TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/move-test-code-to-framework / . / tests / opt-testcases / tls13-kex-modes.sh
blob: 49f06e07159e84096e0bd408e427ebff27599d78 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]6# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]7#
8
Jerry Yu97be6a92022-11-09 22:43:31 +0800[diff] [blame]9# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by
Jerry Yu616ba752022-11-08 21:49:47 +0800[diff] [blame]10# scripts in future(#6280)
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]11
12requires_gnutls_tls1_3
13requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]14requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]15run_test "TLS 1.3: G->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]16 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]17 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
18 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
19 localhost" \
20 0 \
21 -s "found psk key exchange modes extension" \
22 -s "found pre_shared_key extension" \
23 -s "Found PSK_EPHEMERAL KEX MODE" \
24 -s "Found PSK KEX MODE" \
25 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]26 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]27 -s "key exchange mode: psk$" \
28 -S "key exchange mode: psk_ephemeral" \
29 -S "key exchange mode: ephemeral"
30
31requires_gnutls_tls1_3
32requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]33requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]34run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]35 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]36 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
37 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
38 localhost" \
39 1 \
40 -s "found psk key exchange modes extension" \
41 -s "found pre_shared_key extension" \
42 -s "Found PSK_EPHEMERAL KEX MODE" \
43 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]44 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]45 -S "key exchange mode: psk$" \
46 -S "key exchange mode: psk_ephemeral" \
47 -S "key exchange mode: ephemeral"
48
49requires_gnutls_tls1_3
50requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]51requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]52run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]53 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]54 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
55 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
56 localhost" \
57 1 \
58 -s "found psk key exchange modes extension" \
59 -s "found pre_shared_key extension" \
60 -s "Found PSK_EPHEMERAL KEX MODE" \
61 -s "Found PSK KEX MODE" \
62 -s "Invalid binder." \
63 -S "key exchange mode: psk$" \
64 -S "key exchange mode: psk_ephemeral" \
65 -S "key exchange mode: ephemeral"
66
67requires_gnutls_tls1_3
68requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]69requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]70run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]71 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]72 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
73 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
74 localhost" \
75 0 \
76 -s "found psk key exchange modes extension" \
77 -s "found pre_shared_key extension" \
78 -S "Found PSK_EPHEMERAL KEX MODE" \
79 -s "Found PSK KEX MODE" \
80 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]81 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]82 -s "key exchange mode: psk$" \
83 -S "key exchange mode: psk_ephemeral" \
84 -S "key exchange mode: ephemeral"
85
86requires_gnutls_tls1_3
87requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]88requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]89run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]90 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]91 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
92 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
93 localhost" \
94 1 \
95 -s "found psk key exchange modes extension" \
96 -s "found pre_shared_key extension" \
97 -S "Found PSK_EPHEMERAL KEX MODE" \
98 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]99 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]100 -S "key exchange mode: psk$" \
101 -S "key exchange mode: psk_ephemeral" \
102 -S "key exchange mode: ephemeral"
103
104requires_gnutls_tls1_3
105requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]106requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]107run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]108 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]109 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
110 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
111 localhost" \
112 1 \
113 -s "found psk key exchange modes extension" \
114 -s "found pre_shared_key extension" \
115 -S "Found PSK_EPHEMERAL KEX MODE" \
116 -s "Found PSK KEX MODE" \
117 -s "Invalid binder." \
118 -S "key exchange mode: psk$" \
119 -S "key exchange mode: psk_ephemeral" \
120 -S "key exchange mode: ephemeral"
121
122requires_gnutls_tls1_3
123requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]124requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]125run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]126 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]127 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
128 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
129 localhost" \
130 0 \
131 -s "found psk key exchange modes extension" \
132 -s "found pre_shared_key extension" \
133 -s "Found PSK_EPHEMERAL KEX MODE" \
134 -S "Found PSK KEX MODE" \
135 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]136 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]137 -S "key exchange mode: psk$" \
138 -s "key exchange mode: psk_ephemeral" \
139 -S "key exchange mode: ephemeral"
140
141requires_gnutls_tls1_3
142requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]143requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]144run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]145 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]146 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
147 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
148 localhost" \
149 1 \
150 -s "found psk key exchange modes extension" \
151 -s "found pre_shared_key extension" \
152 -s "Found PSK_EPHEMERAL KEX MODE" \
153 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]154 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]155 -S "key exchange mode: psk$" \
156 -S "key exchange mode: psk_ephemeral" \
157 -S "key exchange mode: ephemeral"
158
159requires_gnutls_tls1_3
160requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]161requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]162run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]163 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]164 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
165 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
166 localhost" \
167 1 \
168 -s "found psk key exchange modes extension" \
169 -s "found pre_shared_key extension" \
170 -s "Found PSK_EPHEMERAL KEX MODE" \
171 -S "Found PSK KEX MODE" \
172 -s "Invalid binder." \
173 -S "key exchange mode: psk$" \
174 -S "key exchange mode: psk_ephemeral" \
175 -S "key exchange mode: ephemeral"
176
177requires_gnutls_tls1_3
178requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]180run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]181 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]182 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
183 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
184 localhost" \
185 0 \
186 -s "found psk key exchange modes extension" \
187 -s "found pre_shared_key extension" \
188 -s "Found PSK_EPHEMERAL KEX MODE" \
189 -s "Found PSK KEX MODE" \
190 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]191 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]192 -S "key exchange mode: psk$" \
193 -s "key exchange mode: psk_ephemeral" \
194 -S "key exchange mode: ephemeral"
195
196requires_gnutls_tls1_3
197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]198requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]199run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]200 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]201 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
202 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
203 localhost" \
204 1 \
205 -s "found psk key exchange modes extension" \
206 -s "found pre_shared_key extension" \
207 -s "Found PSK_EPHEMERAL KEX MODE" \
208 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]209 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]210 -S "key exchange mode: psk$" \
211 -S "key exchange mode: psk_ephemeral" \
212 -S "key exchange mode: ephemeral"
213
214requires_gnutls_tls1_3
215requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]216requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]217run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]218 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]219 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
220 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
221 localhost" \
222 1 \
223 -s "found psk key exchange modes extension" \
224 -s "found pre_shared_key extension" \
225 -s "Found PSK_EPHEMERAL KEX MODE" \
226 -s "Found PSK KEX MODE" \
227 -s "Invalid binder." \
228 -S "key exchange mode: psk$" \
229 -S "key exchange mode: psk_ephemeral" \
230 -S "key exchange mode: ephemeral"
231
232requires_gnutls_tls1_3
233requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]234requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]235run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]236 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]237 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
238 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
239 localhost" \
240 1 \
241 -s "found psk key exchange modes extension" \
242 -s "found pre_shared_key extension" \
243 -S "Found PSK_EPHEMERAL KEX MODE" \
244 -s "Found PSK KEX MODE" \
245 -S "key exchange mode: psk$" \
246 -S "key exchange mode: psk_ephemeral" \
247 -S "key exchange mode: ephemeral"
248
249requires_gnutls_tls1_3
250requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]251requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
252requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]253run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]254 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]255 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
256 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
257 localhost" \
258 0 \
259 -s "found psk key exchange modes extension" \
260 -s "found pre_shared_key extension" \
261 -s "Found PSK_EPHEMERAL KEX MODE" \
262 -S "Found PSK KEX MODE" \
263 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]264 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]265 -S "key exchange mode: psk$" \
266 -s "key exchange mode: psk_ephemeral" \
267 -S "key exchange mode: ephemeral"
268
269requires_gnutls_tls1_3
270requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
272requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]273run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]274 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]275 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
276 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
277 localhost" \
278 1 \
279 -s "found psk key exchange modes extension" \
280 -s "found pre_shared_key extension" \
281 -s "Found PSK_EPHEMERAL KEX MODE" \
282 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]283 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]284 -S "key exchange mode: psk$" \
285 -S "key exchange mode: psk_ephemeral" \
286 -S "key exchange mode: ephemeral"
287
288requires_gnutls_tls1_3
289requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]290requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]292run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]293 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]294 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
295 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
296 localhost" \
297 1 \
298 -s "found psk key exchange modes extension" \
299 -s "found pre_shared_key extension" \
300 -s "Found PSK_EPHEMERAL KEX MODE" \
301 -S "Found PSK KEX MODE" \
302 -s "Invalid binder." \
303 -S "key exchange mode: psk$" \
304 -S "key exchange mode: psk_ephemeral" \
305 -S "key exchange mode: ephemeral"
306
307requires_gnutls_tls1_3
308requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]309requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
310requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]311run_test "TLS 1.3: G->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]312 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]313 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
314 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
315 localhost" \
316 0 \
317 -s "found psk key exchange modes extension" \
318 -s "found pre_shared_key extension" \
319 -s "Found PSK_EPHEMERAL KEX MODE" \
320 -s "Found PSK KEX MODE" \
321 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]322 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]323 -S "key exchange mode: psk$" \
324 -s "key exchange mode: psk_ephemeral" \
325 -S "key exchange mode: ephemeral"
326
327requires_gnutls_tls1_3
328requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]331run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]332 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]333 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
334 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
335 localhost" \
336 1 \
337 -s "found psk key exchange modes extension" \
338 -s "found pre_shared_key extension" \
339 -s "Found PSK_EPHEMERAL KEX MODE" \
340 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]341 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]342 -S "key exchange mode: psk$" \
343 -S "key exchange mode: psk_ephemeral" \
344 -S "key exchange mode: ephemeral"
345
346requires_gnutls_tls1_3
347requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]348requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]350run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]351 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]352 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
353 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
354 localhost" \
355 1 \
356 -s "found psk key exchange modes extension" \
357 -s "found pre_shared_key extension" \
358 -s "Found PSK_EPHEMERAL KEX MODE" \
359 -s "Found PSK KEX MODE" \
360 -s "Invalid binder." \
361 -S "key exchange mode: psk$" \
362 -S "key exchange mode: psk_ephemeral" \
363 -S "key exchange mode: ephemeral"
364
365requires_gnutls_tls1_3
366requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]367requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
368requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]369run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]370 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]371 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
372 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
373 localhost" \
374 0 \
375 -s "found psk key exchange modes extension" \
376 -s "found pre_shared_key extension" \
377 -S "Found PSK_EPHEMERAL KEX MODE" \
378 -s "Found PSK KEX MODE" \
379 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]380 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]381 -s "key exchange mode: psk$" \
382 -S "key exchange mode: psk_ephemeral" \
383 -S "key exchange mode: ephemeral"
384
385requires_gnutls_tls1_3
386requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]387requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]389run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]390 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]391 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
392 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
393 localhost" \
394 1 \
395 -s "found psk key exchange modes extension" \
396 -s "found pre_shared_key extension" \
397 -S "Found PSK_EPHEMERAL KEX MODE" \
398 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]399 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]400 -S "key exchange mode: psk$" \
401 -S "key exchange mode: psk_ephemeral" \
402 -S "key exchange mode: ephemeral"
403
404requires_gnutls_tls1_3
405requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]406requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]408run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]409 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]410 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
411 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
412 localhost" \
413 1 \
414 -s "found psk key exchange modes extension" \
415 -s "found pre_shared_key extension" \
416 -S "Found PSK_EPHEMERAL KEX MODE" \
417 -s "Found PSK KEX MODE" \
