1#!/bin/sh 2 3# tls13-misc.sh 4# 5# Copyright The Mbed TLS Contributors 6# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7# 8 9requires_gnutls_tls1_3 10requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 11requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 12requires_config_enabled MBEDTLS_SSL_SRV_C 13requires_config_enabled MBEDTLS_DEBUG_C 14requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 15 16run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \ 17 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 18 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 19 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 20 localhost" \ 21 1 \ 22 -s "found psk key exchange modes extension" \ 23 -s "found pre_shared_key extension" \ 24 -s "Found PSK_EPHEMERAL KEX MODE" \ 25 -s "Found PSK KEX MODE" \ 26 -s "No matched ciphersuite" 27 28requires_openssl_tls1_3 29requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 30requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 31requires_config_enabled MBEDTLS_SSL_SRV_C 32requires_config_enabled MBEDTLS_DEBUG_C 33requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 34 35run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \ 36 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 37 "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\ 38 -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 39 1 \ 40 -s "found psk key exchange modes extension" \ 41 -s "found pre_shared_key extension" \ 42 -s "Found PSK_EPHEMERAL KEX MODE" \ 43 -s "Found PSK KEX MODE" \ 44 -s "No matched ciphersuite" 45 46requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 47 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 48 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 49run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \ 50 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \ 51 "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 52 0 \ 53 -c "Pre-configured PSK number = 2" \ 54 -s "sent selected_identity: 0" \ 55 -s "key exchange mode: psk_ephemeral" \ 56 -S "key exchange mode: psk$" \ 57 -S "key exchange mode: ephemeral$" \ 58 -S "ticket is not authentic" 59 60requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 61 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 62 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 63run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \ 64 "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \ 65 "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 66 0 \ 67 -c "Pre-configured PSK number = 2" \ 68 -s "sent selected_identity: 1" \ 69 -s "key exchange mode: psk_ephemeral" \ 70 -S "key exchange mode: psk$" \ 71 -S "key exchange mode: ephemeral$" \ 72 -s "ticket is not authentic" 73 74requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 75 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 76 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 77 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 78run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \ 79 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=1" \ 80 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 81 0 \ 82 -c "Pre-configured PSK number = 1" \ 83 -S "sent selected_identity:" \ 84 -s "key exchange mode: ephemeral" \ 85 -S "key exchange mode: psk_ephemeral" \ 86 -S "key exchange mode: psk$" \ 87 -s "ticket is not authentic" \ 88 -S "ticket is expired" \ 89 -S "Invalid ticket start time" \ 90 -S "Ticket age exceeds limitation" \ 91 -S "Ticket age outside tolerance window" 92 93requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 94 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 95 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 96 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 97run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \ 98 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=2" \ 99 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 100 0 \ 101 -c "Pre-configured PSK number = 1" \ 102 -S "sent selected_identity:" \ 103 -s "key exchange mode: ephemeral" \ 104 -S "key exchange mode: psk_ephemeral" \ 105 -S "key exchange mode: psk$" \ 106 -S "ticket is not authentic" \ 107 -s "ticket is expired" \ 108 -S "Invalid ticket start time" \ 109 -S "Ticket age exceeds limitation" \ 110 -S "Ticket age outside tolerance window" 111 112requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 113 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 114 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 115 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 116run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \ 117 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=3" \ 118 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 119 0 \ 120 -c "Pre-configured PSK number = 1" \ 121 -S "sent selected_identity:" \ 122 -s "key exchange mode: ephemeral" \ 123 -S "key exchange mode: psk_ephemeral" \ 124 -S "key exchange mode: psk$" \ 125 -S "ticket is not authentic" \ 126 -S "ticket is expired" \ 127 -s "Invalid ticket start time" \ 128 -S "Ticket age exceeds limitation" \ 129 -S "Ticket age outside tolerance window" 130 131requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 132 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 133 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 134 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 135run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \ 136 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=4" \ 137 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 138 0 \ 139 -c "Pre-configured PSK number = 1" \ 140 -S "sent selected_identity:" \ 141 -s "key exchange mode: ephemeral" \ 142 -S "key exchange mode: psk_ephemeral" \ 143 -S "key exchange mode: psk$" \ 144 -S "ticket is not authentic" \ 145 -S "ticket is expired" \ 146 -S "Invalid ticket start time" \ 147 -s "Ticket age exceeds limitation" \ 148 -S "Ticket age outside tolerance window" 149 150requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 151 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 152 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 153 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 154run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \ 155 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=5" \ 156 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 157 0 \ 158 -c "Pre-configured PSK number = 1" \ 159 -S "sent selected_identity:" \ 160 -s "key exchange mode: ephemeral" \ 161 -S "key exchange mode: psk_ephemeral" \ 162 -S "key exchange mode: psk$" \ 163 -S "ticket is not authentic" \ 164 -S "ticket is expired" \ 165 -S "Invalid ticket start time" \ 166 -S "Ticket age exceeds limitation" \ 167 -s "Ticket age outside tolerance window" 168 169requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 170 MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 171 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 172 