				3425	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3426	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3427	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3428	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3429	-c "NamedGroup: x25519 ( 1d )" \
				3430	-c "Verifying peer X.509 certificate... ok" \
				3431	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3432
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3433	requires_gnutls_tls1_3
				3434	requires_gnutls_next_no_ticket
				3435	requires_gnutls_next_disable_tls13_compat
				3436	requires_config_enabled MBEDTLS_DEBUG_C
				3437	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3438	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3439	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3440	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3441	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3442	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3443	0 \
				3444	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3445	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3446	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3447	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3448	-c "NamedGroup: x25519 ( 1d )" \
				3449	-c "Verifying peer X.509 certificate... ok" \
				3450	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3451
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3452	requires_openssl_tls1_3
				3453	requires_config_enabled MBEDTLS_DEBUG_C
				3454	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3455	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3456	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3457	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3458	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3459	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3460	0 \
				3461	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3462	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3463	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3464	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3465	-c "NamedGroup: x448 ( 1e )" \
				3466	-c "Verifying peer X.509 certificate... ok" \
				3467	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3468
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3469	requires_gnutls_tls1_3
				3470	requires_gnutls_next_no_ticket
				3471	requires_gnutls_next_disable_tls13_compat
				3472	requires_config_enabled MBEDTLS_DEBUG_C
				3473	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3474	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3475	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3476	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3477	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3478	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3479	0 \
				3480	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3481	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3482	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3483	-c "Certificate Verify: Signature algorithm ( 0603 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3484	-c "NamedGroup: x448 ( 1e )" \
				3485	-c "Verifying peer X.509 certificate... ok" \
				3486	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3487
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3488	requires_openssl_tls1_3
				3489	requires_config_enabled MBEDTLS_DEBUG_C
				3490	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3491	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3492	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3493	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3494	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3495	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3496	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3497	0 \
				3498	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3499	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3500	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3501	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3502	-c "NamedGroup: secp256r1 ( 17 )" \
				3503	-c "Verifying peer X.509 certificate... ok" \
				3504	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3505
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3506	requires_gnutls_tls1_3
				3507	requires_gnutls_next_no_ticket
				3508	requires_gnutls_next_disable_tls13_compat
				3509	requires_config_enabled MBEDTLS_DEBUG_C
				3510	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3511	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3512	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3513	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3514	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3515	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3516	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3517	0 \
				3518	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3519	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3520	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3521	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3522	-c "NamedGroup: secp256r1 ( 17 )" \
				3523	-c "Verifying peer X.509 certificate... ok" \
				3524	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3525
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3526	requires_openssl_tls1_3
				3527	requires_config_enabled MBEDTLS_DEBUG_C
				3528	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3529	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3530	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3531	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3532	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3533	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3534	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3535	0 \
				3536	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3537	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3538	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3539	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3540	-c "NamedGroup: secp384r1 ( 18 )" \
				3541	-c "Verifying peer X.509 certificate... ok" \
