summaryrefslogtreecommitdiff
path: root/regress/usr.bin
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2024-03-02 11:53:56 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2024-03-02 11:53:56 +0000
commita4ca27f2b764288c525e1b603632cccdfaf4efd8 (patch)
treecdc834523f0600d685c49d84a75d3957eea7a7af /regress/usr.bin
parent90f7d0b1078d4f30181352d7ba34ee34f9cd67ee (diff)
Unhook some gost tests
Diffstat (limited to 'regress/usr.bin')
-rwxr-xr-xregress/usr.bin/openssl/appstest.sh122
1 files changed, 1 insertions, 121 deletions
diff --git a/regress/usr.bin/openssl/appstest.sh b/regress/usr.bin/openssl/appstest.sh
index 8c0e75deb48..26ba9200448 100755
--- a/regress/usr.bin/openssl/appstest.sh
+++ b/regress/usr.bin/openssl/appstest.sh
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $OpenBSD: appstest.sh,v 1.61 2024/01/26 11:58:36 job Exp $
+# $OpenBSD: appstest.sh,v 1.62 2024/03/02 11:53:55 tb Exp $
#
# Copyright (c) 2016 Kinichiro Inoguchi <inoguchi@openbsd.org>
#
@@ -786,40 +786,6 @@ __EOF__
-out $sv_ecdsa_csr.verify.out
check_exit_status $?
- # GOST certificate
-
- sv_gost_key=$server_dir/sv_gost_key.pem
- sv_gost_csr=$server_dir/sv_gost_csr.pem
- sv_gost_pass=test-gost-pass
-
- if [ $mingw = 0 ] ; then
- subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=gost.test-dummy.com/'
- else
- subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=gost.test-dummy.com\'
- fi
-
- start_message "genpkey ... generate server key#4"
-
- $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \
- -pkeyopt dgst:streebog512 -out $sv_gost_key
- check_exit_status $?
-
- start_message "req ... generate server csr#4"
-
- $openssl_bin req -new -subj $subj -streebog512 \
- -key $sv_gost_key -keyform pem -passin pass:$sv_gost_pass \
- -addext 'subjectAltName = DNS:gost.test-dummy.com' \
- -out $sv_gost_csr -outform pem
- check_exit_status $?
-
- start_message "req ... verify server csr#4"
-
- $openssl_bin req -verify -in $sv_gost_csr -inform pem \
- -newhdr -noout -pubkey -subject -modulus -text \
- -nameopt multiline -reqopt compatible \
- -out $sv_gost_csr.verify.out
- check_exit_status $?
-
#---------#---------#---------#---------#---------#---------#---------
# --- CA operations (issue cert for server) ---
@@ -923,13 +889,6 @@ __EOF__
-in $sv_ecdsa_csr -out $sv_ecdsa_cert > $sv_ecdsa_cert.log 2>&1
check_exit_status $?
- start_message "ca ... issue cert for server csr#4"
-
- sv_gost_cert=$server_dir/sv_gost_cert.pem
- $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \
- -in $sv_gost_csr -out $sv_gost_cert > $sv_gost_cert.log 2>&1
- check_exit_status $?
-
#---------#---------#---------#---------#---------#---------#---------
# --- CA operations (revoke cert and generate crl) ---
@@ -1084,27 +1043,6 @@ __EOF__
-out $cl_ecdsa_csr -outform pem
check_exit_status $?
- start_message "req ... generate private key and csr for user3"
-
- cl_gost_key=$user1_dir/cl_gost_key.pem
- cl_gost_csr=$user1_dir/cl_gost_csr.pem
- cl_gost_pass=test-user1-pass
-
- if [ $mingw = 0 ] ; then
- subj='/C=JP/ST=Tokyo/O=TEST_DUMMY_COMPANY/CN=user3.test-dummy.com/'
- else
- subj='//C=JP\ST=Tokyo\O=TEST_DUMMY_COMPANY\CN=user3.test-dummy.com\'
- fi
-
- $openssl_bin genpkey -algorithm GOST2001 -pkeyopt paramset:A \
- -pkeyopt dgst:streebog512 -out $cl_gost_key
- check_exit_status $?
-
- $openssl_bin req -new -subj $subj -streebog512 \
- -key $cl_gost_key -keyform pem -passin pass:$cl_gost_pass \
- -out $cl_gost_csr -outform pem
- check_exit_status $?
-
#---------#---------#---------#---------#---------#---------#---------
# --- CA operations (issue cert for user1) ---
@@ -1123,13 +1061,6 @@ __EOF__
$openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \
-in $cl_ecdsa_csr -out $cl_ecdsa_cert > $cl_ecdsa_cert.log 2>&1
check_exit_status $?
-
- start_message "ca ... issue cert for user3"
-
- cl_gost_cert=$user1_dir/cl_gost_cert.pem
- $openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \
- -in $cl_gost_csr -out $cl_gost_cert > $cl_gost_cert.log 2>&1
- check_exit_status $?