418 -s "Invalid binder." \
419 -S "key exchange mode: psk$" \
420 -S "key exchange mode: psk_ephemeral" \
421 -S "key exchange mode: ephemeral"
422
423requires_gnutls_tls1_3
424requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]425requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
426requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]427run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]428 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]429 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
430 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
431 localhost" \
432 0 \
433 -s "found psk key exchange modes extension" \
434 -s "found pre_shared_key extension" \
435 -s "Found PSK_EPHEMERAL KEX MODE" \
436 -S "Found PSK KEX MODE" \
437 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]438 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]439 -S "key exchange mode: psk$" \
440 -s "key exchange mode: psk_ephemeral" \
441 -S "key exchange mode: ephemeral"
442
443requires_gnutls_tls1_3
444requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]445requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]447run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]448 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]449 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
450 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
451 localhost" \
452 0 \
453 -s "found psk key exchange modes extension" \
454 -s "found pre_shared_key extension" \
455 -s "Found PSK_EPHEMERAL KEX MODE" \
456 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]457 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]458 -S "key exchange mode: psk$" \
459 -S "key exchange mode: psk_ephemeral" \
460 -s "key exchange mode: ephemeral"
461
462requires_gnutls_tls1_3
463requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]466run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]467 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]468 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
469 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
470 localhost" \
471 1 \
472 -s "found psk key exchange modes extension" \
473 -s "found pre_shared_key extension" \
474 -s "Found PSK_EPHEMERAL KEX MODE" \
475 -S "Found PSK KEX MODE" \
476 -s "Invalid binder." \
477 -S "key exchange mode: psk$" \
478 -S "key exchange mode: psk_ephemeral" \
479 -S "key exchange mode: ephemeral"
480
481requires_gnutls_tls1_3
482requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]483requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
484requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]485run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]486 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]487 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
488 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
489 localhost" \
490 0 \
491 -s "found psk key exchange modes extension" \
492 -s "found pre_shared_key extension" \
493 -s "Found PSK_EPHEMERAL KEX MODE" \
494 -s "Found PSK KEX MODE" \
495 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]496 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]497 -S "key exchange mode: psk$" \
498 -s "key exchange mode: psk_ephemeral" \
499 -S "key exchange mode: ephemeral"
500
501requires_gnutls_tls1_3
502requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]503requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
504requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]505run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]506 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]507 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
508 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
509 localhost" \
510 0 \
511 -s "found psk key exchange modes extension" \
512 -s "found pre_shared_key extension" \
513 -s "Found PSK_EPHEMERAL KEX MODE" \
514 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]515 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]516 -S "key exchange mode: psk$" \
517 -S "key exchange mode: psk_ephemeral" \
518 -s "key exchange mode: ephemeral"
519
520requires_gnutls_tls1_3
521requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]522requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
523requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]524run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]525 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]526 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
527 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
528 localhost" \
529 1 \
530 -s "found psk key exchange modes extension" \
531 -s "found pre_shared_key extension" \
532 -s "Found PSK_EPHEMERAL KEX MODE" \
533 -s "Found PSK KEX MODE" \
534 -s "Invalid binder." \
535 -S "key exchange mode: psk$" \
536 -S "key exchange mode: psk_ephemeral" \
537 -S "key exchange mode: ephemeral"
538
539requires_gnutls_tls1_3
540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]541requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
542requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]543run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]544 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]545 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
546 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
547 localhost" \
548 0 \
549 -s "found psk key exchange modes extension" \
550 -s "found pre_shared_key extension" \
551 -S "Found PSK_EPHEMERAL KEX MODE" \
552 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]553 -s "No suitable PSK key exchange mode" \
554 -S "Pre shared key found" \
555 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]556 -S "key exchange mode: psk$" \
557 -S "key exchange mode: psk_ephemeral" \
558 -s "key exchange mode: ephemeral"
559
560requires_gnutls_tls1_3
561requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]562requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
563requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
564requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]565run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]566 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]567 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
568 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
569 localhost" \
570 0 \
571 -s "found psk key exchange modes extension" \
572 -s "found pre_shared_key extension" \
573 -s "Found PSK_EPHEMERAL KEX MODE" \
574 -S "Found PSK KEX MODE" \
575 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]576 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]577 -S "key exchange mode: psk$" \
578 -s "key exchange mode: psk_ephemeral" \
579 -S "key exchange mode: ephemeral"
580
581requires_gnutls_tls1_3
582requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]583requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
584requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
585requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]586run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]587 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]588 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
589 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
590 localhost" \
591 0 \
592 -s "found psk key exchange modes extension" \
593 -s "found pre_shared_key extension" \
594 -s "Found PSK_EPHEMERAL KEX MODE" \
595 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]596 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]597 -S "key exchange mode: psk$" \
598 -S "key exchange mode: psk_ephemeral" \
599 -s "key exchange mode: ephemeral"
600
601requires_gnutls_tls1_3
602requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]603requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]606run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]607 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]608 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
609 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
610 localhost" \
611 1 \
612 -s "found psk key exchange modes extension" \
613 -s "found pre_shared_key extension" \
614 -s "Found PSK_EPHEMERAL KEX MODE" \
615 -S "Found PSK KEX MODE" \
616 -s "Invalid binder." \
617 -S "key exchange mode: psk$" \
618 -S "key exchange mode: psk_ephemeral" \
619 -S "key exchange mode: ephemeral"
620
621requires_gnutls_tls1_3
622requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
624requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
625requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]626run_test "TLS 1.3: G->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]627 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]628 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
629 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
630 localhost" \
631 0 \
632 -s "found psk key exchange modes extension" \
633 -s "found pre_shared_key extension" \
634 -s "Found PSK_EPHEMERAL KEX MODE" \
635 -s "Found PSK KEX MODE" \
636 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]637 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]638 -S "key exchange mode: psk$" \
639 -s "key exchange mode: psk_ephemeral" \
640 -S "key exchange mode: ephemeral"
641
642requires_gnutls_tls1_3
643requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]644requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
645requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
646requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]647run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]648 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]649 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
650 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
651 localhost" \
652 0 \
653 -s "found psk key exchange modes extension" \
654 -s "found pre_shared_key extension" \
655 -s "Found PSK_EPHEMERAL KEX MODE" \
656 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]657 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]658 -S "key exchange mode: psk$" \
659 -S "key exchange mode: psk_ephemeral" \
660 -s "key exchange mode: ephemeral"
661
662requires_gnutls_tls1_3
663requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]664requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
665requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
666requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]667run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]668 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]669 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
670 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
671 localhost" \
672 1 \
673 -s "found psk key exchange modes extension" \
674 -s "found pre_shared_key extension" \
675 -s "Found PSK_EPHEMERAL KEX MODE" \
676 -s "Found PSK KEX MODE" \
677 -s "Invalid binder." \
678 -S "key exchange mode: psk$" \
679 -S "key exchange mode: psk_ephemeral" \
680 -S "key exchange mode: ephemeral"
681
682requires_gnutls_tls1_3
683requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]684requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
686requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]687run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]688 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]689 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
690 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
691 localhost" \
692 0 \
693 -s "found psk key exchange modes extension" \
694 -s "found pre_shared_key extension" \
695 -S "Found PSK_EPHEMERAL KEX MODE" \
696 -s "Found PSK KEX MODE" \
697 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]698 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]699 -S "key exchange mode: psk$" \
700 -S "key exchange mode: psk_ephemeral" \
701 -s "key exchange mode: ephemeral"
702
703requires_gnutls_tls1_3
704requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]705requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
706requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]708run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]709 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]710 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
711 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
712 localhost" \
713 1 \
714 -s "found psk key exchange modes extension" \
715 -s "found pre_shared_key extension" \
716 -S "Found PSK_EPHEMERAL KEX MODE" \
717 -s "Found PSK KEX MODE" \
718 -s "Invalid binder." \
719 -S "key exchange mode: psk$" \
720 -S "key exchange mode: psk_ephemeral" \
721 -S "key exchange mode: ephemeral"
722
723requires_gnutls_tls1_3
724requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]725requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
726requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]727run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]728 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]729 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
730 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
731 localhost" \
732 0 \
733 -s "found psk key exchange modes extension" \
734 -s "found pre_shared_key extension" \
735 -s "Found PSK_EPHEMERAL KEX MODE" \
736 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]737 -s "No suitable PSK key exchange mode" \
738 -S "Pre shared key found" \
739 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]740 -S "key exchange mode: psk$" \
741 -S "key exchange mode: psk_ephemeral" \
742 -s "key exchange mode: ephemeral"
743
744requires_gnutls_tls1_3
745requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]746requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
747requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]748run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]749 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]750 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
751 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
752 localhost" \
753 0 \
754 -s "found psk key exchange modes extension" \
755 -s "found pre_shared_key extension" \
756 -s "Found PSK_EPHEMERAL KEX MODE" \
757 -s "Found PSK KEX MODE" \
758 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]759 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]760 -S "key exchange mode: psk$" \
761 -S "key exchange mode: psk_ephemeral" \
762 -s "key exchange mode: ephemeral"
763
764requires_gnutls_tls1_3
765requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]766requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
767requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]768run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]769 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]770 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
771 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
772 localhost" \
773 1 \
774 -s "found psk key exchange modes extension" \
775 -s "found pre_shared_key extension" \
776 -s "Found PSK_EPHEMERAL KEX MODE" \
777 -s "Found PSK KEX MODE" \
778 -s "Invalid binder." \
779 -S "key exchange mode: psk$" \
780 -S "key exchange mode: psk_ephemeral" \
781 -S "key exchange mode: ephemeral"
782
783requires_gnutls_tls1_3
784requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]785requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
786requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]787run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]788 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]789 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
790 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
791 localhost" \
792 0 \
793 -s "found psk key exchange modes extension" \
794 -s "found pre_shared_key extension" \
795 -S "Found PSK_EPHEMERAL KEX MODE" \
796 -s "Found PSK KEX MODE" \
797 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]798 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]799 -S "key exchange mode: psk$" \
800 -S "key exchange mode: psk_ephemeral" \
801 -s "key exchange mode: ephemeral"
802
803requires_gnutls_tls1_3
804requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]805requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
806requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]807run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]808 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]809 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
810 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
811 localhost" \
812 1 \
813 -s "found psk key exchange modes extension" \
814 -s "found pre_shared_key extension" \
815 -S "Found PSK_EPHEMERAL KEX MODE" \
816 -s "Found PSK KEX MODE" \
817 -s "Invalid binder." \
818 -S "key exchange mode: psk$" \
819 -S "key exchange mode: psk_ephemeral" \
820 -S "key exchange mode: ephemeral"
821
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]822requires_gnutls_tls1_3
823requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]824requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]825requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]826run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]827 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]828 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
