Unify script code

padelsbach · padelsbach · commit 3754b1a0284d · 2025-11-20T13:54:19.000-08:00
diff --git a/.github/workflows/cmdline.yml b/.github/workflows/cmdline.yml
@@ -35,4 +35,5 @@ jobs:
 
       - name: Run tests
         run: |
+          source $GITHUB_WORKSPACE/scripts/env-setup
           ${{ matrix.force_fail }} ${{ matrix.debug }} ./scripts/cmd_test/do-cmd-tests.sh
diff --git a/.github/workflows/debian-package.yml b/.github/workflows/debian-package.yml
@@ -82,31 +82,11 @@ jobs:
             ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }}
 
       - name: Test OpenSSL provider functionality
+        shell: bash
         run: |
-          WOLFPROV_CONF_BACKUP="/tmp/wolfprovider.conf.backup"
-
-          # Temporarily move wolfprovider config so we can toggle between providers
-          echo "Temporarily disabling wolfprovider for default provider tests:"
-          mkdir -p /tmp/openssl-test
-          if [ -f $WOLFPROV_CONF_FILE ]; then
-            mv $WOLFPROV_CONF_FILE $WOLFPROV_CONF_BACKUP
-            echo "   - Moved $WOLFPROV_CONF_FILE to $WOLFPROV_CONF_BACKUP"
-          else
-            echo "$WOLFPROV_CONF_FILE not found!"
-            exit 1
-          fi
-
           # Run the do-cmd-test.sh script to execute interoperability tests
           echo "Running OpenSSL provider interoperability tests..."
           OPENSSL_BIN=$(eval which openssl) ${{ matrix.force_fail }} ${{ matrix.fips_ref == 'FIPS' && 'WOLFSSL_ISFIPS=1' || '' }} ./scripts/cmd_test/do-cmd-tests.sh
-
-          # Restore wolfprovider configuration
-          echo "Restoring wolfprovider configuration:"
-          if [ -f $WOLFPROV_CONF_BACKUP ]; then
-            mv $WOLFPROV_CONF_BACKUP $WOLFPROV_CONF_FILE
-            echo "   - Restored $WOLFPROV_CONF_FILE from $WOLFPROV_CONF_BACKUP"
-          fi
-
           echo "PASS: All provider interoperability tests successful"
 
       - name: Uninstall package and verify cleanup
diff --git a/scripts/cmd_test/aes-cmd-test.sh b/scripts/cmd_test/aes-cmd-test.sh
@@ -19,9 +19,9 @@
 # You should have received a copy of the GNU General Public License
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-source "${SCRIPT_DIR}/cmd-test-common.sh"
-source "${SCRIPT_DIR}/clean-cmd-test.sh"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/clean-cmd-test.sh"
 
 if [ -z "${DO_CMD_TESTS:-}" ]; then
     echo "This script is designed to be called from do-cmd-tests.sh"
diff --git a/scripts/cmd_test/cmd-test-common.sh b/scripts/cmd_test/cmd-test-common.sh
@@ -19,63 +19,15 @@
 
 # Global variables to store wolfProvider installation mode
 # Only initialize if not already set (allows parent script to export values)
-WOLFPROV_REPLACE_DEFAULT=${WOLFPROV_REPLACE_DEFAULT:-0}
-WOLFPROV_FIPS=${WOLFPROV_FIPS:-0}
-WOLFPROV_INSTALLED=${WOLFPROV_INSTALLED:-0}
 
 if [ -z "${DO_CMD_TESTS:-}" ]; then
     echo "This script is designed to be called from do-cmd-tests.sh"
     echo "Do not run this script directly - use do-cmd-tests.sh instead"
     exit 1
 fi
 
