Changes according to review comments

commit: 20095afc582eca6cd0809c95bdc50cb011edd8d6 [log] [tgz]
author: Jarno Lamsa <jarno.lamsa@arm.com> Tue Jun 11 17:16:58 2019 +0300
committer: Jarno Lamsa <jarno.lamsa@arm.com> Tue Jun 11 17:16:58 2019 +0300
tree: b09837bb94328c3d845f849aaa4eb7dede413de3
parent: 41b359114d74abfacc14eafb0a1bb0a6d1a8a3af [diff] [blame]
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index b87a684..531d96a 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh

@@ -1763,7 +1763,7 @@
 
 # Tests for Extended Master Secret extension
 
-run_test    "Extended Master Secret enforced: default" \
+run_test    "Extended Master Secret: default (both enabled, both enforcing)" \
             "$P_SRV debug_level=3 enforce_extended_master_secret=1" \
             "$P_CLI debug_level=3 enforce_extended_master_secret=1" \
             0 \
@@ -1774,8 +1774,30 @@
             -c "session hash for extended master secret" \
             -s "session hash for extended master secret"
 
-run_test    "Extended Master Secret enforced: client enabled, server disabled" \
-            "$P_SRV debug_level=3 extended_ms=0 enforce_extended_master_secret=1" \
+run_test    "Extended Master Secret: both enabled, client enforcing" \
+            "$P_SRV debug_level=3 enforce_extended_master_secret=0" \
+            "$P_CLI debug_level=3 enforce_extended_master_secret=1" \
+            0 \
+            -c "client hello, adding extended_master_secret extension" \
+            -s "found extended master secret extension" \
+            -s "server hello, adding extended master secret extension" \
+            -c "found extended_master_secret extension" \
+            -c "session hash for extended master secret" \
+            -s "session hash for extended master secret"
+
+run_test    "Extended Master Secret: both enabled, server enforcing" \
+            "$P_SRV debug_level=3 enforce_extended_master_secret=1" \
+            "$P_CLI debug_level=3 enforce_extended_master_secret=0" \
+            0 \
+            -c "client hello, adding extended_master_secret extension" \
+            -s "found extended master secret extension" \
+            -s "server hello, adding extended master secret extension" \
+            -c "found extended_master_secret extension" \
+            -c "session hash for extended master secret" \
+            -s "session hash for extended master secret"
+
+run_test    "Extended Master Secret: client enabled, server disabled, client enforcing" \
+            "$P_SRV debug_level=3 extended_ms=0" \
             "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
             1 \
             -c "client hello, adding extended_master_secret extension" \
@@ -1784,9 +1806,9 @@
             -C "found extended_master_secret extension" \
             -c "Peer not offering extended master secret, while it is enforced"
 
-run_test    "Extended Master Secret enforced: client disabled, server enabled" \
+run_test    "Extended Master Secret enforced: client disabled, server enabled, server enforcing" \
             "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
-            "$P_CLI debug_level=3 extended_ms=0 enforce_extended_master_secret=1" \
+            "$P_CLI debug_level=3 extended_ms=0" \
             1 \
             -C "client hello, adding extended_master_secret extension" \
             -S "found extended master secret extension" \
@@ -1794,7 +1816,7 @@
             -C "found extended_master_secret extension" \
             -s "Peer not offering extended master secret, while it is enforced"
 
-run_test    "Extended Master Secret not enforced: default" \
+run_test    "Extended Master Secret: default (not enforcing)" \
             "$P_SRV debug_level=3" \
             "$P_CLI debug_level=3" \
             0 \
@@ -1805,7 +1827,7 @@
             -c "session hash for extended master secret" \
             -s "session hash for extended master secret"
 
-run_test    "Extended Master Secret not enforced: client enabled, server disabled" \
+run_test    "Extended Master Secret: client enabled, server disabled, not enforcing" \
             "$P_SRV debug_level=3 extended_ms=0" \
             "$P_CLI debug_level=3 extended_ms=1" \
             0 \
@@ -1816,7 +1838,7 @@
             -C "session hash for extended master secret" \
             -S "session hash for extended master secret"
 
-run_test    "Extended Master Secret not enforced: client disabled, server enabled" \
+run_test    "Extended Master Secret: client disabled, server enabled, not enforcing" \
             "$P_SRV debug_level=3 extended_ms=1" \
             "$P_CLI debug_level=3 extended_ms=0" \
             0 \
@@ -1827,6 +1849,17 @@
             -C "session hash for extended master secret" \
             -S "session hash for extended master secret"
 
+run_test    "Extended Master Secret: client disabled, server disabled" \
+            "$P_SRV debug_level=3 extended_ms=0" \
+            "$P_CLI debug_level=3 extended_ms=0" \
+            0 \
+            -C "client hello, adding extended_master_secret extension" \
+            -S "found extended master secret extension" \
+            -S "server hello, adding extended master secret extension" \
+            -C "found extended_master_secret extension" \
+            -C "session hash for extended master secret" \
+            -S "session hash for extended master secret"
+
 requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
 run_test    "Extended Master Secret: client SSLv3, server enabled" \
             "$P_SRV debug_level=3 min_version=ssl3" \
commit	20095afc582eca6cd0809c95bdc50cb011edd8d6	[log] [tgz]
author	Jarno Lamsa <jarno.lamsa@arm.com>	Tue Jun 11 17:16:58 2019 +0300
committer	Jarno Lamsa <jarno.lamsa@arm.com>	Tue Jun 11 17:16:58 2019 +0300
tree	b09837bb94328c3d845f849aaa4eb7dede413de3
parent	41b359114d74abfacc14eafb0a1bb0a6d1a8a3af [diff] [blame]