mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-27 06:41:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

compat.sh: skip static ECDH cases if unsupported in openssl

Browse Source 
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv 2023-02-20 18:05:21 +08:00
parent d3d8c852a0
commit 1c0e4c013a
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
tests/compat.sh
View File

@ -534,6 +534,15 @@ add_mbedtls_ciphersuites()
esac esac
} }
# o_check_ciphersuite STANDARD_CIPHER_SUITE
o_check_ciphersuite()
{
if [ "${1#*ECDH_ECDSA*}" != "$1" ] && \
[ "X${O_SUPPORT_ECDH}" = "XNO" ]; then
SKIP_NEXT="YES"
fi
}
setup_arguments() setup_arguments()
{ {
O_MODE="" O_MODE=""
@ -603,6 +612,11 @@ setup_arguments()
;; ;;
esac esac
case $($OPENSSL ciphers ALL) in
*ECDH-ECDSA*) O_SUPPORT_ECDH="YES";;
*)O_SUPPORT_ECDH="NO";;
esac
if [ "X$VERIFY" = "XYES" ]; if [ "X$VERIFY" = "XYES" ];
then then
M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@ -1033,6 +1047,7 @@ for MODE in $MODES; do
start_server "OpenSSL" start_server "OpenSSL"
translate_ciphers m $M_CIPHERS translate_ciphers m $M_CIPHERS
for i in $ciphers; do for i in $ciphers; do
o_check_ciphersuite "$i"
run_client mbedTLS ${i%%=*} ${i#*=} run_client mbedTLS ${i%%=*} ${i#*=}
done done
stop_server stop_server