[PATCH] unit: Add runtime check for TLS suite cipher support

[PATCH] unit: Add runtime check for TLS suite cipher support

[Mat Martineau]

[-- Attachment #1: Type: text/plain, Size: 1303 bytes --]

Skip TLS suite tests where the currently running kernel does not have
support for the necessary cipher. Checksums types already have runtime
validation.
---
 unit/test-tls.c | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/unit/test-tls.c b/unit/test-tls.c
index 01496d2..03c5370 100644
--- a/unit/test-tls.c
+++ b/unit/test-tls.c
@@ -709,9 +709,24 @@ int main(int argc, char *argv[])
 	l_test_add("TLS connection version mismatch",
 			test_tls_version_mismatch_test, NULL);
 
-	for (i = 0; tls_cipher_suite_pref[i]; i++)
-		l_test_add(tls_cipher_suite_pref[i]->name, test_tls_suite_test,
-				tls_cipher_suite_pref[i]->name);
+	for (i = 0; tls_cipher_suite_pref[i]; i++) {
+		struct tls_cipher_suite *suite = tls_cipher_suite_pref[i];
+		struct tls_bulk_encryption_algorithm *alg = suite->encryption;
+		bool supported;
+
+		if (alg->cipher_type == TLS_CIPHER_AEAD)
+			supported = l_aead_cipher_is_supported(alg->l_aead_id);
+		else
+			supported = l_cipher_is_supported(alg->l_id);
+
+		if (supported) {
+			l_test_add(suite->name, test_tls_suite_test,
+					suite->name);
+		} else {
+			printf("Skipping %s due to missing cipher support\n",
+				suite->name);
+		}
+	}
 
 done:
 	return l_test_run();
-- 
2.20.1

Re: [PATCH] unit: Add runtime check for TLS suite cipher support

[Denis Kenzior]

[-- Attachment #1: Type: text/plain, Size: 370 bytes --]

Hi Mat,

On 02/15/2019 04:01 PM, Mat Martineau wrote:
> Skip TLS suite tests where the currently running kernel does not have
> support for the necessary cipher. Checksums types already have runtime
> validation.
> ---
>   unit/test-tls.c | 21 ++++++++++++++++++---
>   1 file changed, 18 insertions(+), 3 deletions(-)

Applied, thanks.

Regards,
-Denis