1*62c56f98SSadaf Ebrahimi#!/bin/sh 2*62c56f98SSadaf Ebrahimi 3*62c56f98SSadaf Ebrahimi# tls13-kex-modes.sh 4*62c56f98SSadaf Ebrahimi# 5*62c56f98SSadaf Ebrahimi# Copyright The Mbed TLS Contributors 6*62c56f98SSadaf Ebrahimi# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7*62c56f98SSadaf Ebrahimi# 8*62c56f98SSadaf Ebrahimi 9*62c56f98SSadaf Ebrahimi# DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by 10*62c56f98SSadaf Ebrahimi# scripts in future(#6280) 11*62c56f98SSadaf Ebrahimi 12*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 13*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 14*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 15*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk, good" \ 16*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 17*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 18*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 19*62c56f98SSadaf Ebrahimi localhost" \ 20*62c56f98SSadaf Ebrahimi 0 \ 21*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 22*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 23*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 24*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 25*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 26*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 27*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk$" \ 28*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 29*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 30*62c56f98SSadaf Ebrahimi 31*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 32*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 33*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 34*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \ 35*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 36*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 37*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 38*62c56f98SSadaf Ebrahimi localhost" \ 39*62c56f98SSadaf Ebrahimi 1 \ 40*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 41*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 42*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 43*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 44*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 45*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 46*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 47*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 48*62c56f98SSadaf Ebrahimi 49*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 50*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 51*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 52*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \ 53*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 54*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 55*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 56*62c56f98SSadaf Ebrahimi localhost" \ 57*62c56f98SSadaf Ebrahimi 1 \ 58*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 59*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 60*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 61*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 62*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 63*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 64*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 65*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 66*62c56f98SSadaf Ebrahimi 67*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 68*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 69*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 70*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \ 71*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 72*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 73*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 74*62c56f98SSadaf Ebrahimi localhost" \ 75*62c56f98SSadaf Ebrahimi 0 \ 76*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 77*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 78*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 79*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 80*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 81*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 82*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk$" \ 83*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 84*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 85*62c56f98SSadaf Ebrahimi 86*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 87*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 88*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 89*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \ 90*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 91*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 92*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 93*62c56f98SSadaf Ebrahimi localhost" \ 94*62c56f98SSadaf Ebrahimi 1 \ 95*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 96*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 97*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 98*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 99*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 100*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 101*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 102*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 103*62c56f98SSadaf Ebrahimi 104*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 105*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 106*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 107*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \ 108*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 109*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 110*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 111*62c56f98SSadaf Ebrahimi localhost" \ 112*62c56f98SSadaf Ebrahimi 1 \ 113*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 114*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 115*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 116*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 117*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 118*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 119*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 120*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 121*62c56f98SSadaf Ebrahimi 122*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 123*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 124*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 125*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \ 126*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 127*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 128*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 129*62c56f98SSadaf Ebrahimi localhost" \ 130*62c56f98SSadaf Ebrahimi 0 \ 131*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 132*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 133*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 134*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 135*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 136*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 137*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 138*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 139*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 140*62c56f98SSadaf Ebrahimi 141*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 142*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 143*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 144*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ 145*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 146*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 147*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 148*62c56f98SSadaf Ebrahimi localhost" \ 149*62c56f98SSadaf Ebrahimi 1 \ 150*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 151*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 152*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 153*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 154*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 155*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 156*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 157*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 158*62c56f98SSadaf Ebrahimi 159*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 160*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 161*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 162*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ 163*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 164*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 165*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 166*62c56f98SSadaf Ebrahimi localhost" \ 167*62c56f98SSadaf Ebrahimi 1 \ 168*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 169*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 170*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 171*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 172*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 173*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 174*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 175*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 176*62c56f98SSadaf Ebrahimi 177*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 178*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 179*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 180*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_ephemeral, good" \ 181*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 182*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 183*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 184*62c56f98SSadaf Ebrahimi localhost" \ 185*62c56f98SSadaf Ebrahimi 0 \ 186*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 187*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 188*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 189*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 190*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 191*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 192*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 193*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 194*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 195*62c56f98SSadaf Ebrahimi 196*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 197*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 198*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 199*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \ 200*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 201*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 202*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 203*62c56f98SSadaf Ebrahimi localhost" \ 204*62c56f98SSadaf Ebrahimi 1 \ 205*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 206*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 207*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 208*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 209*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 210*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 211*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 212*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 213*62c56f98SSadaf Ebrahimi 214*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 215*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 216*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 217*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \ 218*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 219*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 220*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 221*62c56f98SSadaf Ebrahimi localhost" \ 222*62c56f98SSadaf Ebrahimi 1 \ 223*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 224*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 225*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 226*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 227*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 228*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 229*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 230*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 231*62c56f98SSadaf Ebrahimi 232*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 233*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 234*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 235*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \ 236*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 237*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 238*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 239*62c56f98SSadaf Ebrahimi localhost" \ 240*62c56f98SSadaf Ebrahimi 1 \ 241*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 242*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 243*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 244*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 245*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 246*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 247*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 248*62c56f98SSadaf Ebrahimi 249*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 250*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 251*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 252*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 253*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \ 254*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 255*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 256*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 257*62c56f98SSadaf Ebrahimi localhost" \ 258*62c56f98SSadaf Ebrahimi 0 \ 259*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 260*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 261*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 262*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 263*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 264*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 265*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 266*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 267*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 268*62c56f98SSadaf Ebrahimi 269*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 270*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 271*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 272*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 273*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \ 274*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 275*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 276*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 277*62c56f98SSadaf Ebrahimi localhost" \ 278*62c56f98SSadaf Ebrahimi 1 \ 279*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 280*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 281*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 282*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 283*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 284*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 285*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 286*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 287*62c56f98SSadaf Ebrahimi 288*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 289*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 290*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 291*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 292*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \ 293*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 294*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 295*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 296*62c56f98SSadaf Ebrahimi localhost" \ 297*62c56f98SSadaf Ebrahimi 1 \ 298*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 299*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 300*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 301*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 302*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 303*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 304*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 305*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 306*62c56f98SSadaf Ebrahimi 307*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 308*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 309*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 310*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 311*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_all, good" \ 312*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 313*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 314*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 315*62c56f98SSadaf Ebrahimi localhost" \ 316*62c56f98SSadaf Ebrahimi 0 \ 317*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 318*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 319*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 320*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 321*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 322*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 323*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 324*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 325*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 326*62c56f98SSadaf Ebrahimi 327*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 328*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 329*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 330*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 331*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \ 332*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 333*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 334*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 335*62c56f98SSadaf Ebrahimi localhost" \ 336*62c56f98SSadaf Ebrahimi 1 \ 337*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 338*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 339*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 340*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 341*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 342*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 343*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 344*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 345*62c56f98SSadaf Ebrahimi 346*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 347*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 348*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 349*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 350*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \ 351*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 352*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 353*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 354*62c56f98SSadaf Ebrahimi localhost" \ 355*62c56f98SSadaf Ebrahimi 1 \ 356*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 357*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 358*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 359*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 360*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 361*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 362*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 363*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 364*62c56f98SSadaf Ebrahimi 365*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 366*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 367*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 368*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 369*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \ 370*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 371*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 372*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 373*62c56f98SSadaf Ebrahimi localhost" \ 374*62c56f98SSadaf Ebrahimi 0 \ 375*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 376*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 377*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 378*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 379*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 380*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 381*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk$" \ 382*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 383*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 384*62c56f98SSadaf Ebrahimi 385*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 386*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 387*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 388*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 389*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \ 390*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 391*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 392*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 393*62c56f98SSadaf Ebrahimi localhost" \ 394*62c56f98SSadaf Ebrahimi 1 \ 395*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 396*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 397*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 398*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 399*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 400*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 401*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 402*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 403*62c56f98SSadaf Ebrahimi 404*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 405*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 