diff options
| author | Matt Caswell <matt@openssl.org> | 2017-12-10 11:05:19 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-12-11 09:41:59 +0000 |
| commit | ef178b4eabe7183c5c85a961f4855c277ee7e220 (patch) | |
| tree | bd3e4cec08efcdbec46885043b9555f751cbc3c5 /test | |
| parent | 3b69eb302e237e6e6d75df6325b844e9a7fd0e27 (diff) | |
Don't expect a POLY1305 ciphersuite when using no-poly1305
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/80-test_ssl_new.t | 1 | ||||
| -rw-r--r-- | test/ssl-tests/25-cipher.conf | 8 | ||||
| -rw-r--r-- | test/ssl-tests/25-cipher.conf.in | 15 |
3 files changed, 15 insertions, 9 deletions
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index c5472ebf0f..415c5c3bb8 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -66,6 +66,7 @@ my %conf_dependent_tests = ( "19-mac-then-encrypt.conf" => !$is_default_tls, "20-cert-select.conf" => !$is_default_tls || $no_dh || $no_dsa, "22-compression.conf" => !$is_default_tls, + "25-cipher.conf" => disabled("poly1305"), ); # Add your test here if it should be skipped for some compile-time diff --git a/test/ssl-tests/25-cipher.conf b/test/ssl-tests/25-cipher.conf index 101ee7c517..a28c1f7bed 100644 --- a/test/ssl-tests/25-cipher.conf +++ b/test/ssl-tests/25-cipher.conf @@ -207,13 +207,13 @@ Options = ServerPreference,PrioritizeChaCha PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-cipher-server-pref-mobile-client] -CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 +CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-7] -ExpectedCipher = ECDHE-RSA-CHACHA20-POLY1305 +ExpectedCipher = ECDHE-RSA-AES256-SHA384 # =========================================================== @@ -233,12 +233,12 @@ Options = ServerPreference,PrioritizeChaCha PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-cipher-server-pref-mobile2-client] -CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305 +CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-8] -ExpectedCipher = ECDHE-RSA-AES256-SHA384 +ExpectedCipher = ECDHE-RSA-CHACHA20-POLY1305 diff --git a/test/ssl-tests/25-cipher.conf.in b/test/ssl-tests/25-cipher.conf.in index b82f77ccd9..d75e274120 100644 --- a/test/ssl-tests/25-cipher.conf.in +++ b/test/ssl-tests/25-cipher.conf.in @@ -13,7 +13,7 @@ use strict; use warnings; package ssltests; - +use OpenSSL::Test::Utils; our @tests = ( { @@ -127,12 +127,15 @@ our @tests = ( }, client => { "MaxProtocol" => "TLSv1.2", - "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", + "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305", }, test => { - "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305", + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", }, }, +); + +my @tests_poly1305 = ( { name => "cipher-server-pref-mobile2", server => { @@ -142,10 +145,12 @@ our @tests = ( }, client => { "MaxProtocol" => "TLSv1.2", - "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305", + "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", }, test => { - "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305", }, }, ); + +push @tests, @tests_poly1305 unless disabled("poly1305"); |