ssl-opt: uniformize requirements in tests

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-03-13 12:00:10 +01:00
parent 2bf85e349d
commit 77588e9451

View file

@ -284,16 +284,10 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
# An optional parameter can be specified in order to limit key exchanges in
# TLS 1.2 (in TLS 1.3 it has no effect).
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() {
KEX_SUBSET=${1:-}
if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
then then
case $KEX_SUBSET in requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
ECDSA) requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT ;;
*) requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT ;;
esac
elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
then then
SKIP_NEXT="YES" SKIP_NEXT="YES"
@ -530,7 +524,7 @@ populate_enabled_hash_algs()
hash_alg_variable=HAS_ALG_${hash_alg} hash_alg_variable=HAS_ALG_${hash_alg}
eval ${hash_alg_variable}=YES eval ${hash_alg_variable}=YES
fi fi
done done
} }
# skip next test if the given hash alg is not supported # skip next test if the given hash alg is not supported
@ -5632,7 +5626,8 @@ MAX_IM_CA='8'
# are in place so that the semantics are consistent with the test description. # are in place so that the semantics are consistent with the test description.
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer requires_full_size_output_buffer
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled ECDSA requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
run_test "Authentication: server max_int chain, client default" \ run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \ key_file=data_files/dir-maxpath/09.key" \
@ -5642,7 +5637,8 @@ run_test "Authentication: server max_int chain, client default" \
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer requires_full_size_output_buffer
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled ECDSA requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
run_test "Authentication: server max_int+1 chain, client default" \ run_test "Authentication: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \ key_file=data_files/dir-maxpath/10.key" \