TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/fix-cmake-header-include / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 758da1da59e435c1892a896c8d949713868a99cb [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]21# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]22# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]23
24requires_gnutls_tls1_3
25requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]26requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]27run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]28 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]29 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
30 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
31 localhost" \
32 0 \
33 -s "found psk key exchange modes extension" \
34 -s "found pre_shared_key extension" \
35 -s "Found PSK_EPHEMERAL KEX MODE" \
36 -s "Found PSK KEX MODE" \
37 -s "Pre shared key found" \
38 -S "No matched PSK or ticket" \
39 -s "key exchange mode: psk$" \
40 -S "key exchange mode: psk_ephemeral" \
41 -S "key exchange mode: ephemeral"
42
43requires_gnutls_tls1_3
44requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]45requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]46run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]47 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]48 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
49 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
50 localhost" \
51 1 \
52 -s "found psk key exchange modes extension" \
53 -s "found pre_shared_key extension" \
54 -s "Found PSK_EPHEMERAL KEX MODE" \
55 -s "Found PSK KEX MODE" \
56 -s "No matched PSK or ticket" \
57 -S "key exchange mode: psk$" \
58 -S "key exchange mode: psk_ephemeral" \
59 -S "key exchange mode: ephemeral"
60
61requires_gnutls_tls1_3
62requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]63requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]64run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]65 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]66 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
67 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
68 localhost" \
69 1 \
70 -s "found psk key exchange modes extension" \
71 -s "found pre_shared_key extension" \
72 -s "Found PSK_EPHEMERAL KEX MODE" \
73 -s "Found PSK KEX MODE" \
74 -s "Invalid binder." \
75 -S "key exchange mode: psk$" \
76 -S "key exchange mode: psk_ephemeral" \
77 -S "key exchange mode: ephemeral"
78
79requires_gnutls_tls1_3
80requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]81requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]82run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]83 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]84 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
85 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
86 localhost" \
87 0 \
88 -s "found psk key exchange modes extension" \
89 -s "found pre_shared_key extension" \
90 -S "Found PSK_EPHEMERAL KEX MODE" \
91 -s "Found PSK KEX MODE" \
92 -s "Pre shared key found" \
93 -S "No matched PSK or ticket" \
94 -s "key exchange mode: psk$" \
95 -S "key exchange mode: psk_ephemeral" \
96 -S "key exchange mode: ephemeral"
97
98requires_gnutls_tls1_3
99requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]101run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]102 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]103 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
104 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
105 localhost" \
106 1 \
107 -s "found psk key exchange modes extension" \
108 -s "found pre_shared_key extension" \
109 -S "Found PSK_EPHEMERAL KEX MODE" \
110 -s "Found PSK KEX MODE" \
111 -s "No matched PSK or ticket" \
112 -S "key exchange mode: psk$" \
113 -S "key exchange mode: psk_ephemeral" \
114 -S "key exchange mode: ephemeral"
115
116requires_gnutls_tls1_3
117requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]118requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]119run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]120 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]121 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
122 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
123 localhost" \
124 1 \
125 -s "found psk key exchange modes extension" \
126 -s "found pre_shared_key extension" \
127 -S "Found PSK_EPHEMERAL KEX MODE" \
128 -s "Found PSK KEX MODE" \
129 -s "Invalid binder." \
130 -S "key exchange mode: psk$" \
131 -S "key exchange mode: psk_ephemeral" \
132 -S "key exchange mode: ephemeral"
133
134requires_gnutls_tls1_3
135requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]137run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]138 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]139 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
140 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
141 localhost" \
142 0 \
143 -s "found psk key exchange modes extension" \
144 -s "found pre_shared_key extension" \
145 -s "Found PSK_EPHEMERAL KEX MODE" \
146 -S "Found PSK KEX MODE" \
147 -s "Pre shared key found" \
148 -S "No matched PSK or ticket" \
149 -S "key exchange mode: psk$" \
150 -s "key exchange mode: psk_ephemeral" \
151 -S "key exchange mode: ephemeral"
152
153requires_gnutls_tls1_3
154requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]155requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]156run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]157 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]158 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
159 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
160 localhost" \
161 1 \
162 -s "found psk key exchange modes extension" \
163 -s "found pre_shared_key extension" \
164 -s "Found PSK_EPHEMERAL KEX MODE" \
165 -S "Found PSK KEX MODE" \
166 -s "No matched PSK or ticket" \
167 -S "key exchange mode: psk$" \
168 -S "key exchange mode: psk_ephemeral" \
169 -S "key exchange mode: ephemeral"
170
171requires_gnutls_tls1_3
172requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]173requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]174run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]175 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]176 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
177 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
178 localhost" \
179 1 \
180 -s "found psk key exchange modes extension" \
181 -s "found pre_shared_key extension" \
182 -s "Found PSK_EPHEMERAL KEX MODE" \
183 -S "Found PSK KEX MODE" \
184 -s "Invalid binder." \
185 -S "key exchange mode: psk$" \
186 -S "key exchange mode: psk_ephemeral" \
187 -S "key exchange mode: ephemeral"
188
189requires_gnutls_tls1_3
190requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]191requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]192run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]193 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]194 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
195 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
196 localhost" \
197 0 \
198 -s "found psk key exchange modes extension" \
199 -s "found pre_shared_key extension" \
200 -s "Found PSK_EPHEMERAL KEX MODE" \
201 -s "Found PSK KEX MODE" \
202 -s "Pre shared key found" \
203 -S "No matched PSK or ticket" \
204 -S "key exchange mode: psk$" \
205 -s "key exchange mode: psk_ephemeral" \
206 -S "key exchange mode: ephemeral"
207
208requires_gnutls_tls1_3
209requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]211run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]212 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]213 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
214 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
215 localhost" \
216 1 \
217 -s "found psk key exchange modes extension" \
218 -s "found pre_shared_key extension" \
219 -s "Found PSK_EPHEMERAL KEX MODE" \
220 -s "Found PSK KEX MODE" \
221 -s "No matched PSK or ticket" \
222 -S "key exchange mode: psk$" \
223 -S "key exchange mode: psk_ephemeral" \
224 -S "key exchange mode: ephemeral"
225
226requires_gnutls_tls1_3
227requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]228requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]229run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]230 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]231 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
232 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
233 localhost" \
234 1 \
235 -s "found psk key exchange modes extension" \
236 -s "found pre_shared_key extension" \
237 -s "Found PSK_EPHEMERAL KEX MODE" \
238 -s "Found PSK KEX MODE" \
239 -s "Invalid binder." \
240 -S "key exchange mode: psk$" \
241 -S "key exchange mode: psk_ephemeral" \
242 -S "key exchange mode: ephemeral"
243
244requires_gnutls_tls1_3
245requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]247run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]248 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]249 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
250 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
251 localhost" \
252 1 \
253 -s "found psk key exchange modes extension" \
254 -s "found pre_shared_key extension" \
255 -S "Found PSK_EPHEMERAL KEX MODE" \
256 -s "Found PSK KEX MODE" \
257 -S "key exchange mode: psk$" \
258 -S "key exchange mode: psk_ephemeral" \
259 -S "key exchange mode: ephemeral"
260
261requires_gnutls_tls1_3
262requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]263requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
264requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]265run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]266 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]267 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
268 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
269 localhost" \
270 0 \
271 -s "found psk key exchange modes extension" \
272 -s "found pre_shared_key extension" \
273 -s "Found PSK_EPHEMERAL KEX MODE" \
274 -S "Found PSK KEX MODE" \
275 -s "Pre shared key found" \
276 -S "No matched PSK or ticket" \
277 -S "key exchange mode: psk$" \
278 -s "key exchange mode: psk_ephemeral" \
279 -S "key exchange mode: ephemeral"
280
281requires_gnutls_tls1_3
282requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
284requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]285run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]286 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]287 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
288 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
289 localhost" \
290 1 \
291 -s "found psk key exchange modes extension" \
292 -s "found pre_shared_key extension" \
293 -s "Found PSK_EPHEMERAL KEX MODE" \
294 -S "Found PSK KEX MODE" \
295 -s "No matched PSK or ticket" \
296 -S "key exchange mode: psk$" \
297 -S "key exchange mode: psk_ephemeral" \
298 -S "key exchange mode: ephemeral"
299
300requires_gnutls_tls1_3
301requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]302requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
303requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]304run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]305 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]306 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
307 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
308 localhost" \
309 1 \
310 -s "found psk key exchange modes extension" \
311 -s "found pre_shared_key extension" \
312 -s "Found PSK_EPHEMERAL KEX MODE" \
313 -S "Found PSK KEX MODE" \
314 -s "Invalid binder." \
315 -S "key exchange mode: psk$" \
316 -S "key exchange mode: psk_ephemeral" \
317 -S "key exchange mode: ephemeral"
318
319requires_gnutls_tls1_3
320requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]321requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
322requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]323run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]324 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]325 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
326 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
327 localhost" \
328 0 \
329 -s "found psk key exchange modes extension" \
330 -s "found pre_shared_key extension" \
331 -s "Found PSK_EPHEMERAL KEX MODE" \
332 -s "Found PSK KEX MODE" \
333 -s "Pre shared key found" \
334 -S "No matched PSK or ticket" \
335 -S "key exchange mode: psk$" \
336 -s "key exchange mode: psk_ephemeral" \
337 -S "key exchange mode: ephemeral"
338
339requires_gnutls_tls1_3
340requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]343run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]344 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]345 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
346 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
347 localhost" \
348 1 \
349 -s "found psk key exchange modes extension" \
350 -s "found pre_shared_key extension" \
351 -s "Found PSK_EPHEMERAL KEX MODE" \
352 -s "Found PSK KEX MODE" \
353 -s "No matched PSK or ticket" \
354 -S "key exchange mode: psk$" \
355 -S "key exchange mode: psk_ephemeral" \
356 -S "key exchange mode: ephemeral"
357
358requires_gnutls_tls1_3
359requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]360requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
361requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]362run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]363 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]364 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
365 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
366 localhost" \
367 1 \
368 -s "found psk key exchange modes extension" \
369 -s "found pre_shared_key extension" \
370 -s "Found PSK_EPHEMERAL KEX MODE" \
371 -s "Found PSK KEX MODE" \
372 -s "Invalid binder." \
373 -S "key exchange mode: psk$" \
374 -S "key exchange mode: psk_ephemeral" \
375 -S "key exchange mode: ephemeral"
376
377requires_gnutls_tls1_3
378requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]381run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]382 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]383 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
384 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
385 localhost" \
386 0 \
387 -s "found psk key exchange modes extension" \
388 -s "found pre_shared_key extension" \
389 -S "Found PSK_EPHEMERAL KEX MODE" \
390 -s "Found PSK KEX MODE" \
391 -s "Pre shared key found" \
392 -S "No matched PSK or ticket" \
393 -s "key exchange mode: psk$" \
394 -S "key exchange mode: psk_ephemeral" \
395 -S "key exchange mode: ephemeral"
396
397requires_gnutls_tls1_3
398requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]399requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
400requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]401run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]402 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]403 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
404 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
405 localhost" \
406 1 \
