diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-22 16:41:48 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-05-22 23:27:06 +0200 |
| commit | bccd122bb293bf4cc8184f1f73143d30dd38b70f (patch) | |
| tree | 696319746867cc79c11bac558a3c3da7720f3bcb | |
| parent | 0138f024761ce321a2ff47c0377e3663e474ba34 (diff) | |
| download | gnutls-bccd122bb293bf4cc8184f1f73143d30dd38b70f.tar.gz | |
self-tests: introduced flag GNUTLS_SELF_TEST_FLAG_NO_COMPAT
This allows skipping the compatibility APIs when running self tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/crypto-selftests.c | 19 | ||||
| -rw-r--r-- | lib/includes/gnutls/self-test.h | 1 |
2 files changed, 12 insertions, 8 deletions
diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c index 255654b0a5..924af9ffe6 100644 --- a/lib/crypto-selftests.c +++ b/lib/crypto-selftests.c @@ -375,7 +375,7 @@ const struct cipher_vectors_st arcfour_vectors[] = { /* RFC6229 */ static int test_cipher(gnutls_cipher_algorithm_t cipher, const struct cipher_vectors_st *vectors, - size_t vectors_size) + size_t vectors_size, unsigned flags) { gnutls_cipher_hd_t hd; int ret; @@ -665,7 +665,7 @@ static int test_cipher_aead_compat(gnutls_cipher_algorithm_t cipher, /* AEAD modes */ static int test_cipher_aead(gnutls_cipher_algorithm_t cipher, const struct cipher_aead_vectors_st *vectors, - size_t vectors_size) + size_t vectors_size, unsigned flags) { gnutls_aead_cipher_hd_t hd; int ret; @@ -795,7 +795,10 @@ static int test_cipher_aead(gnutls_cipher_algorithm_t cipher, gnutls_cipher_get_name(cipher)); /* test the compatibility APIs */ - return test_cipher_aead_compat(cipher, vectors, vectors_size); + if (flags & GNUTLS_SELF_TEST_FLAG_NO_COMPAT) + return 0; + else + return test_cipher_aead_compat(cipher, vectors, vectors_size); } @@ -911,7 +914,7 @@ const struct hash_vectors_st sha3_512_vectors[] = { /* SHA1 and other hashes */ static int test_digest(gnutls_digest_algorithm_t dig, const struct hash_vectors_st *vectors, - size_t vectors_size) + size_t vectors_size, unsigned flags) { uint8_t data[HASH_DATA_SIZE]; unsigned int i; @@ -1033,7 +1036,7 @@ const struct mac_vectors_st hmac_sha512_vectors[] = { static int test_mac(gnutls_mac_algorithm_t mac, const struct mac_vectors_st *vectors, - size_t vectors_size) + size_t vectors_size, unsigned flags) { uint8_t data[HASH_DATA_SIZE]; unsigned int i; @@ -1088,20 +1091,20 @@ static int test_mac(gnutls_mac_algorithm_t mac, } #define CASE(x, func, vectors) case x: \ - ret = func(x, V(vectors)); \ + ret = func(x, V(vectors), flags); \ if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \ return ret #define NON_FIPS_CASE(x, func, vectors) case x: \ if (_gnutls_fips_mode_enabled() == 0) { \ - ret = func(x, V(vectors)); \ + ret = func(x, V(vectors), flags); \ if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \ return ret; \ } #define FIPS_STARTUP_ONLY_TEST_CASE(x, func, vectors) case x: \ if (_gnutls_fips_mode_enabled() != 1) { \ - ret = func(x, V(vectors)); \ + ret = func(x, V(vectors), flags); \ if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \ return ret; \ } diff --git a/lib/includes/gnutls/self-test.h b/lib/includes/gnutls/self-test.h index 699af99f6a..1addf0d029 100644 --- a/lib/includes/gnutls/self-test.h +++ b/lib/includes/gnutls/self-test.h @@ -30,6 +30,7 @@ /* The functions are not part of the main API, and are conditionally * enabled. */ #define GNUTLS_SELF_TEST_FLAG_ALL 1 +#define GNUTLS_SELF_TEST_FLAG_NO_COMPAT (1<<1) int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher); int gnutls_mac_self_test(unsigned flags, gnutls_mac_algorithm_t mac); |