Skip to content

Add in fixes to wp-cs-tests.sh #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
SparkiDev merged 11 commits into from
Aug 28, 2023
Merged

Add in fixes to wp-cs-tests.sh #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
e2dd8c3
specified bound equals destination size
Aug 23, 2023
f6bc34d
Initialize variable
Aug 23, 2023
a78c724
Print helpful reasons for failure
Aug 23, 2023
30b578e
Clean up 'check_process_running'
Aug 23, 2023
7c4af2e
Remove duplicate definitions
Aug 23, 2023
a18374d
Simplify script by consolidating duplicate functions
Aug 24, 2023
cd2bdbd
Clean up log file output
Aug 24, 2023
8cb1ae0
More simplification of log output
Aug 24, 2023
b0a55b6
Make sure all buffers are flushed before killing processes
Aug 24, 2023
6a95d6f
More output to LOG_FILE
Aug 24, 2023
4fa1a7c
Fix the detection of the server PID
Aug 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
274 changes: 53 additions & 221 deletions scripts/wp-cs-test.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,34 +21,24 @@

SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
CERT_DIR=$SCRIPT_DIR/../certs
LOG_DIR=$SCRIPT_DIR/log
LOG_FILE=$LOG_DIR/wp-cs-test.log
LOG_SERVER=$LOG_DIR/wp-cs-test-server.log
LOG_WP_SERVER=$LOG_DIR/wp-cs-test-wp-server.log
LOG_CLIENT=$LOG_DIR/wp-cs-test-client.log
TMP_LOG=$LOG_DIR/wp-cs-test-tmp.log
LOG_FILE=$SCRIPT_DIR/wp-cs-test.log

OPENSSL_SERVER_PID=-1
WP_OPENSSL_SERVER_PID=-1

kill_servers() {
SERVER_PID=$OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" = "0" ]; then
(kill -INT $SERVER_PID) >/dev/null 2>&1
fi
set -o pipefail # pass failures up the pipe
prepend() { # Usage: cmd 2>&1 | prepend "sometext "
while read line; do echo "${1}${line}"; done
}

SERVER_PID=$WP_OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" = "0" ]; then
(kill -INT $SERVER_PID) >/dev/null 2>&1
kill_servers() {
if [ $(check_process_running $OPENSSL_SERVER_PID) = "0" ]; then
(kill -9 $OPENSSL_SERVER_PID) >/dev/null 2>&1
fi
}

do_cleanup() {
sleep 0.5 # flush buffers
kill_servers

rm -f $TMP_LOG
}

do_trap() {
Expand All @@ -58,7 +48,6 @@ do_trap() {
exit 1
}


trap do_trap INT TERM

TLS13_ALL_CIPHERS="TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256"
Expand Down Expand Up @@ -144,245 +133,83 @@ TLS1_PSK_CIPHERS=(
)

check_process_running() {
ps -p $SERVER_PID > /dev/null
PS_EXIT=$?
ps -p $1 > /dev/null
echo $?
}

# need a unique port since may run the same time as testsuite
generate_port() {
port=$(($(od -An -N2 /dev/random) % (65535-49512) + 49512))
}

start_openssl_server() {
generate_port
export OPENSSL_PORT=$port

($OPENSSL_BIN s_server -www \
-cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \
-dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \
-accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \
>$LOG_SERVER 2>&1
) &
OPENSSL_SERVER_PID=$!

sleep 0.1

SERVER_PID=$OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" != "0" ]; then
printf "OpenSSL server failed to start\n"
do_cleanup
exit 1
fi
}

start_wp_openssl_server() {
generate_port
export WP_OPENSSL_PORT=$port

($OPENSSL_BIN s_server -www \
-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME \
-cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \
-dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \
-accept $WP_OPENSSL_PORT $OPENSSL_ALL_CIPHERS \
>$LOG_WP_SERVER 2>&1
) &
WP_OPENSSL_SERVER_PID=$!

sleep 0.1

SERVER_PID=$WP_OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" != "0" ]; then
printf "server failed to start\n"
printf "OpenSSL server using wolfProvider failed to start\n"
do_cleanup
exit 1
fi
echo $(($(od -An -N2 /dev/random) % (65535-49512) + 49512))
}
start_openssl_server() {
generate_port
export OPENSSL_PORT=$port

($OPENSSL_BIN s_server -www \
start_openssl_server() { # usage: start_openssl_server [extraArgs]
stdbuf -oL -eL $OPENSSL_BIN s_server -www $1 \
-cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \
-dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \
-accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \
>$LOG_SERVER 2>&1
) &
OPENSSL_SERVER_PID=$!
2>&1 | prepend "[server] " >>$LOG_FILE &
OPENSSL_SERVER_PID=$(($! - 1))

sleep 0.1

SERVER_PID=$OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" != "0" ]; then
if [ $(check_process_running $OPENSSL_SERVER_PID) != "0" ]; then
printf "OpenSSL server failed to start\n"
do_cleanup
exit 1
fi
}

start_wp_openssl_server() {
generate_port
export WP_OPENSSL_PORT=$port

($OPENSSL_BIN s_server -www \
-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME \
-cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \
-dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \
-accept $WP_OPENSSL_PORT $OPENSSL_ALL_CIPHERS \
>$LOG_WP_SERVER 2>&1
) &
WP_OPENSSL_SERVER_PID=$!

sleep 0.1

SERVER_PID=$WP_OPENSSL_SERVER_PID
check_process_running
if [ "$PS_EXIT" != "0" ]; then
printf "server failed to start\n"
printf "OpenSSL server using wolfProvider failed to start\n"
do_cleanup
exit 1
fi
}

do_wp_client() {
do_client() { # usage: do_client [extraArgs]
printf "\t\t$CIPHER ... "
printf "\n$CIPHER ...\n" >>$LOG_FILE
if [ "$TLS_VERSION" != "-tls1_3" ]; then
(echo -n | \
$OPENSSL_BIN s_client \
-provider-path $WOLFPROV_PATH \
-provider $WOLFPROV_NAME \
stdbuf -oL -eL $OPENSSL_BIN s_client $1 \
-cipher $CIPHER $TLS_VERSION \
-curves $CURVES \
-connect localhost:$OPENSSL_PORT \
>$TMP_LOG 2>&1
)
else
(echo -n | \
$OPENSSL_BIN s_client \
-provider-path $WOLFPROV_PATH \
-provider $WOLFPROV_NAME \
-ciphersuites $CIPHER $TLS_VERSION \
-curves $CURVES \
-connect localhost:$OPENSSL_PORT \
>$TMP_LOG 2>&1
)
fi
if [ "$?" = "0" ]; then
printf "pass\n"
else
printf "fail\n"
FAIL=$((FAIL+1))
fi

#check_log

cat $TMP_LOG >>$LOG_CLIENT
}

do_client() {
printf "\t\t$CIPHER ... "
if [ "$TLS_VERSION" != "-tls1_3" ]; then
(echo -n | \
$OPENSSL_BIN s_client \
-cipher $CIPHER $TLS_VERSION \
-connect localhost:$WP_OPENSSL_PORT \
-curves $CURVES \
>>$LOG_CLIENT 2>&1
2>&1 | prepend "[client] " >>$LOG_FILE
)
else
(echo -n | \
$OPENSSL_BIN s_client \
stdbuf -oL -eL $OPENSSL_BIN s_client $1 \
-ciphersuites $CIPHER $TLS_VERSION \
-connect localhost:$WP_OPENSSL_PORT \
-connect localhost:$OPENSSL_PORT \
-curves $CURVES \
>>$LOG_CLIENT 2>&1
2>&1 | prepend "[client] " >>$LOG_FILE
)
fi
if [ "$?" = "0" ]; then
printf "pass\n"
printf "pass\n" | tee -a $LOG_FILE
else
printf "fail\n"
printf "fail\n" | tee -a $LOG_FILE
FAIL=$((FAIL+1))
fi

NEW_LINES=`wc -l $LOG_WP_SERVER | awk '{print $1}'`
tail --lines=$((NEW_LINES-LOG_LINES)) $LOG_WP_SERVER >$TMP_LOG

