From 1c0e4c013a18ae03b7f76d3bee4c78aae75ba3fc Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 20 Feb 2023 18:05:21 +0800
Subject: [PATCH] compat.sh: skip static ECDH cases if unsupported in openssl

This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/compat.sh | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/tests/compat.sh b/tests/compat.sh
index 8f7d72c7b..6c58a1bef 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -534,6 +534,15 @@ add_mbedtls_ciphersuites()
     esac
 }
 
+# o_check_ciphersuite STANDARD_CIPHER_SUITE
+o_check_ciphersuite()
+{
+    if [ "${1#*ECDH_ECDSA*}" != "$1" ] && \
+       [ "X${O_SUPPORT_ECDH}" = "XNO" ]; then
+            SKIP_NEXT="YES"
+    fi
+}
+
 setup_arguments()
 {
     O_MODE=""
@@ -603,6 +612,11 @@ setup_arguments()
             ;;
     esac
 
+    case $($OPENSSL ciphers ALL) in
+        *ECDH-ECDSA*) O_SUPPORT_ECDH="YES";;
+        *)O_SUPPORT_ECDH="NO";;
+    esac
+
     if [ "X$VERIFY" = "XYES" ];
     then
         M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
@@ -1033,6 +1047,7 @@ for MODE in $MODES; do
                         start_server "OpenSSL"
                         translate_ciphers m $M_CIPHERS
                         for i in $ciphers; do
+                            o_check_ciphersuite "$i"
                             run_client mbedTLS ${i%%=*} ${i#*=}
                         done
                         stop_server