TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7ebaf376f90bb424d835aeda82411058da55c25f / . / tests / compat.sh
blob: 2a7ab88e0b99aa3a1f30ba5c91c3bed674334f56 [file] [log] [blame]
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]1#!/bin/bash
2
Paul Bakker645ce3a2012-10-31 12:32:41 +0000[diff] [blame]3killall -q openssl ssl_server ssl_server2
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]4
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]5MODES="ssl3 tls1 tls1_1 tls1_2"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]6VERIFIES="NO YES"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]7TYPES="ECDSA RSA PSK"
Paul Bakker0c93d122012-09-13 14:26:09 +0000[diff] [blame]8OPENSSL=openssl
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]9FILTER=""
10VERBOSE=""
11
12# Parse arguments
13#
14until [ -z "$1" ]
15do
16 case "$1" in
17 -f|--filter)
18 # Filter ciphersuites
19 shift
20 FILTER=$1
21 ;;
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]22 -m|--modes)
23 # Perform modes
24 shift
25 MODES=$1
26 ;;
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]27 -t|--types)
28 # Key exchange types
29 shift
30 TYPES=$1
31 ;;
32 -V|--verify)
33 # Verifiction modes
34 shift
35 VERIFIES=$1
36 ;;
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]37 -v|--verbose)
38 # Set verbosity
39 shift
40 VERBOSE=1
41 ;;
42 -h|--help)
43 # print help
44 echo "Usage: $0"
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]45 echo -e " -f|--filter\tFilter ciphersuites to test (Default: all)"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]46 echo -e " -h|--help\t\tPrint this help."
Paul Bakker524691c2013-07-25 17:01:20 +0200[diff] [blame]47 echo -e " -m|--modes\tWhich modes to perform (Default: \"ssl3 tls1 tls1_1 tls1_2\")"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]48 echo -e " -t|--types\tWhich key exchange type to perform (Default: \"ECDSA RSA PSK\")"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]49 echo -e " -V|--verify\tWhich verification modes to perform (Default: \"NO YES\")"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]50 echo -e " -v|--verbose\t\tSet verbose output."
51 exit 1
52 ;;
53 *)
54 # print error
55 echo "Unknown argument: '$1'"
56 exit 1
57 ;;
58 esac
59 shift
60done
61
62log () {
63 if [ "X" != "X$VERBOSE" ]; then
64 echo "$@"
65 fi
66}
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]67
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]68filter()
69{
70 LIST=$1
71 FILTER=$2
72
73 NEW_LIST=""
74
75 for i in $LIST;
76 do
77 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" )"
78 done
79
80 echo "$NEW_LIST"
81}
82
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]83for VERIFY in $VERIFIES;
84do
Paul Bakker7e5e7ca2013-04-17 19:27:58 +0200[diff] [blame]85
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]86if [ "X$VERIFY" = "XYES" ];
87then
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]88 P_SERVER_ARGS="ca_file=data_files/test-ca_cat12.crt auth_mode=required"
89 P_CLIENT_ARGS="ca_file=data_files/test-ca_cat12.crt"
90 O_SERVER_ARGS="-CAfile data_files/test-ca_cat12.crt -Verify 10"
91 O_CLIENT_ARGS="-CAfile data_files/test-ca_cat12.crt"
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]92else
93 P_SERVER_ARGS=""
94 P_CLIENT_ARGS=""
95 O_SERVER_ARGS=""
96 O_CLIENT_ARGS=""
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]97fi
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]98
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]99
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]100for MODE in $MODES;
101do
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]102echo "-----------"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]103echo "Running for $MODE (Verify: $VERIFY)"
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]104echo "-----------"
105
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]106for TYPE in $TYPES;
107do
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]108
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]109case $TYPE in
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]110
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]111 "ECDSA")
112
113 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
114 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
115 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
116 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
117
118 P_CIPHERS=" \
119 TLS-ECDHE-ECDSA-WITH-NULL-SHA \
120 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
121 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
122 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
123 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
124 "
125
126 O_CIPHERS=" \
127 ECDHE-ECDSA-NULL-SHA \
128 ECDHE-ECDSA-RC4-SHA \
129 ECDHE-ECDSA-DES-CBC3-SHA \
130 ECDHE-ECDSA-AES128-SHA \
131 ECDHE-ECDSA-AES256-SHA \
132 "
133
134 if [ "$MODE" = "tls1_2" ];
135 then
136 P_CIPHERS="$P_CIPHERS \
137 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
138 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
139 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
140 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
141 "
142
143 O_CIPHERS=" \
144 ECDHE-ECDSA-AES128-SHA256 \
145 ECDHE-ECDSA-AES256-SHA384 \
146 ECDHE-ECDSA-AES128-GCM-SHA256 \
147 ECDHE-ECDSA-AES256-GCM-SHA384 \
148 "
149 fi
150
151 ;;
152
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]153 "RSA")
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]154
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]155 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key"
156 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key"
157 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server1.crt -key data_files/server1.key"
158 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server2.crt -key data_files/server2.key"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]159
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]160 P_CIPHERS=" \
161 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
162 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
163 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
164 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
165 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
166 TLS-RSA-WITH-AES-256-CBC-SHA \
167 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
168 TLS-RSA-WITH-AES-128-CBC-SHA \
169 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
170 TLS-RSA-WITH-3DES-EDE-CBC-SHA \
171 TLS-RSA-WITH-RC4-128-SHA \
172 TLS-RSA-WITH-RC4-128-MD5 \
173 TLS-RSA-EXPORT-WITH-RC4-40-MD5 \
174 TLS-RSA-WITH-NULL-MD5 \
175 TLS-RSA-WITH-NULL-SHA \
176 TLS-RSA-WITH-DES-CBC-SHA \
177 TLS-DHE-RSA-WITH-DES-CBC-SHA \
178 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
179 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
180 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
181 TLS-ECDHE-RSA-WITH-RC4-128-SHA \
182 TLS-ECDHE-RSA-WITH-NULL-SHA \
183 "
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]184
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]185 O_CIPHERS=" \
186 DHE-RSA-AES128-SHA \
187 DHE-RSA-AES256-SHA \
188 DHE-RSA-CAMELLIA128-SHA \
189 DHE-RSA-CAMELLIA256-SHA \
190 EDH-RSA-DES-CBC3-SHA \
191 AES256-SHA \
192 CAMELLIA256-SHA \
193 AES128-SHA \
194 CAMELLIA128-SHA \
195 DES-CBC3-SHA \
196 RC4-SHA \
197 RC4-MD5 \
198 EXP-RC4-MD5 \
199 NULL-MD5 \
200 NULL-SHA \
201 DES-CBC-SHA \
202 EDH-RSA-DES-CBC-SHA \
203 ECDHE-RSA-AES256-SHA \
204 ECDHE-RSA-AES128-SHA \
205 ECDHE-RSA-DES-CBC3-SHA \
206 ECDHE-RSA-RC4-SHA \
207 ECDHE-RSA-NULL-SHA \
208 "
209
210 if [ "$MODE" = "tls1_2" ];
211 then
212 P_CIPHERS="$P_CIPHERS \
213 TLS-RSA-WITH-NULL-SHA256 \
214 TLS-RSA-WITH-AES-128-CBC-SHA256 \
215 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
216 TLS-RSA-WITH-AES-256-CBC-SHA256 \
217 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
218 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
219 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
220 TLS-RSA-WITH-AES-128-GCM-SHA256 \
221 TLS-RSA-WITH-AES-256-GCM-SHA384 \
222 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
223 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
224 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
225 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
226 "
227
228 O_CIPHERS="$O_CIPHERS \
229 NULL-SHA256 \
230 AES128-SHA256 \
231 DHE-RSA-AES128-SHA256 \
232 AES256-SHA256 \
233 DHE-RSA-AES256-SHA256 \
234 ECDHE-RSA-AES128-SHA256 \
235 ECDHE-RSA-AES256-SHA384 \
236 AES128-GCM-SHA256 \
237 DHE-RSA-AES128-GCM-SHA256 \
238 AES256-GCM-SHA384 \
239 DHE-RSA-AES256-GCM-SHA384 \
240 ECDHE-RSA-AES128-GCM-SHA256 \
241 ECDHE-RSA-AES256-GCM-SHA384 \
242 "
243 fi
244
245 ;;
246
247 "PSK")
248
249 P_SERVER_ARGS="$P_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70"
250 P_CLIENT_ARGS="$P_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70"
251 O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
252 O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
253
254 P_CIPHERS=" \
255 TLS-PSK-WITH-RC4-128-SHA \
256 TLS-PSK-WITH-3DES-EDE-CBC-SHA \
257 TLS-PSK-WITH-AES-128-CBC-SHA \
258 TLS-PSK-WITH-AES-256-CBC-SHA \
259 "
260
261 O_CIPHERS=" \
262 PSK-RC4-SHA \
263 PSK-3DES-EDE-CBC-SHA \
264 PSK-AES128-CBC-SHA \
265 PSK-AES256-CBC-SHA \
266 "
267
268 ;;
269
270esac
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]271
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]272# Filter ciphersuites
273if [ "X" != "X$FILTER" ];
274then
275 O_CIPHERS=$( filter "$O_CIPHERS" "$FILTER" )
276 P_CIPHERS=$( filter "$P_CIPHERS" "$FILTER" )
277fi
278
279
280log "$OPENSSL s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]281$OPENSSL s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE >/dev/null 2>&1 &
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]282PROCESS_ID=$!
283
284sleep 1
285
286for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]287do
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]288 log "../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]289 RESULT="$( ../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]290 EXIT=$?
291 echo -n "OpenSSL Server - PolarSSL Client - $i : $EXIT - "
292 if [ "$EXIT" = "2" ];
293 then
294 echo Ciphersuite not supported in client
295 elif [ "$EXIT" != "0" ];
296 then
297 echo Failed
298 echo $RESULT
299 else
300 echo Success
301 fi
302done
303kill $PROCESS_ID
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]304wait $PROCESS_ID 2>/dev/null
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]305
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]306log "../programs/ssl/ssl_server2 $P_SERVER_ARGS force_version=$MODE > /dev/null"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]307../programs/ssl/ssl_server2 $P_SERVER_ARGS force_version=$MODE > /dev/null &
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]308PROCESS_ID=$!
309
310sleep 1
311
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]312for i in $O_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]313do
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]314 log "$OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]315 RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS 2>&1 )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]316 EXIT=$?
317 echo -n "PolarSSL Server - OpenSSL Client - $i : $EXIT - "
318
319 if [ "$EXIT" != "0" ];
320 then
321 SUPPORTED="$( echo $RESULT | grep 'Cipher is (NONE)' )"
322 if [ "X$SUPPORTED" != "X" ]
323 then
324 echo "Ciphersuite not supported in server"
325 else
326 echo Failed
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]327 echo ../programs/ssl/ssl_server2 $P_SERVER_ARGS
328 echo $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]329 echo $RESULT
330 fi
331 else
332 echo Success
333 fi
334done
335
336kill $PROCESS_ID
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]337wait $PROCESS_ID 2>/dev/null
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]338
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]339log "../programs/ssl/ssl_server2 $P_SERVER_ARGS force_version=$MODE"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]340../programs/ssl/ssl_server2 $P_SERVER_ARGS force_version=$MODE > /dev/null &
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]341PROCESS_ID=$!
342
343sleep 1
344
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]345# Add ciphersuites supported by PolarSSL only
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]346
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]347case $TYPE in
348
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]349 "ECDSA")
350
351 if [ "$MODE" = "tls1_2" ];
352 then
353 P_CIPHERS="$P_CIPHERS \
354 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
355 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
356 "
357 fi
358
359 ;;
360
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]361 "RSA")
362
363 if [ "$MODE" = "tls1_2" ];
364 then
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame^]365 P_CIPHERS="$P_CIPHERS \
366 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
367 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
368 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
369 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
370 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
371 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]372 "
373 fi
374
375 ;;
376
377 "PSK")
378
379 P_CIPHERS="$P_CIPHERS \
380 TLS-DHE-PSK-WITH-RC4-128-SHA \
381 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
382 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
383 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
384 TLS-PSK-WITH-NULL-SHA \
385 TLS-DHE-PSK-WITH-NULL-SHA \
386 "
387
388 if [ "$MODE" = "tls1_2" ];
389 then
390 P_CIPHERS="$P_CIPHERS \
391 TLS-PSK-WITH-AES-128-CBC-SHA256 \
392 TLS-PSK-WITH-AES-256-CBC-SHA384 \
393 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
394 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
395 TLS-PSK-WITH-AES-128-GCM-SHA256 \
396 TLS-PSK-WITH-AES-256-GCM-SHA384 \
397 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
398 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
399 TLS-PSK-WITH-NULL-SHA256 \
400 TLS-PSK-WITH-NULL-SHA384 \
401 TLS-DHE-PSK-WITH-NULL-SHA256 \
402 TLS-DHE-PSK-WITH-NULL-SHA384 \
403 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
404 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
405 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
406 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
407 "
408 fi
409
410esac
Paul Bakker48f7a5d2013-04-19 14:30:58 +0200[diff] [blame]411
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]412# Filter ciphersuites
413if [ "X" != "X$FILTER" ];
414then
415 O_CIPHERS=$( filter "$O_CIPHERS" "$FILTER" )
416 P_CIPHERS=$( filter "$P_CIPHERS" "$FILTER" )
417fi
418
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]419for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]420do
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]421 log "../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS"
Paul Bakker89fe7f42013-06-29 16:18:10 +0200[diff] [blame]422 RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS )"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]423 EXIT=$?
424 echo -n "PolarSSL Server - PolarSSL Client - $i : $EXIT - "
425 if [ "$EXIT" = "2" ];
426 then
427 echo Ciphersuite not supported in client
428 elif [ "$EXIT" != "0" ];
429 then
430 echo Failed
431 echo $RESULT
432 else
433 echo Success
434 fi
435done
436kill $PROCESS_ID
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]437wait $PROCESS_ID 2>/dev/null
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]438
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]439done
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]440done
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]441done