Integrate tests as unit tests into one file
Rather than having the tests seperated into different files, they were integrated into translate_ciphers.py and can be run from root using: `python -m unittest tests/scripts/translate_ciphers.py` test_translate_ciphers_format.sh was originally made as a testing ground before having the translation tool being implmented into compat.sh. Translating it to python code makes it redundant and therefore it will be removed. Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
This commit is contained in:
parent
f2de374fc1
commit
a25ffab422
4 changed files with 533 additions and 638 deletions
|
@ -21,12 +21,541 @@
|
|||
Translate ciphersuite names in MBedTLS format to OpenSSL and GNUTLS
|
||||
standards.
|
||||
|
||||
sys.argv[1] should be "g" or "o" for GNUTLS or OpenSSL.
|
||||
sys.argv[2] should be a string containing one or more ciphersuite names.
|
||||
To test the translation functions run:
|
||||
python3 -m unittest translate_cipher.py
|
||||
"""
|
||||
|
||||
import re
|
||||
import argparse
|
||||
import unittest
|
||||
|
||||
class TestTranslateCiphers(unittest.TestCase):
|
||||
"""
|
||||
Ensure translate_ciphers.py translates and formats ciphersuite names
|
||||
correctly
|
||||
"""
|
||||
def test_translate_all_cipher_names(self):
|
||||
"""
|
||||
Translate the Mbed TLS ciphersuite names to the common OpenSSL and
|
||||
GnuTLS ciphersuite names, and compare them with the true, expected
|
||||
corresponding OpenSSL and GnuTLS ciphersuite names
|
||||
"""
|
||||
ciphers = [
|
||||
("TLS-ECDHE-ECDSA-WITH-NULL-SHA",
|
||||
"+ECDHE-ECDSA:+NULL:+SHA1",
|
||||
"ECDHE-ECDSA-NULL-SHA"),
|
||||
("TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
|
||||
"+ECDHE-ECDSA:+3DES-CBC:+SHA1",
|
||||
"ECDHE-ECDSA-DES-CBC3-SHA"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
|
||||
"+ECDHE-ECDSA:+AES-128-CBC:+SHA1",
|
||||
"ECDHE-ECDSA-AES128-SHA"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
|
||||
"+ECDHE-ECDSA:+AES-256-CBC:+SHA1",
|
||||
"ECDHE-ECDSA-AES256-SHA"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
|
||||
"+ECDHE-ECDSA:+AES-128-CBC:+SHA256",
|
||||
"ECDHE-ECDSA-AES128-SHA256"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
"+ECDHE-ECDSA:+AES-256-CBC:+SHA384",
|
||||
"ECDHE-ECDSA-AES256-SHA384"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
|
||||
"+ECDHE-ECDSA:+AES-128-GCM:+AEAD",
|
||||
"ECDHE-ECDSA-AES128-GCM-SHA256"),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
|
||||
"+ECDHE-ECDSA:+AES-256-GCM:+AEAD",
|
||||
"ECDHE-ECDSA-AES256-GCM-SHA384"),
|
||||
("TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
|
||||
"+DHE-RSA:+AES-128-CBC:+SHA1",
|
||||
"DHE-RSA-AES128-SHA"),
|
||||
("TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
|
||||
"+DHE-RSA:+AES-256-CBC:+SHA1",
|
||||
"DHE-RSA-AES256-SHA"),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
|
||||
"+DHE-RSA:+CAMELLIA-128-CBC:+SHA1",
|
||||
"DHE-RSA-CAMELLIA128-SHA"),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
|
||||
"+DHE-RSA:+CAMELLIA-256-CBC:+SHA1",
|
||||
"DHE-RSA-CAMELLIA256-SHA"),
|
||||
("TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
"+DHE-RSA:+3DES-CBC:+SHA1",
|
||||
"EDH-RSA-DES-CBC3-SHA"),
|
||||
("TLS-RSA-WITH-AES-256-CBC-SHA",
|
||||
"+RSA:+AES-256-CBC:+SHA1",
|
||||
"AES256-SHA"),
|
||||
("TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
|
||||
"+RSA:+CAMELLIA-256-CBC:+SHA1",
|
||||
"CAMELLIA256-SHA"),
|
||||
("TLS-RSA-WITH-AES-128-CBC-SHA",
|
||||
"+RSA:+AES-128-CBC:+SHA1",
|
||||
"AES128-SHA"),
|
||||
("TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
|
||||
"+RSA:+CAMELLIA-128-CBC:+SHA1",
|
||||
"CAMELLIA128-SHA"),
|
||||
("TLS-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
"+RSA:+3DES-CBC:+SHA1",
|
||||
"DES-CBC3-SHA"),
|
||||
("TLS-RSA-WITH-NULL-MD5",
|
||||
"+RSA:+NULL:+MD5",
|
||||
"NULL-MD5"),
|
||||
("TLS-RSA-WITH-NULL-SHA",
|
||||
"+RSA:+NULL:+SHA1",
|
||||
"NULL-SHA"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
|
||||
"+ECDHE-RSA:+AES-128-CBC:+SHA1",
|
||||
"ECDHE-RSA-AES128-SHA"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
|
||||
"+ECDHE-RSA:+AES-256-CBC:+SHA1",
|
||||
"ECDHE-RSA-AES256-SHA"),
|
||||
("TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
