4 files changed, 69 insertions, 0 deletions

diff --git a/test/captures/tls13-rfc8446.pcap b/test/captures/tls13-rfc8446.pcap
new file mode 100644
index 0000000000..4500f5931f
--- /dev/null
+++ b/test/captures/tls13-rfc8446.pcap
diff --git a/test/keys/tls13-rfc8446-noearly.keys b/test/keys/tls13-rfc8446-noearly.keys
new file mode 100644
index 0000000000..15e7e4c113
--- /dev/null
+++ b/test/keys/tls13-rfc8446-noearly.keys
@@ -0,0 +1,8 @@
+CLIENT_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 3a497c91f6e130fbc18fc9f773b92bb0d538dfedc30e964cde0676396f24d0df
+SERVER_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1a63b313c605f90e0b3c5717ebbbc62e1da3fe8e2aa66e499409a06b89040783
+CLIENT_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1ce3e54d6b980d838f79564fd33d43a7664df24ead913c316c379ca3dd349b74
+SERVER_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df befa80156bd5cb23899c23afadd8deb87c4117323b3e184085b57c8f4dc56760
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d f4b31725da386891edbf521b96547be8b166487ca56ac197ac8df728c303ee80
+SERVER_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ee3a6c64336e7f22214ab8f4b1aba29b0e7c72c84890a240d5c0c451ffceee9a
+CLIENT_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ceca66e29c1452990be5d1a439805adb9e582931051e847d8ad676147fd63b13
+SERVER_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d bf428b9e2e4853bab9c442f23d0dc45a9d552ab31ec96c7b9633ed16694924d0
diff --git a/test/keys/tls13-rfc8446.keys b/test/keys/tls13-rfc8446.keys
new file mode 100644
index 0000000000..9195e25cda
--- /dev/null
+++ b/test/keys/tls13-rfc8446.keys
@@ -0,0 +1,9 @@
+CLIENT_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 3a497c91f6e130fbc18fc9f773b92bb0d538dfedc30e964cde0676396f24d0df
+SERVER_HANDSHAKE_TRAFFIC_SECRET 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1a63b313c605f90e0b3c5717ebbbc62e1da3fe8e2aa66e499409a06b89040783
+CLIENT_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df 1ce3e54d6b980d838f79564fd33d43a7664df24ead913c316c379ca3dd349b74
+SERVER_TRAFFIC_SECRET_0 2635fafc16c49a3e997ef714c303806dc8dbf634a2005b0e0186521c4ad6f9df befa80156bd5cb23899c23afadd8deb87c4117323b3e184085b57c8f4dc56760
+CLIENT_EARLY_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d 42c0101fad261571cb8799c86a1eb4afe6dcef4a5f88664ac63e4c77452a77ef
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d f4b31725da386891edbf521b96547be8b166487ca56ac197ac8df728c303ee80
+SERVER_HANDSHAKE_TRAFFIC_SECRET b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ee3a6c64336e7f22214ab8f4b1aba29b0e7c72c84890a240d5c0c451ffceee9a
+CLIENT_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d ceca66e29c1452990be5d1a439805adb9e582931051e847d8ad676147fd63b13
+SERVER_TRAFFIC_SECRET_0 b67947da9d3e4b2ce8acffa975e30aa7ef90f7ec0d39de78db392f38b9a9a41d bf428b9e2e4853bab9c442f23d0dc45a9d552ab31ec96c7b9633ed16694924d0
diff --git a/test/suite_decryption.py b/test/suite_decryption.py
index 33a3eb197f..875a1cc02a 100644
--- a/test/suite_decryption.py
+++ b/test/suite_decryption.py
@@ -259,6 +259,58 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase):
             env=config.test_env)
         self.assertTrue(self.grepOutput('TLS13-CHACHA20-POLY1305-SHA256'))
 
+    def test_tls13_rfc8446(self):
+        '''TLS 1.3 (normal session, then early data followed by normal data).'''
+        if not config.have_libgcrypt16:
+            self.skipTest('Requires GCrypt 1.6 or later.')
+        capture_file = os.path.join(config.capture_dir, 'tls13-rfc8446.pcap')
+        key_file = os.path.join(config.key_dir, 'tls13-rfc8446.keys')
+        proc = self.runProcess((config.cmd_tshark,
+                '-r', capture_file,
+                '-ossl.keylog_file:{}'.format(key_file),
+                '-Y', 'http',
+                '-Tfields',
+                '-e', 'frame.number',
+                '-e', 'http.request.uri',
+                '-e', 'http.file_data',
+                '-E', 'separator=|',
+            ),
+            env=config.test_env)
+        self.assertEqual([
+            r'5|/first|',
+            r'6||Request for /first, version TLSv1.3, Early data: no\n',
+            r'8|/early|',
+            r'10||Request for /early, version TLSv1.3, Early data: yes\n',
+            r'12|/second|',
+            r'13||Request for /second, version TLSv1.3, Early data: yes\n',
+        ], proc.stdout_str.splitlines())
+
+    def test_tls13_rfc8446_noearly(self):
+        '''TLS 1.3 (with undecryptable early data).'''
+        if not config.have_libgcrypt16:
+            self.skipTest('Requires GCrypt 1.6 or later.')
+        capture_file = os.path.join(config.capture_dir, 'tls13-rfc8446.pcap')
+        key_file = os.path.join(config.key_dir, 'tls13-rfc8446-noearly.keys')
+        proc = self.runProcess((config.cmd_tshark,
+                '-r', capture_file,
+                '-ossl.keylog_file:{}'.format(key_file),
+                '-Y', 'http',
+                '-Tfields',
+                '-e', 'frame.number',
+                '-e', 'http.request.uri',
+                '-e', 'http.file_data',
+                '-E', 'separator=|',
+            ),
+            env=config.test_env)
+        self.assertEqual([
+            r'5|/first|',
+            r'6||Request for /first, version TLSv1.3, Early data: no\n',
+            r'10||Request for /early, version TLSv1.3, Early data: yes\n',
+            r'12|/second|',
+            r'13||Request for /second, version TLSv1.3, Early data: yes\n',
+        ], proc.stdout_str.splitlines())
+
+
 class case_decrypt_zigbee(subprocesstest.SubprocessTestCase):
     def test_zigbee(self):
         '''ZigBee'''