mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 22:10:49 +02:00
5f755f6bd5
Correct the logic for checking if the client and server examples are compiled in the test scripts. The previous logic was inverted, causing the tests to always skip if the examples *were* compiled.
106 lines
3.2 KiB
Bash
Executable File
106 lines
3.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# rsapss.test
|
|
|
|
[ ! -x ./examples/client/client ] && printf '\n\n%s\n' "Client doesn't exist" \
|
|
&& exit 1
|
|
|
|
if ./examples/client/client -? 2>&1 | grep "Client not compiled in!" ; then
|
|
echo 'skipping rsapss.test because client not compiled in.' 1>&2
|
|
exit 77
|
|
fi
|
|
|
|
if ./examples/server/server -? 2>&1 | grep "Server not compiled in!" ; then
|
|
echo 'skipping rsapss.test because server not compiled in.' 1>&2
|
|
exit 77
|
|
fi
|
|
|
|
if ! ./examples/client/client -V | grep -q 4; then
|
|
echo "skipping because TLS 1.3 not enabled in this build"
|
|
exit 0
|
|
fi
|
|
if ! grep -q -- -DWC_RSA_PSS config.log 2>/dev/null; then
|
|
echo "skipping because WC_RSA_PSS not enabled in this build"
|
|
exit 0
|
|
fi
|
|
if ! grep -q -- '-DHAVE_ECC\>' config.log 2>/dev/null; then
|
|
echo "skipping because HAVE_ECC not enabled in this build"
|
|
exit 0
|
|
fi
|
|
if grep -q -- '-DNO_CODING' config.log 2>/dev/null; then
|
|
echo "skipping because NO_CODING is defined in this build"
|
|
exit 0
|
|
fi
|
|
|
|
CERT_DIR="$PWD/$(dirname "$0")/../certs"
|
|
if [ "$OPENSSL" = "" ]; then
|
|
OPENSSL=openssl
|
|
fi
|
|
|
|
# if we can, isolate the network namespace to eliminate port collisions.
|
|
if [[ -n "$NETWORK_UNSHARE_HELPER" ]]; then
|
|
if [[ -z "$NETWORK_UNSHARE_HELPER_CALLED" ]]; then
|
|
export NETWORK_UNSHARE_HELPER_CALLED=yes
|
|
exec "$NETWORK_UNSHARE_HELPER" "$0" "$@" || exit $?
|
|
fi
|
|
elif [ "${AM_BWRAPPED-}" != "yes" ]; then
|
|
bwrap_path="$(command -v bwrap)"
|
|
if [ -n "$bwrap_path" ]; then
|
|
export AM_BWRAPPED=yes
|
|
exec "$bwrap_path" --unshare-net --dev-bind / / "$0" "$@"
|
|
fi
|
|
unset AM_BWRAPPED
|
|
fi
|
|
|
|
# need a unique port since may run the same time as testsuite
|
|
generate_port() {
|
|
#-------------------------------------------------------------------------#
|
|
# Generate a random port number
|
|
#-------------------------------------------------------------------------#
|
|
|
|
if [[ "$OSTYPE" == "linux"* ]]; then
|
|
port=$(($(od -An -N2 /dev/urandom) % (65535-49512) + 49512))
|
|
elif [[ "$OSTYPE" == "darwin"* ]]; then
|
|
port=$(($(od -An -N2 /dev/random) % (65535-49512) + 49512))
|
|
else
|
|
echo "skipping due to unsupported OS"
|
|
exit 0
|
|
fi
|
|
}
|
|
|
|
WOLFSSL_SERVER=./examples/server/server
|
|
|
|
start_wolfssl_server() {
|
|
generate_port
|
|
server_port=$port
|
|
$WOLFSSL_SERVER -p $server_port -v 4 -c $CERT_DIR/rsapss/server-rsapss.pem -k $CERT_DIR/rsapss/server-rsapss-priv.pem -A $CERT_DIR/rsapss/root-rsapss.pem -d &
|
|
}
|
|
|
|
#
|
|
# Run OpenSSL client against wolfSSL server
|
|
#
|
|
do_openssl_client() {
|
|
echo "test connection" | $OPENSSL s_client -connect 127.0.0.1:$server_port -cert $CERT_DIR/rsapss/client-rsapss.pem -key $CERT_DIR/rsapss/client-rsapss-priv.pem -CAfile $CERT_DIR/rsapss/root-rsapss.pem > rsapss.test.log
|
|
result=$?
|
|
cat rsapss.test.log
|
|
if [ $result != 0 ]
|
|
then
|
|
echo "$OPENSSL s_client command failed"
|
|
exit 1
|
|
fi
|
|
grep -q "Peer signature type:.*rsa_pss_rsae_sha256" rsapss.test.log
|
|
result=$?
|
|
rm -f rsapss.test.log
|
|
if [ $result == 0 ]
|
|
then
|
|
echo "Test failed: Peer signature type identified as rsa_pss_rsae_sha256"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
start_wolfssl_server
|
|
sleep 1
|
|
do_openssl_client
|
|
echo -e "\nSuccess!\n\n"
|
|
exit 0
|