1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
From bfd036b31f2a47ae40e104b2ea1a0e095900cf52 Mon Sep 17 00:00:00 2001
From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date: Tue, 25 Dec 2018 14:43:56 +0300
Subject: [PATCH] tests: cipher-openssl-compat: don't fail if OpenSSL doesn't
provide cipher
LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER
interface, so let's skip the test if cipher is not available.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
---
tests/slow/cipher-openssl-compat.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c
index c9b39d026..a4cb3522d 100644
--- a/tests/slow/cipher-openssl-compat.c
+++ b/tests/slow/cipher-openssl-compat.c
@@ -38,6 +38,19 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher,
success("cipher: %s\n", ocipher);
+ /* decrypt with openssl */
+ evp_cipher = EVP_get_cipherbyname(ocipher);
+ if (!evp_cipher) {
+ /* XXX: fix version check later when LibreSSL fixes support for aes-ccm and chacha20-poly1305 */
+#ifdef LIBRESSL_VERSION_NUMBER
+ fprintf(stderr, "EVP_get_cipherbyname failed for %s\n", ocipher);
+ return -1;
+#else
+ /* OpenSSL should always work! */
+ fail("EVP_get_cipherbyname failed for %s\n", ocipher);
+#endif
+ }
+
for (i = 0; i < 32; i++) { /* try with multiple keys and nonces */
assert(gnutls_rnd
(GNUTLS_RND_NONCE, orig_plain_data,
@@ -88,11 +101,6 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher,
gnutls_aead_cipher_deinit(hd);
- /* decrypt with openssl */
- evp_cipher = EVP_get_cipherbyname(ocipher);
- if (!evp_cipher)
- fail("EVP_get_cipherbyname failed for %s\n", ocipher);
-
ctx = EVP_CIPHER_CTX_new();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
--
2.19.2
|