TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 03b8f9d29939959a958641a784fcfbcc7374ebfa / . / tests / opt-testcases / tls13-kex-modes.sh
blob: a6bbd082ba5a0a9e1a77096a29eb3788b0be754e [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]21get_srv_psk_list ()
22{
23 case $(( TESTS % 3 )) in
24 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
25 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
26 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
27 esac
28}
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]29
Jerry Yu66f35f22022-08-22 17:27:41 +0800[diff] [blame]30requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]31requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
32requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
33requires_config_enabled MBEDTLS_SSL_SRV_C
34requires_config_enabled MBEDTLS_DEBUG_C
Jerry Yu9b83fa12022-07-31 13:13:51 +0800[diff] [blame]35# SOME_ECDHE_ENABLED?
36requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
37 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]38run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]39 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]40 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
41 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
42 localhost" \
43 1 \
44 -s "found psk key exchange modes extension" \
45 -s "found pre_shared_key extension" \
46 -s "Found PSK_EPHEMERAL KEX MODE" \
47 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]48 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]49
50requires_openssl_tls1_3
51requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
52requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
53requires_config_enabled MBEDTLS_SSL_SRV_C
54requires_config_enabled MBEDTLS_DEBUG_C
55# SOME_ECDHE_ENABLED?
56requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
57 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]58run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]59 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]60 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
61 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
62 1 \
63 -s "found psk key exchange modes extension" \
64 -s "found pre_shared_key extension" \
65 -s "Found PSK_EPHEMERAL KEX MODE" \
66 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]67 -s "No matched ciphersuite"
68
Jerry Yu25ab6542022-09-15 18:32:34 +0800[diff] [blame]69requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
70 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
71requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
72 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
73requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
74 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
75run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, auth fail, m->m" \
76 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \
77 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
78 0 \
79 -c "Pre-configured PSK number = 2" \
80 -s "sent selected_identity: 1" \
81 -s "key exchange mode: psk_ephemeral" \
82 -s "ticket is not authentic" \
83 -S "ticket is expired" \
84 -S "Ticket expired: start is in future" \
85 -S "Ticket expired: Ticket age exceed limitation" \
86 -S "Ticket expired: Ticket age outside tolerance window"
87
88requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
89 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
90requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
91 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
92requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
93 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
94run_test "TLS 1.3: NewSessionTicket: ephemeral, auth fail, m->m" \
95 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \
96 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
97 0 \
98 -c "Pre-configured PSK number = 1" \
99 -S "sent selected_identity:" \
100 -s "key exchange mode: ephemeral" \
101 -s "ticket is not authentic" \
102 -S "ticket is expired" \
103 -S "Ticket expired: start is in future" \
104 -S "Ticket expired: Ticket age exceed limitation" \
105 -S "Ticket expired: Ticket age outside tolerance window"
106
107requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
108 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
109requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
110 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
111requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
112 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
113run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, expired, m->m" \
114 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=2" \
115 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
116 0 \
117 -c "Pre-configured PSK number = 2" \
118 -s "sent selected_identity: 1" \
119 -s "key exchange mode: psk_ephemeral" \
120 -S "ticket is not authentic" \
121 -s "ticket is expired" \
122 -S "Ticket expired: start is in future" \
123 -S "Ticket expired: Ticket age exceed limitation" \
124 -S "Ticket expired: Ticket age outside tolerance window"
125
126requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
127 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
128requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
129 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
130requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
131 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
132run_test "TLS 1.3: NewSessionTicket: ephemeral, expired, m->m" \
133 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \
134 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
135 0 \
136 -c "Pre-configured PSK number = 1" \
137 -S "sent selected_identity:" \
138 -s "key exchange mode: ephemeral" \
139 -S "ticket is not authentic" \
140 -s "ticket is expired" \
141 -S "Ticket expired: start is in future" \
142 -S "Ticket expired: Ticket age exceed limitation" \
143 -S "Ticket expired: Ticket age outside tolerance window"
144
145requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
146 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
147requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
148 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
149requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
150 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
151run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, future start, m->m" \
152 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=3" \
153 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
154 0 \
155 -c "Pre-configured PSK number = 2" \
156 -s "sent selected_identity: 1" \
157 -s "key exchange mode: psk_ephemeral" \
158 -S "ticket is not authentic" \
159 -S "ticket is expired" \
160 -s "Ticket expired: start is in future" \
161 -S "Ticket expired: Ticket age exceed limitation" \
162 -S "Ticket expired: Ticket age outside tolerance window"
163
164requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
165 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
166requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
167 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
168requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
169 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
170run_test "TLS 1.3: NewSessionTicket: ephemeral, future start, m->m" \
171 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \
172 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
173 0 \
174 -c "Pre-configured PSK number = 1" \
175 -S "sent selected_identity:" \
176 -s "key exchange mode: ephemeral" \
177 -S "ticket is not authentic" \
178 -S "ticket is expired" \
179 -s "Ticket expired: start is in future" \
180 -S "Ticket expired: Ticket age exceed limitation" \
181 -S "Ticket expired: Ticket age outside tolerance window"
182
183requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
184 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
185requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
186 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
187requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
188 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
189run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, out of max age, m->m" \
190 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=4" \
191 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
192 0 \
193 -c "Pre-configured PSK number = 2" \
194 -s "sent selected_identity: 1" \
195 -s "key exchange mode: psk_ephemeral" \
196 -S "ticket is not authentic" \
197 -S "ticket is expired" \
198 -S "Ticket expired: start is in future" \
199 -s "Ticket expired: Ticket age exceed limitation" \
200 -S "Ticket expired: Ticket age outside tolerance window"
201
202requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
203 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
204requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
205 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
206requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
207 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
208run_test "TLS 1.3: NewSessionTicket: ephemeral, out of max age, m->m" \
209 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \
210 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
211 0 \
212 -c "Pre-configured PSK number = 1" \
213 -S "sent selected_identity:" \
214 -s "key exchange mode: ephemeral" \
215 -S "ticket is not authentic" \
216 -S "ticket is expired" \
217 -S "Ticket expired: start is in future" \
218 -s "Ticket expired: Ticket age exceed limitation" \
219 -S "Ticket expired: Ticket age outside tolerance window"
220
221requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
222 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
223requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
224 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
225requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
226 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
227run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, negative tolerance exceed, m->m" \
228 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=5" \
229 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
230 0 \
231 -c "Pre-configured PSK number = 2" \
232 -s "sent selected_identity: 1" \
233 -s "key exchange mode: psk_ephemeral" \
234 -S "ticket is not authentic" \
235 -S "ticket is expired" \
236 -S "Ticket expired: start is in future" \
237 -S "Ticket expired: Ticket age exceed limitation" \
238 -s "Ticket expired: Ticket age outside tolerance window"
239
240requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
241 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
242requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
243 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
244requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
245 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
246run_test "TLS 1.3: NewSessionTicket: ephemeral, negative tolerance exceed, m->m" \
247 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \
248 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
249 0 \
250 -c "Pre-configured PSK number = 1" \
251 -S "sent selected_identity:" \
252 -s "key exchange mode: ephemeral" \
253 -S "ticket is not authentic" \
254 -S "ticket is expired" \
255 -S "Ticket expired: start is in future" \
256 -S "Ticket expired: Ticket age exceed limitation" \
257 -s "Ticket expired: Ticket age outside tolerance window"
258
259requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
260 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
261requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
262 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
263requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
264 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
265run_test "TLS 1.3: NewSessionTicket: psk_ephemeral, tolerance exceed, m->m" \
266 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=6" \
267 "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \
268 0 \
269 -c "Pre-configured PSK number = 2" \
270 -s "sent selected_identity: 1" \
271 -s "key exchange mode: psk_ephemeral" \
272 -S "ticket is not authentic" \
273 -S "ticket is expired" \
274 -S "Ticket expired: start is in future" \
275 -S "Ticket expired: Ticket age exceed limitation" \
276 -s "Ticket expired: Ticket age outside tolerance window"
277
278requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \
279 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME
280requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
281 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
282requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
283 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
284run_test "TLS 1.3: NewSessionTicket: ephemeral, tolerance exceed, m->m" \
285 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \
286 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
287 0 \
288 -c "Pre-configured PSK number = 1" \
289 -S "sent selected_identity:" \
290 -s "key exchange mode: ephemeral" \
291 -S "ticket is not authentic" \
292 -S "ticket is expired" \
293 -S "Ticket expired: start is in future" \
294 -S "Ticket expired: Ticket age exceed limitation" \
295 -s "Ticket expired: Ticket age outside tolerance window"
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]296
297requires_gnutls_tls1_3
298requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
299requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]300run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]301 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]302 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
303 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
304 localhost" \
305 1 \
306 -s "found psk key exchange modes extension" \
307 -s "found pre_shared_key extension" \
308 -s "Found PSK_EPHEMERAL KEX MODE" \
309 -S "Found PSK KEX MODE" \
310 -S "key exchange mode: psk$" \
311 -S "key exchange mode: psk_ephemeral" \
312 -S "key exchange mode: ephemeral"
313
314requires_gnutls_tls1_3
315requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
316requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]317run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]318 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]319 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
320 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
321 localhost" \
322 0 \
323 -s "found psk key exchange modes extension" \
324 -s "found pre_shared_key extension" \
325 -s "Found PSK_EPHEMERAL KEX MODE" \
326 -s "Found PSK KEX MODE" \
327 -s "Pre shared key found" \
328 -S "No matched PSK or ticket" \
329 -s "key exchange mode: psk$" \
330 -S "key exchange mode: psk_ephemeral" \
331 -S "key exchange mode: ephemeral"
332
333requires_gnutls_tls1_3
334requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
335requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]336run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]337 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]338 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
339 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
340 localhost" \
341 1 \
342 -s "found psk key exchange modes extension" \
343 -s "found pre_shared_key extension" \
344 -s "Found PSK_EPHEMERAL KEX MODE" \
345 -s "Found PSK KEX MODE" \
346 -s "No matched PSK or ticket" \
347 -S "key exchange mode: psk$" \
348 -S "key exchange mode: psk_ephemeral" \
349 -S "key exchange mode: ephemeral"
350
351requires_gnutls_tls1_3
352requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
353requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]354run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]355 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]356 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
357 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
358 localhost" \
359 1 \
360 -s "found psk key exchange modes extension" \
361 -s "found pre_shared_key extension" \
362 -s "Found PSK_EPHEMERAL KEX MODE" \
363 -s "Found PSK KEX MODE" \
364 -s "Invalid binder." \
365 -S "key exchange mode: psk$" \
366 -S "key exchange mode: psk_ephemeral" \
367 -S "key exchange mode: ephemeral"
368
369requires_gnutls_tls1_3
370requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
371requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]372run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]373 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]374 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