#check_log

LOG_LINES=$NEW_LINES
}

do_wp_client_test() {
printf "\tClient testing\n"
CHECK_CLIENT=1
CHECK_SERVER=

#TLS_VERSION=-tls1
#printf "\t$TLS_VERSION\n"
#for CIPHER in ${TLS1_CIPHERS[@]}
#do
# do_wp_client
#done

#TLS_VERSION=-tls1_1
#printf "\t$TLS_VERSION\n"
#for CIPHER in ${TLS1_CIPHERS[@]}
#do
# do_wp_client
#done

TLS_VERSION=-tls1_2
printf "\t$TLS_VERSION\n"
for CIPHER in ${TLS12_CIPHERS[@]}
do
do_wp_client
done

TLS_VERSION=-tls1_3
printf "\t$TLS_VERSION\n"
for CIPHER in ${TLS13_CIPHERS[@]}
do
do_wp_client
done
}

do_client_test() {
printf "\tServer testing\n"
CHECK_CLIENT=
CHECK_SERVER=1
LOG_LINES=0

#TLS_VERSION=-tls1
#printf "\t$TLS_VERSION\n"
#for CIPHER in ${TLS1_CIPHERS[@]}
#do
# do_client
#done

#TLS_VERSION=-tls1_1
#printf "\t$TLS_VERSION\n"
#for CIPHER in ${TLS1_CIPHERS[@]}
#do
# do_client
#done
do_client_test() { # usage: do_client_test [extraArgs]
# TLS_VERSION=-tls1
# printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE
# for CIPHER in ${TLS1_CIPHERS[@]}; do
# do_client "$1"
# done
#
# TLS_VERSION=-tls1_1
# printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE
# for CIPHER in ${TLS1_CIPHERS[@]}; do
# do_client "$1"
# done

TLS_VERSION=-tls1_2
printf "\t$TLS_VERSION\n"
for CIPHER in ${TLS12_CIPHERS[@]}
do
do_client
printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE
for CIPHER in ${TLS12_CIPHERS[@]}; do
do_client "$1"
done

TLS_VERSION=-tls1_3
printf "\t$TLS_VERSION\n"
for CIPHER in ${TLS13_CIPHERS[@]}
do
do_client
printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE
for CIPHER in ${TLS13_CIPHERS[@]}; do
do_client "$1"
done
}

Expand Down Expand Up @@ -414,16 +241,21 @@ FAIL=0
WOLFPROV_NAME="libwolfprov"
WOLFPROV_PATH=$PWD/.libs

rm -f $LOG_CLIENT

CURVES=prime256v1
#CURVES=X25519
OPENSSL_ALL_CIPHERS="-cipher ALL -ciphersuites $TLS13_ALL_CIPHERS"
OPENSSL_PORT=$(generate_port)

printf "\tClient testing\n" | tee $LOG_FILE
start_openssl_server
do_wp_client_test
start_wp_openssl_server
do_client_test "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME"
kill_servers

printf "\tServer testing\n" | tee -a $LOG_FILE
start_openssl_server "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME"
do_client_test
kill_servers

do_cleanup

if [ "$FAIL" = "0" ]; then
Expand Down
2 changes: 1 addition & 1 deletion src/wp_ecc_kmgmt.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1486,7 +1486,7 @@ static int wp_ecc_gen_set_template(wp_EccGenCtx* ctx, wp_Ecc* ecc)
}
if (ok) {
XSTRNCPY(ctx->curveName, name, sizeof(ctx->curveName)-1);
ctx->curveName[WP_MAX_EC_GROUP_NAME_SZ-1] = '\0';
ctx->curveName[sizeof(ctx->curveName)-1] = '\0';
}

return ok;
Expand Down
2 changes: 1 addition & 1 deletion src/wp_ecx_kmgmt.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -730,7 +730,7 @@ static int wp_ecx_validate_pub_key(const wp_Ecx* ecx)
{
int ok = 1;
int rc;
unsigned char key[WP_MAX_KEY_SIZE];
unsigned char key[WP_MAX_KEY_SIZE] = {0};
word32 len = ecx->data->len;

ok &= ecx->hasPub;
Expand Down
Loading