TLS 1.3: Resumption and early data compatibility tests

[ronald-cron-arm]

Description

Fix #6362

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

• changelog not required, will add one for TLS 1.3 early data feature as a whole
• backport not required, no TLS 1.3 support in 2.28
• tests provided

[ronald-cron-arm]

Following the merge of #8913 yesterday I had to rebase. The rebase was quite painful but the diff between the previous head ed3916c and the new head dd2dc15 for the 3 files changed in this PR: tls13-misc.sh, ssl-opt.sh and ssl_server2.c are clean thus this should be okay.

[tom-cosgrove-arm]

Is the CI failure something to worry about? It's on the Internal CI only.

[2024-03-15T10:40:11.134Z] TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O .................. tests/ssl-opt.sh: 1153: kill: No such process
[2024-03-15T10:40:11.134Z] 
[2024-03-15T10:40:11.134Z] RETRY(client-timeout) PASS
[2024-03-15T10:40:33.022Z] TLS 1.2: Check rsa_pss_rsae compatibility issue, m->G .................. tests/ssl-opt.sh: 1153: kill: No such process
[2024-03-15T10:40:33.022Z] 
[2024-03-15T10:40:33.022Z] RETRY(client-timeout) PASS
[2024-03-15T10:40:33.584Z] TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:34.517Z] TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:35.444Z] TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:36.370Z] TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:37.736Z] TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:39.101Z] TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:40.988Z] TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:43.503Z] TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256 ......... PASS
[2024-03-15T10:40:44.064Z] TLS 1.3: no HRR in case of PSK key exchange mode ....................... PASS
[2024-03-15T10:40:44.064Z] Handshake memory usage initial (MFL 16384 - default) ................... SKIP
[2024-03-15T10:40:44.064Z] Handshake memory usage (MFL 4096) ...................................... SKIP
[2024-03-15T10:40:44.064Z] Handshake memory usage (MFL 2048) ...................................... SKIP
[2024-03-15T10:40:44.064Z] Handshake memory usage (MFL 1024) ...................................... SKIP
[2024-03-15T10:40:44.064Z] Handshake memory usage (MFL 512) ....................................... SKIP
[2024-03-15T10:40:44.064Z] ------------------------------------------------------------------------
[2024-03-15T10:40:44.064Z] FAILED (1861 / 1862 tests (98 skipped))
[2024-03-15T10:40:44.320Z] ^^^^test_full_cmake_gcc_asan_new_bignum: test: ssl-opt.sh (full config, ASan build): tests/ssl-opt.sh -> 1^^^^

[tom-cosgrove-arm]

LGTM, as long as the CI failure is unrelated

[waleed-elmelegy-arm]

Is it worth adding negative testing for max_early_data_size and ALPN with GnuTLS or is it out of scope? otherwise LGTM.

[waleed-elmelegy-arm]

LGTM

[ronald-cron-arm]

LGTM, as long as the CI failure is unrelated

The test that failed is a DTLS test "Session resume using tickets, DTLS: openssl server", that has no relation with the changes in this PR. It passes on the open CI thus I do not think we have to worry about that.

[ronald-cron-arm]

Is it worth adding negative testing for max_early_data_size and ALPN with GnuTLS or is it out of scope? otherwise LGTM.

That would involve setting configuration for the first handshake and then changing them when we resume. That's not really in the scope of ssl-opt.sh to me (and we have done that in test_suite_ssl).