blob: ac41ec3b508470d50ed5c6a9faeb2828cbd2b33f [file] [log] [blame]
Paul Bakkerfab5c822012-02-06 16:45:10 +00001killall -q openssl ssl_server
2
Paul Bakker10cd2252012-04-12 21:26:34 +00003MODES="ssl3 tls1 tls1_1 tls1_2"
4#VERIFY="YES"
5VERIFY=""
6
7if [ "X$VERIFY" = "XYES" ];
8then
9 P_CLIENT_ARGS="crt_file=data_files/server2.crt key_file=data_files/server2.key"
10 O_SERVER_ARGS="-verify 10"
11fi
Paul Bakker398cb512012-04-10 08:22:31 +000012
13for MODE in $MODES;
14do
15echo "Running for $MODE"
16echo "-----------"
17
Paul Bakker10cd2252012-04-12 21:26:34 +000018P_CIPHERS=" \
Paul Bakkerfab5c822012-02-06 16:45:10 +000019 SSL-EDH-RSA-AES-128-SHA \
20 SSL-EDH-RSA-AES-256-SHA \
21 SSL-EDH-RSA-CAMELLIA-128-SHA \
22 SSL-EDH-RSA-CAMELLIA-256-SHA \
23 SSL-EDH-RSA-DES-168-SHA \
24 SSL-RSA-AES-256-SHA \
25 SSL-RSA-CAMELLIA-256-SHA \
26 SSL-RSA-AES-128-SHA \
27 SSL-RSA-CAMELLIA-128-SHA \
28 SSL-RSA-DES-168-SHA \
29 SSL-RSA-RC4-128-SHA \
30 SSL-RSA-RC4-128-MD5 \
31 SSL-RSA-NULL-MD5 \
32 SSL-RSA-NULL-SHA \
33 SSL-RSA-DES-SHA \
34 SSL-EDH-RSA-DES-SHA \
35 "
36
Paul Bakker10cd2252012-04-12 21:26:34 +000037O_CIPHERS=" \
38 DHE-RSA-AES128-SHA \
39 DHE-RSA-AES256-SHA \
40 DHE-RSA-CAMELLIA128-SHA \
41 DHE-RSA-CAMELLIA256-SHA \
42 EDH-RSA-DES-CBC3-SHA \
43 AES256-SHA \
44 CAMELLIA256-SHA \
45 AES128-SHA \
46 CAMELLIA128-SHA \
47 DES-CBC3-SHA \
48 RC4-SHA \
49 RC4-MD5 \
50 NULL-MD5 \
51 NULL-SHA \
52 DES-CBC-SHA \
53 EDH-RSA-DES-CBC-SHA \
54 "
55
56if [ "$MODE" = "tls1_2" ];
57then
58 P_CIPHERS="$P_CIPHERS \
59 SSL-RSA-NULL-SHA256 \
60 SSL-RSA-AES-128-SHA256 \
61 SSL-EDH-RSA-AES-128-SHA256 \
62 SSL-RSA-AES-256-SHA256 \
63 SSL-EDH-RSA-AES-256-SHA256 \
64 "
65
66 O_CIPHERS="$O_CIPHERS \
67 NULL-SHA256 \
68 AES128-SHA256 \
69 DHE-RSA-AES128-SHA256 \
70 AES256-SHA256 \
71 DHE-RSA-AES256-SHA256 \
72 "
73fi
74
75openssl s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE &
76PROCESS_ID=$!
77
78sleep 1
79
80for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +000081do
Paul Bakker10cd2252012-04-12 21:26:34 +000082 RESULT="$( ../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i )"
Paul Bakkerfab5c822012-02-06 16:45:10 +000083 EXIT=$?
84 echo -n "OpenSSL Server - PolarSSL Client - $i : $EXIT - "
85 if [ "$EXIT" = "2" ];
86 then
87 echo Ciphersuite not supported in client
88 elif [ "$EXIT" != "0" ];
89 then
90 echo Failed
91 echo $RESULT
92 else
93 echo Success
94 fi
95done
96kill $PROCESS_ID
97
98../programs/ssl/ssl_server > /dev/null &
99PROCESS_ID=$!
100
101sleep 1
102
Paul Bakker10cd2252012-04-12 21:26:34 +0000103for i in $O_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000104do
Paul Bakker398cb512012-04-10 08:22:31 +0000105 RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | openssl s_client -$MODE -cipher $i 2>&1)"
Paul Bakkerfab5c822012-02-06 16:45:10 +0000106 EXIT=$?
107 echo -n "PolarSSL Server - OpenSSL Client - $i : $EXIT - "
108
109 if [ "$EXIT" != "0" ];
110 then
111 SUPPORTED="$( echo $RESULT | grep 'Cipher is (NONE)' )"
112 if [ "X$SUPPORTED" != "X" ]
113 then
114 echo "Ciphersuite not supported in server"
115 else
116 echo Failed
117 echo $RESULT
118 fi
119 else
120 echo Success
121 fi
122done
123
124kill $PROCESS_ID
125
126../programs/ssl/ssl_server > /dev/null &
127PROCESS_ID=$!
128
129sleep 1
130
Paul Bakker10cd2252012-04-12 21:26:34 +0000131# OpenSSL does not support RFC5246 Camellia ciphers with SHA256
132# Add for PolarSSL only test, which does support them.
133#
134if [ "$MODE" = "tls1_2" ];
135then
136 P_CIPHERS="$P_CIPHERS \
137 SSL-RSA-CAMELLIA-128-SHA256 \
138 SSL-EDH-RSA-CAMELLIA-128-SHA256 \
139 SSL-RSA-CAMELLIA-256-SHA256 \
140 SSL-EDH-RSA-CAMELLIA-256-SHA256 \
141 "
142fi
Paul Bakkerfab5c822012-02-06 16:45:10 +0000143
Paul Bakker10cd2252012-04-12 21:26:34 +0000144for i in $P_CIPHERS;
Paul Bakkerfab5c822012-02-06 16:45:10 +0000145do
146 RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i )"
147 EXIT=$?
148 echo -n "PolarSSL Server - PolarSSL Client - $i : $EXIT - "
149 if [ "$EXIT" = "2" ];
150 then
151 echo Ciphersuite not supported in client
152 elif [ "$EXIT" != "0" ];
153 then
154 echo Failed
155 echo $RESULT
156 else
157 echo Success
158 fi
159done
160kill $PROCESS_ID
161
Paul Bakker398cb512012-04-10 08:22:31 +0000162done
163