1*62c56f98SSadaf Ebrahimi#!/bin/sh 2*62c56f98SSadaf Ebrahimi 3*62c56f98SSadaf Ebrahimi# tls13-misc.sh 4*62c56f98SSadaf Ebrahimi# 5*62c56f98SSadaf Ebrahimi# Copyright The Mbed TLS Contributors 6*62c56f98SSadaf Ebrahimi# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7*62c56f98SSadaf Ebrahimi# 8*62c56f98SSadaf Ebrahimi 9*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 10*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 11*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 12*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 13*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 14*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 15*62c56f98SSadaf Ebrahimi 16*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \ 17*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 18*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ 19*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 20*62c56f98SSadaf Ebrahimi localhost" \ 21*62c56f98SSadaf Ebrahimi 1 \ 22*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 23*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 24*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 25*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 26*62c56f98SSadaf Ebrahimi -s "No matched ciphersuite" 27*62c56f98SSadaf Ebrahimi 28*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 29*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 30*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 31*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_SRV_C 32*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 33*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 34*62c56f98SSadaf Ebrahimi 35*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \ 36*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 37*62c56f98SSadaf Ebrahimi "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\ 38*62c56f98SSadaf Ebrahimi -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 39*62c56f98SSadaf Ebrahimi 1 \ 40*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 41*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 42*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 43*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 44*62c56f98SSadaf Ebrahimi -s "No matched ciphersuite" 45*62c56f98SSadaf Ebrahimi 46*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 47*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 48*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 49*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \ 50*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \ 51*62c56f98SSadaf Ebrahimi "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 52*62c56f98SSadaf Ebrahimi 0 \ 53*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 2" \ 54*62c56f98SSadaf Ebrahimi -s "sent selected_identity: 0" \ 55*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 56*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 57*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral$" \ 58*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" 59*62c56f98SSadaf Ebrahimi 60*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 61*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 62*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 63*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \ 64*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \ 65*62c56f98SSadaf Ebrahimi "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 66*62c56f98SSadaf Ebrahimi 0 \ 67*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 2" \ 68*62c56f98SSadaf Ebrahimi -s "sent selected_identity: 1" \ 69*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral" \ 70*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 71*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral$" \ 72*62c56f98SSadaf Ebrahimi -s "ticket is not authentic" 73*62c56f98SSadaf Ebrahimi 74*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 75*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 76*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 77*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 78*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \ 79*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=1" \ 80*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 81*62c56f98SSadaf Ebrahimi 0 \ 82*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 83*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 84*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 85*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 86*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 87*62c56f98SSadaf Ebrahimi -s "ticket is not authentic" \ 88*62c56f98SSadaf Ebrahimi -S "ticket is expired" \ 89*62c56f98SSadaf Ebrahimi -S "Invalid ticket start time" \ 90*62c56f98SSadaf Ebrahimi -S "Ticket age exceeds limitation" \ 91*62c56f98SSadaf Ebrahimi -S "Ticket age outside tolerance window" 92*62c56f98SSadaf Ebrahimi 93*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 94*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 95*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 96*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 97*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \ 98*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=2" \ 99*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 100*62c56f98SSadaf Ebrahimi 0 \ 101*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 102*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 103*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 104*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 105*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 106*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" \ 107*62c56f98SSadaf Ebrahimi -s "ticket is expired" \ 108*62c56f98SSadaf Ebrahimi -S "Invalid ticket start time" \ 109*62c56f98SSadaf Ebrahimi -S "Ticket age exceeds limitation" \ 110*62c56f98SSadaf Ebrahimi -S "Ticket age outside tolerance window" 111*62c56f98SSadaf Ebrahimi 112*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 113*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 114*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 115*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 116*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \ 117*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=3" \ 118*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 119*62c56f98SSadaf Ebrahimi 0 \ 120*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 121*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 122*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 123*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 124*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 125*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" \ 126*62c56f98SSadaf Ebrahimi -S "ticket is expired" \ 127*62c56f98SSadaf Ebrahimi -s "Invalid ticket start time" \ 128*62c56f98SSadaf