TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 1b31d7fd973cb00a1eee0d68cf2b0e64e31b4293 / . / tests / compat.sh
blob: 0c17b8f0f21357b37ad4f2048fe278768d67d11f [file] [log] [blame]
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]1#!/bin/bash
2
Paul Bakker645ce3a2012-10-31 12:32:41 +0000[diff] [blame]3killall -q openssl ssl_server ssl_server2
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]4
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]5let "tests = 0"
6let "failed = 0"
7let "skipped = 0"
8
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]9MODES="ssl3 tls1 tls1_1 tls1_2"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]10VERIFIES="NO YES"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame]11TYPES="ECDSA RSA PSK"
Paul Bakker0c93d122012-09-13 14:26:09 +0000[diff] [blame]12OPENSSL=openssl
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]13FILTER=""
14VERBOSE=""
15
16# Parse arguments
17#
18until [ -z "$1" ]
19do
20 case "$1" in
21 -f|--filter)
22 # Filter ciphersuites
23 shift
24 FILTER=$1
25 ;;
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]26 -m|--modes)
27 # Perform modes
28 shift
29 MODES=$1
30 ;;
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]31 -t|--types)
32 # Key exchange types
33 shift
34 TYPES=$1
35 ;;
36 -V|--verify)
37 # Verifiction modes
38 shift
39 VERIFIES=$1
40 ;;
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]41 -v|--verbose)
42 # Set verbosity
43 shift
44 VERBOSE=1
45 ;;
46 -h|--help)
47 # print help
48 echo "Usage: $0"
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]49 echo -e " -f|--filter\tFilter ciphersuites to test (Default: all)"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]50 echo -e " -h|--help\t\tPrint this help."
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]51 echo -e " -m|--modes\tWhich modes to perform (Default: \"ssl3 tls1 tls1_1 tls1_2\")"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame]52 echo -e " -t|--types\tWhich key exchange type to perform (Default: \"ECDSA RSA PSK\")"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]53 echo -e " -V|--verify\tWhich verification modes to perform (Default: \"NO YES\")"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]54 echo -e " -v|--verbose\t\tSet verbose output."
55 exit 1
56 ;;
57 *)
58 # print error
59 echo "Unknown argument: '$1'"
60 exit 1
61 ;;
62 esac
63 shift
64done
65
66log () {
67 if [ "X" != "X$VERBOSE" ]; then
68 echo "$@"
69 fi
70}
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]71
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]72filter()
73{
74 LIST=$1
75 FILTER=$2
76
77 NEW_LIST=""
78
79 for i in $LIST;
80 do
81 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" )"
82 done
83
84 echo "$NEW_LIST"
85}
86
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]87setup_ciphersuites()
88{
89 P_CIPHERS=""
90 O_CIPHERS=""
91
92 case $TYPE in
93
94 "ECDSA")
95 if [ "$MODE" != "ssl3" ];
96 then
97 P_CIPHERS="$P_CIPHERS \
98 TLS-ECDHE-ECDSA-WITH-NULL-SHA \
99 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
100 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
101 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
102 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
103 TLS-ECDH-ECDSA-WITH-NULL-SHA \
104 TLS-ECDH-ECDSA-WITH-RC4-128-SHA \
105 TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
106 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
107 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
108 "
109 O_CIPHERS="$O_CIPHERS \
110 ECDHE-ECDSA-NULL-SHA \
111 ECDHE-ECDSA-RC4-SHA \
112 ECDHE-ECDSA-DES-CBC3-SHA \
113 ECDHE-ECDSA-AES128-SHA \
114 ECDHE-ECDSA-AES256-SHA \
115 ECDH-ECDSA-NULL-SHA \
116 ECDH-ECDSA-RC4-SHA \
117 ECDH-ECDSA-DES-CBC3-SHA \
118 ECDH-ECDSA-AES128-SHA \
119 ECDH-ECDSA-AES256-SHA \
120 "
121 fi
122 if [ "$MODE" = "tls1_2" ];
123 then
124 P_CIPHERS="$P_CIPHERS \
125 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
