From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 20 Oct 2022 02:15:28 +0000 (+0200)
Subject: testing: Migrated botan scenarios
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=220763e1edbf5de142100aab5a74bf84cf0d8ab1;p=thirdparty%2Fstrongswan.git

testing: Migrated botan scenarios
---

diff --git a/testing/tests/botan/net2net-ed25519/description.txt b/testing/tests/botan/net2net-ed25519/description.txt
index 8c67989f48..eeb874e63e 100755
--- a/testing/tests/botan/net2net-ed25519/description.txt
+++ b/testing/tests/botan/net2net-ed25519/description.txt
@@ -1,8 +1,8 @@
 A connection between the subnets behind the gateways <b>moon</b> and <b>sun</b> is set up.
 The authentication is based on <b>X.509 certificates</b> containing <b>Ed25519</b> keys.
 <b>moon</b> uses the botan plugin based on the Botan library for all
-cryptographical functions whereas <b>sun</b> uses the default strongSwan
-cryptographical plugins.
+cryptographical functions whereas <b>sun</b> uses <b>openssl</b>
+as the default <b>strongSwan</b> cryptographical plugin.
 <p/>
 Upon the successful establishment of the IPsec tunnel, the updown script automatically
 inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf b/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
index 13c6cf84eb..f0c7480ca3 100755
--- a/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/botan/net2net-ed25519/hosts/sun/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
+  load = random pem pkcs1 openssl revocation constraints
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 hmac kdf pem pkcs1 pkcs8 x509 revocation constraints curve25519 curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/botan/rw-cert/description.txt b/testing/tests/botan/rw-cert/description.txt
index 2d9d550fc2..9eb7cacb13 100755
--- a/testing/tests/botan/rw-cert/description.txt
+++ b/testing/tests/botan/rw-cert/description.txt
@@ -1,8 +1,8 @@
 The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>botan</b>
 plugin based on the <b>Botan</b> library for all cryptographical functions whereas
-roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins. The authentication is based on <b>X.509 certificates</b> and the key exchange
-on <b>x25519</b>.
+roadwarrior <b>dave</b> uses <b>openssl</b> as the default <b>strongSwan</b>
+cryptographical plugin. The authentication is based on <b>X.509 certificates</b>
+and the key exchange on <b>x25519</b>.
 <p/>
 Upon the successful establishment of the IPsec tunnels, the updown script
 automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/botan/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/botan/rw-cert/hosts/dave/etc/strongswan.conf
index ad87328e35..d8d81a1bec 100755
--- a/testing/tests/botan/rw-cert/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/botan/rw-cert/hosts/dave/etc/strongswan.conf
@@ -5,7 +5,7 @@ swanctl {
 }
 
 charon-systemd {
-  load = random nonce sha1 sha2 aes curve25519 hmac kdf mgf1 pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints pubkey curl kernel-netlink socket-default updown vici
 
   rsa_pss = yes
 }
diff --git a/testing/tests/botan/rw-modp3072/description.txt b/testing/tests/botan/rw-modp3072/description.txt
index 3c1c0dc849..c73a528d10 100755
--- a/testing/tests/botan/rw-modp3072/description.txt
+++ b/testing/tests/botan/rw-modp3072/description.txt
@@ -1,8 +1,8 @@
 The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>botan</b>
 plugin based on the <b>Botan</b> library for all cryptographical functions whereas
-roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins. The authentication is based on <b>X.509 certificates</b> and the key exchange
-on <b>modp3072</b>.
+roadwarrior <b>dave</b> uses t<b>openssl</b> as the default <b>strongSwan</b>
+cryptographical plugin. The authentication is based on <b>X.509 certificates</b>
+and the key exchange on <b>modp3072</b>.
 <p/>
 Upon the successful establishment of the IPsec tunnels, the updown script
 automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/botan/rw-modp3072/hosts/dave/etc/strongswan.conf b/testing/tests/botan/rw-modp3072/hosts/dave/etc/strongswan.conf
index f9df83ca4b..033ea6b297 100755
--- a/testing/tests/botan/rw-modp3072/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/botan/rw-modp3072/hosts/dave/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce sha1 sha2 aes hmac kdf mgf1 pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints pubkey curl kernel-netlink socket-default updown vici
 
   rsa_pss = yes
 }