				3542	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3543
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3544	requires_gnutls_tls1_3
				3545	requires_gnutls_next_no_ticket
				3546	requires_gnutls_next_disable_tls13_compat
				3547	requires_config_enabled MBEDTLS_DEBUG_C
				3548	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3549	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3550	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3551	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3552	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3553	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3554	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3555	0 \
				3556	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3557	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3558	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3559	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3560	-c "NamedGroup: secp384r1 ( 18 )" \
				3561	-c "Verifying peer X.509 certificate... ok" \
				3562	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3563
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3564	requires_openssl_tls1_3
				3565	requires_config_enabled MBEDTLS_DEBUG_C
				3566	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3567	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3568	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3569	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3570	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3571	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3572	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3573	0 \
				3574	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3575	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3576	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3577	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3578	-c "NamedGroup: secp521r1 ( 19 )" \
				3579	-c "Verifying peer X.509 certificate... ok" \
				3580	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3581
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3582	requires_gnutls_tls1_3
				3583	requires_gnutls_next_no_ticket
				3584	requires_gnutls_next_disable_tls13_compat
				3585	requires_config_enabled MBEDTLS_DEBUG_C
				3586	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3587	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3588	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3589	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3590	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3591	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3592	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3593	0 \
				3594	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3595	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3596	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3597	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3598	-c "NamedGroup: secp521r1 ( 19 )" \
				3599	-c "Verifying peer X.509 certificate... ok" \
				3600	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3601
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3602	requires_openssl_tls1_3
				3603	requires_config_enabled MBEDTLS_DEBUG_C
				3604	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3605	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3606	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3607	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3608	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3609	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3610	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3611	0 \
				3612	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3613	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3614	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3615	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3616	-c "NamedGroup: x25519 ( 1d )" \
				3617	-c "Verifying peer X.509 certificate... ok" \
				3618	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3619
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3620	requires_gnutls_tls1_3
				3621	requires_gnutls_next_no_ticket
				3622	requires_gnutls_next_disable_tls13_compat
				3623	requires_config_enabled MBEDTLS_DEBUG_C
				3624	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3625	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3626	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3627	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3628	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3629	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3630	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3631	0 \
				3632	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3633	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3634	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3635	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3636	-c "NamedGroup: x25519 ( 1d )" \
				3637	-c "Verifying peer X.509 certificate... ok" \
				3638	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3639
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3640	requires_openssl_tls1_3
				3641	requires_config_enabled MBEDTLS_DEBUG_C
				3642	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3643	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3644	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3645	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3646	run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3647	"$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3648	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3649	0 \
				3650	-c "HTTP/1.0 200 ok" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3651	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3652	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
				3653	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3654	-c "NamedGroup: x448 ( 1e )" \
				3655	-c "Verifying peer X.509 certificate... ok" \
				3656	-C "received HelloRetryRequest message"
Jerry Yu	dda036d	2021-11-30 11:19:41 +0800	[diff] [blame]	3657
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3658	requires_gnutls_tls1_3
				3659	requires_gnutls_next_no_ticket
