lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-05 20:55:46 +03:00
Code Activity

tests: Skip chacha20-poly1305 tests in FIPS mode

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2020-01-15 11:24:08 +01:00
parent 60a987fd17
commit ac1c31bda1
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
tests/unittests/torture_crypto.c
View File

@@ -156,6 +156,11 @@ static void torture_crypto_chacha20poly1305(void **state)
int rc; int rc;
(void)state; (void)state;
/* Chacha20-poly1305 is not FIPS-allowed cipher */
if (ssh_fips_mode()) {
skip();
}
assert_int_equal(sizeof(output), sizeof(chacha20poly1305_encrypted)); assert_int_equal(sizeof(output), sizeof(chacha20poly1305_encrypted));
in_length = htonl(sizeof(chacha20poly1305_cleartext)); in_length = htonl(sizeof(chacha20poly1305_cleartext));
@@ -214,6 +219,11 @@ static void torture_crypto_chacha20poly1305_bad_packet_length(void **state)
int rc; int rc;
(void)state; (void)state;
/* Chacha20-poly1305 is not FIPS-allowed cipher */
if (ssh_fips_mode()) {
skip();
}
/* Test corrupted packet length */ /* Test corrupted packet length */
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));
encrypted_bad[1] ^= 1; encrypted_bad[1] ^= 1;
@@ -245,6 +255,11 @@ static void torture_crypto_chacha20poly1305_bad_data(void **state)
int rc; int rc;
(void)state; (void)state;
/* Chacha20-poly1305 is not FIPS-allowed cipher */
if (ssh_fips_mode()) {
skip();
}
/* Test corrupted data */ /* Test corrupted data */
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));
encrypted_bad[100] ^= 1; encrypted_bad[100] ^= 1;
@@ -276,6 +291,11 @@ static void torture_crypto_chacha20poly1305_bad_tag(void **state)
int rc; int rc;
(void)state; (void)state;
/* Chacha20-poly1305 is not FIPS-allowed cipher */
if (ssh_fips_mode()) {
skip();
}
/* Test corrupted tag */ /* Test corrupted tag */
assert_int_equal(sizeof(encrypted_bad), sizeof(chacha20poly1305_encrypted)); assert_int_equal(sizeof(encrypted_bad), sizeof(chacha20poly1305_encrypted));
memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad)); memcpy(encrypted_bad, chacha20poly1305_encrypted, sizeof(encrypted_bad));

6
tests/unittests/torture_packet.c
View File

@@ -260,6 +260,12 @@ static void torture_packet_chacha20(void **state)
{ {
int i; int i;
(void)state; /* unused */ (void)state; /* unused */
/* Chacha20-poly1305 is not FIPS-allowed cipher */
if (ssh_fips_mode()) {
skip();
}
for (i=1;i<256;++i){ for (i=1;i<256;++i){
torture_packet("chacha20-poly1305@openssh.com", "none", "none", i); torture_packet("chacha20-poly1305@openssh.com", "none", "none", i);
} }