-# Function to detect wolfProvider installation mode
-detect_wolfprovider_mode() {
-    if [ -z "${REPO_ROOT:-}" ]; then
-        REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )"/../.. &> /dev/null && pwd )"
-    fi
-
-    # Get OpenSSL version and initial provider info
-    local openssl_version=$(${OPENSSL_BIN} version 2>/dev/null)
-    local openssl_providers=$(${OPENSSL_BIN} list -providers 2>/dev/null)
-
-    # Detect if wolfProvider is currently active
-    if echo "$openssl_providers" | grep -qi "wolfSSL Provider"; then
-        WOLFPROV_INSTALLED=1
-        echo "Detected: wolfProvider is currently active"
-    else
-        WOLFPROV_INSTALLED=0
-        echo "Detected: wolfProvider is not currently active"
-    fi
-
-    # Detect if FIPS mode is active
-    if echo "$openssl_providers" | grep -qi "wolfSSL Provider FIPS"; then
-        WOLFPROV_FIPS=1
-        echo "Detected: wolfProvider FIPS mode"
-    else
-        WOLFPROV_FIPS=0
-        echo "Detected: wolfProvider non-FIPS mode"
-    fi
-
-    # Detect replace-default mode
-    if echo "$openssl_providers" | grep -q "default" && echo "$openssl_providers" | grep -qi "wolfSSL Provider"; then
-        WOLFPROV_REPLACE_DEFAULT=1
-        echo "Detected: wolfProvider installed in replace-default mode (provider: default)"
-    elif echo "$openssl_providers" | grep -qi "libwolfprov"; then
-        WOLFPROV_REPLACE_DEFAULT=0
-        echo "Detected: wolfProvider installed in non-replace-default mode (provider: libwolfprov)"
-    else
-        WOLFPROV_REPLACE_DEFAULT=0
-        echo "Detected: wolfProvider not in replace-default mode"
-    fi
-
-    # Print detection summary
-    echo "wolfProvider mode detection:"
-    echo "  REPLACE_DEFAULT: $WOLFPROV_REPLACE_DEFAULT"
-    echo "  FIPS: $WOLFPROV_FIPS"
-    echo "  INSTALLED: $WOLFPROV_INSTALLED"
-}
-
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/../utils-general.sh"
 
 # Function to setup the environment for the command-line tests
 cmd_test_env_setup() {
@@ -96,10 +48,10 @@ cmd_test_env_setup() {
 # Individual test setup (called by each test script)
 cmd_test_init() {
     local log_file_name=$1
-    SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+    CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 
     # Set up log file
-    export LOG_FILE="${SCRIPT_DIR}/${log_file_name}"
+    export LOG_FILE="${CMD_TEST_DIR}/${log_file_name}"
     touch "$LOG_FILE"
 
     # Redirect all output to log file
@@ -110,99 +62,98 @@ cmd_test_init() {
     FORCE_FAIL_PASSED=0
 }
 
+
 # Function to use default provider only
 use_default_provider() {
     unset OPENSSL_MODULES
     unset OPENSSL_CONF
+    if ! declare -F detect_wolfprovider_mode >/dev/null; then
+        echo "ERROR: detect_wolfprovider_mode function not found"
+        exit 1
+    fi
+
+    detect_wolfprovider_mode
 
     # Check if wolfProvider is in replace-default mode
-    if [ "$WOLFPROV_REPLACE_DEFAULT" = "1" ]; then
+    if [ "$is_openssl_replace_default" = "1" ]; then
         echo "INFO: wolfProvider is installed in replace-default mode"
         echo "INFO: wolfProvider IS the default provider and cannot be switched off"
 
         # Verify that wolfProvider (as default) is active
-        local providers=$(${OPENSSL_BIN} list -providers 2>/dev/null)
-        if echo "$providers" | grep -q "default" && echo "$providers" | grep -qi "wolfSSL Provider"; then
+		if [ "$is_wp_active" = "1" ] && [ "$is_wp_default" = "1" ]; then
             echo "Using default provider (wolfProvider in replace-default mode)"
         else
-            echo "FAIL: Expected wolfProvider as default, but provider list doesn't match"
-            echo "Provider list:"
-            echo "$providers"
+            echo "FAIL: Expected wolfProvider as default, but is_wp_active: $is_wp_active and is_wp_default: $is_wp_default"
             exit 1
         fi
     else
         # In non-replace-default mode, unsetting OPENSSL_MODULES should disable wolfProvider
         echo "INFO: wolfProvider is installed in non-replace-default mode"
 