406*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 407*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 408*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \ 409*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 410*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 411*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 412*62c56f98SSadaf Ebrahimi localhost" \ 413*62c56f98SSadaf Ebrahimi 1 \ 414*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 415*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 416*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 417*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 418*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 419*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 420*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 421*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 422*62c56f98SSadaf Ebrahimi 423*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 424*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 425*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 426*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 427*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \ 428*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 429*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 430*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 431*62c56f98SSadaf Ebrahimi localhost" \ 432*62c56f98SSadaf Ebrahimi 0 \ 433*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 434*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 435*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 436*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 437*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 438*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 439*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 440*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 441*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 442*62c56f98SSadaf Ebrahimi 443*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 444*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 445*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 446*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 447*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \ 448*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 449*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 450*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 451*62c56f98SSadaf Ebrahimi localhost" \ 452*62c56f98SSadaf Ebrahimi 0 \ 453*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 454*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 455*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 456*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 457*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 458*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 459*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 460*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 461*62c56f98SSadaf Ebrahimi 462*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 463*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 464*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 465*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 466*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ 467*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 468*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 469*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 470*62c56f98SSadaf Ebrahimi localhost" \ 471*62c56f98SSadaf Ebrahimi 1 \ 472*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 473*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 474*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 475*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 476*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 477*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 478*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 479*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 480*62c56f98SSadaf Ebrahimi 481*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 482*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 483*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 484*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 485*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/ephemeral_all, good" \ 486*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 487*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 488*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 489*62c56f98SSadaf Ebrahimi localhost" \ 490*62c56f98SSadaf Ebrahimi 0 \ 491*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 492*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 493*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 494*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 495*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 496*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 497*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 498*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 499*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 500*62c56f98SSadaf Ebrahimi 501*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 502*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 503*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 504*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 505*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \ 506*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 507*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 508*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 509*62c56f98SSadaf Ebrahimi localhost" \ 510*62c56f98SSadaf Ebrahimi 0 \ 511*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 512*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 513*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 514*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 515*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 516*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 517*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 518*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 519*62c56f98SSadaf Ebrahimi 520*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 521*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 522*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 523*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 524*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \ 525*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 526*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 527*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 528*62c56f98SSadaf Ebrahimi localhost" \ 529*62c56f98SSadaf Ebrahimi 1 \ 530*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 531*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 532*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 533*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 534*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 535*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 536*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 537*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 538*62c56f98SSadaf Ebrahimi 539*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 540*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 541*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 542*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 543*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \ 544*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 545*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 546*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 547*62c56f98SSadaf Ebrahimi localhost" \ 548*62c56f98SSadaf Ebrahimi 0 \ 549*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 550*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 551*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 552*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 553*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 554*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 555*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 556*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 557*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 558*62c56f98SSadaf Ebrahimi 559*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 560*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 561*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 562*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 563*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 564*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/all, good" \ 565*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 566*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 567*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 568*62c56f98SSadaf Ebrahimi localhost" \ 569*62c56f98SSadaf Ebrahimi 0 \ 570*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 571*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 572*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 573*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 574*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 575*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 576*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 577*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 578*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 579*62c56f98SSadaf Ebrahimi 580*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 581*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 582*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 583*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 584*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 585*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \ 586*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 587*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 588*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 589*62c56f98SSadaf Ebrahimi localhost" \ 590*62c56f98SSadaf Ebrahimi 0 \ 591*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 592*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 593*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 594*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 595*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 596*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 597*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 598*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 599*62c56f98SSadaf Ebrahimi 600*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 601*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 602*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 603*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 604*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 605*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \ 606*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 607*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 608*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 609*62c56f98SSadaf Ebrahimi localhost" \ 610*62c56f98SSadaf Ebrahimi 1 \ 611*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 612*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 613*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 614*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 615*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 616*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 617*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 618*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 619*62c56f98SSadaf Ebrahimi 620*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 621*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 622*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 623*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 624*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 625*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/all, good" \ 626*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 627*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 628*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 629*62c56f98SSadaf Ebrahimi localhost" \ 630*62c56f98SSadaf Ebrahimi 0 \ 631*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 632*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 633*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 634*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 635*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 636*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 637*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 638*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 639*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 640*62c56f98SSadaf Ebrahimi 641*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 642*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 643*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 644*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 645*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 646*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \ 647*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 648*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 649*62c56f98SSadaf Ebrahimi --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 650*62c56f98SSadaf Ebrahimi localhost" \ 651*62c56f98SSadaf Ebrahimi 0 \ 652*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 653*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 654*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 655*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 656*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 657*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 658*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 659*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 660*62c56f98SSadaf Ebrahimi 661*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 662*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 663*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 664*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 665*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 666*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \ 667*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 668*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 669*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 670*62c56f98SSadaf Ebrahimi localhost" \ 671*62c56f98SSadaf Ebrahimi 1 \ 672*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 673*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 674*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 675*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 676*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 677*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 678*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 679*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 680*62c56f98SSadaf Ebrahimi 681*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 682*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 683*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 684*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 685*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 686*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \ 687*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 688*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 689*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 690*62c56f98SSadaf Ebrahimi localhost" \ 691*62c56f98SSadaf Ebrahimi 0 \ 692*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 693*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 694*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 695*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 696*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 697*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 698*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 699*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 700*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 701*62c56f98SSadaf Ebrahimi 702*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 703*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 704*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 705*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 706*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 707*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \ 708*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 709*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 710*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 711*62c56f98SSadaf Ebrahimi localhost" \ 712*62c56f98SSadaf Ebrahimi 1 \ 713*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 714*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 715*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 716*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 717*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 718*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 719*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 720*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 721*62c56f98SSadaf Ebrahimi 722*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 723*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 724*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 725*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 726*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \ 727*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 728*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 729*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 730*62c56f98SSadaf Ebrahimi localhost" \ 731*62c56f98SSadaf Ebrahimi 0 \ 732*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 733*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 734*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 735*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 736*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 737*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 738*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 739*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 740*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 741*62c56f98SSadaf Ebrahimi 742*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 743*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 744*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 745*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 746*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \ 747*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 748*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 749*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 750*62c56f98SSadaf Ebrahimi localhost" \ 751*62c56f98SSadaf Ebrahimi 0 \ 752*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 753*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 754*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 755*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 756*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 757*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 758*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 759*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 760*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 761*62c56f98SSadaf Ebrahimi 762*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 763*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 764*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 765*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 766*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \ 767*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 768*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 769*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 770*62c56f98SSadaf Ebrahimi localhost" \ 771*62c56f98SSadaf Ebrahimi 1 \ 772*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 773*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 774*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 775*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 776*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 777*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 778*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 779*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 780*62c56f98SSadaf Ebrahimi 781*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 782*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 783*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 784*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 785*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \ 786*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 787*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 788*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 789*62c56f98SSadaf Ebrahimi localhost" \ 790*62c56f98SSadaf Ebrahimi 0 \ 791*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 792*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 793*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 794*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 795*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 796*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 797*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 798*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 799*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 800*62c56f98SSadaf Ebrahimi 801*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 802*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 803*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 804*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 