Skip to content

Commit

Permalink
Fix a minor bug in the runtests.sh. (open-quantum-safe#216)
Browse files Browse the repository at this point in the history 
This commit fixes a minor bug in `scripts/runtests.sh`: this script is run with
POSIX sh on linux machines, meaning that `[[` are not recognized.
However, `[[ … ]]` was used.

Because `set -e` was not set, the minor bug described above did not lead to a
CI failure.

This commit fixes the `[[ … ]]` by using a simple `if grep`.
It also sets `set -e` at the top of the file in order to catch any potential future mistakes.

Finally, this commit also fixes minor warnings raised by [ShellCheck]. To display those warnings,
one can simply run `shellcheck scripts/runtests.sh`.

[ShellCheck]: https://www.shellcheck.net/

Signed-off-by: Felipe Ventura <[email protected]>
  • Loading branch information
@thb-sb @feventura
thb-sb authored and feventura committed Mar 13, 2024
1 parent e42a9be commit 659d19b
Showing 1 changed file with 63 additions and 66 deletions.
129 changes: 63 additions & 66 deletions scripts/runtests.sh
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,23 @@
#!/bin/sh

set -e

rv=0

provider2openssl() {
echo
echo "Testing oqsprovider->oqs-openssl interop for $1:"
$OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certgen.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmssign.sh $1 sha3-384 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-certverify.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-cmsverify.sh $1
"${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certgen.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmssign.sh" "$1" sha3-384 && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-certverify.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-cmsverify.sh" "$1"
}

openssl2provider() {
echo
echo "Testing oqs-openssl->oqsprovider interop for $1:"
$OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-certgen.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqs-openssl-cmssign.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certverify.sh $1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmsverify.sh $1
"${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-certgen.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqs-openssl-cmssign.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certverify.sh" "$1" && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmsverify.sh" "$1"
}

localalgtest() {
$OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certgen.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-certverify.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-cmssign.sh $1 >> interop.log 2>&1 && $OQS_PROVIDER_TESTSCRIPTS/oqsprovider-ca.sh $1 >> interop.log 2>&1
if [ $? -ne 0 ]; then
if ! ( "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certgen.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-certverify.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-cmssign.sh" "$1" >> interop.log 2>&1 && "${OQS_PROVIDER_TESTSCRIPTS}/oqsprovider-ca.sh" "$1" >> interop.log 2>&1 ); then
echo "localalgtest $1 failed. Exiting.".
cat interop.log
exit 1
Expand All @@ -26,131 +27,128 @@ localalgtest() {
interop() {
echo ".\c"
# check if we want to run this algorithm:
if [ ! -z "$OQS_SKIP_TESTS" ]; then
GREPTEST=$(echo $OQS_SKIP_TESTS | sed "s/\,/\\\|/g")
if echo $1 | grep -q "$GREPTEST"; then
if [ -n "${OQS_SKIP_TESTS}" ]; then
GREPTEST=$(echo "${OQS_SKIP_TESTS}" | sed "s/\,/\\\|/g")
if echo "$1" | grep -q "${GREPTEST}"; then
echo "Not testing $1" >> interop.log
return
fi
fi

# Check whether algorithm is supported at all:
$OPENSSL_APP list -signature-algorithms | grep $1 > /dev/null 2>&1
if [ $? -ne 1 ]; then
if [ -z "$LOCALTESTONLY" ]; then
provider2openssl $1 >> interop.log 2>&1 && openssl2provider $1 >> interop.log 2>&1
retcode=0
"${OPENSSL_APP}" list -signature-algorithms | grep -q "$1" || retcode=$?
if [ "${retcode}" -ne 1 ]; then
if [ -z "${LOCALTESTONLY}" ]; then
provider2openssl "$1" >> interop.log 2>&1 && openssl2provider "$1" >> interop.log 2>&1
else
localalgtest $1
localalgtest "$1"
fi
else
echo "Algorithm $1 not enabled. Exit testing."
exit 1
fi

if [ $? -ne 0 ]; then
if [ "${retcode}" -ne 0 ]; then
echo "Test for $1 failed. Terminating testing."
cat interop.log
exit 1
fi
}

if [ -z "$OQS_PROVIDER_TESTSCRIPTS" ]; then
export OQS_PROVIDER_TESTSCRIPTS=$(pwd)/scripts
if [ -z "${OQS_PROVIDER_TESTSCRIPTS}" ]; then
export OQS_PROVIDER_TESTSCRIPTS="$(pwd)/scripts"
fi

if [ ! -z "$OPENSSL_INSTALL" ]; then
if [ -n "${OPENSSL_INSTALL}" ]; then
# trying to set config variables suitably for pre-existing OpenSSL installation
if [ -f $OPENSSL_INSTALL/bin/openssl ]; then
export OPENSSL_APP=$OPENSSL_INSTALL/bin/openssl
if [ -f "${OPENSSL_INSTALL}/bin/openssl" ]; then
export OPENSSL_APP="${OPENSSL_INSTALL}/bin/openssl"
fi
if [ -z "$LD_LIBRARY_PATH" ]; then
if [ -d $OPENSSL_INSTALL/lib64 ]; then
export LD_LIBRARY_PATH=$OPENSSL_INSTALL/lib64
elif [ -d $OPENSSL_INSTALL/lib ]; then
export LD_LIBRARY_PATH=$OPENSSL_INSTALL/lib
if [ -z "${LD_LIBRARY_PATH}" ]; then
if [ -d "${OPENSSL_INSTALL}/lib64" ]; then
export LD_LIBRARY_PATH="${OPENSSL_INSTALL}/lib64"
elif [ -d "${OPENSSL_INSTALL}/lib" ]; then
export LD_LIBRARY_PATH="${OPENSSL_INSTALL}/lib"
fi
fi
if [ -f $OPENSSL_INSTALL/ssl/openssl.cnf ]; then
export OPENSSL_CONF=$OPENSSL_INSTALL/ssl/openssl.cnf
if [ -f "${OPENSSL_INSTALL}/ssl/openssl.cnf" ]; then
export OPENSSL_CONF="${OPENSSL_INSTALL}/ssl/openssl.cnf"
fi
fi

if [ -z "$OPENSSL_CONF" ]; then
export OPENSSL_CONF=$(pwd)/scripts/openssl-ca.cnf
if [ -z "${OPENSSL_CONF}" ]; then
export OPENSSL_CONF="$(pwd)/scripts/openssl-ca.cnf"
fi

if [ -z "$OPENSSL_APP" ]; then
if [ -f $(pwd)/openssl/apps/openssl ]; then
export OPENSSL_APP=$(pwd)/openssl/apps/openssl
if [ -z "${OPENSSL_APP}" ]; then
if [ -f "$(pwd)/openssl/apps/openssl" ]; then
export OPENSSL_APP="$(pwd)/openssl/apps/openssl"
else # if no local openssl src directory is found, rely on PATH...
export OPENSSL_APP=openssl
fi
fi

if [ -z "$OPENSSL_MODULES" ]; then
export OPENSSL_MODULES=$(pwd)/_build/lib
if [ -z "${OPENSSL_MODULES}" ]; then
export OPENSSL_MODULES="$(pwd)/_build/lib"
fi

if [ -z "$LD_LIBRARY_PATH" ]; then
if [ -d $(pwd)/.local/lib64 ]; then
export LD_LIBRARY_PATH=$(pwd)/.local/lib64
if [ -z "${LD_LIBRARY_PATH}" ]; then
if [ -d "$(pwd)/.local/lib64" ]; then
export LD_LIBRARY_PATH="$(pwd)/.local/lib64"
else
if [ -d $(pwd)/.local/lib ]; then
export LD_LIBRARY_PATH=$(pwd)/.local/lib
if [ -d "$(pwd)/.local/lib" ]; then
export LD_LIBRARY_PATH="$(pwd)/.local/lib"
fi
fi
fi

if [ ! -z "$OQS_SKIP_TESTS" ]; then
echo "Skipping algs $OQS_SKIP_TESTS"
if [ -n "${OQS_SKIP_TESTS}" ]; then
echo "Skipping algs ${OQS_SKIP_TESTS}"
fi