829 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
830 localhost" \
831 0 \
832 -s "write selected_group: secp256r1" \
833 -S "key exchange mode: psk$" \
834 -s "key exchange mode: psk_ephemeral" \
835 -S "key exchange mode: ephemeral"
836
837requires_gnutls_tls1_3
838requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]839requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]840requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]841run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]842 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]843 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
844 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
845 localhost" \
846 0 \
847 -s "write selected_group: secp384r1" \
848 -S "key exchange mode: psk$" \
849 -s "key exchange mode: psk_ephemeral" \
850 -S "key exchange mode: ephemeral"
851
852requires_gnutls_tls1_3
853requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]854requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]855requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]856run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]857 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]858 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
859 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
860 localhost" \
861 0 \
862 -s "write selected_group: secp521r1" \
863 -S "key exchange mode: psk$" \
864 -s "key exchange mode: psk_ephemeral" \
865 -S "key exchange mode: ephemeral"
866
867requires_gnutls_tls1_3
868requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]869requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]870requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]871run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]872 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]873 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
874 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
875 localhost" \
876 0 \
877 -s "write selected_group: x25519" \
878 -S "key exchange mode: psk$" \
879 -s "key exchange mode: psk_ephemeral" \
880 -S "key exchange mode: ephemeral"
881
882requires_gnutls_tls1_3
883requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]884requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]885requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]886run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]887 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]888 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
889 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
890 localhost" \
891 0 \
892 -s "write selected_group: x448" \
893 -S "key exchange mode: psk$" \
894 -s "key exchange mode: psk_ephemeral" \
895 -S "key exchange mode: ephemeral"
896
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]897requires_openssl_tls1_3
898requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]899requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]900run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]901 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]902 "$O_NEXT_CLI -tls1_3 -msg \
903 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
904 1 \
905 -s "found psk key exchange modes extension" \
906 -s "found pre_shared_key extension" \
907 -s "Found PSK_EPHEMERAL KEX MODE" \
908 -S "Found PSK KEX MODE" \
909 -S "key exchange mode: psk$" \
910 -S "key exchange mode: psk_ephemeral" \
911 -S "key exchange mode: ephemeral"
912
913requires_openssl_tls1_3
914requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]915requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]916run_test "TLS 1.3: O->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]917 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]918 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
919 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
920 0 \
921 -s "found psk key exchange modes extension" \
922 -s "found pre_shared_key extension" \
923 -s "Found PSK_EPHEMERAL KEX MODE" \
924 -s "Found PSK KEX MODE" \
925 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]926 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]927 -s "key exchange mode: psk$" \
928 -S "key exchange mode: psk_ephemeral" \
929 -S "key exchange mode: ephemeral"
930
931requires_openssl_tls1_3
932requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]933requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]934run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]935 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]936 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
937 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
938 1 \
939 -s "found psk key exchange modes extension" \
940 -s "found pre_shared_key extension" \
941 -s "Found PSK_EPHEMERAL KEX MODE" \
942 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]943 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]944 -S "key exchange mode: psk$" \
945 -S "key exchange mode: psk_ephemeral" \
946 -S "key exchange mode: ephemeral"
947
948requires_openssl_tls1_3
949requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]950requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]951run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]952 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]953 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
954 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
955 1 \
956 -s "found psk key exchange modes extension" \
957 -s "found pre_shared_key extension" \
958 -s "Found PSK_EPHEMERAL KEX MODE" \
959 -s "Found PSK KEX MODE" \
960 -s "Invalid binder." \
961 -S "key exchange mode: psk$" \
962 -S "key exchange mode: psk_ephemeral" \
963 -S "key exchange mode: ephemeral"
964
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]965requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]966requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]967requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]968run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]969 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]970 "$O_NEXT_CLI -tls1_3 -msg \
971 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
972 0 \
973 -s "found psk key exchange modes extension" \
974 -s "found pre_shared_key extension" \
975 -s "Found PSK_EPHEMERAL KEX MODE" \
976 -S "Found PSK KEX MODE" \
977 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]978 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]979 -S "key exchange mode: psk$" \
980 -s "key exchange mode: psk_ephemeral" \
981 -S "key exchange mode: ephemeral"
982
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]983requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]984requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]985requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]986run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]987 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]988 "$O_NEXT_CLI -tls1_3 -msg \
989 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
990 1 \
991 -s "found psk key exchange modes extension" \
992 -s "found pre_shared_key extension" \
993 -s "Found PSK_EPHEMERAL KEX MODE" \
994 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]995 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]996 -S "key exchange mode: psk$" \
997 -S "key exchange mode: psk_ephemeral" \
998 -S "key exchange mode: ephemeral"
999
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1000requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1001requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1002requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1003run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1004 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1005 "$O_NEXT_CLI -tls1_3 -msg \
1006 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1007 1 \
1008 -s "found psk key exchange modes extension" \
1009 -s "found pre_shared_key extension" \
1010 -s "Found PSK_EPHEMERAL KEX MODE" \
1011 -S "Found PSK KEX MODE" \
1012 -s "Invalid binder." \
1013 -S "key exchange mode: psk$" \
1014 -S "key exchange mode: psk_ephemeral" \
1015 -S "key exchange mode: ephemeral"
1016
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1017requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1018requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1019requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1020run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1021 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1022 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1023 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1024 0 \
1025 -s "found psk key exchange modes extension" \
1026 -s "found pre_shared_key extension" \
1027 -s "Found PSK_EPHEMERAL KEX MODE" \
1028 -s "Found PSK KEX MODE" \
1029 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1030 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1031 -S "key exchange mode: psk$" \
1032 -s "key exchange mode: psk_ephemeral" \
1033 -S "key exchange mode: ephemeral"
1034
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1035requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1036requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1037requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1038run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1039 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1040 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1041 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1042 1 \
1043 -s "found psk key exchange modes extension" \
1044 -s "found pre_shared_key extension" \
1045 -s "Found PSK_EPHEMERAL KEX MODE" \
1046 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1047 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1048 -S "key exchange mode: psk$" \
1049 -S "key exchange mode: psk_ephemeral" \
1050 -S "key exchange mode: ephemeral"
1051
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1052requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1053requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1054requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1055run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1056 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1057 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1058 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1059 1 \
1060 -s "found psk key exchange modes extension" \
1061 -s "found pre_shared_key extension" \
1062 -s "Found PSK_EPHEMERAL KEX MODE" \
1063 -s "Found PSK KEX MODE" \
1064 -s "Invalid binder." \
1065 -S "key exchange mode: psk$" \
1066 -S "key exchange mode: psk_ephemeral" \
1067 -S "key exchange mode: ephemeral"
1068
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1069requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1070requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1071requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1072requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1073run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1074 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1075 "$O_NEXT_CLI -tls1_3 -msg \
1076 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1077 0 \
1078 -s "found psk key exchange modes extension" \
1079 -s "found pre_shared_key extension" \
1080 -s "Found PSK_EPHEMERAL KEX MODE" \
1081 -S "Found PSK KEX MODE" \
1082 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1083 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1084 -S "key exchange mode: psk$" \
1085 -s "key exchange mode: psk_ephemeral" \
1086 -S "key exchange mode: ephemeral"
1087
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1088requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1089requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1090requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1092run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1093 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1094 "$O_NEXT_CLI -tls1_3 -msg \
1095 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1096 1 \
1097 -s "found psk key exchange modes extension" \
1098 -s "found pre_shared_key extension" \
1099 -s "Found PSK_EPHEMERAL KEX MODE" \
1100 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1101 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1102 -S "key exchange mode: psk$" \
1103 -S "key exchange mode: psk_ephemeral" \
1104 -S "key exchange mode: ephemeral"
1105
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1106requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1107requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1108requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1109requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1110run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1111 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1112 "$O_NEXT_CLI -tls1_3 -msg \
1113 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1114 1 \
1115 -s "found psk key exchange modes extension" \
1116 -s "found pre_shared_key extension" \
1117 -s "Found PSK_EPHEMERAL KEX MODE" \
1118 -S "Found PSK KEX MODE" \
1119 -s "Invalid binder." \
1120 -S "key exchange mode: psk$" \
1121 -S "key exchange mode: psk_ephemeral" \
1122 -S "key exchange mode: ephemeral"
1123
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1124requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1125requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1126requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1127requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1128run_test "TLS 1.3: O->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1129 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1130 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1131 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1132 0 \
1133 -s "found psk key exchange modes extension" \
1134 -s "found pre_shared_key extension" \
1135 -s "Found PSK_EPHEMERAL KEX MODE" \
1136 -s "Found PSK KEX MODE" \
1137 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1138 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1139 -S "key exchange mode: psk$" \
1140 -s "key exchange mode: psk_ephemeral" \
1141 -S "key exchange mode: ephemeral"
1142
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1143requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1144requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1145requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1146requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1147run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1148 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1149 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1150 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1151 1 \
1152 -s "found psk key exchange modes extension" \
1153 -s "found pre_shared_key extension" \
1154 -s "Found PSK_EPHEMERAL KEX MODE" \
1155 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1156 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1157 -S "key exchange mode: psk$" \
1158 -S "key exchange mode: psk_ephemeral" \
1159 -S "key exchange mode: ephemeral"
1160
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1161requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1162requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1163requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1164requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1165run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1166 "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1167 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1168 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1169 1 \
1170 -s "found psk key exchange modes extension" \
1171 -s "found pre_shared_key extension" \
1172 -s "Found PSK_EPHEMERAL KEX MODE" \
1173 -s "Found PSK KEX MODE" \
1174 -s "Invalid binder." \
1175 -S "key exchange mode: psk$" \
1176 -S "key exchange mode: psk_ephemeral" \
1177 -S "key exchange mode: ephemeral"
1178
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1179requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1180requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1181requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1182requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1183run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1184 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1185 "$O_NEXT_CLI -tls1_3 -msg \
1186 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1187 0 \
1188 -s "found psk key exchange modes extension" \
1189 -s "found pre_shared_key extension" \
1190 -s "Found PSK_EPHEMERAL KEX MODE" \
1191 -S "Found PSK KEX MODE" \
1192 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1193 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1194 -S "key exchange mode: psk$" \
1195 -s "key exchange mode: psk_ephemeral" \
1196 -S "key exchange mode: ephemeral"
1197
