blob: af2a42d0293b5462a17f0524e29b29c469954a24 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +08001#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu66f35f22022-08-22 17:27:41 +080021requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +080022requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
23requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
24requires_config_enabled MBEDTLS_SSL_SRV_C
25requires_config_enabled MBEDTLS_DEBUG_C
Jerry Yu9b83fa12022-07-31 13:13:51 +080026# SOME_ECDHE_ENABLED?
27requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
28 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +080029run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu2185c0f2022-08-23 16:12:43 +080030 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
31 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
32 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
33 localhost" \
34 1 \
35 -s "found psk key exchange modes extension" \
36 -s "found pre_shared_key extension" \
37 -s "Found PSK_EPHEMERAL KEX MODE" \
38 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +080039 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +080040
41requires_openssl_tls1_3
42requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
43requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
44requires_config_enabled MBEDTLS_SSL_SRV_C
45requires_config_enabled MBEDTLS_DEBUG_C
46# SOME_ECDHE_ENABLED?
47requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
48 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +080049run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu2185c0f2022-08-23 16:12:43 +080050 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
51 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
52 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
53 1 \
54 -s "found psk key exchange modes extension" \
55 -s "found pre_shared_key extension" \
56 -s "Found PSK_EPHEMERAL KEX MODE" \
57 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +080058 -s "No matched ciphersuite"
59
60
61requires_gnutls_tls1_3
62requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
63requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +080064run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yue7b4b582022-08-25 17:53:13 +080065 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
66 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
67 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
68 localhost" \
69 1 \
70 -s "found psk key exchange modes extension" \
71 -s "found pre_shared_key extension" \
72 -s "Found PSK_EPHEMERAL KEX MODE" \
73 -S "Found PSK KEX MODE" \
74 -S "key exchange mode: psk$" \
75 -S "key exchange mode: psk_ephemeral" \
76 -S "key exchange mode: ephemeral"
77
78requires_gnutls_tls1_3
79requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
80requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +080081run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +080082 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
83 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
84 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
85 localhost" \
86 0 \
87 -s "found psk key exchange modes extension" \
88 -s "found pre_shared_key extension" \
89 -s "Found PSK_EPHEMERAL KEX MODE" \
90 -s "Found PSK KEX MODE" \
91 -s "Pre shared key found" \
92 -S "No matched PSK or ticket" \
93 -s "key exchange mode: psk$" \
94 -S "key exchange mode: psk_ephemeral" \
95 -S "key exchange mode: ephemeral"
96
97requires_gnutls_tls1_3
98requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
99requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800100run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800101 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
102 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
103 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
104 localhost" \
105 1 \
106 -s "found psk key exchange modes extension" \
107 -s "found pre_shared_key extension" \
108 -s "Found PSK_EPHEMERAL KEX MODE" \
109 -s "Found PSK KEX MODE" \
110 -s "No matched PSK or ticket" \
111 -S "key exchange mode: psk$" \
112 -S "key exchange mode: psk_ephemeral" \
113 -S "key exchange mode: ephemeral"
114
115requires_gnutls_tls1_3
116requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
117requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800118run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800119 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
120 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
121 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
122 localhost" \
123 1 \
124 -s "found psk key exchange modes extension" \
125 -s "found pre_shared_key extension" \
126 -s "Found PSK_EPHEMERAL KEX MODE" \
127 -s "Found PSK KEX MODE" \
128 -s "Invalid binder." \
129 -S "key exchange mode: psk$" \
130 -S "key exchange mode: psk_ephemeral" \
131 -S "key exchange mode: ephemeral"
132
133requires_gnutls_tls1_3
134requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
135requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800136run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800137 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
138 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
139 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
140 localhost" \
141 0 \
142 -s "found psk key exchange modes extension" \
143 -s "found pre_shared_key extension" \
144 -S "Found PSK_EPHEMERAL KEX MODE" \
145 -s "Found PSK KEX MODE" \
146 -s "Pre shared key found" \
147 -S "No matched PSK or ticket" \
148 -s "key exchange mode: psk$" \
149 -S "key exchange mode: psk_ephemeral" \
150 -S "key exchange mode: ephemeral"
151
152requires_gnutls_tls1_3
153requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
154requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800155run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800156 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
157 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
158 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
159 localhost" \
160 1 \
161 -s "found psk key exchange modes extension" \
162 -s "found pre_shared_key extension" \
163 -S "Found PSK_EPHEMERAL KEX MODE" \
164 -s "Found PSK KEX MODE" \
165 -s "No matched PSK or ticket" \
166 -S "key exchange mode: psk$" \
167 -S "key exchange mode: psk_ephemeral" \
168 -S "key exchange mode: ephemeral"
169
170requires_gnutls_tls1_3
171requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
172requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800173run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800174 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
175 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
176 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
177 localhost" \
178 1 \
179 -s "found psk key exchange modes extension" \
180 -s "found pre_shared_key extension" \
181 -S "Found PSK_EPHEMERAL KEX MODE" \
182 -s "Found PSK KEX MODE" \
183 -s "Invalid binder." \
184 -S "key exchange mode: psk$" \
185 -S "key exchange mode: psk_ephemeral" \
186 -S "key exchange mode: ephemeral"
187
188requires_gnutls_tls1_3
189requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
190requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
191requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800192run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800193 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
194 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
195 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
196 localhost" \
197 0 \
198 -s "found psk key exchange modes extension" \
199 -s "found pre_shared_key extension" \
200 -s "Found PSK_EPHEMERAL KEX MODE" \
201 -S "Found PSK KEX MODE" \
202 -s "Pre shared key found" \
203 -S "No matched PSK or ticket" \
204 -S "key exchange mode: psk$" \
205 -s "key exchange mode: psk_ephemeral" \
206 -S "key exchange mode: ephemeral"
207
208requires_gnutls_tls1_3
209requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
210requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
211requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800212run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800213 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
