ext/psk_ke_modes: always send extension unless disabled in config

With the psk_key_exchange_modes extension, clients can restrict the
key exchange modes for use with resumption and in that case the server
shouldn't send NewSessionTicket.  This patch makes use of it to avoid
receiving useless tickets, by sending the psk_key_exchange_modes
extension unless PSK is completely disabled.

A couple of tests need to be adjusted: tls13/prf to take into account
of the psk_key_exchange_modes extension sent, and tls13/no-psk-exts to
not treat the presence of the extension as error.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

2 files changed, 6 insertions, 6 deletions

diff --git a/tests/tls13/no-psk-exts.c b/tests/tls13/no-psk-exts.c
index b70c667822..e8f1e2e84f 100644
--- a/tests/tls13/no-psk-exts.c
+++ b/tests/tls13/no-psk-exts.c
@@ -84,7 +84,7 @@ static void client(int fd)
 
 	/* Initialize TLS session
 	 */
-	gnutls_init(&session, GNUTLS_CLIENT);
+	gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_NO_TICKETS);
 
 	gnutls_handshake_set_timeout(session, 20 * 1000);
 
@@ -148,7 +148,7 @@ static int hellos_callback(gnutls_session_t session, unsigned int htype,
 		fail("PSK extension seen in client hello with no PSK!\n");
 
 	if (find_client_extension(msg, TLS_EXT_PSK_KE, NULL, NULL))
-		fail("PSK extension seen in client hello with no PSK!\n");
+		fail("PSK KE extension seen in client hello with no PSK!\n");
 
 	return 0;
 }
diff --git a/tests/tls13/prf.c b/tests/tls13/prf.c
index f221896124..22e7f0e08f 100644
--- a/tests/tls13/prf.c
+++ b/tests/tls13/prf.c
@@ -126,8 +126,8 @@ static void dump(const char *name, const uint8_t *data, unsigned data_size)
 	} \
 	}
 
-#define KEY_EXP_VALUE "\x1f\x17\xb5\xe2\xef\xfc\x1c\x27\x1e\x1a\x2c\x9b\x36\xc7\x43\x70\x5c\x80\x93\x7a\xce\x7b\x52\x18\xe0\x22\xca\x0d\xf8\x01\xa5\x7f\xef\x8b"
-#define HELLO_VALUE "\x5c\x6d\x0a\xa0\xc7\x1e\x52\xb5\xb4\x2c\x4b\xfa\x24\xc8\x3f\x3f\xba\xfc\x43\xc2\x05\xe5\x04\xd9\xfd\x86\x84\x00\x1c\xfb\xf3"
+#define KEY_EXP_VALUE "\x81\x7a\x37\xc6\xa3\x2b\x83\x47\x3b\xad\x03\xa6\xd4\x6d\xac\xe3\x1c\x9d\xa4\xdc\x8e\x0c\x77\xf8\x1c\x5e\x5d\xe5\xca\x1c\xbc\x89\x4c\x37"
+#define HELLO_VALUE "\x10\x3e\xef\x5e\x62\x1d\x03\x95\xfc\x8f\x59\xc7\x7d\xdc\x14\x7e\xcf\x46\x86\x2f\xfb\x1c\x5a\x16\x6a\xf5\x38\x69\xa8\x3c\x85"
 static void check_prfs(gnutls_session_t session)
 {
 	unsigned char key_material[512];
@@ -138,8 +138,8 @@ static void check_prfs(gnutls_session_t session)
 
 	TRY(13, "key expansion", 0, NULL, 34, (uint8_t*)KEY_EXP_VALUE);
 	TRY(6, "hello", 0, NULL, 31, (uint8_t*)HELLO_VALUE);
-	TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t*)"\xa5\xc0\x3e\x31\x5b\x70\x57\x48\x1e\xfe\x11\x2b\x13\x13\x8f\x97\x14\x2d\x4d\x35\xac\x0a\x20\x4e\x9c\x84\xcf\x48\x8c\xa2\x0b");
-	TRY(12, "null-context", 0, "", 31, (uint8_t*)"\x7b\xb9\x00\x8a\x2c\x97\xa0\x73\x28\x91\xbf\x73\xda\xa5\x78\x08\x45\xac\xa7\x29\xa8\xc4\x30\x30\xc2\x76\x94\x1a\xaf\x74\x4b");
+	TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t*)"\xbc\x23\xe3\xf4\x29\xdb\x48\x20\x48\x8c\x37\xd9\xd4\xe0\xcf\x88\xc3\x3d\x7b\x12\x59\xfb\xad\x8e\x4d\x8c\x53\x58\xf4\xe6\xef");
+	TRY(12, "null-context", 0, "", 31, (uint8_t*)"\x89\x89\x1f\x2f\x6c\x35\x26\x0b\xe9\x1c\x7b\xb7\x27\x5e\x7c\x41\xfb\xa0\x11\x9c\xd7\xe6\xd5\xdc\x2a\xcc\x54\x23\x3f\x52\x9f");
 
 	/* Try whether calling gnutls_prf() with non-null context or server-first
 	 * param, will fail */