From 63c78b869f26c7c092a14e72a52e271f3e2cb65f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Sun, 31 Jul 2022 13:19:11 +0800 Subject: [PATCH] add `all` mode tests Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-kex-modes.sh | 303 +++++++++++++++++++++++++ 1 file changed, 303 insertions(+) diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index b44dd1b45..f64c8c6df 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -1587,3 +1587,306 @@ run_test "TLS 1.3: PSK: ephemeral_all: without pre_shared_key,with psk_dhe_ke -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with matched key and identity, with psk_ke and psk_dhe_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -s "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -s "key exchange mode: psk_ephemeral" \ + -S "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with matched key and identity, with psk_ke and psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ + -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -s "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -s "key exchange mode: psk_ephemeral" \ + -S "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with matched key and identity, with psk_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -S "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -s "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with matched key and identity, with psk_dhe_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -S "Found PSK KEX MODE" \ + -s "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -s "key exchange mode: psk_ephemeral" \ + -S "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with matched key and identity, with psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg \ + -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -S "Found PSK KEX MODE" \ + -s "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -s "key exchange mode: psk_ephemeral" \ + -S "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with mismatched identity, with psk_ke and psk_dhe_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ + --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -s "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with mismatched identity, with psk_ke and psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ + -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -s "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with mismatched identity, with psk_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ + --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -S "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -s "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with mismatched identity, with psk_dhe_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ + --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -S "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -s "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: with mismatched identity, with psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg \ + -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "found psk key exchange modes extension" \ + -s "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -S "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -s "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: without pre_shared_key,with psk_ke and psk_dhe_ke. G->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+VERS-TLS1.3 \ + localhost" \ + 0 \ + -s "found psk key exchange modes extension" \ + -S "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: without pre_shared_key,with psk_ke and psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex " \ + 0 \ + -s "found psk key exchange modes extension" \ + -S "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -s "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +# SOME_ECDHE_ENABLED? +requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +run_test "TLS 1.3: PSK: all: without pre_shared_key,with psk_dhe_ke. O->m" \ + "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$O_NEXT_CLI -tls1_3 -msg " \ + 0 \ + -s "found psk key exchange modes extension" \ + -S "found pre_shared_key extension" \ + -s "Found PSK_EPHEMERAL KEX MODE" \ + -S "Found PSK KEX MODE" \ + -S "Pre shared key found" \ + -S "No matched PSK or ticket"\ + -S "key exchange mode: psk$" \ + -S "key exchange mode: psk_ephemeral" \ + -s "key exchange mode: ephemeral" +