214 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
215 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
216 localhost" \
217 1 \
218 -s "found psk key exchange modes extension" \
219 -s "found pre_shared_key extension" \
220 -s "Found PSK_EPHEMERAL KEX MODE" \
221 -S "Found PSK KEX MODE" \
222 -s "No matched PSK or ticket" \
223 -S "key exchange mode: psk$" \
224 -S "key exchange mode: psk_ephemeral" \
225 -S "key exchange mode: ephemeral"
226
227requires_gnutls_tls1_3
228requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
229requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
230requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800231run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800232 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
233 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
234 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
235 localhost" \
236 1 \
237 -s "found psk key exchange modes extension" \
238 -s "found pre_shared_key extension" \
239 -s "Found PSK_EPHEMERAL KEX MODE" \
240 -S "Found PSK KEX MODE" \
241 -s "Invalid binder." \
242 -S "key exchange mode: psk$" \
243 -S "key exchange mode: psk_ephemeral" \
244 -S "key exchange mode: ephemeral"
245
246requires_gnutls_tls1_3
247requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
248requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
249requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800250run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800251 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
252 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
253 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
254 localhost" \
255 0 \
256 -s "found psk key exchange modes extension" \
257 -s "found pre_shared_key extension" \
258 -s "Found PSK_EPHEMERAL KEX MODE" \
259 -s "Found PSK KEX MODE" \
260 -s "Pre shared key found" \
261 -S "No matched PSK or ticket" \
262 -S "key exchange mode: psk$" \
263 -s "key exchange mode: psk_ephemeral" \
264 -S "key exchange mode: ephemeral"
265
266requires_gnutls_tls1_3
267requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
268requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
269requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800270run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800271 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
272 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
273 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
274 localhost" \
275 1 \
276 -s "found psk key exchange modes extension" \
277 -s "found pre_shared_key extension" \
278 -s "Found PSK_EPHEMERAL KEX MODE" \
279 -s "Found PSK KEX MODE" \
280 -s "No matched PSK or ticket" \
281 -S "key exchange mode: psk$" \
282 -S "key exchange mode: psk_ephemeral" \
283 -S "key exchange mode: ephemeral"
284
285requires_gnutls_tls1_3
286requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
287requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
288requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800289run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800290 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
291 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
292 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
293 localhost" \
294 1 \
295 -s "found psk key exchange modes extension" \
296 -s "found pre_shared_key extension" \
297 -s "Found PSK_EPHEMERAL KEX MODE" \
298 -s "Found PSK KEX MODE" \
299 -s "Invalid binder." \
300 -S "key exchange mode: psk$" \
301 -S "key exchange mode: psk_ephemeral" \
302 -S "key exchange mode: ephemeral"
303
304requires_gnutls_tls1_3
305requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
306requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
307requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800308run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800309 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
310 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
311 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
312 localhost" \
313 1 \
314 -s "found psk key exchange modes extension" \
315 -s "found pre_shared_key extension" \
316 -S "Found PSK_EPHEMERAL KEX MODE" \
317 -s "Found PSK KEX MODE" \
318 -S "key exchange mode: psk$" \
319 -S "key exchange mode: psk_ephemeral" \
320 -S "key exchange mode: ephemeral"
321
322requires_gnutls_tls1_3
323requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
324requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
325requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800326run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800327 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
328 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
329 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
330 localhost" \
331 0 \
332 -s "found psk key exchange modes extension" \
333 -s "found pre_shared_key extension" \
334 -s "Found PSK_EPHEMERAL KEX MODE" \
335 -S "Found PSK KEX MODE" \
336 -s "Pre shared key found" \
337 -S "No matched PSK or ticket" \
338 -S "key exchange mode: psk$" \
339 -s "key exchange mode: psk_ephemeral" \
340 -S "key exchange mode: ephemeral"
341
342requires_gnutls_tls1_3
343requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
344requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
345requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800346run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800347 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
348 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
349 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
350 localhost" \
351 1 \
352 -s "found psk key exchange modes extension" \
353 -s "found pre_shared_key extension" \
354 -s "Found PSK_EPHEMERAL KEX MODE" \
355 -S "Found PSK KEX MODE" \
356 -s "No matched PSK or ticket" \
357 -S "key exchange mode: psk$" \
358 -S "key exchange mode: psk_ephemeral" \
359 -S "key exchange mode: ephemeral"
360
361requires_gnutls_tls1_3
362requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
363requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
364requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800365run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800366 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
367 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
368 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
369 localhost" \
370 1 \
371 -s "found psk key exchange modes extension" \
372 -s "found pre_shared_key extension" \
373 -s "Found PSK_EPHEMERAL KEX MODE" \
374 -S "Found PSK KEX MODE" \
375 -s "Invalid binder." \
376 -S "key exchange mode: psk$" \
377 -S "key exchange mode: psk_ephemeral" \
378 -S "key exchange mode: ephemeral"
379
380requires_gnutls_tls1_3
381requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
382requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
383requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800384run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800385 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
386 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
387 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
388 localhost" \
389 0 \
390 -s "found psk key exchange modes extension" \
391 -s "found pre_shared_key extension" \
392 -s "Found PSK_EPHEMERAL KEX MODE" \
393 -s "Found PSK KEX MODE" \
394 -s "Pre shared key found" \
395 -S "No matched PSK or ticket" \
396 -S "key exchange mode: psk$" \
397 -s "key exchange mode: psk_ephemeral" \
398 -S "key exchange mode: ephemeral"
399
400requires_gnutls_tls1_3
401requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
402requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
403requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800404run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800405 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
406 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
407 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
408 localhost" \
409 1 \
410 -s "found psk key exchange modes extension" \
411 -s "found pre_shared_key extension" \
412 -s "Found PSK_EPHEMERAL KEX MODE" \
413 -s "Found PSK KEX MODE" \
414 -s "No matched PSK or ticket" \
