TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/master / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 1bb251fdb8810e31c028cad7c5c05e62c5b0f9d3 [file] [log] [blame]
Gilles Peskineab84fe82024-09-13 13:53:50 +0200[diff] [blame]1# Systematic testing of TLS 1.3 key exchange modes.
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]2
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]3# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]4# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]5
Gilles Peskineab84fe82024-09-13 13:53:50 +0200[diff] [blame]6# Copyright The Mbed TLS Contributors
7# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8#
9
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]10requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]11requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]12requires_config_enabled MBEDTLS_SSL_SRV_C
13requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]14requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]15run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]16 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]17 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
18 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
19 localhost" \
20 0 \
21 -s "found psk key exchange modes extension" \
22 -s "found pre_shared_key extension" \
23 -s "Found PSK_EPHEMERAL KEX MODE" \
24 -s "Found PSK KEX MODE" \
25 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]26 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]27 -s "key exchange mode: psk$" \
28 -S "key exchange mode: psk_ephemeral" \
29 -S "key exchange mode: ephemeral"
30
31requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]32requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]33requires_config_enabled MBEDTLS_SSL_SRV_C
34requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]35requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]36run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]37 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]38 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
39 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
40 localhost" \
41 1 \
42 -s "found psk key exchange modes extension" \
43 -s "found pre_shared_key extension" \
44 -s "Found PSK_EPHEMERAL KEX MODE" \
45 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]46 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]47 -S "key exchange mode: psk$" \
48 -S "key exchange mode: psk_ephemeral" \
49 -S "key exchange mode: ephemeral"
50
51requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]52requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]53requires_config_enabled MBEDTLS_SSL_SRV_C
54requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]55requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]56run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]57 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]58 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
59 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
60 localhost" \
61 1 \
62 -s "found psk key exchange modes extension" \
63 -s "found pre_shared_key extension" \
64 -s "Found PSK_EPHEMERAL KEX MODE" \
65 -s "Found PSK KEX MODE" \
66 -s "Invalid binder." \
67 -S "key exchange mode: psk$" \
68 -S "key exchange mode: psk_ephemeral" \
69 -S "key exchange mode: ephemeral"
70
71requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]72requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]73requires_config_enabled MBEDTLS_SSL_SRV_C
74requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]75requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]76run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]77 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]78 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
79 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
80 localhost" \
81 0 \
82 -s "found psk key exchange modes extension" \
83 -s "found pre_shared_key extension" \
84 -S "Found PSK_EPHEMERAL KEX MODE" \
85 -s "Found PSK KEX MODE" \
86 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]87 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]88 -s "key exchange mode: psk$" \
89 -S "key exchange mode: psk_ephemeral" \
90 -S "key exchange mode: ephemeral"
91
92requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]93requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]94requires_config_enabled MBEDTLS_SSL_SRV_C
95requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]96requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]97run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]98 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]99 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
100 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
101 localhost" \
102 1 \
103 -s "found psk key exchange modes extension" \
104 -s "found pre_shared_key extension" \
105 -S "Found PSK_EPHEMERAL KEX MODE" \
106 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]107 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]108 -S "key exchange mode: psk$" \
109 -S "key exchange mode: psk_ephemeral" \
110 -S "key exchange mode: ephemeral"
111
112requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]113requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]114requires_config_enabled MBEDTLS_SSL_SRV_C
115requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]116requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]117run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]118 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]119 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
120 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
121 localhost" \
122 1 \
123 -s "found psk key exchange modes extension" \
124 -s "found pre_shared_key extension" \
125 -S "Found PSK_EPHEMERAL KEX MODE" \
126 -s "Found PSK KEX MODE" \
127 -s "Invalid binder." \
128 -S "key exchange mode: psk$" \
129 -S "key exchange mode: psk_ephemeral" \
130 -S "key exchange mode: ephemeral"
131
132requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]133requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]134requires_config_enabled MBEDTLS_SSL_SRV_C
135requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]136requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]137run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]138 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]139 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
140 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
141 localhost" \
142 0 \
143 -s "found psk key exchange modes extension" \
144 -s "found pre_shared_key extension" \
145 -s "Found PSK_EPHEMERAL KEX MODE" \
146 -S "Found PSK KEX MODE" \
147 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]148 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]149 -S "key exchange mode: psk$" \
150 -s "key exchange mode: psk_ephemeral" \
151 -S "key exchange mode: ephemeral"
152
153requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]154requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]155requires_config_enabled MBEDTLS_SSL_SRV_C
156requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]157requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]158run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]159 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]160 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
161 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
162 localhost" \
163 1 \
164 -s "found psk key exchange modes extension" \
165 -s "found pre_shared_key extension" \
166 -s "Found PSK_EPHEMERAL KEX MODE" \
167 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]168 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]169 -S "key exchange mode: psk$" \
170 -S "key exchange mode: psk_ephemeral" \
171 -S "key exchange mode: ephemeral"
172
173requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]174requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]175requires_config_enabled MBEDTLS_SSL_SRV_C
176requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]177requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]178run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]179 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]180 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
181 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
182 localhost" \
183 1 \
184 -s "found psk key exchange modes extension" \
185 -s "found pre_shared_key extension" \
186 -s "Found PSK_EPHEMERAL KEX MODE" \
187 -S "Found PSK KEX MODE" \
188 -s "Invalid binder." \
189 -S "key exchange mode: psk$" \
190 -S "key exchange mode: psk_ephemeral" \
191 -S "key exchange mode: ephemeral"
192
193requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]194requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]195requires_config_enabled MBEDTLS_SSL_SRV_C
196requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]197requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]198run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]199 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]200 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
201 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
202 localhost" \
203 0 \
204 -s "found psk key exchange modes extension" \
205 -s "found pre_shared_key extension" \
206 -s "Found PSK_EPHEMERAL KEX MODE" \
207 -s "Found PSK KEX MODE" \
208 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]209 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]210 -S "key exchange mode: psk$" \
211 -s "key exchange mode: psk_ephemeral" \
212 -S "key exchange mode: ephemeral"
213
214requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]215requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]216requires_config_enabled MBEDTLS_SSL_SRV_C
217requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]218requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]219run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]220 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]221 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
222 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
223 localhost" \
224 1 \
225 -s "found psk key exchange modes extension" \
226 -s "found pre_shared_key extension" \
227 -s "Found PSK_EPHEMERAL KEX MODE" \
228 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]229 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]230 -S "key exchange mode: psk$" \
231 -S "key exchange mode: psk_ephemeral" \
232 -S "key exchange mode: ephemeral"
233
234requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]235requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]236requires_config_enabled MBEDTLS_SSL_SRV_C
237requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]238requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]239run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]240 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]241 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
242 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
243 localhost" \
244 1 \
245 -s "found psk key exchange modes extension" \
246 -s "found pre_shared_key extension" \
247 -s "Found PSK_EPHEMERAL KEX MODE" \
248 -s "Found PSK KEX MODE" \
249 -s "Invalid binder." \
250 -S "key exchange mode: psk$" \
251 -S "key exchange mode: psk_ephemeral" \
252 -S "key exchange mode: ephemeral"
253
254requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]255requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]256requires_config_enabled MBEDTLS_SSL_SRV_C
257requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]258requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]259run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]260 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]261 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
262 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
263 localhost" \
264 1 \
265 -s "found psk key exchange modes extension" \
266 -s "found pre_shared_key extension" \
267 -S "Found PSK_EPHEMERAL KEX MODE" \
268 -s "Found PSK KEX MODE" \
269 -S "key exchange mode: psk$" \
270 -S "key exchange mode: psk_ephemeral" \
271 -S "key exchange mode: ephemeral"
272
273requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]274requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]275requires_config_enabled MBEDTLS_SSL_SRV_C
276requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]277requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
278requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]279run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]280 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]281 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
282 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
283 localhost" \
284 0 \
285 -s "found psk key exchange modes extension" \
286 -s "found pre_shared_key extension" \
287 -s "Found PSK_EPHEMERAL KEX MODE" \
288 -S "Found PSK KEX MODE" \
289 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]290 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]291 -S "key exchange mode: psk$" \
292 -s "key exchange mode: psk_ephemeral" \
293 -S "key exchange mode: ephemeral"
294
295requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]296requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]297requires_config_enabled MBEDTLS_SSL_SRV_C
298requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]299requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
300requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]301run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]302 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]303 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
304 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
305 localhost" \
306 1 \
307 -s "found psk key exchange modes extension" \
308 -s "found pre_shared_key extension" \
309 -s "Found PSK_EPHEMERAL KEX MODE" \
310 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]311 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]312 -S "key exchange mode: psk$" \
313 -S "key exchange mode: psk_ephemeral" \
314 -S "key exchange mode: ephemeral"
315
316requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]317requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]318requires_config_enabled MBEDTLS_SSL_SRV_C
319requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]320requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
321requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]322run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]323 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]324 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
325 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
326 localhost" \
327 1 \
328 -s "found psk key exchange modes extension" \
329 -s "found pre_shared_key extension" \
330 -s "Found PSK_EPHEMERAL KEX MODE" \
331 -S "Found PSK KEX MODE" \
332 -s "Invalid binder." \
333 -S "key exchange mode: psk$" \
334 -S "key exchange mode: psk_ephemeral" \
335 -S "key exchange mode: ephemeral"
336
337requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]338requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]339requires_config_enabled MBEDTLS_SSL_SRV_C
340requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]341requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
342requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]343run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]344 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]345 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
346 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
347 localhost" \
348 0 \
349 -s "found psk key exchange modes extension" \
350 -s "found pre_shared_key extension" \
351 -s "Found PSK_EPHEMERAL KEX MODE" \
352 -s "Found PSK KEX MODE" \
353 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]354 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]355 -S "key exchange mode: psk$" \
356 -s "key exchange mode: psk_ephemeral" \
357 -S "key exchange mode: ephemeral"
358
359requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]360requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]361requires_config_enabled MBEDTLS_SSL_SRV_C
362requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]363requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
364requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]365run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]366 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]367 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
368 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
369 localhost" \
370 1 \
371 -s "found psk key exchange modes extension" \
372 -s "found pre_shared_key extension" \
373 -s "Found PSK_EPHEMERAL KEX MODE" \
374 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]375 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]376 -S "key exchange mode: psk$" \
377 -S "key exchange mode: psk_ephemeral" \
378 -S "key exchange mode: ephemeral"
379
380requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]381requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]382requires_config_enabled MBEDTLS_SSL_SRV_C
383requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]384requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
385requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]386run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]387 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]388 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
389 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
390 localhost" \
391 1 \
392 -s "found psk key exchange modes extension" \
393 -s "found pre_shared_key extension" \
394 -s "Found PSK_EPHEMERAL KEX MODE" \
395 -s "Found PSK KEX MODE" \
396 -s "Invalid binder." \
397 -S "key exchange mode: psk$" \
398 -S "key exchange mode: psk_ephemeral" \
399 -S "key exchange mode: ephemeral"
400
401requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]402requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]403requires_config_enabled MBEDTLS_SSL_SRV_C
404requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]405requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]407run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]408 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]409 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
410 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
411 localhost" \
412 0 \
413 -s "found psk key exchange modes extension" \
414 -s "found pre_shared_key extension" \
415 -S "Found PSK_EPHEMERAL KEX MODE" \
416 -s "Found PSK KEX MODE" \
417 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]418 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]419 -s "key exchange mode: psk$" \
420 -S "key exchange mode: psk_ephemeral" \
421 -S "key exchange mode: ephemeral"
422
423requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]424requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]425requires_config_enabled MBEDTLS_SSL_SRV_C
426requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]427requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
428requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]429run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]430 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]431 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
432 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
433 localhost" \
434 1 \
435 -s "found psk key exchange modes extension" \
436 -s "found pre_shared_key extension" \
437 -S "Found PSK_EPHEMERAL KEX MODE" \
438 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]439 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]440 -S "key exchange mode: psk$" \
441 -S "key exchange mode: psk_ephemeral" \
442 -S "key exchange mode: ephemeral"
443
444requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]445requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]446requires_config_enabled MBEDTLS_SSL_SRV_C
447requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]448requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
449requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]450run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]451 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]452 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
453 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
454 localhost" \
455 1 \
456 -s "found psk key exchange modes extension" \
457 -s "found pre_shared_key extension" \
458 -S "Found PSK_EPHEMERAL KEX MODE" \
459 -s "Found PSK KEX MODE" \
460 -s "Invalid binder." \
461 -S "key exchange mode: psk$" \
462 -S "key exchange mode: psk_ephemeral" \
463 -S "key exchange mode: ephemeral"
464
465requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]466requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]467requires_config_enabled MBEDTLS_SSL_SRV_C
468requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]469requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
470requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]471run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]472 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]473 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
474 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
475 localhost" \
476 0 \
477 -s "found psk key exchange modes extension" \
478 -s "found pre_shared_key extension" \
479 -s "Found PSK_EPHEMERAL KEX MODE" \
480 -S "Found PSK KEX MODE" \
481 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]482 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]483 -S "key exchange mode: psk$" \
484 -s "key exchange mode: psk_ephemeral" \
485 -S "key exchange mode: ephemeral"
486
487requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]488requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]489requires_config_enabled MBEDTLS_SSL_SRV_C
490requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]491requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
492requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]493run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]494 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]495 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
496 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
497 localhost" \
498 0 \
499 -s "found psk key exchange modes extension" \
500 -s "found pre_shared_key extension" \
501 -s "Found PSK_EPHEMERAL KEX MODE" \
502 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]503 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]504 -S "key exchange mode: psk$" \
505 -S "key exchange mode: psk_ephemeral" \
506 -s "key exchange mode: ephemeral"
507
508requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]509requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]510requires_config_enabled MBEDTLS_SSL_SRV_C
511requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]512requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
513requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]514run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]515 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]516 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
517 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
518 localhost" \
519 1 \
520 -s "found psk key exchange modes extension" \
521 -s "found pre_shared_key extension" \
522 -s "Found PSK_EPHEMERAL KEX MODE" \
523 -S "Found PSK KEX MODE" \
524 -s "Invalid binder." \
525 -S "key exchange mode: psk$" \
526 -S "key exchange mode: psk_ephemeral" \
527 -S "key exchange mode: ephemeral"
528
529requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]530requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]531requires_config_enabled MBEDTLS_SSL_SRV_C
532requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]533requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
534requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]535run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]536 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]537 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
538 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
539 localhost" \
540 0 \
541 -s "found psk key exchange modes extension" \
542 -s "found pre_shared_key extension" \
543 -s "Found PSK_EPHEMERAL KEX MODE" \
544 -s "Found PSK KEX MODE" \
545 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]546 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]547 -S "key exchange mode: psk$" \
548 -s "key exchange mode: psk_ephemeral" \
549 -S "key exchange mode: ephemeral"
550
551requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]552requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]553requires_config_enabled MBEDTLS_SSL_SRV_C
554requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]555requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
556requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]557run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]558 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]559 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
560 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
561 localhost" \
562 0 \
563 -s "found psk key exchange modes extension" \
564 -s "found pre_shared_key extension" \
565 -s "Found PSK_EPHEMERAL KEX MODE" \
566 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]567 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]568 -S "key exchange mode: psk$" \
569 -S "key exchange mode: psk_ephemeral" \
570 -s "key exchange mode: ephemeral"
571
572requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]573requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]574requires_config_enabled MBEDTLS_SSL_SRV_C
575requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]576requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
577requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]578run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]579 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]580 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
581 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
582 localhost" \
583 1 \
584 -s "found psk key exchange modes extension" \
585 -s "found pre_shared_key extension" \
586 -s "Found PSK_EPHEMERAL KEX MODE" \
587 -s "Found PSK KEX MODE" \
588 -s "Invalid binder." \
589 -S "key exchange mode: psk$" \
590 -S "key exchange mode: psk_ephemeral" \
591 -S "key exchange mode: ephemeral"
592
593requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]594requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]595requires_config_enabled MBEDTLS_SSL_SRV_C
596requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]597requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
598requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]599run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]600 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]601 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
602 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
603 localhost" \
604 0 \
605 -s "found psk key exchange modes extension" \
606 -s "found pre_shared_key extension" \
607 -S "Found PSK_EPHEMERAL KEX MODE" \
608 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]609 -s "No suitable PSK key exchange mode" \
610 -S "Pre shared key found" \
611 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]612 -S "key exchange mode: psk$" \
613 -S "key exchange mode: psk_ephemeral" \
614 -s "key exchange mode: ephemeral"
615
616requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]617requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]618requires_config_enabled MBEDTLS_SSL_SRV_C
619requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]620requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
621requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
622requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]623run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]624 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]625 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
626 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
627 localhost" \
628 0 \
629 -s "found psk key exchange modes extension" \
630 -s "found pre_shared_key extension" \
631 -s "Found PSK_EPHEMERAL KEX MODE" \
632 -S "Found PSK KEX MODE" \
633 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]634 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]635 -S "key exchange mode: psk$" \
636 -s "key exchange mode: psk_ephemeral" \
637 -S "key exchange mode: ephemeral"
638
639requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]640requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]641requires_config_enabled MBEDTLS_SSL_SRV_C
642requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]643requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]646run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]647 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]648 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
649 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
650 localhost" \
651 0 \
652 -s "found psk key exchange modes extension" \
653 -s "found pre_shared_key extension" \
654 -s "Found PSK_EPHEMERAL KEX MODE" \
655 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]656 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]657 -S "key exchange mode: psk$" \
658 -S "key exchange mode: psk_ephemeral" \
659 -s "key exchange mode: ephemeral"
660
661requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]662requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]663requires_config_enabled MBEDTLS_SSL_SRV_C
664requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
667requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]668run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]669 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]670 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
671 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
672 localhost" \
673 1 \
674 -s "found psk key exchange modes extension" \
675 -s "found pre_shared_key extension" \
676 -s "Found PSK_EPHEMERAL KEX MODE" \
677 -S "Found PSK KEX MODE" \
678 -s "Invalid binder." \
679 -S "key exchange mode: psk$" \
680 -S "key exchange mode: psk_ephemeral" \
681 -S "key exchange mode: ephemeral"
682
683requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]684requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]685requires_config_enabled MBEDTLS_SSL_SRV_C
686requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]687requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
689requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]690run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]691 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]692 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
693 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
694 localhost" \
695 0 \
696 -s "found psk key exchange modes extension" \
697 -s "found pre_shared_key extension" \
698 -s "Found PSK_EPHEMERAL KEX MODE" \
699 -s "Found PSK KEX MODE" \
700 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]701 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]702 -S "key exchange mode: psk$" \
703 -s "key exchange mode: psk_ephemeral" \
704 -S "key exchange mode: ephemeral"
705
706requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]707requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]708requires_config_enabled MBEDTLS_SSL_SRV_C
709requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]710requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
711requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
712requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]713run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]714 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]715 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
716 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
717 localhost" \
718 0 \
719 -s "found psk key exchange modes extension" \
720 -s "found pre_shared_key extension" \
721 -s "Found PSK_EPHEMERAL KEX MODE" \
722 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]723 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]724 -S "key exchange mode: psk$" \
725 -S "key exchange mode: psk_ephemeral" \
726 -s "key exchange mode: ephemeral"
727
728requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]729requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]730requires_config_enabled MBEDTLS_SSL_SRV_C
731requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]732requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
733requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
734requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]735run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]736 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]737 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
738 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
739 localhost" \
740 1 \
741 -s "found psk key exchange modes extension" \
742 -s "found pre_shared_key extension" \
743 -s "Found PSK_EPHEMERAL KEX MODE" \
744 -s "Found PSK KEX MODE" \
745 -s "Invalid binder." \
746 -S "key exchange mode: psk$" \
747 -S "key exchange mode: psk_ephemeral" \
748 -S "key exchange mode: ephemeral"
749
750requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]751requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]752requires_config_enabled MBEDTLS_SSL_SRV_C
753requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]754requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
755requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]757run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]758 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]759 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
760 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
761 localhost" \
762 0 \
763 -s "found psk key exchange modes extension" \
764 -s "found pre_shared_key extension" \
765 -S "Found PSK_EPHEMERAL KEX MODE" \
766 -s "Found PSK KEX MODE" \
767 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]768 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]769 -S "key exchange mode: psk$" \
770 -S "key exchange mode: psk_ephemeral" \