				3660	requires_gnutls_next_disable_tls13_compat
				3661	requires_config_enabled MBEDTLS_DEBUG_C
				3662	requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron	6f135e1	2021-12-08 16:57:54 +0100	[diff] [blame]	3663	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron	ae93725	2021-12-10 09:55:15 +0100	[diff] [blame]	3664	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Jerry Yu	31018ad	2021-11-26 20:36:17 +0800	[diff] [blame]	3665	requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3666	run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
Ronald Cron	fdb0e3f	2021-12-09 10:39:19 +0100	[diff] [blame]	3667	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3668	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3669	0 \
				3670	-c "HTTP/1.0 200 OK" \
Ronald Cron	a1b8f6e	2022-03-18 14:04:12 +0100	[diff] [blame]	3671	-c "Protocol is TLSv1.3" \
Jerry Yu	cdcb683	2021-11-29 16:50:13 +0800	[diff] [blame]	3672	-c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	3673	-c "Certificate Verify: Signature algorithm ( 0804 )" \
Jerry Yu	7de7985	2022-03-23 16:50:47 +0800	[diff] [blame]	3674	-c "NamedGroup: x448 ( 1e )" \
				3675	-c "Verifying peer X.509 certificate... ok" \
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	3676	-C "received HelloRetryRequest message"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3677
				3678	requires_openssl_tls1_3
				3679	requires_config_enabled MBEDTLS_DEBUG_C
				3680	requires_config_enabled MBEDTLS_SSL_CLI_C
				3681	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3682	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3683	run_test "TLS 1.3 m->O: HRR secp256r1 -> secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3684	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3685	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3686	0 \
				3687	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3688	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3689	-c "NamedGroup: secp256r1 ( 17 )" \
				3690	-c "NamedGroup: secp384r1 ( 18 )" \
				3691	-c "Verifying peer X.509 certificate... ok" \
				3692	-c "received HelloRetryRequest message" \
				3693	-c "selected_group ( 24 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3694
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3695	requires_openssl_tls1_3
				3696	requires_config_enabled MBEDTLS_DEBUG_C
				3697	requires_config_enabled MBEDTLS_SSL_CLI_C
				3698	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3699	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	3700	run_test "TLS 1.3 m->O: HRR secp256r1 -> secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3701	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3702	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3703	0 \
				3704	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3705	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3706	-c "NamedGroup: secp256r1 ( 17 )" \
				3707	-c "NamedGroup: secp521r1 ( 19 )" \
				3708	-c "Verifying peer X.509 certificate... ok" \
				3709	-c "received HelloRetryRequest message" \
				3710	-c "selected_group ( 25 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3711
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3712	requires_openssl_tls1_3
				3713	requires_config_enabled MBEDTLS_DEBUG_C
				3714	requires_config_enabled MBEDTLS_SSL_CLI_C
				3715	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3716	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	3717	run_test "TLS 1.3 m->O: HRR secp256r1 -> x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3718	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3719	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3720	0 \
				3721	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3722	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3723	-c "NamedGroup: secp256r1 ( 17 )" \
				3724	-c "NamedGroup: x25519 ( 1d )" \
				3725	-c "Verifying peer X.509 certificate... ok" \
				3726	-c "received HelloRetryRequest message" \
				3727	-c "selected_group ( 29 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3728
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3729	requires_openssl_tls1_3
				3730	requires_config_enabled MBEDTLS_DEBUG_C
				3731	requires_config_enabled MBEDTLS_SSL_CLI_C
				3732	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3733	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	3734	run_test "TLS 1.3 m->O: HRR secp256r1 -> x448" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3735	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3736	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3737	0 \
				3738	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3739	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	3740	-c "NamedGroup: secp256r1 ( 17 )" \
				3741	-c "NamedGroup: x448 ( 1e )" \
				3742	-c "Verifying peer X.509 certificate... ok" \
				3743	-c "received HelloRetryRequest message" \
				3744	-c "selected_group ( 30 )"
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	3745
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3746	requires_openssl_tls1_3
				3747	requires_config_enabled MBEDTLS_DEBUG_C
				3748	requires_config_enabled MBEDTLS_SSL_CLI_C
				3749	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3750	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3751	run_test "TLS 1.3 m->O: HRR secp384r1 -> secp256r1" \
				3752	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3753	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3754	0 \
				3755	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3756	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3757	-c "NamedGroup: secp384r1 ( 18 )" \
				3758	-c "NamedGroup: secp256r1 ( 17 )" \
				3759	-c "Verifying peer X.509 certificate... ok" \
				3760	-c "received HelloRetryRequest message" \
				3761	-c "selected_group ( 23 )"
				3762
				3763	requires_openssl_tls1_3
				3764	requires_config_enabled MBEDTLS_DEBUG_C
				3765	requires_config_enabled MBEDTLS_SSL_CLI_C
				3766	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3767	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3768	run_test "TLS 1.3 m->O: HRR secp384r1 -> secp521r1" \
