-
Notifications
You must be signed in to change notification settings - Fork 0
/
common.sh
120 lines (112 loc) · 4.76 KB
/
common.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#!/usr/bin/env bash
# Common utilities for plot_openssl*.sh .
set -e
# set -x
### Params ###
# shellcheck disable=SC2034 # used in plot_openssl*.sh
VER=1.0.1
GRA_DIR="graphs"
UNAME_S="$(uname -s)"
if [ "${UNAME_S}" == "Darwin" ] ; then
SO=dylib
# shellcheck disable=SC2034 # used in other scripts
DOT_LOCAL_LIB=lib
else
SO=so
# shellcheck disable=SC2034 # used in other scripts
DOT_LOCAL_LIB=lib64
fi
##
# @brief Path check
# @param[in] ${ALLOWED_DIR}
# @param[in] path
# @param[out] exit 2 if given path is not allowed
check_path (){
local real_path touched
# TODO: test realpath and then determin if it requires the given path and file.
# NOTE: some `realpath` command fails with "No such file or directory" for non-existant
if [ ! -e "$2" ] && [ "${UNAME_S}" == "Darwin" ] ; then
touch "$2"
touched=1
fi
real_path=$(realpath "$2")
# NOTE: some `realpath` command fails with "No such file or directory" for non-existant
[ "${touched}" == "1" ] && rm -f "$2"
if [[ ${real_path} != $1* ]]; then
echo
echo "Error: '$2' is not under the allowed dir!"
echo
exit 2
fi
}
##
# @brief Get an array of algorithms supported by OQS
# @param[in] "$@" : algorithm types, "kem", "signature", or both, i.e. "kem" "signature".
# global OPENSSL : openssl command
# @param[out] global
# ARR_OQS_SIG : if $algorithm types == "signature"
# ARR_OQS_KEM : if $algorithm types == "kem"
get_arr_oqs () {
local arr_tmp algorithm_type
for algorithm_type in "$@"; do
# Listing up all the post-quantum algorithms that are not hybrid with
# classic ones whose names include '_' except
# X25519MLKEM768 and SecP256r1MLKEM768 for at least
# openssl-3.4.0-oqsprovider0.7.0-liboqs0.11.0.
IFS=" " read -r -a arr_tmp <<< "$(${OPENSSL} list -"${algorithm_type}"-algorithms -provider oqsprovider 2>/dev/null | awk '$1 ~ /(X25519|X448|Sec)/{ next } /^[^_]+ @ oqsprovider$/ {print $1}' | sort -V | awk '{printf "%s ",$1}')"
# shellcheck disable=SC2034 # used in other scripts
case "${algorithm_type}" in
"signature") ARR_OQS_SIG=("${arr_tmp[@]}");;
"kem") ARR_OQS_KEM=("${arr_tmp[@]}");;
*) echo "Warning: '${algorithm_type}' is ignored for the get_arr_oqs()'s arguments!";;
esac
done
# echo "${ARR_OQS_KEM[*]}"
# echo "${ARR_OQS_SIG[*]}"
}
##
# @brief Set LIBOQS_VER and so on using ${OPENSSL} command.
# @param[in] global OPENSSL : openssl command
# @param[in] global OPENSSL_MODULES (set in build_oqsprovider())
# @param[out] global variables:
# OPENSSL_VER_ALL
# OPENSSL_PROVIDER
# LIBOQS_VER
liboqs_ver_from_command () {
local tmp
OPENSSL_VER_ALL="$(${OPENSSL} version -a)"
# OPENSSL_VER="$(${OPENSSL} version)"
# OPENSSL_VER="$(echo "${OPENSSL_VER_ALL}" | awk 'NR==1 {print $1 $2}')"
# "OpenSSL 3.3.1", "LibreSSL 2.8.3" and so on
# openssl_ver_nospace="$(echo "${OPENSSL_VER}" | awk '{printf "%s%s", $1,$2}')"
# OPENSSL_VER_NOSPACE="$(echo "${OPENSSL_VER_ALL}" | awk 'NR==1 {printf "%s%s", $1,$2}')"
# "OpenSSL3.3.1", "LibreSSL2.8.3" and so on
unset LIBOQS_VER OPENSSL_PROVIDER
if [[ "${OPENSSL_VER_ALL}" == *"MODULESDIR"* ]]; then
OPENSSL_PROVIDER="$(${OPENSSL} list -providers 2>/dev/null)"
if [[ "${OPENSSL_PROVIDER}" == *"oqsprovider"* ]]; then
# TODO: find a more simple way to identify real LIBOQS_VER
# whereas plot_openssl_in_path() cannot use LIBOQS_BRANCH
if [ -n "${OPENSSL_MODULES}" ]; then
tmp="$(strings "${OPENSSL_MODULES}/oqsprovider.$SO" | awk '/based on liboqs/')"
else
# use MODULESDIR in ${OPENSSL_VER_ALL}
# tmp="$(strings "$(echo "${OPENSSL_VER_ALL}" | awk '/MODULESDIR:/ {printf "%s",$2}' | sed -e 's/"//g')/oqsprovider.$SO" | awk '/based on liboqs/')"
tmp="$(strings "$(echo "${OPENSSL_VER_ALL}" | awk '/MODULESDIR:/ {printf "%s",substr($2,2,length($2)-2)}')/oqsprovider.$SO" | awk '/based on liboqs/')"
fi
# tmp="OQS Provider v.0.6.0 (0ec51ec) based on liboqs v.0.10.1"
LIBOQS_VER=${tmp##*liboqs v.}
export LIBOQS_VER
if [ -d "${GRA_DIR}" ]; then
echo "${LIBOQS_VER}" > ./"${GRA_DIR}"/liboqs_ver.log
else
echo "${LIBOQS_VER}" > ./liboqs_ver.log
fi
# 0.10.1
# liboqs_ver_nospace="liboqs${LIBOQS_VER}"
# liboqs0.10.1
fi
fi
# "OpenSSL3.3.1" or "OpenSSL3.3.1 liboqs0.10.0"
#OPENSSL_INFO="${openssl_ver_nospace} ${liboqs_ver_nospace}"
}