771 -s "key exchange mode: ephemeral"
772
773requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]774requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]775requires_config_enabled MBEDTLS_SSL_SRV_C
776requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]777requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
778requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
779requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]780run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]781 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]782 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
783 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
784 localhost" \
785 1 \
786 -s "found psk key exchange modes extension" \
787 -s "found pre_shared_key extension" \
788 -S "Found PSK_EPHEMERAL KEX MODE" \
789 -s "Found PSK KEX MODE" \
790 -s "Invalid binder." \
791 -S "key exchange mode: psk$" \
792 -S "key exchange mode: psk_ephemeral" \
793 -S "key exchange mode: ephemeral"
794
795requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]796requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]797requires_config_enabled MBEDTLS_SSL_SRV_C
798requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]799requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
800requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]801run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]802 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]803 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
804 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
805 localhost" \
806 0 \
807 -s "found psk key exchange modes extension" \
808 -s "found pre_shared_key extension" \
809 -s "Found PSK_EPHEMERAL KEX MODE" \
810 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]811 -s "No suitable PSK key exchange mode" \
812 -S "Pre shared key found" \
813 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]814 -S "key exchange mode: psk$" \
815 -S "key exchange mode: psk_ephemeral" \
816 -s "key exchange mode: ephemeral"
817
818requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]819requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]820requires_config_enabled MBEDTLS_SSL_SRV_C
821requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]822requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
823requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]824run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]825 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]826 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
827 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
828 localhost" \
829 0 \
830 -s "found psk key exchange modes extension" \
831 -s "found pre_shared_key extension" \
832 -s "Found PSK_EPHEMERAL KEX MODE" \
833 -s "Found PSK KEX MODE" \
834 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]835 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]836 -S "key exchange mode: psk$" \
837 -S "key exchange mode: psk_ephemeral" \
838 -s "key exchange mode: ephemeral"
839
840requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]841requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]842requires_config_enabled MBEDTLS_SSL_SRV_C
843requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]844requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
845requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]846run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]847 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]848 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
849 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
850 localhost" \
851 1 \
852 -s "found psk key exchange modes extension" \
853 -s "found pre_shared_key extension" \
854 -s "Found PSK_EPHEMERAL KEX MODE" \
855 -s "Found PSK KEX MODE" \
856 -s "Invalid binder." \
857 -S "key exchange mode: psk$" \
858 -S "key exchange mode: psk_ephemeral" \
859 -S "key exchange mode: ephemeral"
860
861requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]862requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]863requires_config_enabled MBEDTLS_SSL_SRV_C
864requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]865requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
866requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]867run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]868 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]869 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
870 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
871 localhost" \
872 0 \
873 -s "found psk key exchange modes extension" \
874 -s "found pre_shared_key extension" \
875 -S "Found PSK_EPHEMERAL KEX MODE" \
876 -s "Found PSK KEX MODE" \
877 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]878 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]879 -S "key exchange mode: psk$" \
880 -S "key exchange mode: psk_ephemeral" \
881 -s "key exchange mode: ephemeral"
882
883requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]884requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]885requires_config_enabled MBEDTLS_SSL_SRV_C
886requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]887requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
888requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]889run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]890 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]891 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
892 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
893 localhost" \
894 1 \
895 -s "found psk key exchange modes extension" \
896 -s "found pre_shared_key extension" \
897 -S "Found PSK_EPHEMERAL KEX MODE" \
898 -s "Found PSK KEX MODE" \
899 -s "Invalid binder." \
900 -S "key exchange mode: psk$" \
901 -S "key exchange mode: psk_ephemeral" \
902 -S "key exchange mode: ephemeral"
903
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]904requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]905requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]906requires_config_enabled MBEDTLS_SSL_SRV_C
907requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]908requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]909requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]910run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]911 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]912 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
913 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
914 localhost" \
915 0 \
916 -s "write selected_group: secp256r1" \
917 -S "key exchange mode: psk$" \
918 -s "key exchange mode: psk_ephemeral" \
919 -S "key exchange mode: ephemeral"
920
921requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]922requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]923requires_config_enabled MBEDTLS_SSL_SRV_C
924requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]925requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]926requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]927run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]928 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]929 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
930 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
931 localhost" \
932 0 \
933 -s "write selected_group: secp384r1" \
934 -S "key exchange mode: psk$" \
935 -s "key exchange mode: psk_ephemeral" \
936 -S "key exchange mode: ephemeral"
937
938requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]939requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]940requires_config_enabled MBEDTLS_SSL_SRV_C
941requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]942requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]943requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]944run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]945 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]946 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
947 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
948 localhost" \
949 0 \
950 -s "write selected_group: secp521r1" \
951 -S "key exchange mode: psk$" \
952 -s "key exchange mode: psk_ephemeral" \
953 -S "key exchange mode: ephemeral"
954
955requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]956requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]957requires_config_enabled MBEDTLS_SSL_SRV_C
958requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]959requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]960requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]961run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]962 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]963 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
964 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
965 localhost" \
966 0 \
967 -s "write selected_group: x25519" \
968 -S "key exchange mode: psk$" \
969 -s "key exchange mode: psk_ephemeral" \
970 -S "key exchange mode: ephemeral"
971
972requires_gnutls_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]973requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]974requires_config_enabled MBEDTLS_SSL_SRV_C
975requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]977requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]978run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]979 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]980 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
981 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
982 localhost" \
983 0 \
984 -s "write selected_group: x448" \
985 -S "key exchange mode: psk$" \
986 -s "key exchange mode: psk_ephemeral" \
987 -S "key exchange mode: ephemeral"
988
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]989requires_openssl_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]990requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]991requires_config_enabled MBEDTLS_SSL_SRV_C
992requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]993requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]994run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]995 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]996 "$O_NEXT_CLI -tls1_3 -msg \
997 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
998 1 \
999 -s "found psk key exchange modes extension" \
1000 -s "found pre_shared_key extension" \
1001 -s "Found PSK_EPHEMERAL KEX MODE" \
1002 -S "Found PSK KEX MODE" \
1003 -S "key exchange mode: psk$" \
1004 -S "key exchange mode: psk_ephemeral" \
1005 -S "key exchange mode: ephemeral"
1006
1007requires_openssl_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1009requires_config_enabled MBEDTLS_SSL_SRV_C
1010requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1011requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1012run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1013 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1014 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1015 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1016 0 \
1017 -s "found psk key exchange modes extension" \
1018 -s "found pre_shared_key extension" \
1019 -s "Found PSK_EPHEMERAL KEX MODE" \
1020 -s "Found PSK KEX MODE" \
1021 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1022 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1023 -s "key exchange mode: psk$" \
1024 -S "key exchange mode: psk_ephemeral" \
1025 -S "key exchange mode: ephemeral"
1026
1027requires_openssl_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1028requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1029requires_config_enabled MBEDTLS_SSL_SRV_C
1030requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1031requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1032run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1033 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1034 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1035 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1036 1 \
1037 -s "found psk key exchange modes extension" \
1038 -s "found pre_shared_key extension" \
1039 -s "Found PSK_EPHEMERAL KEX MODE" \
1040 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1041 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1042 -S "key exchange mode: psk$" \
1043 -S "key exchange mode: psk_ephemeral" \
1044 -S "key exchange mode: ephemeral"
1045
1046requires_openssl_tls1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1047requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1048requires_config_enabled MBEDTLS_SSL_SRV_C
1049requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1050requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1051run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1052 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1053 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1054 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1055 1 \
1056 -s "found psk key exchange modes extension" \
1057 -s "found pre_shared_key extension" \
1058 -s "Found PSK_EPHEMERAL KEX MODE" \
1059 -s "Found PSK KEX MODE" \
1060 -s "Invalid binder." \
1061 -S "key exchange mode: psk$" \
1062 -S "key exchange mode: psk_ephemeral" \
1063 -S "key exchange mode: ephemeral"
1064
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1065requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1066requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1067requires_config_enabled MBEDTLS_SSL_SRV_C
1068requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1069requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1070run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1071 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1072 "$O_NEXT_CLI -tls1_3 -msg \
1073 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1074 0 \
1075 -s "found psk key exchange modes extension" \
1076 -s "found pre_shared_key extension" \
1077 -s "Found PSK_EPHEMERAL KEX MODE" \
1078 -S "Found PSK KEX MODE" \
1079 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1080 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1081 -S "key exchange mode: psk$" \
1082 -s "key exchange mode: psk_ephemeral" \
1083 -S "key exchange mode: ephemeral"
1084
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1085requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1086requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1087requires_config_enabled MBEDTLS_SSL_SRV_C
1088requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1089requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1090run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1091 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1092 "$O_NEXT_CLI -tls1_3 -msg \
1093 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1094 1 \
1095 -s "found psk key exchange modes extension" \
1096 -s "found pre_shared_key extension" \
1097 -s "Found PSK_EPHEMERAL KEX MODE" \
1098 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1099 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1100 -S "key exchange mode: psk$" \
1101 -S "key exchange mode: psk_ephemeral" \
1102 -S "key exchange mode: ephemeral"
1103
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1104requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1105requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1106requires_config_enabled MBEDTLS_SSL_SRV_C
1107requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1108requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1109run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1110 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1111 "$O_NEXT_CLI -tls1_3 -msg \
1112 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1113 1 \
1114 -s "found psk key exchange modes extension" \
1115 -s "found pre_shared_key extension" \
1116 -s "Found PSK_EPHEMERAL KEX MODE" \
1117 -S "Found PSK KEX MODE" \
1118 -s "Invalid binder." \
1119 -S "key exchange mode: psk$" \
1120 -S "key exchange mode: psk_ephemeral" \
1121 -S "key exchange mode: ephemeral"
1122
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1123requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1124requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1125requires_config_enabled MBEDTLS_SSL_SRV_C
1126requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1127requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1128run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1129 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1130 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1131 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1132 0 \
1133 -s "found psk key exchange modes extension" \
1134 -s "found pre_shared_key extension" \
1135 -s "Found PSK_EPHEMERAL KEX MODE" \
1136 -s "Found PSK KEX MODE" \
1137 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1138 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1139 -S "key exchange mode: psk$" \
1140 -s "key exchange mode: psk_ephemeral" \
1141 -S "key exchange mode: ephemeral"
1142
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1143requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1144requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1145requires_config_enabled MBEDTLS_SSL_SRV_C