407 -s "found psk key exchange modes extension" \
408 -s "found pre_shared_key extension" \
409 -S "Found PSK_EPHEMERAL KEX MODE" \
410 -s "Found PSK KEX MODE" \
411 -s "No matched PSK or ticket" \
412 -S "key exchange mode: psk$" \
413 -S "key exchange mode: psk_ephemeral" \
414 -S "key exchange mode: ephemeral"
415
416requires_gnutls_tls1_3
417requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
419requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]420run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]421 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]422 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
423 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
424 localhost" \
425 1 \
426 -s "found psk key exchange modes extension" \
427 -s "found pre_shared_key extension" \
428 -S "Found PSK_EPHEMERAL KEX MODE" \
429 -s "Found PSK KEX MODE" \
430 -s "Invalid binder." \
431 -S "key exchange mode: psk$" \
432 -S "key exchange mode: psk_ephemeral" \
433 -S "key exchange mode: ephemeral"
434
435requires_gnutls_tls1_3
436requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]437requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
438requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]439run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]440 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]441 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
442 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
443 localhost" \
444 0 \
445 -s "found psk key exchange modes extension" \
446 -s "found pre_shared_key extension" \
447 -s "Found PSK_EPHEMERAL KEX MODE" \
448 -S "Found PSK KEX MODE" \
449 -s "Pre shared key found" \
450 -S "No matched PSK or ticket" \
451 -S "key exchange mode: psk$" \
452 -s "key exchange mode: psk_ephemeral" \
453 -S "key exchange mode: ephemeral"
454
455requires_gnutls_tls1_3
456requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]457requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
458requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]459run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]460 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]461 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
462 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
463 localhost" \
464 0 \
465 -s "found psk key exchange modes extension" \
466 -s "found pre_shared_key extension" \
467 -s "Found PSK_EPHEMERAL KEX MODE" \
468 -S "Found PSK KEX MODE" \
469 -s "No matched PSK or ticket" \
470 -S "key exchange mode: psk$" \
471 -S "key exchange mode: psk_ephemeral" \
472 -s "key exchange mode: ephemeral"
473
474requires_gnutls_tls1_3
475requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]476requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
477requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]478run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]479 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]480 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
481 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
482 localhost" \
483 1 \
484 -s "found psk key exchange modes extension" \
485 -s "found pre_shared_key extension" \
486 -s "Found PSK_EPHEMERAL KEX MODE" \
487 -S "Found PSK KEX MODE" \
488 -s "Invalid binder." \
489 -S "key exchange mode: psk$" \
490 -S "key exchange mode: psk_ephemeral" \
491 -S "key exchange mode: ephemeral"
492
493requires_gnutls_tls1_3
494requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
496requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]497run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]498 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]499 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
500 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
501 localhost" \
502 0 \
503 -s "found psk key exchange modes extension" \
504 -s "found pre_shared_key extension" \
505 -s "Found PSK_EPHEMERAL KEX MODE" \
506 -s "Found PSK KEX MODE" \
507 -s "Pre shared key found" \
508 -S "No matched PSK or ticket" \
509 -S "key exchange mode: psk$" \
510 -s "key exchange mode: psk_ephemeral" \
511 -S "key exchange mode: ephemeral"
512
513requires_gnutls_tls1_3
514requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]517run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]518 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]519 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
520 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
521 localhost" \
522 0 \
523 -s "found psk key exchange modes extension" \
524 -s "found pre_shared_key extension" \
525 -s "Found PSK_EPHEMERAL KEX MODE" \
526 -s "Found PSK KEX MODE" \
527 -s "No matched PSK or ticket" \
528 -S "key exchange mode: psk$" \
529 -S "key exchange mode: psk_ephemeral" \
530 -s "key exchange mode: ephemeral"
531
532requires_gnutls_tls1_3
533requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]534requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
535requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]536run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]537 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]538 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
539 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
540 localhost" \
541 1 \
542 -s "found psk key exchange modes extension" \
543 -s "found pre_shared_key extension" \
544 -s "Found PSK_EPHEMERAL KEX MODE" \
545 -s "Found PSK KEX MODE" \
546 -s "Invalid binder." \
547 -S "key exchange mode: psk$" \
548 -S "key exchange mode: psk_ephemeral" \
549 -S "key exchange mode: ephemeral"
550
551requires_gnutls_tls1_3
552requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
554requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]555run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]556 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]557 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
558 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
559 localhost" \
560 0 \
561 -s "found psk key exchange modes extension" \
562 -s "found pre_shared_key extension" \
563 -S "Found PSK_EPHEMERAL KEX MODE" \
564 -s "Found PSK KEX MODE" \
565 -s "Pre shared key found" \
566 -S "No matched PSK or ticket" \
567 -S "key exchange mode: psk$" \
568 -S "key exchange mode: psk_ephemeral" \
569 -s "key exchange mode: ephemeral"
570
571requires_gnutls_tls1_3
572requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
574requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]576run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]577 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]578 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
579 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
580 localhost" \
581 0 \
582 -s "found psk key exchange modes extension" \
583 -s "found pre_shared_key extension" \
584 -s "Found PSK_EPHEMERAL KEX MODE" \
585 -S "Found PSK KEX MODE" \
586 -s "Pre shared key found" \
587 -S "No matched PSK or ticket" \
588 -S "key exchange mode: psk$" \
589 -s "key exchange mode: psk_ephemeral" \
590 -S "key exchange mode: ephemeral"
591
592requires_gnutls_tls1_3
593requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]594requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
595requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
596requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]597run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]598 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]599 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
600 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
601 localhost" \
602 0 \
603 -s "found psk key exchange modes extension" \
604 -s "found pre_shared_key extension" \
605 -s "Found PSK_EPHEMERAL KEX MODE" \
606 -S "Found PSK KEX MODE" \
607 -s "No matched PSK or ticket" \
608 -S "key exchange mode: psk$" \
609 -S "key exchange mode: psk_ephemeral" \
610 -s "key exchange mode: ephemeral"
611
612requires_gnutls_tls1_3
613requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]614requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
616requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]617run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]618 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]619 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
620 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
621 localhost" \
622 1 \
623 -s "found psk key exchange modes extension" \
624 -s "found pre_shared_key extension" \
625 -s "Found PSK_EPHEMERAL KEX MODE" \
626 -S "Found PSK KEX MODE" \
627 -s "Invalid binder." \
628 -S "key exchange mode: psk$" \
629 -S "key exchange mode: psk_ephemeral" \
630 -S "key exchange mode: ephemeral"
631
632requires_gnutls_tls1_3
633requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
635requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
636requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]637run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]638 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]639 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
640 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
641 localhost" \
642 0 \
643 -s "found psk key exchange modes extension" \
644 -s "found pre_shared_key extension" \
645 -s "Found PSK_EPHEMERAL KEX MODE" \
646 -s "Found PSK KEX MODE" \
647 -s "Pre shared key found" \
648 -S "No matched PSK or ticket" \
649 -S "key exchange mode: psk$" \
650 -s "key exchange mode: psk_ephemeral" \
651 -S "key exchange mode: ephemeral"
652
653requires_gnutls_tls1_3
654requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]655requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
656requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]658run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]659 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]660 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
661 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
662 localhost" \
663 0 \
664 -s "found psk key exchange modes extension" \
665 -s "found pre_shared_key extension" \
666 -s "Found PSK_EPHEMERAL KEX MODE" \
667 -s "Found PSK KEX MODE" \
668 -s "No matched PSK or ticket" \
669 -S "key exchange mode: psk$" \
670 -S "key exchange mode: psk_ephemeral" \
671 -s "key exchange mode: ephemeral"
672
673requires_gnutls_tls1_3
674requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]675requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
676requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
677requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]678run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]679 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]680 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
681 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
682 localhost" \
683 1 \
684 -s "found psk key exchange modes extension" \
685 -s "found pre_shared_key extension" \
686 -s "Found PSK_EPHEMERAL KEX MODE" \
687 -s "Found PSK KEX MODE" \
688 -s "Invalid binder." \
689 -S "key exchange mode: psk$" \
690 -S "key exchange mode: psk_ephemeral" \
691 -S "key exchange mode: ephemeral"
692
693requires_gnutls_tls1_3
694requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]695requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]698run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]699 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]700 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
701 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
702 localhost" \
703 0 \
704 -s "found psk key exchange modes extension" \
705 -s "found pre_shared_key extension" \
706 -S "Found PSK_EPHEMERAL KEX MODE" \
707 -s "Found PSK KEX MODE" \
708 -s "Pre shared key found" \
709 -S "No matched PSK or ticket" \
710 -S "key exchange mode: psk$" \
711 -S "key exchange mode: psk_ephemeral" \
712 -s "key exchange mode: ephemeral"
713
714requires_gnutls_tls1_3
715requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]716requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
717requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
718requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]719run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]720 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]721 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
722 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
723 localhost" \
724 1 \
725 -s "found psk key exchange modes extension" \
726 -s "found pre_shared_key extension" \
727 -S "Found PSK_EPHEMERAL KEX MODE" \
728 -s "Found PSK KEX MODE" \
729 -s "Invalid binder." \
730 -S "key exchange mode: psk$" \
731 -S "key exchange mode: psk_ephemeral" \
732 -S "key exchange mode: ephemeral"
733
734requires_gnutls_tls1_3
735requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]736requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
737requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]738run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]739 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]740 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
741 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
742 localhost" \
743 0 \
744 -s "found psk key exchange modes extension" \
745 -s "found pre_shared_key extension" \
746 -s "Found PSK_EPHEMERAL KEX MODE" \
747 -S "Found PSK KEX MODE" \
748 -s "Pre shared key found" \
749 -S "No matched PSK or ticket" \
750 -S "key exchange mode: psk$" \
751 -S "key exchange mode: psk_ephemeral" \
752 -s "key exchange mode: ephemeral"
753
754requires_gnutls_tls1_3
755requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
757requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]758run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]759 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]760 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
761 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
762 localhost" \
763 0 \
764 -s "found psk key exchange modes extension" \
765 -s "found pre_shared_key extension" \
766 -s "Found PSK_EPHEMERAL KEX MODE" \
767 -s "Found PSK KEX MODE" \
768 -s "Pre shared key found" \
769 -S "No matched PSK or ticket" \
770 -S "key exchange mode: psk$" \
771 -S "key exchange mode: psk_ephemeral" \
772 -s "key exchange mode: ephemeral"
773
774requires_gnutls_tls1_3
775requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]776requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
777requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]778run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]779 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]780 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
781 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
782 localhost" \
783 1 \
784 -s "found psk key exchange modes extension" \
785 -s "found pre_shared_key extension" \
786 -s "Found PSK_EPHEMERAL KEX MODE" \
787 -s "Found PSK KEX MODE" \
788 -s "Invalid binder." \
789 -S "key exchange mode: psk$" \
790 -S "key exchange mode: psk_ephemeral" \
791 -S "key exchange mode: ephemeral"
792
793requires_gnutls_tls1_3
794requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]795requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
796requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]797run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]798 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]799 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
800 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
801 localhost" \
802 0 \
803 -s "found psk key exchange modes extension" \
804 -s "found pre_shared_key extension" \
805 -S "Found PSK_EPHEMERAL KEX MODE" \
806 -s "Found PSK KEX MODE" \
807 -s "Pre shared key found" \
808 -S "No matched PSK or ticket" \
809 -S "key exchange mode: psk$" \
810 -S "key exchange mode: psk_ephemeral" \
811 -s "key exchange mode: ephemeral"
812
813requires_gnutls_tls1_3
814requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]815requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]817run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]818 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]819 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
820 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
821 localhost" \
822 1 \
823 -s "found psk key exchange modes extension" \
824 -s "found pre_shared_key extension" \
825 -S "Found PSK_EPHEMERAL KEX MODE" \
826 -s "Found PSK KEX MODE" \
827 -s "Invalid binder." \
828 -S "key exchange mode: psk$" \
829 -S "key exchange mode: psk_ephemeral" \
830 -S "key exchange mode: ephemeral"
831
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]832requires_gnutls_tls1_3
833requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]834requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]835requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]836run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]837 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]838 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
839 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
840 localhost" \
841 0 \
842 -s "write selected_group: secp256r1" \
843 -S "key exchange mode: psk$" \
844 -s "key exchange mode: psk_ephemeral" \
845 -S "key exchange mode: ephemeral"
846
847requires_gnutls_tls1_3
848requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]849requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]850requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]851run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]852 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]853 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
854 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
855 localhost" \
856 0 \
857 -s "write selected_group: secp384r1" \
858 -S "key exchange mode: psk$" \
859 -s "key exchange mode: psk_ephemeral" \
860 -S "key exchange mode: ephemeral"
861
862requires_gnutls_tls1_3
863requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]864requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]865requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]866run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]867 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]868 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
869 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
870 localhost" \
871 0 \
872 -s "write selected_group: secp521r1" \
873 -S "key exchange mode: psk$" \
874 -s "key exchange mode: psk_ephemeral" \
875 -S "key exchange mode: ephemeral"
876
877requires_gnutls_tls1_3
878requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]879requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]880requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]881run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]882 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]883 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
884 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
885 localhost" \
886 0 \
887 -s "write selected_group: x25519" \
888 -S "key exchange mode: psk$" \
889 -s "key exchange mode: psk_ephemeral" \
890 -S "key exchange mode: ephemeral"
891
892requires_gnutls_tls1_3
893requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]894requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]895requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]896run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]897 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]898 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
899 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
900 localhost" \
901 0 \
902 -s "write selected_group: x448" \
903 -S "key exchange mode: psk$" \
904 -s "key exchange mode: psk_ephemeral" \
905 -S "key exchange mode: ephemeral"
906
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]907requires_openssl_tls1_3
908requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]910run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]911 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]912 "$O_NEXT_CLI -tls1_3 -msg \
913 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
914 1 \
915 -s "found psk key exchange modes extension" \
916 -s "found pre_shared_key extension" \
917 -s "Found PSK_EPHEMERAL KEX MODE" \
918 -S "Found PSK KEX MODE" \
919 -S "key exchange mode: psk$" \
920 -S "key exchange mode: psk_ephemeral" \
921 -S "key exchange mode: ephemeral"
922
923requires_openssl_tls1_3
924requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]926run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]927 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]928 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
929 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
930 0 \
931 -s "found psk key exchange modes extension" \
932 -s "found pre_shared_key extension" \
933 -s "Found PSK_EPHEMERAL KEX MODE" \
934 -s "Found PSK KEX MODE" \
935 -s "Pre shared key found" \
936 -S "No matched PSK or ticket" \
937 -s "key exchange mode: psk$" \
938 -S "key exchange mode: psk_ephemeral" \
939 -S "key exchange mode: ephemeral"
940
941requires_openssl_tls1_3
942requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]943requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]944run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]945 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]946 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
947 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
948 1 \
949 -s "found psk key exchange modes extension" \
950 -s "found pre_shared_key extension" \
951 -s "Found PSK_EPHEMERAL KEX MODE" \
952 -s "Found PSK KEX MODE" \
953 -s "No matched PSK or ticket" \
954 -S "key exchange mode: psk$" \
955 -S "key exchange mode: psk_ephemeral" \
956 -S "key exchange mode: ephemeral"
957
958requires_openssl_tls1_3
959requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]960requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]961run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]962 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]963 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
964 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
965 1 \
966 -s "found psk key exchange modes extension" \
967 -s "found pre_shared_key extension" \
968 -s "Found PSK_EPHEMERAL KEX MODE" \
969 -s "Found PSK KEX MODE" \
970 -s "Invalid binder." \
971 -S "key exchange mode: psk$" \
972 -S "key exchange mode: psk_ephemeral" \
973 -S "key exchange mode: ephemeral"
974
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]975requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]976requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]977requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]978run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]979 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]980 "$O_NEXT_CLI -tls1_3 -msg \
981 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
982 0 \
983 -s "found psk key exchange modes extension" \
984 -s "found pre_shared_key extension" \
985 -s "Found PSK_EPHEMERAL KEX MODE" \
986 -S "Found PSK KEX MODE" \
987 -s "Pre shared key found" \
988 -S "No matched PSK or ticket" \
989 -S "key exchange mode: psk$" \
990 -s "key exchange mode: psk_ephemeral" \
991 -S "key exchange mode: ephemeral"
992
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]993requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]994requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]995requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]996run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]997 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]998 "$O_NEXT_CLI -tls1_3 -msg \
999 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1000 1 \
1001 -s "found psk key exchange modes extension" \
1002 -s "found pre_shared_key extension" \
1003 -s "Found PSK_EPHEMERAL KEX MODE" \
1004 -S "Found PSK KEX MODE" \
1005 -s "No matched PSK or ticket" \
1006 -S "key exchange mode: psk$" \
1007 -S "key exchange mode: psk_ephemeral" \
1008 -S "key exchange mode: ephemeral"
1009
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1010requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1011requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1012requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1013run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1014 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1015 "$O_NEXT_CLI -tls1_3 -msg \
1016 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1017 1 \
1018 -s "found psk key exchange modes extension" \
1019 -s "found pre_shared_key extension" \
1020 -s "Found PSK_EPHEMERAL KEX MODE" \
1021 -S "Found PSK KEX MODE" \
1022 -s "Invalid binder." \
1023 -S "key exchange mode: psk$" \
1024 -S "key exchange mode: psk_ephemeral" \
1025 -S "key exchange mode: ephemeral"
1026
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1027requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1028requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1029requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1030run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1031 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1032 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1033 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1034 0 \
1035 -s "found psk key exchange modes extension" \
1036 -s "found pre_shared_key extension" \
1037 -s "Found PSK_EPHEMERAL KEX MODE" \
1038 -s "Found PSK KEX MODE" \
1039 -s "Pre shared key found" \
1040 -S "No matched PSK or ticket" \
1041 -S "key exchange mode: psk$" \
1042 -s "key exchange mode: psk_ephemeral" \
1043 -S "key exchange mode: ephemeral"
1044
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1045requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1046requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1047requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1048run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1049 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1050 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1051 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1052 1 \
1053 -s "found psk key exchange modes extension" \
1054 -s "found pre_shared_key extension" \
1055 -s "Found PSK_EPHEMERAL KEX MODE" \
1056 -s "Found PSK KEX MODE" \
1057 -s "No matched PSK or ticket" \
1058 -S "key exchange mode: psk$" \
1059 -S "key exchange mode: psk_ephemeral" \
1060 -S "key exchange mode: ephemeral"
1061
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1062requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1063requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1064requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1065run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1066 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1067 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1068 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1069 1 \
1070 -s "found psk key exchange modes extension" \
1071 -s "found pre_shared_key extension" \
1072 -s "Found PSK_EPHEMERAL KEX MODE" \
1073 -s "Found PSK KEX MODE" \
1074 -s "Invalid binder." \
1075 -S "key exchange mode: psk$" \
1076 -S "key exchange mode: psk_ephemeral" \
1077 -S "key exchange mode: ephemeral"
1078
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1079requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1080requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1081requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1082requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1083run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1084 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1085 "$O_NEXT_CLI -tls1_3 -msg \
1086 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1087 0 \
1088 -s "found psk key exchange modes extension" \
1089 -s "found pre_shared_key extension" \
1090 -s "Found PSK_EPHEMERAL KEX MODE" \
1091 -S "Found PSK KEX MODE" \
1092 -s "Pre shared key found" \
1093 -S "No matched PSK or ticket" \
1094 -S "key exchange mode: psk$" \
1095 -s "key exchange mode: psk_ephemeral" \
1096 -S "key exchange mode: ephemeral"
1097
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1098requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1099requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1101requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1102run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1103 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1104 "$O_NEXT_CLI -tls1_3 -msg \
1105 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1106 1 \
1107 -s "found psk key exchange modes extension" \
1108 -s "found pre_shared_key extension" \
1109 -s "Found PSK_EPHEMERAL KEX MODE" \
1110 -S "Found PSK KEX MODE" \
1111 -s "No matched PSK or ticket" \
1112 -S "key exchange mode: psk$" \
1113 -S "key exchange mode: psk_ephemeral" \
1114 -S "key exchange mode: ephemeral"
1115
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1116requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1117requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1118requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1119requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1120run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1121 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1122 "$O_NEXT_CLI -tls1_3 -msg \
1123 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1124 1 \
1125 -s "found psk key exchange modes extension" \
1126 -s "found pre_shared_key extension" \
1127 -s "Found PSK_EPHEMERAL KEX MODE" \
1128 -S "Found PSK KEX MODE" \
1129 -s "Invalid binder." \
1130 -S "key exchange mode: psk$" \
1131 -S "key exchange mode: psk_ephemeral" \
1132 -S "key exchange mode: ephemeral"
1133
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1134requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1135requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1137requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1138run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1139 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1140 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1141 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1142 0 \
1143 -s "found psk key exchange modes extension" \
1144 -s "found pre_shared_key extension" \
1145 -s "Found PSK_EPHEMERAL KEX MODE" \
1146 -s "Found PSK KEX MODE" \
1147 -s "Pre shared key found" \