126 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
127 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
128 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
129 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
130 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
131 TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
132 TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
133 "
134 O_CIPHERS="$O_CIPHERS \
135 ECDHE-ECDSA-AES128-SHA256 \
136 ECDHE-ECDSA-AES256-SHA384 \
137 ECDHE-ECDSA-AES128-GCM-SHA256 \
138 ECDHE-ECDSA-AES256-GCM-SHA384 \
139 ECDH-ECDSA-AES128-SHA256 \
140 ECDH-ECDSA-AES256-SHA384 \
141 ECDH-ECDSA-AES128-GCM-SHA256 \
142 ECDH-ECDSA-AES256-GCM-SHA384 \
143 "
144 fi
145 ;;
146
147 "RSA")
148 P_CIPHERS="$P_CIPHERS \
149 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
150 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
151 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
152 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
153 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
154 TLS-RSA-WITH-AES-256-CBC-SHA \
155 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
156 TLS-RSA-WITH-AES-128-CBC-SHA \
157 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
158 TLS-RSA-WITH-3DES-EDE-CBC-SHA \
159 TLS-RSA-WITH-RC4-128-SHA \
160 TLS-RSA-WITH-RC4-128-MD5 \
161 TLS-RSA-WITH-NULL-MD5 \
162 TLS-RSA-WITH-NULL-SHA \
163 TLS-RSA-WITH-DES-CBC-SHA \
164 TLS-DHE-RSA-WITH-DES-CBC-SHA \
165 "
166 O_CIPHERS="$O_CIPHERS \
167 DHE-RSA-AES128-SHA \
168 DHE-RSA-AES256-SHA \
169 DHE-RSA-CAMELLIA128-SHA \
170 DHE-RSA-CAMELLIA256-SHA \
171 EDH-RSA-DES-CBC3-SHA \
172 AES256-SHA \
173 CAMELLIA256-SHA \
174 AES128-SHA \
175 CAMELLIA128-SHA \
176 DES-CBC3-SHA \
177 RC4-SHA \
178 RC4-MD5 \
179 NULL-MD5 \
180 NULL-SHA \
181 DES-CBC-SHA \
182 EDH-RSA-DES-CBC-SHA \
183 "
184 if [ "$MODE" != "ssl3" ];
185 then
186 P_CIPHERS="$P_CIPHERS \
187 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
188 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
189 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
190 TLS-ECDHE-RSA-WITH-RC4-128-SHA \
191 TLS-ECDHE-RSA-WITH-NULL-SHA \
192 "
193 O_CIPHERS="$O_CIPHERS \
194 ECDHE-RSA-AES256-SHA \
195 ECDHE-RSA-AES128-SHA \
196 ECDHE-RSA-DES-CBC3-SHA \
197 ECDHE-RSA-RC4-SHA \
198 ECDHE-RSA-NULL-SHA \
199 "
200 fi
201 if [ "$MODE" = "tls1_2" ];
202 then
203 P_CIPHERS="$P_CIPHERS \
204 TLS-RSA-WITH-NULL-SHA256 \
205 TLS-RSA-WITH-AES-128-CBC-SHA256 \
206 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
207 TLS-RSA-WITH-AES-256-CBC-SHA256 \
208 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
209 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
210 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
211 TLS-RSA-WITH-AES-128-GCM-SHA256 \
212 TLS-RSA-WITH-AES-256-GCM-SHA384 \
213 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
214 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
215 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
216 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
217 "
218 O_CIPHERS="$O_CIPHERS \
219 NULL-SHA256 \
220 AES128-SHA256 \
221 DHE-RSA-AES128-SHA256 \
222 AES256-SHA256 \
223 DHE-RSA-AES256-SHA256 \
224 ECDHE-RSA-AES128-SHA256 \
225 ECDHE-RSA-AES256-SHA384 \
226 AES128-GCM-SHA256 \
227 DHE-RSA-AES128-GCM-SHA256 \
228 AES256-GCM-SHA384 \
229 DHE-RSA-AES256-GCM-SHA384 \
230 ECDHE-RSA-AES128-GCM-SHA256 \
231 ECDHE-RSA-AES256-GCM-SHA384 \
232 "
233 fi
234 ;;
235
236 "PSK")
237 P_CIPHERS="$P_CIPHERS \
238 TLS-PSK-WITH-RC4-128-SHA \
239 TLS-PSK-WITH-3DES-EDE-CBC-SHA \
240 TLS-PSK-WITH-AES-128-CBC-SHA \
241 TLS-PSK-WITH-AES-256-CBC-SHA \
242 "
243 O_CIPHERS="$O_CIPHERS \
244 PSK-RC4-SHA \
245 PSK-3DES-EDE-CBC-SHA \
246 PSK-AES128-CBC-SHA \
247 PSK-AES256-CBC-SHA \
248 "
249 ;;
250 esac
251
252 # Filter ciphersuites
253 if [ "X" != "X$FILTER" ];
254 then
255 O_CIPHERS=$( filter "$O_CIPHERS" "$FILTER" )
256 P_CIPHERS=$( filter "$P_CIPHERS" "$FILTER" )