1146requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1147requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1148run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1149 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1150 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1151 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1152 1 \
1153 -s "found psk key exchange modes extension" \
1154 -s "found pre_shared_key extension" \
1155 -s "Found PSK_EPHEMERAL KEX MODE" \
1156 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1157 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1158 -S "key exchange mode: psk$" \
1159 -S "key exchange mode: psk_ephemeral" \
1160 -S "key exchange mode: ephemeral"
1161
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1162requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1163requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1164requires_config_enabled MBEDTLS_SSL_SRV_C
1165requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1167run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1168 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1169 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1170 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1171 1 \
1172 -s "found psk key exchange modes extension" \
1173 -s "found pre_shared_key extension" \
1174 -s "Found PSK_EPHEMERAL KEX MODE" \
1175 -s "Found PSK KEX MODE" \
1176 -s "Invalid binder." \
1177 -S "key exchange mode: psk$" \
1178 -S "key exchange mode: psk_ephemeral" \
1179 -S "key exchange mode: ephemeral"
1180
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1181requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1182requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1183requires_config_enabled MBEDTLS_SSL_SRV_C
1184requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1185requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1186requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1187run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1188 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1189 "$O_NEXT_CLI -tls1_3 -msg \
1190 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1191 0 \
1192 -s "found psk key exchange modes extension" \
1193 -s "found pre_shared_key extension" \
1194 -s "Found PSK_EPHEMERAL KEX MODE" \
1195 -S "Found PSK KEX MODE" \
1196 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1197 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1198 -S "key exchange mode: psk$" \
1199 -s "key exchange mode: psk_ephemeral" \
1200 -S "key exchange mode: ephemeral"
1201
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1202requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1203requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1204requires_config_enabled MBEDTLS_SSL_SRV_C
1205requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1206requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1207requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1208run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1209 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1210 "$O_NEXT_CLI -tls1_3 -msg \
1211 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1212 1 \
1213 -s "found psk key exchange modes extension" \
1214 -s "found pre_shared_key extension" \
1215 -s "Found PSK_EPHEMERAL KEX MODE" \
1216 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1217 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1218 -S "key exchange mode: psk$" \
1219 -S "key exchange mode: psk_ephemeral" \
1220 -S "key exchange mode: ephemeral"
1221
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1222requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1223requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1224requires_config_enabled MBEDTLS_SSL_SRV_C
1225requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1226requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1227requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1228run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1229 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1230 "$O_NEXT_CLI -tls1_3 -msg \
1231 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1232 1 \
1233 -s "found psk key exchange modes extension" \
1234 -s "found pre_shared_key extension" \
1235 -s "Found PSK_EPHEMERAL KEX MODE" \
1236 -S "Found PSK KEX MODE" \
1237 -s "Invalid binder." \
1238 -S "key exchange mode: psk$" \
1239 -S "key exchange mode: psk_ephemeral" \
1240 -S "key exchange mode: ephemeral"
1241
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1242requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1243requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1244requires_config_enabled MBEDTLS_SSL_SRV_C
1245requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1246requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1247requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1248run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1249 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1250 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1251 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1252 0 \
1253 -s "found psk key exchange modes extension" \
1254 -s "found pre_shared_key extension" \
1255 -s "Found PSK_EPHEMERAL KEX MODE" \
1256 -s "Found PSK KEX MODE" \
1257 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1258 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1259 -S "key exchange mode: psk$" \
1260 -s "key exchange mode: psk_ephemeral" \
1261 -S "key exchange mode: ephemeral"
1262
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1263requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1265requires_config_enabled MBEDTLS_SSL_SRV_C
1266requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1267requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1269run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1270 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1271 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1272 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1273 1 \
1274 -s "found psk key exchange modes extension" \
1275 -s "found pre_shared_key extension" \
1276 -s "Found PSK_EPHEMERAL KEX MODE" \
1277 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1278 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1279 -S "key exchange mode: psk$" \
1280 -S "key exchange mode: psk_ephemeral" \
1281 -S "key exchange mode: ephemeral"
1282
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1283requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1284requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1285requires_config_enabled MBEDTLS_SSL_SRV_C
1286requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1287requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1288requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1289run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1290 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1291 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1292 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1293 1 \
1294 -s "found psk key exchange modes extension" \
1295 -s "found pre_shared_key extension" \
1296 -s "Found PSK_EPHEMERAL KEX MODE" \
1297 -s "Found PSK KEX MODE" \
1298 -s "Invalid binder." \
1299 -S "key exchange mode: psk$" \
1300 -S "key exchange mode: psk_ephemeral" \
1301 -S "key exchange mode: ephemeral"
1302
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1303requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1304requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1305requires_config_enabled MBEDTLS_SSL_SRV_C
1306requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1307requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1308requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1309run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1310 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1311 "$O_NEXT_CLI -tls1_3 -msg \
1312 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1313 0 \
1314 -s "found psk key exchange modes extension" \
1315 -s "found pre_shared_key extension" \
1316 -s "Found PSK_EPHEMERAL KEX MODE" \
1317 -S "Found PSK KEX MODE" \
1318 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1319 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1320 -S "key exchange mode: psk$" \
1321 -s "key exchange mode: psk_ephemeral" \
1322 -S "key exchange mode: ephemeral"
1323
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1324requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1325requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1326requires_config_enabled MBEDTLS_SSL_SRV_C
1327requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1330run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1331 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1332 "$O_NEXT_CLI -tls1_3 -msg \
1333 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1334 0 \
1335 -s "found psk key exchange modes extension" \
1336 -s "found pre_shared_key extension" \
1337 -s "Found PSK_EPHEMERAL KEX MODE" \
1338 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1339 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1340 -S "key exchange mode: psk$" \
1341 -S "key exchange mode: psk_ephemeral" \
1342 -s "key exchange mode: ephemeral"
1343
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1344requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1345requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1346requires_config_enabled MBEDTLS_SSL_SRV_C
1347requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1350run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1351 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1352 "$O_NEXT_CLI -tls1_3 -msg \
1353 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1354 1 \
1355 -s "found psk key exchange modes extension" \
1356 -s "found pre_shared_key extension" \
1357 -s "Found PSK_EPHEMERAL KEX MODE" \
1358 -S "Found PSK KEX MODE" \
1359 -s "Invalid binder." \
1360 -S "key exchange mode: psk$" \
1361 -S "key exchange mode: psk_ephemeral" \
1362 -S "key exchange mode: ephemeral"
1363
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1364requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1365requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1366requires_config_enabled MBEDTLS_SSL_SRV_C
1367requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1370run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1371 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1372 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1373 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1374 0 \
1375 -s "found psk key exchange modes extension" \
1376 -s "found pre_shared_key extension" \
1377 -s "Found PSK_EPHEMERAL KEX MODE" \
1378 -s "Found PSK KEX MODE" \
1379 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1380 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1381 -S "key exchange mode: psk$" \
1382 -s "key exchange mode: psk_ephemeral" \
1383 -S "key exchange mode: ephemeral"
1384
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1385requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1386requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1387requires_config_enabled MBEDTLS_SSL_SRV_C
1388requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1390requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1391run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1392 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1393 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1394 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1395 0 \
1396 -s "found psk key exchange modes extension" \
1397 -s "found pre_shared_key extension" \
1398 -s "Found PSK_EPHEMERAL KEX MODE" \
1399 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1400 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1401 -S "key exchange mode: psk$" \
1402 -S "key exchange mode: psk_ephemeral" \
1403 -s "key exchange mode: ephemeral"
1404
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1405requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1406requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1407requires_config_enabled MBEDTLS_SSL_SRV_C
1408requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1409requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1410requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1411run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1412 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1413 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1414 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1415 1 \
1416 -s "found psk key exchange modes extension" \
1417 -s "found pre_shared_key extension" \
1418 -s "Found PSK_EPHEMERAL KEX MODE" \
1419 -s "Found PSK KEX MODE" \
1420 -s "Invalid binder." \
1421 -S "key exchange mode: psk$" \
1422 -S "key exchange mode: psk_ephemeral" \
1423 -S "key exchange mode: ephemeral"
1424
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1425requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1426requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1427requires_config_enabled MBEDTLS_SSL_SRV_C
1428requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1429requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1430requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1431requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1432run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1433 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1434 "$O_NEXT_CLI -tls1_3 -msg \
1435 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1436 0 \
1437 -s "found psk key exchange modes extension" \
1438 -s "found pre_shared_key extension" \
1439 -s "Found PSK_EPHEMERAL KEX MODE" \
1440 -S "Found PSK KEX MODE" \
1441 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1442 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1443 -S "key exchange mode: psk$" \
1444 -s "key exchange mode: psk_ephemeral" \
1445 -S "key exchange mode: ephemeral"
1446
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1447requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1448requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1449requires_config_enabled MBEDTLS_SSL_SRV_C
1450requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1451requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1452requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1453requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1454run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1455 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1456 "$O_NEXT_CLI -tls1_3 -msg \
1457 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1458 0 \
1459 -s "found psk key exchange modes extension" \
1460 -s "found pre_shared_key extension" \
1461 -s "Found PSK_EPHEMERAL KEX MODE" \
1462 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1463 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1464 -S "key exchange mode: psk$" \
1465 -S "key exchange mode: psk_ephemeral" \
1466 -s "key exchange mode: ephemeral"
1467
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1468requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1469requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1470requires_config_enabled MBEDTLS_SSL_SRV_C
1471requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1472requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1473requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1474requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1475run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1476 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1477 "$O_NEXT_CLI -tls1_3 -msg \
1478 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1479 1 \
1480 -s "found psk key exchange modes extension" \
1481 -s "found pre_shared_key extension" \
1482 -s "Found PSK_EPHEMERAL KEX MODE" \
1483 -S "Found PSK KEX MODE" \
1484 -s "Invalid binder." \
1485 -S "key exchange mode: psk$" \
1486 -S "key exchange mode: psk_ephemeral" \
1487 -S "key exchange mode: ephemeral"
1488
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1489requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1490requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1491requires_config_enabled MBEDTLS_SSL_SRV_C
1492requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1493requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1496run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1497 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1498 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1499 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1500 0 \
1501 -s "found psk key exchange modes extension" \
1502 -s "found pre_shared_key extension" \
1503 -s "Found PSK_EPHEMERAL KEX MODE" \
1504 -s "Found PSK KEX MODE" \
1505 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1506 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1507 -S "key exchange mode: psk$" \
1508 -s "key exchange mode: psk_ephemeral" \
1509 -S "key exchange mode: ephemeral"
1510
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1511requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1512requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1513requires_config_enabled MBEDTLS_SSL_SRV_C