# Set OSX DYLD_LIBRARY_PATH if not already externally set
if [ -z "$DYLD_LIBRARY_PATH" ]; then
export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
if [ -z "${DYLD_LIBRARY_PATH}" ]; then
export DYLD_LIBRARY_PATH="${LD_LIBRARY_PATH}"
fi

echo "Test setup:"
echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "OPENSSL_APP=$OPENSSL_APP"
echo "OPENSSL_CONF=$OPENSSL_CONF"
echo "OPENSSL_MODULES=$OPENSSL_MODULES"
if [[ "$OSTYPE" == "darwin"* ]]; then
echo "DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH"
echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
echo "OPENSSL_APP=${OPENSSL_APP}"
echo "OPENSSL_CONF=${OPENSSL_CONF}"
echo "OPENSSL_MODULES=${OPENSSL_MODULES}"
if uname -s | grep -q "^Darwin"; then
echo "DYLD_LIBRARY_PATH=${DYLD_LIBRARY_PATH}"
fi

# check if we can use docker or not:
docker info 2>&1 | grep Server > /dev/null
if [ $? -ne 0 ]; then
if ! docker info 2>&1 | grep -q Server; then
echo "No OQS-OpenSSL111 interop test because of absence of docker"
export LOCALTESTONLY="Yes"
fi

# by default, do not run interop tests as per
# by default, do not run interop tests as per
# https://github.com/open-quantum-safe/oqs-provider/issues/32
# comment the following line if they should be run; be sure to
# have alignment in algorithms supported in that case
export LOCALTESTONLY="Yes"

echo "Version information:"
$OPENSSL_APP version
"${OPENSSL_APP}" version

# Disable testing for version 3.0.1: Buggy as hell:
$OPENSSL_APP version | grep "OpenSSL 3.0.1" > /dev/null
if [ $? -eq 0 ]; then
if "${OPENSSL_APP}" version | grep -q "OpenSSL 3.0.1"; then
echo "Skipping testing of buggy OpenSSL 3.0.1"
exit 0
fi

$OPENSSL_APP list -providers -verbose
if [ $? -ne 0 ]; then
if ! "${OPENSSL_APP}" list -providers -verbose; then
echo "Baseline openssl invocation failed. Exiting test."
exit 1
fi

# Ensure "oqsprovider" is registered:
$OPENSSL_APP list -providers -verbose | grep oqsprovider > /dev/null
if [ $? -ne 0 ]; then
if ! "${OPENSSL_APP}" list -providers -verbose | grep -q oqsprovider; then
echo "oqsprovider not registered. Exit test."
exit 1
fi
Expand All @@ -162,16 +160,16 @@ rm -f interop.log
echo "Cert gen/verify, CMS sign/verify, CA tests for all enabled OQS signature algorithms commencing: "

# auto-detect all available signature algorithms:
for alg in `$OPENSSL_APP list -signature-algorithms | grep oqsprovider | sed -e "s/ @ .*//g" | sed -e "s/^ //g"`
do
for alg in $("${OPENSSL_APP}" list -signature-algorithms | grep oqsprovider | sed -e "s/ @ .*//g" | sed -e "s/^ //g")
do
if [ "$1" = "-V" ]; then
echo "Testing $alg"
fi
interop $alg
interop "${alg}"
certsgenerated=1
done

if [ -z $certsgenerated ]; then
if [ -z "${certsgenerated}" ]; then
echo "No OQS signature algorithms found in provider 'oqsprovider'. No certs generated. Exiting."
exit 1
else
Expand All @@ -185,9 +183,8 @@ echo
# Run built-in tests:
# Without removing OPENSSL_CONF ctest hangs... ???
unset OPENSSL_CONF
cd _build && ctest $@ && cd ..

if [ $? -ne 0 ]; then
rv=0
if ! ( cd _build && ctest $@ ); then
rv=1
fi

Expand All @@ -197,10 +194,10 @@ fi
#rm -rf tmp
echo

if [ $rv -ne 0 ]; then
if [ "${rv}" -ne 0 ]; then
echo "Tests failed."
else
echo "All oqsprovider tests passed."
fi
exit $rv
exit "${rv}"

0 comments on commit 659d19b

Please sign in to comment.