wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

do not do resume with new test case

Browse Source 
add wolfssl_no_resume flag to openssl.test

check for version of openssl testing against

check if RSA is supported for test case

guard on test case for TLS versions supported
This commit is contained in:
JacobBarthelmeh
2024-12-24 10:09:48 -07:00
parent 3aa2881cd4
commit 1ae0f7c66f
1 changed files with 57 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
scripts/openssl.test
View File

@ -64,6 +64,7 @@ anon_wolfssl_pid=$no_pid
wolf_cases_tested=0 wolf_cases_tested=0
wolf_cases_total=0 wolf_cases_total=0
counter=0 counter=0
wolfssl_no_resume=""
testing_summary="OpenSSL Interop Testing Summary:\nVersion\tTested\t#Found\t#wolf\t#Found\t#OpenSSL\n" testing_summary="OpenSSL Interop Testing Summary:\nVersion\tTested\t#Found\t#wolf\t#Found\t#OpenSSL\n"
versionName="Invalid" versionName="Invalid"
if [ "$OPENSSL" = "" ]; then if [ "$OPENSSL" = "" ]; then
@ -328,6 +329,10 @@ do_wolfssl_client() {
then then
wolfssl_resume= wolfssl_resume=
fi fi
if [ "$wolfssl_no_resume" = "yes" ]
then
wolfssl_resume=
fi
if [ "$version" != "5" -a "$version" != "" ] if [ "$version" != "5" -a "$version" != "" ]
then then
echo "#" echo "#"
@ -516,6 +521,19 @@ then
if [ "$wolf_rsa" != "" ]; then if [ "$wolf_rsa" != "" ]; then
echo "wolfSSL supports RSA" echo "wolfSSL supports RSA"
fi fi
# Check if RSA-PSS certificates supported in wolfSSL
wolf_rsapss=`$WOLFSSL_CLIENT -A "${CERT_DIR}/rsapss/ca-rsapss.pem" 2>&1`
case $wolf_rsapss in
*"ca file"*)
echo "wolfSSL does not support RSA-PSS"
wolf_rsapss=""
;;
*)
;;
esac
if [ "$wolf_rsapss" != "" ]; then
echo "wolfSSL supports RSA-PSS"
fi
# Check if ECC certificates supported in wolfSSL # Check if ECC certificates supported in wolfSSL
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-ecc-cert.pem" 2>&1` wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-ecc-cert.pem" 2>&1`
case $wolf_ecc in case $wolf_ecc in
@ -1228,27 +1246,49 @@ do
done done
IFS="$OIFS" #restore separator IFS="$OIFS" #restore separator
# Test for RSA-PSS certs # Skip RSA-PSS interop test when RSA-PSS is not supported
echo -e "Doing interop RSA-PSS test" if [ "$wolf_rsapss" != "" ]
then
# Test for RSA-PSS certs interop
# Was running into alert sent by openssl server with version 1.1.1 released
# in Sep 2018. To avoid this issue check that openssl version 3.0.0 or later
# is used.
key_file=${CERT_DIR}/rsapss/server-rsapss-priv.pem $OPENSSL version | awk '{print $2}' | \
cert_file=${CERT_DIR}/rsapss/server-rsapss.pem awk -F. '{if ($1 >= 3) exit 1; else exit 0;}'
ca_file=${CERT_DIR}/client-cert.pem RESULT=$?
openssl_suite="RSAPSS" if [ "$RESULT" = "0" ]; then
start_openssl_server echo -e "Old version of openssl detected, skipping interop RSA-PSS test"
else
echo -e "Doing interop RSA-PSS test"
cert="${CERT_DIR}/client-cert.pem" key_file=${CERT_DIR}/rsapss/server-rsapss-priv.pem
key="${CERT_DIR}/client-key.pem" cert_file=${CERT_DIR}/rsapss/server-rsapss.pem
caCert="${CERT_DIR}/rsapss/ca-rsapss.pem" ca_file=${CERT_DIR}/client-cert.pem
crl="-C" openssl_suite="RSAPSS"
wolfSuite="ALL" start_openssl_server
version="4"
port=$server_port
do_wolfssl_client
version="3" cert="${CERT_DIR}/client-cert.pem"
do_wolfssl_client key="${CERT_DIR}/client-key.pem"
caCert="${CERT_DIR}/rsapss/ca-rsapss.pem"
crl="-C"
wolfSuite="ALL"
wolfssl_no_resume="yes"
port=$server_port
if [ "$wolf_tls13" != "" ]
then
version="4"
do_wolfssl_client
fi
if [ "$wolf_tls" != "" ]
then
version="3"
do_wolfssl_client
fi
fi
fi
do_cleanup do_cleanup
echo -e "wolfSSL total cases $wolf_cases_total" echo -e "wolfSSL total cases $wolf_cases_total"