375 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
376 localhost" \
377 0 \
378 -s "found psk key exchange modes extension" \
379 -s "found pre_shared_key extension" \
380 -S "Found PSK_EPHEMERAL KEX MODE" \
381 -s "Found PSK KEX MODE" \
382 -s "Pre shared key found" \
383 -S "No matched PSK or ticket" \
384 -s "key exchange mode: psk$" \
385 -S "key exchange mode: psk_ephemeral" \
386 -S "key exchange mode: ephemeral"
387
388requires_gnutls_tls1_3
389requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
390requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]391run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]392 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]393 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
394 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
395 localhost" \
396 1 \
397 -s "found psk key exchange modes extension" \
398 -s "found pre_shared_key extension" \
399 -S "Found PSK_EPHEMERAL KEX MODE" \
400 -s "Found PSK KEX MODE" \
401 -s "No matched PSK or ticket" \
402 -S "key exchange mode: psk$" \
403 -S "key exchange mode: psk_ephemeral" \
404 -S "key exchange mode: ephemeral"
405
406requires_gnutls_tls1_3
407requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
408requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]409run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]410 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]411 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
412 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
413 localhost" \
414 1 \
415 -s "found psk key exchange modes extension" \
416 -s "found pre_shared_key extension" \
417 -S "Found PSK_EPHEMERAL KEX MODE" \
418 -s "Found PSK KEX MODE" \
419 -s "Invalid binder." \
420 -S "key exchange mode: psk$" \
421 -S "key exchange mode: psk_ephemeral" \
422 -S "key exchange mode: ephemeral"
423
424requires_gnutls_tls1_3
425requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
426requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
427requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]428run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]429 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]430 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
431 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
432 localhost" \
433 0 \
434 -s "found psk key exchange modes extension" \
435 -s "found pre_shared_key extension" \
436 -s "Found PSK_EPHEMERAL KEX MODE" \
437 -S "Found PSK KEX MODE" \
438 -s "Pre shared key found" \
439 -S "No matched PSK or ticket" \
440 -S "key exchange mode: psk$" \
441 -s "key exchange mode: psk_ephemeral" \
442 -S "key exchange mode: ephemeral"
443
444requires_gnutls_tls1_3
445requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
446requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
447requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]448run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]449 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]450 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
451 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
452 localhost" \
453 1 \
454 -s "found psk key exchange modes extension" \
455 -s "found pre_shared_key extension" \
456 -s "Found PSK_EPHEMERAL KEX MODE" \
457 -S "Found PSK KEX MODE" \
458 -s "No matched PSK or ticket" \
459 -S "key exchange mode: psk$" \
460 -S "key exchange mode: psk_ephemeral" \
461 -S "key exchange mode: ephemeral"
462
463requires_gnutls_tls1_3
464requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
465requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
466requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]467run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]468 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]469 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
470 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
471 localhost" \
472 1 \
473 -s "found psk key exchange modes extension" \
474 -s "found pre_shared_key extension" \
475 -s "Found PSK_EPHEMERAL KEX MODE" \
476 -S "Found PSK KEX MODE" \
477 -s "Invalid binder." \
478 -S "key exchange mode: psk$" \
479 -S "key exchange mode: psk_ephemeral" \
480 -S "key exchange mode: ephemeral"
481
482requires_gnutls_tls1_3
483requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
484requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
485requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]486run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]487 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]488 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
489 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
490 localhost" \
491 0 \
492 -s "found psk key exchange modes extension" \
493 -s "found pre_shared_key extension" \
494 -s "Found PSK_EPHEMERAL KEX MODE" \
495 -s "Found PSK KEX MODE" \
496 -s "Pre shared key found" \
497 -S "No matched PSK or ticket" \
498 -S "key exchange mode: psk$" \
499 -s "key exchange mode: psk_ephemeral" \
500 -S "key exchange mode: ephemeral"
501
502requires_gnutls_tls1_3
503requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
504requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
505requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]506run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]507 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]508 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
509 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
510 localhost" \
511 1 \
512 -s "found psk key exchange modes extension" \
513 -s "found pre_shared_key extension" \
514 -s "Found PSK_EPHEMERAL KEX MODE" \
515 -s "Found PSK KEX MODE" \
516 -s "No matched PSK or ticket" \
517 -S "key exchange mode: psk$" \
518 -S "key exchange mode: psk_ephemeral" \
519 -S "key exchange mode: ephemeral"
520
521requires_gnutls_tls1_3
522requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
523requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
524requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]525run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]526 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]527 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
528 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
529 localhost" \
530 1 \
531 -s "found psk key exchange modes extension" \
532 -s "found pre_shared_key extension" \
533 -s "Found PSK_EPHEMERAL KEX MODE" \
534 -s "Found PSK KEX MODE" \
535 -s "Invalid binder." \
536 -S "key exchange mode: psk$" \
537 -S "key exchange mode: psk_ephemeral" \
538 -S "key exchange mode: ephemeral"
539
540requires_gnutls_tls1_3
541requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
542requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
543requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]544run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]545 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]546 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
547 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
548 localhost" \
549 1 \
550 -s "found psk key exchange modes extension" \
551 -s "found pre_shared_key extension" \
552 -S "Found PSK_EPHEMERAL KEX MODE" \
553 -s "Found PSK KEX MODE" \
554 -S "key exchange mode: psk$" \
555 -S "key exchange mode: psk_ephemeral" \
556 -S "key exchange mode: ephemeral"
557
558requires_gnutls_tls1_3
559requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
560requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
561requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]562run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]563 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]564 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
565 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
566 localhost" \
567 0 \
568 -s "found psk key exchange modes extension" \
569 -s "found pre_shared_key extension" \
570 -s "Found PSK_EPHEMERAL KEX MODE" \
571 -S "Found PSK KEX MODE" \
572 -s "Pre shared key found" \
573 -S "No matched PSK or ticket" \
574 -S "key exchange mode: psk$" \
575 -s "key exchange mode: psk_ephemeral" \
576 -S "key exchange mode: ephemeral"
577
578requires_gnutls_tls1_3
579requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
580requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
581requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]582run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]583 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]584 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
585 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
586 localhost" \
587 1 \
588 -s "found psk key exchange modes extension" \
589 -s "found pre_shared_key extension" \
590 -s "Found PSK_EPHEMERAL KEX MODE" \
591 -S "Found PSK KEX MODE" \
592 -s "No matched PSK or ticket" \
593 -S "key exchange mode: psk$" \
594 -S "key exchange mode: psk_ephemeral" \
595 -S "key exchange mode: ephemeral"
596
597requires_gnutls_tls1_3
598requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
599requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
600requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]601run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]602 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]603 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
604 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
605 localhost" \
606 1 \
607 -s "found psk key exchange modes extension" \
608 -s "found pre_shared_key extension" \
609 -s "Found PSK_EPHEMERAL KEX MODE" \
610 -S "Found PSK KEX MODE" \
611 -s "Invalid binder." \
612 -S "key exchange mode: psk$" \
613 -S "key exchange mode: psk_ephemeral" \
614 -S "key exchange mode: ephemeral"
615
616requires_gnutls_tls1_3
617requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
618requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
619requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]620run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]621 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]622 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
623 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
624 localhost" \
625 0 \
626 -s "found psk key exchange modes extension" \
627 -s "found pre_shared_key extension" \
628 -s "Found PSK_EPHEMERAL KEX MODE" \
629 -s "Found PSK KEX MODE" \
630 -s "Pre shared key found" \
631 -S "No matched PSK or ticket" \
632 -S "key exchange mode: psk$" \
633 -s "key exchange mode: psk_ephemeral" \
634 -S "key exchange mode: ephemeral"
635
636requires_gnutls_tls1_3
637requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
638requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
639requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]640run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]641 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]642 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
643 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
644 localhost" \
645 1 \
646 -s "found psk key exchange modes extension" \
647 -s "found pre_shared_key extension" \
648 -s "Found PSK_EPHEMERAL KEX MODE" \
649 -s "Found PSK KEX MODE" \
650 -s "No matched PSK or ticket" \
651 -S "key exchange mode: psk$" \
652 -S "key exchange mode: psk_ephemeral" \
653 -S "key exchange mode: ephemeral"
654
655requires_gnutls_tls1_3
656requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
657requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
658requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]659run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]660 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]661 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
662 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
663 localhost" \
664 1 \
665 -s "found psk key exchange modes extension" \
666 -s "found pre_shared_key extension" \
667 -s "Found PSK_EPHEMERAL KEX MODE" \
668 -s "Found PSK KEX MODE" \
669 -s "Invalid binder." \
670 -S "key exchange mode: psk$" \
671 -S "key exchange mode: psk_ephemeral" \
672 -S "key exchange mode: ephemeral"
673
674requires_gnutls_tls1_3
675requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
676requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
677requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]678run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]679 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]680 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
681 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
682 localhost" \
683 0 \
684 -s "found psk key exchange modes extension" \
685 -s "found pre_shared_key extension" \
686 -S "Found PSK_EPHEMERAL KEX MODE" \
687 -s "Found PSK KEX MODE" \
688 -s "Pre shared key found" \
689 -S "No matched PSK or ticket" \
690 -s "key exchange mode: psk$" \
691 -S "key exchange mode: psk_ephemeral" \
692 -S "key exchange mode: ephemeral"
693
694requires_gnutls_tls1_3
695requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
696requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
697requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]698run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]699 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]700 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
701 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
702 localhost" \
703 1 \
704 -s "found psk key exchange modes extension" \
705 -s "found pre_shared_key extension" \
706 -S "Found PSK_EPHEMERAL KEX MODE" \
707 -s "Found PSK KEX MODE" \
708 -s "No matched PSK or ticket" \
709 -S "key exchange mode: psk$" \
710 -S "key exchange mode: psk_ephemeral" \
711 -S "key exchange mode: ephemeral"
712
713requires_gnutls_tls1_3
714requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
715requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
716requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]717run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]718 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]719 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
720 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
721 localhost" \
722 1 \
723 -s "found psk key exchange modes extension" \
724 -s "found pre_shared_key extension" \
725 -S "Found PSK_EPHEMERAL KEX MODE" \
726 -s "Found PSK KEX MODE" \
727 -s "Invalid binder." \
728 -S "key exchange mode: psk$" \
729 -S "key exchange mode: psk_ephemeral" \
730 -S "key exchange mode: ephemeral"
731
732requires_gnutls_tls1_3
733requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
734requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
735requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]736run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]737 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]738 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
739 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
740 localhost" \
741 0 \
742 -s "found psk key exchange modes extension" \
743 -s "found pre_shared_key extension" \
744 -s "Found PSK_EPHEMERAL KEX MODE" \
745 -S "Found PSK KEX MODE" \
746 -s "Pre shared key found" \
747 -S "No matched PSK or ticket" \
748 -S "key exchange mode: psk$" \
749 -s "key exchange mode: psk_ephemeral" \
750 -S "key exchange mode: ephemeral"
751
752requires_gnutls_tls1_3
753requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
754requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
755requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]756run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]757 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]758 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
759 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
760 localhost" \
761 0 \
762 -s "found psk key exchange modes extension" \
763 -s "found pre_shared_key extension" \
764 -s "Found PSK_EPHEMERAL KEX MODE" \
765 -S "Found PSK KEX MODE" \
766 -s "No matched PSK or ticket" \
767 -S "key exchange mode: psk$" \
768 -S "key exchange mode: psk_ephemeral" \
769 -s "key exchange mode: ephemeral"
770
771requires_gnutls_tls1_3
772requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
773requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
774requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]775run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]776 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]777 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