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 173run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \ 174 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=6" \ 175 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 176 0 \ 177 -c "Pre-configured PSK number = 1" \ 178 -S "sent selected_identity:" \ 179 -s "key exchange mode: ephemeral" \ 180 -S "key exchange mode: psk_ephemeral" \ 181 -S "key exchange mode: psk$" \ 182 -S "ticket is not authentic" \ 183 -S "ticket is expired" \ 184 -S "Invalid ticket start time" \ 185 -S "Ticket age exceeds limitation" \ 186 -s "Ticket age outside tolerance window" 187 188requires_gnutls_tls1_3 189requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 190requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 191run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \ 192 "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 193 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 194 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 195 localhost" \ 196 1 \ 197 -s "found psk key exchange modes extension" \ 198 -s "found pre_shared_key extension" \ 199 -s "Found PSK_EPHEMERAL KEX MODE" \ 200 -S "Found PSK KEX MODE" \ 201 -S "key exchange mode: psk$" \ 202 -S "key exchange mode: psk_ephemeral" \ 203 -S "key exchange mode: ephemeral" 204 205requires_gnutls_tls1_3 206requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 207 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 208 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 209requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 210 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 211run_test "TLS 1.3: G->m: PSK: configured psk only, good." \ 212 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 213 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 214 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 215 localhost" \ 216 0 \ 217 -s "found psk key exchange modes extension" \ 218 -s "found pre_shared_key extension" \ 219 -s "Found PSK_EPHEMERAL KEX MODE" \ 220 -s "Found PSK KEX MODE" \ 221 -s "key exchange mode: psk$" 222 223requires_gnutls_tls1_3 224requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 225 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 226 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 227requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 228 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 229run_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \ 230 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 231 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 232 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 233 localhost" \ 234 0 \ 235 -s "found psk key exchange modes extension" \ 236 -s "found pre_shared_key extension" \ 237 -s "Found PSK_EPHEMERAL KEX MODE" \ 238 -s "Found PSK KEX MODE" \ 239 -s "key exchange mode: psk_ephemeral$" 240 241requires_gnutls_tls1_3 242requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 243 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 244 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 245requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 246 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 247run_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \ 248 "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 249 "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 250 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 251 localhost" \ 252 0 \ 253 -s "key exchange mode: ephemeral$" 254 255requires_gnutls_tls1_3 256requires_config_enabled MBEDTLS_DEBUG_C 257requires_config_enabled MBEDTLS_SSL_CLI_C 258requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 259 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 260 MBEDTLS_SSL_EARLY_DATA 261requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 262 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 263run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ 264 "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \ 265 "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ 266 0 \ 267 -c "Reconnecting with saved session" \ 268 -c "NewSessionTicket: early_data(42) extension received." \ 269 -c "ClientHello: early_data(42) extension exists." \ 270 -c "EncryptedExtensions: early_data(42) extension received." \ 271 -c "EncryptedExtensions: early_data(42) extension exists." \ 272 -c "<= write EndOfEarlyData" \ 273 -s "Parsing extension 'Early Data/42' (0 bytes)" \ 274 -s "Sending extension Early Data/42 (0 bytes)" \ 275 -s "END OF EARLY DATA (5) was received." \ 276 -s "early data accepted" 277 278requires_gnutls_tls1_3 279requires_config_enabled MBEDTLS_DEBUG_C 280requires_config_enabled MBEDTLS_SSL_CLI_C 281requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 282 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 283 MBEDTLS_SSL_EARLY_DATA 284requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 285 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 286run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ 287 "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \ 288 "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \ 289 0 \ 290 -c "Reconnecting with saved session" \ 291 -C "NewSessionTicket: early_data(42) extension received." \ 292 -c "ClientHello: early_data(42) extension does not exist." \ 293 -C "EncryptedExtensions: early_data(42) extension received." \ 294 -C "EncryptedExtensions: early_data(42) extension exists." 295 296#TODO: OpenSSL tests don't work now. It might be openssl options issue, cause GnuTLS has worked. 297skip_next_test 298requires_openssl_tls1_3 299requires_config_enabled MBEDTLS_DEBUG_C 300requires_config_enabled MBEDTLS_SSL_CLI_C 301requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 302 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 303 MBEDTLS_SSL_EARLY_DATA 304requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 305 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 306run_test "TLS 1.3, ext PSK, early data" \ 307 "$O_NEXT_SRV_EARLY_DATA -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 308 "$P_CLI debug_level=5 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \ 309 1 \ 310 -c "Reconnecting with saved session" \ 311 -c "NewSessionTicket: early_data(42) extension received." \ 312 -c "ClientHello: early_data(42) extension exists." \ 313 -c "EncryptedExtensions: early_data(42) extension received." \ 314 -c "EncryptedExtensions: early_data(42) extension ( ignored )." 