805*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \ 806*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 807*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ 808*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ 809*62c56f98SSadaf Ebrahimi localhost" \ 810*62c56f98SSadaf Ebrahimi 1 \ 811*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 812*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 813*62c56f98SSadaf Ebrahimi -S "Found PSK_EPHEMERAL KEX MODE" \ 814*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 815*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 816*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 817*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 818*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 819*62c56f98SSadaf Ebrahimi 820*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 821*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 822*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 823*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 824*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \ 825*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 826*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \ 827*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 828*62c56f98SSadaf Ebrahimi localhost" \ 829*62c56f98SSadaf Ebrahimi 0 \ 830*62c56f98SSadaf Ebrahimi -s "write selected_group: secp256r1" \ 831*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 832*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 833*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 834*62c56f98SSadaf Ebrahimi 835*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 836*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 837*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 838*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 839*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \ 840*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 841*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \ 842*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 843*62c56f98SSadaf Ebrahimi localhost" \ 844*62c56f98SSadaf Ebrahimi 0 \ 845*62c56f98SSadaf Ebrahimi -s "write selected_group: secp384r1" \ 846*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 847*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 848*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 849*62c56f98SSadaf Ebrahimi 850*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 851*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 852*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 853*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 854*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \ 855*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 856*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \ 857*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 858*62c56f98SSadaf Ebrahimi localhost" \ 859*62c56f98SSadaf Ebrahimi 0 \ 860*62c56f98SSadaf Ebrahimi -s "write selected_group: secp521r1" \ 861*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 862*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 863*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 864*62c56f98SSadaf Ebrahimi 865*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 866*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 867*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 868*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 869*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \ 870*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 871*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \ 872*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 873*62c56f98SSadaf Ebrahimi localhost" \ 874*62c56f98SSadaf Ebrahimi 0 \ 875*62c56f98SSadaf Ebrahimi -s "write selected_group: x25519" \ 876*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 877*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 878*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 879*62c56f98SSadaf Ebrahimi 880*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 881*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 882*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 883*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 884*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \ 885*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 886*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \ 887*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 888*62c56f98SSadaf Ebrahimi localhost" \ 889*62c56f98SSadaf Ebrahimi 0 \ 890*62c56f98SSadaf Ebrahimi -s "write selected_group: x448" \ 891*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 892*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 893*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 894*62c56f98SSadaf Ebrahimi 895*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 896*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 897*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 898*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \ 899*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 900*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 901*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 902*62c56f98SSadaf Ebrahimi 1 \ 903*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 904*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 905*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 906*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 907*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 908*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 909*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 910*62c56f98SSadaf Ebrahimi 911*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 912*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 913*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 914*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk, good" \ 915*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 916*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 917*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 918*62c56f98SSadaf Ebrahimi 0 \ 919*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 920*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 921*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 922*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 923*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 924*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 925*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk$" \ 926*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 927*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 928*62c56f98SSadaf Ebrahimi 929*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 930*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 931*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 932*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \ 933*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 934*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 935*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 936*62c56f98SSadaf Ebrahimi 1 \ 937*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 938*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 939*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 940*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 941*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 942*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 943*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 944*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 945*62c56f98SSadaf Ebrahimi 946*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 947*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 948*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 949*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \ 950*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 951*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 952*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 953*62c56f98SSadaf Ebrahimi 1 \ 954*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 955*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 956*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 957*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 958*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 959*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 960*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 961*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 962*62c56f98SSadaf Ebrahimi 963*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 964*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 965*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 966*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \ 967*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 968*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 969*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 970*62c56f98SSadaf Ebrahimi 0 \ 971*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 972*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 973*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 974*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 975*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 976*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 977*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 978*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 979*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 980*62c56f98SSadaf Ebrahimi 981*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 982*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 983*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 984*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ 985*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 986*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 987*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 988*62c56f98SSadaf Ebrahimi 1 \ 989*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 990*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 991*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 992*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 993*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 994*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 995*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 996*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 997*62c56f98SSadaf Ebrahimi 998*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 999*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1000*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1001*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ 1002*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1003*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1004*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1005*62c56f98SSadaf Ebrahimi 1 \ 1006*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1007*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1008*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1009*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1010*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1011*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1012*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1013*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1014*62c56f98SSadaf Ebrahimi 1015*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1016*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1017*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1018*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_ephemeral, good" \ 1019*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1020*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1021*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1022*62c56f98SSadaf Ebrahimi 0 \ 1023*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1024*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1025*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1026*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1027*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1028*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1029*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1030*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1031*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1032*62c56f98SSadaf Ebrahimi 1033*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1034*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1035*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1036*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \ 1037*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1038*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1039*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1040*62c56f98SSadaf Ebrahimi 1 \ 1041*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1042*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1043*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1044*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1045*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1046*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1047*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1048*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1049*62c56f98SSadaf Ebrahimi 1050*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1051*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1052*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1053*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \ 1054*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1055*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1056*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1057*62c56f98SSadaf Ebrahimi 1 \ 1058*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1059*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1060*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1061*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1062*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1063*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1064*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1065*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1066*62c56f98SSadaf Ebrahimi 1067*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1068*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1069*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1070*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1071*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \ 1072*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1073*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1074*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1075*62c56f98SSadaf Ebrahimi 0 \ 1076*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1077*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1078*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1079*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1080*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1081*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1082*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1083*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1084*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1085*62c56f98SSadaf Ebrahimi 1086*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1087*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1088*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1089*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1090*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \ 1091*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1092*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1093*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1094*62c56f98SSadaf Ebrahimi 1 \ 1095*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1096*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1097*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1098*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1099*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1100*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1101*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1102*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1103*62c56f98SSadaf Ebrahimi 1104*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1105*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1106*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1107*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1108*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \ 1109*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1110*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1111*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1112*62c56f98SSadaf Ebrahimi 1 \ 1113*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1114*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1115*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1116*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1117*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1118*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1119*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1120*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1121*62c56f98SSadaf Ebrahimi 1122*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1123*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1124*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1125*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1126*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_all, good" \ 1127*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1128*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1129*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1130*62c56f98SSadaf Ebrahimi 0 \ 1131*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1132*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1133*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1134*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1135*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1136*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1137*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1138*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1139*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1140*62c56f98SSadaf Ebrahimi 1141*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1142*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1143*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1144*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1145*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \ 1146*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1147*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1148*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1149*62c56f98SSadaf Ebrahimi 1 \ 1150*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1151*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1152*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1153*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1154*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1155*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1156*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1157*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1158*62c56f98SSadaf Ebrahimi 1159*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1160*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1161*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1162*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1163*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \ 1164*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ 1165*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1166*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1167*62c56f98SSadaf Ebrahimi 1 \ 1168*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1169*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1170*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1171*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1172*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1173*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1174*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1175*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1176*62c56f98SSadaf Ebrahimi 1177*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1178*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1179*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1180*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1181*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \ 1182*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1183*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1184*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1185*62c56f98SSadaf Ebrahimi 0 \ 1186*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1187*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1188*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1189*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1190*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1191*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1192*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1193*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1194*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1195*62c56f98SSadaf Ebrahimi 1196*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1197*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1198*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1199*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1200*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \ 1201*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1202*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1203*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1204*62c56f98SSadaf Ebrahimi 0 \ 1205*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1206*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1207*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1208*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1209*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1210*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1211*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1212*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1213*62c56f98SSadaf Ebrahimi 1214*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1215*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1216*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1217*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1218*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ 1219*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1220*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1221*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1222*62c56f98SSadaf Ebrahimi 1 \ 1223*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1224*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1225*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1226*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1227*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1228*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1229*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1230*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1231*62c56f98SSadaf Ebrahimi 1232*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1233*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1234*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1235*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1236*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/ephemeral_all, good" \ 1237*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1238*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1239*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1240*62c56f98SSadaf Ebrahimi 0 \ 1241*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1242*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1243*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1244*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1245*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1246*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1247*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1248*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1249*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1250*62c56f98SSadaf Ebrahimi 1251*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1252*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1253*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1254*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1255*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \ 1256*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1257*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1258*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1259*62c56f98SSadaf Ebrahimi 0 \ 1260*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1261*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1262*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1263*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1264*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1265*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1266*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1267*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1268*62c56f98SSadaf Ebrahimi 1269*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1270*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1271*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1272*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1273*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \ 1274*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ 1275*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1276*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1277*62c56f98SSadaf Ebrahimi 1 \ 1278*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1279*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1280*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1281*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1282*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1283*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1284*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1285*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1286*62c56f98SSadaf Ebrahimi 1287*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1288*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1289*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1290*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1291*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1292*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/all, good" \ 1293*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1294*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1295*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1296*62c56f98SSadaf Ebrahimi 0 \ 1297*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1298*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1299*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1300*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1301*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1302*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1303*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1304*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1305*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1306*62c56f98SSadaf Ebrahimi 1307*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1308*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1309*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1310*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1311*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1312*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \ 1313*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1314*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1315*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1316*62c56f98SSadaf Ebrahimi 0 \ 1317*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1318*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1319*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1320*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1321*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1322*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1323*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1324*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1325*62c56f98SSadaf Ebrahimi 1326*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1327*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1328*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1329*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1330*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1331*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \ 1332*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1333*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1334*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1335*62c56f98SSadaf Ebrahimi 1 \ 1336*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1337*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1338*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1339*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1340*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1341*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1342*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1343*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1344*62c56f98SSadaf Ebrahimi 1345*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1346*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1347*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1348*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1349*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1350*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/all, good" \ 1351*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1352*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1353*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1354*62c56f98SSadaf Ebrahimi 0 \ 1355*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1356*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1357*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1358*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1359*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1360*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1361*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1362*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1363*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1364*62c56f98SSadaf Ebrahimi 1365*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1366*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1367*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1368*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1369*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1370*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \ 1371*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1372*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1373*62c56f98SSadaf Ebrahimi -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1374*62c56f98SSadaf Ebrahimi 0 \ 1375*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1376*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1377*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1378*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1379*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1380*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1381*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1382*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1383*62c56f98SSadaf Ebrahimi 1384*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1385*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1386*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1387*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1388*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1389*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \ 1390*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 1391*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1392*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1393*62c56f98SSadaf Ebrahimi 1 \ 1394*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1395*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1396*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1397*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1398*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1399*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1400*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1401*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1402*62c56f98SSadaf Ebrahimi 1403*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1404*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1405*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1406*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1407*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \ 1408*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1409*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg \ 1410*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1411*62c56f98SSadaf Ebrahimi 0 \ 1412*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1413*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1414*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1415*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 1416*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1417*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1418*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1419*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1420*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1421*62c56f98SSadaf Ebrahimi 1422*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1423*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1424*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1425*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1426*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \ 1427*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1428*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1429*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1430*62c56f98SSadaf Ebrahimi 0 \ 1431*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1432*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1433*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1434*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1435*62c56f98SSadaf Ebrahimi -s "Pre shared key found" \ 1436*62c56f98SSadaf Ebrahimi -S "No matched PSK or ticket" \ 1437*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1438*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1439*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 1440*62c56f98SSadaf Ebrahimi 1441*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1442*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1443*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1444*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1445*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \ 1446*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ 1447*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ 1448*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1449*62c56f98SSadaf Ebrahimi 1 \ 1450*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 1451*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 1452*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 1453*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 1454*62c56f98SSadaf Ebrahimi -s "Invalid binder." \ 1455*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1456*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 1457*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1458*62c56f98SSadaf Ebrahimi 1459*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1460*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1461*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1462*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \ 1463*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 1464*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \ 1465*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1466*62c56f98SSadaf Ebrahimi 0 \ 1467*62c56f98SSadaf Ebrahimi -s "write selected_group: secp256r1" \ 1468*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1469*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1470*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1471*62c56f98SSadaf Ebrahimi 1472*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1473*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1474*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1475*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \ 1476*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 1477*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \ 1478*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1479*62c56f98SSadaf Ebrahimi 0 \ 1480*62c56f98SSadaf Ebrahimi -s "write selected_group: secp384r1" \ 1481*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1482*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1483*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1484*62c56f98SSadaf Ebrahimi 1485*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1486*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1487*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1488*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \ 1489*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 1490*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \ 1491*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1492*62c56f98SSadaf Ebrahimi 0 \ 1493*62c56f98SSadaf Ebrahimi -s "write selected_group: secp521r1" \ 1494*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1495*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1496*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1497*62c56f98SSadaf Ebrahimi 1498*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1499*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1500*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1501*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \ 1502*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 1503*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \ 1504*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1505*62c56f98SSadaf Ebrahimi 0 \ 1506*62c56f98SSadaf Ebrahimi -s "write selected_group: x25519" \ 1507*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1508*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1509*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1510*62c56f98SSadaf Ebrahimi 1511*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1512*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1513*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1514*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \ 1515*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ 1516*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \ 1517*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1518*62c56f98SSadaf Ebrahimi 0 \ 1519*62c56f98SSadaf Ebrahimi -s "write selected_group: x448" \ 1520*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1521*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1522*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1523*62c56f98SSadaf Ebrahimi 1524*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1525*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 1526*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1527*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \ 1528*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \ 1529*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \ 1530*62c56f98SSadaf Ebrahimi 0 \ 1531*62c56f98SSadaf Ebrahimi -s "write selected_group: secp384r1" \ 1532*62c56f98SSadaf Ebrahimi -s "HRR selected_group: secp384r1" \ 1533*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1534*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1535*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1536*62c56f98SSadaf Ebrahimi 1537*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 1538*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 1539*62c56f98SSadaf Ebrahimirequires_gnutls_next_no_ticket 1540*62c56f98SSadaf Ebrahimirequires_gnutls_next_disable_tls13_compat 1541*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1542*62c56f98SSadaf Ebrahimirequires_config_enabled PSA_WANT_ALG_ECDH 1543*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \ 1544*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \ 1545*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \ 1546*62c56f98SSadaf Ebrahimi 0 \ 1547*62c56f98SSadaf Ebrahimi -s "write selected_group: secp384r1" \ 1548*62c56f98SSadaf Ebrahimi -s "HRR selected_group: secp384r1" \ 1549*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 1550*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 1551*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 1552*62c56f98SSadaf Ebrahimi 1553*62c56f98SSadaf Ebrahimi 1554*62c56f98SSadaf Ebrahimi# Add psk test cases for mbedtls client code 1555*62c56f98SSadaf Ebrahimi 1556*62c56f98SSadaf Ebrahimi# MbedTls->MbedTLS kinds of tls13_kex_modes 1557*62c56f98SSadaf Ebrahimi# PSK mode in client 1558*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1559*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1560*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1561*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1562*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk, good" \ 1563*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1564*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1565*62c56f98SSadaf Ebrahimi 0 \ 1566*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1567*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1568*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1569*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 1570*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1571*62c56f98SSadaf Ebrahimi 1572*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1573*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1574*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1575*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1576*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \ 1577*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1578*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1579*62c56f98SSadaf Ebrahimi 1 \ 1580*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1581*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1582*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1583*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 1584*62c56f98SSadaf Ebrahimi 1585*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1586*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1587*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1588*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1589*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \ 1590*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1591*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1592*62c56f98SSadaf Ebrahimi 1 \ 1593*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1594*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1595*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1596*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1597*62c56f98SSadaf