778 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
779 localhost" \
780 1 \
781 -s "found psk key exchange modes extension" \
782 -s "found pre_shared_key extension" \
783 -s "Found PSK_EPHEMERAL KEX MODE" \
784 -S "Found PSK KEX MODE" \
785 -s "Invalid binder." \
786 -S "key exchange mode: psk$" \
787 -S "key exchange mode: psk_ephemeral" \
788 -S "key exchange mode: ephemeral"
789
790requires_gnutls_tls1_3
791requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
792requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
793requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]794run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]795 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]796 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
797 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
798 localhost" \
799 0 \
800 -s "found psk key exchange modes extension" \
801 -s "found pre_shared_key extension" \
802 -s "Found PSK_EPHEMERAL KEX MODE" \
803 -s "Found PSK KEX MODE" \
804 -s "Pre shared key found" \
805 -S "No matched PSK or ticket" \
806 -S "key exchange mode: psk$" \
807 -s "key exchange mode: psk_ephemeral" \
808 -S "key exchange mode: ephemeral"
809
810requires_gnutls_tls1_3
811requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
812requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
813requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]814run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]815 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]816 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
817 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
818 localhost" \
819 0 \
820 -s "found psk key exchange modes extension" \
821 -s "found pre_shared_key extension" \
822 -s "Found PSK_EPHEMERAL KEX MODE" \
823 -s "Found PSK KEX MODE" \
824 -s "No matched PSK or ticket" \
825 -S "key exchange mode: psk$" \
826 -S "key exchange mode: psk_ephemeral" \
827 -s "key exchange mode: ephemeral"
828
829requires_gnutls_tls1_3
830requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
831requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
832requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]833run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]834 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]835 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
836 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
837 localhost" \
838 1 \
839 -s "found psk key exchange modes extension" \
840 -s "found pre_shared_key extension" \
841 -s "Found PSK_EPHEMERAL KEX MODE" \
842 -s "Found PSK KEX MODE" \
843 -s "Invalid binder." \
844 -S "key exchange mode: psk$" \
845 -S "key exchange mode: psk_ephemeral" \
846 -S "key exchange mode: ephemeral"
847
848requires_gnutls_tls1_3
849requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
850requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
851requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]852run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]853 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]854 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
855 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
856 localhost" \
857 0 \
858 -s "found psk key exchange modes extension" \
859 -s "found pre_shared_key extension" \
860 -S "Found PSK_EPHEMERAL KEX MODE" \
861 -s "Found PSK KEX MODE" \
862 -s "Pre shared key found" \
863 -S "No matched PSK or ticket" \
864 -S "key exchange mode: psk$" \
865 -S "key exchange mode: psk_ephemeral" \
866 -s "key exchange mode: ephemeral"
867
868requires_gnutls_tls1_3
869requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
870requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
871requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]872run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]873 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]874 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
875 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
876 localhost" \
877 0 \
878 -s "found psk key exchange modes extension" \
879 -s "found pre_shared_key extension" \
880 -s "Found PSK_EPHEMERAL KEX MODE" \
881 -S "Found PSK KEX MODE" \
882 -s "Pre shared key found" \
883 -S "No matched PSK or ticket" \
884 -S "key exchange mode: psk$" \
885 -s "key exchange mode: psk_ephemeral" \
886 -S "key exchange mode: ephemeral"
887
888requires_gnutls_tls1_3
889requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
890requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
891requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]892run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]893 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]894 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
895 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
896 localhost" \
897 0 \
898 -s "found psk key exchange modes extension" \
899 -s "found pre_shared_key extension" \
900 -s "Found PSK_EPHEMERAL KEX MODE" \
901 -S "Found PSK KEX MODE" \
902 -s "No matched PSK or ticket" \
903 -S "key exchange mode: psk$" \
904 -S "key exchange mode: psk_ephemeral" \
905 -s "key exchange mode: ephemeral"
906
907requires_gnutls_tls1_3
908requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
909requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
910requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]911run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]912 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]913 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
914 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
915 localhost" \
916 1 \
917 -s "found psk key exchange modes extension" \
918 -s "found pre_shared_key extension" \
919 -s "Found PSK_EPHEMERAL KEX MODE" \
920 -S "Found PSK KEX MODE" \
921 -s "Invalid binder." \
922 -S "key exchange mode: psk$" \
923 -S "key exchange mode: psk_ephemeral" \
924 -S "key exchange mode: ephemeral"
925
926requires_gnutls_tls1_3
927requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
928requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
929requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]930run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]931 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]932 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
933 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
934 localhost" \
935 0 \
936 -s "found psk key exchange modes extension" \
937 -s "found pre_shared_key extension" \
938 -s "Found PSK_EPHEMERAL KEX MODE" \
939 -s "Found PSK KEX MODE" \
940 -s "Pre shared key found" \
941 -S "No matched PSK or ticket" \
942 -S "key exchange mode: psk$" \
943 -s "key exchange mode: psk_ephemeral" \
944 -S "key exchange mode: ephemeral"
945
946requires_gnutls_tls1_3
947requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
948requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
949requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]950run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]951 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]952 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
953 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
954 localhost" \
955 0 \
956 -s "found psk key exchange modes extension" \
957 -s "found pre_shared_key extension" \
958 -s "Found PSK_EPHEMERAL KEX MODE" \
959 -s "Found PSK KEX MODE" \
960 -s "No matched PSK or ticket" \
961 -S "key exchange mode: psk$" \
962 -S "key exchange mode: psk_ephemeral" \
963 -s "key exchange mode: ephemeral"
964
965requires_gnutls_tls1_3
966requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
967requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
968requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]969run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]970 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]971 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
972 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
973 localhost" \
974 1 \
975 -s "found psk key exchange modes extension" \
976 -s "found pre_shared_key extension" \
977 -s "Found PSK_EPHEMERAL KEX MODE" \
978 -s "Found PSK KEX MODE" \
979 -s "Invalid binder." \
980 -S "key exchange mode: psk$" \
981 -S "key exchange mode: psk_ephemeral" \
982 -S "key exchange mode: ephemeral"
983
984requires_gnutls_tls1_3
985requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
986requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
987requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]988run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]989 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]990 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
991 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
992 localhost" \
993 0 \
994 -s "found psk key exchange modes extension" \
995 -s "found pre_shared_key extension" \
996 -S "Found PSK_EPHEMERAL KEX MODE" \
997 -s "Found PSK KEX MODE" \
998 -s "Pre shared key found" \
999 -S "No matched PSK or ticket" \
1000 -S "key exchange mode: psk$" \
1001 -S "key exchange mode: psk_ephemeral" \
1002 -s "key exchange mode: ephemeral"
1003
1004requires_gnutls_tls1_3
1005requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1006requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1007requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1008run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1009 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1010 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1011 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1012 localhost" \
1013 1 \
1014 -s "found psk key exchange modes extension" \
1015 -s "found pre_shared_key extension" \
1016 -S "Found PSK_EPHEMERAL KEX MODE" \
1017 -s "Found PSK KEX MODE" \
1018 -s "Invalid binder." \
1019 -S "key exchange mode: psk$" \
1020 -S "key exchange mode: psk_ephemeral" \
1021 -S "key exchange mode: ephemeral"
1022
1023requires_gnutls_tls1_3
1024requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1025requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1026requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1027run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1028 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1029 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
1030 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1031 localhost" \
1032 0 \
1033 -s "found psk key exchange modes extension" \
1034 -s "found pre_shared_key extension" \
1035 -s "Found PSK_EPHEMERAL KEX MODE" \
1036 -S "Found PSK KEX MODE" \
1037 -s "Pre shared key found" \
1038 -S "No matched PSK or ticket" \
1039 -S "key exchange mode: psk$" \
1040 -S "key exchange mode: psk_ephemeral" \
1041 -s "key exchange mode: ephemeral"
1042
1043requires_gnutls_tls1_3
1044requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1045requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1046requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1047run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1048 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1049 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
1050 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1051 localhost" \
1052 0 \
1053 -s "found psk key exchange modes extension" \
1054 -s "found pre_shared_key extension" \
1055 -s "Found PSK_EPHEMERAL KEX MODE" \
1056 -s "Found PSK KEX MODE" \
1057 -s "Pre shared key found" \
1058 -S "No matched PSK or ticket" \
1059 -S "key exchange mode: psk$" \
1060 -S "key exchange mode: psk_ephemeral" \
1061 -s "key exchange mode: ephemeral"
1062
1063requires_gnutls_tls1_3
1064requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1065requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1066requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1067run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1068 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1069 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
1070 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1071 localhost" \
1072 1 \
1073 -s "found psk key exchange modes extension" \
1074 -s "found pre_shared_key extension" \
1075 -s "Found PSK_EPHEMERAL KEX MODE" \
1076 -s "Found PSK KEX MODE" \
1077 -s "Invalid binder." \
1078 -S "key exchange mode: psk$" \
1079 -S "key exchange mode: psk_ephemeral" \
1080 -S "key exchange mode: ephemeral"
1081
1082requires_gnutls_tls1_3
1083requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1084requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1085requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1086run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1087 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1088 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1089 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1090 localhost" \
1091 0 \
1092 -s "found psk key exchange modes extension" \
1093 -s "found pre_shared_key extension" \
1094 -S "Found PSK_EPHEMERAL KEX MODE" \
1095 -s "Found PSK KEX MODE" \
1096 -s "Pre shared key found" \
1097 -S "No matched PSK or ticket" \
1098 -S "key exchange mode: psk$" \
1099 -S "key exchange mode: psk_ephemeral" \
1100 -s "key exchange mode: ephemeral"
1101
1102requires_gnutls_tls1_3
1103requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1104requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1105requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]1106run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1107 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1108 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
1109 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
1110 localhost" \
1111 1 \
1112 -s "found psk key exchange modes extension" \
1113 -s "found pre_shared_key extension" \
1114 -S "Found PSK_EPHEMERAL KEX MODE" \
1115 -s "Found PSK KEX MODE" \
1116 -s "Invalid binder." \
1117 -S "key exchange mode: psk$" \
1118 -S "key exchange mode: psk_ephemeral" \
1119 -S "key exchange mode: ephemeral"
1120
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1121requires_gnutls_tls1_3
1122requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1123requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1124requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1125run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
1126 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1127 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
1128 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1129 localhost" \
1130 0 \
1131 -s "write selected_group: secp256r1" \
1132 -S "key exchange mode: psk$" \
1133 -s "key exchange mode: psk_ephemeral" \
1134 -S "key exchange mode: ephemeral"
1135
1136requires_gnutls_tls1_3
1137requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1138requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1139requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1140run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
1141 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1142 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
1143 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1144 localhost" \
1145 0 \
1146 -s "write selected_group: secp384r1" \
1147 -S "key exchange mode: psk$" \
1148 -s "key exchange mode: psk_ephemeral" \
1149 -S "key exchange mode: ephemeral"
1150
1151requires_gnutls_tls1_3
1152requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1153requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1154requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1155run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
1156 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1157 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
1158 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1159 localhost" \
1160 0 \
1161 -s "write selected_group: secp521r1" \
1162 -S "key exchange mode: psk$" \
1163 -s "key exchange mode: psk_ephemeral" \
1164 -S "key exchange mode: ephemeral"
1165
1166requires_gnutls_tls1_3
1167requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1168requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1169requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1170run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
1171 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1172 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
1173 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1174 localhost" \
1175 0 \
