TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8939930b826f85aedb6e6e30bbbf02659b823705 / . / tests / opt-testcases / tls13-kex-modes.sh
blob: af4db48d0a93a8617f330e1bd1c9b95b7b0d6550 [file] [log] [blame]
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]1#!/bin/sh
2
3# tls13-kex-modes.sh
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]21get_srv_psk_list ()
22{
23 case $(( TESTS % 3 )) in
24 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
25 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
26 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
27 esac
28}
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]29
Jerry Yu66f35f22022-08-22 17:27:41 +0800[diff] [blame]30requires_gnutls_tls1_3
Jerry Yu6a9beba2022-07-31 12:45:25 +0800[diff] [blame]31requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
32requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
33requires_config_enabled MBEDTLS_SSL_SRV_C
34requires_config_enabled MBEDTLS_DEBUG_C
Jerry Yu9b83fa12022-07-31 13:13:51 +0800[diff] [blame]35# SOME_ECDHE_ENABLED?
36requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
37 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]38run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]39 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]40 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
41 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
42 localhost" \
43 1 \
44 -s "found psk key exchange modes extension" \
45 -s "found pre_shared_key extension" \
46 -s "Found PSK_EPHEMERAL KEX MODE" \
47 -s "Found PSK KEX MODE" \
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]48 -s "No matched ciphersuite"
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]49
50requires_openssl_tls1_3
51requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
52requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
53requires_config_enabled MBEDTLS_SSL_SRV_C
54requires_config_enabled MBEDTLS_DEBUG_C
55# SOME_ECDHE_ENABLED?
56requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
57 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu3e06fce2022-08-25 17:51:57 +0800[diff] [blame]58run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]59 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yu2185c0f2022-08-23 16:12:43 +0800[diff] [blame]60 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\
61 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
62 1 \
63 -s "found psk key exchange modes extension" \
64 -s "found pre_shared_key extension" \
65 -s "Found PSK_EPHEMERAL KEX MODE" \
66 -s "Found PSK KEX MODE" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]67 -s "No matched ciphersuite"
68
69
70requires_gnutls_tls1_3
71requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
72requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]73run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]74 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]75 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
76 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
77 localhost" \
78 1 \
79 -s "found psk key exchange modes extension" \
80 -s "found pre_shared_key extension" \
81 -s "Found PSK_EPHEMERAL KEX MODE" \
82 -S "Found PSK KEX MODE" \
83 -S "key exchange mode: psk$" \
84 -S "key exchange mode: psk_ephemeral" \
85 -S "key exchange mode: ephemeral"
86
87requires_gnutls_tls1_3
88requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
89requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]90run_test "TLS 1.3: G->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]91 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]92 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
93 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
94 localhost" \
95 0 \
96 -s "found psk key exchange modes extension" \
97 -s "found pre_shared_key extension" \
98 -s "Found PSK_EPHEMERAL KEX MODE" \
99 -s "Found PSK KEX MODE" \
100 -s "Pre shared key found" \
101 -S "No matched PSK or ticket" \
102 -s "key exchange mode: psk$" \
103 -S "key exchange mode: psk_ephemeral" \
104 -S "key exchange mode: ephemeral"
105
106requires_gnutls_tls1_3
107requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
108requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]109run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]110 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]111 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
112 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
113 localhost" \
114 1 \
115 -s "found psk key exchange modes extension" \
116 -s "found pre_shared_key extension" \
117 -s "Found PSK_EPHEMERAL KEX MODE" \
118 -s "Found PSK KEX MODE" \
119 -s "No matched PSK or ticket" \
120 -S "key exchange mode: psk$" \
121 -S "key exchange mode: psk_ephemeral" \
122 -S "key exchange mode: ephemeral"
123
124requires_gnutls_tls1_3
125requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
126requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]127run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]128 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]129 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
130 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
131 localhost" \
132 1 \
133 -s "found psk key exchange modes extension" \
134 -s "found pre_shared_key extension" \
135 -s "Found PSK_EPHEMERAL KEX MODE" \
136 -s "Found PSK KEX MODE" \
137 -s "Invalid binder." \
138 -S "key exchange mode: psk$" \
139 -S "key exchange mode: psk_ephemeral" \
140 -S "key exchange mode: ephemeral"
141
142requires_gnutls_tls1_3
143requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
144requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]145run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]146 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]147 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
148 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
149 localhost" \
150 0 \
151 -s "found psk key exchange modes extension" \
152 -s "found pre_shared_key extension" \
153 -S "Found PSK_EPHEMERAL KEX MODE" \
154 -s "Found PSK KEX MODE" \
155 -s "Pre shared key found" \
156 -S "No matched PSK or ticket" \
157 -s "key exchange mode: psk$" \
158 -S "key exchange mode: psk_ephemeral" \
159 -S "key exchange mode: ephemeral"
160
161requires_gnutls_tls1_3
162requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
163requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]164run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]165 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]166 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
167 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
168 localhost" \
169 1 \
170 -s "found psk key exchange modes extension" \
171 -s "found pre_shared_key extension" \
172 -S "Found PSK_EPHEMERAL KEX MODE" \
173 -s "Found PSK KEX MODE" \
174 -s "No matched PSK or ticket" \
175 -S "key exchange mode: psk$" \
176 -S "key exchange mode: psk_ephemeral" \
177 -S "key exchange mode: ephemeral"
178
179requires_gnutls_tls1_3
180requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
181requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]182run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]183 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]184 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
185 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
186 localhost" \
187 1 \
188 -s "found psk key exchange modes extension" \
189 -s "found pre_shared_key extension" \
190 -S "Found PSK_EPHEMERAL KEX MODE" \
191 -s "Found PSK KEX MODE" \
192 -s "Invalid binder." \
193 -S "key exchange mode: psk$" \
194 -S "key exchange mode: psk_ephemeral" \
195 -S "key exchange mode: ephemeral"
196
197requires_gnutls_tls1_3
198requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
199requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
200requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]201run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]202 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]203 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
204 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
205 localhost" \
206 0 \
207 -s "found psk key exchange modes extension" \
208 -s "found pre_shared_key extension" \
209 -s "Found PSK_EPHEMERAL KEX MODE" \
210 -S "Found PSK KEX MODE" \
211 -s "Pre shared key found" \
212 -S "No matched PSK or ticket" \
213 -S "key exchange mode: psk$" \
214 -s "key exchange mode: psk_ephemeral" \
215 -S "key exchange mode: ephemeral"
216
217requires_gnutls_tls1_3
218requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
219requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
220requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]221run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]222 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]223 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
224 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
225 localhost" \
226 1 \
227 -s "found psk key exchange modes extension" \
228 -s "found pre_shared_key extension" \
229 -s "Found PSK_EPHEMERAL KEX MODE" \
230 -S "Found PSK KEX MODE" \
231 -s "No matched PSK or ticket" \
232 -S "key exchange mode: psk$" \
233 -S "key exchange mode: psk_ephemeral" \
234 -S "key exchange mode: ephemeral"
235
236requires_gnutls_tls1_3
237requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
238requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
239requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]240run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]241 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]242 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
243 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
244 localhost" \
245 1 \
246 -s "found psk key exchange modes extension" \
247 -s "found pre_shared_key extension" \
248 -s "Found PSK_EPHEMERAL KEX MODE" \
249 -S "Found PSK KEX MODE" \
250 -s "Invalid binder." \
251 -S "key exchange mode: psk$" \
252 -S "key exchange mode: psk_ephemeral" \
253 -S "key exchange mode: ephemeral"
254
255requires_gnutls_tls1_3
256requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
257requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
258requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]259run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]260 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]261 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
262 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
263 localhost" \
264 0 \
265 -s "found psk key exchange modes extension" \
266 -s "found pre_shared_key extension" \
267 -s "Found PSK_EPHEMERAL KEX MODE" \
268 -s "Found PSK KEX MODE" \
269 -s "Pre shared key found" \
270 -S "No matched PSK or ticket" \
271 -S "key exchange mode: psk$" \
272 -s "key exchange mode: psk_ephemeral" \
273 -S "key exchange mode: ephemeral"
274
275requires_gnutls_tls1_3
276requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
277requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
278requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]279run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]280 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]281 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
282 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
283 localhost" \
284 1 \
285 -s "found psk key exchange modes extension" \
286 -s "found pre_shared_key extension" \
287 -s "Found PSK_EPHEMERAL KEX MODE" \
288 -s "Found PSK KEX MODE" \
289 -s "No matched PSK or ticket" \
290 -S "key exchange mode: psk$" \
291 -S "key exchange mode: psk_ephemeral" \
292 -S "key exchange mode: ephemeral"
293
294requires_gnutls_tls1_3
295requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
296requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
297requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]298run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]299 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]300 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
301 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
302 localhost" \
303 1 \
304 -s "found psk key exchange modes extension" \
305 -s "found pre_shared_key extension" \
306 -s "Found PSK_EPHEMERAL KEX MODE" \
307 -s "Found PSK KEX MODE" \
308 -s "Invalid binder." \
309 -S "key exchange mode: psk$" \
310 -S "key exchange mode: psk_ephemeral" \
311 -S "key exchange mode: ephemeral"
312
313requires_gnutls_tls1_3
314requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
315requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
316requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]317run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]318 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]319 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
320 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
321 localhost" \
322 1 \
323 -s "found psk key exchange modes extension" \
324 -s "found pre_shared_key extension" \
325 -S "Found PSK_EPHEMERAL KEX MODE" \
326 -s "Found PSK KEX MODE" \
327 -S "key exchange mode: psk$" \
328 -S "key exchange mode: psk_ephemeral" \
329 -S "key exchange mode: ephemeral"
330
331requires_gnutls_tls1_3
332requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
333requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
334requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]335run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]336 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]337 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
338 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
339 localhost" \
340 0 \
341 -s "found psk key exchange modes extension" \
342 -s "found pre_shared_key extension" \
343 -s "Found PSK_EPHEMERAL KEX MODE" \
344 -S "Found PSK KEX MODE" \
345 -s "Pre shared key found" \
346 -S "No matched PSK or ticket" \
347 -S "key exchange mode: psk$" \
348 -s "key exchange mode: psk_ephemeral" \
349 -S "key exchange mode: ephemeral"
350
351requires_gnutls_tls1_3
352requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
353requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
354requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]355run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]356 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]357 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
358 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
359 localhost" \
360 1 \
361 -s "found psk key exchange modes extension" \
362 -s "found pre_shared_key extension" \
363 -s "Found PSK_EPHEMERAL KEX MODE" \
364 -S "Found PSK KEX MODE" \
365 -s "No matched PSK or ticket" \
366 -S "key exchange mode: psk$" \
367 -S "key exchange mode: psk_ephemeral" \
368 -S "key exchange mode: ephemeral"
369
370requires_gnutls_tls1_3
371requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
372requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
373requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]374run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]375 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]376 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
377 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
378 localhost" \
379 1 \
380 -s "found psk key exchange modes extension" \
381 -s "found pre_shared_key extension" \
382 -s "Found PSK_EPHEMERAL KEX MODE" \
383 -S "Found PSK KEX MODE" \
384 -s "Invalid binder." \
385 -S "key exchange mode: psk$" \
386 -S "key exchange mode: psk_ephemeral" \
387 -S "key exchange mode: ephemeral"
388
389requires_gnutls_tls1_3
390requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
391requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
392requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]393run_test "TLS 1.3: G->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]394 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]395 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
396 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
397 localhost" \
398 0 \
399 -s "found psk key exchange modes extension" \
400 -s "found pre_shared_key extension" \
401 -s "Found PSK_EPHEMERAL KEX MODE" \
402 -s "Found PSK KEX MODE" \
403 -s "Pre shared key found" \
404 -S "No matched PSK or ticket" \
405 -S "key exchange mode: psk$" \
406 -s "key exchange mode: psk_ephemeral" \
407 -S "key exchange mode: ephemeral"
408
409requires_gnutls_tls1_3
410requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
411requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
412requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]413run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]414 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]415 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
416 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
417 localhost" \
418 1 \
419 -s "found psk key exchange modes extension" \
420 -s "found pre_shared_key extension" \
421 -s "Found PSK_EPHEMERAL KEX MODE" \
422 -s "Found PSK KEX MODE" \
423 -s "No matched PSK or ticket" \
424 -S "key exchange mode: psk$" \
425 -S "key exchange mode: psk_ephemeral" \
426 -S "key exchange mode: ephemeral"
427
428requires_gnutls_tls1_3
429requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
430requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
431requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]432run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]433 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]434 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
435 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
436 localhost" \
437 1 \
438 -s "found psk key exchange modes extension" \
439 -s "found pre_shared_key extension" \
440 -s "Found PSK_EPHEMERAL KEX MODE" \
441 -s "Found PSK KEX MODE" \
442 -s "Invalid binder." \
443 -S "key exchange mode: psk$" \
444 -S "key exchange mode: psk_ephemeral" \
445 -S "key exchange mode: ephemeral"
446
447requires_gnutls_tls1_3
448requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
449requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
450requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]451run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]452 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]453 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
454 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
455 localhost" \
456 0 \
457 -s "found psk key exchange modes extension" \
458 -s "found pre_shared_key extension" \
459 -S "Found PSK_EPHEMERAL KEX MODE" \
460 -s "Found PSK KEX MODE" \
461 -s "Pre shared key found" \
462 -S "No matched PSK or ticket" \
463 -s "key exchange mode: psk$" \
464 -S "key exchange mode: psk_ephemeral" \
465 -S "key exchange mode: ephemeral"
466
467requires_gnutls_tls1_3
468requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
469requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
470requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]471run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]472 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]473 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
474 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
475 localhost" \
476 1 \
477 -s "found psk key exchange modes extension" \
478 -s "found pre_shared_key extension" \
479 -S "Found PSK_EPHEMERAL KEX MODE" \
480 -s "Found PSK KEX MODE" \
481 -s "No matched PSK or ticket" \
482 -S "key exchange mode: psk$" \
483 -S "key exchange mode: psk_ephemeral" \
484 -S "key exchange mode: ephemeral"
485
486requires_gnutls_tls1_3
487requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
488requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
489requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]490run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]491 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]492 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
493 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
494 localhost" \
495 1 \
496 -s "found psk key exchange modes extension" \
497 -s "found pre_shared_key extension" \
498 -S "Found PSK_EPHEMERAL KEX MODE" \
499 -s "Found PSK KEX MODE" \
500 -s "Invalid binder." \
501 -S "key exchange mode: psk$" \
502 -S "key exchange mode: psk_ephemeral" \
503 -S "key exchange mode: ephemeral"
504
505requires_gnutls_tls1_3
506requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
507requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
508requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]509run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]510 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]511 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
512 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
513 localhost" \
514 0 \
515 -s "found psk key exchange modes extension" \
516 -s "found pre_shared_key extension" \
517 -s "Found PSK_EPHEMERAL KEX MODE" \
518 -S "Found PSK KEX MODE" \
519 -s "Pre shared key found" \
520 -S "No matched PSK or ticket" \
521 -S "key exchange mode: psk$" \
522 -s "key exchange mode: psk_ephemeral" \
523 -S "key exchange mode: ephemeral"
524
525requires_gnutls_tls1_3
526requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
527requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
528requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]529run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]530 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]531 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
532 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
533 localhost" \
534 0 \
535 -s "found psk key exchange modes extension" \
536 -s "found pre_shared_key extension" \
537 -s "Found PSK_EPHEMERAL KEX MODE" \
538 -S "Found PSK KEX MODE" \
539 -s "No matched PSK or ticket" \
540 -S "key exchange mode: psk$" \
541 -S "key exchange mode: psk_ephemeral" \
542 -s "key exchange mode: ephemeral"
543
544requires_gnutls_tls1_3
545requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
546requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
547requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]548run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]549 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]550 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
551 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
552 localhost" \
553 1 \
554 -s "found psk key exchange modes extension" \
555 -s "found pre_shared_key extension" \
556 -s "Found PSK_EPHEMERAL KEX MODE" \
557 -S "Found PSK KEX MODE" \
558 -s "Invalid binder." \
559 -S "key exchange mode: psk$" \
560 -S "key exchange mode: psk_ephemeral" \
561 -S "key exchange mode: ephemeral"
562
563requires_gnutls_tls1_3
564requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
565requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
566requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]567run_test "TLS 1.3: G->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]568 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]569 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
570 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
571 localhost" \
572 0 \
573 -s "found psk key exchange modes extension" \
574 -s "found pre_shared_key extension" \
575 -s "Found PSK_EPHEMERAL KEX MODE" \
576 -s "Found PSK KEX MODE" \
577 -s "Pre shared key found" \
578 -S "No matched PSK or ticket" \
579 -S "key exchange mode: psk$" \
580 -s "key exchange mode: psk_ephemeral" \
581 -S "key exchange mode: ephemeral"
582
583requires_gnutls_tls1_3
584requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
585requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
586requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]587run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]588 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]589 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
590 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
591 localhost" \
592 0 \
593 -s "found psk key exchange modes extension" \
594 -s "found pre_shared_key extension" \
595 -s "Found PSK_EPHEMERAL KEX MODE" \
596 -s "Found PSK KEX MODE" \
597 -s "No matched PSK or ticket" \
598 -S "key exchange mode: psk$" \
599 -S "key exchange mode: psk_ephemeral" \
600 -s "key exchange mode: ephemeral"
601
602requires_gnutls_tls1_3
603requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
604requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
605requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]606run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]607 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]608 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
609 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
610 localhost" \
611 1 \
612 -s "found psk key exchange modes extension" \
613 -s "found pre_shared_key extension" \
614 -s "Found PSK_EPHEMERAL KEX MODE" \
615 -s "Found PSK KEX MODE" \
616 -s "Invalid binder." \
617 -S "key exchange mode: psk$" \
618 -S "key exchange mode: psk_ephemeral" \
619 -S "key exchange mode: ephemeral"
620
621requires_gnutls_tls1_3
622requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
623requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
624requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]625run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]626 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]627 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
628 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
629 localhost" \
630 0 \
631 -s "found psk key exchange modes extension" \
632 -s "found pre_shared_key extension" \
633 -S "Found PSK_EPHEMERAL KEX MODE" \
634 -s "Found PSK KEX MODE" \
635 -s "Pre shared key found" \
636 -S "No matched PSK or ticket" \
637 -S "key exchange mode: psk$" \
638 -S "key exchange mode: psk_ephemeral" \
639 -s "key exchange mode: ephemeral"
640
641requires_gnutls_tls1_3
642requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
643requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
644requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]645run_test "TLS 1.3: G->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]646 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]647 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
648 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
649 localhost" \
650 0 \
651 -s "found psk key exchange modes extension" \
652 -s "found pre_shared_key extension" \
653 -s "Found PSK_EPHEMERAL KEX MODE" \
654 -S "Found PSK KEX MODE" \
655 -s "Pre shared key found" \
656 -S "No matched PSK or ticket" \
657 -S "key exchange mode: psk$" \
658 -s "key exchange mode: psk_ephemeral" \
659 -S "key exchange mode: ephemeral"
660
661requires_gnutls_tls1_3
662requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
663requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
664requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]665run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]666 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]667 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
668 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
669 localhost" \
670 0 \
671 -s "found psk key exchange modes extension" \
672 -s "found pre_shared_key extension" \
673 -s "Found PSK_EPHEMERAL KEX MODE" \
674 -S "Found PSK KEX MODE" \
675 -s "No matched PSK or ticket" \
676 -S "key exchange mode: psk$" \
677 -S "key exchange mode: psk_ephemeral" \
678 -s "key exchange mode: ephemeral"
679
680requires_gnutls_tls1_3
681requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
682requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
683requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]684run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]685 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]686 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
687 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
688 localhost" \
689 1 \
690 -s "found psk key exchange modes extension" \
691 -s "found pre_shared_key extension" \
692 -s "Found PSK_EPHEMERAL KEX MODE" \
693 -S "Found PSK KEX MODE" \
694 -s "Invalid binder." \
695 -S "key exchange mode: psk$" \
696 -S "key exchange mode: psk_ephemeral" \
697 -S "key exchange mode: ephemeral"
698
699requires_gnutls_tls1_3
700requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
701requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
702requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]703run_test "TLS 1.3: G->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]704 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]705 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
706 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
707 localhost" \
708 0 \
709 -s "found psk key exchange modes extension" \
710 -s "found pre_shared_key extension" \
711 -s "Found PSK_EPHEMERAL KEX MODE" \
712 -s "Found PSK KEX MODE" \
713 -s "Pre shared key found" \
714 -S "No matched PSK or ticket" \
715 -S "key exchange mode: psk$" \
716 -s "key exchange mode: psk_ephemeral" \
717 -S "key exchange mode: ephemeral"
718
719requires_gnutls_tls1_3
720requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
721requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
722requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]723run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]724 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]725 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
726 --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
727 localhost" \
728 0 \
729 -s "found psk key exchange modes extension" \
730 -s "found pre_shared_key extension" \
731 -s "Found PSK_EPHEMERAL KEX MODE" \
732 -s "Found PSK KEX MODE" \
733 -s "No matched PSK or ticket" \
734 -S "key exchange mode: psk$" \
735 -S "key exchange mode: psk_ephemeral" \
736 -s "key exchange mode: ephemeral"
737
738requires_gnutls_tls1_3
739requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
740requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
741requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]742run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]743 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]744 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
745 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
746 localhost" \
747 1 \
748 -s "found psk key exchange modes extension" \
749 -s "found pre_shared_key extension" \
750 -s "Found PSK_EPHEMERAL KEX MODE" \
751 -s "Found PSK KEX MODE" \
752 -s "Invalid binder." \
753 -S "key exchange mode: psk$" \
754 -S "key exchange mode: psk_ephemeral" \
755 -S "key exchange mode: ephemeral"
756
757requires_gnutls_tls1_3
758requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
759requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
760requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]761run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]762 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]763 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
764 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
765 localhost" \
766 0 \
767 -s "found psk key exchange modes extension" \
768 -s "found pre_shared_key extension" \
769 -S "Found PSK_EPHEMERAL KEX MODE" \
770 -s "Found PSK KEX MODE" \
771 -s "Pre shared key found" \
772 -S "No matched PSK or ticket" \
773 -S "key exchange mode: psk$" \
774 -S "key exchange mode: psk_ephemeral" \
775 -s "key exchange mode: ephemeral"
776
777requires_gnutls_tls1_3
778requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
779requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
780requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]781run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]782 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]783 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
784 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
785 localhost" \
786 1 \
787 -s "found psk key exchange modes extension" \
788 -s "found pre_shared_key extension" \
789 -S "Found PSK_EPHEMERAL KEX MODE" \
790 -s "Found PSK KEX MODE" \
791 -s "Invalid binder." \
792 -S "key exchange mode: psk$" \
793 -S "key exchange mode: psk_ephemeral" \
794 -S "key exchange mode: ephemeral"
795
796requires_gnutls_tls1_3
797requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
798requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
799requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]800run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]801 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]802 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \
803 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
804 localhost" \
805 0 \
806 -s "found psk key exchange modes extension" \
807 -s "found pre_shared_key extension" \
808 -s "Found PSK_EPHEMERAL KEX MODE" \
809 -S "Found PSK KEX MODE" \
810 -s "Pre shared key found" \
811 -S "No matched PSK or ticket" \
812 -S "key exchange mode: psk$" \
813 -S "key exchange mode: psk_ephemeral" \
814 -s "key exchange mode: ephemeral"
815
816requires_gnutls_tls1_3
817requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
818requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
819requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]820run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]821 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]822 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
823 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
824 localhost" \
825 0 \
826 -s "found psk key exchange modes extension" \
827 -s "found pre_shared_key extension" \
828 -s "Found PSK_EPHEMERAL KEX MODE" \
829 -s "Found PSK KEX MODE" \
830 -s "Pre shared key found" \
831 -S "No matched PSK or ticket" \
832 -S "key exchange mode: psk$" \
833 -S "key exchange mode: psk_ephemeral" \
834 -s "key exchange mode: ephemeral"
835
836requires_gnutls_tls1_3
837requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
838requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
839requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]840run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]841 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]842 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \
843 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
844 localhost" \
845 1 \
846 -s "found psk key exchange modes extension" \
847 -s "found pre_shared_key extension" \
848 -s "Found PSK_EPHEMERAL KEX MODE" \
849 -s "Found PSK KEX MODE" \
850 -s "Invalid binder." \
851 -S "key exchange mode: psk$" \
852 -S "key exchange mode: psk_ephemeral" \
853 -S "key exchange mode: ephemeral"
854
855requires_gnutls_tls1_3
856requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
857requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
858requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]859run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]860 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]861 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
862 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
863 localhost" \
864 0 \
865 -s "found psk key exchange modes extension" \
866 -s "found pre_shared_key extension" \
867 -S "Found PSK_EPHEMERAL KEX MODE" \
868 -s "Found PSK KEX MODE" \
869 -s "Pre shared key found" \
870 -S "No matched PSK or ticket" \
871 -S "key exchange mode: psk$" \
872 -S "key exchange mode: psk_ephemeral" \
873 -s "key exchange mode: ephemeral"
874
875requires_gnutls_tls1_3
876requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
877requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
878requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu66886692022-08-31 17:08:34 +0800[diff] [blame]879run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]880 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]881 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \
882 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \
883 localhost" \
884 1 \
885 -s "found psk key exchange modes extension" \
886 -s "found pre_shared_key extension" \
887 -S "Found PSK_EPHEMERAL KEX MODE" \
888 -s "Found PSK KEX MODE" \
889 -s "Invalid binder." \
890 -S "key exchange mode: psk$" \
891 -S "key exchange mode: psk_ephemeral" \
892 -S "key exchange mode: ephemeral"
893
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]894requires_gnutls_tls1_3
895requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
896requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
897requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
898run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \
899 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
900 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \
901 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
902 localhost" \
903 0 \
904 -s "write selected_group: secp256r1" \
905 -S "key exchange mode: psk$" \
906 -s "key exchange mode: psk_ephemeral" \
907 -S "key exchange mode: ephemeral"
908
909requires_gnutls_tls1_3
910requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
911requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
912requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
913run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \
914 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
915 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \
916 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
917 localhost" \
918 0 \
919 -s "write selected_group: secp384r1" \
920 -S "key exchange mode: psk$" \
921 -s "key exchange mode: psk_ephemeral" \
922 -S "key exchange mode: ephemeral"
923
924requires_gnutls_tls1_3
925requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
926requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
927requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
928run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \
929 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
930 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \
931 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
932 localhost" \
933 0 \
934 -s "write selected_group: secp521r1" \
935 -S "key exchange mode: psk$" \
936 -s "key exchange mode: psk_ephemeral" \
937 -S "key exchange mode: ephemeral"
938
939requires_gnutls_tls1_3
940requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
941requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
942requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
943run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \
944 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
945 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \
946 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
947 localhost" \
948 0 \
949 -s "write selected_group: x25519" \
950 -S "key exchange mode: psk$" \
951 -s "key exchange mode: psk_ephemeral" \
952 -S "key exchange mode: ephemeral"
953
954requires_gnutls_tls1_3
955requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
956requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
957requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
958run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \
959 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
960 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \
961 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
962 localhost" \
963 0 \
964 -s "write selected_group: x448" \
965 -S "key exchange mode: psk$" \
966 -s "key exchange mode: psk_ephemeral" \
967 -S "key exchange mode: ephemeral"
968
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]969requires_openssl_tls1_3
970requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
971requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]972run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]973 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]974 "$O_NEXT_CLI -tls1_3 -msg \
975 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
976 1 \
977 -s "found psk key exchange modes extension" \
978 -s "found pre_shared_key extension" \
979 -s "Found PSK_EPHEMERAL KEX MODE" \
980 -S "Found PSK KEX MODE" \
981 -S "key exchange mode: psk$" \
982 -S "key exchange mode: psk_ephemeral" \
983 -S "key exchange mode: ephemeral"
984
985requires_openssl_tls1_3
986requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
987requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]988run_test "TLS 1.3: O->m: all/psk, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]989 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]990 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
991 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
992 0 \
993 -s "found psk key exchange modes extension" \
994 -s "found pre_shared_key extension" \
995 -s "Found PSK_EPHEMERAL KEX MODE" \
996 -s "Found PSK KEX MODE" \
997 -s "Pre shared key found" \
998 -S "No matched PSK or ticket" \
999 -s "key exchange mode: psk$" \
1000 -S "key exchange mode: psk_ephemeral" \
1001 -S "key exchange mode: ephemeral"
1002
1003requires_openssl_tls1_3
1004requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1005requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1006run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1007 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1008 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1009 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1010 1 \
1011 -s "found psk key exchange modes extension" \
1012 -s "found pre_shared_key extension" \
1013 -s "Found PSK_EPHEMERAL KEX MODE" \
1014 -s "Found PSK KEX MODE" \
1015 -s "No matched PSK or ticket" \
1016 -S "key exchange mode: psk$" \
1017 -S "key exchange mode: psk_ephemeral" \
1018 -S "key exchange mode: ephemeral"
1019
1020requires_openssl_tls1_3
1021requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1022requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1023run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1024 "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1025 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1026 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1027 1 \
1028 -s "found psk key exchange modes extension" \
1029 -s "found pre_shared_key extension" \
1030 -s "Found PSK_EPHEMERAL KEX MODE" \
1031 -s "Found PSK KEX MODE" \
1032 -s "Invalid binder." \
1033 -S "key exchange mode: psk$" \
1034 -S "key exchange mode: psk_ephemeral" \
1035 -S "key exchange mode: ephemeral"
1036
1037requires_openssl_tls1_3
1038requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1039requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1040requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1041run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1042 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1043 "$O_NEXT_CLI -tls1_3 -msg \
1044 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1045 0 \
1046 -s "found psk key exchange modes extension" \
1047 -s "found pre_shared_key extension" \
1048 -s "Found PSK_EPHEMERAL KEX MODE" \
1049 -S "Found PSK KEX MODE" \
1050 -s "Pre shared key found" \
1051 -S "No matched PSK or ticket" \
1052 -S "key exchange mode: psk$" \
1053 -s "key exchange mode: psk_ephemeral" \
1054 -S "key exchange mode: ephemeral"
1055
1056requires_openssl_tls1_3
1057requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1058requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1059requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1060run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1061 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1062 "$O_NEXT_CLI -tls1_3 -msg \
1063 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1064 1 \
1065 -s "found psk key exchange modes extension" \
1066 -s "found pre_shared_key extension" \
1067 -s "Found PSK_EPHEMERAL KEX MODE" \
1068 -S "Found PSK KEX MODE" \
1069 -s "No matched PSK or ticket" \
1070 -S "key exchange mode: psk$" \
1071 -S "key exchange mode: psk_ephemeral" \
1072 -S "key exchange mode: ephemeral"
1073
1074requires_openssl_tls1_3
1075requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1076requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1077requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1078run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1079 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1080 "$O_NEXT_CLI -tls1_3 -msg \
1081 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1082 1 \
1083 -s "found psk key exchange modes extension" \
1084 -s "found pre_shared_key extension" \
1085 -s "Found PSK_EPHEMERAL KEX MODE" \
1086 -S "Found PSK KEX MODE" \
1087 -s "Invalid binder." \
1088 -S "key exchange mode: psk$" \
1089 -S "key exchange mode: psk_ephemeral" \
1090 -S "key exchange mode: ephemeral"
1091
1092requires_openssl_tls1_3
1093requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1094requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1095requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1096run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1097 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1098 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1099 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1100 0 \
1101 -s "found psk key exchange modes extension" \
1102 -s "found pre_shared_key extension" \
1103 -s "Found PSK_EPHEMERAL KEX MODE" \
1104 -s "Found PSK KEX MODE" \
1105 -s "Pre shared key found" \
1106 -S "No matched PSK or ticket" \
1107 -S "key exchange mode: psk$" \
1108 -s "key exchange mode: psk_ephemeral" \
1109 -S "key exchange mode: ephemeral"
1110
1111requires_openssl_tls1_3
1112requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1113requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1114requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1115run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1116 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1117 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1118 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1119 1 \
1120 -s "found psk key exchange modes extension" \
1121 -s "found pre_shared_key extension" \
1122 -s "Found PSK_EPHEMERAL KEX MODE" \
1123 -s "Found PSK KEX MODE" \
1124 -s "No matched PSK or ticket" \
1125 -S "key exchange mode: psk$" \
1126 -S "key exchange mode: psk_ephemeral" \
1127 -S "key exchange mode: ephemeral"
1128
1129requires_openssl_tls1_3
1130requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1131requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1132requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1133run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1134 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1135 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1136 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1137 1 \
1138 -s "found psk key exchange modes extension" \
1139 -s "found pre_shared_key extension" \
1140 -s "Found PSK_EPHEMERAL KEX MODE" \
1141 -s "Found PSK KEX MODE" \
1142 -s "Invalid binder." \
1143 -S "key exchange mode: psk$" \
1144 -S "key exchange mode: psk_ephemeral" \
1145 -S "key exchange mode: ephemeral"
1146
1147requires_openssl_tls1_3
1148requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1149requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1150requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1151run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1152 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1153 "$O_NEXT_CLI -tls1_3 -msg \
1154 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1155 0 \
1156 -s "found psk key exchange modes extension" \
1157 -s "found pre_shared_key extension" \
1158 -s "Found PSK_EPHEMERAL KEX MODE" \
1159 -S "Found PSK KEX MODE" \
1160 -s "Pre shared key found" \
1161 -S "No matched PSK or ticket" \
1162 -S "key exchange mode: psk$" \
1163 -s "key exchange mode: psk_ephemeral" \
1164 -S "key exchange mode: ephemeral"
1165
1166requires_openssl_tls1_3
1167requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1168requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1169requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1170run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1171 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1172 "$O_NEXT_CLI -tls1_3 -msg \
1173 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1174 1 \
1175 -s "found psk key exchange modes extension" \
1176 -s "found pre_shared_key extension" \
1177 -s "Found PSK_EPHEMERAL KEX MODE" \
1178 -S "Found PSK KEX MODE" \
1179 -s "No matched PSK or ticket" \
1180 -S "key exchange mode: psk$" \
1181 -S "key exchange mode: psk_ephemeral" \
1182 -S "key exchange mode: ephemeral"
1183
1184requires_openssl_tls1_3
1185requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1186requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1187requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1188run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1189 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1190 "$O_NEXT_CLI -tls1_3 -msg \
1191 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1192 1 \
1193 -s "found psk key exchange modes extension" \
1194 -s "found pre_shared_key extension" \
1195 -s "Found PSK_EPHEMERAL KEX MODE" \
1196 -S "Found PSK KEX MODE" \
1197 -s "Invalid binder." \
1198 -S "key exchange mode: psk$" \
1199 -S "key exchange mode: psk_ephemeral" \
1200 -S "key exchange mode: ephemeral"
1201
1202requires_openssl_tls1_3
1203requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1204requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1205requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1206run_test "TLS 1.3: O->m: all/psk_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1207 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1208 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1209 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1210 0 \
1211 -s "found psk key exchange modes extension" \
1212 -s "found pre_shared_key extension" \
1213 -s "Found PSK_EPHEMERAL KEX MODE" \
1214 -s "Found PSK KEX MODE" \
1215 -s "Pre shared key found" \
1216 -S "No matched PSK or ticket" \
1217 -S "key exchange mode: psk$" \
1218 -s "key exchange mode: psk_ephemeral" \
1219 -S "key exchange mode: ephemeral"
1220
1221requires_openssl_tls1_3
1222requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1223requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1224requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1225run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1226 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1227 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1228 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1229 1 \
1230 -s "found psk key exchange modes extension" \
1231 -s "found pre_shared_key extension" \
1232 -s "Found PSK_EPHEMERAL KEX MODE" \
1233 -s "Found PSK KEX MODE" \
1234 -s "No matched PSK or ticket" \
1235 -S "key exchange mode: psk$" \
1236 -S "key exchange mode: psk_ephemeral" \
1237 -S "key exchange mode: ephemeral"
1238
1239requires_openssl_tls1_3
1240requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1241requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1242requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1243run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1244 "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1245 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1246 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1247 1 \
1248 -s "found psk key exchange modes extension" \
1249 -s "found pre_shared_key extension" \
1250 -s "Found PSK_EPHEMERAL KEX MODE" \
1251 -s "Found PSK KEX MODE" \
1252 -s "Invalid binder." \
1253 -S "key exchange mode: psk$" \
1254 -S "key exchange mode: psk_ephemeral" \
1255 -S "key exchange mode: ephemeral"
1256
1257requires_openssl_tls1_3
1258requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1259requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1260requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1261run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1262 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1263 "$O_NEXT_CLI -tls1_3 -msg \
1264 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1265 0 \
1266 -s "found psk key exchange modes extension" \
1267 -s "found pre_shared_key extension" \
1268 -s "Found PSK_EPHEMERAL KEX MODE" \
1269 -S "Found PSK KEX MODE" \
1270 -s "Pre shared key found" \
1271 -S "No matched PSK or ticket" \
1272 -S "key exchange mode: psk$" \
1273 -s "key exchange mode: psk_ephemeral" \
1274 -S "key exchange mode: ephemeral"
1275
1276requires_openssl_tls1_3
1277requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1278requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1279requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1280run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1281 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1282 "$O_NEXT_CLI -tls1_3 -msg \
1283 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1284 0 \
1285 -s "found psk key exchange modes extension" \
1286 -s "found pre_shared_key extension" \
1287 -s "Found PSK_EPHEMERAL KEX MODE" \
1288 -S "Found PSK KEX MODE" \
1289 -s "No matched PSK or ticket" \
1290 -S "key exchange mode: psk$" \
1291 -S "key exchange mode: psk_ephemeral" \
1292 -s "key exchange mode: ephemeral"
1293
1294requires_openssl_tls1_3
1295requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1296requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1297requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1298run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1299 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1300 "$O_NEXT_CLI -tls1_3 -msg \
1301 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1302 1 \
1303 -s "found psk key exchange modes extension" \
1304 -s "found pre_shared_key extension" \
1305 -s "Found PSK_EPHEMERAL KEX MODE" \
1306 -S "Found PSK KEX MODE" \
1307 -s "Invalid binder." \
1308 -S "key exchange mode: psk$" \
1309 -S "key exchange mode: psk_ephemeral" \
1310 -S "key exchange mode: ephemeral"
1311
1312requires_openssl_tls1_3
1313requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1314requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1315requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1316run_test "TLS 1.3: O->m: all/ephemeral_all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1317 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1318 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1319 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1320 0 \
1321 -s "found psk key exchange modes extension" \
1322 -s "found pre_shared_key extension" \
1323 -s "Found PSK_EPHEMERAL KEX MODE" \
1324 -s "Found PSK KEX MODE" \
1325 -s "Pre shared key found" \
1326 -S "No matched PSK or ticket" \
1327 -S "key exchange mode: psk$" \
1328 -s "key exchange mode: psk_ephemeral" \
1329 -S "key exchange mode: ephemeral"
1330
1331requires_openssl_tls1_3
1332requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1333requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1334requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1335run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1336 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1337 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1338 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1339 0 \
1340 -s "found psk key exchange modes extension" \
1341 -s "found pre_shared_key extension" \
1342 -s "Found PSK_EPHEMERAL KEX MODE" \
1343 -s "Found PSK KEX MODE" \
1344 -s "No matched PSK or ticket" \
1345 -S "key exchange mode: psk$" \
1346 -S "key exchange mode: psk_ephemeral" \
1347 -s "key exchange mode: ephemeral"
1348
1349requires_openssl_tls1_3
1350requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1351requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1352requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1353run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1354 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1355 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1356 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1357 1 \
1358 -s "found psk key exchange modes extension" \
1359 -s "found pre_shared_key extension" \
1360 -s "Found PSK_EPHEMERAL KEX MODE" \
1361 -s "Found PSK KEX MODE" \
1362 -s "Invalid binder." \
1363 -S "key exchange mode: psk$" \
1364 -S "key exchange mode: psk_ephemeral" \
1365 -S "key exchange mode: ephemeral"
1366
1367requires_openssl_tls1_3
1368requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1369requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1370requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1371run_test "TLS 1.3: O->m: ephemeral_all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1372 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1373 "$O_NEXT_CLI -tls1_3 -msg \
1374 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1375 0 \
1376 -s "found psk key exchange modes extension" \
1377 -s "found pre_shared_key extension" \
1378 -s "Found PSK_EPHEMERAL KEX MODE" \
1379 -S "Found PSK KEX MODE" \
1380 -s "Pre shared key found" \
1381 -S "No matched PSK or ticket" \
1382 -S "key exchange mode: psk$" \
1383 -s "key exchange mode: psk_ephemeral" \
1384 -S "key exchange mode: ephemeral"
1385
1386requires_openssl_tls1_3
1387requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1388requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1389requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1390run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1391 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1392 "$O_NEXT_CLI -tls1_3 -msg \
1393 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1394 0 \
1395 -s "found psk key exchange modes extension" \
1396 -s "found pre_shared_key extension" \
1397 -s "Found PSK_EPHEMERAL KEX MODE" \
1398 -S "Found PSK KEX MODE" \
1399 -s "No matched PSK or ticket" \
1400 -S "key exchange mode: psk$" \
1401 -S "key exchange mode: psk_ephemeral" \
1402 -s "key exchange mode: ephemeral"
1403
1404requires_openssl_tls1_3
1405requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1406requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1407requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1408run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1409 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1410 "$O_NEXT_CLI -tls1_3 -msg \
1411 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1412 1 \
1413 -s "found psk key exchange modes extension" \
1414 -s "found pre_shared_key extension" \
1415 -s "Found PSK_EPHEMERAL KEX MODE" \
1416 -S "Found PSK KEX MODE" \
1417 -s "Invalid binder." \
1418 -S "key exchange mode: psk$" \
1419 -S "key exchange mode: psk_ephemeral" \
1420 -S "key exchange mode: ephemeral"
1421
1422requires_openssl_tls1_3