1514requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1517requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1518run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1519 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1520 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1521 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1522 0 \
1523 -s "found psk key exchange modes extension" \
1524 -s "found pre_shared_key extension" \
1525 -s "Found PSK_EPHEMERAL KEX MODE" \
1526 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1527 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1528 -S "key exchange mode: psk$" \
1529 -S "key exchange mode: psk_ephemeral" \
1530 -s "key exchange mode: ephemeral"
1531
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1532requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1533requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1534requires_config_enabled MBEDTLS_SSL_SRV_C
1535requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1536requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1537requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1539run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1540 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1541 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1542 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1543 1 \
1544 -s "found psk key exchange modes extension" \
1545 -s "found pre_shared_key extension" \
1546 -s "Found PSK_EPHEMERAL KEX MODE" \
1547 -s "Found PSK KEX MODE" \
1548 -s "Invalid binder." \
1549 -S "key exchange mode: psk$" \
1550 -S "key exchange mode: psk_ephemeral" \
1551 -S "key exchange mode: ephemeral"
1552
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1553requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1554requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1555requires_config_enabled MBEDTLS_SSL_SRV_C
1556requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1557requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1558requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1559run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1560 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1561 "$O_NEXT_CLI -tls1_3 -msg \
1562 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1563 0 \
1564 -s "found psk key exchange modes extension" \
1565 -s "found pre_shared_key extension" \
1566 -s "Found PSK_EPHEMERAL KEX MODE" \
1567 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1568 -s "No suitable PSK key exchange mode" \
1569 -S "Pre shared key found" \
1570 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1571 -S "key exchange mode: psk$" \
1572 -S "key exchange mode: psk_ephemeral" \
1573 -s "key exchange mode: ephemeral"
1574
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1575requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1576requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1577requires_config_enabled MBEDTLS_SSL_SRV_C
1578requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1579requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1580requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1581run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1582 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1583 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1584 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1585 0 \
1586 -s "found psk key exchange modes extension" \
1587 -s "found pre_shared_key extension" \
1588 -s "Found PSK_EPHEMERAL KEX MODE" \
1589 -s "Found PSK KEX MODE" \
1590 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1591 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1592 -S "key exchange mode: psk$" \
1593 -S "key exchange mode: psk_ephemeral" \
1594 -s "key exchange mode: ephemeral"
1595
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1596requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1597requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1598requires_config_enabled MBEDTLS_SSL_SRV_C
1599requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1600requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1601requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1602run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1603 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1604 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1605 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1606 1 \
1607 -s "found psk key exchange modes extension" \
1608 -s "found pre_shared_key extension" \
1609 -s "Found PSK_EPHEMERAL KEX MODE" \
1610 -s "Found PSK KEX MODE" \
1611 -s "Invalid binder." \
1612 -S "key exchange mode: psk$" \
1613 -S "key exchange mode: psk_ephemeral" \
1614 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1615
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1616requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1617requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1618requires_config_enabled MBEDTLS_SSL_SRV_C
1619requires_config_enabled MBEDTLS_DEBUG_C
1620requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1621requires_config_enabled PSA_WANT_ALG_ECDH
1622requires_config_enabled PSA_WANT_ECC_SECP_R1_256
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1623run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1624 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1625 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1626 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1627 0 \
1628 -s "write selected_group: secp256r1" \
1629 -S "key exchange mode: psk$" \
1630 -s "key exchange mode: psk_ephemeral" \
1631 -S "key exchange mode: ephemeral"
1632
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1633requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1634requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1635requires_config_enabled MBEDTLS_SSL_SRV_C
1636requires_config_enabled MBEDTLS_DEBUG_C
1637requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1638requires_config_enabled PSA_WANT_ALG_ECDH
1639requires_config_enabled PSA_WANT_ECC_SECP_R1_384
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1640run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1641 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1642 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1643 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1644 0 \
1645 -s "write selected_group: secp384r1" \
1646 -S "key exchange mode: psk$" \
1647 -s "key exchange mode: psk_ephemeral" \
1648 -S "key exchange mode: ephemeral"
1649
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1650requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1651requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1652requires_config_enabled MBEDTLS_SSL_SRV_C
1653requires_config_enabled MBEDTLS_DEBUG_C
1654requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1655requires_config_enabled PSA_WANT_ALG_ECDH
1656requires_config_enabled PSA_WANT_ECC_SECP_R1_521
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1657run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1658 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1659 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1660 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1661 0 \
1662 -s "write selected_group: secp521r1" \
1663 -S "key exchange mode: psk$" \
1664 -s "key exchange mode: psk_ephemeral" \
1665 -S "key exchange mode: ephemeral"
1666
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1667requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1668requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1669requires_config_enabled MBEDTLS_SSL_SRV_C
1670requires_config_enabled MBEDTLS_DEBUG_C
1671requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1672requires_config_enabled PSA_WANT_ALG_ECDH
1673requires_config_enabled PSA_WANT_ECC_MONTGOMERY_255
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1674run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1675 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1676 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1677 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1678 0 \
1679 -s "write selected_group: x25519" \
1680 -S "key exchange mode: psk$" \
1681 -s "key exchange mode: psk_ephemeral" \
1682 -S "key exchange mode: ephemeral"
1683
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1684requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1685requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1686requires_config_enabled MBEDTLS_SSL_SRV_C
1687requires_config_enabled MBEDTLS_DEBUG_C
1688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1689requires_config_enabled PSA_WANT_ALG_ECDH
1690requires_config_enabled PSA_WANT_ECC_MONTGOMERY_448
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1691run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1692 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1693 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1694 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1695 0 \
1696 -s "write selected_group: x448" \
1697 -S "key exchange mode: psk$" \
1698 -s "key exchange mode: psk_ephemeral" \
1699 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1700
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1701requires_openssl_tls1_3_with_compatible_ephemeral
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1702requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1703requires_config_enabled MBEDTLS_SSL_SRV_C
1704requires_config_enabled MBEDTLS_DEBUG_C
1705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1706requires_config_enabled PSA_WANT_ALG_ECDH
1707requires_config_enabled PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1708run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1709 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1710 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1711 0 \
1712 -s "write selected_group: secp384r1" \
1713 -s "HRR selected_group: secp384r1" \
1714 -S "key exchange mode: psk$" \
1715 -s "key exchange mode: psk_ephemeral" \
1716 -S "key exchange mode: ephemeral"
1717
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1718requires_gnutls_tls1_3
1719requires_gnutls_next_no_ticket
1720requires_gnutls_next_disable_tls13_compat
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1721requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Gilles Peskine365296a2024-09-13 14:15:46 +0200[diff] [blame]1722requires_config_enabled MBEDTLS_SSL_SRV_C
1723requires_config_enabled MBEDTLS_DEBUG_C
1724requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1725requires_config_enabled PSA_WANT_ALG_ECDH
1726requires_config_enabled PSA_WANT_ECC_SECP_R1_384
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1727run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1728 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1729 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1730 0 \
1731 -s "write selected_group: secp384r1" \
1732 -s "HRR selected_group: secp384r1" \
1733 -S "key exchange mode: psk$" \
1734 -s "key exchange mode: psk_ephemeral" \
1735 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1736
1737
1738# Add psk test cases for mbedtls client code
1739
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1740# MbedTls->MbedTLS kinds of tls13_kex_modes
1741# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1742requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1743requires_config_enabled MBEDTLS_SSL_SRV_C
1744requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1745requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1746run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1747 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1748 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1749 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1750 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1751 -c "client hello, adding psk_key_exchange_modes extension" \
1752 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1753 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1754 -c "HTTP/1.0 200 OK"
1755
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1756requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1757requires_config_enabled MBEDTLS_SSL_SRV_C
1758requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1759requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1760run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1761 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1762 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1763 1 \
1764 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1765 -c "client hello, adding psk_key_exchange_modes extension" \
1766 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1767 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1768
1769requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1770requires_config_enabled MBEDTLS_SSL_SRV_C
1771requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1772requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1773run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1774 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1775 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1776 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1777 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1778 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1779 -c "client hello, adding PSK binder list" \
1780 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1781
1782requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1783requires_config_enabled MBEDTLS_SSL_SRV_C
1784requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1785requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1786requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1787run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1788 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1789 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1790 1 \
1791 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1792 -c "client hello, adding psk_key_exchange_modes extension" \
1793 -c "client hello, adding PSK binder list" \
1794 -s "ClientHello message misses mandatory extensions."
1795
1796requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1797requires_config_enabled MBEDTLS_SSL_SRV_C
1798requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1799requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1800requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1801run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1802 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1803 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1804 1 \
1805 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1806 -c "client hello, adding psk_key_exchange_modes extension" \
1807 -c "client hello, adding PSK binder list" \
1808 -s "ClientHello message misses mandatory extensions."
1809
1810requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1811requires_config_enabled MBEDTLS_SSL_SRV_C
1812requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1813requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1814requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1815requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1816run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1817 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1818 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1819 1 \
1820 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1821 -c "client hello, adding psk_key_exchange_modes extension" \
1822 -c "client hello, adding PSK binder list" \
1823 -s "ClientHello message misses mandatory extensions."
1824
1825requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1826requires_config_enabled MBEDTLS_SSL_SRV_C
1827requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1828requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1829requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1830run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1831 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1832 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1833 0 \
1834 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1835 -c "client hello, adding psk_key_exchange_modes extension" \
1836 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1837 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1838 -c "HTTP/1.0 200 OK"
1839
1840requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1841requires_config_enabled MBEDTLS_SSL_SRV_C
1842requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1843requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1844requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1845run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1846 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1847 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1848 1 \
1849 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1850 -c "client hello, adding psk_key_exchange_modes extension" \
1851 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1852 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1853 -s "ClientHello message misses mandatory extensions."
