Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Fix a minor bug in the runtests.sh. #216

Merged
merged 1 commit into from Jul 18, 2023
Merged

Fix a minor bug in the runtests.sh. #216

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 63 additions & 66 deletions scripts/runtests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,23 @@
#!/bin/sh

set -e

rv=0

provider2openssl() {
echo
echo "Testing oqsprovider->oqs-openssl interop for $1:"
$OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certgen.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmssign.sh $1 sha3-384 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-certverify.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-cmsverify.sh $1
"${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certgen.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmssign.sh" "$1" sha3-384 && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-certverify.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-cmsverify.sh" "$1"
}

openssl2provider() {
echo
echo "Testing oqs-openssl->oqsprovider interop for $1:"
$OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-certgen.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-cmssign.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certverify.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmsverify.sh $1
"${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-certgen.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-cmssign.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certverify.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmsverify.sh" "$1"
}

localalgtest() {
$OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certgen.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certverify.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmssign.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-ca.sh $1 >> interop.log 2>&1
if [ $? -ne 0 ]; then
if ! ( "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certgen.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certverify.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmssign.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-ca.sh" "$1" >> interop.log 2>&1 ); then
echo "localalgtest $1 failed. Exiting.".
cat interop.log
exit 1
Expand All @@ -26,131 +27,128 @@ localalgtest() {
interop() {
echo ".\c"
# check if we want to run this algorithm:
if [ ! -z "$OQS_SKIP_TESTS" ]; then
GREPTEST=$(echo $OQS_SKIP_TESTS | sed "s/\,/\\\|/g")
if echo $1 | grep -q "$GREPTEST"; then
if [ -n "${OQS_SKIP_TESTS}" ]; then
GREPTEST=$(echo "${OQS_SKIP_TESTS}" | sed "s/\,/\\\|/g")
if echo "$1" | grep -q "${GREPTEST}"; then
echo "Not testing $1" >> interop.log
return
fi
fi

# Check whether algorithm is supported at all:
$OPENSSL_APP list -signature-algorithms | grep $1 > /dev/null 2>&1
if [ $? -ne 1 ]; then
if [ -z "$LOCALTESTONLY" ]; then
provider2openssl $1 >> interop.log 2>&1 && openssl2provider $1 >> interop.log 2>&1
retcode=0
"${OPENSSL_APP}" list -signature-algorithms | grep -q "$1" || retcode=$?
if [ "${retcode}" -ne 1 ]; then
if [ -z "${LOCALTESTONLY}" ]; then
provider2openssl "$1" >> interop.log 2>&1 && openssl2provider "$1" >> interop.log 2>&1
else
localalgtest $1
localalgtest "$1"
fi
else
echo "Algorithm $1 not enabled. Exit testing."
exit 1
fi

if [ $? -ne 0 ]; then
if [ "${retcode}" -ne 0 ]; then
echo "Test for $1 failed. Terminating testing."
cat interop.log
exit 1
fi
}

if [ -z "$OQS_PROVIDER_TESTSCRIPTS" ]; then
export OQS_PROVIDER_TESTSCRIPTS=$(pwd)/scripts
if [ -z "${OQS_PROVIDER_TESTSCRIPTS}" ]; then
export OQS_PROVIDER_TESTSCRIPTS="$(pwd)/scripts"
fi

if [ ! -z "$OPENSSL_INSTALL" ]; then
if [ -n "${OPENSSL_INSTALL}" ]; then
# trying to set config variables suitably for pre-existing OpenSSL installation
if [ -f $OPENSSL_INSTALL/bin/openssl ]; then
export OPENSSL_APP=$OPENSSL_INSTALL/bin/openssl
if [ -f "${OPENSSL_INSTALL}/bin/openssl" ]; then
export OPENSSL_APP="${OPENSSL_INSTALL}/bin/openssl"
fi
if [ -z "$LD_LIBRARY_PATH" ]; then
if [ -d $OPENSSL_INSTALL/lib64 ]; then
export LD_LIBRARY_PATH=$OPENSSL_INSTALL/lib64
elif [ -d $OPENSSL_INSTALL/lib ]; then
export LD_LIBRARY_PATH=$OPENSSL_INSTALL/lib
if [ -z "${LD_LIBRARY_PATH}" ]; then
if [ -d "${OPENSSL_INSTALL}/lib64" ]; then
export LD_LIBRARY_PATH="${OPENSSL_INSTALL}/lib64"
elif [ -d "${OPENSSL_INSTALL}/lib" ]; then
export LD_LIBRARY_PATH="${OPENSSL_INSTALL}/lib"
fi
fi
if [ -f $OPENSSL_INSTALL/ssl/openssl.cnf ]; then
export OPENSSL_CONF=$OPENSSL_INSTALL/ssl/openssl.cnf
if [ -f "${OPENSSL_INSTALL}/ssl/openssl.cnf" ]; then
export OPENSSL_CONF="${OPENSSL_INSTALL}/ssl/openssl.cnf"
fi
fi

if [ -z "$OPENSSL_CONF" ]; then
export OPENSSL_CONF=$(pwd)/scripts/openssl-ca.cnf
if [ -z "${OPENSSL_CONF}" ]; then
export OPENSSL_CONF="$(pwd)/scripts/openssl-ca.cnf"
fi

if [ -z "$OPENSSL_APP" ]; then
if [ -f $(pwd)/openssl/apps/openssl ]; then
export OPENSSL_APP=$(pwd)/openssl/apps/openssl
if [ -z "${OPENSSL_APP}" ]; then
if [ -f "$(pwd)/openssl/apps/openssl" ]; then
export OPENSSL_APP="$(pwd)/openssl/apps/openssl"
else # if no local openssl src directory is found, rely on PATH...
export OPENSSL_APP=openssl
fi
fi

