From edc35e7ffd2943d4429f0664e0cf24966d195044 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 1 Sep 2022 03:22:51 +0000 Subject: [PATCH] Refine the psk test cases for m->G Signed-off-by: Xiaokang Qian --- tests/opt-testcases/tls13-kex-modes.sh | 44 +++--- tests/ssl-opt.sh | 186 +------------------------ 2 files changed, 23 insertions(+), 207 deletions(-) diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index a8a8fed56..883473a39 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -3058,7 +3058,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G psk / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ @@ -3077,7 +3077,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / psk, good" \ +run_test "TLS 1.3: m->G psk / psk_or_ephemeral, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ @@ -3096,7 +3096,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / ecdhe_psk&dhe_psk, fail - no common kex mode" \ +run_test "TLS 1.3: m->G psk / ephemeral_all, fail - no common kex mode" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ @@ -3115,7 +3115,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / psk&ecdhe_psk&dhe_psk, fail - no common identity" \ +run_test "TLS 1.3: m->G psk / all, fail - no common id" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1 \ @@ -3134,7 +3134,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / psk, fail - no common identity" \ +run_test "TLS 1.3: m->G psk / psk, fail - no common id" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1 \ @@ -3153,7 +3153,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk / ecdhe_psk&dhe_psk, fail - no common material" \ +run_test "TLS 1.3: m->G psk / ephemeral_all, fail, no common material" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ @@ -3171,7 +3171,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_all / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G psk_all / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ @@ -3209,7 +3209,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_all / ecdhe_psk&dhe_psk, fail - no fallback" \ +run_test "TLS 1.3: m->G psk_all / ephemeral_all, fail - no fallback" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ @@ -3228,7 +3228,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_all / psk&ecdhe_psk&dhe_psk, fail - no common identity" \ +run_test "TLS 1.3: m->G psk_all / all, fail - no common id" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ @@ -3247,7 +3247,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_all / psk, fail - no common identity" \ +run_test "TLS 1.3: m->G psk_all / psk, fail - no common id" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ @@ -3266,7 +3266,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_all / psk&ecdhe_psk&dhe_psk, fail - no common material" \ +run_test "TLS 1.3: m->G psk_all / ephemeral_all, fail, no common material" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ @@ -3284,7 +3284,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_ephemeral / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G psk_ephemeral / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ @@ -3322,7 +3322,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_ephemeral / ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G psk_ephemeral / ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ @@ -3341,7 +3341,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G psk_ephemeral / ecdhe_psk&dhe_psk, fail - no common material" \ +run_test "TLS 1.3: m->G psk_ephemeral/dhe_all, fail, key material mismatch" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1 \ @@ -3359,7 +3359,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G ephemeral / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G ephemeral / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ @@ -3391,7 +3391,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G ephemeral / ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G ephemeral / ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ @@ -3408,7 +3408,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G ephemeral_all / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G ephemeral_all / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ @@ -3446,7 +3446,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G ephemeral_all / ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G ephemeral_all / ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ @@ -3465,7 +3465,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G ephemeral_all / ecdhe_psk&dhe_psk, good - no common material, fallback to ephemeral" \ +run_test "TLS 1.3: m->G dhe_all/dhe_all,good,psk mismatch,fallback to dhe" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 0 \ @@ -3484,7 +3484,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G all / psk&ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G all / all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ @@ -3522,7 +3522,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G all / ecdhe_psk&dhe_psk, good" \ +run_test "TLS 1.3: m->G all / ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ @@ -3541,7 +3541,7 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3: m->G all / ecdhe_psk&dhe_psk, good - no common material, fallback to ephemeral" \ +run_test "TLS 1.3: m->G all/dhe_all,good,key material mismatch,fallback to dhe" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk_identity=0d0e0f tls13_kex_modes=all" \ 0 \ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index cd73c787f..020d6dc29 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -12104,57 +12104,6 @@ run_test "TLS 1.3, default suite, PSK" \ -c "<= write client hello" \ -c "HTTP/1.0 200 OK" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK, psk_all" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - "$P_CLI nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK, psk_ephemeral" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ - "$P_CLI nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK, ephemeral" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ - "$P_CLI nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK, ephemeral_all" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ - "$P_CLI nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ - 0 \ - -c "=> write client hello" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_openssl_tls1_3 requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE @@ -12171,68 +12120,6 @@ run_test "TLS 1.3, default suite, PSK - openssl" \ -c "<= write client hello" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - openssli psk_all" \ - "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 ok" - -requires_openssl_tls1_3 -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - openssl psk_ephemeral" \ - "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 ok" - -requires_openssl_tls1_3 -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - openssl ephemeral" \ - "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 ok" - -requires_openssl_tls1_3 -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - openssl ephemeral_all" \ - "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ - 0 \ - -c "=> write client hello" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 ok" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -12240,7 +12127,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3, default suite, PSK - gnutls" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ + "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "=> write client hello" \ @@ -12252,77 +12139,6 @@ run_test "TLS 1.3, default suite, PSK - gnutls" \ -c "<= write client hello" \ -c "HTTP/1.0 200 OK" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - gnutls psk_all" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -s "Parsing extension 'PSK Key Exchange Modes/45'" \ - -s "Parsing extension 'Pre Shared Key/41'" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - gnutls psk_ephemeral" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+ECDHE-PSK:+DHE-PSK:+CIPHER-ALL --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -s "Parsing extension 'PSK Key Exchange Modes/45'" \ - -s "Parsing extension 'Pre Shared Key/41'" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - gnutls ephemeral" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ - 0 \ - -c "=> write client hello" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3, default suite, PSK - gnutls ephemeral_all" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -s "Parsing extension 'PSK Key Exchange Modes/45'" \ - -s "Parsing extension 'Pre Shared Key/41'" \ - -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" - for i in opt-testcases/*.sh do TEST_SUITE_NAME=${i##*/}