1854
1855requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1856requires_config_enabled MBEDTLS_SSL_SRV_C
1857requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1858requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1859requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1860run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1861 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1862 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1863 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1864 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1865 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1866 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1867 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1868
1869requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1870requires_config_enabled MBEDTLS_SSL_SRV_C
1871requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1872requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1873requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1874requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1875run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1876 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1877 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1878 0 \
1879 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1880 -c "client hello, adding psk_key_exchange_modes extension" \
1881 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1882 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1883 -c "HTTP/1.0 200 OK"
1884
1885requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1886requires_config_enabled MBEDTLS_SSL_SRV_C
1887requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1888requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1889requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1890requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1891run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1892 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1893 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1894 1 \
1895 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1896 -c "client hello, adding psk_key_exchange_modes extension" \
1897 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1898 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1899 -s "ClientHello message misses mandatory extensions."
1900
1901requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1902requires_config_enabled MBEDTLS_SSL_SRV_C
1903requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1904requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1905requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1906requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1907run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1908 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1909 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1910 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1911 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1912 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1913 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1914 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1915
1916# psk_ephemeral mode in client
1917requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1918requires_config_enabled MBEDTLS_SSL_SRV_C
1919requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1920requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1921requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1922run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1923 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1924 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1925 1 \
1926 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1927 -c "client hello, adding psk_key_exchange_modes extension" \
1928 -c "client hello, adding PSK binder list" \
1929 -s "ClientHello message misses mandatory extensions."
1930
1931requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1932requires_config_enabled MBEDTLS_SSL_SRV_C
1933requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1934requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1935run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1936 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1937 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1938 0 \
1939 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1940 -c "client hello, adding psk_key_exchange_modes extension" \
1941 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1942 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1943 -c "HTTP/1.0 200 OK"
1944
1945requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1946requires_config_enabled MBEDTLS_SSL_SRV_C
1947requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1948requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1949run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1950 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1951 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1952 1 \
1953 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1954 -c "client hello, adding psk_key_exchange_modes extension" \
1955 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1956 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1957 -s "ClientHello message misses mandatory extensions."
1958
1959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1960requires_config_enabled MBEDTLS_SSL_SRV_C
1961requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1962requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1963run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1964 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1965 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1966 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1967 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1968 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1969 -c "client hello, adding PSK binder list" \
1970 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1971
1972requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1973requires_config_enabled MBEDTLS_SSL_SRV_C
1974requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1975requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1977run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1978 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1979 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1980 1 \
1981 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1982 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1983 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1984
1985requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1986requires_config_enabled MBEDTLS_SSL_SRV_C
1987requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1988requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1989requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1990run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1991 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1992 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1993 0 \
1994 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1995 -c "client hello, adding psk_key_exchange_modes extension" \
1996 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1997 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1998 -c "HTTP/1.0 200 OK"
1999
2000requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2001requires_config_enabled MBEDTLS_SSL_SRV_C
2002requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2003requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2004requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2005run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2006 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2007 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2008 1 \
2009 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2010 -c "client hello, adding psk_key_exchange_modes extension" \
2011 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2012 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2013
2014requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2015requires_config_enabled MBEDTLS_SSL_SRV_C
2016requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2017requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2018requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2019run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2020 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2021 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2022 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2023 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2024 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2025 -c "client hello, adding PSK binder list" \
2026 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2027
2028requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2029requires_config_enabled MBEDTLS_SSL_SRV_C
2030requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2031requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2032requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2033run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2034 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2035 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2036 0 \
2037 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2038 -c "client hello, adding psk_key_exchange_modes extension" \
2039 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2040 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2041 -c "HTTP/1.0 200 OK"
2042
2043requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2044requires_config_enabled MBEDTLS_SSL_SRV_C
2045requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2046requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2047requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2048run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2049 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2050 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2051 1 \
2052 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2053 -c "client hello, adding psk_key_exchange_modes extension" \
2054 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2055 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2056 -s "ClientHello message misses mandatory extensions."
2057
2058requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2059requires_config_enabled MBEDTLS_SSL_SRV_C
2060requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2061requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2062requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2063run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2064 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2065 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2066 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2067 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2068 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2069 -c "client hello, adding PSK binder list" \
2070 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2071
2072requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2073requires_config_enabled MBEDTLS_SSL_SRV_C
2074requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2075requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2077requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2078run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2079 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2080 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2081 0 \
2082 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2083 -c "client hello, adding psk_key_exchange_modes extension" \
2084 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2085 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2086 -c "HTTP/1.0 200 OK"
2087
2088requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2089requires_config_enabled MBEDTLS_SSL_SRV_C
2090requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2092requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2093requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2094run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2095 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2096 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2097 1 \
2098 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2099 -c "client hello, adding psk_key_exchange_modes extension" \
2100 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2101 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2102
2103requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2104requires_config_enabled MBEDTLS_SSL_SRV_C
2105requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2107requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2108requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2109run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2110 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2111 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2112 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2113 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2114 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2115 -c "client hello, adding PSK binder list" \
2116 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2117
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2118# ephemeral mode in client
2119requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2120requires_config_enabled MBEDTLS_SSL_SRV_C
2121requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2122requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2123requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2124run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2125 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2126 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2127 1 \
2128 -s "ClientHello message misses mandatory extensions."
2129
2130requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2131requires_config_enabled MBEDTLS_SSL_SRV_C
2132requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2133requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2134requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2135run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2136 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2137 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2138 1 \
2139 -s "ClientHello message misses mandatory extensions."
2140
2141requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2142requires_config_enabled MBEDTLS_SSL_SRV_C
2143requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2145run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2146 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2147 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2148 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2149 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2150 -c "HTTP/1.0 200 OK"
2151
2152requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2153requires_config_enabled MBEDTLS_SSL_SRV_C
2154requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2155requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2156requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2157run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2158 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2159 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2160 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2161 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2162 -c "HTTP/1.0 200 OK"
2163
2164requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2165requires_config_enabled MBEDTLS_SSL_SRV_C
2166requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2167requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2168requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2169requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2170run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2171 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2172 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2173 1 \
2174 -s "ClientHello message misses mandatory extensions."
2175
2176requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2177requires_config_enabled MBEDTLS_SSL_SRV_C
2178requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2180requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2181requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2182run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2183 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2184 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2185 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2186 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2187 -c "HTTP/1.0 200 OK"
2188
2189# ephemeral_all mode in client
2190requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2191requires_config_enabled MBEDTLS_SSL_SRV_C
2192requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2193requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2194requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2195requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2196run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2197 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2198 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2199 1 \
2200 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2201 -c "client hello, adding psk_key_exchange_modes extension" \
2202 -c "client hello, adding PSK binder list" \
2203 -s "ClientHello message misses mandatory extensions."
2204
2205requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2206requires_config_enabled MBEDTLS_SSL_SRV_C
2207requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2208requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2209requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2210run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2211 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2212 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2213 0 \
2214 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2215 -c "client hello, adding psk_key_exchange_modes extension" \
2216 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2217 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2218 -c "HTTP/1.0 200 OK"
2219
2220requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2221requires_config_enabled MBEDTLS_SSL_SRV_C
2222requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2224requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2225run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2226 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2227 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2228 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2229 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2230 -c "client hello, adding psk_key_exchange_modes extension" \
2231 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2232 -s "No usable PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2233
2234requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2235requires_config_enabled MBEDTLS_SSL_SRV_C
2236requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2238requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2239run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2240 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2241 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2242 1 \
2243 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2244 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2245 -c "client hello, adding PSK binder list" \
2246 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2247
2248requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2249requires_config_enabled MBEDTLS_SSL_SRV_C
2250requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2251requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2253run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2254 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2255 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2256 0 \
2257 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2258 -c "client hello, adding psk_key_exchange_modes extension" \
2259 -c "client hello, adding PSK binder list" \
2260 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2261 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2262 -c "HTTP/1.0 200 OK"
2263
2264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2265requires_config_enabled MBEDTLS_SSL_SRV_C
2266requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2267requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2269run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2270 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2271 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2272 0 \
2273 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2274 -c "client hello, adding psk_key_exchange_modes extension" \
2275 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2276 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2277 -c "HTTP/1.0 200 OK"
2278
2279requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2280requires_config_enabled MBEDTLS_SSL_SRV_C
2281requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2282requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2283requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2284run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2285 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2286 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2287 0 \
2288 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2289 -c "client hello, adding psk_key_exchange_modes extension" \
2290 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2291 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2292 -s "key exchange mode: ephemeral"
2293
2294requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2295requires_config_enabled MBEDTLS_SSL_SRV_C
2296requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2297requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2298requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2299run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2300 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2301 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2302 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2303 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2304 -c "client hello, adding psk_key_exchange_modes extension" \
2305 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2306 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2307
2308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2309requires_config_enabled MBEDTLS_SSL_SRV_C
2310requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2314run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2315 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2316 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2317 0 \
2318 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2319 -c "client hello, adding psk_key_exchange_modes extension" \
2320 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2321 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2322 -c "HTTP/1.0 200 OK"
2323
2324requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2325requires_config_enabled MBEDTLS_SSL_SRV_C
2326requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2327requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2330run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2331 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2332 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2333 1 \
2334 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2335 -c "client hello, adding psk_key_exchange_modes extension" \
2336 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2337 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2338 -s "ClientHello message misses mandatory extensions."
