From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Fri, 21 Oct 2022 18:38:16 +0000 (+0200)
Subject: testing: Migrated wolfssl scenarios
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e6faf914b61cb12a9c91283036f9cec92ae6a760;p=thirdparty%2Fstrongswan.git

testing: Migrated wolfssl scenarios
---

diff --git a/testing/tests/wolfssl/net2net-ed25519/description.txt b/testing/tests/wolfssl/net2net-ed25519/description.txt
index f50109769b..58dbc6b333 100755
--- a/testing/tests/wolfssl/net2net-ed25519/description.txt
+++ b/testing/tests/wolfssl/net2net-ed25519/description.txt
@@ -1,8 +1,8 @@
 A connection between the subnets behind the gateways <b>moon</b> and <b>sun</b> is set up.
 The authentication is based on <b>X.509 certificates</b> containing <b>Ed25519</b> keys.
 <b>moon</b> uses the wolfssl plugin based on the wolfCrypt library for all
-cryptographical functions whereas <b>sun</b> uses the default strongSwan
-cryptographical plugins.
+cryptographical functions whereas <b>sun</b> uses t<b>openssl</b> as the default
+<b>strongSwan</b> cryptographical plugin.
 <p/>
 Upon the successful establishment of the IPsec tunnel, the updown script automatically
 inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf b/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
index 24aa52cfb2..f0c7480ca3 100755
--- a/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/wolfssl/net2net-ed25519/hosts/sun/etc/strongswan.conf
@@ -1,9 +1,9 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = random pem sha1 pkcs1 pkcs8 curve25519 x509 revocation constraints
+  load = random pem pkcs1 openssl revocation constraints
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 hmac kdf pem pkcs1 pkcs8 x509 revocation curve25519 curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints curl kernel-netlink socket-default updown vici
 }
diff --git a/testing/tests/wolfssl/rw-cert/description.txt b/testing/tests/wolfssl/rw-cert/description.txt
index 9006bcb513..3fffa7b6ad 100755
--- a/testing/tests/wolfssl/rw-cert/description.txt
+++ b/testing/tests/wolfssl/rw-cert/description.txt
@@ -1,8 +1,8 @@
 The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>wolfssl</b>
 plugin based on the <b>wolfSSL</b> library for all cryptographical functions whereas
-roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins. The authentication is based on <b>X.509 certificates</b> and the key exchange
-on <b>x25519</b>.
+roadwarrior <b>dave</b> uses <b>openssl</b> as the default <b>strongSwan</b>
+cryptographical plugin. The authentication is based on <b>X.509 certificates</b>
+and the key exchange on <b>x25519</b>.
 <p/>
 Upon the successful establishment of the IPsec tunnels, the updown script
 automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/wolfssl/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/wolfssl/rw-cert/hosts/dave/etc/strongswan.conf
index ba275349d0..924fc90dc4 100755
--- a/testing/tests/wolfssl/rw-cert/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/wolfssl/rw-cert/hosts/dave/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pkcs1 pem openssl x509 revocation constraints
+  load = pkcs1 pem openssl revocation constraints
 }
 
 charon-systemd {
-  load = random nonce sha1 sha2 sha3 aes curve25519 hmac kdf mgf1 pem pkcs1 x509 revocation constraints gmp curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints curl kernel-netlink socket-default updown vici
 
   rsa_pss = yes
 }
diff --git a/testing/tests/wolfssl/rw-modp3072/description.txt b/testing/tests/wolfssl/rw-modp3072/description.txt
index a847d2652d..de6d2ff694 100755
--- a/testing/tests/wolfssl/rw-modp3072/description.txt
+++ b/testing/tests/wolfssl/rw-modp3072/description.txt
@@ -1,8 +1,8 @@
 The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>wolfssl</b>
 plugin based on the <b>wolfCrypt</b> library for all cryptographical functions whereas
-roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
-plugins. The authentication is based on <b>X.509 certificates</b> and the key exchange
-on <b>modp3072</b>.
+roadwarrior <b>dave</b> uses <b>openssl</b> as the default <b>strongSwan</b>
+cryptographical plugin. The authentication is based on <b>X.509 certificates</b>
+and the key exchange on <b>modp3072</b>.
 <p/>
 Upon the successful establishment of the IPsec tunnels, the updown script
 automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
diff --git a/testing/tests/wolfssl/rw-modp3072/hosts/dave/etc/strongswan.conf b/testing/tests/wolfssl/rw-modp3072/hosts/dave/etc/strongswan.conf
index f9df83ca4b..033ea6b297 100755
--- a/testing/tests/wolfssl/rw-modp3072/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/wolfssl/rw-modp3072/hosts/dave/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce sha1 sha2 aes hmac kdf mgf1 pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici
+  load = random nonce openssl pem pkcs1 revocation constraints pubkey curl kernel-netlink socket-default updown vici
 
   rsa_pss = yes
 }