1148 -S "No matched PSK or ticket" \
1149 -S "key exchange mode: psk$" \
1150 -s "key exchange mode: psk_ephemeral" \
1151 -S "key exchange mode: ephemeral"
1152
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1153requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1154requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1155requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1156requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1157run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1158 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1159 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1160 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1161 1 \
1162 -s "found psk key exchange modes extension" \
1163 -s "found pre_shared_key extension" \
1164 -s "Found PSK_EPHEMERAL KEX MODE" \
1165 -s "Found PSK KEX MODE" \
1166 -s "No matched PSK or ticket" \
1167 -S "key exchange mode: psk$" \
1168 -S "key exchange mode: psk_ephemeral" \
1169 -S "key exchange mode: ephemeral"
1170
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1171requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1172requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1173requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1174requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1175run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1176 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1177 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1178 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1179 1 \
1180 -s "found psk key exchange modes extension" \
1181 -s "found pre_shared_key extension" \
1182 -s "Found PSK_EPHEMERAL KEX MODE" \
1183 -s "Found PSK KEX MODE" \
1184 -s "Invalid binder." \
1185 -S "key exchange mode: psk$" \
1186 -S "key exchange mode: psk_ephemeral" \
1187 -S "key exchange mode: ephemeral"
1188
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1189requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1190requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1191requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1192requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1193run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1194 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1195 "$O_NEXT_CLI -tls1_3 -msg \
1196 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1197 0 \
1198 -s "found psk key exchange modes extension" \
1199 -s "found pre_shared_key extension" \
1200 -s "Found PSK_EPHEMERAL KEX MODE" \
1201 -S "Found PSK KEX MODE" \
1202 -s "Pre shared key found" \
1203 -S "No matched PSK or ticket" \
1204 -S "key exchange mode: psk$" \
1205 -s "key exchange mode: psk_ephemeral" \
1206 -S "key exchange mode: ephemeral"
1207
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1208requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1209requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1210requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1211requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1212run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1213 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1214 "$O_NEXT_CLI -tls1_3 -msg \
1215 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1216 0 \
1217 -s "found psk key exchange modes extension" \
1218 -s "found pre_shared_key extension" \
1219 -s "Found PSK_EPHEMERAL KEX MODE" \
1220 -S "Found PSK KEX MODE" \
1221 -s "No matched PSK or ticket" \
1222 -S "key exchange mode: psk$" \
1223 -S "key exchange mode: psk_ephemeral" \
1224 -s "key exchange mode: ephemeral"
1225
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1226requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1227requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1228requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1229requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1230run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1231 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1232 "$O_NEXT_CLI -tls1_3 -msg \
1233 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1234 1 \
1235 -s "found psk key exchange modes extension" \
1236 -s "found pre_shared_key extension" \
1237 -s "Found PSK_EPHEMERAL KEX MODE" \
1238 -S "Found PSK KEX MODE" \
1239 -s "Invalid binder." \
1240 -S "key exchange mode: psk$" \
1241 -S "key exchange mode: psk_ephemeral" \
1242 -S "key exchange mode: ephemeral"
1243
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1244requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1245requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1247requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1248run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1249 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1250 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1251 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1252 0 \
1253 -s "found psk key exchange modes extension" \
1254 -s "found pre_shared_key extension" \
1255 -s "Found PSK_EPHEMERAL KEX MODE" \
1256 -s "Found PSK KEX MODE" \
1257 -s "Pre shared key found" \
1258 -S "No matched PSK or ticket" \
1259 -S "key exchange mode: psk$" \
1260 -s "key exchange mode: psk_ephemeral" \
1261 -S "key exchange mode: ephemeral"
1262
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1263requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1264requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1265requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1266requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1267run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1268 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1269 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1270 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1271 0 \
1272 -s "found psk key exchange modes extension" \
1273 -s "found pre_shared_key extension" \
1274 -s "Found PSK_EPHEMERAL KEX MODE" \
1275 -s "Found PSK KEX MODE" \
1276 -s "No matched PSK or ticket" \
1277 -S "key exchange mode: psk$" \
1278 -S "key exchange mode: psk_ephemeral" \
1279 -s "key exchange mode: ephemeral"
1280
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1281requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1282requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1284requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1285run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1286 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1287 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1288 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1289 1 \
1290 -s "found psk key exchange modes extension" \
1291 -s "found pre_shared_key extension" \
1292 -s "Found PSK_EPHEMERAL KEX MODE" \
1293 -s "Found PSK KEX MODE" \
1294 -s "Invalid binder." \
1295 -S "key exchange mode: psk$" \
1296 -S "key exchange mode: psk_ephemeral" \
1297 -S "key exchange mode: ephemeral"
1298
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1299requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1300requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1301requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1302requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1303requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1304run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1305 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1306 "$O_NEXT_CLI -tls1_3 -msg \
1307 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1308 0 \
1309 -s "found psk key exchange modes extension" \
1310 -s "found pre_shared_key extension" \
1311 -s "Found PSK_EPHEMERAL KEX MODE" \
1312 -S "Found PSK KEX MODE" \
1313 -s "Pre shared key found" \
1314 -S "No matched PSK or ticket" \
1315 -S "key exchange mode: psk$" \
1316 -s "key exchange mode: psk_ephemeral" \
1317 -S "key exchange mode: ephemeral"
1318
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1319requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1320requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1321requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1322requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1323requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1324run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1325 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1326 "$O_NEXT_CLI -tls1_3 -msg \
1327 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1328 0 \
1329 -s "found psk key exchange modes extension" \
1330 -s "found pre_shared_key extension" \
1331 -s "Found PSK_EPHEMERAL KEX MODE" \
1332 -S "Found PSK KEX MODE" \
1333 -s "No matched PSK or ticket" \
1334 -S "key exchange mode: psk$" \
1335 -S "key exchange mode: psk_ephemeral" \
1336 -s "key exchange mode: ephemeral"
1337
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1338requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1339requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1340requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1343run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1344 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1345 "$O_NEXT_CLI -tls1_3 -msg \
1346 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1347 1 \
1348 -s "found psk key exchange modes extension" \
1349 -s "found pre_shared_key extension" \
1350 -s "Found PSK_EPHEMERAL KEX MODE" \
1351 -S "Found PSK KEX MODE" \
1352 -s "Invalid binder." \
1353 -S "key exchange mode: psk$" \
1354 -S "key exchange mode: psk_ephemeral" \
1355 -S "key exchange mode: ephemeral"
1356
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1357requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1358requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1359requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1360requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1361requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1362run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1363 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1364 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1365 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1366 0 \
1367 -s "found psk key exchange modes extension" \
1368 -s "found pre_shared_key extension" \
1369 -s "Found PSK_EPHEMERAL KEX MODE" \
1370 -s "Found PSK KEX MODE" \
1371 -s "Pre shared key found" \
1372 -S "No matched PSK or ticket" \
1373 -S "key exchange mode: psk$" \
1374 -s "key exchange mode: psk_ephemeral" \
1375 -S "key exchange mode: ephemeral"
1376
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1377requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1378requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1379requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1380requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1381requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1382run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1383 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1384 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1385 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1386 0 \
1387 -s "found psk key exchange modes extension" \
1388 -s "found pre_shared_key extension" \
1389 -s "Found PSK_EPHEMERAL KEX MODE" \
1390 -s "Found PSK KEX MODE" \
1391 -s "No matched PSK or ticket" \
1392 -S "key exchange mode: psk$" \
1393 -S "key exchange mode: psk_ephemeral" \
1394 -s "key exchange mode: ephemeral"
1395
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1396requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1397requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1398requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1399requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1400requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1401run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1402 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1403 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1404 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1405 1 \
1406 -s "found psk key exchange modes extension" \
1407 -s "found pre_shared_key extension" \
1408 -s "Found PSK_EPHEMERAL KEX MODE" \
1409 -s "Found PSK KEX MODE" \
1410 -s "Invalid binder." \
1411 -S "key exchange mode: psk$" \
1412 -S "key exchange mode: psk_ephemeral" \
1413 -S "key exchange mode: ephemeral"
1414
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1415requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1416requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1417requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1419run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1420 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1421 "$O_NEXT_CLI -tls1_3 -msg \
1422 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1423 0 \
1424 -s "found psk key exchange modes extension" \
1425 -s "found pre_shared_key extension" \
1426 -s "Found PSK_EPHEMERAL KEX MODE" \
1427 -S "Found PSK KEX MODE" \
1428 -s "Pre shared key found" \
1429 -S "No matched PSK or ticket" \
1430 -S "key exchange mode: psk$" \
1431 -S "key exchange mode: psk_ephemeral" \
1432 -s "key exchange mode: ephemeral"
1433
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1434requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1435requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1436requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1437requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1438run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1439 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1440 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1441 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1442 0 \
1443 -s "found psk key exchange modes extension" \
1444 -s "found pre_shared_key extension" \
1445 -s "Found PSK_EPHEMERAL KEX MODE" \
1446 -s "Found PSK KEX MODE" \
1447 -s "Pre shared key found" \
1448 -S "No matched PSK or ticket" \
1449 -S "key exchange mode: psk$" \
1450 -S "key exchange mode: psk_ephemeral" \
1451 -s "key exchange mode: ephemeral"
1452
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1453requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1454requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1455requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1456requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1457run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1458 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1459 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1460 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1461 1 \
1462 -s "found psk key exchange modes extension" \
1463 -s "found pre_shared_key extension" \
1464 -s "Found PSK_EPHEMERAL KEX MODE" \
1465 -s "Found PSK KEX MODE" \
1466 -s "Invalid binder." \
1467 -S "key exchange mode: psk$" \
1468 -S "key exchange mode: psk_ephemeral" \
1469 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1470
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1471requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1472requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1473requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1474run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1475 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1476 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1477 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1478 0 \