1423requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1424requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1425requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1426run_test "TLS 1.3: O->m: all/all, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1427 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1428 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1429 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1430 0 \
1431 -s "found psk key exchange modes extension" \
1432 -s "found pre_shared_key extension" \
1433 -s "Found PSK_EPHEMERAL KEX MODE" \
1434 -s "Found PSK KEX MODE" \
1435 -s "Pre shared key found" \
1436 -S "No matched PSK or ticket" \
1437 -S "key exchange mode: psk$" \
1438 -s "key exchange mode: psk_ephemeral" \
1439 -S "key exchange mode: ephemeral"
1440
1441requires_openssl_tls1_3
1442requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1443requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1444requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1445run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1446 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1447 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1448 -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1449 0 \
1450 -s "found psk key exchange modes extension" \
1451 -s "found pre_shared_key extension" \
1452 -s "Found PSK_EPHEMERAL KEX MODE" \
1453 -s "Found PSK KEX MODE" \
1454 -s "No matched PSK or ticket" \
1455 -S "key exchange mode: psk$" \
1456 -S "key exchange mode: psk_ephemeral" \
1457 -s "key exchange mode: ephemeral"
1458
1459requires_openssl_tls1_3
1460requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1461requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1462requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1463run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1464 "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1465 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1466 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1467 1 \
1468 -s "found psk key exchange modes extension" \
1469 -s "found pre_shared_key extension" \
1470 -s "Found PSK_EPHEMERAL KEX MODE" \
1471 -s "Found PSK KEX MODE" \
1472 -s "Invalid binder." \
1473 -S "key exchange mode: psk$" \
1474 -S "key exchange mode: psk_ephemeral" \
1475 -S "key exchange mode: ephemeral"
1476
1477requires_openssl_tls1_3
1478requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1479requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1480requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu7101b872022-08-31 14:15:23 +0800[diff] [blame]1481run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1482 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1483 "$O_NEXT_CLI -tls1_3 -msg \
1484 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1485 0 \
1486 -s "found psk key exchange modes extension" \
1487 -s "found pre_shared_key extension" \
1488 -s "Found PSK_EPHEMERAL KEX MODE" \
1489 -S "Found PSK KEX MODE" \
1490 -s "Pre shared key found" \
1491 -S "No matched PSK or ticket" \
1492 -S "key exchange mode: psk$" \
1493 -S "key exchange mode: psk_ephemeral" \
1494 -s "key exchange mode: ephemeral"
1495
1496requires_openssl_tls1_3
1497requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1498requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1499requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1500run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1501 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1502 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1503 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1504 0 \
1505 -s "found psk key exchange modes extension" \
1506 -s "found pre_shared_key extension" \
1507 -s "Found PSK_EPHEMERAL KEX MODE" \
1508 -s "Found PSK KEX MODE" \
1509 -s "Pre shared key found" \
1510 -S "No matched PSK or ticket" \
1511 -S "key exchange mode: psk$" \
1512 -S "key exchange mode: psk_ephemeral" \
1513 -s "key exchange mode: ephemeral"
1514
1515requires_openssl_tls1_3
1516requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1517requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1518requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Jerry Yu63d40e62022-08-29 20:38:39 +0800[diff] [blame]1519run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \
Jerry Yu673b0f92022-09-14 15:02:21 +0800[diff] [blame]1520 "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \
Jerry Yue7b4b582022-08-25 17:53:13 +0800[diff] [blame]1521 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \
1522 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \
1523 1 \
1524 -s "found psk key exchange modes extension" \
1525 -s "found pre_shared_key extension" \
1526 -s "Found PSK_EPHEMERAL KEX MODE" \
1527 -s "Found PSK KEX MODE" \
1528 -s "Invalid binder." \
1529 -S "key exchange mode: psk$" \
1530 -S "key exchange mode: psk_ephemeral" \
1531 -S "key exchange mode: ephemeral"
Jerry Yu58af2332022-09-06 11:19:31 +0800[diff] [blame]1532
1533requires_openssl_tls1_3
1534requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1535requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1536requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1537run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \
1538 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1539 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \
1540 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1541 0 \
1542 -s "write selected_group: secp256r1" \
1543 -S "key exchange mode: psk$" \
1544 -s "key exchange mode: psk_ephemeral" \
1545 -S "key exchange mode: ephemeral"
1546
1547requires_openssl_tls1_3
1548requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1549requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1550requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1551run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \
1552 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1553 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \
1554 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1555 0 \
1556 -s "write selected_group: secp384r1" \
1557 -S "key exchange mode: psk$" \
1558 -s "key exchange mode: psk_ephemeral" \
1559 -S "key exchange mode: ephemeral"
1560
1561requires_openssl_tls1_3
1562requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1563requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1564requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1565run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \
1566 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1567 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \
1568 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1569 0 \
1570 -s "write selected_group: secp521r1" \
1571 -S "key exchange mode: psk$" \
1572 -s "key exchange mode: psk_ephemeral" \
1573 -S "key exchange mode: ephemeral"
1574
1575requires_openssl_tls1_3
1576requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1577requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1578requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1579run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \
1580 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1581 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \
1582 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1583 0 \
1584 -s "write selected_group: x25519" \
1585 -S "key exchange mode: psk$" \
1586 -s "key exchange mode: psk_ephemeral" \
1587 -S "key exchange mode: ephemeral"
1588
1589requires_openssl_tls1_3
1590requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1591requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1592requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1593run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \
1594 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \
1595 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \
1596 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \
1597 0 \
1598 -s "write selected_group: x448" \
1599 -S "key exchange mode: psk$" \
1600 -s "key exchange mode: psk_ephemeral" \
1601 -S "key exchange mode: ephemeral"
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1602
1603requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1604requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1605requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1606requires_openssl_tls1_3
1607run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1608 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1609 "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1610 0 \
1611 -s "write selected_group: secp384r1" \
1612 -s "HRR selected_group: secp384r1" \
1613 -S "key exchange mode: psk$" \
1614 -s "key exchange mode: psk_ephemeral" \
1615 -S "key exchange mode: ephemeral"
1616
1617requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C
1618requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1619requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1620requires_gnutls_tls1_3
1621requires_gnutls_next_no_ticket
1622requires_gnutls_next_disable_tls13_compat
1623run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \
Jerry Yu93706122022-09-21 22:44:24 +0800[diff] [blame]1624 "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \
1625 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \
Jerry Yu2db49df2022-09-21 11:03:28 +0800[diff] [blame]1626 0 \
1627 -s "write selected_group: secp384r1" \
1628 -s "HRR selected_group: secp384r1" \
1629 -S "key exchange mode: psk$" \
1630 -s "key exchange mode: psk_ephemeral" \
1631 -S "key exchange mode: ephemeral"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1632
1633
1634# Add psk test cases for mbedtls client code
1635
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1636# MbedTls->MbedTLS kinds of tls13_kex_modes
1637# PSK mode in client
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1639requires_config_enabled MBEDTLS_SSL_SRV_C
1640requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1641run_test "TLS 1.3: m->m: psk/psk, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1642 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1643 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1644 0 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1645 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1646 -c "client hello, adding psk_key_exchange_modes extension" \
1647 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1648 -c "Server selected key exchange mode: psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]1649 -c "HTTP/1.0 200 OK"
1650
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1651requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1652requires_config_enabled MBEDTLS_SSL_SRV_C
1653requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1654run_test "TLS 1.3: m->m: psk/psk, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1655 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1656 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1657 1 \
1658 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1659 -c "client hello, adding psk_key_exchange_modes extension" \
1660 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1661 -s "No matched PSK or ticket"
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1662
1663requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1664requires_config_enabled MBEDTLS_SSL_SRV_C
1665requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1666run_test "TLS 1.3: m->m: psk/psk, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1667 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1668 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1669 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1670 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1671 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1672 -c "client hello, adding PSK binder list" \
1673 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1674
1675requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1676requires_config_enabled MBEDTLS_SSL_SRV_C
1677requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1678run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1679 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1680 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1681 1 \
1682 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1683 -c "client hello, adding psk_key_exchange_modes extension" \
1684 -c "client hello, adding PSK binder list" \
1685 -s "ClientHello message misses mandatory extensions."
1686
1687requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1688requires_config_enabled MBEDTLS_SSL_SRV_C
1689requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1690run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1691 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1692 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1693 1 \
1694 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1695 -c "client hello, adding psk_key_exchange_modes extension" \
1696 -c "client hello, adding PSK binder list" \
1697 -s "ClientHello message misses mandatory extensions."
1698
1699requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1700requires_config_enabled MBEDTLS_SSL_SRV_C
1701requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1702run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1703 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1704 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1705 1 \
1706 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1707 -c "client hello, adding psk_key_exchange_modes extension" \
1708 -c "client hello, adding PSK binder list" \
1709 -s "ClientHello message misses mandatory extensions."
1710
1711requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1712requires_config_enabled MBEDTLS_SSL_SRV_C
1713requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1714run_test "TLS 1.3: m->m: psk/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1715 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1716 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1717 0 \
1718 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1719 -c "client hello, adding psk_key_exchange_modes extension" \
1720 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1721 -c "Server selected key exchange mode: psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1722 -c "HTTP/1.0 200 OK"
1723
1724requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1725requires_config_enabled MBEDTLS_SSL_SRV_C
1726requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1727run_test "TLS 1.3: m->m: psk/psk_all, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1728 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1729 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1730 1 \
1731 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1732 -c "client hello, adding psk_key_exchange_modes extension" \
1733 -c "client hello, adding PSK binder list" \
1734 -s "No matched PSK or ticket" \
1735 -s "ClientHello message misses mandatory extensions."
1736
1737requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1738requires_config_enabled MBEDTLS_SSL_SRV_C
1739requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1740run_test "TLS 1.3: m->m: psk/psk_all, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1741 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1742 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1743 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]1744 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1745 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]1746 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1747 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1748
1749requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1750requires_config_enabled MBEDTLS_SSL_SRV_C
1751requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1752run_test "TLS 1.3: m->m: psk/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1753 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1754 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1755 0 \
1756 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1757 -c "client hello, adding psk_key_exchange_modes extension" \
1758 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1759 -c "Server selected key exchange mode: psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1760 -c "HTTP/1.0 200 OK"
1761
1762requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1763requires_config_enabled MBEDTLS_SSL_SRV_C
1764requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1765run_test "TLS 1.3: m->m: psk/all, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1766 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1767 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1768 1 \
1769 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1770 -c "client hello, adding psk_key_exchange_modes extension" \
1771 -c "client hello, adding PSK binder list" \
1772 -s "No matched PSK or ticket" \
1773 -s "ClientHello message misses mandatory extensions."
1774
1775requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1776requires_config_enabled MBEDTLS_SSL_SRV_C
1777requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1778run_test "TLS 1.3: m->m: psk/all, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1779 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1780 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1781 1 \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]1782 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1783 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]1784 -c "client hello, adding PSK binder list" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1785 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1786
1787# psk_ephemeral mode in client
1788requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1789requires_config_enabled MBEDTLS_SSL_SRV_C
1790requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1791run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1792 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1793 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1794 1 \
1795 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1796 -c "client hello, adding psk_key_exchange_modes extension" \
1797 -c "client hello, adding PSK binder list" \
1798 -s "ClientHello message misses mandatory extensions."
1799
1800requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1801requires_config_enabled MBEDTLS_SSL_SRV_C
1802requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1803run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1804 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1805 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1806 0 \
1807 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1808 -c "client hello, adding psk_key_exchange_modes extension" \
1809 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1810 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1811 -c "HTTP/1.0 200 OK"
1812
1813requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1814requires_config_enabled MBEDTLS_SSL_SRV_C
1815requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1816run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1817 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1818 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1819 1 \
1820 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1821 -c "client hello, adding psk_key_exchange_modes extension" \
1822 -c "client hello, adding PSK binder list" \
1823 -s "No matched PSK or ticket" \
1824 -s "ClientHello message misses mandatory extensions."
