From e0cc584f70b5e9eb1a6ca788a46acfb0eda73196 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 25 Aug 2022 06:17:36 +0000 Subject: [PATCH] Change result strings based on actula psk test result Signed-off-by: Xiaokang Qian --- tests/opt-testcases/tls13-kex-modes.sh | 102 +++++-------------------- 1 file changed, 20 insertions(+), 82 deletions(-) diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 5d6a66f4f..d2160f4f0 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -1676,13 +1676,13 @@ requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KE run_test "TLS 1.3Client: PSK: psk: with matched key and identity, with psk_dhe_ke. m->O" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ "$P_CLI debug_level=4 sig_algs=ecdsa_secp256r1_sha256 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ -c "client hello, adding PSK binder list" \ -c "<= write client hello" \ - -c "HTTP/1.0 200 ok" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 @@ -1703,25 +1703,6 @@ run_test "TLS 1.3Client: PSK: psk: with mismatched identity, with psk_ke and -s "PSK warning: client identity not what we expected" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -run_test "TLS 1.3Client: PSK: psk: with mismatched identity, with psk_dhe_ke. m->O" \ - "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 ok" - requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE @@ -1787,7 +1768,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk: with matched key and identity, with psk_dhe_ke. m->G" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ @@ -1795,7 +1776,7 @@ run_test "TLS 1.3Client: PSK: psk: with matched key and identity, with psk_dh -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 @@ -1835,26 +1816,6 @@ run_test "TLS 1.3Client: PSK: psk: with mismatched identity, with psk_ke. m-> -c "<= write client hello" \ -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3Client: PSK: psk: with mismatched identity, with psk_dhe_ke. m->G" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -s "Parsing extension 'PSK Key Exchange Modes/45'" \ - -s "Parsing extension 'Pre Shared Key/41'" \ - -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 OK" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -1863,15 +1824,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk: without pre-share key, with psk_ke and psk_dhe_ke. m->G" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk_identity=0d0e0f tls13_kex_modes=psk" \ - 0 \ + "$P_CLI debug_level=4 psk_identity=0a0b0c tls13_kex_modes=psk" \ + 1 \ -c "=> write client hello" \ -c "client hello, adding psk_key_exchange_modes extension" \ -c "skip pre_shared_key extensions" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" #OPENSSL-SERVER psk_all mode requires_openssl_tls1_3 @@ -2010,9 +1970,9 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk_all: with matched key and identity, with psk_dhe_ke. m->G" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ + "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ @@ -2020,7 +1980,7 @@ run_test "TLS 1.3Client: PSK: psk_all: with matched key and identity, with ps -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 @@ -2060,26 +2020,6 @@ run_test "TLS 1.3Client: PSK: psk_all: with mismatched identity, with psk_ke. -c "<= write client hello" \ -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_gnutls_tls1_3 -requires_gnutls_next_no_ticket -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -run_test "TLS 1.3Client: PSK: psk_all: with mismatched identity, with psk_dhe_ke. m->G" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ - 0 \ - -c "=> write client hello" \ - -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ - -c "client hello, adding psk_key_exchange_modes extension" \ - -c "client hello, adding PSK binder list" \ - -s "Parsing extension 'PSK Key Exchange Modes/45'" \ - -s "Parsing extension 'Pre Shared Key/41'" \ - -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 OK" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -2087,16 +2027,15 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk_all: without pre-share key, with psk_ke and psk_dhe_ke. m->G" \ - "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ + "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding psk_key_exchange_modes extension" \ -c "skip pre_shared_key extensions" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" #OPENSSL-SERVER psk_ephemeral mode requires_openssl_tls1_3 @@ -2218,7 +2157,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk_ephemeral: with matched key and identity, with psk_ke. m->G" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ @@ -2226,7 +2165,7 @@ run_test "TLS 1.3Client: PSK: psk_ephemeral: with matched key and identity, w -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 @@ -2275,7 +2214,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk_ephemeral: with mismatched identity, with psk_ke. m->G" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ @@ -2283,7 +2222,7 @@ run_test "TLS 1.3Client: PSK: psk_ephemeral: with mismatched identity, with p -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 @@ -2302,7 +2241,7 @@ run_test "TLS 1.3Client: PSK: psk_ephemeral: with mismatched identity, with p -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -s "Error in handshake: An illegal parameter has been received." + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_gnutls_tls1_3 @@ -2313,14 +2252,13 @@ requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3Client: PSK: psk_ephemeral: without pre-share key, with psk_ke and psk_dhe_ke. m->G" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+CIPHER-ALL:%NO_TICKETS --pskhint=0a0b0c --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ - 0 \ + 1 \ -c "=> write client hello" \ -c "client hello, adding psk_key_exchange_modes extension" \ -c "skip pre_shared_key extensions" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -c "<= write client hello" \ - -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ - -c "HTTP/1.0 200 OK" + -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" #OPENSSL-SERVER ephemeral mode requires_openssl_tls1_3