1479 -s "write selected_group: secp256r1" \
1480 -S "key exchange mode: psk$" \
1481 -s "key exchange mode: psk_ephemeral" \
1482 -S "key exchange mode: ephemeral"
1483
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1484requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1485requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1486requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1487run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1488 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1489 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1490 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1491 0 \
1492 -s "write selected_group: secp384r1" \
1493 -S "key exchange mode: psk$" \
1494 -s "key exchange mode: psk_ephemeral" \
1495 -S "key exchange mode: ephemeral"
1496
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1497requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1498requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1499requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1500run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1501 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1502 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1503 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1504 0 \
1505 -s "write selected_group: secp521r1" \
1506 -S "key exchange mode: psk$" \
1507 -s "key exchange mode: psk_ephemeral" \
1508 -S "key exchange mode: ephemeral"
1509
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1510requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1511requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1512requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1513run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1514 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1515 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1516 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1517 0 \
1518 -s "write selected_group: x25519" \
1519 -S "key exchange mode: psk$" \
1520 -s "key exchange mode: psk_ephemeral" \
1521 -S "key exchange mode: ephemeral"
1522
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1523requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1524requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1526run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1527 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1528 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1529 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1530 0 \
1531 -s "write selected_group: x448" \
1532 -S "key exchange mode: psk$" \
1533 -s "key exchange mode: psk_ephemeral" \
1534 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1535
1536requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1537requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1539run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1540 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1541 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1542 0 \
1543 -s "write selected_group: secp384r1" \
1544 -s "HRR selected_group: secp384r1" \
1545 -S "key exchange mode: psk$" \
1546 -s "key exchange mode: psk_ephemeral" \
1547 -S "key exchange mode: ephemeral"
1548
1549requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1550requires_gnutls_tls1_3
1551requires_gnutls_next_no_ticket
1552requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]1554requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1555run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1556 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1557 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1558 0 \
1559 -s "write selected_group: secp384r1" \
1560 -s "HRR selected_group: secp384r1" \
1561 -S "key exchange mode: psk$" \
1562 -s "key exchange mode: psk_ephemeral" \
1563 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1564
1565
1566# Add psk test cases for mbedtls client code
1567
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1568# MbedTls->MbedTLS kinds of tls13_kex_modes
1569# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1570requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1571requires_config_enabled MBEDTLS_SSL_SRV_C
1572requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1573requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1574run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1575 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1576 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1577 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1578 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1579 -c "client hello, adding psk_key_exchange_modes extension" \
1580 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1581 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1582 -c "HTTP/1.0 200 OK"
1583
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1584requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1585requires_config_enabled MBEDTLS_SSL_SRV_C
1586requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1587requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1588run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1589 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1590 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1591 1 \
1592 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1593 -c "client hello, adding psk_key_exchange_modes extension" \
1594 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1595 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1596
1597requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1598requires_config_enabled MBEDTLS_SSL_SRV_C
1599requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1600requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1601run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1602 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1603 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1604 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1605 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1606 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1607 -c "client hello, adding PSK binder list" \
1608 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1609
1610requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1611requires_config_enabled MBEDTLS_SSL_SRV_C
1612requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1613requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1614requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1615run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1616 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1617 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1618 1 \
1619 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1620 -c "client hello, adding psk_key_exchange_modes extension" \
1621 -c "client hello, adding PSK binder list" \
1622 -s "ClientHello message misses mandatory extensions."
1623
1624requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1625requires_config_enabled MBEDTLS_SSL_SRV_C
1626requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1627requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1628requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1629run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1630 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1631 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1632 1 \
1633 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1634 -c "client hello, adding psk_key_exchange_modes extension" \
1635 -c "client hello, adding PSK binder list" \
1636 -s "ClientHello message misses mandatory extensions."
1637
1638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1639requires_config_enabled MBEDTLS_SSL_SRV_C
1640requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1641requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1642requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1644run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1645 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1646 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1647 1 \
1648 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1649 -c "client hello, adding psk_key_exchange_modes extension" \
1650 -c "client hello, adding PSK binder list" \
1651 -s "ClientHello message misses mandatory extensions."
1652
1653requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1654requires_config_enabled MBEDTLS_SSL_SRV_C
1655requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1656requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1658run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1659 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1660 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1661 0 \
1662 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1663 -c "client hello, adding psk_key_exchange_modes extension" \
1664 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1665 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1666 -c "HTTP/1.0 200 OK"
1667
1668requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1669requires_config_enabled MBEDTLS_SSL_SRV_C
1670requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1671requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1672requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1673run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1674 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1675 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1676 1 \
1677 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1678 -c "client hello, adding psk_key_exchange_modes extension" \
1679 -c "client hello, adding PSK binder list" \
1680 -s "No matched PSK or ticket" \
1681 -s "ClientHello message misses mandatory extensions."
1682
1683requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1684requires_config_enabled MBEDTLS_SSL_SRV_C
1685requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1686requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1687requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1688run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1689 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1690 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1691 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1692 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1693 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1694 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1695 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1696
1697requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1698requires_config_enabled MBEDTLS_SSL_SRV_C
1699requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1700requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1701requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1702requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1703run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1704 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1705 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1706 0 \
1707 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1708 -c "client hello, adding psk_key_exchange_modes extension" \
1709 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1710 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1711 -c "HTTP/1.0 200 OK"
1712
1713requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1714requires_config_enabled MBEDTLS_SSL_SRV_C
1715requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1716requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1717requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1718requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1719run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1720 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1721 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1722 1 \
1723 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1724 -c "client hello, adding psk_key_exchange_modes extension" \
1725 -c "client hello, adding PSK binder list" \
1726 -s "No matched PSK or ticket" \
1727 -s "ClientHello message misses mandatory extensions."
1728
1729requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1730requires_config_enabled MBEDTLS_SSL_SRV_C
1731requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1732requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1733requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1734requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1735run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1736 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1737 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1738 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1739 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1740 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1741 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1742 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1743
1744# psk_ephemeral mode in client
1745requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1746requires_config_enabled MBEDTLS_SSL_SRV_C
1747requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1748requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1749requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1750run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1751 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1752 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1753 1 \
1754 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1755 -c "client hello, adding psk_key_exchange_modes extension" \
1756 -c "client hello, adding PSK binder list" \
1757 -s "ClientHello message misses mandatory extensions."
1758
1759requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1760requires_config_enabled MBEDTLS_SSL_SRV_C
1761requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1762requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1763run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1764 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1765 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1766 0 \
1767 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1768 -c "client hello, adding psk_key_exchange_modes extension" \
1769 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1770 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1771 -c "HTTP/1.0 200 OK"
1772
1773requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1774requires_config_enabled MBEDTLS_SSL_SRV_C
1775requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1776requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1777run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1778 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1779 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1780 1 \
1781 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1782 -c "client hello, adding psk_key_exchange_modes extension" \
1783 -c "client hello, adding PSK binder list" \
1784 -s "No matched PSK or ticket" \
1785 -s "ClientHello message misses mandatory extensions."