Ebrahimi 1598*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1599*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1600*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1601*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1602*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1603*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \ 1604*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1605*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1606*62c56f98SSadaf Ebrahimi 1 \ 1607*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1608*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1609*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1610*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1611*62c56f98SSadaf Ebrahimi 1612*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1613*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1614*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1615*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1616*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1617*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \ 1618*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1619*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1620*62c56f98SSadaf Ebrahimi 1 \ 1621*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1622*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1623*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1624*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1625*62c56f98SSadaf Ebrahimi 1626*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1627*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1628*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1629*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1630*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1631*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1632*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \ 1633*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1634*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1635*62c56f98SSadaf Ebrahimi 1 \ 1636*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1637*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1638*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1639*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1640*62c56f98SSadaf Ebrahimi 1641*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1642*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1643*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1644*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1645*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1646*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk_all, good" \ 1647*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1648*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1649*62c56f98SSadaf Ebrahimi 0 \ 1650*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1651*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1652*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1653*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 1654*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1655*62c56f98SSadaf Ebrahimi 1656*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1657*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1658*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1659*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1660*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1661*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \ 1662*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1663*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1664*62c56f98SSadaf Ebrahimi 1 \ 1665*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1666*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1667*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1668*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1669*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1670*62c56f98SSadaf Ebrahimi 1671*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1672*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1673*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1674*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1675*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1676*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \ 1677*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1678*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1679*62c56f98SSadaf Ebrahimi 1 \ 1680*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1681*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1682*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1683*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1684*62c56f98SSadaf Ebrahimi 1685*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1686*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1687*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1688*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1689*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1690*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1691*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/all, good" \ 1692*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1693*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1694*62c56f98SSadaf Ebrahimi 0 \ 1695*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1696*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1697*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1698*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 1699*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1700*62c56f98SSadaf Ebrahimi 1701*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1702*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1703*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1704*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1705*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1706*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1707*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \ 1708*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1709*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1710*62c56f98SSadaf Ebrahimi 1 \ 1711*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1712*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1713*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1714*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1715*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1716*62c56f98SSadaf Ebrahimi 1717*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1718*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1719*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1720*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1721*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1722*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1723*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \ 1724*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1725*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1726*62c56f98SSadaf Ebrahimi 1 \ 1727*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1728*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1729*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1730*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1731*62c56f98SSadaf Ebrahimi 1732*62c56f98SSadaf Ebrahimi# psk_ephemeral mode in client 1733*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1734*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1735*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1736*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1737*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1738*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \ 1739*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1740*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1741*62c56f98SSadaf Ebrahimi 1 \ 1742*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1743*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1744*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1745*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1746*62c56f98SSadaf Ebrahimi 1747*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1748*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1749*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1750*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1751*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \ 1752*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1753*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1754*62c56f98SSadaf Ebrahimi 0 \ 1755*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1756*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1757*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1758*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 1759*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1760*62c56f98SSadaf Ebrahimi 1761*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1762*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1763*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1764*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1765*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \ 1766*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1767*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1768*62c56f98SSadaf Ebrahimi 1 \ 1769*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1770*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1771*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1772*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1773*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1774*62c56f98SSadaf Ebrahimi 1775*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1776*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1777*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1778*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1779*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \ 1780*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1781*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \ 1782*62c56f98SSadaf Ebrahimi 1 \ 1783*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1784*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1785*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1786*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1787*62c56f98SSadaf Ebrahimi 1788*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1789*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1790*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1791*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1792*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1793*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1794*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \ 1795*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1796*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1797*62c56f98SSadaf Ebrahimi 1 \ 1798*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1799*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1800*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" 1801*62c56f98SSadaf Ebrahimi 1802*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1803*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1804*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1805*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1806*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1807*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \ 1808*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1809*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1810*62c56f98SSadaf Ebrahimi 0 \ 1811*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1812*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1813*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1814*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 1815*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1816*62c56f98SSadaf Ebrahimi 1817*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1818*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1819*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1820*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1821*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1822*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1823*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \ 1824*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1825*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1826*62c56f98SSadaf Ebrahimi 1 \ 1827*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1828*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1829*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1830*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 1831*62c56f98SSadaf Ebrahimi 1832*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1833*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1834*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1835*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1836*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1837*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \ 1838*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1839*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \ 1840*62c56f98SSadaf Ebrahimi 1 \ 1841*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1842*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1843*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1844*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1845*62c56f98SSadaf Ebrahimi 1846*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1847*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1848*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1849*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1850*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1851*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \ 1852*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1853*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1854*62c56f98SSadaf Ebrahimi 0 \ 1855*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1856*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1857*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1858*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 1859*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1860*62c56f98SSadaf Ebrahimi 1861*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1862*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1863*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1864*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1865*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1866*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \ 1867*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1868*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1869*62c56f98SSadaf Ebrahimi 1 \ 1870*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1871*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1872*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1873*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1874*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1875*62c56f98SSadaf Ebrahimi 1876*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1877*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1878*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1879*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1880*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1881*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \ 1882*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1883*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1884*62c56f98SSadaf Ebrahimi 1 \ 1885*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1886*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1887*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1888*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1889*62c56f98SSadaf Ebrahimi 1890*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1891*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1892*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1893*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1894*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1895*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1896*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/all, good" \ 1897*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1898*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1899*62c56f98SSadaf Ebrahimi 0 \ 1900*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1901*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1902*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1903*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 1904*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1905*62c56f98SSadaf Ebrahimi 1906*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1907*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1908*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1909*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1910*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1911*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1912*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \ 1913*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1914*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1915*62c56f98SSadaf Ebrahimi 1 \ 1916*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1917*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1918*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1919*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 1920*62c56f98SSadaf Ebrahimi 1921*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1922*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1923*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1924*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1925*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1926*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1927*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \ 1928*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 1929*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1930*62c56f98SSadaf Ebrahimi 1 \ 1931*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 1932*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 1933*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 1934*62c56f98SSadaf Ebrahimi -s "Invalid binder." 