Ebrahimi -S "Ticket age exceeds limitation" \ 129*62c56f98SSadaf Ebrahimi -S "Ticket age outside tolerance window" 130*62c56f98SSadaf Ebrahimi 131*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 132*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 133*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 134*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 135*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \ 136*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=4" \ 137*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 138*62c56f98SSadaf Ebrahimi 0 \ 139*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 140*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 141*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 142*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 143*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 144*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" \ 145*62c56f98SSadaf Ebrahimi -S "ticket is expired" \ 146*62c56f98SSadaf Ebrahimi -S "Invalid ticket start time" \ 147*62c56f98SSadaf Ebrahimi -s "Ticket age exceeds limitation" \ 148*62c56f98SSadaf Ebrahimi -S "Ticket age outside tolerance window" 149*62c56f98SSadaf Ebrahimi 150*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 151*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 152*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 153*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 154*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \ 155*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=5" \ 156*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 157*62c56f98SSadaf Ebrahimi 0 \ 158*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 159*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 160*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 161*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 162*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 163*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" \ 164*62c56f98SSadaf Ebrahimi -S "ticket is expired" \ 165*62c56f98SSadaf Ebrahimi -S "Invalid ticket start time" \ 166*62c56f98SSadaf Ebrahimi -S "Ticket age exceeds limitation" \ 167*62c56f98SSadaf Ebrahimi -s "Ticket age outside tolerance window" 168*62c56f98SSadaf Ebrahimi 169*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_SRV_C \ 170*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ 171*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 172*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 173*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \ 174*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=6" \ 175*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 176*62c56f98SSadaf Ebrahimi 0 \ 177*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 178*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 179*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 180*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 181*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 182*62c56f98SSadaf Ebrahimi -S "ticket is not authentic" \ 183*62c56f98SSadaf Ebrahimi -S "ticket is expired" \ 184*62c56f98SSadaf Ebrahimi -S "Invalid ticket start time" \ 185*62c56f98SSadaf Ebrahimi -S "Ticket age exceeds limitation" \ 186*62c56f98SSadaf Ebrahimi -s "Ticket age outside tolerance window" 187*62c56f98SSadaf Ebrahimi 188*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 189*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C 190*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 191*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \ 192*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ 193*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ 194*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 195*62c56f98SSadaf Ebrahimi localhost" \ 196*62c56f98SSadaf Ebrahimi 1 \ 197*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 198*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 199*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 200*62c56f98SSadaf Ebrahimi -S "Found PSK KEX MODE" \ 201*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 202*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 203*62c56f98SSadaf Ebrahimi -S "key exchange mode: ephemeral" 204*62c56f98SSadaf Ebrahimi 205*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 206*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 207*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 208*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 209*62c56f98SSadaf Ebrahimirequires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 210*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 211*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: PSK: configured psk only, good." \ 212*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 213*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 214*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 215*62c56f98SSadaf Ebrahimi localhost" \ 216*62c56f98SSadaf Ebrahimi 0 \ 217*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 218*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 219*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 220*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 221*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk$" 222*62c56f98SSadaf Ebrahimi 223*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 224*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 225*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 226*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 227*62c56f98SSadaf Ebrahimirequires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 228*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 229*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \ 230*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 231*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 232*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 233*62c56f98SSadaf Ebrahimi localhost" \ 234*62c56f98SSadaf Ebrahimi 0 \ 235*62c56f98SSadaf Ebrahimi -s "found psk key exchange modes extension" \ 236*62c56f98SSadaf Ebrahimi -s "found pre_shared_key extension" \ 237*62c56f98SSadaf Ebrahimi -s "Found PSK_EPHEMERAL KEX MODE" \ 238*62c56f98SSadaf Ebrahimi -s "Found PSK KEX MODE" \ 239*62c56f98SSadaf Ebrahimi -s "key exchange mode: psk_ephemeral$" 240*62c56f98SSadaf Ebrahimi 241*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 242*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C \ 243*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 244*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 245*62c56f98SSadaf Ebrahimirequires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 246*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 247*62c56f98SSadaf Ebrahimirun_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \ 248*62c56f98SSadaf Ebrahimi "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ 249*62c56f98SSadaf Ebrahimi "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ 250*62c56f98SSadaf Ebrahimi --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ 251*62c56f98SSadaf Ebrahimi localhost" \ 252*62c56f98SSadaf Ebrahimi 0 \ 253*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral$" 254*62c56f98SSadaf Ebrahimi 255*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 256*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 257*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 258*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 259*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 260*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_EARLY_DATA 261*62c56f98SSadaf Ebrahimirequires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 262*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 263*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->G: EarlyData: basic check, good" \ 264*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \ 265*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ 266*62c56f98SSadaf Ebrahimi 0 \ 267*62c56f98SSadaf Ebrahimi -c "Reconnecting with saved session" \ 268*62c56f98SSadaf Ebrahimi -c "NewSessionTicket: early_data(42) extension received." \ 269*62c56f98SSadaf Ebrahimi -c "ClientHello: early_data(42) extension exists." \ 270*62c56f98SSadaf Ebrahimi -c "EncryptedExtensions: early_data(42) extension received." \ 271*62c56f98SSadaf Ebrahimi -c "EncryptedExtensions: early_data(42) extension exists." \ 272*62c56f98SSadaf Ebrahimi -c "<= write EndOfEarlyData" \ 273*62c56f98SSadaf Ebrahimi -s "Parsing extension 'Early Data/42' (0 bytes)" \ 274*62c56f98SSadaf Ebrahimi -s "Sending extension Early Data/42 (0 bytes)" \ 275*62c56f98SSadaf Ebrahimi -s "END OF EARLY DATA (5) was received." \ 276*62c56f98SSadaf Ebrahimi -s "early data accepted" 277*62c56f98SSadaf Ebrahimi 278*62c56f98SSadaf Ebrahimirequires_gnutls_tls1_3 279*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 280*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 281*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 282*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 283*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_EARLY_DATA 284*62c56f98SSadaf Ebrahimirequires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 285*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 286*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ 287*62c56f98SSadaf Ebrahimi "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \ 288*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \ 289*62c56f98SSadaf Ebrahimi 0 \ 290*62c56f98SSadaf Ebrahimi -c "Reconnecting with saved session" \ 291*62c56f98SSadaf Ebrahimi -C "NewSessionTicket: early_data(42) extension received." \ 292*62c56f98SSadaf Ebrahimi -c "ClientHello: early_data(42) extension does not exist." \ 293*62c56f98SSadaf Ebrahimi -C "EncryptedExtensions: early_data(42) extension received." \ 294*62c56f98SSadaf Ebrahimi -C "EncryptedExtensions: early_data(42) extension exists." 295*62c56f98SSadaf Ebrahimi 296*62c56f98SSadaf Ebrahimi#TODO: OpenSSL tests don't work now. It might be openssl options issue, cause GnuTLS has worked. 297*62c56f98SSadaf Ebrahimiskip_next_test 298*62c56f98SSadaf Ebrahimirequires_openssl_tls1_3 299*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_DEBUG_C 300*62c56f98SSadaf Ebrahimirequires_config_enabled MBEDTLS_SSL_CLI_C 301*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ 302*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 303*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_EARLY_DATA 304*62c56f98SSadaf Ebrahimirequires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ 305*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 306*62c56f98SSadaf Ebrahimirun_test "TLS 1.3, ext PSK, early data" \ 307*62c56f98SSadaf Ebrahimi "$O_NEXT_SRV_EARLY_DATA -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ 308*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=5 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \ 309*62c56f98SSadaf Ebrahimi 1 \ 310*62c56f98SSadaf Ebrahimi -c "Reconnecting with saved session" \ 311*62c56f98SSadaf Ebrahimi -c "NewSessionTicket: early_data(42) extension received." \ 312*62c56f98SSadaf Ebrahimi -c "ClientHello: early_data(42) extension exists." \ 313*62c56f98SSadaf Ebrahimi -c "EncryptedExtensions: early_data(42) extension received." \ 314*62c56f98SSadaf Ebrahimi -c "EncryptedExtensions: early_data(42) extension ( ignored )." 315*62c56f98SSadaf Ebrahimi 316*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 317*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 318*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 319*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 320*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk/none." \ 321*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 322*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 323*62c56f98SSadaf Ebrahimi 0 \ 324*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 325*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 326*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 327*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 328*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 329*62c56f98SSadaf Ebrahimi -s "No suitable key exchange mode" \ 330*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 331*62c56f98SSadaf Ebrahimi 332*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 333*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 334*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 335*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 336*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \ 337*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 338*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 339*62c56f98SSadaf Ebrahimi 0 \ 340*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 341*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 342*62c56f98SSadaf Ebrahimi -s "found matched identity" 343*62c56f98SSadaf Ebrahimi 344*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 345*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 346*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 347*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 348*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_ephemeral." \ 349*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 350*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 351*62c56f98SSadaf Ebrahimi 0 \ 352*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 353*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 354*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 355*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 356*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 357*62c56f98SSadaf Ebrahimi -s "No suitable key exchange mode" \ 358*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 