]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/libstrongswan/tests/suites/test_proposal.c
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
proposal: Generalize KE methods
[thirdparty/strongswan.git] / src / libstrongswan / tests / suites / test_proposal.c
1 /*
2 * Copyright (C) 2016-2018 Tobias Brunner
3 *
4 * Copyright (C) secunet Security Networks AG
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "test_suite.h"
18
19 #include <crypto/proposal/proposal.h>
20
21 START_TEST(test_dh_group_mapping)
22 {
23 enum_name_t *e = key_exchange_method_names_short;
24 key_exchange_method_t ke;
25 const proposal_token_t *token;
26 char *name;
27
28 do
29 {
30 for (ke = e->first; ke <= e->last; ke++)
31 {
32 if (ke == MODP_CUSTOM)
33 { /* can't be configured */
34 continue;
35 }
36 name = e->names[ke - e->first];
37 token = lib->proposal->get_token(lib->proposal, name);
38 ck_assert_msg(token, "%s can't be mapped", name);
39 ck_assert_int_eq(token->type, KEY_EXCHANGE_METHOD);
40 ck_assert_int_eq(token->algorithm, ke);
41 }
42 }
43 while ((e = e->next));
44 }
45 END_TEST
46
47 static struct {
48 protocol_id_t proto;
49 char *proposal;
50 char *expected;
51 } create_data[] = {
52 { PROTO_IKE, "", NULL },
53 { PROTO_IKE, "sha256", NULL },
54 { PROTO_IKE, "sha256-modp3072", NULL },
55 { PROTO_IKE, "null-sha256-modp3072", "IKE:NULL/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" },
56 { PROTO_IKE, "aes128", NULL },
57 { PROTO_IKE, "aes128-sha256", NULL },
58 { PROTO_IKE, "aes128-sha256-none", NULL },
59 { PROTO_IKE, "aes128-prfsha256", NULL },
60 { PROTO_IKE, "aes128-prfsha256-modp2048", NULL },
61 { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" },
62 { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" },
63 { PROTO_IKE, "aes128gcm16-modp3072", NULL },
64 { PROTO_IKE, "aes128gcm16-prfsha256-modp3072", "IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_3072" },
65 { PROTO_IKE, "aes128gcm16-sha256-modp3072", "IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_3072" },
66 { PROTO_IKE, "aes128gcm16-aes128-modp3072", NULL },
67 { PROTO_IKE, "aes128gcm16-aes128-sha256-modp3072", NULL },
68 { PROTO_ESP, "", NULL },
69 { PROTO_ESP, "sha256", NULL },
70 { PROTO_ESP, "aes128-sha256", "ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ" },
71 { PROTO_ESP, "aes128-sha256-esn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/EXT_SEQ" },
72 { PROTO_ESP, "aes128-sha256-noesn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ" },
73 { PROTO_ESP, "aes128-sha256-esn-noesn", "ESP:AES_CBC_128/HMAC_SHA2_256_128/EXT_SEQ/NO_EXT_SEQ" },
74 { PROTO_ESP, "aes128-sha256-prfsha256-modp3072", "ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_3072/NO_EXT_SEQ" },
75 { PROTO_ESP, "aes128gcm16-aes128-sha256-modp3072", NULL },
76 { PROTO_ESP, "aes128gmac", "ESP:NULL_AES_GMAC_128/NO_EXT_SEQ" },
77 { PROTO_AH, "", NULL },
78 { PROTO_AH, "aes128", NULL },
79 { PROTO_AH, "aes128-sha256", "AH:HMAC_SHA2_256_128/NO_EXT_SEQ" },
80 { PROTO_AH, "sha256-sha1", "AH:HMAC_SHA2_256_128/HMAC_SHA1_96/NO_EXT_SEQ" },
81 { PROTO_AH, "aes128gmac-sha256", "AH:AES_128_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" },
82 { PROTO_AH, "aes128gmac-sha256-prfsha256", "AH:AES_128_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" },
83 { PROTO_AH, "aes128gmac-aes256gmac-aes128-sha256", "AH:AES_128_GMAC/AES_256_GMAC/HMAC_SHA2_256_128/NO_EXT_SEQ" },
84 { PROTO_AH, "sha256-esn", "AH:HMAC_SHA2_256_128/EXT_SEQ" },
85 { PROTO_AH, "sha256-noesn", "AH:HMAC_SHA2_256_128/NO_EXT_SEQ" },
