diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e7eef1a702..f8a35006a8 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2270,7 +2270,6 @@ run_test "CA callback on server" \ -C "error" # Test using an EC opaque private key for client authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 @@ -2288,7 +2287,6 @@ run_test "Opaque key for client authentication: ECDHE-ECDSA" \ -C "error" # Test using a RSA opaque private key for client authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED @@ -2306,7 +2304,6 @@ run_test "Opaque key for client authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2325,7 +2322,6 @@ run_test "Opaque key for client authentication: DHE-RSA" \ -C "error" # Test using an EC opaque private key for server authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 @@ -2341,7 +2337,6 @@ run_test "Opaque key for server authentication: ECDHE-ECDSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: ECDH-" \ @@ -2357,7 +2352,6 @@ run_test "Opaque key for server authentication: ECDH-" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE requires_hash_alg SHA_256 @@ -2372,7 +2366,6 @@ run_test "Opaque key for server authentication: invalid key: decrypt with ECC -c "error" \ -c "Public key type mismatch" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C @@ -2389,7 +2382,6 @@ run_test "Opaque key for server authentication: invalid key: ecdh with RSA ke -c "error" \ -c "Public key type mismatch" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_hash_alg SHA_256 @@ -2404,7 +2396,6 @@ run_test "Opaque key for server authentication: invalid alg: decrypt with ECC -s "error" \ -c "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE @@ -2420,7 +2411,6 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke -s "error" \ -c "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ @@ -2434,7 +2424,6 @@ run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with -s "error" \ -c "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 @@ -2454,7 +2443,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs, -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_384 requires_config_disabled MBEDTLS_X509_REMOVE_INFO @@ -2473,7 +2461,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs, -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_384 requires_config_disabled MBEDTLS_X509_REMOVE_INFO @@ -2493,7 +2480,6 @@ run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" -C "error" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -2507,7 +2493,6 @@ run_test "TLS 1.3 opaque key: no suitable algorithm found" \ -s "no suitable signature algorithm" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -2521,7 +2506,6 @@ run_test "TLS 1.3 opaque key: suitable algorithm found" \ -S "error" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -2536,7 +2520,6 @@ run_test "TLS 1.3 opaque key: first client sig alg not suitable" \ -S "error" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -2550,7 +2533,6 @@ run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \ -S "error" \ # Test using a RSA opaque private key for server authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED @@ -2567,7 +2549,6 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2583,7 +2564,6 @@ run_test "Opaque key for server authentication: DHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2600,7 +2580,6 @@ run_test "Opaque key for server authentication: RSA-PSK" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2615,7 +2594,6 @@ run_test "Opaque key for server authentication: RSA-" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2630,7 +2608,6 @@ run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1 -s "error" \ -c "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2651,7 +2628,6 @@ run_test "Opaque keys for server authentication: RSA keys with different algs -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_384 @@ -2672,7 +2648,6 @@ run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ -C "error" # Test using an EC opaque private key for client/server authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 @@ -2692,7 +2667,6 @@ run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \ -C "error" # Test using a RSA opaque private key for client/server authentication -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -2712,7 +2686,6 @@ run_test "Opaque key for client/server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -8594,7 +8567,6 @@ run_test "PSK callback: psk, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -8606,7 +8578,6 @@ run_test "PSK callback: opaque psk on client, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8618,7 +8589,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -8630,7 +8600,6 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8642,7 +8611,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque rsa-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ @@ -8654,7 +8622,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8666,7 +8633,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -8678,7 +8644,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8690,7 +8655,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque ecdhe-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ @@ -8702,7 +8666,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8714,7 +8677,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -8726,7 +8688,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8738,7 +8699,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque dhe-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ @@ -8750,7 +8710,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8762,7 +8721,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -8774,7 +8732,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8786,7 +8743,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -8798,7 +8754,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8810,7 +8765,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -8823,7 +8777,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -8836,7 +8789,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -8848,7 +8800,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8860,7 +8811,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -8873,7 +8823,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -8886,7 +8835,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -8898,7 +8846,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8910,7 +8857,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -8923,7 +8869,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -8936,7 +8881,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -8948,7 +8892,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -8960,7 +8903,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -8973,7 +8915,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -8986,7 +8927,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -8998,7 +8938,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -9010,7 +8949,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -9023,7 +8961,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -9036,7 +8973,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -9048,7 +8984,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -9060,7 +8995,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -9073,7 +9007,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -9086,7 +9019,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -9098,7 +9030,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -9110,7 +9041,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -9123,7 +9053,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -9136,7 +9065,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -9148,7 +9076,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -9160,7 +9087,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -9173,7 +9099,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -9186,7 +9111,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -9198,7 +9122,6 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -9210,7 +9133,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -9222,7 +9144,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -9234,7 +9155,6 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,73776f726466697368 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -9348,7 +9268,6 @@ run_test "ECJPAKE: working, TLS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "ECJPAKE: opaque password client+server, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ @@ -9370,7 +9289,6 @@ run_test "ECJPAKE: opaque password client+server, working, TLS" \ # Note: if the name of this test is changed, then please adjust the corresponding # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "ECJPAKE: opaque password client only, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ @@ -9392,7 +9310,6 @@ run_test "ECJPAKE: opaque password client only, working, TLS" \ # Note: if the name of this test is changed, then please adjust the corresponding # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "ECJPAKE: opaque password server only, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bla\ @@ -9423,7 +9340,6 @@ run_test "ECJPAKE: password mismatch, TLS" \ server_needs_more_time 1 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bad ecjpake_pw_opaque=1 \ @@ -9839,7 +9755,6 @@ run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \ "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -9895,7 +9810,6 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_P # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \ "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=$DATA_FILES_PATH/server5-badsign.crt \ @@ -9936,7 +9850,6 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \ "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=$DATA_FILES_PATH/server5-badsign.crt \ @@ -9972,7 +9885,6 @@ run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \ "$P_SRV groups=secp256r1 auth_mode=required dtls=1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -10003,7 +9915,6 @@ run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \ "$P_SRV groups=secp256r1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -13086,7 +12997,6 @@ run_test "TLS 1.3: Client authentication, client alg not in server list - gnu requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \ @@ -13101,7 +13011,6 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \ @@ -13116,7 +13025,6 @@ run_test "TLS 1.3: Client authentication - opaque key, no server middlebox co requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13132,7 +13040,6 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13147,7 +13054,6 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13163,7 +13069,6 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13178,7 +13083,6 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13194,7 +13098,6 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13210,7 +13113,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13227,7 +13129,6 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13243,7 +13144,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13260,7 +13160,6 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13276,7 +13175,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ @@ -13293,7 +13191,6 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ @@ -13309,7 +13206,6 @@ requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 @@ -13327,7 +13223,6 @@ requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \