From 3b412e283f0c59caea9c1075bd2c52500e0c66ee Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 20 Jan 2025 15:33:43 +0100
Subject: [PATCH] ssl-opt.sh: remove tests which are specific for DHE-RSA

For these ones there is no ECDHE alternative as they are testing
specific features of DHE.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/ssl-opt.sh | 90 ------------------------------------------------
 1 file changed, 90 deletions(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 8edfdb1672..36789b1cdf 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -8417,96 +8417,6 @@ run_test    "extKeyUsage cli-auth 1.3: codeSign -> fail (hard)" \
             -s "Processing of the Certificate handshake message failed"
             # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE  -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
 
-# Tests for DHM parameters loading
-
-run_test    "DHM parameters: reference" \
-            "$P_SRV" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=3" \
-            0 \
-            -c "value of 'DHM: P ' (2048 bits)" \
-            -c "value of 'DHM: G ' (2 bits)"
-
-run_test    "DHM parameters: other parameters" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=3" \
-            0 \
-            -c "value of 'DHM: P ' (1024 bits)" \
-            -c "value of 'DHM: G ' (2 bits)"
-
-# Tests for DHM client-side size checking
-
-run_test    "DHM size: server default, client default, OK" \
-            "$P_SRV" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1" \
-            0 \
-            -C "DHM prime too short:"
-
-run_test    "DHM size: server default, client 2048, OK" \
-            "$P_SRV" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=2048" \
-            0 \
-            -C "DHM prime too short:"
-
-run_test    "DHM size: server 1024, client default, OK" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1" \
-            0 \
-            -C "DHM prime too short:"
-
-run_test    "DHM size: server 999, client 999, OK" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=999" \
-            0 \
-            -C "DHM prime too short:"
-
-run_test    "DHM size: server 1000, client 1000, OK" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=1000" \
-            0 \
-            -C "DHM prime too short:"
-
-run_test    "DHM size: server 1000, client default, rejected" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1" \
-            1 \
-            -c "DHM prime too short:"
-
-run_test    "DHM size: server 1000, client 1001, rejected" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=1001" \
-            1 \
-            -c "DHM prime too short:"
-
-run_test    "DHM size: server 999, client 1000, rejected" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=1000" \
-            1 \
-            -c "DHM prime too short:"
-
-run_test    "DHM size: server 998, client 999, rejected" \
-            "$P_SRV dhm_file=$DATA_FILES_PATH/dh.998.pem" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=999" \
-            1 \
-            -c "DHM prime too short:"
-
-run_test    "DHM size: server default, client 2049, rejected" \
-            "$P_SRV" \
-            "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
-                    debug_level=1 dhmlen=2049" \
-            1 \
-            -c "DHM prime too short:"
-
 # Tests for PSK callback
 
 run_test    "PSK callback: psk, no callback" \