diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2019-06-05 15:08:22 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-06-13 16:28:25 +0200 |
commit | bdb2ef4dcc6f958436e527da1c30fedfb8ac0bda (patch) | |
tree | 31bb9ed9c1ca5257df64d2008c167013307846ee /tests/client | |
parent | 41834f228bc4a5a89bfe8c71c13c051fc6f2993a (diff) | |
download | libssh-bdb2ef4dcc6f958436e527da1c30fedfb8ac0bda.tar.gz libssh-bdb2ef4dcc6f958436e527da1c30fedfb8ac0bda.tar.xz libssh-bdb2ef4dcc6f958436e527da1c30fedfb8ac0bda.zip |
tests/torture_algorithms: Skip some tests in FIPS mode
When running in FIPS mode, skip the tests using algorithms not allowed.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests/client')
-rw-r--r-- | tests/client/torture_algorithms.c | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c index 5fa12479..247ed29d 100644 --- a/tests/client/torture_algorithms.c +++ b/tests/client/torture_algorithms.c @@ -173,36 +173,60 @@ static void torture_algorithms_aes128_cbc_hmac_sha2_512_etm(void **state) { static void torture_algorithms_aes192_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha1"); } static void torture_algorithms_aes192_cbc_hmac_sha2_256(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-256"); } static void torture_algorithms_aes192_cbc_hmac_sha2_512(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-512"); } static void torture_algorithms_aes192_cbc_hmac_sha1_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha1-etm@openssh.com"); } static void torture_algorithms_aes192_cbc_hmac_sha2_256_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-256-etm@openssh.com"); } static void torture_algorithms_aes192_cbc_hmac_sha2_512_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-512-etm@openssh.com"); } @@ -281,36 +305,60 @@ static void torture_algorithms_aes128_ctr_hmac_sha2_512_etm(void **state) { static void torture_algorithms_aes192_ctr_hmac_sha1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha1"); } static void torture_algorithms_aes192_ctr_hmac_sha2_256(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-256"); } static void torture_algorithms_aes192_ctr_hmac_sha2_512(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-512"); } static void torture_algorithms_aes192_ctr_hmac_sha1_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha1-etm@openssh.com"); } static void torture_algorithms_aes192_ctr_hmac_sha2_256_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-256-etm@openssh.com"); } static void torture_algorithms_aes192_ctr_hmac_sha2_512_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-512-etm@openssh.com"); } @@ -367,36 +415,60 @@ static void torture_algorithms_aes256_gcm(void **state) static void torture_algorithms_3des_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha1"); } static void torture_algorithms_3des_cbc_hmac_sha2_256(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-256"); } static void torture_algorithms_3des_cbc_hmac_sha2_512(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512"); } static void torture_algorithms_3des_cbc_hmac_sha1_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha1-etm@openssh.com"); } static void torture_algorithms_3des_cbc_hmac_sha2_256_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-256-etm@openssh.com"); } static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512-etm@openssh.com"); } @@ -405,36 +477,60 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) { static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha1"); } static void torture_algorithms_blowfish_cbc_hmac_sha2_256(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-256"); } static void torture_algorithms_blowfish_cbc_hmac_sha2_512(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512"); } static void torture_algorithms_blowfish_cbc_hmac_sha1_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha1-etm@openssh.com"); } static void torture_algorithms_blowfish_cbc_hmac_sha2_256_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-256-etm@openssh.com"); } static void torture_algorithms_blowfish_cbc_hmac_sha2_512_etm(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512-etm@openssh.com"); } #endif @@ -444,6 +540,10 @@ static void torture_algorithms_chacha20_poly1305(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, NULL, /*kex*/ "chacha20-poly1305@openssh.com", @@ -551,6 +651,10 @@ static void torture_algorithms_ecdh_sha2_nistp521(void **state) { static void torture_algorithms_ecdh_curve25519_sha256(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, "curve25519-sha256", NULL/*cipher*/, NULL/*hmac*/); } #endif @@ -559,6 +663,10 @@ static void torture_algorithms_ecdh_curve25519_sha256(void **state) { static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, "curve25519-sha256@libssh.org", NULL/*cipher*/, NULL/*hmac*/); } #endif @@ -566,12 +674,20 @@ static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) { static void torture_algorithms_dh_group1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, "diffie-hellman-group1-sha1", NULL/*cipher*/, NULL/*hmac*/); } static void torture_algorithms_dh_group14(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, "diffie-hellman-group14-sha1", NULL/*cipher*/, NULL/*hmac*/); } @@ -592,6 +708,10 @@ static void torture_algorithms_dh_gex_sha1(void **state) { struct torture_state *s = *state; + if (ssh_fips_mode()) { + skip(); + } + test_algorithm(s->ssh.session, "diffie-hellman-group-exchange-sha1", NULL, /* cipher */ |