1825
1826requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1827requires_config_enabled MBEDTLS_SSL_SRV_C
1828requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1829run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1830 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1831 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1832 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1833 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1834 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1835 -c "client hello, adding PSK binder list" \
1836 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1837
1838requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1839requires_config_enabled MBEDTLS_SSL_SRV_C
1840requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1841run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1842 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1843 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1844 1 \
1845 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1846 -c "client hello, adding psk_key_exchange_modes extension" \
1847 -c "client hello, adding PSK binder list" \
1848 -s "ClientHello message misses mandatory extensions."
1849
1850requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1851requires_config_enabled MBEDTLS_SSL_SRV_C
1852requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1853run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1854 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1855 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1856 0 \
1857 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1858 -c "client hello, adding psk_key_exchange_modes extension" \
1859 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1860 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1861 -c "HTTP/1.0 200 OK"
1862
1863requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1864requires_config_enabled MBEDTLS_SSL_SRV_C
1865requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1866run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1867 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1868 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1869 1 \
1870 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1871 -c "client hello, adding psk_key_exchange_modes extension" \
1872 -c "client hello, adding PSK binder list" \
1873 -s "No matched PSK or ticket" \
1874 -s "ClientHello message misses mandatory extensions."
1875
1876requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1877requires_config_enabled MBEDTLS_SSL_SRV_C
1878requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1879run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1880 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1881 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1882 1 \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1883 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1884 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1885 -c "client hello, adding PSK binder list" \
1886 -s "Invalid binder."
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1887
1888requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1889requires_config_enabled MBEDTLS_SSL_SRV_C
1890requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1891run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1892 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1893 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1894 0 \
1895 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1896 -c "client hello, adding psk_key_exchange_modes extension" \
1897 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1898 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1899 -c "HTTP/1.0 200 OK"
1900
1901requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1902requires_config_enabled MBEDTLS_SSL_SRV_C
1903requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1904run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1905 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1906 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1907 1 \
1908 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1909 -c "client hello, adding psk_key_exchange_modes extension" \
1910 -c "client hello, adding PSK binder list" \
1911 -s "No matched PSK or ticket" \
1912 -s "ClientHello message misses mandatory extensions."
1913
1914requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1915requires_config_enabled MBEDTLS_SSL_SRV_C
1916requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1917run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1918 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1919 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1920 1 \
1921 -c "skip pre_shared_key extensions" \
1922 -c "client hello, adding psk_key_exchange_modes extension" \
1923 -s "ClientHello message misses mandatory extensions."
1924
1925requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1926requires_config_enabled MBEDTLS_SSL_SRV_C
1927requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1928run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1929 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1930 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1931 0 \
1932 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1933 -c "client hello, adding psk_key_exchange_modes extension" \
1934 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1935 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1936 -c "HTTP/1.0 200 OK"
1937
1938requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1939requires_config_enabled MBEDTLS_SSL_SRV_C
1940requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1941run_test "TLS 1.3: m->m: psk_ephemeral/all, fail - no common id" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1942 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1943 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1944 1 \
1945 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
1946 -c "client hello, adding psk_key_exchange_modes extension" \
1947 -c "client hello, adding PSK binder list" \
1948 -s "No matched PSK or ticket" \
1949 -s "ClientHello message misses mandatory extensions."
1950
1951requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1952requires_config_enabled MBEDTLS_SSL_SRV_C
1953requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1954run_test "TLS 1.3: m->m: psk_ephemeral/all, fail - no common psk" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1955 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1956 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianf9b694b2022-08-25 08:48:51 +0000[diff] [blame]1957 1 \
1958 -c "skip pre_shared_key extensions" \
1959 -c "client hello, adding psk_key_exchange_modes extension" \
1960 -s "ClientHello message misses mandatory extensions."
1961
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1962# ephemeral mode in client
1963requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1964requires_config_enabled MBEDTLS_SSL_SRV_C
1965requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1966run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1967 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1968 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1969 1 \
1970 -s "ClientHello message misses mandatory extensions."
1971
1972requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1973requires_config_enabled MBEDTLS_SSL_SRV_C
1974requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1975run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1976 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1977 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1978 1 \
1979 -s "ClientHello message misses mandatory extensions."
1980
1981requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1982requires_config_enabled MBEDTLS_SSL_SRV_C
1983requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1984run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1985 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1986 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1987 0 \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1988 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1989 -c "HTTP/1.0 200 OK"
1990
1991requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
1992requires_config_enabled MBEDTLS_SSL_SRV_C
1993requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1994run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1995 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]1996 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1997 0 \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]1998 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]1999 -c "HTTP/1.0 200 OK"
2000
2001requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2002requires_config_enabled MBEDTLS_SSL_SRV_C
2003requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2004run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2005 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2006 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2007 1 \
2008 -s "ClientHello message misses mandatory extensions."
2009
2010requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2011requires_config_enabled MBEDTLS_SSL_SRV_C
2012requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2013run_test "TLS 1.3: m->m: ephemeral/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2014 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2015 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2016 0 \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2017 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2018 -c "HTTP/1.0 200 OK"
2019
2020# ephemeral_all mode in client
2021requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2022requires_config_enabled MBEDTLS_SSL_SRV_C
2023requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2024run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2025 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2026 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2027 1 \
2028 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2029 -c "client hello, adding psk_key_exchange_modes extension" \
2030 -c "client hello, adding PSK binder list" \
2031 -s "ClientHello message misses mandatory extensions."
2032
2033requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2034requires_config_enabled MBEDTLS_SSL_SRV_C
2035requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2036run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2037 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2038 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2039 0 \
2040 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2041 -c "client hello, adding psk_key_exchange_modes extension" \
2042 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2043 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2044 -c "HTTP/1.0 200 OK"
2045
2046requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2047requires_config_enabled MBEDTLS_SSL_SRV_C
2048requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2049run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail - no common id" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2050 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2051 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2052 0 \
2053 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2054 -c "client hello, adding psk_key_exchange_modes extension" \
2055 -c "client hello, adding PSK binder list" \
2056 -s "No matched PSK or ticket" \
2057 -s "key exchange mode: ephemeral"
2058
2059requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2060requires_config_enabled MBEDTLS_SSL_SRV_C
2061requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2062run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail - no common psk" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2063 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2064 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2065 0 \
2066 -c "skip pre_shared_key extensions" \
2067 -c "client hello, adding psk_key_exchange_modes extension" \
2068 -s "key exchange mode: ephemeral"
2069
2070requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2071requires_config_enabled MBEDTLS_SSL_SRV_C
2072requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2073run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2074 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2075 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2076 0 \
2077 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2078 -c "client hello, adding psk_key_exchange_modes extension" \
2079 -c "client hello, adding PSK binder list" \
2080 -s "key exchange mode: ephemeral" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2081 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2082 -c "HTTP/1.0 200 OK"
2083
2084requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2085requires_config_enabled MBEDTLS_SSL_SRV_C
2086requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2087run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2088 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2089 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2090 0 \
2091 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2092 -c "client hello, adding psk_key_exchange_modes extension" \
2093 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2094 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2095 -c "HTTP/1.0 200 OK"
2096
2097requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2098requires_config_enabled MBEDTLS_SSL_SRV_C
2099requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2100run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,fallback to ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2101 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2102 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2103 0 \
2104 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2105 -c "client hello, adding psk_key_exchange_modes extension" \
2106 -c "client hello, adding PSK binder list" \
2107 -s "No matched PSK or ticket" \
2108 -s "key exchange mode: ephemeral"
2109
2110requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2111requires_config_enabled MBEDTLS_SSL_SRV_C
2112requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2113run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2114 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2115 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2116 0 \
2117 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2118 -c "client hello, adding psk_key_exchange_modes extension" \
2119 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2120 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2121 -c "HTTP/1.0 200 OK"
2122
2123requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2124requires_config_enabled MBEDTLS_SSL_SRV_C
2125requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2126run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail - no common id" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2127 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2128 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2129 1 \
2130 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2131 -c "client hello, adding psk_key_exchange_modes extension" \
2132 -c "client hello, adding PSK binder list" \
2133 -s "No matched PSK or ticket" \
2134 -s "ClientHello message misses mandatory extensions."
2135
2136requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2137requires_config_enabled MBEDTLS_SSL_SRV_C
2138requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2139run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail - no common psk" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2140 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2141 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2142 1 \
2143 -c "skip pre_shared_key extensions" \
2144 -c "client hello, adding psk_key_exchange_modes extension" \
2145 -s "ClientHello message misses mandatory extensions."
2146
2147requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2148requires_config_enabled MBEDTLS_SSL_SRV_C
2149requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2150run_test "TLS 1.3: m->m: ephemeral_all/all, good" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2151 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2152 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2153 0 \
2154 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2155 -c "client hello, adding psk_key_exchange_modes extension" \
2156 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2157 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2158 -c "HTTP/1.0 200 OK"
2159
2160requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2161requires_config_enabled MBEDTLS_SSL_SRV_C
2162requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2163run_test "TLS 1.3: m->m: ephemeral_all/all, fail - no common id" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2164 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2165 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2166 0 \
2167 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2168 -c "client hello, adding psk_key_exchange_modes extension" \
2169 -c "client hello, adding PSK binder list" \
2170 -s "No matched PSK or ticket" \
2171 -s "key exchange mode: ephemeral"
2172
2173requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2174requires_config_enabled MBEDTLS_SSL_SRV_C
2175requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2176run_test "TLS 1.3: m->m: ephemeral_all/all, fail - no common psk" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2177 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2178 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qianca48ddd2022-08-29 08:25:17 +0000[diff] [blame]2179 0 \
2180 -c "skip pre_shared_key extensions" \
2181 -c "client hello, adding psk_key_exchange_modes extension" \
2182 -s "key exchange mode: ephemeral"
2183
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2184# psk_all mode in client
2185requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2186requires_config_enabled MBEDTLS_SSL_SRV_C
2187requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2188run_test "TLS 1.3: m->m: psk_all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2189 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2190 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2191 0 \
2192 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2193 -c "client hello, adding psk_key_exchange_modes extension" \
2194 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2195 -c "Server selected key exchange mode: psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2196 -c "HTTP/1.0 200 OK"
2197
2198requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2199requires_config_enabled MBEDTLS_SSL_SRV_C
2200requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2201run_test "TLS 1.3: m->m: psk_all/psk, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2202 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2203 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2204 1 \
2205 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2206 -c "client hello, adding psk_key_exchange_modes extension" \
2207 -c "client hello, adding PSK binder list" \
2208 -s "ClientHello message misses mandatory extensions."
2209
2210requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2211requires_config_enabled MBEDTLS_SSL_SRV_C
2212requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2213run_test "TLS 1.3: m->m: psk_all/psk, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2214 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2215 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2216 1 \
2217 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2218 -c "client hello, adding psk_key_exchange_modes extension" \
2219 -c "client hello, adding PSK binder list" \
2220 -s "ClientHello message misses mandatory extensions."
2221
2222requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2223requires_config_enabled MBEDTLS_SSL_SRV_C
2224requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2225run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2226 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2227 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2228 0 \
2229 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2230 -c "client hello, adding psk_key_exchange_modes extension" \
2231 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2232 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2233 -c "HTTP/1.0 200 OK"
2234
2235requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2236requires_config_enabled MBEDTLS_SSL_SRV_C
2237requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2238run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2239 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2240 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2241 1 \
2242 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2243 -c "client hello, adding psk_key_exchange_modes extension" \
2244 -c "client hello, adding PSK binder list" \
2245 -s "No matched PSK or ticket" \
2246 -s "ClientHello message misses mandatory extensions."
2247
2248requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2249requires_config_enabled MBEDTLS_SSL_SRV_C
2250requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2251run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2252 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2253 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2254 1 \
2255 -c "skip pre_shared_key extensions" \
2256 -c "client hello, adding psk_key_exchange_modes extension" \
2257 -s "ClientHello message misses mandatory extensions."
2258
2259requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2260requires_config_enabled MBEDTLS_SSL_SRV_C
2261requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2262run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2263 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2264 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2265 1 \
2266 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2267 -c "client hello, adding psk_key_exchange_modes extension" \
2268 -c "client hello, adding PSK binder list" \
2269 -s "ClientHello message misses mandatory extensions."
2270
2271requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2272requires_config_enabled MBEDTLS_SSL_SRV_C
2273requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2274run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2275 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2276 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2277 0 \
2278 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2279 -c "client hello, adding psk_key_exchange_modes extension" \
2280 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2281 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2282 -c "HTTP/1.0 200 OK"
2283
2284requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2285requires_config_enabled MBEDTLS_SSL_SRV_C
2286requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2287run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2288 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2289 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2290 1 \
2291 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2292 -c "client hello, adding psk_key_exchange_modes extension" \
2293 -c "client hello, adding PSK binder list" \
2294 -s "No matched PSK or ticket" \
2295 -s "ClientHello message misses mandatory extensions."
2296
2297requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2298requires_config_enabled MBEDTLS_SSL_SRV_C
2299requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2300run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2301 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2302 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2303 1 \
2304 -c "skip pre_shared_key extensions" \
2305 -c "client hello, adding psk_key_exchange_modes extension" \
2306 -s "ClientHello message misses mandatory extensions."