415 -S "key exchange mode: psk$" \
416 -S "key exchange mode: psk_ephemeral" \
417 -S "key exchange mode: ephemeral"
418
419requires_gnutls_tls1_3
420requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
421requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
422requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800423run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800424 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
425 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
426 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
427 localhost" \
428 1 \
429 -s "found psk key exchange modes extension" \
430 -s "found pre_shared_key extension" \
431 -s "Found PSK_EPHEMERAL KEX MODE" \
432 -s "Found PSK KEX MODE" \
433 -s "Invalid binder." \
434 -S "key exchange mode: psk$" \
435 -S "key exchange mode: psk_ephemeral" \
436 -S "key exchange mode: ephemeral"
437
438requires_gnutls_tls1_3
439requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
440requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
441requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800442run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800443 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
444 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
445 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
446 localhost" \
447 0 \
448 -s "found psk key exchange modes extension" \
449 -s "found pre_shared_key extension" \
450 -S "Found PSK_EPHEMERAL KEX MODE" \
451 -s "Found PSK KEX MODE" \
452 -s "Pre shared key found" \
453 -S "No matched PSK or ticket" \
454 -s "key exchange mode: psk$" \
455 -S "key exchange mode: psk_ephemeral" \
456 -S "key exchange mode: ephemeral"
457
458requires_gnutls_tls1_3
459requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
460requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
461requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800462run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800463 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
464 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
465 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
466 localhost" \
467 1 \
468 -s "found psk key exchange modes extension" \
469 -s "found pre_shared_key extension" \
470 -S "Found PSK_EPHEMERAL KEX MODE" \
471 -s "Found PSK KEX MODE" \
472 -s "No matched PSK or ticket" \
473 -S "key exchange mode: psk$" \
474 -S "key exchange mode: psk_ephemeral" \
475 -S "key exchange mode: ephemeral"
476
477requires_gnutls_tls1_3
478requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
479requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
480requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800481run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800482 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
483 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
484 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
485 localhost" \
486 1 \
487 -s "found psk key exchange modes extension" \
488 -s "found pre_shared_key extension" \
489 -S "Found PSK_EPHEMERAL KEX MODE" \
490 -s "Found PSK KEX MODE" \
491 -s "Invalid binder." \
492 -S "key exchange mode: psk$" \
493 -S "key exchange mode: psk_ephemeral" \
494 -S "key exchange mode: ephemeral"
495
496requires_gnutls_tls1_3
497requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
498requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
499requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800500run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800501 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
502 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
503 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
504 localhost" \
505 0 \
506 -s "found psk key exchange modes extension" \
507 -s "found pre_shared_key extension" \
508 -s "Found PSK_EPHEMERAL KEX MODE" \
509 -S "Found PSK KEX MODE" \
510 -s "Pre shared key found" \
511 -S "No matched PSK or ticket" \
512 -S "key exchange mode: psk$" \
513 -s "key exchange mode: psk_ephemeral" \
514 -S "key exchange mode: ephemeral"
515
516requires_gnutls_tls1_3
517requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
518requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
519requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800520run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +0800521 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
522 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
523 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
524 localhost" \
525 0 \
526 -s "found psk key exchange modes extension" \
527 -s "found pre_shared_key extension" \
528 -s "Found PSK_EPHEMERAL KEX MODE" \
529 -S "Found PSK KEX MODE" \
530 -s "No matched PSK or ticket" \
531 -S "key exchange mode: psk$" \
532 -S "key exchange mode: psk_ephemeral" \
533 -s "key exchange mode: ephemeral"
534
535requires_gnutls_tls1_3
536requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
537requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
538requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800539run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800540 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
541 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
542 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
543 localhost" \
544 1 \
545 -s "found psk key exchange modes extension" \
546 -s "found pre_shared_key extension" \
547 -s "Found PSK_EPHEMERAL KEX MODE" \
548 -S "Found PSK KEX MODE" \
549 -s "Invalid binder." \
550 -S "key exchange mode: psk$" \
551 -S "key exchange mode: psk_ephemeral" \
552 -S "key exchange mode: ephemeral"
553
554requires_gnutls_tls1_3
555requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
556requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
557requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800558run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800559 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
560 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
561 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
562 localhost" \
563 0 \
564 -s "found psk key exchange modes extension" \
565 -s "found pre_shared_key extension" \
566 -s "Found PSK_EPHEMERAL KEX MODE" \
567 -s "Found PSK KEX MODE" \
568 -s "Pre shared key found" \
569 -S "No matched PSK or ticket" \
570 -S "key exchange mode: psk$" \
571 -s "key exchange mode: psk_ephemeral" \
572 -S "key exchange mode: ephemeral"
573
574requires_gnutls_tls1_3
575requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
576requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
577requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800578run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +0800579 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
580 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
581 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
582 localhost" \
583 0 \
584 -s "found psk key exchange modes extension" \
585 -s "found pre_shared_key extension" \
586 -s "Found PSK_EPHEMERAL KEX MODE" \
587 -s "Found PSK KEX MODE" \
588 -s "No matched PSK or ticket" \
589 -S "key exchange mode: psk$" \
590 -S "key exchange mode: psk_ephemeral" \
591 -s "key exchange mode: ephemeral"
592
593requires_gnutls_tls1_3
594requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
595requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
596requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800597run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800598 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
599 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
600 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
601 localhost" \
602 1 \
603 -s "found psk key exchange modes extension" \
604 -s "found pre_shared_key extension" \
605 -s "Found PSK_EPHEMERAL KEX MODE" \
606 -s "Found PSK KEX MODE" \
607 -s "Invalid binder." \
608 -S "key exchange mode: psk$" \
609 -S "key exchange mode: psk_ephemeral" \
610 -S "key exchange mode: ephemeral"
611
612requires_gnutls_tls1_3
613requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
614requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
615requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800616run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800617 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
618 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
619 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
620 localhost" \
621 0 \
622 -s "found psk key exchange modes extension" \
623 -s "found pre_shared_key extension" \
624 -S "Found PSK_EPHEMERAL KEX MODE" \
625 -s "Found PSK KEX MODE" \
626 -s "Pre shared key found" \
627 -S "No matched PSK or ticket" \
628 -S "key exchange mode: psk$" \
629 -S "key exchange mode: psk_ephemeral" \
630 -s "key exchange mode: ephemeral"
631
632requires_gnutls_tls1_3
633requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
634requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
635requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800636run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800637 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
638 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
639 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
640 localhost" \
641 0 \
642 -s "found psk key exchange modes extension" \
643 -s "found pre_shared_key extension" \
644 -s "Found PSK_EPHEMERAL KEX MODE" \
645 -S "Found PSK KEX MODE" \
646 -s "Pre shared key found" \
647 -S "No matched PSK or ticket" \
648 -S "key exchange mode: psk$" \
649 -s "key exchange mode: psk_ephemeral" \
650 -S "key exchange mode: ephemeral"
651
652requires_gnutls_tls1_3
653requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
654requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
655requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800656run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +0800657 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
658 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
659 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
660 localhost" \
661 0 \
662 -s "found psk key exchange modes extension" \
663 -s "found pre_shared_key extension" \
664 -s "Found PSK_EPHEMERAL KEX MODE" \
665 -S "Found PSK KEX MODE" \
666 -s "No matched PSK or ticket" \
667 -S "key exchange mode: psk$" \
668 -S "key exchange mode: psk_ephemeral" \
669 -s "key exchange mode: ephemeral"
670
671requires_gnutls_tls1_3
672requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
673requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
674requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800675run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800676 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
677 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
678 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
679 localhost" \
680 1 \
681 -s "found psk key exchange modes extension" \
682 -s "found pre_shared_key extension" \
683 -s "Found PSK_EPHEMERAL KEX MODE" \
684 -S "Found PSK KEX MODE" \
685 -s "Invalid binder." \
686 -S "key exchange mode: psk$" \
687 -S "key exchange mode: psk_ephemeral" \
688 -S "key exchange mode: ephemeral"
689
690requires_gnutls_tls1_3
691requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
692requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
693requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800694run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800695 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
696 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
697 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
698 localhost" \
699 0 \
700 -s "found psk key exchange modes extension" \
701 -s "found pre_shared_key extension" \
702 -s "Found PSK_EPHEMERAL KEX MODE" \
703 -s "Found PSK KEX MODE" \
704 -s "Pre shared key found" \
705 -S "No matched PSK or ticket" \
706 -S "key exchange mode: psk$" \
707 -s "key exchange mode: psk_ephemeral" \
708 -S "key exchange mode: ephemeral"
709
710requires_gnutls_tls1_3
711requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
712requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
713requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800714run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +0800715 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
716 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
717 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
718 localhost" \
719 0 \
720 -s "found psk key exchange modes extension" \
721 -s "found pre_shared_key extension" \
722 -s "Found PSK_EPHEMERAL KEX MODE" \
723 -s "Found PSK KEX MODE" \
724 -s "No matched PSK or ticket" \
725 -S "key exchange mode: psk$" \
726 -S "key exchange mode: psk_ephemeral" \
727 -s "key exchange mode: ephemeral"
728
729requires_gnutls_tls1_3
730requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
731requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
732requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800733run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800734 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
735 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
736 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
737 localhost" \
738 1 \
739 -s "found psk key exchange modes extension" \
740 -s "found pre_shared_key extension" \
741 -s "Found PSK_EPHEMERAL KEX MODE" \
742 -s "Found PSK KEX MODE" \
743 -s "Invalid binder." \
744 -S "key exchange mode: psk$" \
745 -S "key exchange mode: psk_ephemeral" \
746 -S "key exchange mode: ephemeral"
747
748requires_gnutls_tls1_3
749requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
750requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
751requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800752run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800753 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
754 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
755 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
756 localhost" \
757 0 \
758 -s "found psk key exchange modes extension" \
759 -s "found pre_shared_key extension" \
760 -S "Found PSK_EPHEMERAL KEX MODE" \
761 -s "Found PSK KEX MODE" \
762 -s "Pre shared key found" \
763 -S "No matched PSK or ticket" \
764 -S "key exchange mode: psk$" \
765 -S "key exchange mode: psk_ephemeral" \
766 -s "key exchange mode: ephemeral"
767
768requires_gnutls_tls1_3
769requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
770requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
771requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800772run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800773 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
774 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
775 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
776 localhost" \
777 1 \
778 -s "found psk key exchange modes extension" \
779 -s "found pre_shared_key extension" \
780 -S "Found PSK_EPHEMERAL KEX MODE" \
781 -s "Found PSK KEX MODE" \
782 -s "Invalid binder." \
783 -S "key exchange mode: psk$" \
784 -S "key exchange mode: psk_ephemeral" \
785 -S "key exchange mode: ephemeral"
786
787requires_gnutls_tls1_3
788requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
789requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
790requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800791run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800792 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
793 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
794 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
795 localhost" \
796 0 \
797 -s "found psk key exchange modes extension" \
798 -s "found pre_shared_key extension" \
799 -s "Found PSK_EPHEMERAL KEX MODE" \
800 -S "Found PSK KEX MODE" \
801 -s "Pre shared key found" \
802 -S "No matched PSK or ticket" \
803 -S "key exchange mode: psk$" \
804 -S "key exchange mode: psk_ephemeral" \
805 -s "key exchange mode: ephemeral"
806
807requires_gnutls_tls1_3
808requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
809requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
810requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800811run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800812 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
813 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
814 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
