--- /dev/null
+#! /usr/bin/env perl
+# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use OpenSSL::Test;
+use OpenSSL::Test::Utils;
+use OpenSSL::Test qw/:DEFAULT data_file data_dir bldtop_dir srctop_dir cmdstr/;
+use Cwd qw(abs_path);
+
+setup("test_external_tlsfuzzer");
+
+plan skip_all => "No external tests in this configuration"
+ if disabled("external-tests");
+plan skip_all => "TLSFuzzer tests not available on Windows or VMS"
+ if $^O =~ /^(VMS|MSWin32)$/;
+plan skip_all => "TLSFuzzer tests not supported in out of tree builds"
+ if bldtop_dir() ne srctop_dir();
+
+$ENV{TESTDATADIR} = abs_path(data_dir());
+plan tests => 1;
+
+ok(run(cmd(["sh", data_file("tls-fuzzer-cert.sh")])),
+ "running TLSFuzzer tests");
--- /dev/null
+[
+ {"server_command": ["@SERVER@", "s_server", "-www",
+ "-key", "tests/serverX509Key.pem",
+ "-cert", "tests/serverX509Cert.pem",
+ "-verify", "1", "-CAfile", "tests/clientX509Cert.pem"],
+ "comment": "Use ANY certificate just to ensure that server tries to authorise a client",
+ "environment": {"PYTHONPATH" : "."},
+ "server_hostname": "localhost",
+ "server_port": @PORT@,
+ "tests" : [
+ {"name" : "test-tls13-certificate-verify.py",
+ "arguments" : ["-k", "tests/clientX509Key.pem",
+ "-c", "tests/clientX509Cert.pem",
+ "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224",
+ "-p", "@PORT@"]},
+ {"name" : "test-tls13-ecdsa-in-certificate-verify.py",
+ "arguments" : ["-k", "tests/serverECKey.pem",
+ "-c", "tests/serverECCert.pem",
+ "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224",
+ "-p", "@PORT@"]}
+ ]
+ },
+ {"server_command": ["@SERVER@", "s_server", "-www",
+ "-key", "tests/serverX509Key.pem",
+ "-cert", "tests/serverX509Cert.pem"],
+ "environment": {"PYTHONPATH" : "."},
+ "server_hostname": "localhost",
+ "server_port": @PORT@,
+ "tests" : [
+ {"name" : "test-tls13-conversation.py",
+ "arguments" : ["-p", "@PORT@"]},
+ {"name" : "test-conversation.py",
+ "arguments" : ["-p", "@PORT@",
+ "-d"]}
+ ]
+ }
+
+]
--- /dev/null
+#!/bin/bash
+
+tls_fuzzer_prepare() {
+
+sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ${TESTDATADIR}/cert.json.in >${TMPFILE}
+}
+
+. "${TESTDATADIR}/tlsfuzzer.sh"
+
--- /dev/null
+#!/bin/bash
+#
+# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+#
+# OpenSSL external testing using the TLSFuzzer test suite
+#
+set -e
+
+PWD="$(pwd)"
+
+SRCTOP="$(cd $SRCTOP; pwd)"
+BLDTOP="$(cd $BLDTOP; pwd)"
+
+if [ "$SRCTOP" != "$BLDTOP" ] ; then
+ echo "Out of tree builds not supported with TLSFuzzer test!"
+ exit 1
+fi
+
+O_EXE="$BLDTOP/apps"
+O_BINC="$BLDTOP/include"
+O_SINC="$SRCTOP/include"
+O_LIB="$BLDTOP"
+
+export PATH="$O_EXE:$PATH"
+export LD_LIBRARY_PATH="$O_LIB:$LD_LIBRARY_PATH"
+export OPENSSL_ROOT_DIR="$O_LIB"
+
+# Check/Set openssl version
+OPENSSL_VERSION=`openssl version | cut -f 2 -d ' '`
+
+CLI="${O_EXE}/openssl"
+SERV="${O_EXE}/openssl"
+
+TMPFILE="${PWD}/tls-fuzzer.$$.tmp"
+PSKFILE="${PWD}/tls-fuzzer.psk.$$.tmp"
+
+PYTHON=`which python`
+PORT=4433
+
+echo "------------------------------------------------------------------"
+echo "Testing OpenSSL using TLSFuzzer:"
+echo " CWD: $PWD"
+echo " SRCTOP: $SRCTOP"
+echo " BLDTOP: $BLDTOP"
+echo " OPENSSL_ROOT_DIR: $OPENSSL_ROOT_DIR"
+echo " Python: $PYTHON"
+echo " TESTDATADIR: $TESTDATADIR"
+echo "------------------------------------------------------------------"
+
+cd "${SRCTOP}/tlsfuzzer"
+
+test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa
+test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null
+
+retval=0
+
+tls_fuzzer_prepare
+
+PYTHONPATH=. "${PYTHON}" tests/scripts_retention.py ${TMPFILE} ${SERV} 821
+retval=$?
+
+rm -f ${TMPFILE}
+[ -f "${PSKFILE}" ] && rm -f ${PSKFILE}
+
+cd $PWD
+
+exit $retval
projects / thirdparty / openssl.git / commitdiff