1786
1787requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1788requires_config_enabled MBEDTLS_SSL_SRV_C
1789requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1790requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1791run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1792 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1793 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1794 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1795 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1796 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1797 -c "client hello, adding PSK binder list" \
1798 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1799
1800requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1801requires_config_enabled MBEDTLS_SSL_SRV_C
1802requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1803requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1804requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1806run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1807 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1808 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1809 1 \
1810 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1811 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1812 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1813
1814requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1815requires_config_enabled MBEDTLS_SSL_SRV_C
1816requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1817requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1818requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1819run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1820 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1821 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1822 0 \
1823 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1824 -c "client hello, adding psk_key_exchange_modes extension" \
1825 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1826 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1827 -c "HTTP/1.0 200 OK"
1828
1829requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1830requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1831requires_config_enabled MBEDTLS_SSL_SRV_C
1832requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1833requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1834requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1835run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1836 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1837 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1838 1 \
1839 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1840 -c "client hello, adding psk_key_exchange_modes extension" \
1841 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1842 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1843
1844requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1845requires_config_enabled MBEDTLS_SSL_SRV_C
1846requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1847requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1848requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1849run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1850 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1851 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1852 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1853 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1854 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1855 -c "client hello, adding PSK binder list" \
1856 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1857
1858requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1859requires_config_enabled MBEDTLS_SSL_SRV_C
1860requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1861requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1862requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1863run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1864 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1865 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1866 0 \
1867 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1868 -c "client hello, adding psk_key_exchange_modes extension" \
1869 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1870 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1871 -c "HTTP/1.0 200 OK"
1872
1873requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1874requires_config_enabled MBEDTLS_SSL_SRV_C
1875requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1876requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1877requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1878run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1879 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1880 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1881 1 \
1882 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1883 -c "client hello, adding psk_key_exchange_modes extension" \
1884 -c "client hello, adding PSK binder list" \
1885 -s "No matched PSK or ticket" \
1886 -s "ClientHello message misses mandatory extensions."
1887
1888requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1889requires_config_enabled MBEDTLS_SSL_SRV_C
1890requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1891requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1892requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1893run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1894 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1895 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1896 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1897 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1898 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1899 -c "client hello, adding PSK binder list" \
1900 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1901
1902requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1903requires_config_enabled MBEDTLS_SSL_SRV_C
1904requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1905requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1906requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1907requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1908run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1909 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1910 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1911 0 \
1912 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1913 -c "client hello, adding psk_key_exchange_modes extension" \
1914 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1915 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1916 -c "HTTP/1.0 200 OK"
1917
1918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1919requires_config_enabled MBEDTLS_SSL_SRV_C
1920requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1921requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1922requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1923requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1924run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1925 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1926 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1927 1 \
1928 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1929 -c "client hello, adding psk_key_exchange_modes extension" \
1930 -c "client hello, adding PSK binder list" \
1931 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1932
1933requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1934requires_config_enabled MBEDTLS_SSL_SRV_C
1935requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1936requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1937requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1938requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1939run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1940 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1941 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1942 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1943 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1944 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1945 -c "client hello, adding PSK binder list" \
1946 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1947
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1948# ephemeral mode in client
1949requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1950requires_config_enabled MBEDTLS_SSL_SRV_C
1951requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1952requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1953requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1954run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1955 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1956 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1957 1 \
1958 -s "ClientHello message misses mandatory extensions."
1959
1960requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1961requires_config_enabled MBEDTLS_SSL_SRV_C
1962requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1963requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1964requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1965run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1966 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1967 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1968 1 \
1969 -s "ClientHello message misses mandatory extensions."
1970
1971requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1972requires_config_enabled MBEDTLS_SSL_SRV_C
1973requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1974requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1975run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1976 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1977 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1978 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1979 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1980 -c "HTTP/1.0 200 OK"
1981
1982requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1983requires_config_enabled MBEDTLS_SSL_SRV_C
1984requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1985requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1986requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1987run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1988 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1989 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1990 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1991 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1992 -c "HTTP/1.0 200 OK"
1993
1994requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1995requires_config_enabled MBEDTLS_SSL_SRV_C
1996requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1997requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1998requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1999requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2000run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2001 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2002 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2003 1 \
2004 -s "ClientHello message misses mandatory extensions."
2005
2006requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2007requires_config_enabled MBEDTLS_SSL_SRV_C
2008requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2009requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2010requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2011requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2012run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2013 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2014 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2015 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2016 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2017 -c "HTTP/1.0 200 OK"
2018
2019# ephemeral_all mode in client
2020requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2021requires_config_enabled MBEDTLS_SSL_SRV_C
2022requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2023requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2024requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2025requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2026run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2027 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2028 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2029 1 \
2030 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2031 -c "client hello, adding psk_key_exchange_modes extension" \
2032 -c "client hello, adding PSK binder list" \
2033 -s "ClientHello message misses mandatory extensions."
2034
2035requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2036requires_config_enabled MBEDTLS_SSL_SRV_C
2037requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2038requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2039requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2040run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2041 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2042 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2043 0 \
2044 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2045 -c "client hello, adding psk_key_exchange_modes extension" \
2046 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2047 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2048 -c "HTTP/1.0 200 OK"
2049
2050requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2051requires_config_enabled MBEDTLS_SSL_SRV_C
2052requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2053requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2054requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2055run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2056 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2057 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2058 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2059 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2060 -c "client hello, adding psk_key_exchange_modes extension" \
2061 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2062 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2063
2064requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2065requires_config_enabled MBEDTLS_SSL_SRV_C
2066requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2067requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2068requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2069run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2070 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2071 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2072 1 \
2073 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2074 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2075 -c "client hello, adding PSK binder list" \
2076 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2077
2078requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2079requires_config_enabled MBEDTLS_SSL_SRV_C
2080requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2081requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2082requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2083run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2084 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2085 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2086 0 \
2087 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2088 -c "client hello, adding psk_key_exchange_modes extension" \
2089 -c "client hello, adding PSK binder list" \
2090 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2091 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2092 -c "HTTP/1.0 200 OK"
2093
2094requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2095requires_config_enabled MBEDTLS_SSL_SRV_C
2096requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2097requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2098requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2099run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2100 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2101 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2102 0 \
2103 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2104 -c "client hello, adding psk_key_exchange_modes extension" \
2105 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2106 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2107 -c "HTTP/1.0 200 OK"
2108
2109requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2110requires_config_enabled MBEDTLS_SSL_SRV_C
2111requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2112requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2113requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2114run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2115 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2116 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2117 0 \
2118 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2119 -c "client hello, adding psk_key_exchange_modes extension" \
2120 -c "client hello, adding PSK binder list" \
2121 -s "No matched PSK or ticket" \
2122 -s "key exchange mode: ephemeral"
2123
2124requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2125requires_config_enabled MBEDTLS_SSL_SRV_C
2126requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2127requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2128requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2129run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2130 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2131 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2132 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2133 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2134 -c "client hello, adding psk_key_exchange_modes extension" \
2135 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2136 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2137
2138requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2139requires_config_enabled MBEDTLS_SSL_SRV_C
2140requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2141requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2142requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2144run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2145 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2146 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2147 0 \
2148 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2149 -c "client hello, adding psk_key_exchange_modes extension" \
2150 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2151 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2152 -c "HTTP/1.0 200 OK"
2153
2154requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2155requires_config_enabled MBEDTLS_SSL_SRV_C
2156requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2157requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2158requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2159requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2160run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2161 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2162 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2163 1 \
2164 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2165 -c "client hello, adding psk_key_exchange_modes extension" \
2166 -c "client hello, adding PSK binder list" \
2167 -s "No matched PSK or ticket" \
2168 -s "ClientHello message misses mandatory extensions."
2169
2170requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2171requires_config_enabled MBEDTLS_SSL_SRV_C
2172requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2173requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2174requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2175requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2176run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2177 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2178 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2179 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2180 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2181 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2182 -c "client hello, adding PSK binder list" \
2183 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2184
2185requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2186requires_config_enabled MBEDTLS_SSL_SRV_C
2187requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2188requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2189requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2190requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2191run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2192 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2193 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2194 0 \
2195 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2196 -c "client hello, adding psk_key_exchange_modes extension" \
2197 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2198 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2199 -c "HTTP/1.0 200 OK"
2200
2201requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2202requires_config_enabled MBEDTLS_SSL_SRV_C
2203requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2204requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2205requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2206requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2207run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2208 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2209 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2210 0 \
2211 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2212 -c "client hello, adding psk_key_exchange_modes extension" \
2213 -c "client hello, adding PSK binder list" \
2214 -s "No matched PSK or ticket" \
2215 -s "key exchange mode: ephemeral"
2216
2217requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2218requires_config_enabled MBEDTLS_SSL_SRV_C
2219requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2220requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2221requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2222requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2223run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2224 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2225 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2226 1 \
2227 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2228 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2229 -c "client hello, adding PSK binder list" \
2230 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2231
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2232# psk_all mode in client
2233requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2234requires_config_enabled MBEDTLS_SSL_SRV_C
2235requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2236requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2238run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2239 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2240 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2241 0 \
2242 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2243 -c "client hello, adding psk_key_exchange_modes extension" \
2244 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2245 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2246 -c "HTTP/1.0 200 OK"
2247
2248requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2249requires_config_enabled MBEDTLS_SSL_SRV_C
2250requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2251requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2253run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2254 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2255 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2256 1 \
2257 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2258 -c "client hello, adding psk_key_exchange_modes extension" \
2259 -c "client hello, adding PSK binder list" \
2260 -s "ClientHello message misses mandatory extensions."
2261
2262requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2263requires_config_enabled MBEDTLS_SSL_SRV_C
2264requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2265requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2266requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2267run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2268 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2269 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2270 1 \
2271 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2272 -c "client hello, adding psk_key_exchange_modes extension" \
2273 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2274 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2275
2276requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2277requires_config_enabled MBEDTLS_SSL_SRV_C
2278requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2279requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2280requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2281run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2282 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2283 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2284 0 \
2285 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2286 -c "client hello, adding psk_key_exchange_modes extension" \
2287 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2288 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2289 -c "HTTP/1.0 200 OK"
2290
2291requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2292requires_config_enabled MBEDTLS_SSL_SRV_C
2293requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2294requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2295requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2296run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2297 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2298 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2299 1 \
2300 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2301 -c "client hello, adding psk_key_exchange_modes extension" \
2302 -c "client hello, adding PSK binder list" \
2303 -s "No matched PSK or ticket" \
2304 -s "ClientHello message misses mandatory extensions."
2305
2306requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2307requires_config_enabled MBEDTLS_SSL_SRV_C
2308requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2311run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2312 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2313 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2314 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2315 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2316 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2317 -c "client hello, adding PSK binder list" \
2318 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2319
2320requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2321requires_config_enabled MBEDTLS_SSL_SRV_C
2322requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2323requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2324requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2325requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2326run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2327 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2328 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2329 1 \
2330 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2331 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2332 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2333
2334requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2335requires_config_enabled MBEDTLS_SSL_SRV_C
2336requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2337requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2338requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2339requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2340run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2341 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2342 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2343 0 \
2344 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2345 -c "client hello, adding psk_key_exchange_modes extension" \
2346 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2347 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2348 -c "HTTP/1.0 200 OK"
2349
2350requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2351requires_config_enabled MBEDTLS_SSL_SRV_C
2352requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2353requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2354requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2355requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2356run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2357 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2358 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2359 1 \
2360 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2361 -c "client hello, adding psk_key_exchange_modes extension" \
2362 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2363 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2364
2365requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2366requires_config_enabled MBEDTLS_SSL_SRV_C
2367requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2371run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2372 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2373 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2374 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2375 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2376 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2377 -c "client hello, adding PSK binder list" \
2378 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2379
2380requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2381requires_config_enabled MBEDTLS_SSL_SRV_C
2382requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2383requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2384requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2385run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2386 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2387 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2388 0 \
2389 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2390 -c "client hello, adding psk_key_exchange_modes extension" \
2391 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2392 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2393 -c "HTTP/1.0 200 OK"
2394
2395requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2396requires_config_enabled MBEDTLS_SSL_SRV_C
2397requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2398requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2399requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2400run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2401 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2402 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2403 1 \
2404 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2405 -c "client hello, adding psk_key_exchange_modes extension" \
2406 -c "client hello, adding PSK binder list" \
2407 -s "No matched PSK or ticket" \
2408 -s "ClientHello message misses mandatory extensions."
2409
2410requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2411requires_config_enabled MBEDTLS_SSL_SRV_C
2412requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2413requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2414requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2415run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2416 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2417 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2418 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2419 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2420 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2421 -c "client hello, adding PSK binder list" \
2422 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2423
2424requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2425requires_config_enabled MBEDTLS_SSL_SRV_C
2426requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2427requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2428requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2429requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2430run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2431 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2432 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2433 0 \
2434 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2435 -c "client hello, adding psk_key_exchange_modes extension" \
2436 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2437 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2438 -c "HTTP/1.0 200 OK"
2439
2440requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2441requires_config_enabled MBEDTLS_SSL_SRV_C
2442requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2443requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2444requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2446run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2447 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2448 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2449 1 \
2450 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2451 -c "client hello, adding psk_key_exchange_modes extension" \
2452 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2453 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2454
2455requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2456requires_config_enabled MBEDTLS_SSL_SRV_C
2457requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2458requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2459requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2460requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2461run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2462 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2463 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2464 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2465 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2466 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2467 -c "client hello, adding PSK binder list" \
2468 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2469
2470# all mode in client
2471requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2472requires_config_enabled MBEDTLS_SSL_SRV_C
2473requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2474requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2475requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2476requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2477run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2478 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2479 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2480 0 \
2481 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2482 -c "client hello, adding psk_key_exchange_modes extension" \
2483 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2484 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2485 -c "HTTP/1.0 200 OK"
2486
2487requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2488requires_config_enabled MBEDTLS_SSL_SRV_C
2489requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2490requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2491requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2492requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2493run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2494 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2495 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2496 1 \
2497 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2498 -c "client hello, adding psk_key_exchange_modes extension" \
2499 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2500 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2501 -s "ClientHello message misses mandatory extensions."
2502
2503requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2504requires_config_enabled MBEDTLS_SSL_SRV_C
2505requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2506requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2507requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2508requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2509run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2510 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2511 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2512 1 \
2513 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2514 -c "client hello, adding psk_key_exchange_modes extension" \
2515 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2516 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2517
2518requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2519requires_config_enabled MBEDTLS_SSL_SRV_C
2520requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2521requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2522requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2524run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2525 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2526 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2527 0 \
2528 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2529 -c "client hello, adding psk_key_exchange_modes extension" \
2530 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2531 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2532 -c "HTTP/1.0 200 OK"
2533
2534requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2535requires_config_enabled MBEDTLS_SSL_SRV_C
2536requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2537requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2539requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2540run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2541 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2542 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2543 1 \
2544 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2545 -c "client hello, adding psk_key_exchange_modes extension" \
2546 -c "client hello, adding PSK binder list" \
2547 -s "No matched PSK or ticket" \
2548 -s "ClientHello message misses mandatory extensions."
2549
2550requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2551requires_config_enabled MBEDTLS_SSL_SRV_C
2552requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2554requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2555requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2556run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2557 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2558 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2559 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2560 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2561 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2562 -c "client hello, adding PSK binder list" \
2563 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2564
2565requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2566requires_config_enabled MBEDTLS_SSL_SRV_C
2567requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2568requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2569requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2570requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2571run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2572 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2573 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2574 0 \
2575 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2576 -c "client hello, adding psk_key_exchange_modes extension" \
2577 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2578 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2579 -c "HTTP/1.0 200 OK"
2580
2581requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2582requires_config_enabled MBEDTLS_SSL_SRV_C
2583requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2585requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2586requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2587run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2588 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2589 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2590 0 \
2591 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2592 -c "client hello, adding psk_key_exchange_modes extension" \
2593 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2594 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2595 -c "HTTP/1.0 200 OK"
2596
2597requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2598requires_config_enabled MBEDTLS_SSL_SRV_C
2599requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2600requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2601requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2602requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2603run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2604 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2605 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2606 0 \
2607 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2608 -c "client hello, adding psk_key_exchange_modes extension" \
2609 -c "client hello, adding PSK binder list" \
2610 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2611 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2612 -c "HTTP/1.0 200 OK"
2613
2614requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2615requires_config_enabled MBEDTLS_SSL_SRV_C
2616requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2617requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2618requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2619requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2620run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2621 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2622 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2623 1 \
2624 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2625 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2626 -c "client hello, adding PSK binder list" \
2627 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2628
2629requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2630requires_config_enabled MBEDTLS_SSL_SRV_C
2631requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2632requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2633requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2635run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2636 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2637 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2638 0 \
2639 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2640 -c "client hello, adding psk_key_exchange_modes extension" \
2641 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2642 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2643 -c "HTTP/1.0 200 OK"
2644
2645requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2646requires_config_enabled MBEDTLS_SSL_SRV_C
2647requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2648requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2649requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2650requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2651run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2652 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2653 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2654 1 \
2655 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2656 -c "client hello, adding psk_key_exchange_modes extension" \
2657 -c "client hello, adding PSK binder list" \
2658 -s "No matched PSK or ticket" \
2659 -s "ClientHello message misses mandatory extensions."
2660
2661requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2662requires_config_enabled MBEDTLS_SSL_SRV_C
2663requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2667run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2668 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2669 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2670 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2671 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2672 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2673 -c "client hello, adding PSK binder list" \
2674 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2675
2676requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2677requires_config_enabled MBEDTLS_SSL_SRV_C
2678requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2679requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2680requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2681requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2682run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2683 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2684 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2685 0 \
2686 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2687 -c "client hello, adding psk_key_exchange_modes extension" \
2688 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2689 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2690 -c "HTTP/1.0 200 OK"
2691
2692requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2693requires_config_enabled MBEDTLS_SSL_SRV_C
2694requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2695requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2696requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2697requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2698run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2699 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2700 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2701 0 \
2702 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2703 -c "client hello, adding psk_key_exchange_modes extension" \
2704 -c "client hello, adding PSK binder list" \
2705 -s "No matched PSK or ticket" \
2706 -s "key exchange mode: ephemeral"
2707
2708requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2709requires_config_enabled MBEDTLS_SSL_SRV_C
2710requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2711requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2712requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2713requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2714run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2715 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2716 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2717 1 \
2718 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2719 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2720 -c "client hello, adding PSK binder list" \
2721 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2722
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2723#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2724requires_openssl_tls1_3
2725requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2726requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2727requires_config_enabled MBEDTLS_DEBUG_C
2728requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2729requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2730run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2731 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2732 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2733 0 \
2734 -c "=> write client hello" \
2735 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2736 -c "client hello, adding psk_key_exchange_modes extension" \
2737 -c "client hello, adding PSK binder list" \
2738 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2739 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2740 -c "HTTP/1.0 200 ok"
2741
2742requires_openssl_tls1_3
2743requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2744requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2745requires_config_enabled MBEDTLS_DEBUG_C
2746requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2747requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2748run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2749 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2750 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2751 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2752 -c "=> write client hello" \
2753 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2754 -c "client hello, adding psk_key_exchange_modes extension" \
2755 -c "client hello, adding PSK binder list" \
2756 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2757 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2758
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2759#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2760requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2761requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2762requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2763requires_config_enabled MBEDTLS_DEBUG_C
2764requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2765requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2766requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2767run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2768 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2769 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2770 0 \
2771 -c "=> write client hello" \
2772 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2773 -c "client hello, adding psk_key_exchange_modes extension" \
2774 -c "client hello, adding PSK binder list" \
2775 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2776 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2777 -c "HTTP/1.0 200 ok"
2778
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2779requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2780requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2781requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2782requires_config_enabled MBEDTLS_DEBUG_C
2783requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2784requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2785requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2786run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2787 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2788 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2789 0 \
2790 -c "=> write client hello" \
2791 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2792 -c "client hello, adding psk_key_exchange_modes extension" \
2793 -c "client hello, adding PSK binder list" \
2794 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2795 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2796 -c "HTTP/1.0 200 ok"
2797
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2798#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2799requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2800requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2801requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2802requires_config_enabled MBEDTLS_DEBUG_C
2803requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2804requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2805run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2806 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2807 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2808 0 \
2809 -c "=> write client hello" \
2810 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2811 -c "client hello, adding psk_key_exchange_modes extension" \
2812 -c "client hello, adding PSK binder list" \
2813 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2814 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2815 -c "HTTP/1.0 200 ok"
2816
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2817requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2818requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2819requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2820requires_config_enabled MBEDTLS_DEBUG_C
2821requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2823run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2824 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2825 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2826 0 \
2827 -c "=> write client hello" \
2828 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2829 -c "client hello, adding psk_key_exchange_modes extension" \
2830 -c "client hello, adding PSK binder list" \
2831 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2832 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2833 -c "HTTP/1.0 200 ok"
2834
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2835#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2836requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2837requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2838requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2839requires_config_enabled MBEDTLS_DEBUG_C
2840requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2841requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2842run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2843 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2844 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2845 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2846 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2847 -c "HTTP/1.0 200 ok"
2848
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2849requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2850requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2851requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2852requires_config_enabled MBEDTLS_DEBUG_C
2853requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2854requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2855run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2856 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2857 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2858 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2859 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2860 -c "HTTP/1.0 200 ok"
2861
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2862#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2863requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2864requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2865requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2866requires_config_enabled MBEDTLS_DEBUG_C
2867requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2868requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2869requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2870run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2871 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2872 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2873 0 \
2874 -c "=> write client hello" \
2875 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2876 -c "client hello, adding psk_key_exchange_modes extension" \
2877 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2878 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2879 -c "<= write client hello" \
2880 -c "HTTP/1.0 200 ok"
2881
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2882requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2883requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2884requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2885requires_config_enabled MBEDTLS_DEBUG_C
2886requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2887requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2888requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2889run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2890 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2891 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2892 0 \
2893 -c "=> write client hello" \
2894 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2895 -c "client hello, adding psk_key_exchange_modes extension" \
2896 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2897 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2898 -c "<= write client hello" \
2899 -c "HTTP/1.0 200 ok"
2900
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2901#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2902requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2903requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2904requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2905requires_config_enabled MBEDTLS_DEBUG_C
2906requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2907requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2908requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2909requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2910run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2911 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2912 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2913 0 \
2914 -c "=> write client hello" \
2915 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2916 -c "client hello, adding psk_key_exchange_modes extension" \
2917 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2918 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2919 -c "<= write client hello" \
2920 -c "HTTP/1.0 200 ok"
2921
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2922requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2923requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2924requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2925requires_config_enabled MBEDTLS_DEBUG_C
2926requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2927requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2928requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2929requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2930run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2931 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2932 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2933 0 \
2934 -c "=> write client hello" \
2935 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2936 -c "client hello, adding psk_key_exchange_modes extension" \
2937 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2938 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2939 -c "<= write client hello" \
2940 -c "HTTP/1.0 200 ok"
2941
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2942#GNUTLS-SERVER psk mode
2943requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2944requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2945requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2946requires_config_enabled MBEDTLS_DEBUG_C
2947requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2949run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2950 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2951 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2952 0 \
2953 -c "=> write client hello" \
2954 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2955 -c "client hello, adding psk_key_exchange_modes extension" \
2956 -c "client hello, adding PSK binder list" \
2957 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2958 -s "Parsing extension 'Pre Shared Key/41'" \
2959 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2960 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2961 -c "HTTP/1.0 200 OK"
2962
2963requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2964requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2965requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2966requires_config_enabled MBEDTLS_DEBUG_C
2967requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2968requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2969run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2970 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2971 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2972 1 \
2973 -c "=> write client hello" \
2974 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2975 -c "client hello, adding psk_key_exchange_modes extension" \
2976 -c "client hello, adding PSK binder list" \
2977 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2978 -s "Parsing extension 'Pre Shared Key/41'" \
2979 -c "<= write client hello" \
2980 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2981
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2982#GNUTLS-SERVER psk_all mode
2983requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2984requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2985requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2986requires_config_enabled MBEDTLS_DEBUG_C
2987requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2988requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2989requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2990run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2991 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2992 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2993 0 \
2994 -c "=> write client hello" \
2995 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2996 -c "client hello, adding psk_key_exchange_modes extension" \
2997 -c "client hello, adding PSK binder list" \
2998 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2999 -s "Parsing extension 'Pre Shared Key/41'" \
3000 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3001 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3002 -c "HTTP/1.0 200 OK"
3003
3004requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3005requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3006requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3007requires_config_enabled MBEDTLS_DEBUG_C
3008requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3009requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3010requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3011run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3012 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3013 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3014 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3015 -c "=> write client hello" \
3016 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3017 -c "client hello, adding psk_key_exchange_modes extension" \
3018 -c "client hello, adding PSK binder list" \
3019 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3020 -s "Parsing extension 'Pre Shared Key/41'" \
3021 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3022 -c "Selected key exchange mode: psk_ephemeral" \
3023 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3024
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3025#GNUTLS-SERVER psk_ephemeral mode
3026requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3027requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3028requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3029requires_config_enabled MBEDTLS_DEBUG_C
3030requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3031requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3032run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3033 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3034 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3035 0 \
3036 -c "=> write client hello" \
3037 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3038 -c "client hello, adding psk_key_exchange_modes extension" \
3039 -c "client hello, adding PSK binder list" \
3040 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3041 -s "Parsing extension 'Pre Shared Key/41'" \
3042 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3043 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3044 -c "HTTP/1.0 200 OK"
3045
3046requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3047requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3048requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3049requires_config_enabled MBEDTLS_DEBUG_C
3050requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3051requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3052run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3053 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3054 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3055 0 \
3056 -c "=> write client hello" \
3057 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3058 -c "client hello, adding psk_key_exchange_modes extension" \
3059 -c "client hello, adding PSK binder list" \
3060 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3061 -s "Parsing extension 'Pre Shared Key/41'" \
3062 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3063 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3064 -c "HTTP/1.0 200 OK"
3065
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3066#GNUTLS-SERVER ephemeral mode
3067requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3068requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3069requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3070requires_config_enabled MBEDTLS_DEBUG_C
3071requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3072requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3073run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3074 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3075 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3076 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3077 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3078 -c "HTTP/1.0 200 OK"
3079
3080requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3081requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3082requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3083requires_config_enabled MBEDTLS_DEBUG_C
3084requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3085requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3086run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3087 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3088 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3089 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3090 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3091 -c "HTTP/1.0 200 OK"
3092
3093#GNUTLS-SERVER ephemeral_all mode
3094requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3095requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3096requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3097requires_config_enabled MBEDTLS_DEBUG_C
3098requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3099requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3100requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3101run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3102 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3103 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3104 0 \
3105 -c "=> write client hello" \
3106 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3107 -c "client hello, adding psk_key_exchange_modes extension" \
3108 -c "client hello, adding PSK binder list" \
3109 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3110 -s "Parsing extension 'Pre Shared Key/41'" \
3111 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3112 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3113 -c "HTTP/1.0 200 OK"
3114
3115requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3116requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3117requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3118requires_config_enabled MBEDTLS_DEBUG_C
3119requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3120requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3121requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3122run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3123 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3124 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3125 0 \
3126 -c "=> write client hello" \
3127 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3128 -c "client hello, adding psk_key_exchange_modes extension" \
3129 -c "client hello, adding PSK binder list" \
3130 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3131 -s "Parsing extension 'Pre Shared Key/41'" \
3132 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3133 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3134 -c "HTTP/1.0 200 OK"
3135
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3136#GNUTLS-SERVER all mode
3137requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3138requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3139requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3140requires_config_enabled MBEDTLS_DEBUG_C
3141requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3142requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3145run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3146 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3147 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3148 0 \
3149 -c "=> write client hello" \
3150 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3151 -c "client hello, adding psk_key_exchange_modes extension" \
3152 -c "client hello, adding PSK binder list" \
3153 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3154 -s "Parsing extension 'Pre Shared Key/41'" \
3155 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3156 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3157 -c "HTTP/1.0 200 OK"
3158
3159requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3160requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3161requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3162requires_config_enabled MBEDTLS_DEBUG_C
3163requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3164requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3165requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3167run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3168 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3169 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3170 0 \
3171 -c "=> write client hello" \
3172 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3173 -c "client hello, adding psk_key_exchange_modes extension" \
3174 -c "client hello, adding PSK binder list" \
3175 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3176 -s "Parsing extension 'Pre Shared Key/41'" \
3177 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3178 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3179 -c "HTTP/1.0 200 OK"