62bb40cc74
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libssh?expand=0&rev=8ca19c4d56099ba193815428765f4443
142 lines
9.0 KiB
Diff
142 lines
9.0 KiB
Diff
From 42bd7cdf6c6e50786155c904821fc62d6d8e5acb Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Mon, 8 Oct 2018 13:31:12 +0200
|
|
Subject: [PATCH] tests: Add aes-gcm ciphers tests
|
|
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
---
|
|
tests/client/torture_algorithms.c | 20 ++++++++++++++++++++
|
|
tests/pkd/pkd_hello.c | 29 +++++++++++++++++++++++++++--
|
|
2 files changed, 47 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c
|
|
index c216c99b..9bb67410 100644
|
|
--- a/tests/client/torture_algorithms.c
|
|
+++ b/tests/client/torture_algorithms.c
|
|
@@ -240,6 +240,20 @@ static void torture_algorithms_aes256_ctr_hmac_sha2_512(void **state) {
|
|
test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-ctr", "hmac-sha2-512");
|
|
}
|
|
|
|
+static void torture_algorithms_aes128_gcm(void **state)
|
|
+{
|
|
+ struct torture_state *s = *state;
|
|
+
|
|
+ test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-gcm@openssh.com", NULL);
|
|
+}
|
|
+
|
|
+static void torture_algorithms_aes256_gcm(void **state)
|
|
+{
|
|
+ struct torture_state *s = *state;
|
|
+
|
|
+ test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-gcm@openssh.com", NULL);
|
|
+}
|
|
+
|
|
static void torture_algorithms_3des_cbc_hmac_sha1(void **state) {
|
|
struct torture_state *s = *state;
|
|
|
|
@@ -464,6 +478,12 @@ int torture_run_tests(void) {
|
|
cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha2_512,
|
|
session_setup,
|
|
session_teardown),
|
|
+ cmocka_unit_test_setup_teardown(torture_algorithms_aes128_gcm,
|
|
+ session_setup,
|
|
+ session_teardown),
|
|
+ cmocka_unit_test_setup_teardown(torture_algorithms_aes256_gcm,
|
|
+ session_setup,
|
|
+ session_teardown),
|
|
cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha1,
|
|
session_setup,
|
|
session_teardown),
|
|
diff --git a/tests/pkd/pkd_hello.c b/tests/pkd/pkd_hello.c
|
|
index e14316ec..0fa72d04 100644
|
|
--- a/tests/pkd/pkd_hello.c
|
|
+++ b/tests/pkd/pkd_hello.c
|
|
@@ -383,6 +383,8 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
|
|
#endif
|
|
|
|
#define CHACHA20 "chacha20-poly1305@openssh.com"
|
|
+#define AES128_GCM "aes128-gcm@openssh.com"
|
|
+#define AES256_GCM "aes256-gcm@openssh.com"
|
|
|
|
#ifdef HAVE_DSA
|
|
#define PKDTESTS_CIPHER_OPENSSHONLY(f, client, ciphercmd) \
|
|
@@ -390,9 +392,13 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
|
|
f(client, rsa_aes192_cbc, ciphercmd("aes192-cbc"), setup_rsa, teardown) \
|
|
f(client, rsa_aes192_ctr, ciphercmd("aes192-ctr"), setup_rsa, teardown) \
|
|
f(client, rsa_chacha20, ciphercmd(CHACHA20), setup_rsa, teardown) \
|
|
+ f(client, rsa_aes128_gcm, ciphercmd(AES128_GCM), setup_rsa, teardown) \
|
|
+ f(client, rsa_aes256_gcm, ciphercmd(AES256_GCM), setup_rsa, teardown) \
|
|
f(client, dsa_aes192_cbc, ciphercmd("aes192-cbc"), setup_dsa, teardown) \
|
|
f(client, dsa_aes192_ctr, ciphercmd("aes192-ctr"), setup_dsa, teardown) \
|
|
f(client, dsa_chacha20, ciphercmd(CHACHA20), setup_dsa, teardown) \
|
|
+ f(client, dsa_aes128_gcm, ciphercmd(AES128_GCM), setup_dsa, teardown) \
|
|
+ f(client, dsa_aes256_gcm, ciphercmd(AES256_GCM), setup_dsa, teardown) \
|
|
f(client, ed25519_3des_cbc, ciphercmd("3des-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes128_cbc, ciphercmd("aes128-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes128_ctr, ciphercmd("aes128-ctr"), setup_ed25519, teardown) \
|
|
@@ -401,21 +407,31 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
|
|
f(client, ed25519_aes192_cbc, ciphercmd("aes192-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes192_ctr, ciphercmd("aes192-ctr"), setup_ed25519, teardown) \
|
|
f(client, ed25519_chacha20, ciphercmd(CHACHA20), setup_ed25519, teardown) \
|
|
+ f(client, ed25519_aes128_gcm, ciphercmd(AES128_GCM), setup_ed25519, teardown) \
|
|