315 316requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 317 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 318 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 319 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 320run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/none." \ 321 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 322 "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 323 0 \ 324 -c "Pre-configured PSK number = 1" \ 325 -S "sent selected_identity:" \ 326 -s "key exchange mode: ephemeral" \ 327 -S "key exchange mode: psk_ephemeral" \ 328 -S "key exchange mode: psk$" \ 329 -s "No suitable key exchange mode" \ 330 -s "No matched PSK or ticket" 331 332requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 333 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 334 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 335 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 336run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \ 337 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 338 "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 339 0 \ 340 -c "Pre-configured PSK number = 1" \ 341 -S "No suitable key exchange mode" \ 342 -s "found matched identity" 343 344requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 345 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 346 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 347 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 348run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_ephemeral." \ 349 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 350 "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 351 0 \ 352 -c "Pre-configured PSK number = 1" \ 353 -S "sent selected_identity:" \ 354 -s "key exchange mode: ephemeral" \ 355 -S "key exchange mode: psk_ephemeral" \ 356 -S "key exchange mode: psk$" \ 357 -s "No suitable key exchange mode" \ 358 -s "No matched PSK or ticket" 359 360requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 361 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 362 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 363 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 364run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \ 365 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 366 "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 367 0 \ 368 -c "Pre-configured PSK number = 1" \ 369 -S "No suitable key exchange mode" \ 370 -s "found matched identity" 371 372requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 373 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 374 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 375 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 376run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/none." \ 377 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 378 "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 379 0 \ 380 -c "Pre-configured PSK number = 1" \ 381 -S "sent selected_identity:" \ 382 -s "key exchange mode: ephemeral" \ 383 -S "key exchange mode: psk_ephemeral" \ 384 -S "key exchange mode: psk$" \ 385 -s "No suitable key exchange mode" \ 386 -s "No matched PSK or ticket" 387 388requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 389 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 390 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 391 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 392run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk." \ 393 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 394 "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 395 0 \ 396 -c "Pre-configured PSK number = 1" \ 397 -S "sent selected_identity:" \ 398 -s "key exchange mode: ephemeral" \ 399 -S "key exchange mode: psk_ephemeral" \ 400 -S "key exchange mode: psk$" \ 401 -s "No suitable key exchange mode" \ 402 -s "No matched PSK or ticket" 403 404requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 405 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 406 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 407 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 408run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemeral." \ 409 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 410 "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 411 0 \ 412 -c "Pre-configured PSK number = 1" \ 413 -S "No suitable key exchange mode" \ 414 -s "found matched identity" 415 416requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 417 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 418 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 419 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 420run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \ 421 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 422 "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 423 0 \ 424 -c "Pre-configured PSK number = 1" \ 425 -S "No suitable key exchange mode" \ 426 -s "found matched identity" 427 428requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 429 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 430 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 431 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 432 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 433run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/none." \ 434 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 435 "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 436 0 \ 437 -c "Pre-configured PSK number = 1" \ 438 -S "sent selected_identity:" \ 439 -s "key exchange mode: ephemeral" \ 440 -S "key exchange mode: psk_ephemeral" \ 441 -S "key exchange mode: psk$" \ 442 -s "No suitable key exchange mode" \ 443 -s "No matched PSK or ticket" 444 445requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 446 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 447 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 448 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 449 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 450run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \ 451 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 452 "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 453 0 \ 454 -c "Pre-configured PSK number = 1" \ 455 -S "No suitable key exchange mode" \ 456 -s "found matched identity" 457 458requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 459 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 460 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 461 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 462 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 463run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \ 464 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 465 "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 466 0 \ 467 -c "Pre-configured PSK number = 1" \ 468 -S "No suitable key exchange mode" \ 469 -s "found matched identity" 470 471requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 472 MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 473 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 474 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 475 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 476run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ 477 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 478 "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 479 0 \ 480 -c "Pre-configured PSK number = 1" \ 481 -S "No suitable key exchange mode" \ 482 -s "found matched identity" 483 484