compat.sh: skip static ECDH cases if unsupported in openssl
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
diff --git a/tests/compat.sh b/tests/compat.sh
index 8f7d72c..6c58a1b 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -534,6 +534,15 @@
esac
}
+# o_check_ciphersuite STANDARD_CIPHER_SUITE
+o_check_ciphersuite()
+{
+ if [ "${1#*ECDH_ECDSA*}" != "$1" ] && \
+ [ "X${O_SUPPORT_ECDH}" = "XNO" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
setup_arguments()
{
O_MODE=""
@@ -603,6 +612,11 @@
;;
esac
+ case $($OPENSSL ciphers ALL) in
+ *ECDH-ECDSA*) O_SUPPORT_ECDH="YES";;
+ *)O_SUPPORT_ECDH="NO";;
+ esac
+
if [ "X$VERIFY" = "XYES" ];
then
M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@@ -1033,6 +1047,7 @@
start_server "OpenSSL"
translate_ciphers m $M_CIPHERS
for i in $ciphers; do
+ o_check_ciphersuite "$i"
run_client mbedTLS ${i%%=*} ${i#*=}
done
stop_server