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1198requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1199requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1200requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1201requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1202run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1203 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1204 "$O_NEXT_CLI -tls1_3 -msg \
1205 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1206 0 \
1207 -s "found psk key exchange modes extension" \
1208 -s "found pre_shared_key extension" \
1209 -s "Found PSK_EPHEMERAL KEX MODE" \
1210 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1211 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1212 -S "key exchange mode: psk$" \
1213 -S "key exchange mode: psk_ephemeral" \
1214 -s "key exchange mode: ephemeral"
1215
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1216requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1217requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1218requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1219requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1220run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1221 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1222 "$O_NEXT_CLI -tls1_3 -msg \
1223 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1224 1 \
1225 -s "found psk key exchange modes extension" \
1226 -s "found pre_shared_key extension" \
1227 -s "Found PSK_EPHEMERAL KEX MODE" \
1228 -S "Found PSK KEX MODE" \
1229 -s "Invalid binder." \
1230 -S "key exchange mode: psk$" \
1231 -S "key exchange mode: psk_ephemeral" \
1232 -S "key exchange mode: ephemeral"
1233
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1234requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1235requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1236requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1237requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1238run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1239 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1240 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1241 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1242 0 \
1243 -s "found psk key exchange modes extension" \
1244 -s "found pre_shared_key extension" \
1245 -s "Found PSK_EPHEMERAL KEX MODE" \
1246 -s "Found PSK KEX MODE" \
1247 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1248 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1249 -S "key exchange mode: psk$" \
1250 -s "key exchange mode: psk_ephemeral" \
1251 -S "key exchange mode: ephemeral"
1252
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1253requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1254requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1255requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1257run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1258 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1259 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1260 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1261 0 \
1262 -s "found psk key exchange modes extension" \
1263 -s "found pre_shared_key extension" \
1264 -s "Found PSK_EPHEMERAL KEX MODE" \
1265 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1266 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1267 -S "key exchange mode: psk$" \
1268 -S "key exchange mode: psk_ephemeral" \
1269 -s "key exchange mode: ephemeral"
1270
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1271requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1272requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1273requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1274requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1275run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1276 "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1277 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1278 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1279 1 \
1280 -s "found psk key exchange modes extension" \
1281 -s "found pre_shared_key extension" \
1282 -s "Found PSK_EPHEMERAL KEX MODE" \
1283 -s "Found PSK KEX MODE" \
1284 -s "Invalid binder." \
1285 -S "key exchange mode: psk$" \
1286 -S "key exchange mode: psk_ephemeral" \
1287 -S "key exchange mode: ephemeral"
1288
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1289requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1290requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1291requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1292requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1293requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1294run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1295 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1296 "$O_NEXT_CLI -tls1_3 -msg \
1297 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1298 0 \
1299 -s "found psk key exchange modes extension" \
1300 -s "found pre_shared_key extension" \
1301 -s "Found PSK_EPHEMERAL KEX MODE" \
1302 -S "Found PSK KEX MODE" \
1303 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1304 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1305 -S "key exchange mode: psk$" \
1306 -s "key exchange mode: psk_ephemeral" \
1307 -S "key exchange mode: ephemeral"
1308
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1309requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1310requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1311requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1312requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1313requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1314run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1315 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1316 "$O_NEXT_CLI -tls1_3 -msg \
1317 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1318 0 \
1319 -s "found psk key exchange modes extension" \
1320 -s "found pre_shared_key extension" \
1321 -s "Found PSK_EPHEMERAL KEX MODE" \
1322 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1323 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1324 -S "key exchange mode: psk$" \
1325 -S "key exchange mode: psk_ephemeral" \
1326 -s "key exchange mode: ephemeral"
1327
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1328requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1329requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1331requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1332requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1333run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1334 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1335 "$O_NEXT_CLI -tls1_3 -msg \
1336 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1337 1 \
1338 -s "found psk key exchange modes extension" \
1339 -s "found pre_shared_key extension" \
1340 -s "Found PSK_EPHEMERAL KEX MODE" \
1341 -S "Found PSK KEX MODE" \
1342 -s "Invalid binder." \
1343 -S "key exchange mode: psk$" \
1344 -S "key exchange mode: psk_ephemeral" \
1345 -S "key exchange mode: ephemeral"
1346
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1347requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1348requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1349requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1350requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1351requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1352run_test "TLS 1.3: O->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1353 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1354 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1355 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1356 0 \
1357 -s "found psk key exchange modes extension" \
1358 -s "found pre_shared_key extension" \
1359 -s "Found PSK_EPHEMERAL KEX MODE" \
1360 -s "Found PSK KEX MODE" \
1361 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1362 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1363 -S "key exchange mode: psk$" \
1364 -s "key exchange mode: psk_ephemeral" \
1365 -S "key exchange mode: ephemeral"
1366
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1367requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1368requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1369requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1370requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1371requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1372run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1373 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1374 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1375 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1376 0 \
1377 -s "found psk key exchange modes extension" \
1378 -s "found pre_shared_key extension" \
1379 -s "Found PSK_EPHEMERAL KEX MODE" \
1380 -s "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1381 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1382 -S "key exchange mode: psk$" \
1383 -S "key exchange mode: psk_ephemeral" \
1384 -s "key exchange mode: ephemeral"
1385
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1386requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1387requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1388requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1390requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1391run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1392 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1393 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1394 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1395 1 \
1396 -s "found psk key exchange modes extension" \
1397 -s "found pre_shared_key extension" \
1398 -s "Found PSK_EPHEMERAL KEX MODE" \
1399 -s "Found PSK KEX MODE" \
1400 -s "Invalid binder." \
1401 -S "key exchange mode: psk$" \
1402 -S "key exchange mode: psk_ephemeral" \
1403 -S "key exchange mode: ephemeral"
1404
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1405requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1406requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1407requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1408requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1409run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1410 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1411 "$O_NEXT_CLI -tls1_3 -msg \
1412 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1413 0 \
1414 -s "found psk key exchange modes extension" \
1415 -s "found pre_shared_key extension" \
1416 -s "Found PSK_EPHEMERAL KEX MODE" \
1417 -S "Found PSK KEX MODE" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1418 -s "No suitable PSK key exchange mode" \
1419 -S "Pre shared key found" \
1420 -s "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1421 -S "key exchange mode: psk$" \
1422 -S "key exchange mode: psk_ephemeral" \
1423 -s "key exchange mode: ephemeral"
1424
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1425requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1426requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1427requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1428requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1429run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1430 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1431 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1432 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1433 0 \
1434 -s "found psk key exchange modes extension" \
1435 -s "found pre_shared_key extension" \
1436 -s "Found PSK_EPHEMERAL KEX MODE" \
1437 -s "Found PSK KEX MODE" \
1438 -s "Pre shared key found" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1439 -S "No usable PSK or ticket" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1440 -S "key exchange mode: psk$" \
1441 -S "key exchange mode: psk_ephemeral" \
1442 -s "key exchange mode: ephemeral"
1443
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1444requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1445requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1446requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1448run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1449 "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1450 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1451 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1452 1 \
1453 -s "found psk key exchange modes extension" \
1454 -s "found pre_shared_key extension" \
1455 -s "Found PSK_EPHEMERAL KEX MODE" \
1456 -s "Found PSK KEX MODE" \
1457 -s "Invalid binder." \
1458 -S "key exchange mode: psk$" \
1459 -S "key exchange mode: psk_ephemeral" \
1460 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1461
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1462requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1463requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1464requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1465run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1466 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1467 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1468 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1469 0 \
1470 -s "write selected_group: secp256r1" \
1471 -S "key exchange mode: psk$" \
1472 -s "key exchange mode: psk_ephemeral" \
1473 -S "key exchange mode: ephemeral"
1474
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1475requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1476requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1477requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1478run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1479 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1480 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1481 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1482 0 \
1483 -s "write selected_group: secp384r1" \
1484 -S "key exchange mode: psk$" \
1485 -s "key exchange mode: psk_ephemeral" \
1486 -S "key exchange mode: ephemeral"
1487
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1488requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1489requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1490requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1491run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1492 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1493 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1494 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1495 0 \
1496 -s "write selected_group: secp521r1" \
1497 -S "key exchange mode: psk$" \
1498 -s "key exchange mode: psk_ephemeral" \
1499 -S "key exchange mode: ephemeral"
1500
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1501requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1502requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1503requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1504run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1505 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1506 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1507 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1508 0 \
1509 -s "write selected_group: x25519" \
1510 -S "key exchange mode: psk$" \
1511 -s "key exchange mode: psk_ephemeral" \
1512 -S "key exchange mode: ephemeral"
1513
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1514requires_openssl_tls1_3_with_compatible_ephemeral
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1515requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1516requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1517run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1518 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1519 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1520 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1521 0 \
1522 -s "write selected_group: x448" \
1523 -S "key exchange mode: psk$" \
1524 -s "key exchange mode: psk_ephemeral" \
1525 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1526
1527requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]1528requires_openssl_tls1_3_with_compatible_ephemeral
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1529requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1530run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1531 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1532 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1533 0 \
1534 -s "write selected_group: secp384r1" \
1535 -s "HRR selected_group: secp384r1" \
1536 -S "key exchange mode: psk$" \
1537 -s "key exchange mode: psk_ephemeral" \
1538 -S "key exchange mode: ephemeral"
1539
1540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1541requires_gnutls_tls1_3
1542requires_gnutls_next_no_ticket
1543requires_gnutls_next_disable_tls13_compat
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1544requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Przemek Stekielc31a7982023-06-27 10:53:33 +0200[diff] [blame]1545requires_config_enabled PSA_WANT_ALG_ECDH
