diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-12-19 16:16:29 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-12-19 16:16:29 +0100 |
commit | 4a6926ef0638b28f256878c339c29c1ebbde62c3 (patch) | |
tree | 5a62df3f2c41909f4f51983c1c3cffbc68320e00 | |
parent | d4a7dad6a67c77cb3dcae49358d5b86181ae801e (diff) | |
download | gnutls-tmp-nmav-draft-ietf-tls-tls13-21-consistent-ciphers.tar.gz |
tests: updated to account for HMAC-SHA384 and CAMELLIA removaltmp-nmav-draft-ietf-tls-tls13-21-consistent-ciphers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | tests/data/listings-DTLS1.0 | 4 | ||||
-rw-r--r-- | tests/data/listings-SSL3.0 | 4 | ||||
-rw-r--r-- | tests/data/listings-SSL3.0-TLS1.1 | 4 | ||||
-rw-r--r-- | tests/data/listings-TLS1.0 | 4 | ||||
-rw-r--r-- | tests/data/listings-TLS1.1 | 4 | ||||
-rw-r--r-- | tests/priorities.c | 28 |
6 files changed, 14 insertions, 34 deletions
diff --git a/tests/data/listings-DTLS1.0 b/tests/data/listings-DTLS1.0 index f4453f8d5e..e261b18243 100644 --- a/tests/data/listings-DTLS1.0 +++ b/tests/data/listings-DTLS1.0 @@ -4,12 +4,8 @@ TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 0xc0, 0x09 SSL3.0 TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0 TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0 TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0 -TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84 SSL3.0 TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0 -TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41 SSL3.0 TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0 -TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88 SSL3.0 TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0 -TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45 SSL3.0 Protocols: VERS-DTLS1.0 diff --git a/tests/data/listings-SSL3.0 b/tests/data/listings-SSL3.0 index 938b2f63d9..8422532efc 100644 --- a/tests/data/listings-SSL3.0 +++ b/tests/data/listings-SSL3.0 @@ -6,13 +6,9 @@ TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0 TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0 TLS_ECDHE_RSA_ARCFOUR_128_SHA1 0xc0, 0x11 SSL3.0 TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0 -TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84 SSL3.0 TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0 -TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41 SSL3.0 TLS_RSA_ARCFOUR_128_SHA1 0x00, 0x05 SSL3.0 TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0 -TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88 SSL3.0 TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0 -TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45 SSL3.0 Protocols: VERS-SSL3.0 diff --git a/tests/data/listings-SSL3.0-TLS1.1 b/tests/data/listings-SSL3.0-TLS1.1 index b18c4bf0f3..b83b9e6f40 100644 --- a/tests/data/listings-SSL3.0-TLS1.1 +++ b/tests/data/listings-SSL3.0-TLS1.1 @@ -4,12 +4,8 @@ TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 0xc0, 0x09 SSL3.0 TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0 TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0 TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0 -TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84 SSL3.0 TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0 -TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41 SSL3.0 TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0 -TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88 SSL3.0 TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0 -TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45 SSL3.0 Protocols: VERS-TLS1.0, VERS-SSL3.0, VERS-TLS1.1 diff --git a/tests/data/listings-TLS1.0 b/tests/data/listings-TLS1.0 index 6714a20c9a..a6f5f25997 100644 --- a/tests/data/listings-TLS1.0 +++ b/tests/data/listings-TLS1.0 @@ -4,12 +4,8 @@ TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 0xc0, 0x09 SSL3.0 TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0 TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0 TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0 -TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84 SSL3.0 TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0 -TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41 SSL3.0 TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0 -TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88 SSL3.0 TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0 -TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45 SSL3.0 Protocols: VERS-TLS1.0 diff --git a/tests/data/listings-TLS1.1 b/tests/data/listings-TLS1.1 index ce5d3d00aa..1ab7700d2c 100644 --- a/tests/data/listings-TLS1.1 +++ b/tests/data/listings-TLS1.1 @@ -4,12 +4,8 @@ TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 0xc0, 0x09 SSL3.0 TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0 TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0 TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0 -TLS_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x84 SSL3.0 TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0 -TLS_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x41 SSL3.0 TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0 -TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 0x00, 0x88 SSL3.0 TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0 -TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 0x00, 0x45 SSL3.0 Protocols: VERS-TLS1.1 diff --git a/tests/priorities.c b/tests/priorities.c index 797c245039..1f85d7966f 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -114,18 +114,18 @@ try_prio_err(const char *prio, int err) void doit(void) { const int null = 4; - int sec128_cs = 53; - int sec256_cs = 22; - int normal_cs = 53; - int normal_ciphers = 11; - int pfs_cs = 39; + int sec128_cs = 31; + int sec256_cs = 12; + int normal_cs = 31; + int normal_ciphers = 7; + int pfs_cs = 23; if (gnutls_fips140_mode_enabled()) { - normal_cs = 30; + normal_cs = 28; normal_ciphers = 6; pfs_cs = 22; - sec256_cs = 11; - sec128_cs = 30; + sec256_cs = 9; + sec128_cs = 28; } try_prio("NORMAL", normal_cs, normal_ciphers, __LINE__); @@ -133,17 +133,17 @@ void doit(void) if (!gnutls_fips140_mode_enabled()) { try_prio("PFS", pfs_cs, normal_ciphers, __LINE__); - try_prio("NORMAL:+CIPHER-ALL", normal_cs, 11, __LINE__); /* all (except null) */ + try_prio("NORMAL:+CIPHER-ALL", normal_cs, 7, __LINE__); /* all (except null) */ try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1, __LINE__); /* null */ - try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal_cs + null, 12, __LINE__); /* should be null + all */ + try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal_cs + null, 8, __LINE__); /* should be null + all */ try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 8, 1, __LINE__); /* should be null + all */ } try_prio("PERFORMANCE", normal_cs, normal_ciphers, __LINE__); - try_prio("SECURE256", sec256_cs, 6, __LINE__); - try_prio("SECURE128", sec128_cs, 11, __LINE__); - try_prio("SECURE128:+SECURE256", sec128_cs, 11, __LINE__); /* should be the same as SECURE128 */ - try_prio("SECURE128:+SECURE256:+NORMAL", normal_cs, 11, __LINE__); /* should be the same as NORMAL */ + try_prio("SECURE256", sec256_cs, 4, __LINE__); + try_prio("SECURE128", sec128_cs, 7, __LINE__); + try_prio("SECURE128:+SECURE256", sec128_cs, 7, __LINE__); /* should be the same as SECURE128 */ + try_prio("SECURE128:+SECURE256:+NORMAL", normal_cs, 7, __LINE__); /* should be the same as NORMAL */ try_prio("SUITEB192", 1, 1, __LINE__); try_prio("SUITEB128", 2, 2, __LINE__); /* check legacy strings */ |