1176 -s "write selected_group: x25519" \
1177 -S "key exchange mode: psk$" \
1178 -s "key exchange mode: psk_ephemeral" \
1179 -S "key exchange mode: ephemeral"
1180
1181requires_gnutls_tls1_3
1182requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1183requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1184requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1185run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
1186 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1187 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
1188 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
1189 localhost" \
1190 0 \
1191 -s "write selected_group: x448" \
1192 -S "key exchange mode: psk$" \
1193 -s "key exchange mode: psk_ephemeral" \
1194 -S "key exchange mode: ephemeral"
1195
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1196requires_openssl_tls1_3
1197requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1198requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1199run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1200 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1201 "$O_NEXT_CLI -tls1_3 -msg \
1202 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1203 1 \
1204 -s "found psk key exchange modes extension" \
1205 -s "found pre_shared_key extension" \
1206 -s "Found PSK_EPHEMERAL KEX MODE" \
1207 -S "Found PSK KEX MODE" \
1208 -S "key exchange mode: psk$" \
1209 -S "key exchange mode: psk_ephemeral" \
1210 -S "key exchange mode: ephemeral"
1211
1212requires_openssl_tls1_3
1213requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1214requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1215run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1216 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1217 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1218 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1219 0 \
1220 -s "found psk key exchange modes extension" \
1221 -s "found pre_shared_key extension" \
1222 -s "Found PSK_EPHEMERAL KEX MODE" \
1223 -s "Found PSK KEX MODE" \
1224 -s "Pre shared key found" \
1225 -S "No matched PSK or ticket" \
1226 -s "key exchange mode: psk$" \
1227 -S "key exchange mode: psk_ephemeral" \
1228 -S "key exchange mode: ephemeral"
1229
1230requires_openssl_tls1_3
1231requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1232requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1233run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1234 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1235 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1236 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1237 1 \
1238 -s "found psk key exchange modes extension" \
1239 -s "found pre_shared_key extension" \
1240 -s "Found PSK_EPHEMERAL KEX MODE" \
1241 -s "Found PSK KEX MODE" \
1242 -s "No matched PSK or ticket" \
1243 -S "key exchange mode: psk$" \
1244 -S "key exchange mode: psk_ephemeral" \
1245 -S "key exchange mode: ephemeral"
1246
1247requires_openssl_tls1_3
1248requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1249requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1250run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1251 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1252 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1253 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1254 1 \
1255 -s "found psk key exchange modes extension" \
1256 -s "found pre_shared_key extension" \
1257 -s "Found PSK_EPHEMERAL KEX MODE" \
1258 -s "Found PSK KEX MODE" \
1259 -s "Invalid binder." \
1260 -S "key exchange mode: psk$" \
1261 -S "key exchange mode: psk_ephemeral" \
1262 -S "key exchange mode: ephemeral"
1263
1264requires_openssl_tls1_3
1265requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1266requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1267requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1268run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1269 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1270 "$O_NEXT_CLI -tls1_3 -msg \
1271 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1272 0 \
1273 -s "found psk key exchange modes extension" \
1274 -s "found pre_shared_key extension" \
1275 -s "Found PSK_EPHEMERAL KEX MODE" \
1276 -S "Found PSK KEX MODE" \
1277 -s "Pre shared key found" \
1278 -S "No matched PSK or ticket" \
1279 -S "key exchange mode: psk$" \
1280 -s "key exchange mode: psk_ephemeral" \
1281 -S "key exchange mode: ephemeral"
1282
1283requires_openssl_tls1_3
1284requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1285requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1286requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1287run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1288 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1289 "$O_NEXT_CLI -tls1_3 -msg \
1290 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1291 1 \
1292 -s "found psk key exchange modes extension" \
1293 -s "found pre_shared_key extension" \
1294 -s "Found PSK_EPHEMERAL KEX MODE" \
1295 -S "Found PSK KEX MODE" \
1296 -s "No matched PSK or ticket" \
1297 -S "key exchange mode: psk$" \
1298 -S "key exchange mode: psk_ephemeral" \
1299 -S "key exchange mode: ephemeral"
1300
1301requires_openssl_tls1_3
1302requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1303requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1304requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1305run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1306 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1307 "$O_NEXT_CLI -tls1_3 -msg \
1308 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1309 1 \
1310 -s "found psk key exchange modes extension" \
1311 -s "found pre_shared_key extension" \
1312 -s "Found PSK_EPHEMERAL KEX MODE" \
1313 -S "Found PSK KEX MODE" \
1314 -s "Invalid binder." \
1315 -S "key exchange mode: psk$" \
1316 -S "key exchange mode: psk_ephemeral" \
1317 -S "key exchange mode: ephemeral"
1318
1319requires_openssl_tls1_3
1320requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1321requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1322requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1323run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1324 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1325 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1326 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1327 0 \
1328 -s "found psk key exchange modes extension" \
1329 -s "found pre_shared_key extension" \
1330 -s "Found PSK_EPHEMERAL KEX MODE" \
1331 -s "Found PSK KEX MODE" \
1332 -s "Pre shared key found" \
1333 -S "No matched PSK or ticket" \
1334 -S "key exchange mode: psk$" \
1335 -s "key exchange mode: psk_ephemeral" \
1336 -S "key exchange mode: ephemeral"
1337
1338requires_openssl_tls1_3
1339requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1340requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1341requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1342run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1343 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1344 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1345 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1346 1 \
1347 -s "found psk key exchange modes extension" \
1348 -s "found pre_shared_key extension" \
1349 -s "Found PSK_EPHEMERAL KEX MODE" \
1350 -s "Found PSK KEX MODE" \
1351 -s "No matched PSK or ticket" \
1352 -S "key exchange mode: psk$" \
1353 -S "key exchange mode: psk_ephemeral" \
1354 -S "key exchange mode: ephemeral"
1355
1356requires_openssl_tls1_3
1357requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1358requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1359requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1360run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1361 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1362 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1363 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1364 1 \
1365 -s "found psk key exchange modes extension" \
1366 -s "found pre_shared_key extension" \
1367 -s "Found PSK_EPHEMERAL KEX MODE" \
1368 -s "Found PSK KEX MODE" \
1369 -s "Invalid binder." \
1370 -S "key exchange mode: psk$" \
1371 -S "key exchange mode: psk_ephemeral" \
1372 -S "key exchange mode: ephemeral"
1373
1374requires_openssl_tls1_3
1375requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1376requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1377requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1378run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1379 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1380 "$O_NEXT_CLI -tls1_3 -msg \
1381 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1382 0 \
1383 -s "found psk key exchange modes extension" \
1384 -s "found pre_shared_key extension" \
1385 -s "Found PSK_EPHEMERAL KEX MODE" \
1386 -S "Found PSK KEX MODE" \
1387 -s "Pre shared key found" \
1388 -S "No matched PSK or ticket" \
1389 -S "key exchange mode: psk$" \
1390 -s "key exchange mode: psk_ephemeral" \
1391 -S "key exchange mode: ephemeral"
1392
1393requires_openssl_tls1_3
1394requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1395requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1396requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1397run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1398 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1399 "$O_NEXT_CLI -tls1_3 -msg \
1400 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1401 1 \
1402 -s "found psk key exchange modes extension" \
1403 -s "found pre_shared_key extension" \
1404 -s "Found PSK_EPHEMERAL KEX MODE" \
1405 -S "Found PSK KEX MODE" \
1406 -s "No matched PSK or ticket" \
1407 -S "key exchange mode: psk$" \
1408 -S "key exchange mode: psk_ephemeral" \
1409 -S "key exchange mode: ephemeral"
1410
1411requires_openssl_tls1_3
1412requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1413requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1414requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1415run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1416 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1417 "$O_NEXT_CLI -tls1_3 -msg \
1418 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1419 1 \
1420 -s "found psk key exchange modes extension" \
1421 -s "found pre_shared_key extension" \
1422 -s "Found PSK_EPHEMERAL KEX MODE" \
1423 -S "Found PSK KEX MODE" \
1424 -s "Invalid binder." \
1425 -S "key exchange mode: psk$" \
1426 -S "key exchange mode: psk_ephemeral" \
1427 -S "key exchange mode: ephemeral"
1428
1429requires_openssl_tls1_3
1430requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1431requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1432requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1433run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1434 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1435 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1436 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1437 0 \
1438 -s "found psk key exchange modes extension" \
1439 -s "found pre_shared_key extension" \
1440 -s "Found PSK_EPHEMERAL KEX MODE" \
1441 -s "Found PSK KEX MODE" \
1442 -s "Pre shared key found" \
1443 -S "No matched PSK or ticket" \
1444 -S "key exchange mode: psk$" \
1445 -s "key exchange mode: psk_ephemeral" \
1446 -S "key exchange mode: ephemeral"
1447
1448requires_openssl_tls1_3
1449requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1450requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1451requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1452run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1453 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1454 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1455 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1456 1 \
1457 -s "found psk key exchange modes extension" \
1458 -s "found pre_shared_key extension" \
1459 -s "Found PSK_EPHEMERAL KEX MODE" \
1460 -s "Found PSK KEX MODE" \
1461 -s "No matched PSK or ticket" \
1462 -S "key exchange mode: psk$" \
1463 -S "key exchange mode: psk_ephemeral" \
1464 -S "key exchange mode: ephemeral"
1465
1466requires_openssl_tls1_3
1467requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1468requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1469requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1470run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1471 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1472 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1473 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1474 1 \
1475 -s "found psk key exchange modes extension" \
1476 -s "found pre_shared_key extension" \
1477 -s "Found PSK_EPHEMERAL KEX MODE" \
1478 -s "Found PSK KEX MODE" \
1479 -s "Invalid binder." \
1480 -S "key exchange mode: psk$" \
1481 -S "key exchange mode: psk_ephemeral" \
1482 -S "key exchange mode: ephemeral"
1483
1484requires_openssl_tls1_3
1485requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1486requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1487requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1488run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1489 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1490 "$O_NEXT_CLI -tls1_3 -msg \
1491 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1492 0 \
1493 -s "found psk key exchange modes extension" \
1494 -s "found pre_shared_key extension" \
1495 -s "Found PSK_EPHEMERAL KEX MODE" \
1496 -S "Found PSK KEX MODE" \
1497 -s "Pre shared key found" \
1498 -S "No matched PSK or ticket" \
1499 -S "key exchange mode: psk$" \
1500 -s "key exchange mode: psk_ephemeral" \
1501 -S "key exchange mode: ephemeral"
1502
1503requires_openssl_tls1_3
1504requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1505requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1506requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1507run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1508 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1509 "$O_NEXT_CLI -tls1_3 -msg \
1510 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1511 0 \
1512 -s "found psk key exchange modes extension" \
1513 -s "found pre_shared_key extension" \
1514 -s "Found PSK_EPHEMERAL KEX MODE" \
1515 -S "Found PSK KEX MODE" \
1516 -s "No matched PSK or ticket" \
1517 -S "key exchange mode: psk$" \
1518 -S "key exchange mode: psk_ephemeral" \
1519 -s "key exchange mode: ephemeral"
1520
1521requires_openssl_tls1_3
1522requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1523requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1524requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1525run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1526 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1527 "$O_NEXT_CLI -tls1_3 -msg \
1528 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1529 1 \
1530 -s "found psk key exchange modes extension" \
1531 -s "found pre_shared_key extension" \
1532 -s "Found PSK_EPHEMERAL KEX MODE" \
1533 -S "Found PSK KEX MODE" \
1534 -s "Invalid binder." \
1535 -S "key exchange mode: psk$" \
1536 -S "key exchange mode: psk_ephemeral" \
1537 -S "key exchange mode: ephemeral"
1538
1539requires_openssl_tls1_3
1540requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1541requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1542requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1543run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1544 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1545 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1546 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1547 0 \
1548 -s "found psk key exchange modes extension" \
1549 -s "found pre_shared_key extension" \
1550 -s "Found PSK_EPHEMERAL KEX MODE" \
1551 -s "Found PSK KEX MODE" \
1552 -s "Pre shared key found" \
1553 -S "No matched PSK or ticket" \
1554 -S "key exchange mode: psk$" \
1555 -s "key exchange mode: psk_ephemeral" \
1556 -S "key exchange mode: ephemeral"
1557
1558requires_openssl_tls1_3
1559requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1560requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1561requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1562run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1563 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1564 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1565 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1566 0 \
