"\n"))
(salts
(list nil "salt" "" "toomuchsalt"))
+ ;; Ciphers
(ciphers
- (let (ciphers)
+ ;; We seem to have issues with the following ciphers. Not
+ ;; sure yet if it is SXEmacs bug, or OpenSSL bug. But perhaps
+ ;; we should prevent them from being used at all with our ssl
+ ;; code instead of just conveniently ignoring them in the
+ ;; testsuite? --SY.
+ (let ((bad-ciphers '(id-smime-alg-CMS3DESwrap
+ id-aes128-wrap id-aes192-wrap id-aes256-wrap
+ id-aes128-GCM id-aes128-CCM id-aes192-GCM
+ id-aes192-CCM id-aes256-GCM id-aes256-CCM
+ AES-128-XTS AES-256-XTS))
+ ciphers)
(mapc-internal
#'(lambda (cipher)
(let ((ciphmode (substring (symbol-name cipher) -2)))
;; yields an assertion error.
;; Bug in openssl?
;; -hroptatyr
- (unless (or (< (ossl-cipher-bits cipher) 128)
- (string= "B1" ciphmode)
- (string= "B8" ciphmode))
+ ;; Shouldn't we prevent their use outside the testsuite
+ ;; as well? --SY.
+ (unless (or ;(< (ossl-cipher-bits cipher) 128)
+ (string= "B1" ciphmode)
+ (string= "B8" ciphmode)
+ (member cipher bad-ciphers))
(setq ciphers
(cons cipher ciphers)))))
(ossl-available-ciphers))
ciphers))
- (digests
- (let (digests)
- (mapc-internal
- #'(lambda (digest)
- (let ((digestname (symbol-name digest)))
- ;; only use digests without a dash in their names
- (unless (string-match "-" digestname)
- (setq digests
- (cons digest digests)))))
- (ossl-available-digests))
- digests))
+ ;; Digests
+ ;; Sebastian had initially only used digests that didn't have
+ ;; a dash in their name, I'm not sure what his reasoning was,
+ ;; perhaps just to speed up running the testsuite, I dunno.
+ ;; But I say we should test them ALL. :-) --SY.
+ (digests (ossl-available-digests))
+ ;; (digests
+ ;; (let (digests)
+ ;; (mapc-internal
+ ;; #'(lambda (digest)
+ ;; (let ((digestname (symbol-name digest)))
+ ;; ;; only use digests without a dash in their names
+ ;; (unless (string-match "-" digestname)
+ ;; (setq digests
+ ;; (cons digest digests)))))
+ ;; (ossl-available-digests))
+ ;; digests))
key iv
enc dec)
iv (get key 'iv))
(setq dec ;; the encrypted text
(ossl-decrypt cipher enc key iv))
-
(eval `(Assert (string-equal ,dec ,str)))
;; let's doubly-encrypt something