86 { PROTO_AH, "sha256-esn-noesn", "AH:HMAC_SHA2_256_128/EXT_SEQ/NO_EXT_SEQ" },
87 };
88
89 static void assert_proposal_eq(proposal_t *proposal, char *expected)
90 {
91 char str[BUF_LEN];
92
93 if (!expected)
94 {
95 ck_assert(!proposal);
96 return;
97 }
98 snprintf(str, sizeof(str), "%P", proposal);
99 ck_assert_str_eq(expected, str);
100 }
101
102 START_TEST(test_create_from_string)
103 {
104 proposal_t *proposal;
105
106 proposal = proposal_create_from_string(create_data[_i].proto,
107 create_data[_i].proposal);
108 assert_proposal_eq(proposal, create_data[_i].expected);
109 DESTROY_IF(proposal);
110 }
111 END_TEST
112
113 static struct {
114 protocol_id_t proto;
115 char *self;
116 char *other;
117 char *expected;
118 proposal_selection_flag_t flags;
119 } select_data[] = {
120 { PROTO_ESP, "aes128", "aes128", "aes128" },
121 { PROTO_ESP, "aes128", "aes256", NULL },
122 { PROTO_ESP, "aes128-aes256", "aes256-aes128", "aes128" },
123 { PROTO_ESP, "aes256-aes128", "aes128-aes256", "aes256" },
124 { PROTO_ESP, "aes128-aes256-sha1-sha256", "aes256-aes128-sha256-sha1", "aes128-sha1" },
125 { PROTO_ESP, "aes256-aes128-sha256-sha1", "aes128-aes256-sha1-sha256", "aes256-sha256" },
126 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", NULL },
127 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", "aes128-sha256", PROPOSAL_SKIP_KE },
128 { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072", NULL },
129 { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072", "aes128-sha256", PROPOSAL_SKIP_KE },
130 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-modp3072", "aes128-sha256", PROPOSAL_SKIP_KE },
131 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-ecp256", "aes128-sha256", PROPOSAL_SKIP_KE },
132 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-none", NULL },
133 { PROTO_ESP, "aes128-sha256-none", "aes128-sha256-modp3072", NULL },
134 { PROTO_ESP, "aes128-sha256-modp3072-none", "aes128-sha256", "aes128-sha256" },
135 { PROTO_ESP, "aes128-sha256", "aes128-sha256-modp3072-none", "aes128-sha256" },
136 { PROTO_ESP, "aes128-sha256-modp3072-none", "aes128-sha256-none-modp3072", "aes128-sha256-modp3072" },
137 { PROTO_ESP, "aes128-sha256-none-modp3072", "aes128-sha256-modp3072-none", "aes128-sha256" },
138 { PROTO_ESP, "aes128-sha256-esn", "aes128-sha256-esn", "aes128-sha256-esn" },
139 { PROTO_ESP, "aes128-sha256-noesn", "aes128-sha256-esn", NULL },
140 { PROTO_ESP, "aes128-sha256-noesn-esn", "aes128-sha256-esn", "aes128-sha256-esn" },
141 { PROTO_ESP, "aes128-sha256-noesn-esn", "aes128-sha256", "aes128-sha256" },
142 { PROTO_ESP, "aes128-sha256-esn-noesn", "aes128-sha256-noesn-esn", "aes128-sha256-esn" },
143 { PROTO_IKE, "aes128-sha256-modp3072", "aes128-sha256-modp3072", "aes128-sha256-modp3072" },
144 { PROTO_IKE, "aes128-sha256-modp3072", "aes128-sha256-modp3072-none", "aes128-sha256-modp3072" },
145 { PROTO_IKE, "aes128-sha256-modp3072-none", "aes128-sha256-modp3072", "aes128-sha256-modp3072" },
146 };
147
148 START_TEST(test_select)
149 {
150 proposal_t *self, *other, *selected, *expected;
151
152 self = proposal_create_from_string(select_data[_i].proto,
153 select_data[_i].self);
154 other = proposal_create_from_string(select_data[_i].proto,
155 select_data[_i].other);
156 selected = self->select(self, other, select_data[_i].flags);
157 if (select_data[_i].expected)
158 {
159 expected = proposal_create_from_string(select_data[_i].proto,
160 select_data[_i].expected);
161 ck_assert(selected);
162 ck_assert_msg(expected->equals(expected, selected), "proposal %P does "
163 "not match expected %P", selected, expected);
164 expected->destroy(expected);
165 }
166 else
167 {
168 ck_assert(!selected);
169 }
170 DESTROY_IF(selected);
171 other->destroy(other);
172 self->destroy(self);
173 }
174 END_TEST
175
176 START_TEST(test_select_spi)
177 {
178 proposal_t *self, *other, *selected;
179
180 self = proposal_create_from_string(PROTO_ESP, "aes128-sha256-modp3072");
181 other = proposal_create_from_string(PROTO_ESP, "aes128-sha256-modp3072");
182 other->set_spi(other, 0x12345678);
183
184 selected = self->select(self, other, 0);
185 ck_assert(selected);
186 ck_assert_int_eq(selected->get_spi(selected), other->get_spi(other));
187 selected->destroy(selected);
188
189 selected = self->select(self, other, PROPOSAL_PREFER_SUPPLIED);
190 ck_assert(selected);
191 ck_assert_int_eq(selected->get_spi(selected), self->get_spi(self));
192 selected->destroy(selected);
193
194 other->destroy(other);
195 self->destroy(self);
196 }
197 END_TEST
198
199 START_TEST(test_matches)
200 {
201 proposal_t *self, *other;
202
203 self = proposal_create_from_string(select_data[_i].proto,
204 select_data[_i].self);
205 other = proposal_create_from_string(select_data[_i].proto,
206 select_data[_i].other);
207 if (select_data[_i].expected)
208 {
209 ck_assert(self->matches(self, other, select_data[_i].flags));
210 ck_assert(other->matches(other, self, select_data[_i].flags));
211 ck_assert(self->matches(self, other,
212 select_data[_i].flags | PROPOSAL_PREFER_SUPPLIED));
213 ck_assert(other->matches(other, self,
214 select_data[_i].flags | PROPOSAL_PREFER_SUPPLIED));
215 }
216 else
217 {
218 ck_assert(!self->matches(self, other, select_data[_i].flags));
219 ck_assert(!other->matches(other, self, select_data[_i].flags));
220 ck_assert(!self->matches(self, other,
221 select_data[_i].flags | PROPOSAL_PREFER_SUPPLIED));
222 ck_assert(!other->matches(other, self,
223 select_data[_i].flags | PROPOSAL_PREFER_SUPPLIED));
224 }
225 other->destroy(other);
226 self->destroy(self);
227 }
228 END_TEST
229
230 static struct {
231 protocol_id_t proto;
232 char *self[5];
233 char *other[5];
234 char *expected;
235 proposal_selection_flag_t flags;
236 } select_proposal_data[] = {
237 { PROTO_ESP, {}, {}, NULL },
238 { PROTO_ESP, { "aes128" }, {}, NULL },
239 { PROTO_ESP, {}, { "aes128" }, NULL },
240 { PROTO_ESP, { "aes128" }, { "aes256" }, NULL },
241 { PROTO_ESP, { "aes128" }, { "aes128" }, "aes128" },
242 { PROTO_ESP, { "aes128", "aes256" }, { "aes256", "aes128" }, "aes128" },
243 { PROTO_ESP, { "aes128", "aes256" }, { "aes256", "aes128" }, "aes256",
244 PROPOSAL_PREFER_SUPPLIED },
245 { PROTO_ESP, { "aes128-modp1024", "aes256-modp1024" },
246 { "aes256-modp2048", "aes128-modp2048" }, NULL },
247 { PROTO_ESP, { "aes128-modp1024", "aes256-modp1024" },
248 { "aes256-modp2048", "aes128-modp2048" }, "aes128",
249 PROPOSAL_SKIP_KE },
250 { PROTO_ESP, { "aes128-modp1024", "aes256-modp1024" },
251 { "aes256-modp2048", "aes128-modp2048" }, "aes256",
252 PROPOSAL_PREFER_SUPPLIED | PROPOSAL_SKIP_KE },
253 };
254
255 START_TEST(test_select_proposal)
256 {
257 linked_list_t *self, *other;
258 proposal_t *proposal, *selected, *expected;
259 int i;
260
261 self = linked_list_create();
262 other = linked_list_create();
263
264 for (i = 0; i < countof(select_proposal_data[_i].self); i++)
265 {
266 if (!select_proposal_data[_i].self[i])
267 {
268 break;
269 }