1567 -s "found psk key exchange modes extension" \
1568 -s "found pre_shared_key extension" \
1569 -s "Found PSK_EPHEMERAL KEX MODE" \
1570 -s "Found PSK KEX MODE" \
1571 -s "No matched PSK or ticket" \
1572 -S "key exchange mode: psk$" \
1573 -S "key exchange mode: psk_ephemeral" \
1574 -s "key exchange mode: ephemeral"
1575
1576requires_openssl_tls1_3
1577requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1578requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1579requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1580run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1581 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1582 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1583 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1584 1 \
1585 -s "found psk key exchange modes extension" \
1586 -s "found pre_shared_key extension" \
1587 -s "Found PSK_EPHEMERAL KEX MODE" \
1588 -s "Found PSK KEX MODE" \
1589 -s "Invalid binder." \
1590 -S "key exchange mode: psk$" \
1591 -S "key exchange mode: psk_ephemeral" \
1592 -S "key exchange mode: ephemeral"
1593
1594requires_openssl_tls1_3
1595requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1596requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1597requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1598run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1599 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1600 "$O_NEXT_CLI -tls1_3 -msg \
1601 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1602 0 \
1603 -s "found psk key exchange modes extension" \
1604 -s "found pre_shared_key extension" \
1605 -s "Found PSK_EPHEMERAL KEX MODE" \
1606 -S "Found PSK KEX MODE" \
1607 -s "Pre shared key found" \
1608 -S "No matched PSK or ticket" \
1609 -S "key exchange mode: psk$" \
1610 -s "key exchange mode: psk_ephemeral" \
1611 -S "key exchange mode: ephemeral"
1612
1613requires_openssl_tls1_3
1614requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1615requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1616requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1617run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1618 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1619 "$O_NEXT_CLI -tls1_3 -msg \
1620 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1621 0 \
1622 -s "found psk key exchange modes extension" \
1623 -s "found pre_shared_key extension" \
1624 -s "Found PSK_EPHEMERAL KEX MODE" \
1625 -S "Found PSK KEX MODE" \
1626 -s "No matched PSK or ticket" \
1627 -S "key exchange mode: psk$" \
1628 -S "key exchange mode: psk_ephemeral" \
1629 -s "key exchange mode: ephemeral"
1630
1631requires_openssl_tls1_3
1632requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1633requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1634requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1635run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1636 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1637 "$O_NEXT_CLI -tls1_3 -msg \
1638 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1639 1 \
1640 -s "found psk key exchange modes extension" \
1641 -s "found pre_shared_key extension" \
1642 -s "Found PSK_EPHEMERAL KEX MODE" \
1643 -S "Found PSK KEX MODE" \
1644 -s "Invalid binder." \
1645 -S "key exchange mode: psk$" \
1646 -S "key exchange mode: psk_ephemeral" \
1647 -S "key exchange mode: ephemeral"
1648
1649requires_openssl_tls1_3
1650requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1651requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1652requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1653run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1654 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1655 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1656 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1657 0 \
1658 -s "found psk key exchange modes extension" \
1659 -s "found pre_shared_key extension" \
1660 -s "Found PSK_EPHEMERAL KEX MODE" \
1661 -s "Found PSK KEX MODE" \
1662 -s "Pre shared key found" \
1663 -S "No matched PSK or ticket" \
1664 -S "key exchange mode: psk$" \
1665 -s "key exchange mode: psk_ephemeral" \
1666 -S "key exchange mode: ephemeral"
1667
1668requires_openssl_tls1_3
1669requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1670requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1671requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1672run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1673 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1674 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1675 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1676 0 \
1677 -s "found psk key exchange modes extension" \
1678 -s "found pre_shared_key extension" \
1679 -s "Found PSK_EPHEMERAL KEX MODE" \
1680 -s "Found PSK KEX MODE" \
1681 -s "No matched PSK or ticket" \
1682 -S "key exchange mode: psk$" \
1683 -S "key exchange mode: psk_ephemeral" \
1684 -s "key exchange mode: ephemeral"
1685
1686requires_openssl_tls1_3
1687requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1688requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1689requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1690run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1691 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1692 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1693 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1694 1 \
1695 -s "found psk key exchange modes extension" \
1696 -s "found pre_shared_key extension" \
1697 -s "Found PSK_EPHEMERAL KEX MODE" \
1698 -s "Found PSK KEX MODE" \
1699 -s "Invalid binder." \
1700 -S "key exchange mode: psk$" \
1701 -S "key exchange mode: psk_ephemeral" \
1702 -S "key exchange mode: ephemeral"
1703
1704requires_openssl_tls1_3
1705requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1706requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1707requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1708run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1709 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1710 "$O_NEXT_CLI -tls1_3 -msg \
1711 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1712 0 \
1713 -s "found psk key exchange modes extension" \
1714 -s "found pre_shared_key extension" \
1715 -s "Found PSK_EPHEMERAL KEX MODE" \
1716 -S "Found PSK KEX MODE" \
1717 -s "Pre shared key found" \
1718 -S "No matched PSK or ticket" \
1719 -S "key exchange mode: psk$" \
1720 -S "key exchange mode: psk_ephemeral" \
1721 -s "key exchange mode: ephemeral"
1722
1723requires_openssl_tls1_3
1724requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1725requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1726requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1727run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1728 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1729 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1730 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1731 0 \
1732 -s "found psk key exchange modes extension" \
1733 -s "found pre_shared_key extension" \
1734 -s "Found PSK_EPHEMERAL KEX MODE" \
1735 -s "Found PSK KEX MODE" \
1736 -s "Pre shared key found" \
1737 -S "No matched PSK or ticket" \
1738 -S "key exchange mode: psk$" \
1739 -S "key exchange mode: psk_ephemeral" \
1740 -s "key exchange mode: ephemeral"
1741
1742requires_openssl_tls1_3
1743requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1744requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1745requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1746run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1747 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1748 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1749 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1750 1 \
1751 -s "found psk key exchange modes extension" \
1752 -s "found pre_shared_key extension" \
1753 -s "Found PSK_EPHEMERAL KEX MODE" \
1754 -s "Found PSK KEX MODE" \
1755 -s "Invalid binder." \
1756 -S "key exchange mode: psk$" \
1757 -S "key exchange mode: psk_ephemeral" \
1758 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1759
1760requires_openssl_tls1_3
1761requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1762requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1763requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1764run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1765 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1766 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1767 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1768 0 \
1769 -s "write selected_group: secp256r1" \
1770 -S "key exchange mode: psk$" \
1771 -s "key exchange mode: psk_ephemeral" \
1772 -S "key exchange mode: ephemeral"
1773
1774requires_openssl_tls1_3
1775requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1776requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1777requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1778run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1779 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1780 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1781 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1782 0 \
1783 -s "write selected_group: secp384r1" \
1784 -S "key exchange mode: psk$" \
1785 -s "key exchange mode: psk_ephemeral" \
1786 -S "key exchange mode: ephemeral"
1787
1788requires_openssl_tls1_3
1789requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1790requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1791requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1792run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1793 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1794 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1795 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1796 0 \
1797 -s "write selected_group: secp521r1" \
1798 -S "key exchange mode: psk$" \
1799 -s "key exchange mode: psk_ephemeral" \
1800 -S "key exchange mode: ephemeral"
1801
1802requires_openssl_tls1_3
1803requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1804requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1805requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1806run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1807 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1808 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1809 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1810 0 \
1811 -s "write selected_group: x25519" \
1812 -S "key exchange mode: psk$" \
1813 -s "key exchange mode: psk_ephemeral" \
1814 -S "key exchange mode: ephemeral"
1815
1816requires_openssl_tls1_3
1817requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1818requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1819requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1820run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1821 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1822 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1823 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1824 0 \
1825 -s "write selected_group: x448" \
1826 -S "key exchange mode: psk$" \
1827 -s "key exchange mode: psk_ephemeral" \
1828 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1829
1830requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1831requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1832requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1833requires_openssl_tls1_3
1834run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1835 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1836 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1837 0 \
1838 -s "write selected_group: secp384r1" \
1839 -s "HRR selected_group: secp384r1" \
1840 -S "key exchange mode: psk$" \
1841 -s "key exchange mode: psk_ephemeral" \
1842 -S "key exchange mode: ephemeral"
1843
1844requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1845requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1846requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1847requires_gnutls_tls1_3
1848requires_gnutls_next_no_ticket
1849requires_gnutls_next_disable_tls13_compat
1850run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1851 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1852 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1853 0 \
1854 -s "write selected_group: secp384r1" \
1855 -s "HRR selected_group: secp384r1" \
1856 -S "key exchange mode: psk$" \
1857 -s "key exchange mode: psk_ephemeral" \
1858 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1859
1860
1861# Add psk test cases for mbedtls client code
1862
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1863# MbedTls->MbedTLS kinds of tls13_kex_modes
1864# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1865requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1866requires_config_enabled MBEDTLS_SSL_SRV_C
1867requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1868run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1869 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1870 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1871 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1872 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1873 -c "client hello, adding psk_key_exchange_modes extension" \
1874 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1875 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1876 -c "HTTP/1.0 200 OK"
1877
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1878requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1879requires_config_enabled MBEDTLS_SSL_SRV_C
1880requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1881run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1882 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1883 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1884 1 \
1885 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1886 -c "client hello, adding psk_key_exchange_modes extension" \
1887 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1888 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1889
1890requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1891requires_config_enabled MBEDTLS_SSL_SRV_C
1892requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1893run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1894 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1895 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1896 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1897 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1898 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1899 -c "client hello, adding PSK binder list" \
1900 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1901
1902requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1903requires_config_enabled MBEDTLS_SSL_SRV_C
1904requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1905run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1906 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1907 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1908 1 \
1909 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1910 -c "client hello, adding psk_key_exchange_modes extension" \
1911 -c "client hello, adding PSK binder list" \
1912 -s "ClientHello message misses mandatory extensions."
1913
1914requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1915requires_config_enabled MBEDTLS_SSL_SRV_C
1916requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1917run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1918 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1919 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1920 1 \
1921 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1922 -c "client hello, adding psk_key_exchange_modes extension" \
1923 -c "client hello, adding PSK binder list" \
1924 -s "ClientHello message misses mandatory extensions."
1925
1926requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1927requires_config_enabled MBEDTLS_SSL_SRV_C
1928requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1929run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1930 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1931 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1932 1 \
1933 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1934 -c "client hello, adding psk_key_exchange_modes extension" \
1935 -c "client hello, adding PSK binder list" \
1936 -s "ClientHello message misses mandatory extensions."