if [ -z "$OPENSSL_MODULES" ]; then
export OPENSSL_MODULES=$(pwd)/_build/lib
if [ -z "${OPENSSL_MODULES}" ]; then
export OPENSSL_MODULES="$(pwd)/_build/lib"
fi

if [ -z "$LD_LIBRARY_PATH" ]; then
if [ -d $(pwd)/.local/lib64 ]; then
export LD_LIBRARY_PATH=$(pwd)/.local/lib64
if [ -z "${LD_LIBRARY_PATH}" ]; then
if [ -d "$(pwd)/.local/lib64" ]; then
export LD_LIBRARY_PATH="$(pwd)/.local/lib64"
else
if [ -d $(pwd)/.local/lib ]; then
export LD_LIBRARY_PATH=$(pwd)/.local/lib
if [ -d "$(pwd)/.local/lib" ]; then
export LD_LIBRARY_PATH="$(pwd)/.local/lib"
fi
fi
fi

if [ ! -z "$OQS_SKIP_TESTS" ]; then
echo "Skipping algs $OQS_SKIP_TESTS"
if [ -n "${OQS_SKIP_TESTS}" ]; then
echo "Skipping algs ${OQS_SKIP_TESTS}"
fi

# Set OSX DYLD_LIBRARY_PATH if not already externally set
if [ -z "$DYLD_LIBRARY_PATH" ]; then
export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
if [ -z "${DYLD_LIBRARY_PATH}" ]; then
export DYLD_LIBRARY_PATH="${LD_LIBRARY_PATH}"
fi

echo "Test setup:"
echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "OPENSSL_APP=$OPENSSL_APP"
echo "OPENSSL_CONF=$OPENSSL_CONF"
echo "OPENSSL_MODULES=$OPENSSL_MODULES"
if [[ "$OSTYPE" == "darwin"* ]]; then
echo "DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH"
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
echo "OPENSSL_APP=${OPENSSL_APP}"
echo "OPENSSL_CONF=${OPENSSL_CONF}"
echo "OPENSSL_MODULES=${OPENSSL_MODULES}"
if uname -s | grep -q "^Darwin"; then
echo "DYLD_LIBRARY_PATH=${DYLD_LIBRARY_PATH}"
fi

# check if we can use docker or not:
docker info 2>&1 | grep Server > /dev/null
if [ $? -ne 0 ]; then
if ! docker info 2>&1 | grep -q Server; then
echo "No OQS-OpenSSL111 interop test because of absence of docker"
export LOCALTESTONLY="Yes"
fi

# by default, do not run interop tests as per
# by default, do not run interop tests as per
# https://github.com/open-quantum-safe/oqs-provider/issues/32
# comment the following line if they should be run; be sure to
# have alignment in algorithms supported in that case
export LOCALTESTONLY="Yes"

echo "Version information:"
$OPENSSL_APP version
"${OPENSSL_APP}" version

# Disable testing for version 3.0.1: Buggy as hell:
$OPENSSL_APP version | grep "OpenSSL 3.0.1" > /dev/null
if [ $? -eq 0 ]; then
if "${OPENSSL_APP}" version | grep -q "OpenSSL 3.0.1"; then
echo "Skipping testing of buggy OpenSSL 3.0.1"
exit 0
fi

$OPENSSL_APP list -providers -verbose
if [ $? -ne 0 ]; then
if ! "${OPENSSL_APP}" list -providers -verbose; then
echo "Baseline openssl invocation failed. Exiting test."
exit 1
fi

# Ensure "oqsprovider" is registered:
$OPENSSL_APP list -providers -verbose | grep oqsprovider > /dev/null
if [ $? -ne 0 ]; then
if ! "${OPENSSL_APP}" list -providers -verbose | grep -q oqsprovider; then
echo "oqsprovider not registered. Exit test."
exit 1
fi
Expand All @@ -162,16 +160,16 @@ rm -f interop.log
echo "Cert gen/verify, CMS sign/verify, CA tests for all enabled OQS signature algorithms commencing: "

# auto-detect all available signature algorithms:
for alg in `$OPENSSL_APP list -signature-algorithms | grep oqsprovider | sed -e "s/ @ .*//g" | sed -e "s/^ //g"`
do
for alg in $("${OPENSSL_APP}" list -signature-algorithms | grep oqsprovider | sed -e "s/ @ .*//g" | sed -e "s/^ //g")
do
if [ "$1" = "-V" ]; then
echo "Testing $alg"
fi
interop $alg
interop "${alg}"
certsgenerated=1
done

if [ -z $certsgenerated ]; then
if [ -z "${certsgenerated}" ]; then
echo "No OQS signature algorithms found in provider 'oqsprovider'. No certs generated. Exiting."
exit 1
else
Expand All @@ -185,9 +183,8 @@ echo
# Run built-in tests:
# Without removing OPENSSL_CONF ctest hangs... ???
unset OPENSSL_CONF
cd _build && ctest $@ && cd ..

if [ $? -ne 0 ]; then
rv=0
if ! ( cd _build && ctest $@ ); then
rv=1
fi

Expand All @@ -197,10 +194,10 @@ fi
#rm -rf tmp
echo

if [ $rv -ne 0 ]; then
if [ "${rv}" -ne 0 ]; then
echo "Tests failed."
else
echo "All oqsprovider tests passed."
fi
exit $rv
exit "${rv}"