				3769	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3770	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3771	0 \
				3772	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3773	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3774	-c "NamedGroup: secp384r1 ( 18 )" \
				3775	-c "NamedGroup: secp521r1 ( 19 )" \
				3776	-c "Verifying peer X.509 certificate... ok" \
				3777	-c "received HelloRetryRequest message" \
				3778	-c "selected_group ( 25 )"
				3779
				3780	requires_openssl_tls1_3
				3781	requires_config_enabled MBEDTLS_DEBUG_C
				3782	requires_config_enabled MBEDTLS_SSL_CLI_C
				3783	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3784	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3785	run_test "TLS 1.3 m->O: HRR secp384r1 -> x25519" \
				3786	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3787	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3788	0 \
				3789	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3790	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3791	-c "NamedGroup: secp384r1 ( 18 )" \
				3792	-c "NamedGroup: x25519 ( 1d )" \
				3793	-c "Verifying peer X.509 certificate... ok" \
				3794	-c "received HelloRetryRequest message" \
				3795	-c "selected_group ( 29 )"
				3796
				3797	requires_openssl_tls1_3
				3798	requires_config_enabled MBEDTLS_DEBUG_C
				3799	requires_config_enabled MBEDTLS_SSL_CLI_C
				3800	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3801	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3802	run_test "TLS 1.3 m->O: HRR secp384r1 -> x448" \
				3803	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3804	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3805	0 \
				3806	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3807	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3808	-c "NamedGroup: secp384r1 ( 18 )" \
				3809	-c "NamedGroup: x448 ( 1e )" \
				3810	-c "Verifying peer X.509 certificate... ok" \
				3811	-c "received HelloRetryRequest message" \
				3812	-c "selected_group ( 30 )"
				3813
				3814	requires_openssl_tls1_3
				3815	requires_config_enabled MBEDTLS_DEBUG_C
				3816	requires_config_enabled MBEDTLS_SSL_CLI_C
				3817	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3818	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3819	run_test "TLS 1.3 m->O: HRR secp521r1 -> secp256r1" \
				3820	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3821	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3822	0 \
				3823	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3824	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3825	-c "NamedGroup: secp521r1 ( 19 )" \
				3826	-c "NamedGroup: secp256r1 ( 17 )" \
				3827	-c "Verifying peer X.509 certificate... ok" \
				3828	-c "received HelloRetryRequest message" \
				3829	-c "selected_group ( 23 )"
				3830
				3831	requires_openssl_tls1_3
				3832	requires_config_enabled MBEDTLS_DEBUG_C
				3833	requires_config_enabled MBEDTLS_SSL_CLI_C
				3834	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3835	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3836	run_test "TLS 1.3 m->O: HRR secp521r1 -> secp384r1" \
				3837	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3838	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3839	0 \
				3840	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3841	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3842	-c "NamedGroup: secp521r1 ( 19 )" \
				3843	-c "NamedGroup: secp384r1 ( 18 )" \
				3844	-c "Verifying peer X.509 certificate... ok" \
				3845	-c "received HelloRetryRequest message" \
				3846	-c "selected_group ( 24 )"
				3847
				3848	requires_openssl_tls1_3
				3849	requires_config_enabled MBEDTLS_DEBUG_C
				3850	requires_config_enabled MBEDTLS_SSL_CLI_C
				3851	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3852	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3853	run_test "TLS 1.3 m->O: HRR secp521r1 -> x25519" \
				3854	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3855	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3856	0 \
				3857	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3858	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3859	-c "NamedGroup: secp521r1 ( 19 )" \
				3860	-c "NamedGroup: x25519 ( 1d )" \
				3861	-c "Verifying peer X.509 certificate... ok" \
				3862	-c "received HelloRetryRequest message" \
				3863	-c "selected_group ( 29 )"
				3864
				3865	requires_openssl_tls1_3
				3866	requires_config_enabled MBEDTLS_DEBUG_C
				3867	requires_config_enabled MBEDTLS_SSL_CLI_C
				3868	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3869	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3870	run_test "TLS 1.3 m->O: HRR secp521r1 -> x448" \
				3871	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3872	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3873	0 \
				3874	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3875	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3876	-c "NamedGroup: secp521r1 ( 19 )" \
				3877	-c "NamedGroup: x448 ( 1e )" \
				3878	-c "Verifying peer X.509 certificate... ok" \
				3879	-c "received HelloRetryRequest message" \
				3880	-c "selected_group ( 30 )"
				3881
				3882	requires_openssl_tls1_3
				3883	requires_config_enabled MBEDTLS_DEBUG_C
				3884	requires_config_enabled MBEDTLS_SSL_CLI_C
				3885	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3886	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3887	run_test "TLS 1.3 m->O: HRR x25519 -> secp256r1" \
				3888	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3889	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3890	0 \
				3891	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3892	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3893	-c "NamedGroup: x25519 ( 1d )" \
				3894	-c "NamedGroup: secp256r1 ( 17 )" \
				3895	-c "Verifying peer X.509 certificate... ok" \
				3896	-c "received HelloRetryRequest message" \
				3897	-c "selected_group ( 23 )"
				3898
				3899	requires_openssl_tls1_3
				3900	requires_config_enabled MBEDTLS_DEBUG_C
				3901	requires_config_enabled MBEDTLS_SSL_CLI_C
