WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #8154 from bandi13/fipsCheckAddFlag 

Ability to bypass './configure' as some tests/scripts run it anyway
pull/8157/head
Daniel Pouzzner 2024-11-06 15:07:17 -06:00 committed by GitHub
parent 7e291992c0 cbf4f014cd
commit c577ad78df
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 33 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
fips-check.sh
View File

@ -17,6 +17,7 @@ TEST_DIR="${TEST_DIR:-XXX-fips-test}"
FLAVOR="${FLAVOR:-linux}" FLAVOR="${FLAVOR:-linux}"
KEEP="${KEEP:-no}" KEEP="${KEEP:-no}"
MAKECHECK=${MAKECHECK:-yes} MAKECHECK=${MAKECHECK:-yes}
DOCONFIGURE=${DOCONFIGURE:-yes}
FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}" FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
Usage() { Usage() {
@ -43,6 +44,7 @@ usageText
while [ "$1" ]; do while [ "$1" ]; do
if [ "$1" = 'keep' ]; then KEEP='yes'; if [ "$1" = 'keep' ]; then KEEP='yes';
elif [ "$1" = 'nomakecheck' ]; then MAKECHECK='no'; elif [ "$1" = 'nomakecheck' ]; then MAKECHECK='no';
elif [ "$1" = 'nodoconfigure' ]; then DOCONFIGURE='no';
else FLAVOR="$1"; fi else FLAVOR="$1"; fi
shift shift
done done
@ -368,37 +370,39 @@ fi
# run the make test # run the make test
./autogen.sh ./autogen.sh
case "$FIPS_OPTION" in if [ "$DOCONFIGURE" = "yes" ]; then
cavp-selftest) case "$FIPS_OPTION" in
./configure --enable-selftest cavp-selftest)
;; ./configure --enable-selftest
cavp-selftest-v2) ;;
./configure --enable-selftest=v2 cavp-selftest-v2)
;; ./configure --enable-selftest=v2
*) ;;
./configure --enable-fips=$FIPS_OPTION *)
;; ./configure --enable-fips=$FIPS_OPTION
esac ;;
esac
if ! $MAKE; then if ! $MAKE; then
echo 'fips-check: Make failed. Debris left for analysis.' echo 'fips-check: Make failed. Debris left for analysis.'
exit 3
fi
if [ -s wolfcrypt/src/fips_test.c ]; then
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
if [ -n "$NEWHASH" ]; then
cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak >wolfcrypt/src/fips_test.c
make clean
fi
fi
if [ "$MAKECHECK" = "yes" ]; then
if ! $MAKE check; then
echo 'fips-check: Test failed. Debris left for analysis.'
exit 3 exit 3
fi fi
if [ -s wolfcrypt/src/fips_test.c ]; then
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
if [ -n "$NEWHASH" ]; then
cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak >wolfcrypt/src/fips_test.c
make clean
fi
fi
if [ "$MAKECHECK" = "yes" ]; then
if ! $MAKE check; then
echo 'fips-check: Test failed. Debris left for analysis.'
exit 3
fi
fi
fi fi
# Clean up # Clean up

2
tests/api.c
View File

@ -61436,7 +61436,7 @@ static int test_wolfSSL_X509_NID(void)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN) !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
int sigType; int sigType;
int nameSz; int nameSz = 0;
X509* cert = NULL; X509* cert = NULL;
EVP_PKEY* pubKeyTmp = NULL; EVP_PKEY* pubKeyTmp = NULL;