2307
2308requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2309requires_config_enabled MBEDTLS_SSL_SRV_C
2310requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2311run_test "TLS 1.3: m->m: psk_all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2312 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2313 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2314 0 \
2315 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2316 -c "client hello, adding psk_key_exchange_modes extension" \
2317 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2318 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2319 -c "HTTP/1.0 200 OK"
2320
2321requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2322requires_config_enabled MBEDTLS_SSL_SRV_C
2323requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2324run_test "TLS 1.3: m->m: psk_all/psk_all, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2325 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2326 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2327 1 \
2328 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2329 -c "client hello, adding psk_key_exchange_modes extension" \
2330 -c "client hello, adding PSK binder list" \
2331 -s "No matched PSK or ticket" \
2332 -s "ClientHello message misses mandatory extensions."
2333
2334requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2335requires_config_enabled MBEDTLS_SSL_SRV_C
2336requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2337run_test "TLS 1.3: m->m: psk_all/psk_all, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2338 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2339 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2340 1 \
2341 -c "skip pre_shared_key extensions" \
2342 -c "client hello, adding psk_key_exchange_modes extension" \
2343 -s "ClientHello message misses mandatory extensions."
2344
2345requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2346requires_config_enabled MBEDTLS_SSL_SRV_C
2347requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2348run_test "TLS 1.3: m->m: psk_all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2349 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2350 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2351 0 \
2352 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2353 -c "client hello, adding psk_key_exchange_modes extension" \
2354 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2355 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2356 -c "HTTP/1.0 200 OK"
2357
2358requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2359requires_config_enabled MBEDTLS_SSL_SRV_C
2360requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2361run_test "TLS 1.3: m->m: psk_all/all, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2362 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2363 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2364 1 \
2365 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2366 -c "client hello, adding psk_key_exchange_modes extension" \
2367 -c "client hello, adding PSK binder list" \
2368 -s "No matched PSK or ticket" \
2369 -s "ClientHello message misses mandatory extensions."
2370
2371requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2372requires_config_enabled MBEDTLS_SSL_SRV_C
2373requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2374run_test "TLS 1.3: m->m: psk_all/all, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2375 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2376 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2377 1 \
2378 -c "skip pre_shared_key extensions" \
2379 -c "client hello, adding psk_key_exchange_modes extension" \
2380 -s "ClientHello message misses mandatory extensions."
2381
2382# all mode in client
2383requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2384requires_config_enabled MBEDTLS_SSL_SRV_C
2385requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2386run_test "TLS 1.3: m->m: all/psk, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2387 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2388 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2389 0 \
2390 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2391 -c "client hello, adding psk_key_exchange_modes extension" \
2392 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2393 -c "Server selected key exchange mode: psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2394 -c "HTTP/1.0 200 OK"
2395
2396requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2397requires_config_enabled MBEDTLS_SSL_SRV_C
2398requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2399run_test "TLS 1.3: m->m: all/psk, fail - no common kex mode" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2400 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2401 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2402 1 \
2403 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2404 -c "client hello, adding psk_key_exchange_modes extension" \
2405 -c "client hello, adding PSK binder list" \
2406 -s "ClientHello message misses mandatory extensions."
2407
2408requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2409requires_config_enabled MBEDTLS_SSL_SRV_C
2410requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2411run_test "TLS 1.3: m->m: all/psk, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2412 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2413 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2414 1 \
2415 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2416 -c "client hello, adding psk_key_exchange_modes extension" \
2417 -c "client hello, adding PSK binder list" \
2418 -s "ClientHello message misses mandatory extensions."
2419
2420requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2421requires_config_enabled MBEDTLS_SSL_SRV_C
2422requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2423run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2424 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2425 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2426 0 \
2427 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2428 -c "client hello, adding psk_key_exchange_modes extension" \
2429 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2430 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2431 -c "HTTP/1.0 200 OK"
2432
2433requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2434requires_config_enabled MBEDTLS_SSL_SRV_C
2435requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2436run_test "TLS 1.3: m->m: all/psk_ephemeral, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2437 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2438 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2439 1 \
2440 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2441 -c "client hello, adding psk_key_exchange_modes extension" \
2442 -c "client hello, adding PSK binder list" \
2443 -s "No matched PSK or ticket" \
2444 -s "ClientHello message misses mandatory extensions."
2445
2446requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2447requires_config_enabled MBEDTLS_SSL_SRV_C
2448requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2449run_test "TLS 1.3: m->m: all/psk_ephemeral, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2450 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2451 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2452 1 \
2453 -c "skip pre_shared_key extensions" \
2454 -c "client hello, adding psk_key_exchange_modes extension" \
2455 -s "ClientHello message misses mandatory extensions."
2456
2457requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2458requires_config_enabled MBEDTLS_SSL_SRV_C
2459requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2460run_test "TLS 1.3: m->m: all/ephemeral, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2461 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2462 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2463 0 \
2464 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2465 -c "client hello, adding psk_key_exchange_modes extension" \
2466 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2467 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2468 -c "HTTP/1.0 200 OK"
2469
2470requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2471requires_config_enabled MBEDTLS_SSL_SRV_C
2472requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2473run_test "TLS 1.3: m->m: all/ephemeral_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2474 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2475 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2476 0 \
2477 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2478 -c "client hello, adding psk_key_exchange_modes extension" \
2479 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2480 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2481 -c "HTTP/1.0 200 OK"
2482
2483requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2484requires_config_enabled MBEDTLS_SSL_SRV_C
2485requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2486run_test "TLS 1.3: m->m: all/ephemeral_all, good - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2487 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2488 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2489 0 \
2490 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2491 -c "client hello, adding psk_key_exchange_modes extension" \
2492 -c "client hello, adding PSK binder list" \
2493 -s "No matched PSK or ticket" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2494 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2495 -c "HTTP/1.0 200 OK"
2496
2497requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2498requires_config_enabled MBEDTLS_SSL_SRV_C
2499requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2500run_test "TLS 1.3: m->m: all/ephemeral_all, good - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2501 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2502 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2503 0 \
2504 -c "skip pre_shared_key extensions" \
2505 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2506 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2507 -c "HTTP/1.0 200 OK"
2508
2509requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2510requires_config_enabled MBEDTLS_SSL_SRV_C
2511requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2512run_test "TLS 1.3: m->m: all/psk_all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2513 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2514 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2515 0 \
2516 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2517 -c "client hello, adding psk_key_exchange_modes extension" \
2518 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2519 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2520 -c "HTTP/1.0 200 OK"
2521
2522requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2523requires_config_enabled MBEDTLS_SSL_SRV_C
2524requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2525run_test "TLS 1.3: m->m: all/psk_all, fail - no common id" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2526 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2527 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2528 1 \
2529 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2530 -c "client hello, adding psk_key_exchange_modes extension" \
2531 -c "client hello, adding PSK binder list" \
2532 -s "No matched PSK or ticket" \
2533 -s "ClientHello message misses mandatory extensions."
2534
2535requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2536requires_config_enabled MBEDTLS_SSL_SRV_C
2537requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2538run_test "TLS 1.3: m->m: all/psk_all, fail - no common psk" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2539 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2540 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2541 1 \
2542 -c "skip pre_shared_key extensions" \
2543 -c "client hello, adding psk_key_exchange_modes extension" \
2544 -s "ClientHello message misses mandatory extensions."
2545
2546requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2547requires_config_enabled MBEDTLS_SSL_SRV_C
2548requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2549run_test "TLS 1.3: m->m: all/all, good" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2550 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2551 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2552 0 \
2553 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2554 -c "client hello, adding psk_key_exchange_modes extension" \
2555 -c "client hello, adding PSK binder list" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2556 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2557 -c "HTTP/1.0 200 OK"
2558
2559requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2560requires_config_enabled MBEDTLS_SSL_SRV_C
2561requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2562run_test "TLS 1.3: m->m: all/all, good - no common id, fallback to ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2563 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2564 "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2565 0 \
2566 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2567 -c "client hello, adding psk_key_exchange_modes extension" \
2568 -c "client hello, adding PSK binder list" \
2569 -s "No matched PSK or ticket" \
2570 -s "key exchange mode: ephemeral"
2571
2572requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2573requires_config_enabled MBEDTLS_SSL_SRV_C
2574requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2575run_test "TLS 1.3: m->m: all/all, good - no common psk, fallback to ephemeral" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2576 "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiancffb18c2022-09-13 01:58:07 +0000[diff] [blame]2577 "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qian8e76e1d2022-08-29 10:11:14 +0000[diff] [blame]2578 0 \
2579 -c "skip pre_shared_key extensions" \
2580 -c "client hello, adding psk_key_exchange_modes extension" \
2581 -s "key exchange mode: ephemeral"
2582
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2583#OPENSSL-SERVER psk mode
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2584requires_openssl_tls1_3
2585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2586requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2587requires_config_enabled MBEDTLS_DEBUG_C
2588requires_config_enabled MBEDTLS_SSL_CLI_C
2589requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2590 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2591run_test "TLS 1.3: m->O: psk/all, good" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2592 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2593 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2594 0 \
2595 -c "=> write client hello" \
2596 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2597 -c "client hello, adding psk_key_exchange_modes extension" \
2598 -c "client hello, adding PSK binder list" \
2599 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2600 -c "Server selected key exchange mode: psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2601 -c "HTTP/1.0 200 ok"
2602
2603requires_openssl_tls1_3
2604requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2605requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2606requires_config_enabled MBEDTLS_DEBUG_C
2607requires_config_enabled MBEDTLS_SSL_CLI_C
2608requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2609 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2610run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2611 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2612 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2613 1 \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2614 -c "=> write client hello" \
2615 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2616 -c "client hello, adding psk_key_exchange_modes extension" \
2617 -c "client hello, adding PSK binder list" \
2618 -c "<= write client hello" \
Xiaokang Qiane0cc5842022-08-25 06:17:36 +0000[diff] [blame]2619 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2620
2621requires_openssl_tls1_3
2622requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2623requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2624requires_config_enabled MBEDTLS_DEBUG_C
2625requires_config_enabled MBEDTLS_SSL_CLI_C
2626requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2627 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2628run_test "TLS 1.3: m->O: psk/all, fail - key material mismatch" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2629 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2630 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c tls13_kex_modes=psk" \
Xiaokang Qiancf6442e2022-08-23 06:47:40 +0000[diff] [blame]2631 1 \
2632 -c "=> write client hello" \
2633 -c "client hello, adding psk_key_exchange_modes extension" \
2634 -c "skip pre_shared_key extensions" \
2635 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" \
2636 -c "<= write client hello"
2637
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2638#OPENSSL-SERVER psk_all mode
2639requires_openssl_tls1_3
2640requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2641requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2642requires_config_enabled MBEDTLS_DEBUG_C
2643requires_config_enabled MBEDTLS_SSL_CLI_C
2644requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2645 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2646run_test "TLS 1.3: m->O: psk_all/all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2647 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2648 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2649 0 \
2650 -c "=> write client hello" \
2651 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2652 -c "client hello, adding psk_key_exchange_modes extension" \
2653 -c "client hello, adding PSK binder list" \
2654 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2655 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2656 -c "HTTP/1.0 200 ok"
2657
2658requires_openssl_tls1_3
2659requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2660requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2661requires_config_enabled MBEDTLS_DEBUG_C
2662requires_config_enabled MBEDTLS_SSL_CLI_C
2663requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2664 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2665run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2666 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2667 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
2668 0 \
2669 -c "=> write client hello" \
2670 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2671 -c "client hello, adding psk_key_exchange_modes extension" \
2672 -c "client hello, adding PSK binder list" \
2673 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2674 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2675 -c "HTTP/1.0 200 ok"
2676
2677requires_openssl_tls1_3
2678requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2679requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2680requires_config_enabled MBEDTLS_DEBUG_C
2681requires_config_enabled MBEDTLS_SSL_CLI_C
2682requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2683 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2684run_test "TLS 1.3: m->O: psk_all/all,good,no common id,only warning" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2685 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2686 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0c0d0e tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2687 0 \
2688 -c "=> write client hello" \
2689 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2690 -c "client hello, adding psk_key_exchange_modes extension" \
2691 -c "client hello, adding PSK binder list" \
2692 -c "<= write client hello" \
2693 -s "PSK warning: client identity not what we expected" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2694 -c "Server selected key exchange mode: psk" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2695 -c "HTTP/1.0 200 ok"
2696
2697requires_openssl_tls1_3
2698requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2699requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2700requires_config_enabled MBEDTLS_DEBUG_C
2701requires_config_enabled MBEDTLS_SSL_CLI_C
2702requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2703 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2704run_test "TLS 1.3: m->O: psk_all/ephemeral_all,good,no common id,only warning" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2705 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2706 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2707 0 \
2708 -c "=> write client hello" \
2709 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2710 -c "client hello, adding psk_key_exchange_modes extension" \
2711 -c "client hello, adding PSK binder list" \
2712 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2713 -c "Server selected key exchange mode: psk" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2714 -c "HTTP/1.0 200 ok"
2715
2716requires_openssl_tls1_3
2717requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2718requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2719requires_config_enabled MBEDTLS_DEBUG_C
2720requires_config_enabled MBEDTLS_SSL_CLI_C
2721requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2722 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2723run_test "TLS 1.3: m->O: psk_all/all, fail - no common key material" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2724 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2725 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
Xiaokang Qian73894232022-08-23 08:06:34 +0000[diff] [blame]2726 1 \
2727 -c "=> write client hello" \