				3902	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3903	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3904	run_test "TLS 1.3 m->O: HRR x25519 -> secp384r1" \
				3905	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3906	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3907	0 \
				3908	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3909	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3910	-c "NamedGroup: x25519 ( 1d )" \
				3911	-c "NamedGroup: secp384r1 ( 18 )" \
				3912	-c "Verifying peer X.509 certificate... ok" \
				3913	-c "received HelloRetryRequest message" \
				3914	-c "selected_group ( 24 )"
				3915
				3916	requires_openssl_tls1_3
				3917	requires_config_enabled MBEDTLS_DEBUG_C
				3918	requires_config_enabled MBEDTLS_SSL_CLI_C
				3919	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3920	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3921	run_test "TLS 1.3 m->O: HRR x25519 -> secp521r1" \
				3922	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3923	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3924	0 \
				3925	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3926	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3927	-c "NamedGroup: x25519 ( 1d )" \
				3928	-c "NamedGroup: secp521r1 ( 19 )" \
				3929	-c "Verifying peer X.509 certificate... ok" \
				3930	-c "received HelloRetryRequest message" \
				3931	-c "selected_group ( 25 )"
				3932
				3933	requires_openssl_tls1_3
				3934	requires_config_enabled MBEDTLS_DEBUG_C
				3935	requires_config_enabled MBEDTLS_SSL_CLI_C
				3936	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3937	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3938	run_test "TLS 1.3 m->O: HRR x25519 -> x448" \
				3939	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3940	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3941	0 \
				3942	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3943	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3944	-c "NamedGroup: x25519 ( 1d )" \
				3945	-c "NamedGroup: x448 ( 1e )" \
				3946	-c "Verifying peer X.509 certificate... ok" \
				3947	-c "received HelloRetryRequest message" \
				3948	-c "selected_group ( 30 )"
				3949
				3950	requires_openssl_tls1_3
				3951	requires_config_enabled MBEDTLS_DEBUG_C
				3952	requires_config_enabled MBEDTLS_SSL_CLI_C
				3953	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3954	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3955	run_test "TLS 1.3 m->O: HRR x448 -> secp256r1" \
				3956	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3957	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3958	0 \
				3959	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3960	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3961	-c "NamedGroup: x448 ( 1e )" \
				3962	-c "NamedGroup: secp256r1 ( 17 )" \
				3963	-c "Verifying peer X.509 certificate... ok" \
				3964	-c "received HelloRetryRequest message" \
				3965	-c "selected_group ( 23 )"
				3966
				3967	requires_openssl_tls1_3
				3968	requires_config_enabled MBEDTLS_DEBUG_C
				3969	requires_config_enabled MBEDTLS_SSL_CLI_C
				3970	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3971	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3972	run_test "TLS 1.3 m->O: HRR x448 -> secp384r1" \
				3973	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3974	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3975	0 \
				3976	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3977	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3978	-c "NamedGroup: x448 ( 1e )" \
				3979	-c "NamedGroup: secp384r1 ( 18 )" \
				3980	-c "Verifying peer X.509 certificate... ok" \
				3981	-c "received HelloRetryRequest message" \
				3982	-c "selected_group ( 24 )"
				3983
				3984	requires_openssl_tls1_3
				3985	requires_config_enabled MBEDTLS_DEBUG_C
				3986	requires_config_enabled MBEDTLS_SSL_CLI_C
				3987	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				3988	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				3989	run_test "TLS 1.3 m->O: HRR x448 -> secp521r1" \
				3990	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3991	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3992	0 \
				3993	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	3994	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	3995	-c "NamedGroup: x448 ( 1e )" \
				3996	-c "NamedGroup: secp521r1 ( 19 )" \
				3997	-c "Verifying peer X.509 certificate... ok" \
				3998	-c "received HelloRetryRequest message" \
				3999	-c "selected_group ( 25 )"
				4000
				4001	requires_openssl_tls1_3
				4002	requires_config_enabled MBEDTLS_DEBUG_C
				4003	requires_config_enabled MBEDTLS_SSL_CLI_C
				4004	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4005	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4006	run_test "TLS 1.3 m->O: HRR x448 -> x25519" \
				4007	"$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4008	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4009	0 \
				4010	-c "HTTP/1.0 200 ok" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4011	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4012	-c "NamedGroup: x448 ( 1e )" \
				4013	-c "NamedGroup: x25519 ( 1d )" \
				4014	-c "Verifying peer X.509 certificate... ok" \
				4015	-c "received HelloRetryRequest message" \
				4016	-c "selected_group ( 29 )"
				4017
				4018	requires_gnutls_tls1_3
				4019	requires_gnutls_next_no_ticket
				4020	requires_gnutls_next_disable_tls13_compat
				4021	requires_config_enabled MBEDTLS_DEBUG_C
				4022	requires_config_enabled MBEDTLS_SSL_CLI_C
				4023	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4024	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4025	run_test "TLS 1.3 m->G: HRR secp256r1 -> secp384r1" \
				4026	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP384R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4027	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4028	0 \
				4029	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4030	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4031	-c "NamedGroup: secp256r1 ( 17 )" \
				4032	-c "NamedGroup: secp384r1 ( 18 )" \
				4033	-c "Verifying peer X.509 certificate... ok" \
				4034	-c "received HelloRetryRequest message" \
				4035	-c "selected_group ( 24 )"
				4036
				4037	requires_gnutls_tls1_3
				4038	requires_gnutls_next_no_ticket
				4039	requires_gnutls_next_disable_tls13_compat
				4040	requires_config_enabled MBEDTLS_DEBUG_C
				4041	requires_config_enabled MBEDTLS_SSL_CLI_C
				4042	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4043	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4044	run_test "TLS 1.3 m->G: HRR secp256r1 -> secp521r1" \
				4045	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP521R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4046	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4047	0 \
				4048	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4049	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4050	-c "NamedGroup: secp256r1 ( 17 )" \
				4051	-c "NamedGroup: secp521r1 ( 19 )" \
				4052	-c "Verifying peer X.509 certificate... ok" \
				4053	-c "received HelloRetryRequest message" \
				4054	-c "selected_group ( 25 )"
				4055
				4056	requires_gnutls_tls1_3
				4057	requires_gnutls_next_no_ticket
				4058	requires_gnutls_next_disable_tls13_compat
				4059	requires_config_enabled MBEDTLS_DEBUG_C
				4060	requires_config_enabled MBEDTLS_SSL_CLI_C
				4061	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4062	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4063	run_test "TLS 1.3 m->G: HRR secp256r1 -> x25519" \
				4064	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X25519:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4065	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4066	0 \
				4067	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4068	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4069	-c "NamedGroup: secp256r1 ( 17 )" \
				4070	-c "NamedGroup: x25519 ( 1d )" \
				4071	-c "Verifying peer X.509 certificate... ok" \
				4072	-c "received HelloRetryRequest message" \
				4073	-c "selected_group ( 29 )"
				4074
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	4075	requires_gnutls_tls1_3
				4076	requires_gnutls_next_no_ticket
				4077	requires_gnutls_next_disable_tls13_compat
				4078	requires_config_enabled MBEDTLS_DEBUG_C
				4079	requires_config_enabled MBEDTLS_SSL_CLI_C
				4080	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4081	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
XiaokangQian	8031ba7	2022-03-22 12:53:45 +0000	[diff] [blame]	4082	run_test "TLS 1.3 m->G: HRR secp256r1 -> x448" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	4083	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X448:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4084	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448" \
XiaokangQian	83f8188	2022-03-17 06:26:36 +0000	[diff] [blame]	4085	0 \
				4086	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4087	-c "Protocol is TLSv1.3" \
XiaokangQian	a193144	2022-03-25 11:58:22 +0000	[diff] [blame]	4088	-c "NamedGroup: secp256r1 ( 17 )" \
				4089	-c "NamedGroup: x448 ( 1e )" \
				4090	-c "Verifying peer X.509 certificate... ok" \
				4091	-c "received HelloRetryRequest message" \
				4092	-c "selected_group ( 30 )"
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4093
				4094	requires_gnutls_tls1_3
				4095	requires_gnutls_next_no_ticket
				4096	requires_gnutls_next_disable_tls13_compat
				4097	requires_config_enabled MBEDTLS_DEBUG_C
				4098	requires_config_enabled MBEDTLS_SSL_CLI_C
				4099	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4100	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4101	run_test "TLS 1.3 m->G: HRR secp384r1 -> secp256r1" \
				4102	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP256R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4103	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4104	0 \
				4105	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4106	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4107	-c "NamedGroup: secp384r1 ( 18 )" \
				4108	-c "NamedGroup: secp256r1 ( 17 )" \
				4109	-c "Verifying peer X.509 certificate... ok" \
				4110	-c "received HelloRetryRequest message" \
				4111	-c "selected_group ( 23 )"
				4112
				4113	requires_gnutls_tls1_3
				4114	requires_gnutls_next_no_ticket
				4115	requires_gnutls_next_disable_tls13_compat
				4116	requires_config_enabled MBEDTLS_DEBUG_C
				4117	requires_config_enabled MBEDTLS_SSL_CLI_C
				4118	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4119	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4120	run_test "TLS 1.3 m->G: HRR secp384r1 -> secp521r1" \
				4121	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP521R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4122	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4123	0 \
				4124	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4125	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4126	-c "NamedGroup: secp384r1 ( 18 )" \
				4127	-c "NamedGroup: secp521r1 ( 19 )" \
				4128	-c "Verifying peer X.509 certificate... ok" \
				4129	-c "received HelloRetryRequest message" \
				4130	-c "selected_group ( 25 )"
				4131
				4132	requires_gnutls_tls1_3
				4133	requires_gnutls_next_no_ticket
				4134	requires_gnutls_next_disable_tls13_compat
				4135	requires_config_enabled MBEDTLS_DEBUG_C
				4136	requires_config_enabled MBEDTLS_SSL_CLI_C
				4137	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4138	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4139	run_test "TLS 1.3 m->G: HRR secp384r1 -> x25519" \
				4140	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X25519:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4141	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4142	0 \
				4143	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4144	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4145	-c "NamedGroup: secp384r1 ( 18 )" \
				4146	-c "NamedGroup: x25519 ( 1d )" \
				4147	-c "Verifying peer X.509 certificate... ok" \
				4148	-c "received HelloRetryRequest message" \
				4149	-c "selected_group ( 29 )"
				4150
				4151	requires_gnutls_tls1_3