"+ECDHE-RSA:+3DES-CBC:+SHA1",
|
||||
"ECDHE-RSA-DES-CBC3-SHA"),
|
||||
("TLS-ECDHE-RSA-WITH-NULL-SHA",
|
||||
"+ECDHE-RSA:+NULL:+SHA1",
|
||||
"ECDHE-RSA-NULL-SHA"),
|
||||
("TLS-RSA-WITH-AES-128-CBC-SHA256",
|
||||
"+RSA:+AES-128-CBC:+SHA256",
|
||||
"AES128-SHA256"),
|
||||
("TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
|
||||
"+DHE-RSA:+AES-128-CBC:+SHA256",
|
||||
"DHE-RSA-AES128-SHA256"),
|
||||
("TLS-RSA-WITH-AES-256-CBC-SHA256",
|
||||
"+RSA:+AES-256-CBC:+SHA256",
|
||||
"AES256-SHA256"),
|
||||
("TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
|
||||
"+DHE-RSA:+AES-256-CBC:+SHA256",
|
||||
"DHE-RSA-AES256-SHA256"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
|
||||
"+ECDHE-RSA:+AES-128-CBC:+SHA256",
|
||||
"ECDHE-RSA-AES128-SHA256"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
|
||||
"+ECDHE-RSA:+AES-256-CBC:+SHA384",
|
||||
"ECDHE-RSA-AES256-SHA384"),
|
||||
("TLS-RSA-WITH-AES-128-GCM-SHA256",
|
||||
"+RSA:+AES-128-GCM:+AEAD",
|
||||
"AES128-GCM-SHA256"),
|
||||
("TLS-RSA-WITH-AES-256-GCM-SHA384",
|
||||
"+RSA:+AES-256-GCM:+AEAD",
|
||||
"AES256-GCM-SHA384"),
|
||||
("TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
|
||||
"+DHE-RSA:+AES-128-GCM:+AEAD",
|
||||
"DHE-RSA-AES128-GCM-SHA256"),
|
||||
("TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
|
||||
"+DHE-RSA:+AES-256-GCM:+AEAD",
|
||||
"DHE-RSA-AES256-GCM-SHA384"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
|
||||
"+ECDHE-RSA:+AES-128-GCM:+AEAD",
|
||||
"ECDHE-RSA-AES128-GCM-SHA256"),
|
||||
("TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
|
||||
"+ECDHE-RSA:+AES-256-GCM:+AEAD",
|
||||
"ECDHE-RSA-AES256-GCM-SHA384"),
|
||||
("TLS-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
"+PSK:+3DES-CBC:+SHA1",
|
||||
"PSK-3DES-EDE-CBC-SHA"),
|
||||
("TLS-PSK-WITH-AES-128-CBC-SHA",
|
||||
"+PSK:+AES-128-CBC:+SHA1",
|
||||
"PSK-AES128-CBC-SHA"),
|
||||
("TLS-PSK-WITH-AES-256-CBC-SHA",
|
||||
"+PSK:+AES-256-CBC:+SHA1",
|
||||
"PSK-AES256-CBC-SHA"),
|
||||
|
||||
("TLS-ECDH-ECDSA-WITH-NULL-SHA",
|
||||
None,
|
||||
"ECDH-ECDSA-NULL-SHA"),
|
||||
("TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
|
||||
None,
|
||||
"ECDH-ECDSA-DES-CBC3-SHA"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
|
||||
None,
|
||||
"ECDH-ECDSA-AES128-SHA"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
|
||||
None,
|
||||
"ECDH-ECDSA-AES256-SHA"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
|
||||
None,
|
||||
"ECDH-ECDSA-AES128-SHA256"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
None,
|
||||
"ECDH-ECDSA-AES256-SHA384"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
|
||||
None,
|
||||
"ECDH-ECDSA-AES128-GCM-SHA256"),
|
||||
("TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
|
||||
None,
|
||||
"ECDH-ECDSA-AES256-GCM-SHA384"),
|
||||
("TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"ECDHE-ECDSA-ARIA256-GCM-SHA384"),
|
||||
("TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"ECDHE-ECDSA-ARIA128-GCM-SHA256"),
|
||||
("TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"ECDHE-ECDSA-CHACHA20-POLY1305"),
|
||||
("TLS-RSA-WITH-DES-CBC-SHA",
|
||||
None,
|
||||
"DES-CBC-SHA"),
|
||||
("TLS-DHE-RSA-WITH-DES-CBC-SHA",
|
||||
None,
|
||||
"EDH-RSA-DES-CBC-SHA"),
|
||||
("TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"ECDHE-ARIA256-GCM-SHA384"),
|
||||
("TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"DHE-RSA-ARIA256-GCM-SHA384"),
|
||||
("TLS-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"ARIA256-GCM-SHA384"),
|
||||
("TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"ECDHE-ARIA128-GCM-SHA256"),
|
||||
("TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"DHE-RSA-ARIA128-GCM-SHA256"),
|
||||
("TLS-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"ARIA128-GCM-SHA256"),
|
||||
("TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"DHE-RSA-CHACHA20-POLY1305"),
|
||||
("TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"ECDHE-RSA-CHACHA20-POLY1305"),
|
||||
("TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"DHE-PSK-ARIA256-GCM-SHA384"),
|
||||
("TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"DHE-PSK-ARIA128-GCM-SHA256"),
|
||||
("TLS-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
None,
|