1937
1938requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1939requires_config_enabled MBEDTLS_SSL_SRV_C
1940requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1941run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1942 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1943 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1944 0 \
1945 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1946 -c "client hello, adding psk_key_exchange_modes extension" \
1947 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1948 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1949 -c "HTTP/1.0 200 OK"
1950
1951requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1952requires_config_enabled MBEDTLS_SSL_SRV_C
1953requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1954run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1955 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1956 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1957 1 \
1958 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1959 -c "client hello, adding psk_key_exchange_modes extension" \
1960 -c "client hello, adding PSK binder list" \
1961 -s "No matched PSK or ticket" \
1962 -s "ClientHello message misses mandatory extensions."
1963
1964requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1965requires_config_enabled MBEDTLS_SSL_SRV_C
1966requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1967run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1968 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1969 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1970 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1971 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1972 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]1973 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1974 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1975
1976requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1977requires_config_enabled MBEDTLS_SSL_SRV_C
1978requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1979run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1980 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1981 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1982 0 \
1983 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1984 -c "client hello, adding psk_key_exchange_modes extension" \
1985 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]1986 -c "Selected key exchange mode: psk$" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1987 -c "HTTP/1.0 200 OK"
1988
1989requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1990requires_config_enabled MBEDTLS_SSL_SRV_C
1991requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]1992run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1993 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1994 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1995 1 \
1996 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1997 -c "client hello, adding psk_key_exchange_modes extension" \
1998 -c "client hello, adding PSK binder list" \
1999 -s "No matched PSK or ticket" \
2000 -s "ClientHello message misses mandatory extensions."
2001
2002requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2003requires_config_enabled MBEDTLS_SSL_SRV_C
2004requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2005run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2006 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2007 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2008 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]2009 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2010 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame]2011 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2012 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2013
2014# psk_ephemeral mode in client
2015requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2016requires_config_enabled MBEDTLS_SSL_SRV_C
2017requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2018run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2019 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2020 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2021 1 \
2022 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2023 -c "client hello, adding psk_key_exchange_modes extension" \
2024 -c "client hello, adding PSK binder list" \
2025 -s "ClientHello message misses mandatory extensions."
2026
2027requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2028requires_config_enabled MBEDTLS_SSL_SRV_C
2029requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2030run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2031 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2032 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2033 0 \
2034 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2035 -c "client hello, adding psk_key_exchange_modes extension" \
2036 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2037 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2038 -c "HTTP/1.0 200 OK"
2039
2040requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2041requires_config_enabled MBEDTLS_SSL_SRV_C
2042requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2043run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2044 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2045 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2046 1 \
2047 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2048 -c "client hello, adding psk_key_exchange_modes extension" \
2049 -c "client hello, adding PSK binder list" \
2050 -s "No matched PSK or ticket" \
2051 -s "ClientHello message misses mandatory extensions."
2052
2053requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2054requires_config_enabled MBEDTLS_SSL_SRV_C
2055requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2056run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2057 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2058 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2059 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2060 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2061 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2062 -c "client hello, adding PSK binder list" \
2063 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2064
2065requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2066requires_config_enabled MBEDTLS_SSL_SRV_C
2067requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2068requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2069requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
2070requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2071run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2072 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2073 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2074 1 \
2075 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2076 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2077 -c "client hello, adding PSK binder list"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2078
2079requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2080requires_config_enabled MBEDTLS_SSL_SRV_C
2081requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2082run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2083 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2084 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2085 0 \
2086 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2087 -c "client hello, adding psk_key_exchange_modes extension" \
2088 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2089 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2090 -c "HTTP/1.0 200 OK"
2091
2092requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2093requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2094requires_config_enabled MBEDTLS_SSL_SRV_C
2095requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2096requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
2097requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2098run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2099 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2100 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2101 1 \
2102 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2103 -c "client hello, adding psk_key_exchange_modes extension" \
2104 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2105 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2106
2107requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2108requires_config_enabled MBEDTLS_SSL_SRV_C
2109requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2110run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2111 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2112 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2113 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2114 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2115 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2116 -c "client hello, adding PSK binder list" \
2117 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2118
2119requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2120requires_config_enabled MBEDTLS_SSL_SRV_C
2121requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2122run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2123 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2124 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2125 0 \
2126 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2127 -c "client hello, adding psk_key_exchange_modes extension" \
2128 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2129 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2130 -c "HTTP/1.0 200 OK"
2131
2132requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2133requires_config_enabled MBEDTLS_SSL_SRV_C
2134requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2135run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2136 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2137 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2138 1 \
2139 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2140 -c "client hello, adding psk_key_exchange_modes extension" \
2141 -c "client hello, adding PSK binder list" \
2142 -s "No matched PSK or ticket" \
2143 -s "ClientHello message misses mandatory extensions."
2144
2145requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2146requires_config_enabled MBEDTLS_SSL_SRV_C
2147requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2148run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2149 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2150 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2151 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2152 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2153 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2154 -c "client hello, adding PSK binder list" \
2155 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2156
2157requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2158requires_config_enabled MBEDTLS_SSL_SRV_C
2159requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2160run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2161 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2162 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2163 0 \
2164 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2165 -c "client hello, adding psk_key_exchange_modes extension" \
2166 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2167 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2168 -c "HTTP/1.0 200 OK"
2169
2170requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2171requires_config_enabled MBEDTLS_SSL_SRV_C
2172requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2173run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2174 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2175 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2176 1 \
2177 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2178 -c "client hello, adding psk_key_exchange_modes extension" \
2179 -c "client hello, adding PSK binder list" \
2180 -s "No matched PSK or ticket" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2181
2182requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2183requires_config_enabled MBEDTLS_SSL_SRV_C
2184requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2185run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2186 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2187 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2188 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2189 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2190 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2191 -c "client hello, adding PSK binder list" \
2192 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]2193
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2194# ephemeral mode in client
2195requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2196requires_config_enabled MBEDTLS_SSL_SRV_C
2197requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2198run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2199 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2200 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2201 1 \
2202 -s "ClientHello message misses mandatory extensions."
2203
2204requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2205requires_config_enabled MBEDTLS_SSL_SRV_C
2206requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2207run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2208 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2209 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2210 1 \
2211 -s "ClientHello message misses mandatory extensions."
2212
2213requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2214requires_config_enabled MBEDTLS_SSL_SRV_C
2215requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2216run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2217 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2218 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2219 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2220 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2221 -c "HTTP/1.0 200 OK"
2222
2223requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2224requires_config_enabled MBEDTLS_SSL_SRV_C
2225requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2226run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2227 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2228 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2229 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2230 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2231 -c "HTTP/1.0 200 OK"
2232
2233requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2234requires_config_enabled MBEDTLS_SSL_SRV_C
2235requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2236run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2237 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2238 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2239 1 \
2240 -s "ClientHello message misses mandatory extensions."
2241
2242requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2243requires_config_enabled MBEDTLS_SSL_SRV_C
2244requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2245run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2246 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2247 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2248 0 \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2249 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2250 -c "HTTP/1.0 200 OK"
2251
2252# ephemeral_all mode in client
2253requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2254requires_config_enabled MBEDTLS_SSL_SRV_C
2255requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2256run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2257 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2258 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2259 1 \
2260 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2261 -c "client hello, adding psk_key_exchange_modes extension" \
2262 -c "client hello, adding PSK binder list" \
2263 -s "ClientHello message misses mandatory extensions."
2264
2265requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2266requires_config_enabled MBEDTLS_SSL_SRV_C
2267requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2268run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2269 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2270 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2271 0 \
2272 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2273 -c "client hello, adding psk_key_exchange_modes extension" \
2274 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2275 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2276 -c "HTTP/1.0 200 OK"
2277
2278requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2279requires_config_enabled MBEDTLS_SSL_SRV_C
2280requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2281run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2282 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2283 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2284 1 \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2285 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2286 -c "client hello, adding psk_key_exchange_modes extension" \
2287 -c "client hello, adding PSK binder list" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2288 -s "No matched PSK or ticket"
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2289
2290requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2291requires_config_enabled MBEDTLS_SSL_SRV_C
2292requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2293run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian210727f2022-09-23 07:25:40 +0000[diff] [blame]2294 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2295 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2296 1 \
2297 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2298 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2299 -c "client hello, adding PSK binder list" \
2300 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2301
2302requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2303requires_config_enabled MBEDTLS_SSL_SRV_C
2304requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2305run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2306 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2307 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2308 0 \
2309 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2310 -c "client hello, adding psk_key_exchange_modes extension" \
2311 -c "client hello, adding PSK binder list" \
2312 -s "key exchange mode: ephemeral" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2313 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2314 -c "HTTP/1.0 200 OK"
2315
2316requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2317requires_config_enabled MBEDTLS_SSL_SRV_C
2318requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2319run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2320 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2321 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2322 0 \
2323 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2324 -c "client hello, adding psk_key_exchange_modes extension" \
2325 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2326 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2327 -c "HTTP/1.0 200 OK"
2328
2329requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2330requires_config_enabled MBEDTLS_SSL_SRV_C
2331requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2332run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2333 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2334 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2335 0 \
2336 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2337 -c "client hello, adding psk_key_exchange_modes extension" \
2338 -c "client hello, adding PSK binder list" \
2339 -s "No matched PSK or ticket" \
2340 -s "key exchange mode: ephemeral"
2341
2342requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2343requires_config_enabled MBEDTLS_SSL_SRV_C
2344requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2345run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2346 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2347 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2348 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2349 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2350 -c "client hello, adding psk_key_exchange_modes extension" \
2351 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2352 -s "Invalid binder."
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2353
2354requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2355requires_config_enabled MBEDTLS_SSL_SRV_C
2356requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2357run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2358 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2359 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2360 0 \
2361 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2362 -c "client hello, adding psk_key_exchange_modes extension" \
2363 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2364 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2365 -c "HTTP/1.0 200 OK"
2366
2367requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2368requires_config_enabled MBEDTLS_SSL_SRV_C
2369requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2370run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2371 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2372 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2373 1 \
2374 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2375 -c "client hello, adding psk_key_exchange_modes extension" \
2376 -c "client hello, adding PSK binder list" \
2377 -s "No matched PSK or ticket" \
2378 -s "ClientHello message misses mandatory extensions."
2379
2380requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2381requires_config_enabled MBEDTLS_SSL_SRV_C
2382requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2383run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2384 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2385 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2386 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2387 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2388 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2389 -c "client hello, adding PSK binder list" \
2390 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2391
2392requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2393requires_config_enabled MBEDTLS_SSL_SRV_C
2394requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2395run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2396 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2397 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2398 0 \
2399 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2400 -c "client hello, adding psk_key_exchange_modes extension" \
2401 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2402 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2403 -c "HTTP/1.0 200 OK"
2404
2405requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2406requires_config_enabled MBEDTLS_SSL_SRV_C
2407requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2408run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2409 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2410 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2411 0 \
2412 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2413 -c "client hello, adding psk_key_exchange_modes extension" \
2414 -c "client hello, adding PSK binder list" \
2415 -s "No matched PSK or ticket" \
2416 -s "key exchange mode: ephemeral"
2417
2418requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2419requires_config_enabled MBEDTLS_SSL_SRV_C
2420requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2421run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2422 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2423 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2424 1 \
2425 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2426 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2427 -c "client hello, adding PSK binder list" \
2428 -s "Invalid binder."
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2429
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2430# psk_all mode in client
2431requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2432requires_config_enabled MBEDTLS_SSL_SRV_C
2433requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2434run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2435 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2436 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437 0 \
2438 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2439 -c "client hello, adding psk_key_exchange_modes extension" \
2440 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2441 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2442 -c "HTTP/1.0 200 OK"
2443
2444requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2445requires_config_enabled MBEDTLS_SSL_SRV_C
2446requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2447run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2448 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2449 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2450 1 \
2451 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2452 -c "client hello, adding psk_key_exchange_modes extension" \
2453 -c "client hello, adding PSK binder list" \
2454 -s "ClientHello message misses mandatory extensions."
2455
2456requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2457requires_config_enabled MBEDTLS_SSL_SRV_C
2458requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2459run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2460 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2461 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2462 1 \
2463 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2464 -c "client hello, adding psk_key_exchange_modes extension" \
2465 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2466 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2467
2468requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2469requires_config_enabled MBEDTLS_SSL_SRV_C
2470requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2471run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2472 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2473 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2474 0 \
2475 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2476 -c "client hello, adding psk_key_exchange_modes extension" \
2477 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2478 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2479 -c "HTTP/1.0 200 OK"
2480
2481requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2482requires_config_enabled MBEDTLS_SSL_SRV_C
2483requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2484run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2485 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2486 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2487 1 \
2488 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2489 -c "client hello, adding psk_key_exchange_modes extension" \
2490 -c "client hello, adding PSK binder list" \
2491 -s "No matched PSK or ticket" \
2492 -s "ClientHello message misses mandatory extensions."
2493
2494requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2495requires_config_enabled MBEDTLS_SSL_SRV_C
2496requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2497run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2498 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2499 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2500 1 \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2501 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2502 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2503 -c "client hello, adding PSK binder list" \
2504 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2505
2506requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2507requires_config_enabled MBEDTLS_SSL_SRV_C
2508requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2509run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2510 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2511 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2512 1 \
2513 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2514 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2515 -c "client hello, adding PSK binder list"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2516
2517requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2518requires_config_enabled MBEDTLS_SSL_SRV_C
2519requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2520run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2521 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2522 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2523 0 \
2524 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2525 -c "client hello, adding psk_key_exchange_modes extension" \
2526 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2527 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2528 -c "HTTP/1.0 200 OK"
2529
2530requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2531requires_config_enabled MBEDTLS_SSL_SRV_C
2532requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2533run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2534 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2535 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2536 1 \
2537 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2538 -c "client hello, adding psk_key_exchange_modes extension" \
2539 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2540 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2541
2542requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2543requires_config_enabled MBEDTLS_SSL_SRV_C
2544requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qiana70bd912022-09-28 07:50:13 +0000[diff] [blame]2545run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2546 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2547 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2548 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2549 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2550 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2551 -c "client hello, adding PSK binder list" \
2552 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2553
2554requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2555requires_config_enabled MBEDTLS_SSL_SRV_C
2556requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2557run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2558 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2559 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2560 0 \
2561 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2562 -c "client hello, adding psk_key_exchange_modes extension" \
2563 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2564 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2565 -c "HTTP/1.0 200 OK"
2566
2567requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2568requires_config_enabled MBEDTLS_SSL_SRV_C
2569requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2570run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2571 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2572 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2573 1 \
2574 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2575 -c "client hello, adding psk_key_exchange_modes extension" \
2576 -c "client hello, adding PSK binder list" \
2577 -s "No matched PSK or ticket" \
2578 -s "ClientHello message misses mandatory extensions."
2579
2580requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2581requires_config_enabled MBEDTLS_SSL_SRV_C
2582requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2583run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2584 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2585 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2586 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2587 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2588 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2589 -c "client hello, adding PSK binder list" \
2590 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2591
2592requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2593requires_config_enabled MBEDTLS_SSL_SRV_C
2594requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2595run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2596 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2597 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2598 0 \
2599 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2600 -c "client hello, adding psk_key_exchange_modes extension" \
2601 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2602 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2603 -c "HTTP/1.0 200 OK"
2604
2605requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2606requires_config_enabled MBEDTLS_SSL_SRV_C
2607requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2608run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2609 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2610 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2611 1 \
2612 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2613 -c "client hello, adding psk_key_exchange_modes extension" \
2614 -c "client hello, adding PSK binder list" \
Xiaokang Qianac8195f2022-09-26 04:01:06 +0000[diff] [blame]2615 -s "No matched PSK or ticket"
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2616
2617requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2618requires_config_enabled MBEDTLS_SSL_SRV_C
2619requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2620run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2621 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2622 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2623 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2624 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2625 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2626 -c "client hello, adding PSK binder list" \
2627 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2628
2629# all mode in client
2630requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2631requires_config_enabled MBEDTLS_SSL_SRV_C
2632requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2633run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2634 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2635 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2636 0 \
2637 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2638 -c "client hello, adding psk_key_exchange_modes extension" \
2639 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2640 -c "Selected key exchange mode: psk$" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2641 -c "HTTP/1.0 200 OK"
2642
2643requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2644requires_config_enabled MBEDTLS_SSL_SRV_C
2645requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2646run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2647 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2648 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2649 1 \
2650 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2651 -c "client hello, adding psk_key_exchange_modes extension" \
2652 -c "client hello, adding PSK binder list" \
Xiaokang Qian954d5762022-09-26 08:40:10 +0000[diff] [blame]2653 -s "No matched PSK or ticket" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2654 -s "ClientHello message misses mandatory extensions."
2655
2656requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2657requires_config_enabled MBEDTLS_SSL_SRV_C
2658requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2659run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2660 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2661 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2662 1 \
2663 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2664 -c "client hello, adding psk_key_exchange_modes extension" \
2665 -c "client hello, adding PSK binder list" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2666 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2667
2668requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2669requires_config_enabled MBEDTLS_SSL_SRV_C
2670requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2671run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2672 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2673 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2674 0 \
2675 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2676 -c "client hello, adding psk_key_exchange_modes extension" \
2677 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2678 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2679 -c "HTTP/1.0 200 OK"
2680
2681requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2682requires_config_enabled MBEDTLS_SSL_SRV_C
2683requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2684run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2685 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2686 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2687 1 \
2688 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2689 -c "client hello, adding psk_key_exchange_modes extension" \
2690 -c "client hello, adding PSK binder list" \
2691 -s "No matched PSK or ticket" \
2692 -s "ClientHello message misses mandatory extensions."
2693
2694requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2695requires_config_enabled MBEDTLS_SSL_SRV_C
2696requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2697run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2698 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2699 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2700 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2701 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2702 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2703 -c "client hello, adding PSK binder list" \
2704 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2705
2706requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2707requires_config_enabled MBEDTLS_SSL_SRV_C
2708requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2709run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2710 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2711 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2712 0 \
2713 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2714 -c "client hello, adding psk_key_exchange_modes extension" \
2715 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2716 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2717 -c "HTTP/1.0 200 OK"
2718
2719requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2720requires_config_enabled MBEDTLS_SSL_SRV_C
2721requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2722run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2723 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2724 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2725 0 \
2726 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2727 -c "client hello, adding psk_key_exchange_modes extension" \
2728 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2729 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2730 -c "HTTP/1.0 200 OK"
2731
2732requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2733requires_config_enabled MBEDTLS_SSL_SRV_C
2734requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2735run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2736 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2737 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2738 0 \
2739 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2740 -c "client hello, adding psk_key_exchange_modes extension" \
2741 -c "client hello, adding PSK binder list" \
2742 -s "No matched PSK or ticket" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2743 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2744 -c "HTTP/1.0 200 OK"
2745
2746requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2747requires_config_enabled MBEDTLS_SSL_SRV_C
2748requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2749run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2750 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2751 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2752 1 \
2753 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2754 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2755 -c "client hello, adding PSK binder list" \
2756 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2757
2758requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2759requires_config_enabled MBEDTLS_SSL_SRV_C
2760requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2761run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2762 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2763 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2764 0 \
2765 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2766 -c "client hello, adding psk_key_exchange_modes extension" \
2767 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2768 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2769 -c "HTTP/1.0 200 OK"
2770
2771requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2772requires_config_enabled MBEDTLS_SSL_SRV_C
2773requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2774run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2775 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2776 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2777 1 \
2778 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2779 -c "client hello, adding psk_key_exchange_modes extension" \
2780 -c "client hello, adding PSK binder list" \
2781 -s "No matched PSK or ticket" \
2782 -s "ClientHello message misses mandatory extensions."
2783
2784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2785requires_config_enabled MBEDTLS_SSL_SRV_C
2786requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2787run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2788 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2789 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2790 1 \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2791 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2792 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2793 -c "client hello, adding PSK binder list" \
2794 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2795
2796requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2797requires_config_enabled MBEDTLS_SSL_SRV_C
2798requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2799run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2800 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2801 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2802 0 \
2803 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2804 -c "client hello, adding psk_key_exchange_modes extension" \
2805 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2806 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2807 -c "HTTP/1.0 200 OK"
2808
2809requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2810requires_config_enabled MBEDTLS_SSL_SRV_C
2811requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2812run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2813 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2814 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2815 0 \
2816 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2817 -c "client hello, adding psk_key_exchange_modes extension" \
2818 -c "client hello, adding PSK binder list" \
2819 -s "No matched PSK or ticket" \
2820 -s "key exchange mode: ephemeral"
2821
2822requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2823requires_config_enabled MBEDTLS_SSL_SRV_C
2824requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian9c172042022-09-27 11:41:50 +0000[diff] [blame]2825run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2826 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2827 "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \
2828 1 \
2829 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2830 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiandea2cbe2022-09-22 11:07:28 +0000[diff] [blame]2831 -c "client hello, adding PSK binder list" \
2832 -s "Invalid binder."