815 localhost" \
816 0 \
817 -s "found psk key exchange modes extension" \
818 -s "found pre_shared_key extension" \
819 -s "Found PSK_EPHEMERAL KEX MODE" \
820 -s "Found PSK KEX MODE" \
821 -s "Pre shared key found" \
822 -S "No matched PSK or ticket" \
823 -S "key exchange mode: psk$" \
824 -S "key exchange mode: psk_ephemeral" \
825 -s "key exchange mode: ephemeral"
826
827requires_gnutls_tls1_3
828requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
829requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
830requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800831run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800832 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
833 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
834 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
835 localhost" \
836 1 \
837 -s "found psk key exchange modes extension" \
838 -s "found pre_shared_key extension" \
839 -s "Found PSK_EPHEMERAL KEX MODE" \
840 -s "Found PSK KEX MODE" \
841 -s "Invalid binder." \
842 -S "key exchange mode: psk$" \
843 -S "key exchange mode: psk_ephemeral" \
844 -S "key exchange mode: ephemeral"
845
846requires_gnutls_tls1_3
847requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
848requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
849requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800850run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800851 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
852 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
853 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
854 localhost" \
855 0 \
856 -s "found psk key exchange modes extension" \
857 -s "found pre_shared_key extension" \
858 -S "Found PSK_EPHEMERAL KEX MODE" \
859 -s "Found PSK KEX MODE" \
860 -s "Pre shared key found" \
861 -S "No matched PSK or ticket" \
862 -S "key exchange mode: psk$" \
863 -S "key exchange mode: psk_ephemeral" \
864 -s "key exchange mode: ephemeral"
865
866requires_gnutls_tls1_3
867requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
868requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
869requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800870run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800871 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
872 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
873 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
874 localhost" \
875 1 \
876 -s "found psk key exchange modes extension" \
877 -s "found pre_shared_key extension" \
878 -S "Found PSK_EPHEMERAL KEX MODE" \
879 -s "Found PSK KEX MODE" \
880 -s "Invalid binder." \
881 -S "key exchange mode: psk$" \
882 -S "key exchange mode: psk_ephemeral" \
883 -S "key exchange mode: ephemeral"
884
Jerry Yu58af2332022-09-06 11:19:31 +0800885requires_gnutls_tls1_3
886requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
887requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
888requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
889run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
890 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
891 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
892 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
893 localhost" \
894 0 \
895 -s "write selected_group: secp256r1" \
896 -S "key exchange mode: psk$" \
897 -s "key exchange mode: psk_ephemeral" \
898 -S "key exchange mode: ephemeral"
899
900requires_gnutls_tls1_3
901requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
902requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
903requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
904run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
905 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
906 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
907 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
908 localhost" \
909 0 \
910 -s "write selected_group: secp384r1" \
911 -S "key exchange mode: psk$" \
912 -s "key exchange mode: psk_ephemeral" \
913 -S "key exchange mode: ephemeral"
914
915requires_gnutls_tls1_3
916requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
917requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
918requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
919run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
920 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
921 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
922 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
923 localhost" \
924 0 \
925 -s "write selected_group: secp521r1" \
926 -S "key exchange mode: psk$" \
927 -s "key exchange mode: psk_ephemeral" \
928 -S "key exchange mode: ephemeral"
929
930requires_gnutls_tls1_3
931requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
932requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
933requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
934run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
935 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
936 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
937 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
938 localhost" \
939 0 \
940 -s "write selected_group: x25519" \
941 -S "key exchange mode: psk$" \
942 -s "key exchange mode: psk_ephemeral" \
943 -S "key exchange mode: ephemeral"
944
945requires_gnutls_tls1_3
946requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
947requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
948requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
949run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
950 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
951 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
952 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
953 localhost" \
954 0 \
955 -s "write selected_group: x448" \
956 -S "key exchange mode: psk$" \
957 -s "key exchange mode: psk_ephemeral" \
958 -S "key exchange mode: ephemeral"
959
Jerry Yue7b4b582022-08-25 17:53:13 +0800960requires_openssl_tls1_3
961requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
962requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800963run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800964 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
965 "$O_NEXT_CLI -tls1_3 -msg \
966 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
967 1 \
968 -s "found psk key exchange modes extension" \
969 -s "found pre_shared_key extension" \
970 -s "Found PSK_EPHEMERAL KEX MODE" \
971 -S "Found PSK KEX MODE" \
972 -S "key exchange mode: psk$" \
973 -S "key exchange mode: psk_ephemeral" \
974 -S "key exchange mode: ephemeral"
975
976requires_openssl_tls1_3
977requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
978requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800979run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800980 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
981 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
982 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
983 0 \
984 -s "found psk key exchange modes extension" \
985 -s "found pre_shared_key extension" \
986 -s "Found PSK_EPHEMERAL KEX MODE" \
987 -s "Found PSK KEX MODE" \
988 -s "Pre shared key found" \
989 -S "No matched PSK or ticket" \
990 -s "key exchange mode: psk$" \
991 -S "key exchange mode: psk_ephemeral" \
992 -S "key exchange mode: ephemeral"
993
994requires_openssl_tls1_3
995requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
996requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800997run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800998 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
999 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1000 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1001 1 \
1002 -s "found psk key exchange modes extension" \
1003 -s "found pre_shared_key extension" \
1004 -s "Found PSK_EPHEMERAL KEX MODE" \
1005 -s "Found PSK KEX MODE" \
1006 -s "No matched PSK or ticket" \
1007 -S "key exchange mode: psk$" \
1008 -S "key exchange mode: psk_ephemeral" \
1009 -S "key exchange mode: ephemeral"
1010
1011requires_openssl_tls1_3