||||
"PSK-ARIA256-GCM-SHA384"),
|
||||
("TLS-PSK-WITH-ARIA-128-GCM-SHA256",
|
||||
None,
|
||||
"PSK-ARIA128-GCM-SHA256"),
|
||||
("TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"PSK-CHACHA20-POLY1305"),
|
||||
("TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"ECDHE-PSK-CHACHA20-POLY1305"),
|
||||
("TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
|
||||
None,
|
||||
"DHE-PSK-CHACHA20-POLY1305"),
|
||||
|
||||
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
|
||||
"+ECDHE-ECDSA:+AES-128-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
|
||||
"+ECDHE-ECDSA:+AES-256-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
|
||||
"+ECDHE-ECDSA:+AES-128-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
|
||||
"+ECDHE-ECDSA:+AES-256-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-NULL-SHA256",
|
||||
"+RSA:+NULL:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+RSA:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
|
||||
"+RSA:+CAMELLIA-256-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+DHE-RSA:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
|
||||
"+DHE-RSA:+CAMELLIA-256-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+DHE-RSA:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+DHE-RSA:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+RSA:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+RSA:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-AES-128-CCM",
|
||||
"+RSA:+AES-128-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-AES-256-CCM",
|
||||
"+RSA:+AES-256-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-AES-128-CCM",
|
||||
"+DHE-RSA:+AES-128-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-AES-256-CCM",
|
||||
"+DHE-RSA:+AES-256-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-AES-128-CCM-8",
|
||||
"+RSA:+AES-128-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-WITH-AES-256-CCM-8",
|
||||
"+RSA:+AES-256-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-AES-128-CCM-8",
|
||||
"+DHE-RSA:+AES-128-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-RSA-WITH-AES-256-CCM-8",
|
||||
"+DHE-RSA:+AES-256-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
"+DHE-PSK:+3DES-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
|
||||
"+DHE-PSK:+AES-128-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
|
||||
"+DHE-PSK:+AES-256-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
|
||||
"+ECDHE-PSK:+AES-256-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
|
||||
"+ECDHE-PSK:+AES-128-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
"+ECDHE-PSK:+3DES-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
"+RSA-PSK:+3DES-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
|
||||
"+RSA-PSK:+AES-256-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
|
||||
"+RSA-PSK:+AES-128-CBC:+SHA1",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
|
||||
"+ECDHE-PSK:+AES-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
|
||||
"+ECDHE-PSK:+AES-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-NULL-SHA384",
|
||||
"+ECDHE-PSK:+NULL:+SHA384",
|
||||
None),
|
||||
("TLS-ECDHE-PSK-WITH-NULL-SHA256",
|
||||
"+ECDHE-PSK:+NULL:+SHA256",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-128-CBC-SHA256",
|
||||
"+PSK:+AES-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-256-CBC-SHA384",
|
||||
"+PSK:+AES-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
|
||||
"+DHE-PSK:+AES-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
|
||||
"+DHE-PSK:+AES-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-PSK-WITH-NULL-SHA256",
|
||||
"+PSK:+NULL:+SHA256",
|
||||
None),
|
||||
("TLS-PSK-WITH-NULL-SHA384",
|
||||
"+PSK:+NULL:+SHA384",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-NULL-SHA256",
|
||||
"+DHE-PSK:+NULL:+SHA256",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-NULL-SHA384",
|
||||
"+DHE-PSK:+NULL:+SHA384",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
|
||||
"+RSA-PSK:+AES-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
|
||||
"+RSA-PSK:+AES-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-NULL-SHA256",
|
||||
"+RSA-PSK:+NULL:+SHA256",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-NULL-SHA384",
|
||||