2339
2340requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2341requires_config_enabled MBEDTLS_SSL_SRV_C
2342requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2343requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2344requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2345requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2346run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2347 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2348 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2349 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2350 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2351 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2352 -c "client hello, adding PSK binder list" \
2353 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2354
2355requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2356requires_config_enabled MBEDTLS_SSL_SRV_C
2357requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2358requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2359requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2360requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2361run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2362 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2363 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2364 0 \
2365 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2366 -c "client hello, adding psk_key_exchange_modes extension" \
2367 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2368 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2369 -c "HTTP/1.0 200 OK"
2370
2371requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2372requires_config_enabled MBEDTLS_SSL_SRV_C
2373requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2374requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2375requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2376requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2377run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2378 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2379 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2380 0 \
2381 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2382 -c "client hello, adding psk_key_exchange_modes extension" \
2383 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2384 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2385 -s "key exchange mode: ephemeral"
2386
2387requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2388requires_config_enabled MBEDTLS_SSL_SRV_C
2389requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2390requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2391requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2392requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2393run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2394 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2395 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2396 1 \
2397 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2398 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2399 -c "client hello, adding PSK binder list" \
2400 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2401
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2402# psk_all mode in client
2403requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2404requires_config_enabled MBEDTLS_SSL_SRV_C
2405requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2408run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2409 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2410 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2411 0 \
2412 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2413 -c "client hello, adding psk_key_exchange_modes extension" \
2414 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2415 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2416 -c "HTTP/1.0 200 OK"
2417
2418requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2419requires_config_enabled MBEDTLS_SSL_SRV_C
2420requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2421requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2422requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2423run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2424 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2425 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2426 1 \
2427 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2428 -c "client hello, adding psk_key_exchange_modes extension" \
2429 -c "client hello, adding PSK binder list" \
2430 -s "ClientHello message misses mandatory extensions."
2431
2432requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2433requires_config_enabled MBEDTLS_SSL_SRV_C
2434requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2435requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2436requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2437run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2438 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2439 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2440 1 \
2441 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2442 -c "client hello, adding psk_key_exchange_modes extension" \
2443 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2444 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2445
2446requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2447requires_config_enabled MBEDTLS_SSL_SRV_C
2448requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2449requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2450requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2451run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2452 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2453 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2454 0 \
2455 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2456 -c "client hello, adding psk_key_exchange_modes extension" \
2457 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2458 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2459 -c "HTTP/1.0 200 OK"
2460
2461requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2462requires_config_enabled MBEDTLS_SSL_SRV_C
2463requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2466run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2467 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2468 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2469 1 \
2470 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2471 -c "client hello, adding psk_key_exchange_modes extension" \
2472 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2473 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2474 -s "ClientHello message misses mandatory extensions."
2475
2476requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2477requires_config_enabled MBEDTLS_SSL_SRV_C
2478requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2479requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2480requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2481run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2482 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2483 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2484 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2485 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2486 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2487 -c "client hello, adding PSK binder list" \
2488 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489
2490requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2491requires_config_enabled MBEDTLS_SSL_SRV_C
2492requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2493requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2494requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2495requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2496run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2497 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2498 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2499 1 \
2500 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2501 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2502 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503
2504requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2505requires_config_enabled MBEDTLS_SSL_SRV_C
2506requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2507requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2508requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2509requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2510run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2511 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2512 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2513 0 \
2514 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2515 -c "client hello, adding psk_key_exchange_modes extension" \
2516 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2517 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2518 -c "HTTP/1.0 200 OK"
2519
2520requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2521requires_config_enabled MBEDTLS_SSL_SRV_C
2522requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2524requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2526run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2527 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2528 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2529 1 \
2530 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2531 -c "client hello, adding psk_key_exchange_modes extension" \
2532 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2533 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2534
2535requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2536requires_config_enabled MBEDTLS_SSL_SRV_C
2537requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2538requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2539requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2540requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2541run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2542 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2543 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2544 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2545 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2546 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2547 -c "client hello, adding PSK binder list" \
2548 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2549
2550requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2551requires_config_enabled MBEDTLS_SSL_SRV_C
2552requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2553requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2554requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2555run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2556 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2557 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2558 0 \
2559 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2560 -c "client hello, adding psk_key_exchange_modes extension" \
2561 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2562 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2563 -c "HTTP/1.0 200 OK"
2564
2565requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2566requires_config_enabled MBEDTLS_SSL_SRV_C
2567requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2568requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2569requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2570run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2571 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2572 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2573 1 \
2574 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2575 -c "client hello, adding psk_key_exchange_modes extension" \
2576 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2577 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2578 -s "ClientHello message misses mandatory extensions."
2579
2580requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2581requires_config_enabled MBEDTLS_SSL_SRV_C
2582requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2585run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2586 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2587 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2588 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2589 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2590 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2591 -c "client hello, adding PSK binder list" \
2592 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2593
2594requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2595requires_config_enabled MBEDTLS_SSL_SRV_C
2596requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2597requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2598requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2599requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2600run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2601 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2602 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2603 0 \
2604 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2605 -c "client hello, adding psk_key_exchange_modes extension" \
2606 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2607 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2608 -c "HTTP/1.0 200 OK"
2609
2610requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2611requires_config_enabled MBEDTLS_SSL_SRV_C
2612requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2613requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2614requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2615requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2616run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2617 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2618 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2619 1 \
2620 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2621 -c "client hello, adding psk_key_exchange_modes extension" \
2622 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2623 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2624
2625requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2626requires_config_enabled MBEDTLS_SSL_SRV_C
2627requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2628requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2629requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2630requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2631run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2632 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2633 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2634 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2635 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2636 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2637 -c "client hello, adding PSK binder list" \
2638 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2639
2640# all mode in client
2641requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2642requires_config_enabled MBEDTLS_SSL_SRV_C
2643requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2646requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2647run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2648 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2649 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2650 0 \
2651 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2652 -c "client hello, adding psk_key_exchange_modes extension" \
2653 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2654 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2655 -c "HTTP/1.0 200 OK"
2656
2657requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2658requires_config_enabled MBEDTLS_SSL_SRV_C
2659requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2660requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2661requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2662requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2663run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2664 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2665 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2666 1 \
2667 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2668 -c "client hello, adding psk_key_exchange_modes extension" \
2669 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2670 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2671 -s "ClientHello message misses mandatory extensions."
2672
2673requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2674requires_config_enabled MBEDTLS_SSL_SRV_C
2675requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2676requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2677requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2678requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2679run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2680 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2681 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2682 1 \
2683 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2684 -c "client hello, adding psk_key_exchange_modes extension" \
2685 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2686 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2687
2688requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2689requires_config_enabled MBEDTLS_SSL_SRV_C
2690requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2691requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2692requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2693requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2694run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2695 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2696 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2697 0 \
2698 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2699 -c "client hello, adding psk_key_exchange_modes extension" \
2700 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2701 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2702 -c "HTTP/1.0 200 OK"
2703
2704requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2705requires_config_enabled MBEDTLS_SSL_SRV_C
2706requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2708requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2709requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2710run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2711 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2712 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2713 1 \
2714 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2715 -c "client hello, adding psk_key_exchange_modes extension" \
2716 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2717 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2718 -s "ClientHello message misses mandatory extensions."
2719
2720requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2721requires_config_enabled MBEDTLS_SSL_SRV_C
2722requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2723requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2724requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2725requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2726run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2727 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2728 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2729 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2730 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2731 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2732 -c "client hello, adding PSK binder list" \
2733 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2734
2735requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2736requires_config_enabled MBEDTLS_SSL_SRV_C
2737requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2738requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2739requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2740requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2741run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2742 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2743 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2744 0 \
2745 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2746 -c "client hello, adding psk_key_exchange_modes extension" \
2747 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2748 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2749 -c "HTTP/1.0 200 OK"
2750
2751requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2752requires_config_enabled MBEDTLS_SSL_SRV_C
2753requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2754requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2755requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2757run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2758 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2759 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2760 0 \
2761 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2762 -c "client hello, adding psk_key_exchange_modes extension" \
2763 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2764 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2765 -c "HTTP/1.0 200 OK"
2766
2767requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2768requires_config_enabled MBEDTLS_SSL_SRV_C
2769requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2770requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2771requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2772requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2773run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2774 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2775 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2776 0 \
2777 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2778 -c "client hello, adding psk_key_exchange_modes extension" \
2779 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2780 -s "No usable PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2781 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2782 -c "HTTP/1.0 200 OK"
2783
2784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2785requires_config_enabled MBEDTLS_SSL_SRV_C
2786requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2787requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2788requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2789requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2790run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2791 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2792 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2793 1 \
2794 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2795 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2796 -c "client hello, adding PSK binder list" \
2797 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2798
2799requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2800requires_config_enabled MBEDTLS_SSL_SRV_C
2801requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2802requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2803requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2804requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2805run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2806 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2807 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2808 0 \
2809 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2810 -c "client hello, adding psk_key_exchange_modes extension" \
2811 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2812 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2813 -c "HTTP/1.0 200 OK"
2814
2815requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2816requires_config_enabled MBEDTLS_SSL_SRV_C
2817requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2818requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2819requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2820requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2821run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2822 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2823 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2824 1 \
2825 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2826 -c "client hello, adding psk_key_exchange_modes extension" \
2827 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2828 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2829 -s "ClientHello message misses mandatory extensions."