2728 -c "client hello, adding psk_key_exchange_modes extension" \
2729 -c "skip pre_shared_key extensions" \
2730 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" \
2731 -c "<= write client hello"
2732
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2733#OPENSSL-SERVER psk_ephemeral mode
2734requires_openssl_tls1_3
2735requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2736requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2737requires_config_enabled MBEDTLS_DEBUG_C
2738requires_config_enabled MBEDTLS_SSL_CLI_C
2739requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2740 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2741run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2742 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2743 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2744 0 \
2745 -c "=> write client hello" \
2746 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2747 -c "client hello, adding psk_key_exchange_modes extension" \
2748 -c "client hello, adding PSK binder list" \
2749 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2750 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2751 -c "HTTP/1.0 200 ok"
2752
2753requires_openssl_tls1_3
2754requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2755requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2756requires_config_enabled MBEDTLS_DEBUG_C
2757requires_config_enabled MBEDTLS_SSL_CLI_C
2758requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2759 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2760run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2761 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2762 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
2763 0 \
2764 -c "=> write client hello" \
2765 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2766 -c "client hello, adding psk_key_exchange_modes extension" \
2767 -c "client hello, adding PSK binder list" \
2768 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2769 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2770 -c "HTTP/1.0 200 ok"
2771
2772requires_openssl_tls1_3
2773requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2774requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2775requires_config_enabled MBEDTLS_DEBUG_C
2776requires_config_enabled MBEDTLS_SSL_CLI_C
2777requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2778 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2779run_test "TLS 1.3: m->O: psk_ephemeral/dhe_all,good,no common id,only warning" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2780 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2781 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0c0d0e tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2782 0 \
2783 -c "=> write client hello" \
2784 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2785 -c "client hello, adding psk_key_exchange_modes extension" \
2786 -c "client hello, adding PSK binder list" \
2787 -c "<= write client hello" \
2788 -s "PSK warning: client identity not what we expected" \
2789 -c "HTTP/1.0 200 ok"
2790
2791requires_openssl_tls1_3
2792requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2793requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2794requires_config_enabled MBEDTLS_DEBUG_C
2795requires_config_enabled MBEDTLS_SSL_CLI_C
2796requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2797 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2798run_test "TLS 1.3: m->O: psk_ephemeral/all,good,no common id,only warning" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2799 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2800 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2801 0 \
2802 -c "=> write client hello" \
2803 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2804 -c "client hello, adding psk_key_exchange_modes extension" \
2805 -c "client hello, adding PSK binder list" \
2806 -c "<= write client hello" \
2807 -c "HTTP/1.0 200 ok"
2808
2809requires_openssl_tls1_3
2810requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2811requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2812requires_config_enabled MBEDTLS_DEBUG_C
2813requires_config_enabled MBEDTLS_SSL_CLI_C
2814requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2815 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2816run_test "TLS 1.3: m->O: psk_ephemeral/all, fail,no common key material" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2817 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2818 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
Xiaokang Qianff5705b2022-08-24 03:18:31 +0000[diff] [blame]2819 1 \
2820 -c "=> write client hello" \
2821 -c "client hello, adding psk_key_exchange_modes extension" \
2822 -c "skip pre_shared_key extensions" \
2823 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" \
2824 -c "<= write client hello"
2825
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2826#OPENSSL-SERVER ephemeral mode
2827requires_openssl_tls1_3
2828requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2829requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2830requires_config_enabled MBEDTLS_DEBUG_C
2831requires_config_enabled MBEDTLS_SSL_CLI_C
2832requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2833 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2834run_test "TLS 1.3: m->O: ephemeral/all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2835 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2836 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2837 0 \
2838 -c "=> write client hello" \
2839 -c "skip psk_key_exchange_modes extension" \
2840 -c "<= write client hello" \
2841 -c "found key_shares extension" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2842 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2843 -c "HTTP/1.0 200 ok"
2844
2845requires_openssl_tls1_3
2846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2847requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2848requires_config_enabled MBEDTLS_DEBUG_C
2849requires_config_enabled MBEDTLS_SSL_CLI_C
2850requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2851 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2852run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2853 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2854 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
2855 0 \
2856 -c "=> write client hello" \
2857 -c "skip psk_key_exchange_modes extension" \
2858 -c "<= write client hello" \
2859 -c "found key_shares extension" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2860 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2861 -c "HTTP/1.0 200 ok"
2862
2863requires_openssl_tls1_3
2864requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2865requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2866requires_config_enabled MBEDTLS_DEBUG_C
2867requires_config_enabled MBEDTLS_SSL_CLI_C
2868requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2869 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2870run_test "TLS 1.3: m->O: ephemeral/all, good,no common id, only warning" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2871 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2872 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0c0d0e tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2873 0 \
2874 -c "=> write client hello" \
2875 -c "skip psk_key_exchange_modes extension" \
2876 -c "<= write client hello" \
2877 -c "found key_shares extension" \
2878 -c "HTTP/1.0 200 ok"
2879
2880requires_openssl_tls1_3
2881requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2882requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2883requires_config_enabled MBEDTLS_DEBUG_C
2884requires_config_enabled MBEDTLS_SSL_CLI_C
2885requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2886 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2887run_test "TLS 1.3: m->O: ephemeral/dhe_all, good - no common id, only warning" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2888 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2889 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2890 0 \
2891 -c "=> write client hello" \
2892 -c "skip psk_key_exchange_modes extension" \
2893 -c "<= write client hello" \
2894 -c "found key_shares extension" \
2895 -c "HTTP/1.0 200 ok"
2896
2897requires_openssl_tls1_3
2898requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2899requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2900requires_config_enabled MBEDTLS_DEBUG_C
2901requires_config_enabled MBEDTLS_SSL_CLI_C
2902requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2903 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2904run_test "TLS 1.3: m->O: ephemeral/all, good, psk mismatch, fallback to dhe" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2905 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2906 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2907 0 \
2908 -c "=> write client hello" \
2909 -c "skip psk_key_exchange_modes extension" \
Xiaokang Qian01173c22022-08-24 06:29:05 +0000[diff] [blame]2910 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2911 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]2912 -c "HTTP/1.0 200 ok"
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2913
2914#OPENSSL-SERVER ephemeral_all mode
2915requires_openssl_tls1_3
2916requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2917requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2918requires_config_enabled MBEDTLS_DEBUG_C
2919requires_config_enabled MBEDTLS_SSL_CLI_C
2920requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2921 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2922run_test "TLS 1.3: m->O: ephemeral_all/all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2923 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2924 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2925 0 \
2926 -c "=> write client hello" \
2927 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2928 -c "client hello, adding psk_key_exchange_modes extension" \
2929 -c "client hello, adding PSK binder list" \
2930 -c "<= write client hello" \
2931 -c "HTTP/1.0 200 ok"
2932
2933requires_openssl_tls1_3
2934requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2935requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2936requires_config_enabled MBEDTLS_DEBUG_C
2937requires_config_enabled MBEDTLS_SSL_CLI_C
2938requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2939 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2940run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2941 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
2942 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
2943 0 \
2944 -c "=> write client hello" \
2945 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2946 -c "client hello, adding psk_key_exchange_modes extension" \
2947 -c "client hello, adding PSK binder list" \
2948 -c "<= write client hello" \
2949 -c "HTTP/1.0 200 ok"
2950
2951requires_openssl_tls1_3
2952requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2953requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2954requires_config_enabled MBEDTLS_DEBUG_C
2955requires_config_enabled MBEDTLS_SSL_CLI_C
2956requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2957 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2958run_test "TLS 1.3: m->O: ephemeral_all/all, good,no common id, only warning" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2959 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2960 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0c0d0e tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2961 0 \
2962 -c "=> write client hello" \
2963 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2964 -c "client hello, adding psk_key_exchange_modes extension" \
2965 -c "client hello, adding PSK binder list" \
2966 -c "<= write client hello" \
2967 -s "PSK warning: client identity not what we expected" \
2968 -c "HTTP/1.0 200 ok"
2969
2970requires_openssl_tls1_3
2971requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2972requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2973requires_config_enabled MBEDTLS_DEBUG_C
2974requires_config_enabled MBEDTLS_SSL_CLI_C
2975requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2976 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2977run_test "TLS 1.3: m->O: ephemeral_all/dhe_all, good,no common id, only warning" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2978 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]2979 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2980 0 \
2981 -c "=> write client hello" \
2982 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
2983 -c "client hello, adding psk_key_exchange_modes extension" \
2984 -c "client hello, adding PSK binder list" \
2985 -c "<= write client hello" \
2986 -c "HTTP/1.0 200 ok"
2987
2988requires_openssl_tls1_3
2989requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2990requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
2991requires_config_enabled MBEDTLS_DEBUG_C
2992requires_config_enabled MBEDTLS_SSL_CLI_C
2993requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
2994 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]2995run_test "TLS 1.3: m->O: ephemeral_all/all, fail,no common psk" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2996 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -nocert" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]2997 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c psk=040506 tls13_kex_modes=ephemeral_all" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]2998 1 \
2999 -c "=> write client hello" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3000 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3001 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3002 -c "client hello, adding PSK binder list" \
Xiaokang Qiana39d0d52022-08-24 06:48:07 +0000[diff] [blame]3003 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" \
3004 -c "<= write client hello"
3005
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3006#OPENSSL-SERVER all mode
3007requires_openssl_tls1_3
3008requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3009requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3010requires_config_enabled MBEDTLS_DEBUG_C
3011requires_config_enabled MBEDTLS_SSL_CLI_C
3012requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3013 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3014run_test "TLS 1.3: m->O: all/all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3015 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3016 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3017 0 \
3018 -c "=> write client hello" \
3019 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3020 -c "client hello, adding psk_key_exchange_modes extension" \
3021 -c "client hello, adding PSK binder list" \
3022 -c "<= write client hello" \
3023 -c "HTTP/1.0 200 ok"
3024
3025requires_openssl_tls1_3
3026requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3027requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3028requires_config_enabled MBEDTLS_DEBUG_C
3029requires_config_enabled MBEDTLS_SSL_CLI_C
3030requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3031 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3032run_test "TLS 1.3: m->O: all/ephemeral_all, good" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3033 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
3034 "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
3035 0 \
3036 -c "=> write client hello" \
3037 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3038 -c "client hello, adding psk_key_exchange_modes extension" \
3039 -c "client hello, adding PSK binder list" \
3040 -c "<= write client hello" \
3041 -c "HTTP/1.0 200 ok"
3042
3043requires_openssl_tls1_3
3044requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3045requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3046requires_config_enabled MBEDTLS_DEBUG_C
3047requires_config_enabled MBEDTLS_SSL_CLI_C
3048requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3049 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3050run_test "TLS 1.3: m->O: all/all, good, no common id, only warning" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3051 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3052 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0c0d0e tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3053 0 \
3054 -c "=> write client hello" \
3055 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3056 -c "client hello, adding psk_key_exchange_modes extension" \
3057 -c "client hello, adding PSK binder list" \
3058 -c "<= write client hello" \
3059 -s "PSK warning: client identity not what we expected" \
3060 -c "HTTP/1.0 200 ok"
3061
3062requires_openssl_tls1_3
3063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3064requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3065requires_config_enabled MBEDTLS_DEBUG_C
3066requires_config_enabled MBEDTLS_SSL_CLI_C
3067requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3068 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3069run_test "TLS 1.3: m->O: all/dhe_all, good, no common id, only warning" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3070 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3071 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3072 0 \
3073 -c "=> write client hello" \
3074 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3075 -c "client hello, adding psk_key_exchange_modes extension" \
3076 -c "client hello, adding PSK binder list" \
3077 -c "<= write client hello" \
3078 -c "HTTP/1.0 200 ok"
3079
3080requires_openssl_tls1_3
3081requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3082requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3083requires_config_enabled MBEDTLS_DEBUG_C
3084requires_config_enabled MBEDTLS_SSL_CLI_C
3085requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
3086 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3087run_test "TLS 1.3: m->O: all/all, fail,no common psk, no fallback" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3088 "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -nocert" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3089 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c psk=040506 tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3090 1 \
3091 -c "=> write client hello" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3092 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3093 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3094 -c "client hello, adding PSK binder list" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3095 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" \
3096 -c "<= write client hello"
3097
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3098#GNUTLS-SERVER psk mode
3099requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3100requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3101requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3102requires_config_enabled MBEDTLS_DEBUG_C
3103requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3104run_test "TLS 1.3: m->G: psk/all, good" \
3105 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3106 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3107 0 \
3108 -c "=> write client hello" \
3109 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3110 -c "client hello, adding psk_key_exchange_modes extension" \
3111 -c "client hello, adding PSK binder list" \
3112 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3113 -s "Parsing extension 'Pre Shared Key/41'" \
3114 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3115 -c "Server selected key exchange mode: psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3116 -c "HTTP/1.0 200 OK"
3117
3118requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3119requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3120requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3121requires_config_enabled MBEDTLS_DEBUG_C
3122requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3123run_test "TLS 1.3: m->G: psk/psk_or_ephemeral, good" \
3124 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3125 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3126 0 \
3127 -c "=> write client hello" \
3128 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3129 -c "client hello, adding psk_key_exchange_modes extension" \
3130 -c "client hello, adding PSK binder list" \
3131 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3132 -s "Parsing extension 'Pre Shared Key/41'" \
3133 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3134 -c "Server selected key exchange mode: psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3135 -c "HTTP/1.0 200 OK"
3136
3137requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3138requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3139requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3140requires_config_enabled MBEDTLS_DEBUG_C
3141requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3142run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \
3143 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3144 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \
3145 1 \
3146 -c "=> write client hello" \
3147 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3148 -c "client hello, adding psk_key_exchange_modes extension" \
3149 -c "client hello, adding PSK binder list" \
3150 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3151 -s "Parsing extension 'Pre Shared Key/41'" \
3152 -c "<= write client hello" \
3153 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3154
3155requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3156requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3157requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3158requires_config_enabled MBEDTLS_DEBUG_C