1935*62c56f98SSadaf Ebrahimi 1936*62c56f98SSadaf Ebrahimi# ephemeral mode in client 1937*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1938*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1939*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1940*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1941*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1942*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \ 1943*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1944*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1945*62c56f98SSadaf Ebrahimi 1 \ 1946*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1947*62c56f98SSadaf Ebrahimi 1948*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1949*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1950*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1951*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1952*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1953*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \ 1954*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1955*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1956*62c56f98SSadaf Ebrahimi 1 \ 1957*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1958*62c56f98SSadaf Ebrahimi 1959*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1960*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1961*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1962*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1963*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \ 1964*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1965*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1966*62c56f98SSadaf Ebrahimi 0 \ 1967*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 1968*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1969*62c56f98SSadaf Ebrahimi 1970*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1971*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1972*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1973*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1974*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1975*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \ 1976*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1977*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1978*62c56f98SSadaf Ebrahimi 0 \ 1979*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 1980*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 1981*62c56f98SSadaf Ebrahimi 1982*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1983*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1984*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1985*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1986*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1987*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1988*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \ 1989*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1990*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1991*62c56f98SSadaf Ebrahimi 1 \ 1992*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 1993*62c56f98SSadaf Ebrahimi 1994*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1995*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 1996*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 1997*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1998*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1999*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2000*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral/all, good" \ 2001*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2002*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2003*62c56f98SSadaf Ebrahimi 0 \ 2004*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2005*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2006*62c56f98SSadaf Ebrahimi 2007*62c56f98SSadaf Ebrahimi# ephemeral_all mode in client 2008*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2009*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2010*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2011*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2012*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2013*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2014*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \ 2015*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2016*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2017*62c56f98SSadaf Ebrahimi 1 \ 2018*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2019*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2020*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2021*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2022*62c56f98SSadaf Ebrahimi 2023*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2024*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2025*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2026*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2027*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2028*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \ 2029*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2030*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2031*62c56f98SSadaf Ebrahimi 0 \ 2032*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2033*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2034*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2035*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2036*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2037*62c56f98SSadaf Ebrahimi 2038*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2039*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2040*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2041*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2042*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2043*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ 2044*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2045*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 2046*62c56f98SSadaf Ebrahimi 1 \ 2047*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2048*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2049*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2050*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 2051*62c56f98SSadaf Ebrahimi 2052*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2053*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2054*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2055*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2056*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2057*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ 2058*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2059*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2060*62c56f98SSadaf Ebrahimi 1 \ 2061*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2062*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2063*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2064*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2065*62c56f98SSadaf Ebrahimi 2066*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2067*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2068*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2069*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2070*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2071*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \ 2072*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2073*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2074*62c56f98SSadaf Ebrahimi 0 \ 2075*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2076*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2077*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2078*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 2079*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2080*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2081*62c56f98SSadaf Ebrahimi 2082*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2083*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2084*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2085*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2086*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2087*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \ 2088*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2089*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2090*62c56f98SSadaf Ebrahimi 0 \ 2091*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2092*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2093*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2094*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2095*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2096*62c56f98SSadaf Ebrahimi 2097*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2098*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2099*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2100*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2101*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2102*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \ 2103*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2104*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 2105*62c56f98SSadaf Ebrahimi 0 \ 2106*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2107*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2108*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2109*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2110*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 2111*62c56f98SSadaf Ebrahimi 2112*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2113*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2114*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2115*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2116*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2117*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ 2118*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2119*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2120*62c56f98SSadaf Ebrahimi 1 \ 2121*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2122*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2123*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2124*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2125*62c56f98SSadaf Ebrahimi 2126*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2127*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2128*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2129*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2130*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2131*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2132*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \ 2133*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2134*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2135*62c56f98SSadaf Ebrahimi 0 \ 2136*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2137*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2138*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2139*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2140*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2141*62c56f98SSadaf Ebrahimi 2142*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2143*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2144*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2145*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2146*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2147*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2148*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \ 2149*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2150*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 2151*62c56f98SSadaf Ebrahimi 1 \ 2152*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2153*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2154*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2155*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2156*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2157*62c56f98SSadaf Ebrahimi 2158*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2159*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2160*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2161*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2162*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2163*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2164*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \ 2165*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2166*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2167*62c56f98SSadaf Ebrahimi 1 \ 2168*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2169*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2170*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2171*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2172*62c56f98SSadaf Ebrahimi 2173*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2174*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2175*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2176*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2177*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2178*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2179*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/all, good" \ 2180*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2181*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2182*62c56f98SSadaf Ebrahimi 0 \ 2183*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2184*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2185*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2186*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2187*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2188*62c56f98SSadaf Ebrahimi 2189*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2190*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2191*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2192*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2193*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2194*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2195*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \ 2196*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2197*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 2198*62c56f98SSadaf Ebrahimi 0 \ 2199*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2200*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2201*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2202*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2203*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 2204*62c56f98SSadaf Ebrahimi 2205*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2206*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2207*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2208*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2209*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2210*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2211*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \ 2212*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2213*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2214*62c56f98SSadaf Ebrahimi 1 \ 2215*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2216*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2217*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2218*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2219*62c56f98SSadaf Ebrahimi 2220*62c56f98SSadaf Ebrahimi# psk_all mode in client 2221*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2222*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2223*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2224*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2225*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2226*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk, good" \ 2227*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2228*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2229*62c56f98SSadaf Ebrahimi 0 \ 2230*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2231*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2232*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2233*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 2234*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2235*62c56f98SSadaf Ebrahimi 2236*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2237*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2238*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2239*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2240*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2241*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \ 2242*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2243*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 2244*62c56f98SSadaf Ebrahimi 1 \ 2245*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2246*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2247*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2248*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2249*62c56f98SSadaf Ebrahimi 2250*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2251*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2252*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2253*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2254*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2255*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \ 2256*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2257*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2258*62c56f98SSadaf Ebrahimi 1 \ 2259*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2260*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2261*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2262*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2263*62c56f98SSadaf Ebrahimi 2264*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2265*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2266*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2267*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2268*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2269*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \ 2270*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2271*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2272*62c56f98SSadaf Ebrahimi 0 \ 2273*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2274*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2275*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2276*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2277*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2278*62c56f98SSadaf Ebrahimi 2279*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2280*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2281*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2282*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2283*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2284*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \ 2285*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2286*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 2287*62c56f98SSadaf Ebrahimi 1 \ 2288*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2289*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2290*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2291*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2292*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2293*62c56f98SSadaf Ebrahimi 2294*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2295*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2296*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2297*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2298*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2299*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \ 2300*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2301*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2302*62c56f98SSadaf Ebrahimi 1 \ 2303*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2304*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2305*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2306*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2307*62c56f98SSadaf Ebrahimi 2308*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2309*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2310*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2311*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2312*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2313*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2314*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \ 2315*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2316*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2317*62c56f98SSadaf Ebrahimi 1 \ 2318*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2319*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2320*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" 2321*62c56f98SSadaf Ebrahimi 2322*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2323*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2324*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2325*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2326*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2327*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2328*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \ 2329*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2330*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2331*62c56f98SSadaf Ebrahimi 0 \ 2332*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2333*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2334*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2335*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2336*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2337*62c56f98SSadaf Ebrahimi 2338*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2339*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2340*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2341*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2342*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2343*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2344*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \ 2345*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2346*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 2347*62c56f98SSadaf Ebrahimi 1 \ 2348*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2349*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2350*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2351*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 2352*62c56f98SSadaf Ebrahimi 2353*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2354*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2355*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2356*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2357*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2358*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2359*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \ 2360*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2361*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2362*62c56f98SSadaf Ebrahimi 1 \ 2363*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2364*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2365*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2366*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2367*62c56f98SSadaf Ebrahimi 2368*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2369*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2370*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2371*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2372*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2373*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_all, good" \ 2374*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2375*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2376*62c56f98SSadaf Ebrahimi 0 \ 2377*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2378*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2379*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2380*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2381*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2382*62c56f98SSadaf Ebrahimi 2383*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2384*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2385*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2386*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2387*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2388*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \ 2389*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2390*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 2391*62c56f98SSadaf Ebrahimi 1 \ 