mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-14 07:20:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove direct requirements on MBEDTLS_USE_PSA_CRYPTO in ssl-opt.sh

Browse Source 
Now that MBEDTLS_USE_PSA_CRYPTO is always on, we don't need to check for it.
Also this is a step towards no longer expecting it to be reported by
query_compile_time_config.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2024-10-24 20:09:56 +02:00
parent a1be1b8fbb
commit 5e443f983b
1 changed files with 0 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
tests/ssl-opt.sh
View File

@ -2270,7 +2270,6 @@ run_test "CA callback on server" \
-C "error"
# Test using an EC opaque private key for client authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_256
@ -2288,7 +2287,6 @@ run_test "Opaque key for client authentication: ECDHE-ECDSA" \
-C "error"
# Test using a RSA opaque private key for client authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
@ -2306,7 +2304,6 @@ run_test "Opaque key for client authentication: ECDHE-RSA" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2325,7 +2322,6 @@ run_test "Opaque key for client authentication: DHE-RSA" \
-C "error"
# Test using an EC opaque private key for server authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_256
@ -2341,7 +2337,6 @@ run_test "Opaque key for server authentication: ECDHE-ECDSA" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_256
run_test "Opaque key for server authentication: ECDH-" \
@ -2357,7 +2352,6 @@ run_test "Opaque key for server authentication: ECDH-" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_hash_alg SHA_256
@ -2372,7 +2366,6 @@ run_test "Opaque key for server authentication: invalid key: decrypt with ECC
-c "error" \
-c "Public key type mismatch"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_RSA_C
@ -2389,7 +2382,6 @@ run_test "Opaque key for server authentication: invalid key: ecdh with RSA ke
-c "error" \
-c "Public key type mismatch"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_hash_alg SHA_256
@ -2404,7 +2396,6 @@ run_test "Opaque key for server authentication: invalid alg: decrypt with ECC
-s "error" \
-c "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
@ -2420,7 +2411,6 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke
-s "error" \
-c "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_256
run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
@ -2434,7 +2424,6 @@ run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with
-s "error" \
-c "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_256
@ -2454,7 +2443,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_384
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
@ -2473,7 +2461,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_hash_alg SHA_384
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
@ -2493,7 +2480,6 @@ run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA"
-C "error"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -2507,7 +2493,6 @@ run_test "TLS 1.3 opaque key: no suitable algorithm found" \
-s "no suitable signature algorithm"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -2521,7 +2506,6 @@ run_test "TLS 1.3 opaque key: suitable algorithm found" \
-S "error"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -2536,7 +2520,6 @@ run_test "TLS 1.3 opaque key: first client sig alg not suitable" \
-S "error" \
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -2550,7 +2533,6 @@ run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
-S "error" \
# Test using a RSA opaque private key for server authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
@ -2567,7 +2549,6 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2583,7 +2564,6 @@ run_test "Opaque key for server authentication: DHE-RSA" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2600,7 +2580,6 @@ run_test "Opaque key for server authentication: RSA-PSK" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2615,7 +2594,6 @@ run_test "Opaque key for server authentication: RSA-" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2630,7 +2608,6 @@ run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1
-s "error" \
-c "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2651,7 +2628,6 @@ run_test "Opaque keys for server authentication: RSA keys with different algs
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_384
@ -2672,7 +2648,6 @@ run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
-C "error"
# Test using an EC opaque private key for client/server authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_256
@ -2692,7 +2667,6 @@ run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
-C "error"
# Test using a RSA opaque private key for client/server authentication
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -2712,7 +2686,6 @@ run_test "Opaque key for client/server authentication: ECDHE-RSA" \
-S "error" \
-C "error"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
@ -8594,7 +8567,6 @@ run_test "PSK callback: psk, no callback" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -8606,7 +8578,6 @@ run_test "PSK callback: opaque psk on client, no callback" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
@ -8618,7 +8589,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -8630,7 +8600,6 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
@ -8642,7 +8611,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque rsa-psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
@ -8654,7 +8622,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
@ -8666,7 +8633,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
@ -8678,7 +8644,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
@ -8690,7 +8655,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS"
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
@ -8702,7 +8666,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8714,7 +8677,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
@ -8726,7 +8688,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8738,7 +8699,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque dhe-psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
@ -8750,7 +8710,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8762,7 +8721,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
@ -8774,7 +8732,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
"$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8786,7 +8743,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS"
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -8798,7 +8754,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
@ -8810,7 +8765,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -8823,7 +8777,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -8836,7 +8789,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
@ -8848,7 +8800,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
@ -8860,7 +8811,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -8873,7 +8823,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -8886,7 +8835,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
@ -8898,7 +8846,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8910,7 +8857,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -8923,7 +8869,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -8936,7 +8881,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
@ -8948,7 +8892,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -8960,7 +8903,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -8973,7 +8915,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -8986,7 +8927,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -8998,7 +8938,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
@ -9010,7 +8949,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -9023,7 +8961,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -9036,7 +8973,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
@ -9048,7 +8984,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
@ -9060,7 +8995,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -9073,7 +9007,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -9086,7 +9019,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
@ -9098,7 +9030,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -9110,7 +9041,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -9123,7 +9053,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -9136,7 +9065,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
@ -9148,7 +9076,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
@ -9160,7 +9087,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
@ -9173,7 +9099,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
@ -9186,7 +9111,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -9198,7 +9122,6 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -9210,7 +9133,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
"$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -9222,7 +9144,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -9234,7 +9155,6 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,73776f726466697368 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@ -9348,7 +9268,6 @@ run_test "ECJPAKE: working, TLS" \
-S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "ECJPAKE: opaque password client+server, working, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
"$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\
@ -9370,7 +9289,6 @@ run_test "ECJPAKE: opaque password client+server, working, TLS" \
# Note: if the name of this test is changed, then please adjust the corresponding
# filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh")
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "ECJPAKE: opaque password client only, working, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla" \
"$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\
@ -9392,7 +9310,6 @@ run_test "ECJPAKE: opaque password client only, working, TLS" \
# Note: if the name of this test is changed, then please adjust the corresponding
# filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh")
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "ECJPAKE: opaque password server only, working, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
"$P_CLI debug_level=3 ecjpake_pw=bla\
@ -9423,7 +9340,6 @@ run_test "ECJPAKE: password mismatch, TLS" \
server_needs_more_time 1
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
"$P_CLI debug_level=3 ecjpake_pw=bad ecjpake_pw_opaque=1 \
@ -9839,7 +9755,6 @@ run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \
"$P_SRV groups=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@ -9895,7 +9810,6 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_P
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@ -9936,7 +9850,6 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)"
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@ -9972,7 +9885,6 @@ run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \
"$P_SRV groups=secp256r1 auth_mode=required dtls=1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@ -10003,7 +9915,6 @@ run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \
"$P_SRV groups=secp256r1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@ -13086,7 +12997,6 @@ run_test "TLS 1.3: Client authentication, client alg not in server list - gnu
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
@ -13101,7 +13011,6 @@ requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
@ -13116,7 +13025,6 @@ run_test "TLS 1.3: Client authentication - opaque key, no server middlebox co
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13132,7 +13040,6 @@ requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13147,7 +13054,6 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13163,7 +13069,6 @@ requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13178,7 +13083,6 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13194,7 +13098,6 @@ requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13210,7 +13113,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13227,7 +13129,6 @@ requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13243,7 +13144,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13260,7 +13160,6 @@ requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13276,7 +13175,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
@ -13293,7 +13191,6 @@ requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
@ -13309,7 +13206,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
@ -13327,7 +13223,6 @@ requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \