diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2018-06-04 09:59:21 +0200 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2018-06-04 09:59:21 +0200 |
commit | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (patch) | |
tree | 2a03e117d072c55cfe2863d26b73e64d933e7ad8 /src/libstrongswan/tests/suites/test_proposal.c | |
parent | 7793611ee71b576dd9c66dee327349fa64e38740 (diff) | |
download | vyos-strongswan-51a71ee15c1bcf0e82f363a16898f571e211f9c3.tar.gz vyos-strongswan-51a71ee15c1bcf0e82f363a16898f571e211f9c3.zip |
New upstream version 5.6.3
Diffstat (limited to 'src/libstrongswan/tests/suites/test_proposal.c')
-rw-r--r-- | src/libstrongswan/tests/suites/test_proposal.c | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/src/libstrongswan/tests/suites/test_proposal.c b/src/libstrongswan/tests/suites/test_proposal.c index 1a2f97d5f..938fa38aa 100644 --- a/src/libstrongswan/tests/suites/test_proposal.c +++ b/src/libstrongswan/tests/suites/test_proposal.c @@ -29,6 +29,8 @@ static struct { { PROTO_IKE, "aes128", NULL }, { PROTO_IKE, "aes128-sha256", NULL }, { PROTO_IKE, "aes128-sha256-modpnone", NULL }, + { PROTO_IKE, "aes128-prfsha256", NULL }, + { PROTO_IKE, "aes128-prfsha256-modp2048", NULL }, { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" }, { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" }, { PROTO_IKE, "aes128gcm16-modp3072", NULL }, @@ -194,6 +196,106 @@ START_TEST(test_promote_dh_group_not_contained) } END_TEST +START_TEST(test_unknown_transform_types_print) +{ + proposal_t *proposal; + + proposal = proposal_create(PROTO_IKE, 0); + proposal->add_algorithm(proposal, 242, 42, 128); + assert_proposal_eq(proposal, "IKE:UNKNOWN_242_42_128"); + proposal->destroy(proposal); + + proposal = proposal_create_from_string(PROTO_IKE, + "aes128-sha256-ecp256"); + proposal->add_algorithm(proposal, 242, 42, 128); + proposal->add_algorithm(proposal, 243, 1, 0); + assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128/UNKNOWN_243_1"); + proposal->destroy(proposal); +} +END_TEST + +START_TEST(test_unknown_transform_types_equals) +{ + proposal_t *self, *other; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + ck_assert(!self->equals(self, other)); + ck_assert(!other->equals(other, self)); + self->add_algorithm(self, 242, 42, 0); + ck_assert(self->equals(self, other)); + ck_assert(other->equals(other, self)); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_fail) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(!selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_fail_subtype) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + self->add_algorithm(self, 242, 8, 0); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(!selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_unknown_transform_types_select_success) +{ + proposal_t *self, *other, *selected; + + self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + self->add_algorithm(self, 242, 42, 128); + other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256"); + other->add_algorithm(other, 242, 42, 128); + other->add_algorithm(other, 242, 1, 0); + + selected = self->select(self, other, TRUE, FALSE); + ck_assert(selected); + assert_proposal_eq(selected, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128"); + selected->destroy(selected); + other->destroy(other); + self->destroy(self); +} +END_TEST + +START_TEST(test_chacha20_poly1305_key_length) +{ + proposal_t *proposal; + uint16_t alg, ks; + + proposal = proposal_create_from_string(PROTO_IKE, "chacha20poly1305-prfsha256-ecp256"); + proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &ks); + ck_assert_int_eq(alg, ENCR_CHACHA20_POLY1305); + ck_assert_int_eq(ks, 0); + assert_proposal_eq(proposal, "IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/ECP_256"); + proposal->destroy(proposal); +} +END_TEST + + Suite *proposal_suite_create() { Suite *s; @@ -216,5 +318,17 @@ Suite *proposal_suite_create() tcase_add_test(tc, test_promote_dh_group_not_contained); suite_add_tcase(s, tc); + tc = tcase_create("unknown transform types"); + tcase_add_test(tc, test_unknown_transform_types_print); + tcase_add_test(tc, test_unknown_transform_types_equals); + tcase_add_test(tc, test_unknown_transform_types_select_fail); + tcase_add_test(tc, test_unknown_transform_types_select_fail_subtype); + tcase_add_test(tc, test_unknown_transform_types_select_success); + suite_add_tcase(s, tc); + + tc = tcase_create("chacha20/poly1305"); + tcase_add_test(tc, test_chacha20_poly1305_key_length); + suite_add_tcase(s, tc); + return s; } |