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1546run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Przemek Stekiel45255e42023-06-29 13:56:36 +0200[diff] [blame]1547 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1548 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1549 0 \
1550 -s "write selected_group: secp384r1" \
1551 -s "HRR selected_group: secp384r1" \
1552 -S "key exchange mode: psk$" \
1553 -s "key exchange mode: psk_ephemeral" \
1554 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1555
1556
1557# Add psk test cases for mbedtls client code
1558
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1559# MbedTls->MbedTLS kinds of tls13_kex_modes
1560# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1561requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1562requires_config_enabled MBEDTLS_SSL_SRV_C
1563requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1564requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1565run_test "TLS 1.3: m->m: psk/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1566 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1567 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1568 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1569 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1570 -c "client hello, adding psk_key_exchange_modes extension" \
1571 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1572 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1573 -c "HTTP/1.0 200 OK"
1574
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1575requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1576requires_config_enabled MBEDTLS_SSL_SRV_C
1577requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1578requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1579run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1580 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1581 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1582 1 \
1583 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1584 -c "client hello, adding psk_key_exchange_modes extension" \
1585 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1586 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1587
1588requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1589requires_config_enabled MBEDTLS_SSL_SRV_C
1590requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1591requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1592run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1593 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1594 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1595 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1596 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1597 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1598 -c "client hello, adding PSK binder list" \
1599 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1600
1601requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1602requires_config_enabled MBEDTLS_SSL_SRV_C
1603requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1604requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1605requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1606run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1607 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1608 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1609 1 \
1610 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1611 -c "client hello, adding psk_key_exchange_modes extension" \
1612 -c "client hello, adding PSK binder list" \
1613 -s "ClientHello message misses mandatory extensions."
1614
1615requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1616requires_config_enabled MBEDTLS_SSL_SRV_C
1617requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1618requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1619requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1620run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1621 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1622 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1623 1 \
1624 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1625 -c "client hello, adding psk_key_exchange_modes extension" \
1626 -c "client hello, adding PSK binder list" \
1627 -s "ClientHello message misses mandatory extensions."
1628
1629requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1630requires_config_enabled MBEDTLS_SSL_SRV_C
1631requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1632requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1633requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1634requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1635run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1636 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1637 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1638 1 \
1639 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1640 -c "client hello, adding psk_key_exchange_modes extension" \
1641 -c "client hello, adding PSK binder list" \
1642 -s "ClientHello message misses mandatory extensions."
1643
1644requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1645requires_config_enabled MBEDTLS_SSL_SRV_C
1646requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1647requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1648requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1649run_test "TLS 1.3: m->m: psk/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1650 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1651 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1652 0 \
1653 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1654 -c "client hello, adding psk_key_exchange_modes extension" \
1655 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1656 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1657 -c "HTTP/1.0 200 OK"
1658
1659requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1660requires_config_enabled MBEDTLS_SSL_SRV_C
1661requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1662requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1663requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1664run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1665 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1666 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1667 1 \
1668 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1669 -c "client hello, adding psk_key_exchange_modes extension" \
1670 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1671 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1672 -s "ClientHello message misses mandatory extensions."
1673
1674requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1675requires_config_enabled MBEDTLS_SSL_SRV_C
1676requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1677requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1678requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1679run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1680 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1681 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1682 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1683 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1684 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1685 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1686 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1687
1688requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1689requires_config_enabled MBEDTLS_SSL_SRV_C
1690requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1691requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1692requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1693requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1694run_test "TLS 1.3: m->m: psk/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1695 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1696 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1697 0 \
1698 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1699 -c "client hello, adding psk_key_exchange_modes extension" \
1700 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1701 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1702 -c "HTTP/1.0 200 OK"
1703
1704requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1705requires_config_enabled MBEDTLS_SSL_SRV_C
1706requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1707requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1708requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1709requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1710run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1711 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1712 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1713 1 \
1714 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1715 -c "client hello, adding psk_key_exchange_modes extension" \
1716 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1717 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1718 -s "ClientHello message misses mandatory extensions."
1719
1720requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1721requires_config_enabled MBEDTLS_SSL_SRV_C
1722requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1723requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1724requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1725requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1726run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1727 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1728 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1729 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1730 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1731 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1732 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1733 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1734
1735# psk_ephemeral mode in client
1736requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1737requires_config_enabled MBEDTLS_SSL_SRV_C
1738requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1739requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1740requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1741run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1742 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1743 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1744 1 \
1745 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1746 -c "client hello, adding psk_key_exchange_modes extension" \
1747 -c "client hello, adding PSK binder list" \
1748 -s "ClientHello message misses mandatory extensions."
1749
1750requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1751requires_config_enabled MBEDTLS_SSL_SRV_C
1752requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1753requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1754run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1755 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1756 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1757 0 \
1758 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1759 -c "client hello, adding psk_key_exchange_modes extension" \
1760 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1761 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1762 -c "HTTP/1.0 200 OK"
1763
1764requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1765requires_config_enabled MBEDTLS_SSL_SRV_C
1766requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1767requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1768run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1769 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1770 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1771 1 \
1772 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1773 -c "client hello, adding psk_key_exchange_modes extension" \
1774 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1775 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1776 -s "ClientHello message misses mandatory extensions."
1777
1778requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1779requires_config_enabled MBEDTLS_SSL_SRV_C
1780requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1781requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1782run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1783 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1784 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1785 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1786 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1787 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1788 -c "client hello, adding PSK binder list" \
1789 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1790
1791requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1792requires_config_enabled MBEDTLS_SSL_SRV_C
1793requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1794requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1795requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1796requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1797run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1798 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1799 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1800 1 \
1801 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1802 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]1803 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1804
1805requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1806requires_config_enabled MBEDTLS_SSL_SRV_C
1807requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1808requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1809requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1810run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1811 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1812 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1813 0 \
1814 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1815 -c "client hello, adding psk_key_exchange_modes extension" \
1816 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1817 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1818 -c "HTTP/1.0 200 OK"
1819
1820requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]1821requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1822requires_config_enabled MBEDTLS_SSL_SRV_C
1823requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1824requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1825requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1826run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1827 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1828 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1829 1 \
1830 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1831 -c "client hello, adding psk_key_exchange_modes extension" \
1832 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1833 -s "No usable PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1834
1835requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1836requires_config_enabled MBEDTLS_SSL_SRV_C
1837requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1838requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1839requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1840run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1841 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1842 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1843 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1844 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1845 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1846 -c "client hello, adding PSK binder list" \
1847 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1848
1849requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1850requires_config_enabled MBEDTLS_SSL_SRV_C
1851requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1852requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1853requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1854run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1855 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1856 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1857 0 \
1858 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1859 -c "client hello, adding psk_key_exchange_modes extension" \
1860 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1861 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1862 -c "HTTP/1.0 200 OK"
1863
1864requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1865requires_config_enabled MBEDTLS_SSL_SRV_C
1866requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1867requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1868requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1869run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1870 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1871 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1872 1 \
1873 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1874 -c "client hello, adding psk_key_exchange_modes extension" \
1875 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1876 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1877 -s "ClientHello message misses mandatory extensions."