270 proposal = proposal_create_from_string(select_proposal_data[_i].proto,
271 select_proposal_data[_i].self[i]);
272 self->insert_last(self, proposal);
273 }
274 for (i = 0; i < countof(select_proposal_data[_i].other); i++)
275 {
276 if (!select_proposal_data[_i].other[i])
277 {
278 break;
279 }
280 proposal = proposal_create_from_string(select_proposal_data[_i].proto,
281 select_proposal_data[_i].other[i]);
282 other->insert_last(other, proposal);
283 }
284 selected = proposal_select(self, other, select_proposal_data[_i].flags);
285 if (select_proposal_data[_i].expected)
286 {
287 expected = proposal_create_from_string(select_proposal_data[_i].proto,
288 select_proposal_data[_i].expected);
289 ck_assert(selected);
290 ck_assert_msg(expected->equals(expected, selected), "proposal %P does "
291 "not match expected %P", selected, expected);
292 expected->destroy(expected);
293 }
294 else
295 {
296 ck_assert(!selected);
297 }
298 DESTROY_IF(selected);
299 other->destroy_offset(other, offsetof(proposal_t, destroy));
300 self->destroy_offset(self, offsetof(proposal_t, destroy));
301 }
302 END_TEST
303
304 START_TEST(test_has_transform)
305 {
306 proposal_t *proposal;
307
308 proposal = proposal_create_from_string(PROTO_IKE,
309 "aes128-sha256-modp3072-ecp256");
310 ck_assert(proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
311 MODP_3072_BIT));
312 ck_assert(proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
313 ECP_256_BIT));
314 ck_assert(!proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
315 MODP_2048_BIT));
316 proposal->destroy(proposal);
317 }
318 END_TEST
319
320 START_TEST(test_has_transform_none)
321 {
322 proposal_t *proposal;
323
324 proposal = proposal_create_from_string(PROTO_ESP,
325 "aes128-sha256");
326 ck_assert(proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
327 KE_NONE));
328 proposal->destroy(proposal);
329
330 proposal = proposal_create_from_string(PROTO_ESP,
331 "aes128-sha256-none");
332 ck_assert(proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
333 KE_NONE));
334 proposal->destroy(proposal);
335
336 proposal = proposal_create_from_string(PROTO_ESP,
337 "aes128-sha256-modp3072");
338 ck_assert(!proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
339 KE_NONE));
340 proposal->destroy(proposal);
341
342 /* while actually contained in the proposal, KE_NONE is 0 so we expect
343 * has_transform() to return FALSE if there are other algorithms */
344 proposal = proposal_create_from_string(PROTO_ESP,
345 "aes128-sha256-modp3072-none");
346 ck_assert(!proposal->has_transform(proposal, KEY_EXCHANGE_METHOD,
347 KE_NONE));
348 proposal->destroy(proposal);
349 }
350 END_TEST
351
352 START_TEST(test_promote_transform)
353 {
354 proposal_t *proposal;
355
356 proposal = proposal_create_from_string(PROTO_IKE,
357 "aes128-sha256-modp3072-ecp256");
358 ck_assert(proposal->promote_transform(proposal, KEY_EXCHANGE_METHOD,
359 ECP_256_BIT));
360 assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/MODP_3072");
361 proposal->destroy(proposal);
362 }
363 END_TEST
364
365 START_TEST(test_promote_transform_already_front)
366 {
367 proposal_t *proposal;
368
369 proposal = proposal_create_from_string(PROTO_IKE,
370 "aes128-sha256-modp3072-ecp256");
371 ck_assert(proposal->promote_transform(proposal, KEY_EXCHANGE_METHOD,
372 MODP_3072_BIT));
373 assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072/ECP_256");
374 proposal->destroy(proposal);
375 }
376 END_TEST
377
378 START_TEST(test_promote_transform_not_contained)