+ f(client, ed25519_aes256_gcm, ciphercmd(AES256_GCM), setup_ed25519, teardown) \
|
|
f(client, ecdsa_256_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_256_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_256_chacha20, ciphercmd(CHACHA20), setup_ecdsa_256, teardown) \
|
|
+ f(client, ecdsa_256_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_256, teardown) \
|
|
+ f(client, ecdsa_256_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_384_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_384_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_384_chacha20, ciphercmd(CHACHA20), setup_ecdsa_384, teardown) \
|
|
+ f(client, ecdsa_384_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_384, teardown) \
|
|
+ f(client, ecdsa_384_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_521_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_521, teardown) \
|
|
f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown) \
|
|
- f(client, ecdsa_521_chacha20, ciphercmd(CHACHA20), setup_ecdsa_521, teardown)
|
|
+ f(client, ecdsa_521_chacha20, ciphercmd(CHACHA20), setup_ecdsa_521, teardown) \
|
|
+ f(client, ecdsa_521_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_521, teardown) \
|
|
+ f(client, ecdsa_521_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_521, teardown)
|
|
#else
|
|
#define PKDTESTS_CIPHER_OPENSSHONLY(f, client, ciphercmd) \
|
|
/* Ciphers. */ \
|
|
f(client, rsa_aes192_cbc, ciphercmd("aes192-cbc"), setup_rsa, teardown) \
|
|
f(client, rsa_aes192_ctr, ciphercmd("aes192-ctr"), setup_rsa, teardown) \
|
|
f(client, rsa_chacha20, ciphercmd(CHACHA20), setup_rsa, teardown) \
|
|
+ f(client, rsa_aes128_gcm, ciphercmd(AES128_GCM), setup_rsa, teardown) \
|
|
+ f(client, rsa_aes256_gcm, ciphercmd(AES256_GCM), setup_rsa, teardown) \
|
|
f(client, ed25519_3des_cbc, ciphercmd("3des-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes128_cbc, ciphercmd("aes128-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes128_ctr, ciphercmd("aes128-ctr"), setup_ed25519, teardown) \
|
|
@@ -424,17 +440,26 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
|
|
f(client, ed25519_aes192_cbc, ciphercmd("aes192-cbc"), setup_ed25519, teardown) \
|
|
f(client, ed25519_aes192_ctr, ciphercmd("aes192-ctr"), setup_ed25519, teardown) \
|
|
f(client, ed25519_chacha20, ciphercmd(CHACHA20), setup_ed25519, teardown) \
|
|
+ f(client, ed25519_aes128_gcm, ciphercmd(AES128_GCM), setup_ed25519, teardown) \
|
|
+ f(client, ed25519_aes256_gcm, ciphercmd(AES256_GCM), setup_ed25519, teardown) \
|
|
f(client, ecdsa_256_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_256_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_256_chacha20, ciphercmd(CHACHA20), setup_ecdsa_256, teardown) \
|
|
+ f(client, ecdsa_256_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_256, teardown) \
|
|
+ f(client, ecdsa_256_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_256, teardown) \
|
|
f(client, ecdsa_384_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_384_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_384_chacha20, ciphercmd(CHACHA20), setup_ecdsa_384, teardown) \
|
|
+ f(client, ecdsa_384_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_384, teardown) \
|
|
+ f(client, ecdsa_384_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_384, teardown) \
|
|
f(client, ecdsa_521_aes192_cbc, ciphercmd("aes192-cbc"), setup_ecdsa_521, teardown) \
|
|
f(client, ecdsa_521_aes192_ctr, ciphercmd("aes192-ctr"), setup_ecdsa_521, teardown) \
|
|
- f(client, ecdsa_521_chacha20, ciphercmd(CHACHA20), setup_ecdsa_521, teardown)
|
|
+ f(client, ecdsa_521_chacha20, ciphercmd(CHACHA20), setup_ecdsa_521, teardown) \
|
|
+ f(client, ecdsa_521_aes128_gcm, ciphercmd(AES128_GCM), setup_ecdsa_521, teardown) \
|
|
+ f(client, ecdsa_521_aes256_gcm, ciphercmd(AES256_GCM), setup_ecdsa_521, teardown)
|
|
#endif
|
|
|
|
+
|
|
#ifdef HAVE_DSA
|
|
#define PKDTESTS_MAC(f, client, maccmd) \
|
|
/* MACs. */ \
|
|
--
|
|
2.21.0
|
|
|