eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Integrate tests as unit tests into one file

Browse source 
Rather than having the tests seperated into different files, they were integrated
into translate_ciphers.py and can be run from root using:
`python -m unittest tests/scripts/translate_ciphers.py`

test_translate_ciphers_format.sh was originally made as a testing ground before
having the translation tool being implmented into compat.sh. Translating it to
python code makes it redundant and therefore it will be removed.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
This commit is contained in:
Joe Subbiani 2021-08-06 09:41:27 +01:00
parent f2de374fc1
commit a25ffab422
4 changed files with 533 additions and 638 deletions
Download patch file Download diff file Expand all files Collapse all files

533
tests/scripts/translate_ciphers.py
View file

@ -21,12 +21,541 @@
Translate ciphersuite names in MBedTLS format to OpenSSL and GNUTLS
standards.
sys.argv[1] should be "g" or "o" for GNUTLS or OpenSSL.
sys.argv[2] should be a string containing one or more ciphersuite names.
To test the translation functions run:
python3 -m unittest translate_cipher.py
"""
import re
import argparse
import unittest
class TestTranslateCiphers(unittest.TestCase):
"""
Ensure translate_ciphers.py translates and formats ciphersuite names
correctly
"""
def test_translate_all_cipher_names(self):
"""
Translate the Mbed TLS ciphersuite names to the common OpenSSL and
GnuTLS ciphersuite names, and compare them with the true, expected
corresponding OpenSSL and GnuTLS ciphersuite names
"""
ciphers = [
("TLS-ECDHE-ECDSA-WITH-NULL-SHA",
"+ECDHE-ECDSA:+NULL:+SHA1",
"ECDHE-ECDSA-NULL-SHA"),
("TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
"+ECDHE-ECDSA:+3DES-CBC:+SHA1",
"ECDHE-ECDSA-DES-CBC3-SHA"),
("TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
"+ECDHE-ECDSA:+AES-128-CBC:+SHA1",
"ECDHE-ECDSA-AES128-SHA"),
("TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
"+ECDHE-ECDSA:+AES-256-CBC:+SHA1",
"ECDHE-ECDSA-AES256-SHA"),
("TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
"+ECDHE-ECDSA:+AES-128-CBC:+SHA256",
"ECDHE-ECDSA-AES128-SHA256"),
("TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
"+ECDHE-ECDSA:+AES-256-CBC:+SHA384",
"ECDHE-ECDSA-AES256-SHA384"),
("TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
"+ECDHE-ECDSA:+AES-128-GCM:+AEAD",
"ECDHE-ECDSA-AES128-GCM-SHA256"),
("TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
"+ECDHE-ECDSA:+AES-256-GCM:+AEAD",
"ECDHE-ECDSA-AES256-GCM-SHA384"),
("TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
"+DHE-RSA:+AES-128-CBC:+SHA1",
"DHE-RSA-AES128-SHA"),
("TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
"+DHE-RSA:+AES-256-CBC:+SHA1",
"DHE-RSA-AES256-SHA"),
("TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
"+DHE-RSA:+CAMELLIA-128-CBC:+SHA1",
"DHE-RSA-CAMELLIA128-SHA"),
("TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
"+DHE-RSA:+CAMELLIA-256-CBC:+SHA1",
"DHE-RSA-CAMELLIA256-SHA"),
("TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
"+DHE-RSA:+3DES-CBC:+SHA1",
"EDH-RSA-DES-CBC3-SHA"),
("TLS-RSA-WITH-AES-256-CBC-SHA",
"+RSA:+AES-256-CBC:+SHA1",
"AES256-SHA"),
("TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
"+RSA:+CAMELLIA-256-CBC:+SHA1",
"CAMELLIA256-SHA"),
("TLS-RSA-WITH-AES-128-CBC-SHA",
"+RSA:+AES-128-CBC:+SHA1",
"AES128-SHA"),
("TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
"+RSA:+CAMELLIA-128-CBC:+SHA1",
"CAMELLIA128-SHA"),
("TLS-RSA-WITH-3DES-EDE-CBC-SHA",
"+RSA:+3DES-CBC:+SHA1",
"DES-CBC3-SHA"),
("TLS-RSA-WITH-NULL-MD5",
"+RSA:+NULL:+MD5",
"NULL-MD5"),
("TLS-RSA-WITH-NULL-SHA",
"+RSA:+NULL:+SHA1",
"NULL-SHA"),
("TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
"+ECDHE-RSA:+AES-128-CBC:+SHA1",
"ECDHE-RSA-AES128-SHA"),
("TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
"+ECDHE-RSA:+AES-256-CBC:+SHA1",
"ECDHE-RSA-AES256-SHA"),
("TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
"+ECDHE-RSA:+3DES-CBC:+SHA1",
