wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 18:22:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd99aa2f0ecfc424e734728fbf1d1139f7445aeb
wolfssl/scripts/rsapss.test

93 lines
2.8 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# rsapss.test
if ! ./examples/client/client -V | grep -q 4; then
echo "skipping because TLS 1.3 not enabled in this build"
exit 0
fi
if ! grep -q -- -DWC_RSA_PSS config.log 2>/dev/null; then
echo "skipping because WC_RSA_PSS not enabled in this build"
exit 0
fi
if ! grep -q -- '-DHAVE_ECC\>' config.log 2>/dev/null; then
echo "skipping because HAVE_ECC not enabled in this build"
exit 0
fi
if grep -q -- '-DNO_CODING' config.log 2>/dev/null; then
echo "skipping because NO_CODING is defined in this build"
exit 0
fi
CERT_DIR="$PWD/$(dirname "$0")/../certs"
if [ "$OPENSSL" = "" ]; then
OPENSSL=openssl
fi
# if we can, isolate the network namespace to eliminate port collisions.
if [[ -n "$NETWORK_UNSHARE_HELPER" ]]; then
if [[ -z "$NETWORK_UNSHARE_HELPER_CALLED" ]]; then
export NETWORK_UNSHARE_HELPER_CALLED=yes
exec "$NETWORK_UNSHARE_HELPER" "$0" "$@" || exit $?
fi
elif [ "${AM_BWRAPPED-}" != "yes" ]; then
bwrap_path="$(command -v bwrap)"
if [ -n "$bwrap_path" ]; then
export AM_BWRAPPED=yes
exec "$bwrap_path" --unshare-net --dev-bind / / "$0" "$@"
fi
unset AM_BWRAPPED
fi
# need a unique port since may run the same time as testsuite
generate_port() {
#-------------------------------------------------------------------------#
# Generate a random port number
#-------------------------------------------------------------------------#
if [[ "$OSTYPE" == "linux"* ]]; then
port=$(($(od -An -N2 /dev/urandom) % (65535-49512) + 49512))
elif [[ "$OSTYPE" == "darwin"* ]]; then
port=$(($(od -An -N2 /dev/random) % (65535-49512) + 49512))
else
echo "skipping due to unsupported OS"
exit 0
fi
}
WOLFSSL_SERVER=./examples/server/server
start_wolfssl_server() {
generate_port
server_port=$port
$WOLFSSL_SERVER -p $server_port -v 4 -c $CERT_DIR/rsapss/server-rsapss.pem -k $CERT_DIR/rsapss/server-rsapss-priv.pem -A $CERT_DIR/rsapss/root-rsapss.pem -d &
}
#
# Run OpenSSL client against wolfSSL server
#
do_openssl_client() {
echo "test connection" | $OPENSSL s_client -connect 127.0.0.1:$server_port -cert $CERT_DIR/rsapss/client-rsapss.pem -key $CERT_DIR/rsapss/client-rsapss-priv.pem -CAfile $CERT_DIR/rsapss/root-rsapss.pem > rsapss.test.log
result=$?
cat rsapss.test.log
if [ $result != 0 ]
then
echo "$OPENSSL s_client command failed"
exit 1
fi
grep -q "Peer signature type:.*rsa_pss_rsae_sha256" rsapss.test.log
result=$?
rm -f rsapss.test.log
if [ $result == 0 ]
then
echo "Test failed: Peer signature type identified as rsa_pss_rsae_sha256"
exit 1
fi
}
start_wolfssl_server
sleep 1
do_openssl_client
echo -e "\nSuccess!\n\n"
exit 0
Reference in New Issue View Git Blame Copy Permalink