2392*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2393*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2394*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2395*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2396*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2397*62c56f98SSadaf Ebrahimi 2398*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2399*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2400*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2401*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2402*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2403*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \ 2404*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2405*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2406*62c56f98SSadaf Ebrahimi 1 \ 2407*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2408*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2409*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2410*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2411*62c56f98SSadaf Ebrahimi 2412*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2413*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2414*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2415*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2416*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2417*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2418*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/all, good" \ 2419*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2420*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2421*62c56f98SSadaf Ebrahimi 0 \ 2422*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2423*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2424*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2425*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2426*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2427*62c56f98SSadaf Ebrahimi 2428*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2429*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2430*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2431*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2432*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2433*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2434*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \ 2435*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2436*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 2437*62c56f98SSadaf Ebrahimi 1 \ 2438*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2439*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2440*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2441*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 2442*62c56f98SSadaf Ebrahimi 2443*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2444*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2445*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2446*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2447*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2448*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2449*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \ 2450*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2451*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2452*62c56f98SSadaf Ebrahimi 1 \ 2453*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2454*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2455*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2456*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2457*62c56f98SSadaf Ebrahimi 2458*62c56f98SSadaf Ebrahimi# all mode in client 2459*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2460*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2461*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2462*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2463*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2464*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2465*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk, good" \ 2466*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2467*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2468*62c56f98SSadaf Ebrahimi 0 \ 2469*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2470*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2471*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2472*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 2473*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2474*62c56f98SSadaf Ebrahimi 2475*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2476*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2477*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2478*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2479*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2480*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2481*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \ 2482*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2483*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 2484*62c56f98SSadaf Ebrahimi 1 \ 2485*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2486*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2487*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2488*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2489*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2490*62c56f98SSadaf Ebrahimi 2491*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2492*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2493*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2494*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2495*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2496*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2497*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \ 2498*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2499*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 2500*62c56f98SSadaf Ebrahimi 1 \ 2501*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2502*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2503*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2504*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2505*62c56f98SSadaf Ebrahimi 2506*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2507*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2508*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2509*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2510*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2511*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2512*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_ephemeral, good" \ 2513*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2514*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2515*62c56f98SSadaf Ebrahimi 0 \ 2516*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2517*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2518*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2519*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2520*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2521*62c56f98SSadaf Ebrahimi 2522*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2523*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2524*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2525*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2526*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2527*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2528*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \ 2529*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2530*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 2531*62c56f98SSadaf Ebrahimi 1 \ 2532*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2533*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2534*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2535*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2536*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2537*62c56f98SSadaf Ebrahimi 2538*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2539*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2540*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2541*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2542*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2543*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2544*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \ 2545*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2546*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 2547*62c56f98SSadaf Ebrahimi 1 \ 2548*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2549*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2550*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2551*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2552*62c56f98SSadaf Ebrahimi 2553*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2554*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2555*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2556*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2557*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2558*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2559*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/ephemeral, good" \ 2560*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2561*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2562*62c56f98SSadaf Ebrahimi 0 \ 2563*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2564*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2565*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2566*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2567*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2568*62c56f98SSadaf Ebrahimi 2569*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2570*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2571*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2572*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2573*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2574*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2575*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/ephemeral_all, good" \ 2576*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2577*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2578*62c56f98SSadaf Ebrahimi 0 \ 2579*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2580*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2581*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2582*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2583*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2584*62c56f98SSadaf Ebrahimi 2585*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2586*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2587*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2588*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2589*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2590*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2591*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \ 2592*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2593*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 2594*62c56f98SSadaf Ebrahimi 0 \ 2595*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2596*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2597*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2598*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2599*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2600*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2601*62c56f98SSadaf Ebrahimi 2602*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2603*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2604*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2605*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2606*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2607*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2608*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \ 2609*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2610*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 2611*62c56f98SSadaf Ebrahimi 1 \ 2612*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2613*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2614*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2615*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2616*62c56f98SSadaf Ebrahimi 2617*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2618*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2619*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2620*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2621*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2622*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2623*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_all, good" \ 2624*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2625*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2626*62c56f98SSadaf Ebrahimi 0 \ 2627*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2628*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2629*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2630*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2631*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2632*62c56f98SSadaf Ebrahimi 2633*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2634*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2635*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2636*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2637*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2638*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2639*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \ 2640*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2641*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 2642*62c56f98SSadaf Ebrahimi 1 \ 2643*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2644*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2645*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2646*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2647*62c56f98SSadaf Ebrahimi -s "ClientHello message misses mandatory extensions." 2648*62c56f98SSadaf Ebrahimi 2649*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2650*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2651*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2652*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2653*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2654*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2655*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \ 2656*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2657*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 2658*62c56f98SSadaf Ebrahimi 1 \ 2659*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2660*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2661*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2662*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2663*62c56f98SSadaf Ebrahimi 2664*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2665*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2666*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2667*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2668*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2669*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2670*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/all, good" \ 2671*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2672*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2673*62c56f98SSadaf Ebrahimi 0 \ 2674*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2675*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2676*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2677*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2678*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2679*62c56f98SSadaf Ebrahimi 2680*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2681*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2682*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2683*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2684*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2685*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2686*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \ 2687*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2688*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 2689*62c56f98SSadaf Ebrahimi 0 \ 2690*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2691*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2692*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2693*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" \ 2694*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" 2695*62c56f98SSadaf Ebrahimi 2696*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2697*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 2698*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2699*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2700*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2701*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2702*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \ 2703*62c56f98SSadaf Ebrahimi "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2704*62c56f98SSadaf Ebrahimi "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 2705*62c56f98SSadaf Ebrahimi 1 \ 2706*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2707*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2708*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2709*62c56f98SSadaf Ebrahimi -s "Invalid binder." 2710*62c56f98SSadaf Ebrahimi 2711*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER psk mode 2712*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 2713*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2714*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2715*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2716*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2717*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2718*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk/all, good" \ 2719*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 2720*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2721*62c56f98SSadaf Ebrahimi 0 \ 2722*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2723*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2724*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2725*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2726*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2727*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 2728*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2729*62c56f98SSadaf Ebrahimi 2730*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 2731*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2732*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2733*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2734*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2735*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2736*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \ 2737*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2738*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2739*62c56f98SSadaf Ebrahimi 1 \ 2740*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2741*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2742*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2743*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2744*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2745*62c56f98SSadaf Ebrahimi -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" 2746*62c56f98SSadaf Ebrahimi 2747*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER psk_all mode 2748*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2749*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2750*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2751*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2752*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2753*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2754*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2755*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk_all/all, good" \ 2756*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 2757*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2758*62c56f98SSadaf Ebrahimi 0 \ 2759*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2760*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2761*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2762*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2763*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2764*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2765*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2766*62c56f98SSadaf Ebrahimi 2767*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2768*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2769*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2770*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2771*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2772*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2773*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2774*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \ 2775*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2776*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2777*62c56f98SSadaf Ebrahimi 0 \ 2778*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2779*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2780*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2781*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2782*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2783*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2784*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2785*62c56f98SSadaf Ebrahimi 2786*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER psk_ephemeral mode 2787*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2788*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2789*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2790*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2791*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2792*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2793*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk_ephemeral/all, good" \ 2794*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 2795*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2796*62c56f98SSadaf Ebrahimi 0 \ 2797*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2798*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2799*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2800*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2801*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2802*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2803*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2804*62c56f98SSadaf Ebrahimi 2805*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2806*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2807*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2808*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2809*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2810*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2811*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \ 2812*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2813*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 2814*62c56f98SSadaf Ebrahimi 0 \ 2815*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2816*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2817*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2818*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2819*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2820*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2821*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2822*62c56f98SSadaf Ebrahimi 2823*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER ephemeral mode 2824*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2825*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2826*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2827*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2828*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2829*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2830*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: ephemeral/all, good" \ 2831*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \ 2832*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2833*62c56f98SSadaf Ebrahimi 0 \ 2834*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2835*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2836*62c56f98SSadaf Ebrahimi 2837*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2838*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2839*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2840*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2841*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2842*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2843*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \ 2844*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2845*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 2846*62c56f98SSadaf Ebrahimi 0 \ 2847*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 2848*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2849*62c56f98SSadaf Ebrahimi 2850*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER ephemeral_all mode 2851*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2852*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2853*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2854*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2855*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2856*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2857*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2858*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: ephemeral_all/all, good" \ 2859*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 2860*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2861*62c56f98SSadaf Ebrahimi 0 \ 2862*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2863*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2864*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2865*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2866*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2867*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2868*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2869*62c56f98SSadaf Ebrahimi 2870*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2871*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2872*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2873*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2874*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2875*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2876*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2877*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \ 2878*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2879*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 2880*62c56f98SSadaf Ebrahimi 0 \ 2881*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2882*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2883*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2884*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2885*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2886*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2887*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2888*62c56f98SSadaf Ebrahimi 2889*62c56f98SSadaf Ebrahimi#OPENSSL-SERVER all mode 2890*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2891*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2892*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2893*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2894*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2895*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2896*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2897*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2898*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: all/all, good" \ 2899*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 2900*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2901*62c56f98SSadaf Ebrahimi 0 \ 2902*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2903*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2904*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2905*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2906*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2907*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2908*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2909*62c56f98SSadaf Ebrahimi 2910*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3_with_compatible_ephemeral 2911*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2912*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2913*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2914*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2915*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2916*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 2917*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2918*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->O: all/ephemeral_all, good" \ 2919*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ 2920*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 2921*62c56f98SSadaf Ebrahimi 0 \ 2922*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2923*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2924*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2925*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2926*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2927*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2928*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 ok" 2929*62c56f98SSadaf Ebrahimi 2930*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER psk mode 2931*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2932*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 2933*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2934*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2935*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2936*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2937*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk/all, good" \ 2938*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 2939*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2940*62c56f98SSadaf Ebrahimi 0 \ 2941*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2942*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2943*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2944*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2945*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 2946*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 2947*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2948*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk$" \ 2949*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2950*62c56f98SSadaf Ebrahimi 2951*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2952*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 2953*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2954*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2955*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2956*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2957*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \ 2958*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 2959*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 2960*62c56f98SSadaf Ebrahimi 1 \ 2961*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2962*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2963*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2964*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2965*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 2966*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 2967*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2968*62c56f98SSadaf Ebrahimi -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" 2969*62c56f98SSadaf Ebrahimi 2970*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER psk_all mode 2971*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2972*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 2973*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2974*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2975*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2976*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2977*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2978*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk_all/all, good" \ 2979*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 2980*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 2981*62c56f98SSadaf Ebrahimi 0 \ 2982*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 2983*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 2984*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 2985*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 2986*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 2987*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 2988*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 2989*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 2990*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 2991*62c56f98SSadaf Ebrahimi 2992*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2993*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 2994*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 2995*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 2996*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 2997*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 2998*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 2999*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \ 3000*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 3001*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 3002*62c56f98SSadaf Ebrahimi 0 \ 3003*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3004*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3005*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3006*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3007*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3008*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3009*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3010*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3011*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3012*62c56f98SSadaf Ebrahimi 3013*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER psk_ephemeral mode 3014*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3015*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3016*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3017*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3018*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3019*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3020*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk_ephemeral/all, good" \ 3021*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 3022*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 3023*62c56f98SSadaf Ebrahimi 0 \ 3024*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3025*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3026*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3027*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3028*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3029*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3030*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3031*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3032*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3033*62c56f98SSadaf Ebrahimi 3034*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3035*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3036*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3037*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3038*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3039*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3040*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \ 3041*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 3042*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 3043*62c56f98SSadaf Ebrahimi 0 \ 3044*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3045*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3046*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3047*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3048*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3049*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3050*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3051*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3052*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3053*62c56f98SSadaf Ebrahimi 3054*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER ephemeral mode 3055*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3056*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3057*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3058*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3059*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3060*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3061*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: ephemeral/all, good" \ 3062*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 3063*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 3064*62c56f98SSadaf Ebrahimi 0 \ 3065*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 3066*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3067*62c56f98SSadaf Ebrahimi 3068*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3069*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3070*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3071*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3072*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3073*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3074*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \ 3075*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 3076*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 3077*62c56f98SSadaf Ebrahimi 0 \ 3078*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: ephemeral" \ 3079*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3080*62c56f98SSadaf Ebrahimi 3081*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER ephemeral_all mode 3082*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3083*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3084*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3085*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3086*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3087*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3088*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3089*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: ephemeral_all/all, good" \ 3090*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 3091*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 3092*62c56f98SSadaf Ebrahimi 0 \ 3093*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3094*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3095*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3096*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3097*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3098*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3099*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3100*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3101*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3102*62c56f98SSadaf Ebrahimi 3103*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3104*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3105*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3106*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3107*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3108*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3109*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3110*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \ 3111*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 3112*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 3113*62c56f98SSadaf Ebrahimi 0 \ 3114*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3115*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3116*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3117*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3118*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3119*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3120*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3121*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3122*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3123*62c56f98SSadaf Ebrahimi 3124*62c56f98SSadaf Ebrahimi#GNUTLS-SERVER all mode 3125*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3126*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3127*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3128*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3129*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3130*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 3131*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3132*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3133*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: all/all, good" \ 3134*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ 3135*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 3136*62c56f98SSadaf Ebrahimi 0 \ 3137*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3138*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3139*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3140*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3141*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3142*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3143*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3144*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3145*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3146*62c56f98SSadaf Ebrahimi 3147*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 3148*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 3149*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 3150*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 3151*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 3152*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 3153*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3154*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 3155*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: m->G: all/ephemeral_all, good" \ 3156*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ 3157*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 3158*62c56f98SSadaf Ebrahimi 0 \ 3159*62c56f98SSadaf Ebrahimi -c "=> write client hello" \ 3160*62c56f98SSadaf Ebrahimi -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ 3161*62c56f98SSadaf Ebrahimi -c "client hello, adding psk_key_exchange_modes extension" \ 3162*62c56f98SSadaf Ebrahimi -c "client hello, adding PSK binder list" \ 3163*62c56f98SSadaf Ebrahimi -s "Parsing extension 'PSK Key Exchange Modes/45'" \ 3164*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Pre Shared Key/41'" \ 3165*62c56f98SSadaf Ebrahimi -c "<= write client hello" \ 3166*62c56f98SSadaf Ebrahimi -c "Selected key exchange mode: psk_ephemeral" \ 3167*62c56f98SSadaf Ebrahimi -c "HTTP/1.0 200 OK" 3168