379 {
380 proposal_t *proposal;
381
382 proposal = proposal_create_from_string(PROTO_IKE,
383 "aes128-sha256-modp3072-ecp256");
384
385 ck_assert(!proposal->promote_transform(proposal, KEY_EXCHANGE_METHOD,
386 MODP_2048_BIT));
387 assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072/ECP_256");
388 proposal->destroy(proposal);
389 }
390 END_TEST
391
392 START_TEST(test_unknown_transform_types_print)
393 {
394 proposal_t *proposal;
395
396 proposal = proposal_create(PROTO_IKE, 0);
397 proposal->add_algorithm(proposal, 242, 42, 128);
398 assert_proposal_eq(proposal, "IKE:UNKNOWN_242_42_128");
399 proposal->destroy(proposal);
400
401 proposal = proposal_create_from_string(PROTO_IKE,
402 "aes128-sha256-ecp256");
403 proposal->add_algorithm(proposal, 242, 42, 128);
404 proposal->add_algorithm(proposal, 243, 1, 0);
405 assert_proposal_eq(proposal, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128/UNKNOWN_243_1");
406 proposal->destroy(proposal);
407 }
408 END_TEST
409
410 START_TEST(test_unknown_transform_types_equals)
411 {
412 proposal_t *self, *other;
413
414 self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
415 other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
416 other->add_algorithm(other, 242, 42, 0);
417 ck_assert(!self->equals(self, other));
418 ck_assert(!other->equals(other, self));
419 self->add_algorithm(self, 242, 42, 0);
420 ck_assert(self->equals(self, other));
421 ck_assert(other->equals(other, self));
422 other->destroy(other);
423 self->destroy(self);
424 }
425 END_TEST
426
427 START_TEST(test_unknown_transform_types_select_fail)
428 {
429 proposal_t *self, *other, *selected;
430
431 self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
432 other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
433 other->add_algorithm(other, 242, 42, 0);
434
435 selected = self->select(self, other, 0);
436 ck_assert(!selected);
437 other->destroy(other);
438 self->destroy(self);
439 }
440 END_TEST
441
442 START_TEST(test_unknown_transform_types_select_fail_subtype)
443 {
444 proposal_t *self, *other, *selected;
445
446 self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
447 self->add_algorithm(self, 242, 8, 0);
448 other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
449 other->add_algorithm(other, 242, 42, 0);
450
451 selected = self->select(self, other, 0);
452 ck_assert(!selected);
453 other->destroy(other);
454 self->destroy(self);
455 }
456 END_TEST
457
458 START_TEST(test_unknown_transform_types_select_success)
459 {
460 proposal_t *self, *other, *selected;
461
462 self = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
463 self->add_algorithm(self, 242, 42, 128);
464 other = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
465 other->add_algorithm(other, 242, 42, 128);
466 other->add_algorithm(other, 242, 1, 0);
467
468 selected = self->select(self, other, 0);
469 ck_assert(selected);
470 assert_proposal_eq(selected, "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256/UNKNOWN_242_42_128");
471 selected->destroy(selected);
472 other->destroy(other);
473 self->destroy(self);
474 }
475 END_TEST
476
477 START_TEST(test_chacha20_poly1305_key_length)
478 {
479 proposal_t *proposal;
480 uint16_t alg, ks;
481
482 proposal = proposal_create_from_string(PROTO_IKE, "chacha20poly1305-prfsha256-ecp256");
483 proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &ks);
484 ck_assert_int_eq(alg, ENCR_CHACHA20_POLY1305);
485 ck_assert_int_eq(ks, 0);
486 assert_proposal_eq(proposal, "IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/ECP_256");
487 proposal->destroy(proposal);
488 }
489 END_TEST
490
491 static struct {
492 protocol_id_t proto;
493 char *orig;
494 char *expected;
495 proposal_selection_flag_t flags;
496 } clone_data[] = {
497 { PROTO_ESP, "aes128", "aes128" },
498 { PROTO_ESP, "aes128-serpent", "aes128-serpent" },
499 { PROTO_ESP, "aes128-serpent", "aes128", PROPOSAL_SKIP_PRIVATE },
500 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256-modp3072" },
501 { PROTO_ESP, "aes128-sha256-modp3072", "aes128-sha256", PROPOSAL_SKIP_KE },
502 { PROTO_ESP, "aes128-serpent-modp3072", "aes128-serpent",
503 PROPOSAL_SKIP_KE },
504 { PROTO_ESP, "aes128-serpent-modp3072", "aes128",
505 PROPOSAL_SKIP_PRIVATE | PROPOSAL_SKIP_KE },
506 };
507
508 START_TEST(test_clone)
509 {
510 proposal_t *orig, *result, *expected;
511
512 orig = proposal_create_from_string(clone_data[_i].proto,
513 clone_data[_i].orig);
514 orig->set_spi(orig, 0x12345678);
515
516 result = orig->clone(orig, clone_data[_i].flags);
517
518 expected = proposal_create_from_string(clone_data[_i].proto,
519 clone_data[_i].expected);
520 ck_assert_msg(expected->equals(expected, result), "proposal %P does "
521 "not match expected %P", result, expected);
522 ck_assert_int_eq(orig->get_spi(orig), result->get_spi(result));
523
524 expected->destroy(expected);
525 result->destroy(result);
526 orig->destroy(orig);
527 }
528 END_TEST
529
530 Suite *proposal_suite_create()
531 {
532 Suite *s;
533 TCase *tc;
534
535 s = suite_create("proposal");
536
537 tc = tcase_create("proposal keywords");
538 tcase_add_test(tc, test_dh_group_mapping);
539 suite_add_tcase(s, tc);
540
541 tc = tcase_create("create_from_string");
542 tcase_add_loop_test(tc, test_create_from_string, 0, countof(create_data));
543 suite_add_tcase(s, tc);
544
545 tc = tcase_create("select");
546 tcase_add_loop_test(tc, test_select, 0, countof(select_data));
547 tcase_add_test(tc, test_select_spi);
548 suite_add_tcase(s, tc);
549
550 tc = tcase_create("matches");
551 tcase_add_loop_test(tc, test_matches, 0, countof(select_data));
552 suite_add_tcase(s, tc);
553
554 tc = tcase_create("select_proposal");
555 tcase_add_loop_test(tc, test_select_proposal, 0,
556 countof(select_proposal_data));
557 suite_add_tcase(s, tc);
558
559 tc = tcase_create("has_transform");
560 tcase_add_test(tc, test_has_transform);
561 tcase_add_test(tc, test_has_transform_none);
562 suite_add_tcase(s, tc);
563
564 tc = tcase_create("promote_transform");
565 tcase_add_test(tc, test_promote_transform);
566 tcase_add_test(tc, test_promote_transform_already_front);
567 tcase_add_test(tc, test_promote_transform_not_contained);
568 suite_add_tcase(s, tc);
569
570 tc = tcase_create("unknown transform types");
571 tcase_add_test(tc, test_unknown_transform_types_print);
572 tcase_add_test(tc, test_unknown_transform_types_equals);
573 tcase_add_test(tc, test_unknown_transform_types_select_fail);
574 tcase_add_test(tc, test_unknown_transform_types_select_fail_subtype);
575 tcase_add_test(tc, test_unknown_transform_types_select_success);
576 suite_add_tcase(s, tc);
577
578 tc = tcase_create("chacha20/poly1305");
579 tcase_add_test(tc, test_chacha20_poly1305_key_length);
580 suite_add_tcase(s, tc);
581
582 tc = tcase_create("clone");
583 tcase_add_loop_test(tc, test_clone, 0, countof(clone_data));
584 suite_add_tcase(s, tc);
585
586 return s;
587 }
Unnamed repository; edit this file 'description' to name the repository.