From 932064d6603ef632d525e329a30c339934bd38b3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 24 Jul 2021 06:45:50 +0100
Subject: [PATCH] Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex
 parameters

Those tests are so far only checking that ssl_client2/ssl_server2
recognize the arguments, nothing more.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
---
 tests/ssl-opt.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 01265ae9b3..56c4a5fba7 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1453,6 +1453,40 @@ run_test    "SHA-256 allowed by default in client certificate" \
             "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
             0
 
+# Dummy TLS 1.3 test
+# Currently only checking that passing TLS 1.3 key exchange modes to
+# ssl_client2/ssl_server2 example programs works.
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: PSK only" \
+            "$P_SRV tls13_kex_modes=psk_pure" \
+            "$P_CLI tls13_kex_modes=psk_pure" \
+            0
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: PSK-ephemeral only" \
+            "$P_SRV tls13_kex_modes=psk_ephemeral" \
+            "$P_CLI tls13_kex_modes=psk_ephemeral" \
+            0
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: Pure-ephemeral only" \
+            "$P_SRV tls13_kex_modes=ephemeral_pure" \
+            "$P_CLI tls13_kex_modes=ephemeral_pure" \
+            0
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: All ephemeral" \
+            "$P_SRV tls13_kex_modes=ephemeral_all" \
+            "$P_CLI tls13_kex_modes=ephemeral_all" \
+            0
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: All PSK" \
+            "$P_SRV tls13_kex_modes=psk_all" \
+            "$P_CLI tls13_kex_modes=psk_all" \
+            0
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test    "TLS 1.3, key exchange mode parameter passing: All" \
+            "$P_SRV tls13_kex_modes=all" \
+            "$P_CLI tls13_kex_modes=all" \
+            0
+
 # Tests for datagram packing
 run_test    "DTLS: multiple records in same datagram, client and server" \
             "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \