diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 72f48577ab..ac19f63081 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -648,14 +648,6 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, */ p += 5; - if( mbedtls_ssl_conf_tls13_psk_enabled( ssl ) ) - { - *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE; - ke_modes_len++; - - MBEDTLS_SSL_DEBUG_MSG( 4, ( "Adding pure PSK key exchange mode" ) ); - } - if( mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( ssl ) ) { *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_ECDHE; @@ -664,6 +656,14 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 4, ( "Adding PSK-ECDHE key exchange mode" ) ); } + if( mbedtls_ssl_conf_tls13_psk_enabled( ssl ) ) + { + *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE; + ke_modes_len++; + + MBEDTLS_SSL_DEBUG_MSG( 4, ( "Adding pure PSK key exchange mode" ) ); + } + /* Now write the extension and ke_modes length */ MBEDTLS_PUT_UINT16_BE( ke_modes_len + 1, buf, 2 ); buf[4] = ke_modes_len; diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index f4997402ff..4f62ed69bf 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -3212,7 +3212,7 @@ run_test "TLS 1.3: m->G: psk_all/all, good" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "Selected key exchange mode: psk$" \ + -c "Selected key exchange mode: psk_ephemeral" \ -c "HTTP/1.0 200 OK" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 @@ -3222,10 +3222,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail - no fallback" \ +run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ - 1 \ + 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ -c "client hello, adding psk_key_exchange_modes extension" \ @@ -3233,7 +3233,8 @@ run_test "TLS 1.3: m->G: psk_all/ephemeral_all, fail - no fallback" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" + -c "Selected key exchange mode: psk_ephemeral" \ + -c "HTTP/1.0 200 OK" #GNUTLS-SERVER psk_ephemeral mode requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 @@ -3366,7 +3367,7 @@ run_test "TLS 1.3: m->G: all/all, good" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "Selected key exchange mode: psk$" \ + -c "Selected key exchange mode: psk_ephemeral" \ -c "HTTP/1.0 200 OK" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 @@ -3388,5 +3389,5 @@ run_test "TLS 1.3: m->G: all/ephemeral_all, good" \ -s "Parsing extension 'PSK Key Exchange Modes/45'" \ -s "Parsing extension 'Pre Shared Key/41'" \ -c "<= write client hello" \ - -c "Selected key exchange mode: ephemeral" \ + -c "Selected key exchange mode: psk_ephemeral" \ -c "HTTP/1.0 200 OK" diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e2f9206ec3..a75b3f593c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -12882,7 +12882,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \ - "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+PSK --disable-client-cert" \ + "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 --disable-client-cert" \ "$P_CLI debug_level=1 reco_mode=1 reconnect=1" \ 0 \ -c "Protocol is TLSv1.3" \