cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-08-22 04:23:07 -04:00
Code Issues Packages Projects Releases Wiki Activity

compat.sh: skip static ECDH cases if unsupported in openssl

Browse Source 
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv 2023-02-20 18:05:21 +08:00
parent 4dcc08c244
commit 02a76a507b
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
tests/compat.sh
View File

@ -861,6 +861,16 @@ add_mbedtls_ciphersuites()
esac esac
} }
# o_check_ciphersuite CIPHER_SUITE_NAME
o_check_ciphersuite()
{
if [ "${O_SUPPORT_ECDH}" = "NO" ]; then
case "$1" in
*ECDH-*) SKIP_NEXT="YES"
esac
fi
}
setup_arguments() setup_arguments()
{ {
O_MODE="" O_MODE=""
@ -947,6 +957,11 @@ setup_arguments()
;; ;;
esac esac
case $($OPENSSL ciphers ALL) in
*ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";;
*) O_SUPPORT_ECDH="NO";;
esac
if [ "X$VERIFY" = "XYES" ]; if [ "X$VERIFY" = "XYES" ];
then then
M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@ -1373,6 +1388,7 @@ for MODE in $MODES; do
if [ "X" != "X$M_CIPHERS" ]; then if [ "X" != "X$M_CIPHERS" ]; then
start_server "OpenSSL" start_server "OpenSSL"
for i in $M_CIPHERS; do for i in $M_CIPHERS; do
o_check_ciphersuite "$i"
run_client mbedTLS $i run_client mbedTLS $i
done done
stop_server stop_server
@ -1381,6 +1397,7 @@ for MODE in $MODES; do
if [ "X" != "X$O_CIPHERS" ]; then if [ "X" != "X$O_CIPHERS" ]; then
start_server "mbedTLS" start_server "mbedTLS"
for i in $O_CIPHERS; do for i in $O_CIPHERS; do
o_check_ciphersuite "$i"
run_client OpenSSL $i run_client OpenSSL $i
done done
stop_server stop_server