"ECDHE-RSA-DES-CBC3-SHA"),
("TLS-ECDHE-RSA-WITH-NULL-SHA",
"+ECDHE-RSA:+NULL:+SHA1",
"ECDHE-RSA-NULL-SHA"),
("TLS-RSA-WITH-AES-128-CBC-SHA256",
"+RSA:+AES-128-CBC:+SHA256",
"AES128-SHA256"),
("TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
"+DHE-RSA:+AES-128-CBC:+SHA256",
"DHE-RSA-AES128-SHA256"),
("TLS-RSA-WITH-AES-256-CBC-SHA256",
"+RSA:+AES-256-CBC:+SHA256",
"AES256-SHA256"),
("TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
"+DHE-RSA:+AES-256-CBC:+SHA256",
"DHE-RSA-AES256-SHA256"),
("TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
"+ECDHE-RSA:+AES-128-CBC:+SHA256",
"ECDHE-RSA-AES128-SHA256"),
("TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
"+ECDHE-RSA:+AES-256-CBC:+SHA384",
"ECDHE-RSA-AES256-SHA384"),
("TLS-RSA-WITH-AES-128-GCM-SHA256",
"+RSA:+AES-128-GCM:+AEAD",
"AES128-GCM-SHA256"),
("TLS-RSA-WITH-AES-256-GCM-SHA384",
"+RSA:+AES-256-GCM:+AEAD",
"AES256-GCM-SHA384"),
("TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
"+DHE-RSA:+AES-128-GCM:+AEAD",
"DHE-RSA-AES128-GCM-SHA256"),
("TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
"+DHE-RSA:+AES-256-GCM:+AEAD",
"DHE-RSA-AES256-GCM-SHA384"),
("TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
"+ECDHE-RSA:+AES-128-GCM:+AEAD",
"ECDHE-RSA-AES128-GCM-SHA256"),
("TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
"+ECDHE-RSA:+AES-256-GCM:+AEAD",
"ECDHE-RSA-AES256-GCM-SHA384"),
("TLS-PSK-WITH-3DES-EDE-CBC-SHA",
"+PSK:+3DES-CBC:+SHA1",
"PSK-3DES-EDE-CBC-SHA"),
("TLS-PSK-WITH-AES-128-CBC-SHA",
"+PSK:+AES-128-CBC:+SHA1",
"PSK-AES128-CBC-SHA"),
("TLS-PSK-WITH-AES-256-CBC-SHA",
"+PSK:+AES-256-CBC:+SHA1",
"PSK-AES256-CBC-SHA"),
("TLS-ECDH-ECDSA-WITH-NULL-SHA",
None,
"ECDH-ECDSA-NULL-SHA"),
("TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
None,
"ECDH-ECDSA-DES-CBC3-SHA"),
("TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
None,
"ECDH-ECDSA-AES128-SHA"),
("TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
None,
"ECDH-ECDSA-AES256-SHA"),
("TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
None,
"ECDH-ECDSA-AES128-SHA256"),
("TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
None,
"ECDH-ECDSA-AES256-SHA384"),
("TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
None,
"ECDH-ECDSA-AES128-GCM-SHA256"),
("TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
None,
"ECDH-ECDSA-AES256-GCM-SHA384"),
("TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
None,
"ECDHE-ECDSA-ARIA256-GCM-SHA384"),
("TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
None,
"ECDHE-ECDSA-ARIA128-GCM-SHA256"),
("TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
None,
"ECDHE-ECDSA-CHACHA20-POLY1305"),
("TLS-RSA-WITH-DES-CBC-SHA",
None,
"DES-CBC-SHA"),
("TLS-DHE-RSA-WITH-DES-CBC-SHA",
None,
"EDH-RSA-DES-CBC-SHA"),
("TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
None,
"ECDHE-ARIA256-GCM-SHA384"),
("TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
None,
"DHE-RSA-ARIA256-GCM-SHA384"),
("TLS-RSA-WITH-ARIA-256-GCM-SHA384",
None,
"ARIA256-GCM-SHA384"),
("TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
None,
"ECDHE-ARIA128-GCM-SHA256"),
("TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
None,
"DHE-RSA-ARIA128-GCM-SHA256"),
("TLS-RSA-WITH-ARIA-128-GCM-SHA256",
None,
"ARIA128-GCM-SHA256"),
("TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
None,
"DHE-RSA-CHACHA20-POLY1305"),
("TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
None,
"ECDHE-RSA-CHACHA20-POLY1305"),
("TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
None,
"DHE-PSK-ARIA256-GCM-SHA384"),
("TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
None,
"DHE-PSK-ARIA128-GCM-SHA256"),
("TLS-PSK-WITH-ARIA-256-GCM-SHA384",
None,
"PSK-ARIA256-GCM-SHA384"),
("TLS-PSK-WITH-ARIA-128-GCM-SHA256",
None,
"PSK-ARIA128-GCM-SHA256"),
("TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
None,
"PSK-CHACHA20-POLY1305"),
("TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
None,
"ECDHE-PSK-CHACHA20-POLY1305"),
("TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
None,
"DHE-PSK-CHACHA20-POLY1305"),
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
"+ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
"+ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
"+ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
"+ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
"+ECDHE-ECDSA:+AES-128-CCM:+AEAD",
None),
("TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
"+ECDHE-ECDSA:+AES-256-CCM:+AEAD",
None),
("TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
"+ECDHE-ECDSA:+AES-128-CCM-8:+AEAD",
None),
("TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
"+ECDHE-ECDSA:+AES-256-CCM-8:+AEAD",
None),
("TLS-RSA-WITH-NULL-SHA256",
"+RSA:+NULL:+SHA256",
None),
("TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
"+ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
"+ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
"+RSA:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
"+RSA:+CAMELLIA-256-CBC:+SHA256",
None),
("TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
"+DHE-RSA:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
"+DHE-RSA:+CAMELLIA-256-CBC:+SHA256",
None),
("TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
"+ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
"+ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
"+DHE-RSA:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
"+DHE-RSA:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
"+RSA:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
"+RSA:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-RSA-WITH-AES-128-CCM",
"+RSA:+AES-128-CCM:+AEAD",
None),
("TLS-RSA-WITH-AES-256-CCM",
"+RSA:+AES-256-CCM:+AEAD",
None),
("TLS-DHE-RSA-WITH-AES-128-CCM",
"+DHE-RSA:+AES-128-CCM:+AEAD",
None),
("TLS-DHE-RSA-WITH-AES-256-CCM",
"+DHE-RSA:+AES-256-CCM:+AEAD",
None),
("TLS-RSA-WITH-AES-128-CCM-8",
"+RSA:+AES-128-CCM-8:+AEAD",
None),
("TLS-RSA-WITH-AES-256-CCM-8",
"+RSA:+AES-256-CCM-8:+AEAD",
None),
("TLS-DHE-RSA-WITH-AES-128-CCM-8",
"+DHE-RSA:+AES-128-CCM-8:+AEAD",
None),
("TLS-DHE-RSA-WITH-AES-256-CCM-8",
"+DHE-RSA:+AES-256-CCM-8:+AEAD",
None),
("TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
"+DHE-PSK:+3DES-CBC:+SHA1",
None),
("TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
"+DHE-PSK:+AES-128-CBC:+SHA1",
None),
("TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
"+DHE-PSK:+AES-256-CBC:+SHA1",
None),
("TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
"+ECDHE-PSK:+AES-256-CBC:+SHA1",
None),
("TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
"+ECDHE-PSK:+AES-128-CBC:+SHA1",
None),
("TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
"+ECDHE-PSK:+3DES-CBC:+SHA1",
None),
("TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
"+RSA-PSK:+3DES-CBC:+SHA1",
None),
("TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
"+RSA-PSK:+AES-256-CBC:+SHA1",
None),
("TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
"+RSA-PSK:+AES-128-CBC:+SHA1",
None),
("TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
"+ECDHE-PSK:+AES-256-CBC:+SHA384",
None),
("TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
"+ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
"+ECDHE-PSK:+AES-128-CBC:+SHA256",
None),
("TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
"+ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-ECDHE-PSK-WITH-NULL-SHA384",
"+ECDHE-PSK:+NULL:+SHA384",
None),
("TLS-ECDHE-PSK-WITH-NULL-SHA256",
"+ECDHE-PSK:+NULL:+SHA256",
None),
("TLS-PSK-WITH-AES-128-CBC-SHA256",
"+PSK:+AES-128-CBC:+SHA256",
None),
("TLS-PSK-WITH-AES-256-CBC-SHA384",
"+PSK:+AES-256-CBC:+SHA384",
None),
("TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
"+DHE-PSK:+AES-128-CBC:+SHA256",
None),
("TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
"+DHE-PSK:+AES-256-CBC:+SHA384",
None),
("TLS-PSK-WITH-NULL-SHA256",
"+PSK:+NULL:+SHA256",
None),
("TLS-PSK-WITH-NULL-SHA384",
"+PSK:+NULL:+SHA384",
None),
("TLS-DHE-PSK-WITH-NULL-SHA256",
"+DHE-PSK:+NULL:+SHA256",
None),
("TLS-DHE-PSK-WITH-NULL-SHA384",