         # Verify that we are using the OpenSSL default provider (not wolfProvider)
-        local providers=$(${OPENSSL_BIN} list -providers 2>/dev/null)
-        if echo "$providers" | grep -qi "libwolfprov"; then
+        if [ "$is_openssl_default_provider" != "1" ]; then
             echo "FAIL: unable to switch to default provider, wolfProvider is still active"
-            echo "Provider list:"
-            echo "$providers"
-            exit 1
-        fi
-
-        # Check if OpenSSL default provider is active
-        if echo "$providers" | grep -q "default" && echo "$providers" | grep -qi "OpenSSL Default Provider"; then
-            echo "Switched to default provider (OpenSSL)"
-        else
-            echo "FAIL: Expected OpenSSL Default Provider, but provider list doesn't match"
-            echo "Provider list:"
-            echo "$providers"
+            echo "is_openssl_default_provider: $is_openssl_default_provider"
             exit 1
         fi
+        echo "INFO: Switched to default provider (OpenSSL)"
     fi
 }
 
 
 # Function to use wolf provider only
 use_wolf_provider() {
+    export OPENSSL_MODULES=$WOLFPROV_PATH
+    export OPENSSL_CONF=${WOLFPROV_CONFIG}
+    if ! declare -F detect_wolfprovider_mode >/dev/null; then
+        echo "ERROR: detect_wolfprovider_mode function not found"
+        exit 1
+    fi
+    detect_wolfprovider_mode
+
     # Check if wolfProvider is in replace-default mode
-    if [ "$WOLFPROV_REPLACE_DEFAULT" = "1" ]; then
+    if [ "$is_openssl_replace_default" = "1" ]; then
         # In replace-default mode, wolfProvider is already the default
         # No need to set OPENSSL_MODULES or OPENSSL_CONF
         echo "INFO: wolfProvider is installed in replace-default mode"
         echo "INFO: wolfProvider is already active as the default provider"
 
         # Verify that wolfProvider is active
-        local providers=$(${OPENSSL_BIN} list -providers 2>/dev/null)
-        if echo "$providers" | grep -qi "wolfSSL Provider"; then
+		if [ "$is_wp_active" = "1" ] && [ "$is_wp_default" = "1" ]; then
             echo "Using wolfProvider (replace-default mode)"
         else
             echo "FAIL: wolfProvider is not active"
-            echo "Provider list:"
-            echo "$providers"
+            echo "is_wp_active: $is_wp_active"
+            echo "is_wp_default: $is_wp_default"
             exit 1
         fi
     else
         # In non-replace-default mode, we need to set OPENSSL_MODULES and OPENSSL_CONF
         echo "INFO: wolfProvider is installed in non-replace-default mode"
-        export OPENSSL_MODULES=$WOLFPROV_PATH
-        export OPENSSL_CONF=${WOLFPROV_CONFIG}
 
         # Verify that we are using wolfProvider
-        local providers=$(${OPENSSL_BIN} list -providers 2>/dev/null)
-        if ! echo "$providers" | grep -qi "wolfprov"; then
+        if [ "$is_wp_active" != "1" ]; then
             echo "FAIL: unable to switch to wolfProvider, default provider is still active"
-            echo "Provider list:"
-            echo "$providers"
-            echo "OPENSSL_MODULES: $OPENSSL_MODULES"
-            echo "OPENSSL_CONF: $OPENSSL_CONF"
+            $OPENSSL_BIN list -providers
+            echo "is_wp_active: $is_wp_active"
+            echo "is_wp_default: $is_wp_default"
             exit 1
         fi
-        echo "Switched to wolfProvider"
+        echo "INFO: Switched to wolfProvider"
     fi
 }
 
 
 # Helper function to handle force fail checks
 check_force_fail() {
-    if is_default_provider && ! is_replace_default; then
+    detect_wolfprovider_mode
+    if [ "$is_openssl_default_provider" = "1" ]; then
+        # With the OpenSSL provider, don't expect failures
         echo "OPENSSL Default provider active, no forced failures expected."
-    elif [ "${WOLFPROV_FORCE_FAIL}" = "1" ]; then
+    elif [ "$WOLFPROV_FORCE_FAIL" = "1" ]; then
         echo "[PASS] Test passed when force fail was enabled"
         FORCE_FAIL_PASSED=1
+        exit 1
     fi
 }
 
diff --git a/scripts/cmd_test/do-cmd-tests.sh b/scripts/cmd_test/do-cmd-tests.sh
@@ -20,8 +20,8 @@
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
 # Get the directory where this script is located
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-REPO_ROOT="$( cd "${SCRIPT_DIR}/../.." &> /dev/null && pwd )"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+REPO_ROOT="$( cd "${CMD_TEST_DIR}/../.." &> /dev/null && pwd )"
 UTILS_DIR="${REPO_ROOT}/scripts"
 