1878
1879requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1880requires_config_enabled MBEDTLS_SSL_SRV_C
1881requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1882requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1883requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1884run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1885 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1886 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1887 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1888 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1889 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1890 -c "client hello, adding PSK binder list" \
1891 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1892
1893requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1894requires_config_enabled MBEDTLS_SSL_SRV_C
1895requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1896requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1897requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1898requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1899run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1900 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1901 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1902 0 \
1903 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1904 -c "client hello, adding psk_key_exchange_modes extension" \
1905 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1906 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1907 -c "HTTP/1.0 200 OK"
1908
1909requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1910requires_config_enabled MBEDTLS_SSL_SRV_C
1911requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1912requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1913requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1914requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1915run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1916 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1917 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1918 1 \
1919 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1920 -c "client hello, adding psk_key_exchange_modes extension" \
1921 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]1922 -s "No usable PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1923
1924requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1925requires_config_enabled MBEDTLS_SSL_SRV_C
1926requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1927requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1928requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1929requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1930run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1931 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1932 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1933 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1934 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1935 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]1936 -c "client hello, adding PSK binder list" \
1937 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1938
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1939# ephemeral mode in client
1940requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1941requires_config_enabled MBEDTLS_SSL_SRV_C
1942requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1943requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1944requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1945run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1946 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1947 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1948 1 \
1949 -s "ClientHello message misses mandatory extensions."
1950
1951requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1952requires_config_enabled MBEDTLS_SSL_SRV_C
1953requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1954requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1955requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1956run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1957 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1958 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1959 1 \
1960 -s "ClientHello message misses mandatory extensions."
1961
1962requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1963requires_config_enabled MBEDTLS_SSL_SRV_C
1964requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1965requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1966run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1967 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1968 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1969 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1970 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1971 -c "HTTP/1.0 200 OK"
1972
1973requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1974requires_config_enabled MBEDTLS_SSL_SRV_C
1975requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1976requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1977requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1978run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1979 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1980 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1981 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1982 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1983 -c "HTTP/1.0 200 OK"
1984
1985requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1986requires_config_enabled MBEDTLS_SSL_SRV_C
1987requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]1988requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1989requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1990requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1991run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]1992 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1993 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1994 1 \
1995 -s "ClientHello message misses mandatory extensions."
1996
1997requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1998requires_config_enabled MBEDTLS_SSL_SRV_C
1999requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2000requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2001requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2002requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2003run_test "TLS 1.3: m->m: ephemeral/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2004 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2005 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2006 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2007 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2008 -c "HTTP/1.0 200 OK"
2009
2010# ephemeral_all mode in client
2011requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2012requires_config_enabled MBEDTLS_SSL_SRV_C
2013requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2014requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2015requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2016requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2017run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2018 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2019 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2020 1 \
2021 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2022 -c "client hello, adding psk_key_exchange_modes extension" \
2023 -c "client hello, adding PSK binder list" \
2024 -s "ClientHello message misses mandatory extensions."
2025
2026requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2027requires_config_enabled MBEDTLS_SSL_SRV_C
2028requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2029requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2030requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2031run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2032 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2033 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2034 0 \
2035 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2036 -c "client hello, adding psk_key_exchange_modes extension" \
2037 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2038 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2039 -c "HTTP/1.0 200 OK"
2040
2041requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2042requires_config_enabled MBEDTLS_SSL_SRV_C
2043requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2044requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2045requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2046run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2047 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2048 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2049 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2050 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2051 -c "client hello, adding psk_key_exchange_modes extension" \
2052 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2053 -s "No usable PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2054
2055requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2056requires_config_enabled MBEDTLS_SSL_SRV_C
2057requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2058requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2059requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2060run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2061 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2062 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2063 1 \
2064 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2065 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2066 -c "client hello, adding PSK binder list" \
2067 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2068
2069requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2070requires_config_enabled MBEDTLS_SSL_SRV_C
2071requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2072requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2073requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2074run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2075 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2076 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2077 0 \
2078 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2079 -c "client hello, adding psk_key_exchange_modes extension" \
2080 -c "client hello, adding PSK binder list" \
2081 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2082 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2083 -c "HTTP/1.0 200 OK"
2084
2085requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2086requires_config_enabled MBEDTLS_SSL_SRV_C
2087requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2088requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2089requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2090run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2091 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2092 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2093 0 \
2094 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2095 -c "client hello, adding psk_key_exchange_modes extension" \
2096 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2097 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2098 -c "HTTP/1.0 200 OK"
2099
2100requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2101requires_config_enabled MBEDTLS_SSL_SRV_C
2102requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2103requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2104requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2105run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2106 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2107 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2108 0 \
2109 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2110 -c "client hello, adding psk_key_exchange_modes extension" \
2111 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2112 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2113 -s "key exchange mode: ephemeral"
2114
2115requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2116requires_config_enabled MBEDTLS_SSL_SRV_C
2117requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2118requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2119requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2120run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2121 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2122 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2123 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2124 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2125 -c "client hello, adding psk_key_exchange_modes extension" \
2126 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2127 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2128
2129requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2130requires_config_enabled MBEDTLS_SSL_SRV_C
2131requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2132requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2133requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2134requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2135run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2136 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2137 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2138 0 \
2139 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2140 -c "client hello, adding psk_key_exchange_modes extension" \
2141 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2142 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2143 -c "HTTP/1.0 200 OK"
2144
2145requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2146requires_config_enabled MBEDTLS_SSL_SRV_C
2147requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2148requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2149requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2150requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2151run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2152 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2153 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2154 1 \
2155 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2156 -c "client hello, adding psk_key_exchange_modes extension" \
2157 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2158 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2159 -s "ClientHello message misses mandatory extensions."
2160
2161requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2162requires_config_enabled MBEDTLS_SSL_SRV_C
2163requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2164requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2165requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2166requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2167run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2168 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2169 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2170 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2171 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2172 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2173 -c "client hello, adding PSK binder list" \
2174 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2175
2176requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2177requires_config_enabled MBEDTLS_SSL_SRV_C
2178requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2179requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2180requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2181requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2182run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2183 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2184 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2185 0 \
2186 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2187 -c "client hello, adding psk_key_exchange_modes extension" \
2188 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2189 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2190 -c "HTTP/1.0 200 OK"
2191
2192requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2193requires_config_enabled MBEDTLS_SSL_SRV_C
2194requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2195requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2196requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2197requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2198run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2199 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2200 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2201 0 \
2202 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2203 -c "client hello, adding psk_key_exchange_modes extension" \
2204 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2205 -s "No usable PSK or ticket" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2206 -s "key exchange mode: ephemeral"
2207
2208requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2209requires_config_enabled MBEDTLS_SSL_SRV_C
2210requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2211requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2212requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2213requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2214run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2215 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2216 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2217 1 \
2218 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2219 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2220 -c "client hello, adding PSK binder list" \
2221 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2222
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2223# psk_all mode in client
2224requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2225requires_config_enabled MBEDTLS_SSL_SRV_C
2226requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2227requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2228requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2229run_test "TLS 1.3: m->m: psk_all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2230 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2231 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2232 0 \
2233 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2234 -c "client hello, adding psk_key_exchange_modes extension" \
2235 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2236 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2237 -c "HTTP/1.0 200 OK"
2238
2239requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2240requires_config_enabled MBEDTLS_SSL_SRV_C
2241requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2242requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2243requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2244run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2245 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2246 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2247 1 \
2248 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2249 -c "client hello, adding psk_key_exchange_modes extension" \
2250 -c "client hello, adding PSK binder list" \
2251 -s "ClientHello message misses mandatory extensions."
2252
2253requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2254requires_config_enabled MBEDTLS_SSL_SRV_C
2255requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2256requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2257requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2258run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2259 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2260 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2261 1 \
2262 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2263 -c "client hello, adding psk_key_exchange_modes extension" \
2264 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2265 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2266
2267requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2268requires_config_enabled MBEDTLS_SSL_SRV_C
2269requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2270requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2271requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2272run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2273 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2274 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2275 0 \
2276 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2277 -c "client hello, adding psk_key_exchange_modes extension" \
2278 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2279 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2280 -c "HTTP/1.0 200 OK"
2281
2282requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2283requires_config_enabled MBEDTLS_SSL_SRV_C
2284requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2285requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2286requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2287run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2288 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2289 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2290 1 \
2291 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2292 -c "client hello, adding psk_key_exchange_modes extension" \
2293 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2294 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2295 -s "ClientHello message misses mandatory extensions."
2296
2297requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2298requires_config_enabled MBEDTLS_SSL_SRV_C
2299requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2300requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2301requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2302run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2303 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2304 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2305 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2306 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2307 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2308 -c "client hello, adding PSK binder list" \
2309 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2310
2311requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2312requires_config_enabled MBEDTLS_SSL_SRV_C
2313requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2314requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2315requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2316requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2317run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2318 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2319 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2320 1 \
2321 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2322 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2323 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2324
2325requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2326requires_config_enabled MBEDTLS_SSL_SRV_C
2327requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2328requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2329requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2330requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2331run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2332 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2333 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2334 0 \
2335 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2336 -c "client hello, adding psk_key_exchange_modes extension" \
2337 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2338 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2339 -c "HTTP/1.0 200 OK"
2340
2341requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2342requires_config_enabled MBEDTLS_SSL_SRV_C
2343requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2344requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2345requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2346requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2347run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2348 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2349 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2350 1 \
2351 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2352 -c "client hello, adding psk_key_exchange_modes extension" \
2353 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2354 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2355
2356requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2357requires_config_enabled MBEDTLS_SSL_SRV_C
2358requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2359requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2360requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2361requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2362run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2363 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2364 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2365 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2366 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2367 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2368 -c "client hello, adding PSK binder list" \
2369 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2370
2371requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2372requires_config_enabled MBEDTLS_SSL_SRV_C
2373requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2374requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2375requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2376run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2377 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2378 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2379 0 \
2380 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2381 -c "client hello, adding psk_key_exchange_modes extension" \
2382 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2383 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2384 -c "HTTP/1.0 200 OK"
2385
2386requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2387requires_config_enabled MBEDTLS_SSL_SRV_C
2388requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2390requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2391run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2392 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2393 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2394 1 \
2395 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2396 -c "client hello, adding psk_key_exchange_modes extension" \
2397 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2398 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2399 -s "ClientHello message misses mandatory extensions."
2400
2401requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2402requires_config_enabled MBEDTLS_SSL_SRV_C
2403requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2404requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2405requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2406run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2407 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2408 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2409 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2410 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2411 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2412 -c "client hello, adding PSK binder list" \
2413 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2414
2415requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2416requires_config_enabled MBEDTLS_SSL_SRV_C
2417requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2418requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2419requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2420requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2421run_test "TLS 1.3: m->m: psk_all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2422 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2423 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2424 0 \
2425 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2426 -c "client hello, adding psk_key_exchange_modes extension" \
2427 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2428 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2429 -c "HTTP/1.0 200 OK"
2430
2431requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2432requires_config_enabled MBEDTLS_SSL_SRV_C
2433requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2434requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2435requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2436requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2437run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2438 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2439 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2440 1 \
2441 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2442 -c "client hello, adding psk_key_exchange_modes extension" \
2443 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2444 -s "No usable PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2445
2446requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2447requires_config_enabled MBEDTLS_SSL_SRV_C
2448requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2449requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2450requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2451requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2452run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2453 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2454 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2455 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2456 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2457 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2458 -c "client hello, adding PSK binder list" \
2459 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2460
2461# all mode in client
2462requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2463requires_config_enabled MBEDTLS_SSL_SRV_C
2464requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2465requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2466requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2467requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2468run_test "TLS 1.3: m->m: all/psk, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2469 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2470 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2471 0 \
2472 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2473 -c "client hello, adding psk_key_exchange_modes extension" \
2474 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2475 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2476 -c "HTTP/1.0 200 OK"
2477
2478requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2479requires_config_enabled MBEDTLS_SSL_SRV_C
2480requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2481requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2482requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2483requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2484run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2485 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2486 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2487 1 \
2488 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2489 -c "client hello, adding psk_key_exchange_modes extension" \
2490 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2491 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2492 -s "ClientHello message misses mandatory extensions."
2493
2494requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2495requires_config_enabled MBEDTLS_SSL_SRV_C
2496requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2497requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2498requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2499requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2500run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2501 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2502 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503 1 \
2504 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2505 -c "client hello, adding psk_key_exchange_modes extension" \
2506 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2507 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2508
2509requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2510requires_config_enabled MBEDTLS_SSL_SRV_C
2511requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2512requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2513requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2514requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2515run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2516 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2517 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2518 0 \
2519 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2520 -c "client hello, adding psk_key_exchange_modes extension" \
2521 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2522 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2523 -c "HTTP/1.0 200 OK"
2524
2525requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2526requires_config_enabled MBEDTLS_SSL_SRV_C
2527requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2528requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2529requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2530requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2531run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2532 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2533 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2534 1 \
2535 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2536 -c "client hello, adding psk_key_exchange_modes extension" \
2537 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2538 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2539 -s "ClientHello message misses mandatory extensions."
2540
2541requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2542requires_config_enabled MBEDTLS_SSL_SRV_C
2543requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2544requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2545requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2546requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2547run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2548 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2549 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2550 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2551 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2552 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2553 -c "client hello, adding PSK binder list" \
2554 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2555
2556requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2557requires_config_enabled MBEDTLS_SSL_SRV_C
2558requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2559requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2560requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2561requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2562run_test "TLS 1.3: m->m: all/ephemeral, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2563 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2564 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2565 0 \
2566 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2567 -c "client hello, adding psk_key_exchange_modes extension" \
2568 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2569 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2570 -c "HTTP/1.0 200 OK"
2571
2572requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2573requires_config_enabled MBEDTLS_SSL_SRV_C
2574requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2575requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2576requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2577requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2578run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2579 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2580 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2581 0 \
2582 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2583 -c "client hello, adding psk_key_exchange_modes extension" \
2584 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2585 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2586 -c "HTTP/1.0 200 OK"
2587
2588requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2589requires_config_enabled MBEDTLS_SSL_SRV_C
2590requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2591requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2592requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2593requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2594run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2595 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2596 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2597 0 \
2598 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2599 -c "client hello, adding psk_key_exchange_modes extension" \
2600 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2601 -s "No usable PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2602 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2603 -c "HTTP/1.0 200 OK"
2604
2605requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2606requires_config_enabled MBEDTLS_SSL_SRV_C
2607requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2608requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2609requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2610requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2611run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2612 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2613 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2614 1 \
2615 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2616 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2617 -c "client hello, adding PSK binder list" \
2618 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2619
2620requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2621requires_config_enabled MBEDTLS_SSL_SRV_C
2622requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2623requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2624requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2625requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2626run_test "TLS 1.3: m->m: all/psk_all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2627 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2628 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2629 0 \
2630 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2631 -c "client hello, adding psk_key_exchange_modes extension" \
2632 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2633 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2634 -c "HTTP/1.0 200 OK"
2635
2636requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2637requires_config_enabled MBEDTLS_SSL_SRV_C
2638requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2639requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2640requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2641requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2642run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2643 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2644 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2645 1 \
2646 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2647 -c "client hello, adding psk_key_exchange_modes extension" \
2648 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2649 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2650 -s "ClientHello message misses mandatory extensions."
2651
2652requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2653requires_config_enabled MBEDTLS_SSL_SRV_C
2654requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2655requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2656requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2657requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2658run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2659 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2660 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2661 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2662 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2663 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2664 -c "client hello, adding PSK binder list" \
2665 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2666
2667requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2668requires_config_enabled MBEDTLS_SSL_SRV_C
2669requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2670requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2671requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2672requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2673run_test "TLS 1.3: m->m: all/all, good" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2674 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2675 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2676 0 \
2677 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2678 -c "client hello, adding psk_key_exchange_modes extension" \
2679 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2680 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2681 -c "HTTP/1.0 200 OK"
2682
2683requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2684requires_config_enabled MBEDTLS_SSL_SRV_C
2685requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2686requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2687requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2688requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2689run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2690 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2691 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2692 0 \
2693 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2694 -c "client hello, adding psk_key_exchange_modes extension" \
2695 -c "client hello, adding PSK binder list" \
Ronald Croncf284562024-02-16 18:54:10 +0100[diff] [blame]2696 -s "No usable PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2697 -s "key exchange mode: ephemeral"
2698
2699requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2700requires_config_enabled MBEDTLS_SSL_SRV_C
2701requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2702requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2703requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2704requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2705run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2706 "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2707 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2708 1 \
2709 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2710 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2711 -c "client hello, adding PSK binder list" \
2712 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2713
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2714#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2715requires_openssl_tls1_3
2716requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2717requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2718requires_config_enabled MBEDTLS_DEBUG_C
2719requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2720requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2721run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2722 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2723 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2724 0 \
2725 -c "=> write client hello" \
2726 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2727 -c "client hello, adding psk_key_exchange_modes extension" \
2728 -c "client hello, adding PSK binder list" \
2729 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2730 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2731 -c "HTTP/1.0 200 ok"
2732
2733requires_openssl_tls1_3
2734requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2735requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2736requires_config_enabled MBEDTLS_DEBUG_C
