1 files changed, 54 insertions, 24 deletions

diff --git a/test/recipes/70-test_key_share.t b/test/recipes/70-test_key_share.t
index 2e8385d43b..2c2527ca5c 100644
--- a/test/recipes/70-test_key_share.t
+++ b/test/recipes/70-test_key_share.t
@@ -81,7 +81,7 @@ $proxy->filter(\&modify_key_shares_filter);
 if (disabled("ec")) {
     $proxy->serverflags("-groups ffdhe3072");
 } else {
-    $proxy->serverflags("-groups P-256");
+    $proxy->serverflags("-groups P-384");
 }
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
 plan tests => 23;
@@ -189,7 +189,7 @@ $selectedgroupid = 0;
 if (disabled("ec")) {
     $proxy->clientflags("-groups ffdhe3072:ffdhe2048");
 } else {
-    $proxy->clientflags("-groups P-256:X25519");
+    $proxy->clientflags("-groups P-256:P-384");
 }
 $proxy->start();
 if (disabled("ec")) {
@@ -202,13 +202,13 @@ if (disabled("ec")) {
 
 #Test 14: Multiple acceptable key_shares - we choose the first one (part 2)
 $proxy->clear();
-if (disabled("ec")) {
+if (disabled("ecx")) {
     $proxy->clientflags("-curves ffdhe2048:ffdhe3072");
 } else {
     $proxy->clientflags("-curves X25519:P-256");
 }
 $proxy->start();
-if (disabled("ec")) {
+if (disabled("ecx")) {
     ok(TLSProxy::Message->success() && ($selectedgroupid == FFDHE2048),
        "Multiple acceptable key_shares (part 2)");
 } else {
@@ -219,7 +219,7 @@ if (disabled("ec")) {
 #Test 15: Server sends key_share that wasn't offered should fail
 $proxy->clear();
 $testtype = SELECT_X25519;
-if (disabled("ec")) {
+if (disabled("ecx")) {
     $proxy->clientflags("-groups ffdhe3072");
 } else {
     $proxy->clientflags("-groups P-256");
@@ -281,7 +281,7 @@ SKIP: {
 $proxy->clear();
 $direction = SERVER_TO_CLIENT;
 $testtype = NO_KEY_SHARES_IN_HRR;
-if (disabled("ec")) {
+if (disabled("ecx")) {
     $proxy->serverflags("-groups ffdhe2048");
 } else {
     $proxy->serverflags("-groups X25519");
@@ -294,7 +294,11 @@ SKIP: {
     #Test 23: Trailing data on key_share in ServerHello should fail
     $proxy->clear();
     $direction = CLIENT_TO_SERVER;
-    $proxy->clientflags("-groups secp192r1:P-256:X25519");
+    if (disabled("ecx")) {
+        $proxy->clientflags("-groups secp192r1:P-256:P-384");
+    } else {
+        $proxy->clientflags("-groups secp192r1:P-256:X25519");
+    }
     $proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
     $testtype = NON_TLS1_3_KEY_SHARE;
     $proxy->start();
@@ -324,16 +328,31 @@ sub modify_key_shares_filter
 
             if ($testtype != NON_TLS1_3_KEY_SHARE) {
                 #Setup supported groups to include some unrecognised groups
-                $suppgroups = pack "C8",
-                    0x00, 0x06, #List Length
-                    0xff, 0xfe, #Non existing group 1
-                    0xff, 0xff, #Non existing group 2
-                    0x00, 0x1d; #x25519
+                if (disabled("ecx")) {
+                    $suppgroups = pack "C8",
+                        0x00, 0x06, #List Length
+                        0xff, 0xfe, #Non existing group 1
+                        0xff, 0xff, #Non existing group 2
+                        0x00, 0x17; #P-256
+                } else {
+                    $suppgroups = pack "C8",
+                        0x00, 0x06, #List Length
+                        0xff, 0xfe, #Non existing group 1
+                        0xff, 0xff, #Non existing group 2
+                        0x00, 0x1d; #X25519
+                }
             } else {
-                $suppgroups = pack "C6",
-                    0x00, 0x04, #List Length
-                    0x00, 0x13,
-                    0x00, 0x1d; #x25519
+                if (disabled("ecx")) {
+                    $suppgroups = pack "C6",
+                        0x00, 0x04, #List Length
+                        0x00, 0x13,
+                        0x00, 0x18; #P-384
+                } else {
+                    $suppgroups = pack "C6",
+                        0x00, 0x04, #List Length
+                        0x00, 0x13,
+                        0x00, 0x1d; #X25519
+                }
             }
 
             if ($testtype == EMPTY_EXTENSION) {
@@ -347,14 +366,25 @@ sub modify_key_shares_filter
                     0xff, 0xff, #Non existing group 2
                     0x00, 0x01, 0xff; #key_exchange data
             } elsif ($testtype == ACCEPTABLE_AT_END) {
-                $ext = pack "C11H64",
-                    0x00, 0x29, #List Length
-                    0xff, 0xfe, #Non existing group 1
-                    0x00, 0x01, 0xff, #key_exchange data
-                    0x00, 0x1d, #x25519
-                    0x00, 0x20, #key_exchange data length
-                    "155155B95269ED5C87EAA99C2EF5A593".
-                    "EDF83495E80380089F831B94D14B1421";  #key_exchange data
+                if (disabled("ecx")) {
+                    $ext = pack "C11H130",
+                        0x00, 0x4A, #List Length
+                        0xff, 0xfe, #Non existing group 1
+                        0x00, 0x01, 0xff, #key_exchange data
+                        0x00, 0x17, #P-256
+                        0x00, 0x41, #key_exchange data length
+                        "04A798ACF80B2991A0A53D084F4F649A46BE49D061EB5B8CFF9C8EC6AE792507B6".
+                        "F77FE6E446AF3645FD86BB7CFFD2644E45CC00183343C5CEAD67BB017B082007";  #key_exchange data
+                } else {
+                    $ext = pack "C11H64",
+                        0x00, 0x29, #List Length
+                        0xff, 0xfe, #Non existing group 1
+                        0x00, 0x01, 0xff, #key_exchange data
+                        0x00, 0x1d, #x25519
+                        0x00, 0x20, #key_exchange data length
+                        "155155B95269ED5C87EAA99C2EF5A593".
+                        "EDF83495E80380089F831B94D14B1421";  #key_exchange data
+                }
             } elsif ($testtype == NOT_IN_SUPPORTED_GROUPS) {
                 $suppgroups = pack "C4",
                     0x00, 0x02, #List Length