From 02a76a507b2d1e3f0b331e5d1b91a58182f210c5 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 20 Feb 2023 18:05:21 +0800
Subject: [PATCH] compat.sh: skip static ECDH cases if unsupported in openssl

This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/compat.sh | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/tests/compat.sh b/tests/compat.sh
index f96c4e4c6..6d09b4fc9 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -861,6 +861,16 @@ add_mbedtls_ciphersuites()
     esac
 }
 
+# o_check_ciphersuite CIPHER_SUITE_NAME
+o_check_ciphersuite()
+{
+    if [ "${O_SUPPORT_ECDH}" = "NO" ]; then
+        case "$1" in
+            *ECDH-*) SKIP_NEXT="YES"
+        esac
+    fi
+}
+
 setup_arguments()
 {
     O_MODE=""
@@ -947,6 +957,11 @@ setup_arguments()
             ;;
     esac
 
+    case $($OPENSSL ciphers ALL) in
+        *ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";;
+        *) O_SUPPORT_ECDH="NO";;
+    esac
+
     if [ "X$VERIFY" = "XYES" ];
     then
         M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@@ -1373,6 +1388,7 @@ for MODE in $MODES; do
                     if [ "X" != "X$M_CIPHERS" ]; then
                         start_server "OpenSSL"
                         for i in $M_CIPHERS; do
+                            o_check_ciphersuite "$i"
                             run_client mbedTLS $i
                         done
                         stop_server
@@ -1381,6 +1397,7 @@ for MODE in $MODES; do
                     if [ "X" != "X$O_CIPHERS" ]; then
                         start_server "mbedTLS"
                         for i in $O_CIPHERS; do
+                            o_check_ciphersuite "$i"
                             run_client OpenSSL $i
                         done
                         stop_server