1012requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1013requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001014run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001015 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1016 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1017 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1018 1 \
1019 -s "found psk key exchange modes extension" \
1020 -s "found pre_shared_key extension" \
1021 -s "Found PSK_EPHEMERAL KEX MODE" \
1022 -s "Found PSK KEX MODE" \
1023 -s "Invalid binder." \
1024 -S "key exchange mode: psk$" \
1025 -S "key exchange mode: psk_ephemeral" \
1026 -S "key exchange mode: ephemeral"
1027
1028requires_openssl_tls1_3
1029requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1030requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1031requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001032run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001033 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1034 "$O_NEXT_CLI -tls1_3 -msg \
1035 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1036 0 \
1037 -s "found psk key exchange modes extension" \
1038 -s "found pre_shared_key extension" \
1039 -s "Found PSK_EPHEMERAL KEX MODE" \
1040 -S "Found PSK KEX MODE" \
1041 -s "Pre shared key found" \
1042 -S "No matched PSK or ticket" \
1043 -S "key exchange mode: psk$" \
1044 -s "key exchange mode: psk_ephemeral" \
1045 -S "key exchange mode: ephemeral"
1046
1047requires_openssl_tls1_3
1048requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1049requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1050requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001051run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001052 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1053 "$O_NEXT_CLI -tls1_3 -msg \
1054 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1055 1 \
1056 -s "found psk key exchange modes extension" \
1057 -s "found pre_shared_key extension" \
1058 -s "Found PSK_EPHEMERAL KEX MODE" \
1059 -S "Found PSK KEX MODE" \
1060 -s "No matched PSK or ticket" \
1061 -S "key exchange mode: psk$" \
1062 -S "key exchange mode: psk_ephemeral" \
1063 -S "key exchange mode: ephemeral"
1064
1065requires_openssl_tls1_3
1066requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1067requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1068requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001069run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001070 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1071 "$O_NEXT_CLI -tls1_3 -msg \
1072 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1073 1 \
1074 -s "found psk key exchange modes extension" \
1075 -s "found pre_shared_key extension" \
1076 -s "Found PSK_EPHEMERAL KEX MODE" \
1077 -S "Found PSK KEX MODE" \
1078 -s "Invalid binder." \
1079 -S "key exchange mode: psk$" \
1080 -S "key exchange mode: psk_ephemeral" \
1081 -S "key exchange mode: ephemeral"
1082
1083requires_openssl_tls1_3
1084requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1085requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1086requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001087run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001088 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1089 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1090 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1091 0 \
1092 -s "found psk key exchange modes extension" \
1093 -s "found pre_shared_key extension" \
1094 -s "Found PSK_EPHEMERAL KEX MODE" \
1095 -s "Found PSK KEX MODE" \
1096 -s "Pre shared key found" \
1097 -S "No matched PSK or ticket" \
1098 -S "key exchange mode: psk$" \
1099 -s "key exchange mode: psk_ephemeral" \
1100 -S "key exchange mode: ephemeral"
1101
1102requires_openssl_tls1_3
1103requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1104requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1105requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001106run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001107 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1108 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1109 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1110 1 \
1111 -s "found psk key exchange modes extension" \
1112 -s "found pre_shared_key extension" \
1113 -s "Found PSK_EPHEMERAL KEX MODE" \
1114 -s "Found PSK KEX MODE" \
1115 -s "No matched PSK or ticket" \
1116 -S "key exchange mode: psk$" \
1117 -S "key exchange mode: psk_ephemeral" \
1118 -S "key exchange mode: ephemeral"
1119
1120requires_openssl_tls1_3
1121requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1122requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1123requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001124run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001125 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1126 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1127 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1128 1 \
1129 -s "found psk key exchange modes extension" \
1130 -s "found pre_shared_key extension" \
1131 -s "Found PSK_EPHEMERAL KEX MODE" \
1132 -s "Found PSK KEX MODE" \
1133 -s "Invalid binder." \
1134 -S "key exchange mode: psk$" \
1135 -S "key exchange mode: psk_ephemeral" \
1136 -S "key exchange mode: ephemeral"
1137
1138requires_openssl_tls1_3
1139requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1140requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1141requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001142run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001143 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1144 "$O_NEXT_CLI -tls1_3 -msg \
1145 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1146 0 \
1147 -s "found psk key exchange modes extension" \
1148 -s "found pre_shared_key extension" \
1149 -s "Found PSK_EPHEMERAL KEX MODE" \
1150 -S "Found PSK KEX MODE" \
1151 -s "Pre shared key found" \
1152 -S "No matched PSK or ticket" \
1153 -S "key exchange mode: psk$" \
1154 -s "key exchange mode: psk_ephemeral" \
1155 -S "key exchange mode: ephemeral"
1156
1157requires_openssl_tls1_3
1158requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1159requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1160requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001161run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001162 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1163 "$O_NEXT_CLI -tls1_3 -msg \
1164 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1165 1 \
1166 -s "found psk key exchange modes extension" \
1167 -s "found pre_shared_key extension" \
1168 -s "Found PSK_EPHEMERAL KEX MODE" \
1169 -S "Found PSK KEX MODE" \
1170 -s "No matched PSK or ticket" \
1171 -S "key exchange mode: psk$" \
1172 -S "key exchange mode: psk_ephemeral" \
1173 -S "key exchange mode: ephemeral"
1174
1175requires_openssl_tls1_3
1176requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1177requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1178requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001179run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001180 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1181 "$O_NEXT_CLI -tls1_3 -msg \
1182 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1183 1 \
1184 -s "found psk key exchange modes extension" \
1185 -s "found pre_shared_key extension" \
1186 -s "Found PSK_EPHEMERAL KEX MODE" \
1187 -S "Found PSK KEX MODE" \
1188 -s "Invalid binder." \
1189 -S "key exchange mode: psk$" \
1190 -S "key exchange mode: psk_ephemeral" \
1191 -S "key exchange mode: ephemeral"
1192
1193requires_openssl_tls1_3
1194requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1195requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1196requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001197run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001198 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1199 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1200 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1201 0 \
1202 -s "found psk key exchange modes extension" \
1203 -s "found pre_shared_key extension" \
1204 -s "Found PSK_EPHEMERAL KEX MODE" \
1205 -s "Found PSK KEX MODE" \
1206 -s "Pre shared key found" \
1207 -S "No matched PSK or ticket" \
1208 -S "key exchange mode: psk$" \
1209 -s "key exchange mode: psk_ephemeral" \