}
function test_tsa {
@@ -1530,10 +1461,6 @@ function test_sc_by_protocol_version {
msg=$3
cid=$4
- if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then
- return
- fi
-
groups_and_cipher=""
if [ $ver = "tls1_3" ] ; then
# Expect HelloRetryRequest
@@ -1596,10 +1523,6 @@ function test_sc_all_cipher {
sc=$1
ver=$2
- if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then
- return
- fi
-
copt=cipher
ciphers=$user1_dir/ciphers_${sc}_${ver}
@@ -1616,8 +1539,6 @@ function test_sc_all_cipher {
if [ $s_id = "0" ] ; then
if [ $ecdsa_tests = 1 ] ; then
cipher_string="ECDSA+TLSv1.2:!TLSv1.3"
- elif [ $gost_tests = 1 ] ; then
- cipher_string="kGOST:!NULL:!TLSv1.3"
else
cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3"
fi
@@ -1629,8 +1550,6 @@ function test_sc_all_cipher {
if [ $c_id = "0" ] ; then
if [ $ecdsa_tests = 1 ] ; then
cipher_string="ECDSA+TLSv1.2:!TLSv1.3"
- elif [ $gost_tests = 1 ] ; then
- cipher_string="kGOST:!NULL:!TLSv1.3"
else
cipher_string="ALL:!ECDSA:!kGOST:!TLSv1.3"
fi
@@ -1665,10 +1584,6 @@ function test_sc_session_reuse {
sc=$1
ver=$2
- if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then
- return
- fi
-
sess_dat=$user1_dir/s_client_${sc}_${ver}_sess.dat
# Get session ticket to reuse
@@ -1716,10 +1631,6 @@ function test_sc_verify {
sc=$1
ver=$2
- if [ $gost_tests = 1 ] && [ $ver = "tls1_3" -o $sc != 00 ] ; then
- return
- fi
-
# invalid verification pattern
s_client_out=$user1_dir/s_client_${sc}_${ver}_tls_invalid.out
@@ -1750,11 +1661,6 @@ function test_sc_verify {
crt=$cl_ecdsa_cert
key=$cl_ecdsa_key
pwd=$cl_ecdsa_pass
- elif [ $gost_tests = 1 ] ; then
- echo "Using GOST client certificate"
- crt=$cl_gost_cert
- key=$cl_gost_key
- pwd=$cl_gost_pass
else
echo "Using RSA client certificate"
crt=$cl_rsa_cert
@@ -1806,11 +1712,6 @@ function test_server_client {
crt=$sv_ecdsa_cert
key=$sv_ecdsa_key
pwd=$sv_ecdsa_pass
- elif [ $gost_tests = 1 ] ; then
- echo "Using GOST certificate"
- crt=$sv_gost_cert
- key=$sv_gost_key
- pwd=$sv_gost_pass
else
echo "Using RSA certificate"
crt=$sv_rsa_cert
@@ -1846,14 +1747,6 @@ function test_server_client {
test_sc_verify $sc tls1_2
test_sc_verify $sc tls1_3
- # s_time
- if [ $gost_tests != 1 ] ; then
- start_message "s_time ... connect to TLS/SSL test server"
- $c_bin s_time -connect $host:$port -CApath $ca_dir -time 1 \
- > $server_dir/s_time_${sc}.log
- check_exit_status $?
- fi
-
stop_s_server
}
@@ -1891,11 +1784,6 @@ function test_server_client_dtls {
crt=$sv_ecdsa_cert
key=$sv_ecdsa_key
pwd=$sv_ecdsa_pass
- elif [ $gost_tests = 1 ] ; then
- echo "Using GOST certificate"
- crt=$sv_gost_cert
- key=$sv_gost_key
- pwd=$sv_gost_pass
else
echo "Using RSA certificate"
crt=$sv_rsa_cert
@@ -1949,11 +1837,6 @@ function test_gnutls {
crt=$sv_ecdsa_cert
key=$sv_ecdsa_key
sni=ecdsa.test-dummy.com
- elif [ $gost_tests = 1 ] ; then
- echo "Using GOST certificate"
- crt=$sv_gost_cert
- key=$sv_gost_key
- sni=gost.test-dummy.com
else
echo "Using RSA certificate"
crt=$sv_rsa_cert
@@ -2036,7 +1919,6 @@ other_openssl_bin=${OTHER_OPENSSL:-/usr/local/bin/eopenssl11}
other_openssl_version=`$other_openssl_bin version | cut -b 1-10`
ecdsa_tests=0
-gost_tests=0
interop_tests=0
gnutls_tests=0
no_long_tests=0
@@ -2045,10 +1927,8 @@ while [ "$1" != "" ]; do
case $1 in
-e | --ecdsa) shift
ecdsa_tests=1
- gost_tests=0
;;
-g | --gost) shift
- gost_tests=1
ecdsa_tests=0
;;
-i | --interop) shift