257 fi
258
259}
260
261add_polarssl_ciphersuites()
262{
263 ADD_CIPHERS=""
264
265 case $TYPE in
266
267 "ECDSA")
268 if [ "$MODE" != "ssl3" ];
269 then
270 ADD_CIPHERS="$ADD_CIPHERS \
271 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
272 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
273 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
274 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
275 "
276 fi
277 if [ "$MODE" = "tls1_2" ];
278 then
279 ADD_CIPHERS="$ADD_CIPHERS \
280 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
281 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
282 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
283 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
284 "
285 fi
286 ;;
287
288 "RSA")
289 if [ "$MODE" != "ssl3" ];
290 then
291 ADD_CIPHERS="$ADD_CIPHERS \
292 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
293 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
294 "
295 fi
296 if [ "$MODE" = "tls1_2" ];
297 then
298 ADD_CIPHERS="$ADD_CIPHERS \
299 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
300 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
301 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
302 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
303 TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
304 TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
305 TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
306 TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
307 TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
308 TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
309 "
310 fi
311 ;;
312
313 "PSK")
314 ADD_CIPHERS="$ADD_CIPHERS \
315 TLS-DHE-PSK-WITH-RC4-128-SHA \
316 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
317 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
318 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
319 TLS-DHE-PSK-WITH-NULL-SHA \
320 TLS-PSK-WITH-NULL-SHA \
321 TLS-RSA-PSK-WITH-RC4-128-SHA \
322 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
323 TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
324 TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
325 TLS-RSA-WITH-NULL-SHA \
326 TLS-RSA-WITH-NULL-MD5 \
327 TLS-PSK-WITH-AES-128-CBC-SHA256 \
328 TLS-PSK-WITH-AES-256-CBC-SHA384 \
329 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
330 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
331 TLS-PSK-WITH-NULL-SHA256 \
332 TLS-PSK-WITH-NULL-SHA384 \
333 TLS-DHE-PSK-WITH-NULL-SHA256 \
334 TLS-DHE-PSK-WITH-NULL-SHA384 \
335 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
336 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
337 TLS-RSA-PSK-WITH-NULL-SHA256 \
338 TLS-RSA-PSK-WITH-NULL-SHA384 \
339 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
340 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
341 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
342 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
343 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
344 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
345 "
346 if [ "$MODE" != "ssl3" ];
347 then
348 ADD_CIPHERS="$ADD_CIPHERS \
349 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
350 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
351 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
352 TLS-ECDHE-PSK-WITH-RC4-128-SHA \
353 TLS-ECDHE-PSK-WITH-NULL-SHA \
354 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
355 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
356 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
357 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
358 TLS-ECDHE-PSK-WITH-NULL-SHA384 \
359 TLS-ECDHE-PSK-WITH-NULL-SHA256 \
360 "
361 fi
362 if [ "$MODE" = "tls1_2" ];
363 then
364 ADD_CIPHERS="$ADD_CIPHERS \
365 TLS-PSK-WITH-AES-128-GCM-SHA256 \
366 TLS-PSK-WITH-AES-256-GCM-SHA384 \
367 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