"+RSA-PSK:+NULL:+SHA384",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+DHE-PSK:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+DHE-PSK:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+PSK:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+PSK:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
"+RSA-PSK:+CAMELLIA-256-CBC:+SHA384",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
"+RSA-PSK:+CAMELLIA-128-CBC:+SHA256",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-128-GCM-SHA256",
|
||||
"+PSK:+AES-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-256-GCM-SHA384",
|
||||
"+PSK:+AES-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
|
||||
"+DHE-PSK:+AES-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
|
||||
"+DHE-PSK:+AES-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-128-CCM",
|
||||
"+PSK:+AES-128-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-256-CCM",
|
||||
"+PSK:+AES-256-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-128-CCM",
|
||||
"+DHE-PSK:+AES-128-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-256-CCM",
|
||||
"+DHE-PSK:+AES-256-CCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-128-CCM-8",
|
||||
"+PSK:+AES-128-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-AES-256-CCM-8",
|
||||
"+PSK:+AES-256-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-128-CCM-8",
|
||||
"+DHE-PSK:+AES-128-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-AES-256-CCM-8",
|
||||
"+DHE-PSK:+AES-256-CCM-8:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+RSA-PSK:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+RSA-PSK:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+PSK:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+PSK:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
|
||||
"+DHE-PSK:+CAMELLIA-128-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
"+DHE-PSK:+CAMELLIA-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
|
||||
"+RSA-PSK:+AES-256-GCM:+AEAD",
|
||||
None),
|
||||
("TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
|
||||
"+RSA-PSK:+AES-128-GCM:+AEAD",
|
||||
None),
|
||||
]
|
||||
|
||||
for m, g_exp, o_exp in ciphers:
|
||||
|
||||
if g_exp is not None:
|
||||
g = translate_gnutls(m)
|
||||
self.assertEqual(g, g_exp)
|
||||
|
||||
if o_exp is not None:
|
||||
o = translate_ossl(m)
|
||||
self.assertEqual(o, o_exp)
|
||||
|
||||
def test_cipher_format(self):
|
||||
"""
|
||||
Ensure translate_ciphers.py can take names in the expected
|
||||
format and return them in the format compat.sh will expect.
|
||||
"""
|
||||
# Ciphers in Mbed TLS format
|
||||
ciphers = "TLS-ECDHE-ECDSA-WITH-NULL-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
|
||||
"
|
||||
ciphers = "%s \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
|
||||
" % ciphers
|
||||
|
||||
# Corresponding ciphers in GnuTLS format
|
||||
g_ciphers = "+ECDHE-ECDSA:+NULL:+SHA1 \
|
||||
+ECDHE-ECDSA:+3DES-CBC:+SHA1 \
|
||||
+ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
|
||||
+ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
|
||||
"
|
||||
g_ciphers = "%s \
|
||||
+ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
|
||||
+ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
|
||||
+ECDHE-ECDSA:+AES-128-GCM:+AEAD \
|
||||
+ECDHE-ECDSA:+AES-256-GCM:+AEAD \
|
||||
" % g_ciphers
|
||||
|
||||
# Corresponding ciphers in OpenSSL format
|
||||
o_ciphers = "ECDHE-ECDSA-NULL-SHA \
|
||||
ECDHE-ECDSA-DES-CBC3-SHA \
|
||||
ECDHE-ECDSA-AES128-SHA \
|
||||
ECDHE-ECDSA-AES256-SHA \
|
||||
"
|
||||
o_ciphers = "%s \
|
||||
ECDHE-ECDSA-AES128-SHA256 \
|
||||
ECDHE-ECDSA-AES256-SHA384 \
|
||||
ECDHE-ECDSA-AES128-GCM-SHA256 \
|
||||
ECDHE-ECDSA-AES256-GCM-SHA384 \
|
||||
" % o_ciphers
|
||||
|
||||
# Translate ciphers in mbedtls format
|
||||
g_translated = format_ciphersuite_names("g", ciphers.split())
|
||||
o_translated = format_ciphersuite_names("o", ciphers.split())
|
||||
|
||||
# Normalise whitespace
|
||||
g_ciphers = (" ").join(g_ciphers.split())
|
||||
o_ciphers = (" ").join(o_ciphers.split())
|
||||
|
||||
self.assertEqual(g_translated, g_ciphers)
|
||||
self.assertEqual(o_translated, o_ciphers)
|
||||
|
||||
def translate_gnutls(m_cipher):
|
||||
"""
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue