compat.sh: skip static ECDH cases if unsupported in openssl
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
diff --git a/tests/compat.sh b/tests/compat.sh
index f96c4e4..6d09b4f 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -861,6 +861,16 @@
esac
}
+# o_check_ciphersuite CIPHER_SUITE_NAME
+o_check_ciphersuite()
+{
+ if [ "${O_SUPPORT_ECDH}" = "NO" ]; then
+ case "$1" in
+ *ECDH-*) SKIP_NEXT="YES"
+ esac
+ fi
+}
+
setup_arguments()
{
O_MODE=""
@@ -947,6 +957,11 @@
;;
esac
+ case $($OPENSSL ciphers ALL) in
+ *ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";;
+ *) O_SUPPORT_ECDH="NO";;
+ esac
+
if [ "X$VERIFY" = "XYES" ];
then
M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@@ -1373,6 +1388,7 @@
if [ "X" != "X$M_CIPHERS" ]; then
start_server "OpenSSL"
for i in $M_CIPHERS; do
+ o_check_ciphersuite "$i"
run_client mbedTLS $i
done
stop_server
@@ -1381,6 +1397,7 @@
if [ "X" != "X$O_CIPHERS" ]; then
start_server "mbedTLS"
for i in $O_CIPHERS; do
+ o_check_ciphersuite "$i"
run_client OpenSSL $i
done
stop_server