1210 -S "key exchange mode: ephemeral"
1211
1212requires_openssl_tls1_3
1213requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1214requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1215requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001216run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001217 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1218 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1219 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1220 1 \
1221 -s "found psk key exchange modes extension" \
1222 -s "found pre_shared_key extension" \
1223 -s "Found PSK_EPHEMERAL KEX MODE" \
1224 -s "Found PSK KEX MODE" \
1225 -s "No matched PSK or ticket" \
1226 -S "key exchange mode: psk$" \
1227 -S "key exchange mode: psk_ephemeral" \
1228 -S "key exchange mode: ephemeral"
1229
1230requires_openssl_tls1_3
1231requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1232requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1233requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001234run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001235 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1236 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1237 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1238 1 \
1239 -s "found psk key exchange modes extension" \
1240 -s "found pre_shared_key extension" \
1241 -s "Found PSK_EPHEMERAL KEX MODE" \
1242 -s "Found PSK KEX MODE" \
1243 -s "Invalid binder." \
1244 -S "key exchange mode: psk$" \
1245 -S "key exchange mode: psk_ephemeral" \
1246 -S "key exchange mode: ephemeral"
1247
1248requires_openssl_tls1_3
1249requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1250requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1251requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001252run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001253 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1254 "$O_NEXT_CLI -tls1_3 -msg \
1255 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1256 0 \
1257 -s "found psk key exchange modes extension" \
1258 -s "found pre_shared_key extension" \
1259 -s "Found PSK_EPHEMERAL KEX MODE" \
1260 -S "Found PSK KEX MODE" \
1261 -s "Pre shared key found" \
1262 -S "No matched PSK or ticket" \
1263 -S "key exchange mode: psk$" \
1264 -s "key exchange mode: psk_ephemeral" \
1265 -S "key exchange mode: ephemeral"
1266
1267requires_openssl_tls1_3
1268requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1269requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1270requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001271run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +08001272 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1273 "$O_NEXT_CLI -tls1_3 -msg \
1274 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1275 0 \
1276 -s "found psk key exchange modes extension" \
1277 -s "found pre_shared_key extension" \
1278 -s "Found PSK_EPHEMERAL KEX MODE" \
1279 -S "Found PSK KEX MODE" \
1280 -s "No matched PSK or ticket" \
1281 -S "key exchange mode: psk$" \
1282 -S "key exchange mode: psk_ephemeral" \
1283 -s "key exchange mode: ephemeral"
1284
1285requires_openssl_tls1_3
1286requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1287requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1288requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001289run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001290 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1291 "$O_NEXT_CLI -tls1_3 -msg \
1292 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1293 1 \
1294 -s "found psk key exchange modes extension" \
1295 -s "found pre_shared_key extension" \
1296 -s "Found PSK_EPHEMERAL KEX MODE" \
1297 -S "Found PSK KEX MODE" \
1298 -s "Invalid binder." \
1299 -S "key exchange mode: psk$" \
1300 -S "key exchange mode: psk_ephemeral" \
1301 -S "key exchange mode: ephemeral"
1302
1303requires_openssl_tls1_3
1304requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1305requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1306requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001307run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001308 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1309 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1310 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1311 0 \
1312 -s "found psk key exchange modes extension" \
1313 -s "found pre_shared_key extension" \
1314 -s "Found PSK_EPHEMERAL KEX MODE" \
1315 -s "Found PSK KEX MODE" \
1316 -s "Pre shared key found" \
1317 -S "No matched PSK or ticket" \
1318 -S "key exchange mode: psk$" \
1319 -s "key exchange mode: psk_ephemeral" \
1320 -S "key exchange mode: ephemeral"
1321
1322requires_openssl_tls1_3
1323requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1324requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1325requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001326run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +08001327 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1328 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1329 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1330 0 \
1331 -s "found psk key exchange modes extension" \
1332 -s "found pre_shared_key extension" \
1333 -s "Found PSK_EPHEMERAL KEX MODE" \
1334 -s "Found PSK KEX MODE" \
1335 -s "No matched PSK or ticket" \
1336 -S "key exchange mode: psk$" \
1337 -S "key exchange mode: psk_ephemeral" \
1338 -s "key exchange mode: ephemeral"
1339
1340requires_openssl_tls1_3
1341requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1342requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1343requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001344run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001345 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1346 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1347 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1348 1 \
1349 -s "found psk key exchange modes extension" \
1350 -s "found pre_shared_key extension" \
1351 -s "Found PSK_EPHEMERAL KEX MODE" \
1352 -s "Found PSK KEX MODE" \
1353 -s "Invalid binder." \
1354 -S "key exchange mode: psk$" \
1355 -S "key exchange mode: psk_ephemeral" \
1356 -S "key exchange mode: ephemeral"
1357
1358requires_openssl_tls1_3
1359requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1360requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1361requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001362run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001363 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1364 "$O_NEXT_CLI -tls1_3 -msg \
1365 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1366 0 \
1367 -s "found psk key exchange modes extension" \
1368 -s "found pre_shared_key extension" \
1369 -s "Found PSK_EPHEMERAL KEX MODE" \
1370 -S "Found PSK KEX MODE" \
1371 -s "Pre shared key found" \
1372 -S "No matched PSK or ticket" \
1373 -S "key exchange mode: psk$" \
1374 -s "key exchange mode: psk_ephemeral" \
1375 -S "key exchange mode: ephemeral"
1376
1377requires_openssl_tls1_3
1378requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1379requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1380requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001381run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +08001382 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1383 "$O_NEXT_CLI -tls1_3 -msg \
1384 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1385 0 \
1386 -s "found psk key exchange modes extension" \
1387 -s "found pre_shared_key extension" \
1388 -s "Found PSK_EPHEMERAL KEX MODE" \
1389 -S "Found PSK KEX MODE" \
1390 -s "No matched PSK or ticket" \
1391 -S "key exchange mode: psk$" \
1392 -S "key exchange mode: psk_ephemeral" \
1393 -s "key exchange mode: ephemeral"
1394
1395requires_openssl_tls1_3
1396requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1397requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1398requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001399run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001400 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1401 "$O_NEXT_CLI -tls1_3 -msg \
1402 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1403 1 \