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2833
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2834#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2835requires_openssl_tls1_3
2836requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2837requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2838requires_config_enabled MBEDTLS_DEBUG_C
2839requires_config_enabled MBEDTLS_SSL_CLI_C
2840requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2841 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2842run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2843 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2844 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2845 0 \
2846 -c "=> write client hello" \
2847 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2848 -c "client hello, adding psk_key_exchange_modes extension" \
2849 -c "client hello, adding PSK binder list" \
2850 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2851 -c "Selected key exchange mode: psk$" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2852 -c "HTTP/1.0 200 ok"
2853
2854requires_openssl_tls1_3
2855requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2856requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2857requires_config_enabled MBEDTLS_DEBUG_C
2858requires_config_enabled MBEDTLS_SSL_CLI_C
2859requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2860 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2861run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2862 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2863 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2864 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2865 -c "=> write client hello" \
2866 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2867 -c "client hello, adding psk_key_exchange_modes extension" \
2868 -c "client hello, adding PSK binder list" \
2869 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2870 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2871
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2872#OPENSSL-SERVER psk_all mode
2873requires_openssl_tls1_3
2874requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2875requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2876requires_config_enabled MBEDTLS_DEBUG_C
2877requires_config_enabled MBEDTLS_SSL_CLI_C
2878requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2879 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2880run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2881 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2882 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2883 0 \
2884 -c "=> write client hello" \
2885 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2886 -c "client hello, adding psk_key_exchange_modes extension" \
2887 -c "client hello, adding PSK binder list" \
2888 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2889 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2890 -c "HTTP/1.0 200 ok"
2891
2892requires_openssl_tls1_3
2893requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2894requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2895requires_config_enabled MBEDTLS_DEBUG_C
2896requires_config_enabled MBEDTLS_SSL_CLI_C
2897requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2898 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2899run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2900 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2901 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
2902 0 \
2903 -c "=> write client hello" \
2904 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2905 -c "client hello, adding psk_key_exchange_modes extension" \
2906 -c "client hello, adding PSK binder list" \
2907 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2908 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2909 -c "HTTP/1.0 200 ok"
2910
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2911#OPENSSL-SERVER psk_ephemeral mode
2912requires_openssl_tls1_3
2913requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2914requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2915requires_config_enabled MBEDTLS_DEBUG_C
2916requires_config_enabled MBEDTLS_SSL_CLI_C
2917requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2918 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2919run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2920 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2921 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2922 0 \
2923 -c "=> write client hello" \
2924 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2925 -c "client hello, adding psk_key_exchange_modes extension" \
2926 -c "client hello, adding PSK binder list" \
2927 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2928 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2929 -c "HTTP/1.0 200 ok"
2930
2931requires_openssl_tls1_3
2932requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2933requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2934requires_config_enabled MBEDTLS_DEBUG_C
2935requires_config_enabled MBEDTLS_SSL_CLI_C
2936requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2937 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2938run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2939 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2940 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
2941 0 \
2942 -c "=> write client hello" \
2943 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2944 -c "client hello, adding psk_key_exchange_modes extension" \
2945 -c "client hello, adding PSK binder list" \
2946 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2947 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2948 -c "HTTP/1.0 200 ok"
2949
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2950#OPENSSL-SERVER ephemeral mode
2951requires_openssl_tls1_3
2952requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2953requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2954requires_config_enabled MBEDTLS_DEBUG_C
2955requires_config_enabled MBEDTLS_SSL_CLI_C
2956requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2957 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2958run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2959 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2960 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2961 0 \
2962 -c "=> write client hello" \
2963 -c "skip psk_key_exchange_modes extension" \
2964 -c "<= write client hello" \
2965 -c "found key_shares extension" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2966 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2967 -c "HTTP/1.0 200 ok"
2968
2969requires_openssl_tls1_3
2970requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2971requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2972requires_config_enabled MBEDTLS_DEBUG_C
2973requires_config_enabled MBEDTLS_SSL_CLI_C
2974requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2975 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2976run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2977 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2978 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2979 0 \
2980 -c "=> write client hello" \
2981 -c "skip psk_key_exchange_modes extension" \
2982 -c "<= write client hello" \
2983 -c "found key_shares extension" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]2984 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2985 -c "HTTP/1.0 200 ok"
2986
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2987#OPENSSL-SERVER ephemeral_all mode
2988requires_openssl_tls1_3
2989requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2990requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2991requires_config_enabled MBEDTLS_DEBUG_C
2992requires_config_enabled MBEDTLS_SSL_CLI_C
2993requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2994 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2995run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2996 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2997 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2998 0 \
2999 -c "=> write client hello" \
3000 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3001 -c "client hello, adding psk_key_exchange_modes extension" \
3002 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3003 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3004 -c "<= write client hello" \
3005 -c "HTTP/1.0 200 ok"
3006
3007requires_openssl_tls1_3
3008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3009requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3010requires_config_enabled MBEDTLS_DEBUG_C
3011requires_config_enabled MBEDTLS_SSL_CLI_C
3012requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3013 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3014run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3015 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3016 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3017 0 \
3018 -c "=> write client hello" \
3019 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3020 -c "client hello, adding psk_key_exchange_modes extension" \
3021 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3022 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3023 -c "<= write client hello" \
3024 -c "HTTP/1.0 200 ok"
3025
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3026#OPENSSL-SERVER all mode
3027requires_openssl_tls1_3
3028requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3029requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3030requires_config_enabled MBEDTLS_DEBUG_C
3031requires_config_enabled MBEDTLS_SSL_CLI_C
3032requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3033 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3034run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3035 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3036 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3037 0 \
3038 -c "=> write client hello" \
3039 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3040 -c "client hello, adding psk_key_exchange_modes extension" \
3041 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3042 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3043 -c "<= write client hello" \
3044 -c "HTTP/1.0 200 ok"
3045
3046requires_openssl_tls1_3
3047requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3048requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3049requires_config_enabled MBEDTLS_DEBUG_C
3050requires_config_enabled MBEDTLS_SSL_CLI_C
3051requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3052 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3053run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3054 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3055 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
3056 0 \
3057 -c "=> write client hello" \
3058 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3059 -c "client hello, adding psk_key_exchange_modes extension" \
3060 -c "client hello, adding PSK binder list" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3061 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3062 -c "<= write client hello" \
3063 -c "HTTP/1.0 200 ok"
3064
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3065#GNUTLS-SERVER psk mode
3066requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3067requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3068requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3069requires_config_enabled MBEDTLS_DEBUG_C
3070requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3071run_test "TLS 1.3: m->G: psk/all, good" \
3072 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3073 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3074 0 \
3075 -c "=> write client hello" \
3076 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3077 -c "client hello, adding psk_key_exchange_modes extension" \
3078 -c "client hello, adding PSK binder list" \
3079 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3080 -s "Parsing extension 'Pre Shared Key/41'" \
3081 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3082 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3083 -c "HTTP/1.0 200 OK"
3084
3085requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3086requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3087requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3088requires_config_enabled MBEDTLS_DEBUG_C
3089requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3090run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
3091 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3092 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3093 1 \
3094 -c "=> write client hello" \
3095 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3096 -c "client hello, adding psk_key_exchange_modes extension" \
3097 -c "client hello, adding PSK binder list" \
3098 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3099 -s "Parsing extension 'Pre Shared Key/41'" \
3100 -c "<= write client hello" \
3101 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3102
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3103#GNUTLS-SERVER psk_all mode
3104requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3105requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3106requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3107requires_config_enabled MBEDTLS_DEBUG_C
3108requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3109run_test "TLS 1.3: m->G: psk_all/all, good" \
3110 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3111 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3112 0 \
3113 -c "=> write client hello" \
3114 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3115 -c "client hello, adding psk_key_exchange_modes extension" \
3116 -c "client hello, adding PSK binder list" \
3117 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3118 -s "Parsing extension 'Pre Shared Key/41'" \
3119 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3120 -c "Selected key exchange mode: psk$" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3121 -c "HTTP/1.0 200 OK"
3122
3123requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3124requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3125requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3126requires_config_enabled MBEDTLS_DEBUG_C
3127requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3128run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail - no fallback" \
3129 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3130 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3131 1 \
3132 -c "=> write client hello" \
3133 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3134 -c "client hello, adding psk_key_exchange_modes extension" \
3135 -c "client hello, adding PSK binder list" \
3136 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3137 -s "Parsing extension 'Pre Shared Key/41'" \
3138 -c "<= write client hello" \
3139 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3140
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3141#GNUTLS-SERVER psk_ephemeral mode
3142requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3143requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3144requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3145requires_config_enabled MBEDTLS_DEBUG_C
3146requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3147run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
3148 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3149 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3150 0 \
3151 -c "=> write client hello" \
3152 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3153 -c "client hello, adding psk_key_exchange_modes extension" \
3154 -c "client hello, adding PSK binder list" \
3155 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3156 -s "Parsing extension 'Pre Shared Key/41'" \
3157 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3158 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3159 -c "HTTP/1.0 200 OK"
3160
3161requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3162requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3163requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3164requires_config_enabled MBEDTLS_DEBUG_C
3165requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3166run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
3167 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3168 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3169 0 \
3170 -c "=> write client hello" \
3171 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3172 -c "client hello, adding psk_key_exchange_modes extension" \
3173 -c "client hello, adding PSK binder list" \
3174 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3175 -s "Parsing extension 'Pre Shared Key/41'" \
3176 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3177 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3178 -c "HTTP/1.0 200 OK"
3179
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3180#GNUTLS-SERVER ephemeral mode
3181requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3182requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3183requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3184requires_config_enabled MBEDTLS_DEBUG_C
3185requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3186run_test "TLS 1.3: m->G: ephemeral/all, good" \
3187 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3188 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3189 0 \
3190 -c "=> write client hello" \
3191 -c "skip psk_key_exchange_modes extension" \
3192 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3193 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3194 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3195 -c "HTTP/1.0 200 OK"
3196
3197requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3198requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3199requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3200requires_config_enabled MBEDTLS_DEBUG_C
3201requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3202run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
3203 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3204 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3205 0 \
3206 -c "=> write client hello" \
3207 -c "skip psk_key_exchange_modes extension" \
3208 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3209 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3210 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3211 -c "HTTP/1.0 200 OK"
3212
3213#GNUTLS-SERVER ephemeral_all mode
3214requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3215requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3216requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3217requires_config_enabled MBEDTLS_DEBUG_C
3218requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3219run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
3220 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3221 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3222 0 \
3223 -c "=> write client hello" \
3224 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3225 -c "client hello, adding psk_key_exchange_modes extension" \
3226 -c "client hello, adding PSK binder list" \
3227 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3228 -s "Parsing extension 'Pre Shared Key/41'" \
3229 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3230 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3231 -c "HTTP/1.0 200 OK"
3232
3233requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3234requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3235requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3236requires_config_enabled MBEDTLS_DEBUG_C
3237requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3238run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
3239 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3240 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3241 0 \
3242 -c "=> write client hello" \
3243 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3244 -c "client hello, adding psk_key_exchange_modes extension" \
3245 -c "client hello, adding PSK binder list" \
3246 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3247 -s "Parsing extension 'Pre Shared Key/41'" \
3248 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3249 -c "Selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3250 -c "HTTP/1.0 200 OK"
3251
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3252#GNUTLS-SERVER all mode
3253requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3254requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3255requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3256requires_config_enabled MBEDTLS_DEBUG_C
3257requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3258run_test "TLS 1.3: m->G: all/all, good" \
3259 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3260 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3261 0 \
3262 -c "=> write client hello" \
3263 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3264 -c "client hello, adding psk_key_exchange_modes extension" \
3265 -c "client hello, adding PSK binder list" \
3266 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3267 -s "Parsing extension 'Pre Shared Key/41'" \
3268 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3269 -c "Selected key exchange mode: psk$" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3270 -c "HTTP/1.0 200 OK"
3271
3272requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3273requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3274requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3275requires_config_enabled MBEDTLS_DEBUG_C
3276requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3277run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
3278 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3279 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3280 0 \
3281 -c "=> write client hello" \
3282 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3283 -c "client hello, adding psk_key_exchange_modes extension" \
3284 -c "client hello, adding PSK binder list" \
3285 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3286 -s "Parsing extension 'Pre Shared Key/41'" \
3287 -c "<= write client hello" \
Xiaokang Qianca343ae2022-09-28 02:07:54 +0000[diff] [blame]3288 -c "Selected key exchange mode: ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3289 -c "HTTP/1.0 200 OK"