				4152	requires_gnutls_next_no_ticket
				4153	requires_gnutls_next_disable_tls13_compat
				4154	requires_config_enabled MBEDTLS_DEBUG_C
				4155	requires_config_enabled MBEDTLS_SSL_CLI_C
				4156	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4157	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4158	run_test "TLS 1.3 m->G: HRR secp384r1 -> x448" \
				4159	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X448:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4160	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4161	0 \
				4162	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4163	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4164	-c "NamedGroup: secp384r1 ( 18 )" \
				4165	-c "NamedGroup: x448 ( 1e )" \
				4166	-c "Verifying peer X.509 certificate... ok" \
				4167	-c "received HelloRetryRequest message" \
				4168	-c "selected_group ( 30 )"
				4169
				4170	requires_gnutls_tls1_3
				4171	requires_gnutls_next_no_ticket
				4172	requires_gnutls_next_disable_tls13_compat
				4173	requires_config_enabled MBEDTLS_DEBUG_C
				4174	requires_config_enabled MBEDTLS_SSL_CLI_C
				4175	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4176	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4177	run_test "TLS 1.3 m->G: HRR secp521r1 -> secp256r1" \
				4178	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP256R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4179	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4180	0 \
				4181	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4182	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4183	-c "NamedGroup: secp521r1 ( 19 )" \
				4184	-c "NamedGroup: secp256r1 ( 17 )" \
				4185	-c "Verifying peer X.509 certificate... ok" \
				4186	-c "received HelloRetryRequest message" \
				4187	-c "selected_group ( 23 )"
				4188
				4189	requires_gnutls_tls1_3
				4190	requires_gnutls_next_no_ticket
				4191	requires_gnutls_next_disable_tls13_compat
				4192	requires_config_enabled MBEDTLS_DEBUG_C
				4193	requires_config_enabled MBEDTLS_SSL_CLI_C
				4194	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4195	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4196	run_test "TLS 1.3 m->G: HRR secp521r1 -> secp384r1" \
				4197	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP384R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4198	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4199	0 \
				4200	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4201	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4202	-c "NamedGroup: secp521r1 ( 19 )" \
				4203	-c "NamedGroup: secp384r1 ( 18 )" \
				4204	-c "Verifying peer X.509 certificate... ok" \
				4205	-c "received HelloRetryRequest message" \
				4206	-c "selected_group ( 24 )"
				4207
				4208	requires_gnutls_tls1_3
				4209	requires_gnutls_next_no_ticket
				4210	requires_gnutls_next_disable_tls13_compat
				4211	requires_config_enabled MBEDTLS_DEBUG_C
				4212	requires_config_enabled MBEDTLS_SSL_CLI_C
				4213	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4214	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4215	run_test "TLS 1.3 m->G: HRR secp521r1 -> x25519" \
				4216	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X25519:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4217	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4218	0 \
				4219	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4220	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4221	-c "NamedGroup: secp521r1 ( 19 )" \
				4222	-c "NamedGroup: x25519 ( 1d )" \
				4223	-c "Verifying peer X.509 certificate... ok" \
				4224	-c "received HelloRetryRequest message" \
				4225	-c "selected_group ( 29 )"
				4226
				4227	requires_gnutls_tls1_3
				4228	requires_gnutls_next_no_ticket
				4229	requires_gnutls_next_disable_tls13_compat
				4230	requires_config_enabled MBEDTLS_DEBUG_C
				4231	requires_config_enabled MBEDTLS_SSL_CLI_C
				4232	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4233	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4234	run_test "TLS 1.3 m->G: HRR secp521r1 -> x448" \
				4235	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X448:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4236	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4237	0 \
				4238	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4239	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4240	-c "NamedGroup: secp521r1 ( 19 )" \
				4241	-c "NamedGroup: x448 ( 1e )" \
				4242	-c "Verifying peer X.509 certificate... ok" \
				4243	-c "received HelloRetryRequest message" \
				4244	-c "selected_group ( 30 )"
				4245
				4246	requires_gnutls_tls1_3
				4247	requires_gnutls_next_no_ticket
				4248	requires_gnutls_next_disable_tls13_compat
				4249	requires_config_enabled MBEDTLS_DEBUG_C
				4250	requires_config_enabled MBEDTLS_SSL_CLI_C
				4251	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4252	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4253	run_test "TLS 1.3 m->G: HRR x25519 -> secp256r1" \
				4254	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP256R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4255	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4256	0 \
				4257	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4258	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4259	-c "NamedGroup: x25519 ( 1d )" \
				4260	-c "NamedGroup: secp256r1 ( 17 )" \
				4261	-c "Verifying peer X.509 certificate... ok" \
				4262	-c "received HelloRetryRequest message" \
				4263	-c "selected_group ( 23 )"
				4264
				4265	requires_gnutls_tls1_3
				4266	requires_gnutls_next_no_ticket
				4267	requires_gnutls_next_disable_tls13_compat
				4268	requires_config_enabled MBEDTLS_DEBUG_C
				4269	requires_config_enabled MBEDTLS_SSL_CLI_C
				4270	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4271	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4272	run_test "TLS 1.3 m->G: HRR x25519 -> secp384r1" \
				4273	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP384R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4274	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4275	0 \
