From 7de93e26dc9546f5a799d874fb184161ed43f503 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 26 Jan 2019 12:50:16 +0100 Subject: [PATCH] Introducing HAS_X448 and HAS_X25519 ... to enable checks whether a curve has been detected by sockets won't be detected and/or makes problems with remaining openssl s_client + other calls Related to #1087 --- testssl.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/testssl.sh b/testssl.sh index 69bcea0..0e82f6c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -325,6 +325,8 @@ OSSL_SUPPORTED_CURVES="" HAS_SSL2=false HAS_SSL3=false HAS_TLS13=false +HAS_X448=false +HAS_X25519=false HAS_PKUTIL=false HAS_PKEY=false HAS_NO_SSL2=false @@ -15718,6 +15720,12 @@ find_openssl_binary() { $OPENSSL s_client -tls1_3 -connect x 2>&1 | grep -aq "unknown option" || \ HAS_TLS13=true + $OPENSSL genpkey -algorithm X448 -out - 2>&1 | grep -aq "not found" || \ + HAS_X448=true + + $OPENSSL genpkey -algorithm X25519 -out - 2>&1 | grep -aq "not found" || \ + HAS_X25519=true + $OPENSSL s_client -no_ssl2 -connect x 2>&1 | grep -aq "unknown option" || \ HAS_NO_SSL2=true @@ -16054,6 +16062,8 @@ HAS_IPv6: $HAS_IPv6 HAS_SSL2: $HAS_SSL2 HAS_SSL3: $HAS_SSL3 HAS_TLS13: $HAS_TLS13 +HAS_X448: $HAS_X448 +HAS_X25519: $HAS_X25519 HAS_NO_SSL2: $HAS_NO_SSL2 HAS_SPDY: $HAS_SPDY HAS_ALPN: $HAS_ALPN