1404 -s "found psk key exchange modes extension" \
1405 -s "found pre_shared_key extension" \
1406 -s "Found PSK_EPHEMERAL KEX MODE" \
1407 -S "Found PSK KEX MODE" \
1408 -s "Invalid binder." \
1409 -S "key exchange mode: psk$" \
1410 -S "key exchange mode: psk_ephemeral" \
1411 -S "key exchange mode: ephemeral"
1412
1413requires_openssl_tls1_3
1414requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1415requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1416requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001417run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001418 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1419 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1420 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1421 0 \
1422 -s "found psk key exchange modes extension" \
1423 -s "found pre_shared_key extension" \
1424 -s "Found PSK_EPHEMERAL KEX MODE" \
1425 -s "Found PSK KEX MODE" \
1426 -s "Pre shared key found" \
1427 -S "No matched PSK or ticket" \
1428 -S "key exchange mode: psk$" \
1429 -s "key exchange mode: psk_ephemeral" \
1430 -S "key exchange mode: ephemeral"
1431
1432requires_openssl_tls1_3
1433requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1434requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1435requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001436run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yue7b4b582022-08-25 17:53:13 +08001437 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1438 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1439 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1440 0 \
1441 -s "found psk key exchange modes extension" \
1442 -s "found pre_shared_key extension" \
1443 -s "Found PSK_EPHEMERAL KEX MODE" \
1444 -s "Found PSK KEX MODE" \
1445 -s "No matched PSK or ticket" \
1446 -S "key exchange mode: psk$" \
1447 -S "key exchange mode: psk_ephemeral" \
1448 -s "key exchange mode: ephemeral"
1449
1450requires_openssl_tls1_3
1451requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1452requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1453requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001454run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001455 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1456 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1457 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1458 1 \
1459 -s "found psk key exchange modes extension" \
1460 -s "found pre_shared_key extension" \
1461 -s "Found PSK_EPHEMERAL KEX MODE" \
1462 -s "Found PSK KEX MODE" \
1463 -s "Invalid binder." \
1464 -S "key exchange mode: psk$" \
1465 -S "key exchange mode: psk_ephemeral" \
1466 -S "key exchange mode: ephemeral"
1467
1468requires_openssl_tls1_3
1469requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1470requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1471requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +08001472run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001473 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1474 "$O_NEXT_CLI -tls1_3 -msg \
1475 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1476 0 \
1477 -s "found psk key exchange modes extension" \
1478 -s "found pre_shared_key extension" \
1479 -s "Found PSK_EPHEMERAL KEX MODE" \
1480 -S "Found PSK KEX MODE" \
1481 -s "Pre shared key found" \
1482 -S "No matched PSK or ticket" \
1483 -S "key exchange mode: psk$" \
1484 -S "key exchange mode: psk_ephemeral" \
1485 -s "key exchange mode: ephemeral"
1486
1487requires_openssl_tls1_3
1488requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1489requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1490requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001491run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001492 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1493 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1494 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1495 0 \
1496 -s "found psk key exchange modes extension" \
1497 -s "found pre_shared_key extension" \
1498 -s "Found PSK_EPHEMERAL KEX MODE" \
1499 -s "Found PSK KEX MODE" \
1500 -s "Pre shared key found" \
1501 -S "No matched PSK or ticket" \
1502 -S "key exchange mode: psk$" \
1503 -S "key exchange mode: psk_ephemeral" \
1504 -s "key exchange mode: ephemeral"
1505
1506requires_openssl_tls1_3
1507requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1508requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1509requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +08001510run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yue7b4b582022-08-25 17:53:13 +08001511 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1512 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1513 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1514 1 \
1515 -s "found psk key exchange modes extension" \
1516 -s "found pre_shared_key extension" \
1517 -s "Found PSK_EPHEMERAL KEX MODE" \
1518 -s "Found PSK KEX MODE" \
1519 -s "Invalid binder." \
1520 -S "key exchange mode: psk$" \
1521 -S "key exchange mode: psk_ephemeral" \
1522 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +08001523
1524requires_openssl_tls1_3
1525requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1526requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1527requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1528run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1529 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1530 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1531 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1532 0 \
1533 -s "write selected_group: secp256r1" \
1534 -S "key exchange mode: psk$" \
1535 -s "key exchange mode: psk_ephemeral" \
1536 -S "key exchange mode: ephemeral"
1537
1538requires_openssl_tls1_3
1539requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1540requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1541requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1542run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1543 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1544 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1545 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1546 0 \
1547 -s "write selected_group: secp384r1" \
1548 -S "key exchange mode: psk$" \
1549 -s "key exchange mode: psk_ephemeral" \
1550 -S "key exchange mode: ephemeral"
1551
1552requires_openssl_tls1_3
1553requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1554requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1555requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1556run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1557 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1558 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1559 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1560 0 \
1561 -s "write selected_group: secp521r1" \
1562 -S "key exchange mode: psk$" \
1563 -s "key exchange mode: psk_ephemeral" \
1564 -S "key exchange mode: ephemeral"
1565
1566requires_openssl_tls1_3
1567requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1568requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1569requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1570run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1571 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1572 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1573 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1574 0 \
1575 -s "write selected_group: x25519" \
1576 -S "key exchange mode: psk$" \
1577 -s "key exchange mode: psk_ephemeral" \
1578 -S "key exchange mode: ephemeral"
1579
1580requires_openssl_tls1_3
1581requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1582requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1583requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1584run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1585 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1586 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1587 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1588 0 \
1589 -s "write selected_group: x448" \
1590 -S "key exchange mode: psk$" \
1591 -s "key exchange mode: psk_ephemeral" \
1592 -S "key exchange mode: ephemeral"