 # Flag to indicate that this script is being called from do-cmd-tests.sh
@@ -110,7 +110,7 @@ if [ $RUN_ALL -eq 1 ]; then
     RUN_REQ=1
 fi
 
-source "${SCRIPT_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
 cmd_test_env_setup
 
 echo "==========================================
@@ -120,9 +120,6 @@ echo ""
 echo "Running command-line test suite..."
 echo ""
 
-# Detect installation mode and setup environment
-cmd_test_env_setup
-
 echo ""
 echo "=== Running wolfProvider Command-Line Tests ==="
 echo "Using OPENSSL_BIN: ${OPENSSL_BIN}" 
diff --git a/scripts/cmd_test/ecc-cmd-test.sh b/scripts/cmd_test/ecc-cmd-test.sh
@@ -19,9 +19,9 @@
 # You should have received a copy of the GNU General Public License
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-source "${SCRIPT_DIR}/cmd-test-common.sh"
-source "${SCRIPT_DIR}/clean-cmd-test.sh"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/clean-cmd-test.sh"
 
 if [ -z "${DO_CMD_TESTS:-}" ]; then
     echo "This script is designed to be called from do-cmd-tests.sh"
diff --git a/scripts/cmd_test/hash-cmd-test.sh b/scripts/cmd_test/hash-cmd-test.sh
@@ -19,9 +19,9 @@
 # You should have received a copy of the GNU General Public License
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-source "${SCRIPT_DIR}/cmd-test-common.sh"
-source "${SCRIPT_DIR}/clean-cmd-test.sh"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/clean-cmd-test.sh"
 
 if [ -z "${DO_CMD_TESTS:-}" ]; then
     echo "This script is designed to be called from do-cmd-tests.sh"
diff --git a/scripts/cmd_test/req-cmd-test.sh b/scripts/cmd_test/req-cmd-test.sh
@@ -19,9 +19,9 @@
 # You should have received a copy of the GNU General Public License
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-source "${SCRIPT_DIR}/cmd-test-common.sh"
-source "${SCRIPT_DIR}/clean-cmd-test.sh"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/clean-cmd-test.sh"
 
 if [ -z "${DO_CMD_TESTS:-}" ]; then
     echo "This script is designed to be called from do-cmd-tests.sh"
diff --git a/scripts/cmd_test/rsa-cmd-test.sh b/scripts/cmd_test/rsa-cmd-test.sh
@@ -19,9 +19,9 @@
 # You should have received a copy of the GNU General Public License
 # along with wolfProvider. If not, see <http://www.gnu.org/licenses/>.
 
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-source "${SCRIPT_DIR}/cmd-test-common.sh"
-source "${SCRIPT_DIR}/clean-cmd-test.sh"
+CMD_TEST_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${CMD_TEST_DIR}/cmd-test-common.sh"
+source "${CMD_TEST_DIR}/clean-cmd-test.sh"
 cmd_test_init "rsa-test.log"
 clean_cmd_test "rsa"
 
@@ -42,19 +42,6 @@ PROVIDER_ARGS=("-provider-path $WOLFPROV_PATH -provider libwolfprov" "-provider
 
 OPENSSL_BIN=${OPENSSL_BIN:-openssl}
 
-rsa_check_force_fail() {
-    local openssl_providers=$($OPENSSL_BIN list -providers)
-    is_openssl_default_provider=$(echo "$openssl_providers" | grep -qi "OpenSSL Default Provider" && echo 1 || echo 0)
-    if [ $is_openssl_default_provider -eq 1 ]; then
-        # With the OpenSSL provider, don't expect failures
-        echo "OPENSSL Default provider active, no forced failures expected."
-    elif [ "${WOLFPROV_FORCE_FAIL}" = "1" ]; then
-        echo "[PASS] Test passed when force fail was enabled"
-        FORCE_FAIL_PASSED=1
-        exit 1
-    fi
-}
-
 # Function to validate key
 validate_key() {
     local key_type=$1
diff --git a/scripts/utils-general.sh b/scripts/utils-general.sh
diff --git a/scripts/verify-install.sh b/scripts/verify-install.sh
