X-Git-Url: http://cgit.sxemacs.org/?p=sxemacs;a=blobdiff_plain;f=tests%2Fautomated%2Fopenssl-tests.el;h=c8e0265fc0391399b5759670fd4705719695c6bd;hp=75efcaa133012f63222945ea77ddbb585271ac80;hb=7e2aadc60f8269eee4b8a8b9fb072d0c31141a78;hpb=0f847ef0829d1cacba92319bf0bb5836d3df08cb

diff --git a/tests/automated/openssl-tests.el b/tests/automated/openssl-tests.el
index 75efcaa..c8e0265 100644
--- a/tests/automated/openssl-tests.el
+++ b/tests/automated/openssl-tests.el
@@ -221,6 +221,13 @@
   (Assert (member 'AES-192-CFB (ossl-available-ciphers)))
   (Assert (member 'AES-192-OFB (ossl-available-ciphers)))
 
+  ;; blacklisted ciphers should give us an error
+  (mapc-internal
+   #'(lambda (cipher)
+       (Check-Error-Message error "use of blacklisted cipher prohibited"
+			    (ossl-cipher-mode cipher)))
+   ossl-cipher-blacklist)
+
   ;; first we check the key generator
   (let ((encstrs
 	 (list "foo string test bar"
@@ -228,54 +235,8 @@
 	       "\n"))
 	(salts
 	 (list nil "salt" "" "toomuchsalt"))
-	;; Ciphers
-	(ciphers
-	 ;; We seem to have issues with the following ciphers.  Not
-	 ;; sure yet if it is SXEmacs bug, or OpenSSL bug.  But perhaps
-	 ;; we should prevent them from being used at all with our ssl
-	 ;; code instead of just conveniently ignoring them in the
-	 ;; testsuite? --SY.
-	 (let ((bad-ciphers '(id-smime-alg-CMS3DESwrap
-			      id-aes128-wrap id-aes192-wrap id-aes256-wrap
-			      id-aes128-GCM id-aes128-CCM id-aes192-GCM
-			      id-aes192-CCM id-aes256-GCM id-aes256-CCM
-			      AES-128-XTS AES-256-XTS))
-	       ciphers)
-	   (mapc-internal
-	    #'(lambda (cipher)
-		(let ((ciphmode (substring (symbol-name cipher) -2)))
-		  ;; Never use CFB1 and CFB8 modes.
-		  ;; Both modes tend to mangle the result strings which
-		  ;; yields an assertion error.
-		  ;; Bug in openssl?
-		  ;; -hroptatyr
-		  ;; Shouldn't we prevent their use outside the testsuite
-		  ;; as well? --SY.
-		  (unless (or ;(< (ossl-cipher-bits cipher) 128)
-			   (string= "B1" ciphmode)
-			   (string= "B8" ciphmode)
-			   (member cipher bad-ciphers))
-		    (setq ciphers
-			  (cons cipher ciphers)))))
-	    (ossl-available-ciphers))
-	   ciphers))
-	;; Digests
-	;; Sebastian had initially only used digests that didn't have
-	;; a dash in their name, I'm not sure what his reasoning was,
-	;; perhaps just to speed up running the testsuite, I dunno.
-	;; But I say we should test them ALL. :-) --SY.
+	(ciphers (ossl-available-ciphers))
 	(digests (ossl-available-digests))
-	;; (digests
-	;;  (let (digests)
-	;;    (mapc-internal
-	;;     #'(lambda (digest)
-	;; 	(let ((digestname (symbol-name digest)))
-	;; 	  ;; only use digests without a dash in their names
-	;; 	  (unless (string-match "-" digestname)
-	;; 	    (setq digests
-	;; 		  (cons digest digests)))))
-	;;     (ossl-available-digests))
-	;;    digests))
 	key iv
 	enc dec)