|
|
|
|
From 52f273439a4012bb1426e59b14195c2d4f2d45e5 Mon Sep 17 00:00:00 2001
|
|
|
|
|
From: tigro <tigro@msvsphere-os.ru>
|
|
|
|
|
Date: Mon, 20 May 2024 10:13:36 +0300
|
|
|
|
|
Subject: [PATCH] Skip SSLClient tests for old openssl
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
cmake/JSSTests.cmake | 69 --------------------------------------------
|
|
|
|
|
1 file changed, 69 deletions(-)
|
|
|
|
|
|
|
|
|
|
diff --git a/cmake/JSSTests.cmake b/cmake/JSSTests.cmake
|
|
|
|
|
index 453e3e0..4f93ce3 100644
|
|
|
|
|
--- a/cmake/JSSTests.cmake
|
|
|
|
|
+++ b/cmake/JSSTests.cmake
|
|
|
|
|
@@ -185,11 +185,6 @@ macro(jss_tests)
|
|
|
|
|
COMMAND "org.mozilla.jss.tests.ListCACerts" "${RESULTS_NSSDB_OUTPUT_DIR}" "Verbose"
|
|
|
|
|
DEPENDS "Generate_known_ECDSA_cert_pair"
|
|
|
|
|
)
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLClientAuth"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.SSLClientAuth" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}" "${JSS_TEST_PORT_CLIENTAUTH}" "50"
|
|
|
|
|
- DEPENDS "List_CA_certs"
|
|
|
|
|
- )
|
|
|
|
|
jss_test_java(
|
|
|
|
|
NAME "Key_Generation"
|
|
|
|
|
COMMAND "org.mozilla.jss.tests.TestKeyGen" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}"
|
|
|
|
|
@@ -268,26 +263,6 @@ macro(jss_tests)
|
|
|
|
|
COMMAND "org.mozilla.jss.tests.X509CertTest" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}"
|
|
|
|
|
DEPENDS "List_CA_certs"
|
|
|
|
|
)
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "KeyStoreTest"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.KeyStoreTest" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}" getAliases
|
|
|
|
|
- DEPENDS "List_CA_certs" "X509CertTest" "Secret_Key_Generation" "Symmetric_Key_Deriving" "SSLClientAuth"
|
|
|
|
|
- )
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "JSSProvider"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.JSSProvider" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}"
|
|
|
|
|
- DEPENDS "List_CA_certs" "X509CertTest" "Secret_Key_Generation" "Symmetric_Key_Deriving" "SSLClientAuth"
|
|
|
|
|
- )
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLEngine_RSA"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.TestSSLEngine" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}" "Client_RSA" "Server_RSA"
|
|
|
|
|
- DEPENDS "List_CA_certs"
|
|
|
|
|
- )
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLEngine_ECDSA"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.TestSSLEngine" "${RESULTS_NSSDB_OUTPUT_DIR}" "${PASSWORD_FILE}" "Client_ECDSA" "Server_ECDSA"
|
|
|
|
|
- DEPENDS "SSLEngine_RSA"
|
|
|
|
|
- )
|
|
|
|
|
|
|
|
|
|
if(NOT FIPS_ENABLED)
|
|
|
|
|
jss_test_java(
|
|
|
|
|
@@ -321,21 +296,11 @@ macro(jss_tests)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# SSL Engine related tests
|
|
|
|
|
- jss_test_exec(
|
|
|
|
|
- NAME "TestBufferPRFDSSL_RSA"
|
|
|
|
|
- COMMAND "${BIN_OUTPUT_DIR}/TestBufferPRFDSSL" "${RESULTS_NSSDB_OUTPUT_DIR}" "${DB_PWD}" "Server_RSA"
|
|
|
|
|
- DEPENDS "List_CA_certs" "generate_c_TestBufferPRFDSSL"
|
|
|
|
|
- )
|
|
|
|
|
jss_test_exec(
|
|
|
|
|
NAME "TestBufferPRFDSSL_ECDSA"
|
|
|
|
|
COMMAND "${BIN_OUTPUT_DIR}/TestBufferPRFDSSL" "${RESULTS_NSSDB_OUTPUT_DIR}" "${DB_PWD}" "Server_ECDSA"
|
|
|
|
|
DEPENDS "List_CA_certs" "generate_c_TestBufferPRFDSSL"
|
|
|
|
|
)
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "JSS_Test_BufferPRFD"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.TestBufferPRFD" "${RESULTS_NSSDB_OUTPUT_DIR}" "${DB_PWD}"
|
|
|
|
|
- DEPENDS "List_CA_certs"
|
|
|
|
|
- )
|
|
|
|
|
|
|
|
|
|
# FIPS-related tests
|
|
|
|
|
jss_test_java(
|
|
|
|
|
@@ -365,22 +330,6 @@ macro(jss_tests)
|
|
|
|
|
|
|
|
|
|
# The current version of NSS features partial support for TLS 1.3 in
|
|
|
|
|
# FIPS mode.
|
|
|
|
|
- if (NOT SANDBOX)
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLClientAuth_FIPSMODE"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.SSLClientAuth" "${RESULTS_NSSDB_FIPS_OUTPUT_DIR}" "${PASSWORD_FILE}" "${JSS_TEST_PORT_CLIENTAUTH_FIPS}" "60"
|
|
|
|
|
- DEPENDS "Enable_FipsMODE"
|
|
|
|
|
- MODE "FIPS"
|
|
|
|
|
- )
|
|
|
|
|
- else()
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLClientAuth_FIPSMODE"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.JSSProvider"
|
|
|
|
|
- DEPENDS "Enable_FipsMODE"
|
|
|
|
|
- MODE "FIPS"
|
|
|
|
|
- )
|
|
|
|
|
- endif()
|
|
|
|
|
-
|
|
|
|
|
jss_test_java(
|
|
|
|
|
NAME "HMAC_FIPSMODE"
|
|
|
|
|
COMMAND "org.mozilla.jss.tests.CrossHMACTest" "${RESULTS_NSSDB_FIPS_OUTPUT_DIR}" "${PASSWORD_FILE}"
|
|
|
|
|
@@ -405,28 +354,10 @@ macro(jss_tests)
|
|
|
|
|
DEPENDS "Enable_FipsMODE"
|
|
|
|
|
MODE "FIPS"
|
|
|
|
|
)
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLEngine_RSA_FIPSMODE"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.TestSSLEngine" "${RESULTS_NSSDB_FIPS_OUTPUT_DIR}" "${PASSWORD_FILE}" "Client_RSA" "Server_RSA"
|
|
|
|
|
- DEPENDS "Enable_FipsMODE" "SSLEngine_ECDSA"
|
|
|
|
|
- MODE "FIPS"
|
|
|
|
|
- )
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "SSLEngine_ECDSA_FIPSMODE"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.TestSSLEngine" "${RESULTS_NSSDB_FIPS_OUTPUT_DIR}" "${PASSWORD_FILE}" "Client_ECDSA" "Server_ECDSA"
|
|
|
|
|
- DEPENDS "SSLEngine_RSA_FIPSMODE" "SSLEngine_ECDSA"
|
|
|
|
|
- MODE "FIPS"
|
|
|
|
|
- )
|
|
|
|
|
|
|
|
|
|
# Since we need to disable FIPS mode _after_ all FIPS-mode tests have
|
|
|
|
|
# run, we have to add a strict dependency from Disable_FipsMODE onto all
|
|
|
|
|
# FIPS-related checks.
|
|
|
|
|
- jss_test_java(
|
|
|
|
|
- NAME "Disable_FipsMODE"
|
|
|
|
|
- COMMAND "org.mozilla.jss.tests.FipsTest" "${RESULTS_NSSDB_FIPS_OUTPUT_DIR}" "disable"
|
|
|
|
|
- DEPENDS "check_FipsMODE" "SSLClientAuth_FIPSMODE" "HMAC_FIPSMODE" "KeyWrapping_FIPSMODE" "Mozilla_JSS_JCA_Signature_FIPSMODE" "JSS_Signature_test_FipsMODE" "SSLEngine_RSA_FIPSMODE" "SSLEngine_ECDSA_FIPSMODE"
|
|
|
|
|
- MODE "NONE"
|
|
|
|
|
- )
|
|
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
jss_test_java(
|
|
|
|
|
--
|
|
|
|
|
2.45.0
|
|
|
|
|
|
