aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2020-01-15 11:24:08 +0100
committerJakub Jelen <jjelen@redhat.com>2020-01-23 09:48:11 +0100
commitac1c31bda162a62bd2cb72eecd03a3c641f6b557 (patch)
treeb343dbab702b3bf097b72976eaa76c34dc4b7779 /tests
parent60a987fd172f743462e0a9c61638279ec7b77f67 (diff)
downloadlibssh-ac1c31bda162a62bd2cb72eecd03a3c641f6b557.tar.gz
libssh-ac1c31bda162a62bd2cb72eecd03a3c641f6b557.tar.xz
libssh-ac1c31bda162a62bd2cb72eecd03a3c641f6b557.zip
tests: Skip chacha20-poly1305 tests in FIPS mode
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/unittests/torture_crypto.c20
-rw-r--r--tests/unittests/torture_packet.c6
2 files changed, 26 insertions, 0 deletions
diff --git a/tests/unittests/torture_crypto.c b/tests/unittests/torture_crypto.c
index 102b2594..3f84e19c 100644
--- a/tests/unittests/torture_crypto.c
+++ b/tests/unittests/torture_crypto.c
@@ -156,6 +156,11 @@ static void torture_crypto_chacha20poly1305(void **state)
int rc;
(void)state;
+ /* Chacha20-poly1305 is not FIPS-allowed cipher */
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
assert_int_equal(sizeof(output), sizeof(chacha20poly1305_encrypted));
in_length = htonl(sizeof(chacha20poly1305_cleartext));
@@ -214,6 +219,11 @@ static void torture_crypto_chacha20poly1305_bad_packet_length(void **state)
int rc;
(void)state;
+ /* Chacha20-poly1305 is not FIPS-allowed cipher */
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
/* Test corrupted packet length */
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));
encrypted_bad[1] ^= 1;
@@ -245,6 +255,11 @@ static void torture_crypto_chacha20poly1305_bad_data(void **state)
int rc;
(void)state;
+ /* Chacha20-poly1305 is not FIPS-allowed cipher */
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
/* Test corrupted data */
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));
encrypted_bad[100] ^= 1;
@@ -276,6 +291,11 @@ static void torture_crypto_chacha20poly1305_bad_tag(void **state)
int rc;
(void)state;
+ /* Chacha20-poly1305 is not FIPS-allowed cipher */
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
/* Test corrupted tag */
assert_int_equal(sizeof(encrypted_bad), sizeof(chacha20poly1305_encrypted));
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));
diff --git a/tests/unittests/torture_packet.c b/tests/unittests/torture_packet.c
index 922c8325..130ddad0 100644
--- a/tests/unittests/torture_packet.c
+++ b/tests/unittests/torture_packet.c
@@ -260,6 +260,12 @@ static void torture_packet_chacha20(void **state)
{
int i;
(void)state; /* unused */
+
+ /* Chacha20-poly1305 is not FIPS-allowed cipher */
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
for (i=1;i<256;++i){
torture_packet("chacha20-poly1305@openssh.com", "none", "none", i);
}