Add a test for CT in TLSv1.3

    [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,

        checkhandshake::STATUS_REQUEST_SRV_EXTENSION],

    [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT,

        checkhandshake::SCT_SRV_EXTENSION],

    [0,0,0]

);

               | checkhandshake::ALPN_SRV_EXTENSION,

               "ALPN handshake test");

SKIP: {

    skip "No CT, EC or OCSP support in this OpenSSL build", 1

        if disabled("ct") || disabled("ec") || disabled("ocsp");

    #Test 13: SCT handshake (client request only)

#TODO(TLS1.3): This only checks that the client side extension appears. The

#SCT extension is unusual in that we have no built-in server side implementation

#The server side implementation can nomrally be added using the custom

#extensions framework (e.g. by using the "-serverinfo" s_server option). However

#currently we only support <= TLS1.2 for custom extensions because the existing

#framework and API has no knowledge of the TLS1.3 messages

    $proxy->clear();

    #Note: -ct also sends status_request

    $proxy->clientflags("-ct");

    $proxy->serverflags("-status_file "

                    .srctop_file("test", "recipes", "ocsp-response.der"));

                        .srctop_file("test", "recipes", "ocsp-response.der")

                        ." -serverinfo ".srctop_file("test", "serverinfo2.pem"));

    $proxy->start();

    checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,

                   checkhandshake::DEFAULT_EXTENSIONS

                   | checkhandshake::SCT_CLI_EXTENSION

                   | checkhandshake::SCT_SRV_EXTENSION

                   | checkhandshake::STATUS_REQUEST_CLI_EXTENSION

                   | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,

                   "SCT handshake test");

}

#Test 14: HRR Handshake

$proxy->clear();