				4276	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4277	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4278	-c "NamedGroup: x25519 ( 1d )" \
				4279	-c "NamedGroup: secp384r1 ( 18 )" \
				4280	-c "Verifying peer X.509 certificate... ok" \
				4281	-c "received HelloRetryRequest message" \
				4282	-c "selected_group ( 24 )"
				4283
				4284	requires_gnutls_tls1_3
				4285	requires_gnutls_next_no_ticket
				4286	requires_gnutls_next_disable_tls13_compat
				4287	requires_config_enabled MBEDTLS_DEBUG_C
				4288	requires_config_enabled MBEDTLS_SSL_CLI_C
				4289	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4290	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4291	run_test "TLS 1.3 m->G: HRR x25519 -> secp521r1" \
				4292	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP521R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4293	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4294	0 \
				4295	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4296	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4297	-c "NamedGroup: x25519 ( 1d )" \
				4298	-c "NamedGroup: secp521r1 ( 19 )" \
				4299	-c "Verifying peer X.509 certificate... ok" \
				4300	-c "received HelloRetryRequest message" \
				4301	-c "selected_group ( 25 )"
				4302
				4303	requires_gnutls_tls1_3
				4304	requires_gnutls_next_no_ticket
				4305	requires_gnutls_next_disable_tls13_compat
				4306	requires_config_enabled MBEDTLS_DEBUG_C
				4307	requires_config_enabled MBEDTLS_SSL_CLI_C
				4308	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4309	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4310	run_test "TLS 1.3 m->G: HRR x25519 -> x448" \
				4311	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X448:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4312	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4313	0 \
				4314	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4315	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4316	-c "NamedGroup: x25519 ( 1d )" \
				4317	-c "NamedGroup: x448 ( 1e )" \
				4318	-c "Verifying peer X.509 certificate... ok" \
				4319	-c "received HelloRetryRequest message" \
				4320	-c "selected_group ( 30 )"
				4321
				4322	requires_gnutls_tls1_3
				4323	requires_gnutls_next_no_ticket
				4324	requires_gnutls_next_disable_tls13_compat
				4325	requires_config_enabled MBEDTLS_DEBUG_C
				4326	requires_config_enabled MBEDTLS_SSL_CLI_C
				4327	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4328	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4329	run_test "TLS 1.3 m->G: HRR x448 -> secp256r1" \
				4330	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP256R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4331	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4332	0 \
				4333	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4334	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4335	-c "NamedGroup: x448 ( 1e )" \
				4336	-c "NamedGroup: secp256r1 ( 17 )" \
				4337	-c "Verifying peer X.509 certificate... ok" \
				4338	-c "received HelloRetryRequest message" \
				4339	-c "selected_group ( 23 )"
				4340
				4341	requires_gnutls_tls1_3
				4342	requires_gnutls_next_no_ticket
				4343	requires_gnutls_next_disable_tls13_compat
				4344	requires_config_enabled MBEDTLS_DEBUG_C
				4345	requires_config_enabled MBEDTLS_SSL_CLI_C
				4346	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4347	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4348	run_test "TLS 1.3 m->G: HRR x448 -> secp384r1" \
				4349	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP384R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4350	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4351	0 \
				4352	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4353	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4354	-c "NamedGroup: x448 ( 1e )" \
				4355	-c "NamedGroup: secp384r1 ( 18 )" \
				4356	-c "Verifying peer X.509 certificate... ok" \
				4357	-c "received HelloRetryRequest message" \
				4358	-c "selected_group ( 24 )"
				4359
				4360	requires_gnutls_tls1_3
				4361	requires_gnutls_next_no_ticket
				4362	requires_gnutls_next_disable_tls13_compat
				4363	requires_config_enabled MBEDTLS_DEBUG_C
				4364	requires_config_enabled MBEDTLS_SSL_CLI_C
				4365	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4366	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4367	run_test "TLS 1.3 m->G: HRR x448 -> secp521r1" \
				4368	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-SECP521R1:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4369	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4370	0 \
				4371	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4372	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4373	-c "NamedGroup: x448 ( 1e )" \
				4374	-c "NamedGroup: secp521r1 ( 19 )" \
				4375	-c "Verifying peer X.509 certificate... ok" \
				4376	-c "received HelloRetryRequest message" \
				4377	-c "selected_group ( 25 )"
				4378
				4379	requires_gnutls_tls1_3
				4380	requires_gnutls_next_no_ticket
				4381	requires_gnutls_next_disable_tls13_compat
				4382	requires_config_enabled MBEDTLS_DEBUG_C
				4383	requires_config_enabled MBEDTLS_SSL_CLI_C
				4384	requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
				4385	requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				4386	run_test "TLS 1.3 m->G: HRR x448 -> x25519" \
				4387	"$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+GROUP-X25519:+MAC-ALL:+SIGN-ALL:+VERS-TLS1.3:%NO_TICKETS" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4388	"$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 ca_file=data_files/test-ca2.crt sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4389	0 \
				4390	-c "HTTP/1.0 200 OK" \
Ronald Cron	df5f868	2022-04-05 16:01:03 +0200	[diff] [blame^]	4391	-c "Protocol is TLSv1.3" \
XiaokangQian	2e17fb8	2022-03-28 03:30:05 +0000	[diff] [blame]	4392	-c "NamedGroup: x448 ( 1e )" \
				4393	-c "NamedGroup: x25519 ( 1d )" \
				4394	-c "Verifying peer X.509 certificate... ok" \
				4395	-c "received HelloRetryRequest message" \
				4396	-c "selected_group ( 29 )"