2830
2831requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2832requires_config_enabled MBEDTLS_SSL_SRV_C
2833requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2834requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2835requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2836requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2837run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2838 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2839 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2840 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2841 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2842 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2843 -c "client hello, adding PSK binder list" \
2844 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2845
2846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2847requires_config_enabled MBEDTLS_SSL_SRV_C
2848requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2849requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2850requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2851requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2852run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2853 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2854 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2855 0 \
2856 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2857 -c "client hello, adding psk_key_exchange_modes extension" \
2858 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2859 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2860 -c "HTTP/1.0 200 OK"
2861
2862requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2863requires_config_enabled MBEDTLS_SSL_SRV_C
2864requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2865requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2866requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2867requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2868run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2869 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2870 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2871 0 \
2872 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2873 -c "client hello, adding psk_key_exchange_modes extension" \
2874 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2875 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2876 -s "key exchange mode: ephemeral"
2877
2878requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2879requires_config_enabled MBEDTLS_SSL_SRV_C
2880requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2881requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2882requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2883requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2884run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2885 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2886 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2887 1 \
2888 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2889 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2890 -c "client hello, adding PSK binder list" \
2891 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2892
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2893#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2894requires_openssl_tls1_3
2895requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2896requires_config_enabled MBEDTLS_DEBUG_C
2897requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2898requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2899run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2900 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2901 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2902 0 \
2903 -c "=> write client hello" \
2904 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2905 -c "client hello, adding psk_key_exchange_modes extension" \
2906 -c "client hello, adding PSK binder list" \
2907 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2908 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2909 -c "HTTP/1.0 200 ok"
2910
2911requires_openssl_tls1_3
2912requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2913requires_config_enabled MBEDTLS_DEBUG_C
2914requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2916run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2917 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2918 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2919 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2920 -c "=> write client hello" \
2921 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2922 -c "client hello, adding psk_key_exchange_modes extension" \
2923 -c "client hello, adding PSK binder list" \
2924 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2925 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2926
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2927#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2928requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2929requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2930requires_config_enabled MBEDTLS_DEBUG_C
2931requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2932requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2933requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2934run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2935 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2936 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2937 0 \
2938 -c "=> write client hello" \
2939 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2940 -c "client hello, adding psk_key_exchange_modes extension" \
2941 -c "client hello, adding PSK binder list" \
2942 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2943 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2944 -c "HTTP/1.0 200 ok"
2945
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2946requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2947requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2948requires_config_enabled MBEDTLS_DEBUG_C
2949requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2950requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2951requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2952run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2953 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2954 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2955 0 \
2956 -c "=> write client hello" \
2957 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2958 -c "client hello, adding psk_key_exchange_modes extension" \
2959 -c "client hello, adding PSK binder list" \
2960 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2961 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2962 -c "HTTP/1.0 200 ok"
2963
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2964#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2965requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2966requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2967requires_config_enabled MBEDTLS_DEBUG_C
2968requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2969requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2970run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2971 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2972 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2973 0 \
2974 -c "=> write client hello" \
2975 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2976 -c "client hello, adding psk_key_exchange_modes extension" \
2977 -c "client hello, adding PSK binder list" \
2978 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2979 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2980 -c "HTTP/1.0 200 ok"
2981
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2982requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2983requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2984requires_config_enabled MBEDTLS_DEBUG_C
2985requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2986requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2987run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2988 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2989 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2990 0 \
2991 -c "=> write client hello" \
2992 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2993 -c "client hello, adding psk_key_exchange_modes extension" \
2994 -c "client hello, adding PSK binder list" \
2995 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2996 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2997 -c "HTTP/1.0 200 ok"
2998
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2999#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3000requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3001requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3002requires_config_enabled MBEDTLS_DEBUG_C
3003requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3004requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3005run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3006 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3007 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3008 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3009 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3010 -c "HTTP/1.0 200 ok"
3011
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3012requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3013requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3014requires_config_enabled MBEDTLS_DEBUG_C
3015requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3016requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3017run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3018 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3019 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3020 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3021 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]3022 -c "HTTP/1.0 200 ok"
3023
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3024#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3025requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3026requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3027requires_config_enabled MBEDTLS_DEBUG_C
3028requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3029requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3030requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3031run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3032 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3033 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3034 0 \
3035 -c "=> write client hello" \
3036 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3037 -c "client hello, adding psk_key_exchange_modes extension" \
3038 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3039 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3040 -c "<= write client hello" \
3041 -c "HTTP/1.0 200 ok"
3042
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3043requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3044requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3045requires_config_enabled MBEDTLS_DEBUG_C
3046requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3047requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3048requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3049run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3050 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3051 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3052 0 \
3053 -c "=> write client hello" \
3054 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3055 -c "client hello, adding psk_key_exchange_modes extension" \
3056 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3057 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3058 -c "<= write client hello" \
3059 -c "HTTP/1.0 200 ok"
3060
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3061#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3062requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3064requires_config_enabled MBEDTLS_DEBUG_C
3065requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3066requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3067requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3068requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3069run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3070 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3071 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3072 0 \
3073 -c "=> write client hello" \
3074 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3075 -c "client hello, adding psk_key_exchange_modes extension" \
3076 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3077 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3078 -c "<= write client hello" \
3079 -c "HTTP/1.0 200 ok"
3080
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]3081requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3083requires_config_enabled MBEDTLS_DEBUG_C
3084requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3085requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3086requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3087requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3088run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3089 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3090 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
3091 0 \
3092 -c "=> write client hello" \
3093 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3094 -c "client hello, adding psk_key_exchange_modes extension" \
3095 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3096 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3097 -c "<= write client hello" \
3098 -c "HTTP/1.0 200 ok"
3099
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3100#GNUTLS-SERVER psk mode
3101requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3102requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3103requires_config_enabled MBEDTLS_DEBUG_C
3104requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3105requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3106run_test "TLS 1.3: m->G: psk/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3107 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3108 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3109 0 \
3110 -c "=> write client hello" \
3111 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3112 -c "client hello, adding psk_key_exchange_modes extension" \
3113 -c "client hello, adding PSK binder list" \
3114 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3115 -s "Parsing extension 'Pre Shared Key/41'" \
3116 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3117 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3118 -c "HTTP/1.0 200 OK"
3119
3120requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3121requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3122requires_config_enabled MBEDTLS_DEBUG_C
3123requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3125run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3126 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3127 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3128 1 \
3129 -c "=> write client hello" \
3130 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3131 -c "client hello, adding psk_key_exchange_modes extension" \
3132 -c "client hello, adding PSK binder list" \
3133 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3134 -s "Parsing extension 'Pre Shared Key/41'" \
3135 -c "<= write client hello" \
3136 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3137
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3138#GNUTLS-SERVER psk_all mode
3139requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3140requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3141requires_config_enabled MBEDTLS_DEBUG_C
3142requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3144requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3145run_test "TLS 1.3: m->G: psk_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3146 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3147 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3148 0 \
3149 -c "=> write client hello" \
3150 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3151 -c "client hello, adding psk_key_exchange_modes extension" \
3152 -c "client hello, adding PSK binder list" \
3153 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3154 -s "Parsing extension 'Pre Shared Key/41'" \
3155 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3156 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3157 -c "HTTP/1.0 200 OK"
3158
3159requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3160requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3161requires_config_enabled MBEDTLS_DEBUG_C
3162requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3163requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3164requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3165run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3166 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3167 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3168 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3169 -c "=> write client hello" \
3170 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3171 -c "client hello, adding psk_key_exchange_modes extension" \
3172 -c "client hello, adding PSK binder list" \
3173 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3174 -s "Parsing extension 'Pre Shared Key/41'" \
3175 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3176 -c "Selected key exchange mode: psk_ephemeral" \
3177 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3178
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3179#GNUTLS-SERVER psk_ephemeral mode
3180requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3181requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3182requires_config_enabled MBEDTLS_DEBUG_C
3183requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3184requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3185run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3186 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3187 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3188 0 \
3189 -c "=> write client hello" \
3190 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3191 -c "client hello, adding psk_key_exchange_modes extension" \
3192 -c "client hello, adding PSK binder list" \
3193 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3194 -s "Parsing extension 'Pre Shared Key/41'" \
3195 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3196 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3197 -c "HTTP/1.0 200 OK"
3198
3199requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3200requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3201requires_config_enabled MBEDTLS_DEBUG_C
3202requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3203requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3204run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3205 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3206 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3207 0 \
3208 -c "=> write client hello" \
3209 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3210 -c "client hello, adding psk_key_exchange_modes extension" \
3211 -c "client hello, adding PSK binder list" \
3212 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3213 -s "Parsing extension 'Pre Shared Key/41'" \
3214 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3215 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3216 -c "HTTP/1.0 200 OK"
3217
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3218#GNUTLS-SERVER ephemeral mode
3219requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3220requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3221requires_config_enabled MBEDTLS_DEBUG_C
3222requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3223requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3224run_test "TLS 1.3: m->G: ephemeral/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3225 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3226 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3227 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3228 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3229 -c "HTTP/1.0 200 OK"
3230
3231requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3232requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3233requires_config_enabled MBEDTLS_DEBUG_C
3234requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3235requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3236run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3237 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3238 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3239 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3240 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3241 -c "HTTP/1.0 200 OK"
3242
3243#GNUTLS-SERVER ephemeral_all mode
3244requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3245requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3246requires_config_enabled MBEDTLS_DEBUG_C
3247requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3248requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3249requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3250run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3251 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3252 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3253 0 \
3254 -c "=> write client hello" \
3255 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3256 -c "client hello, adding psk_key_exchange_modes extension" \
3257 -c "client hello, adding PSK binder list" \
3258 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3259 -s "Parsing extension 'Pre Shared Key/41'" \
3260 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3261 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3262 -c "HTTP/1.0 200 OK"
3263
3264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3265requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3266requires_config_enabled MBEDTLS_DEBUG_C
3267requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3268requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3269requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3270run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3271 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3272 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3273 0 \
3274 -c "=> write client hello" \
3275 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3276 -c "client hello, adding psk_key_exchange_modes extension" \
3277 -c "client hello, adding PSK binder list" \
3278 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3279 -s "Parsing extension 'Pre Shared Key/41'" \
3280 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3281 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3282 -c "HTTP/1.0 200 OK"
3283
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3284#GNUTLS-SERVER all mode
3285requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3286requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3287requires_config_enabled MBEDTLS_DEBUG_C
3288requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3289requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3292run_test "TLS 1.3: m->G: all/all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3293 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3294 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3295 0 \
3296 -c "=> write client hello" \
3297 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3298 -c "client hello, adding psk_key_exchange_modes extension" \
3299 -c "client hello, adding PSK binder list" \
3300 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3301 -s "Parsing extension 'Pre Shared Key/41'" \
3302 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3303 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3304 -c "HTTP/1.0 200 OK"
3305
3306requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3307requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3308requires_config_enabled MBEDTLS_DEBUG_C
3309requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3313run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
David Horstmann9c4dd4e2024-06-11 17:44:00 +0100[diff] [blame]3314 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=../framework/data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3315 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3316 0 \
3317 -c "=> write client hello" \
3318 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3319 -c "client hello, adding psk_key_exchange_modes extension" \
3320 -c "client hello, adding PSK binder list" \
3321 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3322 -s "Parsing extension 'Pre Shared Key/41'" \
3323 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3324 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3325 -c "HTTP/1.0 200 OK"