tests: Run more TLS tests when forcing all server operations on token

Signed-off-by: Jakub Jelen <[email protected]>
Jakuje · Oct 22, 2024 · e07df57 · e07df57
1 parent 7bfafc4
commit e07df57
Showing 1 changed file with 25 additions and 18 deletions.
diff --git a/tests/ttls b/tests/ttls
@@ -67,7 +67,7 @@ run_test() {
                 send \" NO EOF \n\";
                 exit 1;
             };
-        }" > "${TMPPDIR}/s_server_output" &
+        }" &> "${TMPPDIR}/s_server_output" &
     SERVER_PID=$!
 
     read -r < "${TMPPDIR}/s_server_ready"
@@ -93,36 +93,43 @@ run_test() {
     wait_for_server_at_exit $SERVER_PID
 }
 
-title PARA "Run sanity test with default values (RSA)"
-run_test "$PRIURI" "$CRTURI"
+run_tests() {
 
-title PARA "Run sanity test with default values (ECDSA)"
-run_test "$ECPRIURI" "$ECCRTURI"
+    title PARA "Run sanity test with default values (RSA)"
+    run_test "$PRIURI" "$CRTURI"
 
-title PARA "Run test with TLS 1.2"
-run_test "$PRIURI" "$CRTURI" "" "-tls1_2"
+    title PARA "Run sanity test with default values (ECDSA)"
+    run_test "$ECPRIURI" "$ECCRTURI"
 
-title PARA "Run test with explicit TLS 1.3"
-run_test "$PRIURI" "$CRTURI" "" "-tls1_3"
+    title PARA "Run test with TLS 1.2"
+    run_test "$PRIURI" "$CRTURI" "" "-tls1_2"
 
-title PARA "Run test with TLS 1.2 (ECDSA)"
-run_test "$ECPRIURI" "$ECCRTURI" "" "-tls1_2"
+    title PARA "Run test with explicit TLS 1.3"
+    run_test "$PRIURI" "$CRTURI" "" "-tls1_3"
 
-title PARA "Run test with TLS 1.2 and ECDH"
-run_test "$ECPRIURI" "$ECCRTURI" "" "-tls1_2 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -groups secp256r1"
+    title PARA "Run test with TLS 1.2 (ECDSA)"
+    run_test "$ECPRIURI" "$ECCRTURI" "-tls1_2" "-tls1_2"
 
+    title PARA "Run test with TLS 1.2 and ECDH"
+    run_test "$ECPRIURI" "$ECCRTURI" "" "-tls1_2 -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -groups secp256r1"
+}
+
+title SECTION "TLS with key in provider"
+run_tests
+title ENDSECTION
+
+title SECTION "Forcing the provider for all server operations"
 #Try again forcing all operations on the token
 #We need to disable digest operations as OpenSSL depends on context duplication working
 ORIG_OPENSSL_CONF=${OPENSSL_CONF}
-sed -e "s/#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \
-    -e "s/#pkcs11-module-block-operations/pkcs11-module-block-operations = digest/" \
+sed -e "s/^#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \
+    -e "s/^#pkcs11-module-block-operations/pkcs11-module-block-operations = digest/" \
     "${OPENSSL_CONF}" > "${OPENSSL_CONF}.forcetoken"
 OPENSSL_CONF=${OPENSSL_CONF}.forcetoken
 
-title PARA "Run test with TLS 1.3 preferring token functions"
-run_test "$ECPRIURI" "$ECCRTURI" "" "-tls1_3"
+run_tests
 
 OPENSSL_CONF=${ORIG_OPENSSL_CONF}
-
+title ENDSECTION
 
 exit 0;