From f0935a63edf65b58214b18138a516454bf3384d8 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Sat, 23 Oct 2021 11:44:15 +0200
Subject: [PATCH] testing: Optimized plugin use in pkcs8 scenarios

---
 .../botan/net2net-ed25519/hosts/moon/etc/strongswan.conf  | 4 ++--
 .../botan/net2net-ed25519/hosts/sun/etc/strongswan.conf   | 4 ++--
 .../ikev2/net2net-ed25519/hosts/moon/etc/strongswan.conf  | 2 +-
 .../ikev2/net2net-ed25519/hosts/sun/etc/strongswan.conf   | 2 +-
 .../tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf  | 4 ++--
 .../tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf   | 4 ++--
 .../tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf   | 4 ++--
 .../ecdsa-pkcs8/hosts/carol/etc/strongswan.conf           | 8 ++++++--
 .../ecdsa-pkcs8/hosts/dave/etc/strongswan.conf            | 8 ++++++--
 .../ecdsa-pkcs8/hosts/moon/etc/strongswan.conf            | 8 ++++++--
 .../net2net-ed25519/hosts/moon/etc/strongswan.conf        | 2 +-
 .../wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf | 2 +-
 12 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/testing/tests/botan/net2net-ed25519/hosts/moon/etc/strongswan.conf b/testing/tests/botan/net2net-ed25519/hosts/moon/etc/strongswan.conf
index 508c30a00..27954d8e2 100755
--- a/testing/tests/botan/net2net-ed25519/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/botan/net2net-ed25519/hosts/moon/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = random pem x509 revocation constraints pubkey botan
+  load = random pem botan x509 revocation constraints
 }
 
 charon-systemd {
-  load = random nonce pem x509 botan revocation curl kernel-netlink socket-default updown vici
+  load = random nonce pem botan x509 revocation constraints curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf b/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
index a35aea01c..f3115e84e 100755
--- a/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 hmac pem pkcs1 pkcs8 x509 revocation curve25519 curl kernel-netlink socket-default updown vici
+  load = random nonce aes sha1 sha2 hmac pem pkcs1 pkcs8 x509 revocation constraints curve25519 curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/strongswan.conf
index a35aea01c..e6713bc9d 100755
--- a/testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
 }
 
 charon-systemd {
diff --git a/testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/strongswan.conf
index a35aea01c..e6713bc9d 100755
--- a/testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
 }
 
 charon-systemd {
diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf
index 7415f931c..539c04470 100755
--- a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = random des sha1 pem pkcs1 pkcs8 gmp x509 revocation constraints
 }
 
 charon-systemd {
-  load = random drbg nonce aes sha1 sha2 pem pkcs1 pkcs8 curve25519 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 hmac pem pkcs1 gmp x509 revocation curve25519 curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf
index 7415f931c..7e1d249f5 100755
--- a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = random aes sha1 pem pkcs1 pkcs8 gmp x509 revocation constraints
 }
 
 charon-systemd {
-  load = random drbg nonce aes sha1 sha2 pem pkcs1 pkcs8 curve25519 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 hmac pem pkcs1 gmp x509 revocation curve25519 curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf
index 7415f931c..1dbc15b63 100755
--- a/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = random sha1 pem pkcs1 gmp x509 revocation constraints
 }
 
 charon-systemd {
-  load = random drbg nonce aes sha1 sha2 pem pkcs1 pkcs8 curve25519 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 hmac pem pkcs1 pkcs8 gmp x509 revocation curve25519 curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/strongswan.conf
index a322670f4..1c5179f81 100644
--- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/strongswan.conf
@@ -1,5 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
-charon {
-  load = random nonce pem pkcs1 openssl curl revocation vici kernel-netlink socket-default updown
+swanctl {
+  load = pem openssl
+}
+
+charon-systemd {
+  load = nonce pem openssl curl revocation vici kernel-netlink socket-default updown
 }
diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/strongswan.conf
index a322670f4..1c5179f81 100644
--- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/strongswan.conf
@@ -1,5 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
-charon {
-  load = random nonce pem pkcs1 openssl curl revocation vici kernel-netlink socket-default updown
+swanctl {
+  load = pem openssl
+}
+
+charon-systemd {
+  load = nonce pem openssl curl revocation vici kernel-netlink socket-default updown
 }
diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/strongswan.conf
index a322670f4..1c5179f81 100644
--- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/strongswan.conf
@@ -1,5 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
-charon {
-  load = random nonce pem pkcs1 openssl curl revocation vici kernel-netlink socket-default updown
+swanctl {
+  load = pem openssl
+}
+
+charon-systemd {
+  load = nonce pem openssl curl revocation vici kernel-netlink socket-default updown
 }
diff --git a/testing/tests/wolfssl/net2net-ed25519/hosts/moon/etc/strongswan.conf b/testing/tests/wolfssl/net2net-ed25519/hosts/moon/etc/strongswan.conf
index b32eaf53a..3c7664b30 100755
--- a/testing/tests/wolfssl/net2net-ed25519/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/wolfssl/net2net-ed25519/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = random pem wolfssl pkcs1 pkcs8 x509 revocation constraints
+  load = random pem wolfssl x509 revocation constraints
 }
 
 charon-systemd {
diff --git a/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf b/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
index a35aea01c..e6713bc9d 100755
--- a/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
 }
 
 charon-systemd {
-- 
2.39.5