368 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
369 TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
370 TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
371 TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
372 TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
373 TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
374 TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
375 TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
376 TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
377 TLS-RSA-WITH-NULL-SHA256 \
378 "
379 fi
380 ;;
381 esac
382
383 # Filter new ciphersuites and add them
384 if [ "X" != "X$FILTER" ];
385 then
386 ADD_CIPHERS=$( filter "$ADD_CIPHERS" "$FILTER" )
387 fi
388 P_CIPHERS="$P_CIPHERS $ADD_CIPHERS"
389}
390
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]391setup_arguments()
392{
393 if [ "X$VERIFY" = "XYES" ];
394 then
395 P_SERVER_BASE="ca_file=data_files/test-ca_cat12.crt auth_mode=required"
396 P_CLIENT_BASE="ca_file=data_files/test-ca_cat12.crt"
397 O_SERVER_BASE="-CAfile data_files/test-ca_cat12.crt -Verify 10"
398 O_CLIENT_BASE="-CAfile data_files/test-ca_cat12.crt"
399 else
400 P_SERVER_BASE=""
401 P_CLIENT_BASE=""
402 O_SERVER_BASE=""
403 O_CLIENT_BASE=""
404 fi
405
406 case $TYPE in
407 "ECDSA")
408 P_SERVER_ARGS="$P_SERVER_BASE crt_file=data_files/server5.crt key_file=data_files/server5.key"
409 P_CLIENT_ARGS="$P_CLIENT_BASE crt_file=data_files/server6.crt key_file=data_files/server6.key"
410 O_SERVER_ARGS="$O_SERVER_BASE -cert data_files/server5.crt -key data_files/server5.key"
411 O_CLIENT_ARGS="$O_CLIENT_BASE -cert data_files/server6.crt -key data_files/server6.key"
412 ;;
413
414 "RSA")
415 P_SERVER_ARGS="$P_SERVER_BASE crt_file=data_files/server1.crt key_file=data_files/server1.key"
416 P_CLIENT_ARGS="$P_CLIENT_BASE crt_file=data_files/server2.crt key_file=data_files/server2.key"
417 O_SERVER_ARGS="$O_SERVER_BASE -cert data_files/server1.crt -key data_files/server1.key"
418 O_CLIENT_ARGS="$O_CLIENT_BASE -cert data_files/server2.crt -key data_files/server2.key"
419 ;;
420
421 "PSK")
422 P_SERVER_ARGS="$P_SERVER_BASE psk=6162636465666768696a6b6c6d6e6f70"
423 P_CLIENT_ARGS="$P_CLIENT_BASE psk=6162636465666768696a6b6c6d6e6f70"
424 # openssl s_server won't start without certificates...
425 O_SERVER_ARGS="$O_SERVER_BASE -psk 6162636465666768696a6b6c6d6e6f70 -cert data_files/server1.crt -key data_files/server1.key"
426 O_CLIENT_ARGS="$O_CLIENT_BASE -psk 6162636465666768696a6b6c6d6e6f70"
427 ;;
428 esac
429}
430
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]431for VERIFY in $VERIFIES;
432do
Paul Bakker7e5e7ca2013-04-17 19:27:58 +0200[diff] [blame]433
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]434for MODE in $MODES;
435do
Manuel Pégourié-Gonnardd3313192013-09-13 19:20:37 +0200[diff] [blame]436
437# avoid an avalanche of errors due to typos
438case $MODE in
439 ssl3|tls1|tls1_1|tls1_2)
440 ;;
441 *)
442 echo "error: invalid mode: $MODE" >&2
443 exit 1;
444esac
445
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]446echo "-----------"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]447echo "Running for $MODE (Verify: $VERIFY)"
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]448echo "-----------"
449
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]450for TYPE in $TYPES;
451do
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]452
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]453setup_arguments
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]454setup_ciphersuites
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]455
Manuel Pégourié-Gonnard452f6ba2013-12-17 11:06:50 +0100[diff] [blame]456log "$OPENSSL s_server -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE"
457$OPENSSL s_server -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE >/dev/null 2>&1 &
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]458PROCESS_ID=$!
