feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Add CID interop with mbedtls

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2024-12-03 11:49:40 +01:00
parent 0e8320347c
commit 0961be7711
3 changed files with 165 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/hostap-vm.yml vendored
View File

@@ -13,7 +13,7 @@ concurrency:
# END OF COMMON SECTION # END OF COMMON SECTION
env: env:
LINUX_REF: v6.6 LINUX_REF: v6.12
jobs: jobs:
build_wolfssl: build_wolfssl:
@@ -91,6 +91,7 @@ jobs:
with: with:
repository: torvalds/linux repository: torvalds/linux
path: linux path: linux
ref: ${{ env.LINUX_REF }}
- name: Compile linux - name: Compile linux
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
@@ -141,7 +142,6 @@ jobs:
build_id: hostap-vm-build2 build_id: hostap-vm-build2
} }
name: hwsim test name: hwsim test
# For openssl 1.1
if: github.repository_owner == 'wolfssl' if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest runs-on: ubuntu-latest
# This should be a safe limit for the tests to run. # This should be a safe limit for the tests to run.

77
.github/workflows/mbedtls.sh vendored Normal file
View File

@@ -0,0 +1,77 @@
set -e
set -x
# Basic TLS test
./mbedtls/build/programs/ssl/ssl_server2 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
./mbedtls/build/programs/ssl/ssl_client2 # Confirm working with mbed
env -C wolfssl ./examples/client/client -p 4433 -g \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
kill $SERVER_PID
sleep 0.1
env -C wolfssl ./examples/server/server -p 4433 -i -g \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/server2-sha256.crt \
-k ../mbedtls/framework/data_files/server2.key.pem 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
./mbedtls/build/programs/ssl/ssl_client2
env -C wolfssl ./examples/client/client -p 4433 -g \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
kill $SERVER_PID
sleep 0.1
# Basic DTLS test
./mbedtls/build/programs/ssl/ssl_server2 dtls=1 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
./mbedtls/build/programs/ssl/ssl_client2 dtls=1 # Confirm working with mbed
env -C wolfssl ./examples/client/client -p 4433 -g -u \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
kill $SERVER_PID
sleep 0.1
env -C wolfssl ./examples/server/server -p 4433 -i -g -u \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/server2-sha256.crt \
-k ../mbedtls/framework/data_files/server2.key.pem 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
env -C wolfssl ./examples/client/client -p 4433 -g -u \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
./mbedtls/build/programs/ssl/ssl_client2 dtls=1
kill $SERVER_PID
sleep 0.1
# DTLS 1.2 CID test
./mbedtls/build/programs/ssl/ssl_server2 dtls=1 cid=1 cid_val=121212 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
./mbedtls/build/programs/ssl/ssl_client2 dtls=1 cid=1 cid_val=232323 # Confirm working with mbed
env -C wolfssl ./examples/client/client -p 4433 -g -u --cid 232323 \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
kill $SERVER_PID
sleep 0.1
env -C wolfssl ./examples/server/server -p 4433 -i -g -u --cid 121212 \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/server2-sha256.crt \
-k ../mbedtls/framework/data_files/server2.key.pem 2>&1 > /tmp/server.log &
SERVER_PID=$!
sleep 0.1
./mbedtls/build/programs/ssl/ssl_client2 dtls=1 cid_val=232323
env -C wolfssl ./examples/client/client -p 4433 -g -u --cid 232323 \
-A ../mbedtls/framework/data_files/test-ca-sha256.crt \
-c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
-k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
kill $SERVER_PID
sleep 0.1

86
.github/workflows/mbedtls.yml vendored Normal file
View File

@@ -0,0 +1,86 @@
name: mbedtls interop Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
env:
MBED_REF: v3.6.2
jobs:
build_mbedtls:
name: Build mbedtls
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
- name: Checking if we have mbed in cache
uses: actions/cache@v4
id: cache
with:
path: mbedtls
key: ${{ env.MBED_REF }}
lookup-only: true
- name: Checkout mbedtls
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/checkout@v4
with:
repository: Mbed-TLS/mbedtls
ref: ${{ env.MBED_REF }}
path: mbedtls
- name: Compile mbedtls
if: steps.cache.outputs.cache-hit != 'true'
working-directory: mbedtls
run: |
git submodule update --init
mkdir build
cd build
cmake ..
make -j
# convert key to pem format
openssl pkey -in framework/data_files/cli-rsa-sha256.key.der -text > framework/data_files/cli-rsa-sha256.key.pem
openssl pkey -in framework/data_files/server2.key.der -text > framework/data_files/server2.key.pem
mbedtls_test:
name: Test interop with mbedtls
runs-on: ubuntu-latest
needs: build_mbedtls
timeout-minutes: 10
if: github.repository_owner == 'wolfssl'
steps:
- name: Disable IPv6 (IMPORTANT, OTHERWISE DTLS MBEDTLS CLIENT WON'T CONNECT)
run: echo 1 | sudo tee /proc/sys/net/ipv6/conf/lo/disable_ipv6
- name: Checking if we have mbed in cache
uses: actions/cache/restore@v4
id: cache
with:
path: mbedtls
key: ${{ env.MBED_REF }}
fail-on-cache-miss: true
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-dtls --enable-dtlscid
install: false
check: false
- name: Test interop
run: bash wolfssl/.github/workflows/mbedtls.sh
- name: print server logs
if: ${{ failure() }}
run: cat /tmp/server.log