diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2024-03-02 11:53:56 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2024-03-02 11:53:56 +0000 |
commit | a4ca27f2b764288c525e1b603632cccdfaf4efd8 (patch) | |
tree | cdc834523f0600d685c49d84a75d3957eea7a7af /regress/usr.bin | |
parent | 90f7d0b1078d4f30181352d7ba34ee34f9cd67ee (diff) |
Unhook some gost tests
Diffstat (limited to 'regress/usr.bin')
-rwxr-xr-x | regress/usr.bin/openssl/appstest.sh | 122 |
1 files changed, 1 insertions, 121 deletions
diff --git a/regress/usr.bin/openssl/appstest.sh b/regress/usr.bin/openssl/appstest.sh index 8c0e75deb48..26ba9200448 100755 --- a/regress/usr.bin/openssl/appstest.sh +++ b/regress/usr.bin/openssl/appstest.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# $OpenBSD: appstest.sh,v 1.61 2024/01/26 11:58:36 job Exp $ +# $OpenBSD: appstest.sh,v 1.62 2024/03/02 11:53:55 tb Exp $ # # Copyright (c) 2016 Kinichiro Inoguchi <inoguchi@openbsd.org> # @@ -786,40 +786,6 @@ __EOF__ -out $sv_ecdsa_csr.verify.out check_exit_status $? - # GOST certificate - - sv_gost_key=$server_dir/sv_gost_key.pem - sv_gost_csr=$server_dir/sv_gost_csr.pem - sv_gost_pass=test-gost-pass - - if [ $mingw = 0 ] ; then - subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=gost.test-dummy.com/' - else - subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=gost.test-dummy.com\' - fi - - start_message "genpkey ... generate server key#4" - - $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \ - -pkeyopt dgst:streebog512 -out $sv_gost_key - check_exit_status $? - - start_message "req ... generate server csr#4" - - $openssl_bin req -new -subj $subj -streebog512 \ - -key $sv_gost_key -keyform pem -passin pass:$sv_gost_pass \ - -addext 'subjectAltName = DNS:gost.test-dummy.com' \ - -out $sv_gost_csr -outform pem - check_exit_status $? - - start_message "req ... verify server csr#4" - - $openssl_bin req -verify -in $sv_gost_csr -inform pem \ - -newhdr -noout -pubkey -subject -modulus -text \ - -nameopt multiline -reqopt compatible \ - -out $sv_gost_csr.verify.out - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (issue cert for server) --- @@ -923,13 +889,6 @@ __EOF__ -in $sv_ecdsa_csr -out $sv_ecdsa_cert > $sv_ecdsa_cert.log 2>&1 check_exit_status $? - start_message "ca ... issue cert for server csr#4" - - sv_gost_cert=$server_dir/sv_gost_cert.pem - $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ - -in $sv_gost_csr -out $sv_gost_cert > $sv_gost_cert.log 2>&1 - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (revoke cert and generate crl) --- @@ -1084,27 +1043,6 @@ __EOF__ -out $cl_ecdsa_csr -outform pem check_exit_status $? - start_message "req ... generate private key and csr for user3" - - cl_gost_key=$user1_dir/cl_gost_key.pem - cl_gost_csr=$user1_dir/cl_gost_csr.pem - cl_gost_pass=test-user1-pass - - if [ $mingw = 0 ] ; then - subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=user3.test-dummy.com/' - else - subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=user3.test-dummy.com\' - fi - - $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \ - -pkeyopt dgst:streebog512 -out $cl_gost_key - check_exit_status $? - - $openssl_bin req -new -subj $subj -streebog512 \ - -key $cl_gost_key -keyform pem -passin pass:$cl_gost_pass \ - -out $cl_gost_csr -outform pem - check_exit_status $? - #---------#---------#---------#---------#---------#---------#--------- # --- CA operations (issue cert for user1) --- @@ -1123,13 +1061,6 @@ __EOF__ $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ -in $cl_ecdsa_csr -out $cl_ecdsa_cert > $cl_ecdsa_cert.log 2>&1 check_exit_status $? - - start_message "ca ... issue cert for user3" - - cl_gost_cert=$user1_dir/cl_gost_cert.pem - $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \ - -in $cl_gost_csr -out $cl_gost_cert > $cl_gost_cert.log 2>&1 - check_exit_status $? } function test_tsa { @@ -1530,10 +1461,6 @@ function test_sc_by_protocol_version { msg=$3 cid=$4 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - groups_and_cipher="" if [ $ver = "tls1_3" ] ; then # Expect HelloRetryRequest @@ -1596,10 +1523,6 @@ function test_sc_all_cipher { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - copt=cipher ciphers=$user1_dir/ciphers_${sc}_${ver} @@ -1616,8 +1539,6 @@ function test_sc_all_cipher { if [ $s_id = "0" ] ; then if [ $ecdsa_tests = 1 ] ; then cipher_string="ECDSA+TLSv1.2:!TLSv1.3" - elif [ $gost_tests = 1 ] ; then - cipher_string="kGOST:!NULL:!TLSv1.3" else cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3" fi @@ -1629,8 +1550,6 @@ function test_sc_all_cipher { if [ $c_id = "0" ] ; then if [ $ecdsa_tests = 1 ] ; then cipher_string="ECDSA+TLSv1.2:!TLSv1.3" - elif [ $gost_tests = 1 ] ; then - cipher_string="kGOST:!NULL:!TLSv1.3" else cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3" fi @@ -1665,10 +1584,6 @@ function test_sc_session_reuse { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - sess_dat=$user1_dir/s_client_${sc}_${ver}_sess.dat # Get session ticket to reuse @@ -1716,10 +1631,6 @@ function test_sc_verify { sc=$1 ver=$2 - if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then - return - fi - # invalid verification pattern s_client_out=$user1_dir/s_client_${sc}_${ver}_tls_invalid.out @@ -1750,11 +1661,6 @@ function test_sc_verify { crt=$cl_ecdsa_cert key=$cl_ecdsa_key pwd=$cl_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST client certificate" - crt=$cl_gost_cert - key=$cl_gost_key - pwd=$cl_gost_pass else echo "Using RSA client certificate" crt=$cl_rsa_cert @@ -1806,11 +1712,6 @@ function test_server_client { crt=$sv_ecdsa_cert key=$sv_ecdsa_key pwd=$sv_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - pwd=$sv_gost_pass else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -1846,14 +1747,6 @@ function test_server_client { test_sc_verify $sc tls1_2 test_sc_verify $sc tls1_3 - # s_time - if [ $gost_tests != 1 ] ; then - start_message "s_time ... connect to TLS/SSL test server" - $c_bin s_time -connect $host:$port -CApath $ca_dir -time 1 \ - > $server_dir/s_time_${sc}.log - check_exit_status $? - fi - stop_s_server } @@ -1891,11 +1784,6 @@ function test_server_client_dtls { crt=$sv_ecdsa_cert key=$sv_ecdsa_key pwd=$sv_ecdsa_pass - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - pwd=$sv_gost_pass else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -1949,11 +1837,6 @@ function test_gnutls { crt=$sv_ecdsa_cert key=$sv_ecdsa_key sni=ecdsa.test-dummy.com - elif [ $gost_tests = 1 ] ; then - echo "Using GOST certificate" - crt=$sv_gost_cert - key=$sv_gost_key - sni=gost.test-dummy.com else echo "Using RSA certificate" crt=$sv_rsa_cert @@ -2036,7 +1919,6 @@ other_openssl_bin=${OTHER_OPENSSL:-/usr/local/bin/eopenssl11} other_openssl_version=`$other_openssl_bin version | cut -b 1-10` ecdsa_tests=0 -gost_tests=0 interop_tests=0 gnutls_tests=0 no_long_tests=0 @@ -2045,10 +1927,8 @@ while [ "$1" != "" ]; do case $1 in -e | --ecdsa) shift ecdsa_tests=1 - gost_tests=0 ;; -g | --gost) shift - gost_tests=1 ecdsa_tests=0 ;; -i | --interop) shift |