diff options
| author | jsing <> | 2020-09-16 15:44:36 +0000 |
|---|---|---|
| committer | jsing <> | 2020-09-16 15:44:36 +0000 |
| commit | 5519194679130aa394f41c17b87b16ba8e097649 (patch) | |
| tree | 10f687f389100632dc4a4a1f34d09af54edb48fb | |
| parent | e31933777a3a59b3ebc949918eb158166e7d9c1d (diff) | |
| download | openbsd-5519194679130aa394f41c17b87b16ba8e097649.tar.gz openbsd-5519194679130aa394f41c17b87b16ba8e097649.tar.bz2 openbsd-5519194679130aa394f41c17b87b16ba8e097649.zip | |
Correct cipher_set_test() when run on a machine without AES acceleration.
Noted by bcook@ and inoguchi@ while working on portable.
| -rw-r--r-- | src/regress/lib/libssl/ciphers/cipherstest.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c index 94e1a8c73b..2e51a040cc 100644 --- a/src/regress/lib/libssl/ciphers/cipherstest.c +++ b/src/regress/lib/libssl/ciphers/cipherstest.c | |||
| @@ -22,6 +22,16 @@ | |||
| 22 | 22 | ||
| 23 | int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str); | 23 | int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str); |
| 24 | 24 | ||
| 25 | static inline int | ||
| 26 | ssl_aes_is_accelerated(void) | ||
| 27 | { | ||
| 28 | #if defined(__i386__) || defined(__x86_64__) | ||
| 29 | return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0); | ||
| 30 | #else | ||
| 31 | return (0); | ||
| 32 | #endif | ||
| 33 | } | ||
| 34 | |||
| 25 | static int | 35 | static int |
| 26 | get_put_test(const char *name, const SSL_METHOD *method) | 36 | get_put_test(const char *name, const SSL_METHOD *method) |
| 27 | { | 37 | { |
| @@ -281,12 +291,14 @@ struct cipher_set_test { | |||
| 281 | int ssl_ciphersuites_first; | 291 | int ssl_ciphersuites_first; |
| 282 | const char *ssl_ciphersuites; | 292 | const char *ssl_ciphersuites; |
| 283 | const char *ssl_rulestr; | 293 | const char *ssl_rulestr; |
| 284 | const unsigned long cids[32]; | 294 | int cids_aes_accel_fixup; |
| 295 | unsigned long cids[32]; | ||
| 285 | }; | 296 | }; |
| 286 | 297 | ||
| 287 | struct cipher_set_test cipher_set_tests[] = { | 298 | struct cipher_set_test cipher_set_tests[] = { |
| 288 | { | 299 | { |
| 289 | .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", | 300 | .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", |
| 301 | .cids_aes_accel_fixup = 1, | ||
| 290 | .cids = { | 302 | .cids = { |
| 291 | TLS1_3_CK_AES_256_GCM_SHA384, | 303 | TLS1_3_CK_AES_256_GCM_SHA384, |
| 292 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, | 304 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, |
| @@ -299,6 +311,7 @@ struct cipher_set_test cipher_set_tests[] = { | |||
| 299 | }, | 311 | }, |
| 300 | { | 312 | { |
| 301 | .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", | 313 | .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", |
| 314 | .cids_aes_accel_fixup = 1, | ||
| 302 | .cids = { | 315 | .cids = { |
| 303 | TLS1_3_CK_AES_256_GCM_SHA384, | 316 | TLS1_3_CK_AES_256_GCM_SHA384, |
| 304 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, | 317 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, |
| @@ -405,6 +418,11 @@ cipher_set_test() | |||
| 405 | for (i = 0; i < N_CIPHER_SET_TESTS; i++) { | 418 | for (i = 0; i < N_CIPHER_SET_TESTS; i++) { |
| 406 | cst = &cipher_set_tests[i]; | 419 | cst = &cipher_set_tests[i]; |
| 407 | 420 | ||
| 421 | if (!ssl_aes_is_accelerated() && cst->cids_aes_accel_fixup) { | ||
| 422 | cst->cids[0] = TLS1_3_CK_CHACHA20_POLY1305_SHA256; | ||
| 423 | cst->cids[1] = TLS1_3_CK_AES_256_GCM_SHA384; | ||
| 424 | } | ||
| 425 | |||
| 408 | if ((ctx = SSL_CTX_new(TLS_method())) == NULL) | 426 | if ((ctx = SSL_CTX_new(TLS_method())) == NULL) |
| 409 | errx(1, "SSL_CTX_new"); | 427 | errx(1, "SSL_CTX_new"); |
| 410 | 428 | ||