459
460sleep 1
461
462for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]463do
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]464 let "tests++"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]465 log "../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]466 RESULT="$( ../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]467 EXIT=$?
468 echo -n "OpenSSL Server - PolarSSL Client - $i : $EXIT - "
469 if [ "$EXIT" = "2" ];
470 then
471 echo Ciphersuite not supported in client
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]472 let "skipped++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]473 elif [ "$EXIT" != "0" ];
474 then
475 echo Failed
Manuel Pégourié-Gonnard452f6ba2013-12-17 11:06:50 +0100[diff] [blame]476 echo "$OPENSSL s_server -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE"
477 echo "ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]478 echo $RESULT
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]479 let "failed++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]480 else
481 echo Success
482 fi
483done
Paul Bakkerfe40f482013-12-19 17:47:24 +0100[diff] [blame]484kill $PROCESS_ID 2>/dev/null
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]485wait $PROCESS_ID 2>/dev/null
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]486
Manuel Pégourié-Gonnardc9baa872013-12-17 14:10:58 +0100[diff] [blame]487log "../programs/ssl/ssl_server2 server_addr=0.0.0.0 $P_SERVER_ARGS force_version=$MODE > /dev/null"
488../programs/ssl/ssl_server2 server_addr=0.0.0.0 $P_SERVER_ARGS force_version=$MODE > /dev/null &
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]489PROCESS_ID=$!
490
491sleep 1
492
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]493for i in $O_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]494do
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]495 let "tests++"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]496 log "$OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]497 RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS 2>&1 )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]498 EXIT=$?
499 echo -n "PolarSSL Server - OpenSSL Client - $i : $EXIT - "
500
501 if [ "$EXIT" != "0" ];
502 then
503 SUPPORTED="$( echo $RESULT | grep 'Cipher is (NONE)' )"
504 if [ "X$SUPPORTED" != "X" ]
505 then
506 echo "Ciphersuite not supported in server"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]507 let "skipped++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]508 else
509 echo Failed
Manuel Pégourié-Gonnard452f6ba2013-12-17 11:06:50 +0100[diff] [blame]510 echo "ssl_server2 $P_SERVER_ARGS force_version=$MODE"
511 echo "$OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]512 echo $RESULT
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]513 let "failed++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]514 fi
515 else
516 echo Success
517 fi
518done
519
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]520add_polarssl_ciphersuites
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]521
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]522for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]523do
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]524 let "tests++"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]525 log "../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]526 RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]527 EXIT=$?
528 echo -n "PolarSSL Server - PolarSSL Client - $i : $EXIT - "
529 if [ "$EXIT" = "2" ];
530 then
531 echo Ciphersuite not supported in client
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]532 let "skipped++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]533 elif [ "$EXIT" != "0" ];
534 then
535 echo Failed
Manuel Pégourié-Gonnard452f6ba2013-12-17 11:06:50 +0100[diff] [blame]536 echo "ssl_server2 $P_SERVER_ARGS"
537 echo "ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]538 echo $RESULT
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]539 let "failed++"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]540 else
541 echo Success
542 fi
543done
Paul Bakkerfe40f482013-12-19 17:47:24 +0100[diff] [blame]544kill $PROCESS_ID 2>/dev/null
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]545wait $PROCESS_ID 2>/dev/null
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]546
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]547done
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]548done
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]549done
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]550
551echo ""
552echo "-------------------------------------------------------------------------"
553echo ""
554
555if (( failed != 0 ));
556then
557 echo -n "FAILED"
558else
559 echo -n "PASSED"
560fi
561
562let "passed = tests - failed"
563echo " ($passed / $tests tests ($skipped skipped))"
564
565exit $failed