2737requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2738requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2739run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2740 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2741 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2742 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2743 -c "=> write client hello" \
2744 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2745 -c "client hello, adding psk_key_exchange_modes extension" \
2746 -c "client hello, adding PSK binder list" \
2747 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2748 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2749
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2750#OPENSSL-SERVER psk_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2751requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2752requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2753requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2754requires_config_enabled MBEDTLS_DEBUG_C
2755requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2756requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2757requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2758run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2759 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2760 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2761 0 \
2762 -c "=> write client hello" \
2763 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2764 -c "client hello, adding psk_key_exchange_modes extension" \
2765 -c "client hello, adding PSK binder list" \
2766 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2767 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2768 -c "HTTP/1.0 200 ok"
2769
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2770requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2771requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2772requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2773requires_config_enabled MBEDTLS_DEBUG_C
2774requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2775requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2776requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2777run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2778 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2779 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2780 0 \
2781 -c "=> write client hello" \
2782 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2783 -c "client hello, adding psk_key_exchange_modes extension" \
2784 -c "client hello, adding PSK binder list" \
2785 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2786 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2787 -c "HTTP/1.0 200 ok"
2788
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2789#OPENSSL-SERVER psk_ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2790requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2791requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2792requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2793requires_config_enabled MBEDTLS_DEBUG_C
2794requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2795requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2796run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2797 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2798 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2799 0 \
2800 -c "=> write client hello" \
2801 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2802 -c "client hello, adding psk_key_exchange_modes extension" \
2803 -c "client hello, adding PSK binder list" \
2804 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2805 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2806 -c "HTTP/1.0 200 ok"
2807
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2808requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2809requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2810requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2811requires_config_enabled MBEDTLS_DEBUG_C
2812requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2813requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2814run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2815 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Ronald Cron2ea36af2022-10-17 09:37:16 +0200[diff] [blame]2816 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2817 0 \
2818 -c "=> write client hello" \
2819 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2820 -c "client hello, adding psk_key_exchange_modes extension" \
2821 -c "client hello, adding PSK binder list" \
2822 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2823 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2824 -c "HTTP/1.0 200 ok"
2825
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2826#OPENSSL-SERVER ephemeral mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2827requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2828requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2829requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2830requires_config_enabled MBEDTLS_DEBUG_C
2831requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2832requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2833run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2834 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2835 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2836 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2837 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2838 -c "HTTP/1.0 200 ok"
2839
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2840requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2841requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2842requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2843requires_config_enabled MBEDTLS_DEBUG_C
2844requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2845requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2846run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2847 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2848 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2849 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2850 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2851 -c "HTTP/1.0 200 ok"
2852
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2853#OPENSSL-SERVER ephemeral_all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2854requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2855requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2856requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2857requires_config_enabled MBEDTLS_DEBUG_C
2858requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2859requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2860requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2861run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2862 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2863 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2864 0 \
2865 -c "=> write client hello" \
2866 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2867 -c "client hello, adding psk_key_exchange_modes extension" \
2868 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2869 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2870 -c "<= write client hello" \
2871 -c "HTTP/1.0 200 ok"
2872
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2873requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2874requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2875requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2876requires_config_enabled MBEDTLS_DEBUG_C
2877requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2878requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2879requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2880run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2881 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2882 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2883 0 \
2884 -c "=> write client hello" \
2885 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2886 -c "client hello, adding psk_key_exchange_modes extension" \
2887 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2888 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2889 -c "<= write client hello" \
2890 -c "HTTP/1.0 200 ok"
2891
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2892#OPENSSL-SERVER all mode
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2893requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2894requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2895requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2896requires_config_enabled MBEDTLS_DEBUG_C
2897requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2898requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2899requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2900requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2901run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2902 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2903 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2904 0 \
2905 -c "=> write client hello" \
2906 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2907 -c "client hello, adding psk_key_exchange_modes extension" \
2908 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2909 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2910 -c "<= write client hello" \
2911 -c "HTTP/1.0 200 ok"
2912
Przemek Stekiel8bfe8972023-06-26 12:59:45 +0200[diff] [blame]2913requires_openssl_tls1_3_with_compatible_ephemeral
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2914requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2915requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2916requires_config_enabled MBEDTLS_DEBUG_C
2917requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2918requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2919requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
2920requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2921run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2922 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2923 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
2924 0 \
2925 -c "=> write client hello" \
2926 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2927 -c "client hello, adding psk_key_exchange_modes extension" \
2928 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2929 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]2930 -c "<= write client hello" \
2931 -c "HTTP/1.0 200 ok"
2932
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2933#GNUTLS-SERVER psk mode
2934requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2935requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2936requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2937requires_config_enabled MBEDTLS_DEBUG_C
2938requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2939requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2940run_test "TLS 1.3: m->G: psk/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2941 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2942 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2943 0 \
2944 -c "=> write client hello" \
2945 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2946 -c "client hello, adding psk_key_exchange_modes extension" \
2947 -c "client hello, adding PSK binder list" \
2948 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2949 -s "Parsing extension 'Pre Shared Key/41'" \
2950 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2951 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2952 -c "HTTP/1.0 200 OK"
2953
2954requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2955requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2956requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2957requires_config_enabled MBEDTLS_DEBUG_C
2958requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2959requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2960run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2961 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2962 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2963 1 \
2964 -c "=> write client hello" \
2965 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2966 -c "client hello, adding psk_key_exchange_modes extension" \
2967 -c "client hello, adding PSK binder list" \
2968 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2969 -s "Parsing extension 'Pre Shared Key/41'" \
2970 -c "<= write client hello" \
2971 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
2972
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2973#GNUTLS-SERVER psk_all mode
2974requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2975requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2976requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2977requires_config_enabled MBEDTLS_DEBUG_C
2978requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]2979requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
2980requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2981run_test "TLS 1.3: m->G: psk_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]2982 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]2983 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2984 0 \
2985 -c "=> write client hello" \
2986 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2987 -c "client hello, adding psk_key_exchange_modes extension" \
2988 -c "client hello, adding PSK binder list" \
2989 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
2990 -s "Parsing extension 'Pre Shared Key/41'" \
2991 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]2992 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2993 -c "HTTP/1.0 200 OK"
2994
2995requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2996requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2997requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2998requires_config_enabled MBEDTLS_DEBUG_C
2999requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3000requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3001requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3002run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3003 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3004 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3005 0 \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3006 -c "=> write client hello" \
3007 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3008 -c "client hello, adding psk_key_exchange_modes extension" \
3009 -c "client hello, adding PSK binder list" \
3010 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3011 -s "Parsing extension 'Pre Shared Key/41'" \
3012 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3013 -c "Selected key exchange mode: psk_ephemeral" \
3014 -c "HTTP/1.0 200 OK"
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3015
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3016#GNUTLS-SERVER psk_ephemeral mode
3017requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3018requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3019requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3020requires_config_enabled MBEDTLS_DEBUG_C
3021requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3022requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3023run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3024 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3025 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3026 0 \
3027 -c "=> write client hello" \
3028 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3029 -c "client hello, adding psk_key_exchange_modes extension" \
3030 -c "client hello, adding PSK binder list" \
3031 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3032 -s "Parsing extension 'Pre Shared Key/41'" \
3033 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3034 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3035 -c "HTTP/1.0 200 OK"
3036
3037requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3038requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3039requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3040requires_config_enabled MBEDTLS_DEBUG_C
3041requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3042requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3043run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3044 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3045 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3046 0 \
3047 -c "=> write client hello" \
3048 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3049 -c "client hello, adding psk_key_exchange_modes extension" \
3050 -c "client hello, adding PSK binder list" \
3051 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3052 -s "Parsing extension 'Pre Shared Key/41'" \
3053 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3054 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3055 -c "HTTP/1.0 200 OK"
3056
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3057#GNUTLS-SERVER ephemeral mode
3058requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3059requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3060requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3061requires_config_enabled MBEDTLS_DEBUG_C
3062requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3063requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3064run_test "TLS 1.3: m->G: ephemeral/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3065 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3066 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3067 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3068 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3069 -c "HTTP/1.0 200 OK"
3070
3071requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3072requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3073requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3074requires_config_enabled MBEDTLS_DEBUG_C
3075requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3076requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3077run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3078 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3079 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3080 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3081 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3082 -c "HTTP/1.0 200 OK"
3083
3084#GNUTLS-SERVER ephemeral_all mode
3085requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3086requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3087requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3088requires_config_enabled MBEDTLS_DEBUG_C
3089requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3090requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3091requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3092run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3093 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3094 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3095 0 \
3096 -c "=> write client hello" \
3097 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3098 -c "client hello, adding psk_key_exchange_modes extension" \
3099 -c "client hello, adding PSK binder list" \
3100 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3101 -s "Parsing extension 'Pre Shared Key/41'" \
3102 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3103 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3104 -c "HTTP/1.0 200 OK"
3105
3106requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3107requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3108requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3109requires_config_enabled MBEDTLS_DEBUG_C
3110requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3111requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3112requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3113run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3114 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3115 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3116 0 \
3117 -c "=> write client hello" \
3118 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3119 -c "client hello, adding psk_key_exchange_modes extension" \
3120 -c "client hello, adding PSK binder list" \
3121 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3122 -s "Parsing extension 'Pre Shared Key/41'" \
3123 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3124 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3125 -c "HTTP/1.0 200 OK"
3126
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3127#GNUTLS-SERVER all mode
3128requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3129requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3130requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3131requires_config_enabled MBEDTLS_DEBUG_C
3132requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3133requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3134requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3135requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3136run_test "TLS 1.3: m->G: all/all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3137 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3138 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3139 0 \
3140 -c "=> write client hello" \
3141 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3142 -c "client hello, adding psk_key_exchange_modes extension" \
3143 -c "client hello, adding PSK binder list" \
3144 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3145 -s "Parsing extension 'Pre Shared Key/41'" \
3146 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3147 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3148 -c "HTTP/1.0 200 OK"
3149
3150requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3151requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3152requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3153requires_config_enabled MBEDTLS_DEBUG_C
3154requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron59625842022-10-17 10:36:34 +0200[diff] [blame]3155requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
3156requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
3157requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3158run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
Ronald Crondd0c8f92022-10-25 17:35:29 +0200[diff] [blame]3159 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \
Ronald Cron50ae84e2023-03-14 08:59:56 +0100[diff] [blame]3160 "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3161 0 \
3162 -c "=> write client hello" \
3163 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3164 -c "client hello, adding psk_key_exchange_modes extension" \
3165 -c "client hello, adding PSK binder list" \
3166 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3167 -s "Parsing extension 'Pre Shared Key/41'" \
3168 -c "<= write client hello" \
Ronald Crona709a0f2022-09-27 16:46:11 +0200[diff] [blame]3169 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3170 -c "HTTP/1.0 200 OK"