3159requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3160run_test "TLS 1.3: m->G: psk/all, fail - no common id" \
3161 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3162 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
3163 1 \
3164 -c "=> write client hello" \
3165 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3166 -c "client hello, adding psk_key_exchange_modes extension" \
3167 -c "client hello, adding PSK binder list" \
3168 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3169 -s "Parsing extension 'Pre Shared Key/41'" \
3170 -c "<= write client hello" \
3171 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3172
3173requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3174requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3175requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3176requires_config_enabled MBEDTLS_DEBUG_C
3177requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3178run_test "TLS 1.3: m->G: psk/psk, fail - no common id" \
3179 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3180 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \
3181 1 \
3182 -c "=> write client hello" \
3183 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3184 -c "client hello, adding psk_key_exchange_modes extension" \
3185 -c "client hello, adding PSK binder list" \
3186 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3187 -s "Parsing extension 'Pre Shared Key/41'" \
3188 -c "<= write client hello" \
3189 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3190
3191requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3192requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3193requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3194requires_config_enabled MBEDTLS_DEBUG_C
3195requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3196run_test "TLS 1.3: m->G: psk/ephemeral_all, fail, no common psk" \
3197 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3198 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3199 1 \
3200 -c "=> write client hello" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3201 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3202 -c "client hello, adding psk_key_exchange_modes extension" \
Xiaokang Qian89399302022-09-21 07:16:22 +0000[diff] [blame^]3203 -c "client hello, adding PSK binder list" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3204 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3205 -c "<= write client hello" \
3206 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3207
3208#GNUTLS-SERVER psk_all mode
3209requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3210requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3211requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3212requires_config_enabled MBEDTLS_DEBUG_C
3213requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3214run_test "TLS 1.3: m->G: psk_all/all, good" \
3215 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3216 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3217 0 \
3218 -c "=> write client hello" \
3219 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3220 -c "client hello, adding psk_key_exchange_modes extension" \
3221 -c "client hello, adding PSK binder list" \
3222 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3223 -s "Parsing extension 'Pre Shared Key/41'" \
3224 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3225 -c "Server selected key exchange mode: psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3226 -c "HTTP/1.0 200 OK"
3227
3228requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3229requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3230requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3231requires_config_enabled MBEDTLS_DEBUG_C
3232requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3233run_test "TLS 1.3: m->G: psk_all/psk, good" \
3234 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3235 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3236 0 \
3237 -c "=> write client hello" \
3238 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3239 -c "client hello, adding psk_key_exchange_modes extension" \
3240 -c "client hello, adding PSK binder list" \
3241 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3242 -s "Parsing extension 'Pre Shared Key/41'" \
3243 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3244 -c "Server selected key exchange mode: psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3245 -c "HTTP/1.0 200 OK"
3246
3247requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3248requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3249requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3250requires_config_enabled MBEDTLS_DEBUG_C
3251requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3252run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail - no fallback" \
3253 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3254 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \
3255 1 \
3256 -c "=> write client hello" \
3257 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3258 -c "client hello, adding psk_key_exchange_modes extension" \
3259 -c "client hello, adding PSK binder list" \
3260 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3261 -s "Parsing extension 'Pre Shared Key/41'" \
3262 -c "<= write client hello" \
3263 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3264
3265requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3266requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3267requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3268requires_config_enabled MBEDTLS_DEBUG_C
3269requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3270run_test "TLS 1.3: m->G: psk_all/all, fail - no common id" \
3271 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3272 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
3273 1 \
3274 -c "=> write client hello" \
3275 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3276 -c "client hello, adding psk_key_exchange_modes extension" \
3277 -c "client hello, adding PSK binder list" \
3278 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3279 -s "Parsing extension 'Pre Shared Key/41'" \
3280 -c "<= write client hello" \
3281 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3282
3283requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3284requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3285requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3286requires_config_enabled MBEDTLS_DEBUG_C
3287requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3288run_test "TLS 1.3: m->G: psk_all/psk, fail - no common id" \
3289 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3290 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
3291 1 \
3292 -c "=> write client hello" \
3293 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3294 -c "client hello, adding psk_key_exchange_modes extension" \
3295 -c "client hello, adding PSK binder list" \
3296 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3297 -s "Parsing extension 'Pre Shared Key/41'" \
3298 -c "<= write client hello" \
3299 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3300
3301requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3302requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3303requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3304requires_config_enabled MBEDTLS_DEBUG_C
3305requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3306run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail, no common psk" \
3307 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3308 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=psk_all" \
3309 1 \
3310 -c "=> write client hello" \
3311 -c "client hello, adding psk_key_exchange_modes extension" \
3312 -c "skip pre_shared_key extensions" \
3313 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3314 -c "<= write client hello" \
3315 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3316
3317#GNUTLS-SERVER psk_ephemeral mode
3318requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3319requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3320requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3321requires_config_enabled MBEDTLS_DEBUG_C
3322requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3323run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \
3324 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3325 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3326 0 \
3327 -c "=> write client hello" \
3328 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3329 -c "client hello, adding psk_key_exchange_modes extension" \
3330 -c "client hello, adding PSK binder list" \
3331 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3332 -s "Parsing extension 'Pre Shared Key/41'" \
3333 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3334 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3335 -c "HTTP/1.0 200 OK"
3336
3337requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3338requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3339requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3340requires_config_enabled MBEDTLS_DEBUG_C
3341requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3342run_test "TLS 1.3: m->G: psk_ephemeral/psk, fail - no common kex mode" \
3343 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3344 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3345 1 \
3346 -c "=> write client hello" \
3347 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3348 -c "client hello, adding psk_key_exchange_modes extension" \
3349 -c "client hello, adding PSK binder list" \
3350 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3351 -s "Parsing extension 'Pre Shared Key/41'" \
3352 -c "<= write client hello" \
3353 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3354
3355requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3356requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3357requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3358requires_config_enabled MBEDTLS_DEBUG_C
3359requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3360run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \
3361 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3362 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \
3363 0 \
3364 -c "=> write client hello" \
3365 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3366 -c "client hello, adding psk_key_exchange_modes extension" \
3367 -c "client hello, adding PSK binder list" \
3368 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3369 -s "Parsing extension 'Pre Shared Key/41'" \
3370 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3371 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3372 -c "HTTP/1.0 200 OK"
3373
3374requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3375requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3376requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3377requires_config_enabled MBEDTLS_DEBUG_C
3378requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3379run_test "TLS 1.3: m->G: psk_ephemeral/dhe_all, fail, key material mismatch" \
3380 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3381 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \
3382 1 \
3383 -c "=> write client hello" \
3384 -c "client hello, adding psk_key_exchange_modes extension" \
3385 -c "skip pre_shared_key extensions" \
3386 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3387 -c "<= write client hello" \
3388 -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer"
3389
3390#GNUTLS-SERVER ephemeral mode
3391requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3392requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3393requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3394requires_config_enabled MBEDTLS_DEBUG_C
3395requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3396run_test "TLS 1.3: m->G: ephemeral/all, good" \
3397 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3398 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3399 0 \
3400 -c "=> write client hello" \
3401 -c "skip psk_key_exchange_modes extension" \
3402 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3403 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3404 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3405 -c "HTTP/1.0 200 OK"
3406
3407requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3408requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3409requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3410requires_config_enabled MBEDTLS_DEBUG_C
3411requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3412run_test "TLS 1.3: m->G: ephemeral/psk, good" \
3413 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3414 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3415 0 \
3416 -c "=> write client hello" \
3417 -c "skip psk_key_exchange_modes extension" \
3418 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3419 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3420 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3421 -c "HTTP/1.0 200 OK"
3422
3423requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3424requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3425requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3426requires_config_enabled MBEDTLS_DEBUG_C
3427requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3428run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \
3429 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3430 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \
3431 0 \
3432 -c "=> write client hello" \
3433 -c "skip psk_key_exchange_modes extension" \
3434 -s "Not sending extension (PSK Key Exchange Modes/45)" \
3435 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3436 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3437 -c "HTTP/1.0 200 OK"
3438
3439#GNUTLS-SERVER ephemeral_all mode
3440requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3441requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3442requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3443requires_config_enabled MBEDTLS_DEBUG_C
3444requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3445run_test "TLS 1.3: m->G: ephemeral_all/all, good" \
3446 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3447 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3448 0 \
3449 -c "=> write client hello" \
3450 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3451 -c "client hello, adding psk_key_exchange_modes extension" \
3452 -c "client hello, adding PSK binder list" \
3453 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3454 -s "Parsing extension 'Pre Shared Key/41'" \
3455 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3456 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3457 -c "HTTP/1.0 200 OK"
3458
3459requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3460requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3461requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3462requires_config_enabled MBEDTLS_DEBUG_C
3463requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3464run_test "TLS 1.3: m->G: ephemeral_all/psk, good - fallback to ephemeral" \
3465 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3466 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3467 0 \
3468 -c "=> write client hello" \
3469 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3470 -c "client hello, adding psk_key_exchange_modes extension" \
3471 -c "client hello, adding PSK binder list" \
3472 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3473 -s "Parsing extension 'Pre Shared Key/41'" \
3474 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3475 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3476 -c "HTTP/1.0 200 OK"
3477
3478requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3479requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3480requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3481requires_config_enabled MBEDTLS_DEBUG_C
3482requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3483run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \
3484 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3485 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \
3486 0 \
3487 -c "=> write client hello" \
3488 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3489 -c "client hello, adding psk_key_exchange_modes extension" \
3490 -c "client hello, adding PSK binder list" \
3491 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3492 -s "Parsing extension 'Pre Shared Key/41'" \
3493 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3494 -c "Server selected key exchange mode: psk_ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3495 -c "HTTP/1.0 200 OK"
3496
3497requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3498requires_gnutls_tls1_3
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3499requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3500requires_config_enabled MBEDTLS_DEBUG_C
3501requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3502run_test "TLS 1.3: m->G: dhe_all/dhe_all,good,psk mismatch,fallback to dhe" \
3503 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3504 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \
3505 0 \
3506 -c "=> write client hello" \
3507 -c "client hello, adding psk_key_exchange_modes extension" \
3508 -c "skip pre_shared_key extensions" \
3509 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3510 -c "<= write client hello" \
3511 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3512 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qian2aaf1c12022-08-30 09:18:59 +0000[diff] [blame]3513 -c "HTTP/1.0 200 OK"
3514
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3515#GNUTLS-SERVER all mode
3516requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3517requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3518requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3519requires_config_enabled MBEDTLS_DEBUG_C
3520requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3521run_test "TLS 1.3: m->G: all/all, good" \
3522 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3523 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3524 0 \
3525 -c "=> write client hello" \
3526 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3527 -c "client hello, adding psk_key_exchange_modes extension" \
3528 -c "client hello, adding PSK binder list" \
3529 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3530 -s "Parsing extension 'Pre Shared Key/41'" \
3531 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3532 -c "Server selected key exchange mode: psk" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3533 -c "HTTP/1.0 200 OK"
3534
3535requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3536requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3537requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3538requires_config_enabled MBEDTLS_DEBUG_C
3539requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3540run_test "TLS 1.3: m->G: all/psk, good" \
3541 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3542 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3543 0 \
3544 -c "=> write client hello" \
3545 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3546 -c "client hello, adding psk_key_exchange_modes extension" \
3547 -c "client hello, adding PSK binder list" \
3548 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3549 -s "Parsing extension 'Pre Shared Key/41'" \
3550 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3551 -c "Server selected key exchange mode: psk" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3552 -c "HTTP/1.0 200 OK"
3553
3554requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3555requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3556requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3557requires_config_enabled MBEDTLS_DEBUG_C
3558requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3559run_test "TLS 1.3: m->G: all/ephemeral_all, good" \
3560 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3561 "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3562 0 \
3563 -c "=> write client hello" \
3564 -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \
3565 -c "client hello, adding psk_key_exchange_modes extension" \
3566 -c "client hello, adding PSK binder list" \
3567 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3568 -s "Parsing extension 'Pre Shared Key/41'" \
3569 -c "<= write client hello" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3570 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3571 -c "HTTP/1.0 200 OK"
3572
3573requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
3574requires_gnutls_tls1_3
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3575requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
3576requires_config_enabled MBEDTLS_DEBUG_C
3577requires_config_enabled MBEDTLS_SSL_CLI_C
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3578run_test "TLS 1.3: m->G: all/dhe_all,good,key material mismatch,fallback to dhe" \
3579 "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskpasswd=data_files/simplepass.psk" \
Xiaokang Qian198cefd2022-08-25 10:42:56 +0000[diff] [blame]3580 "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=all" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3581 0 \
3582 -c "=> write client hello" \
3583 -c "client hello, adding psk_key_exchange_modes extension" \
3584 -c "skip pre_shared_key extensions" \
3585 -s "Parsing extension 'PSK Key Exchange Modes/45'" \
3586 -c "<= write client hello" \
3587 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Xiaokang Qian8f7d7c72022-09-07 10:10:16 +0000[diff] [blame]3588 -c "Server selected key exchange mode: ephemeral" \
Xiaokang Qiandf6a3892022-08-24 06:55:18 +0000[diff] [blame]3589 -c "HTTP/1.0 200 OK"