"+DHE-PSK:+NULL:+SHA384",
None),
("TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
"+RSA-PSK:+AES-256-CBC:+SHA384",
None),
("TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
"+RSA-PSK:+AES-128-CBC:+SHA256",
None),
("TLS-RSA-PSK-WITH-NULL-SHA256",
"+RSA-PSK:+NULL:+SHA256",
None),
("TLS-RSA-PSK-WITH-NULL-SHA384",
"+RSA-PSK:+NULL:+SHA384",
None),
("TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
"+DHE-PSK:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
"+DHE-PSK:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
"+PSK:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
"+PSK:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
"+RSA-PSK:+CAMELLIA-256-CBC:+SHA384",
None),
("TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
"+RSA-PSK:+CAMELLIA-128-CBC:+SHA256",
None),
("TLS-PSK-WITH-AES-128-GCM-SHA256",
"+PSK:+AES-128-GCM:+AEAD",
None),
("TLS-PSK-WITH-AES-256-GCM-SHA384",
"+PSK:+AES-256-GCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
"+DHE-PSK:+AES-128-GCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
"+DHE-PSK:+AES-256-GCM:+AEAD",
None),
("TLS-PSK-WITH-AES-128-CCM",
"+PSK:+AES-128-CCM:+AEAD",
None),
("TLS-PSK-WITH-AES-256-CCM",
"+PSK:+AES-256-CCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-128-CCM",
"+DHE-PSK:+AES-128-CCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-256-CCM",
"+DHE-PSK:+AES-256-CCM:+AEAD",
None),
("TLS-PSK-WITH-AES-128-CCM-8",
"+PSK:+AES-128-CCM-8:+AEAD",
None),
("TLS-PSK-WITH-AES-256-CCM-8",
"+PSK:+AES-256-CCM-8:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-128-CCM-8",
"+DHE-PSK:+AES-128-CCM-8:+AEAD",
None),
("TLS-DHE-PSK-WITH-AES-256-CCM-8",
"+DHE-PSK:+AES-256-CCM-8:+AEAD",
None),
("TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
"+RSA-PSK:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
"+RSA-PSK:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
"+PSK:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
"+PSK:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
"+DHE-PSK:+CAMELLIA-128-GCM:+AEAD",
None),
("TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
"+DHE-PSK:+CAMELLIA-256-GCM:+AEAD",
None),
("TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
"+RSA-PSK:+AES-256-GCM:+AEAD",
None),
("TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
"+RSA-PSK:+AES-128-GCM:+AEAD",
None),
]
for m, g_exp, o_exp in ciphers:
if g_exp is not None:
g = translate_gnutls(m)
self.assertEqual(g, g_exp)
if o_exp is not None:
o = translate_ossl(m)
self.assertEqual(o, o_exp)
def test_cipher_format(self):
"""
Ensure translate_ciphers.py can take names in the expected
format and return them in the format compat.sh will expect.
"""
# Ciphers in Mbed TLS format
ciphers = "TLS-ECDHE-ECDSA-WITH-NULL-SHA \
TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
"
ciphers = "%s \
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
" % ciphers
# Corresponding ciphers in GnuTLS format
g_ciphers = "+ECDHE-ECDSA:+NULL:+SHA1 \
+ECDHE-ECDSA:+3DES-CBC:+SHA1 \
+ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
+ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
"
g_ciphers = "%s \
+ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
+ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
+ECDHE-ECDSA:+AES-128-GCM:+AEAD \
+ECDHE-ECDSA:+AES-256-GCM:+AEAD \
" % g_ciphers
# Corresponding ciphers in OpenSSL format
o_ciphers = "ECDHE-ECDSA-NULL-SHA \
ECDHE-ECDSA-DES-CBC3-SHA \
ECDHE-ECDSA-AES128-SHA \
ECDHE-ECDSA-AES256-SHA \
"
o_ciphers = "%s \
ECDHE-ECDSA-AES128-SHA256 \
ECDHE-ECDSA-AES256-SHA384 \
ECDHE-ECDSA-AES128-GCM-SHA256 \
ECDHE-ECDSA-AES256-GCM-SHA384 \
" % o_ciphers
# Translate ciphers in mbedtls format
g_translated = format_ciphersuite_names("g", ciphers.split())
o_translated = format_ciphersuite_names("o", ciphers.split())
# Normalise whitespace
g_ciphers = (" ").join(g_ciphers.split())
o_ciphers = (" ").join(o_ciphers.split())
self.assertEqual(g_translated, g_ciphers)
self.assertEqual(o_translated, o_ciphers)
def translate_gnutls(m_cipher):
"""