359*62c56f98SSadaf Ebrahimi 360*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 361*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 362*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 363*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 364*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \ 365*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 366*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 367*62c56f98SSadaf Ebrahimi 0 \ 368*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 369*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 370*62c56f98SSadaf Ebrahimi -s "found matched identity" 371*62c56f98SSadaf Ebrahimi 372*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 373*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 374*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 375*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 376*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/none." \ 377*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 378*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 379*62c56f98SSadaf Ebrahimi 0 \ 380*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 381*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 382*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 383*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 384*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 385*62c56f98SSadaf Ebrahimi -s "No suitable key exchange mode" \ 386*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 387*62c56f98SSadaf Ebrahimi 388*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 389*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 390*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 391*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 392*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk." \ 393*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 394*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 395*62c56f98SSadaf Ebrahimi 0 \ 396*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 397*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 398*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 399*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 400*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 401*62c56f98SSadaf Ebrahimi -s "No suitable key exchange mode" \ 402*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 403*62c56f98SSadaf Ebrahimi 404*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 405*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 406*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 407*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 408*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemeral." \ 409*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 410*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 411*62c56f98SSadaf Ebrahimi 0 \ 412*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 413*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 414*62c56f98SSadaf Ebrahimi -s "found matched identity" 415*62c56f98SSadaf Ebrahimi 416*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 417*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 418*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 419*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 420*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \ 421*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 422*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 423*62c56f98SSadaf Ebrahimi 0 \ 424*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 425*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 426*62c56f98SSadaf Ebrahimi -s "found matched identity" 427*62c56f98SSadaf Ebrahimi 428*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 429*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 430*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 431*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 432*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 433*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/none." \ 434*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ 435*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 436*62c56f98SSadaf Ebrahimi 0 \ 437*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 438*62c56f98SSadaf Ebrahimi -S "sent selected_identity:" \ 439*62c56f98SSadaf Ebrahimi -s "key exchange mode: ephemeral" \ 440*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk_ephemeral" \ 441*62c56f98SSadaf Ebrahimi -S "key exchange mode: psk$" \ 442*62c56f98SSadaf Ebrahimi -s "No suitable key exchange mode" \ 443*62c56f98SSadaf Ebrahimi -s "No matched PSK or ticket" 444*62c56f98SSadaf Ebrahimi 445*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 446*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 447*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 448*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 449*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 450*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \ 451*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ 452*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 453*62c56f98SSadaf Ebrahimi 0 \ 454*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 455*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 456*62c56f98SSadaf Ebrahimi -s "found matched identity" 457*62c56f98SSadaf Ebrahimi 458*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 459*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 460*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 461*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 462*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 463*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \ 464*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ 465*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 466*62c56f98SSadaf Ebrahimi 0 \ 467*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 468*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 469*62c56f98SSadaf Ebrahimi -s "found matched identity" 470*62c56f98SSadaf Ebrahimi 471*62c56f98SSadaf Ebrahimirequires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ 472*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ 473*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ 474*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ 475*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 476*62c56f98SSadaf Ebrahimirun_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ 477*62c56f98SSadaf Ebrahimi "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ 478*62c56f98SSadaf Ebrahimi "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 479*62c56f98SSadaf Ebrahimi 0 \ 480*62c56f98SSadaf Ebrahimi -c "Pre-configured PSK number = 1" \ 481*62c56f98SSadaf Ebrahimi -S "No suitable key exchange mode" \ 482*62c56f98SSadaf Ebrahimi -s "found matched identity" 483*62c56f98SSadaf Ebrahimi 484