tests: updated for AES-128-CCM ciphersuites

2 files changed, 23 insertions, 13 deletions

diff --git a/tests/priorities.c b/tests/priorities.c
index 7b9de3cc64..ce46955dd5 100644
--- a/tests/priorities.c
+++ b/tests/priorities.c
@@ -79,7 +79,7 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
 			fprintf(stderr, "%s\n",
 				gnutls_cipher_get_name(t[i]));
 #endif
-		fail("expected %d ciphers, found %d\n", expected_ciphers,
+		fail("%s: expected %d ciphers, found %d\n", prio, expected_ciphers,
 		     ret);
 		exit(1);
 	}
@@ -92,7 +92,7 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
 		success("finished: %s\n", prio);
 
 	if (count != expected_cs) {
-		fail("expected %d ciphersuites, found %d\n", expected_cs,
+		fail("%s: expected %d ciphersuites, found %d\n", prio, expected_cs,
 		     count);
 		exit(1);
 	}
@@ -100,21 +100,21 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
 
 void doit(void)
 {
-	const int normal = 66;
+	const int normal = 72;
 	const int null = 5;
-	const int sec128 = 56;
+	const int sec128 = 62;
 
-	try_prio("NORMAL", normal, 10);
-	try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 10);
-	try_prio("NORMAL:+CIPHER-ALL", normal, 10);	/* all (except null) */
+	try_prio("NORMAL", normal, 12);
+	try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 12);
+	try_prio("NORMAL:+CIPHER-ALL", normal, 12);	/* all (except null) */
 	try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1);	/* null */
-	try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 11);	/* should be null + all */
+	try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 13);	/* should be null + all */
 	try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 10, 1);	/* should be null + all */
-	try_prio("PERFORMANCE", normal, 10);
-	try_prio("SECURE256", 20, 4);
-	try_prio("SECURE128", sec128, 8);
-	try_prio("SECURE128:+SECURE256", sec128, 8);	/* should be the same as SECURE128 */
-	try_prio("SECURE128:+SECURE256:+NORMAL", normal, 10);	/* should be the same as NORMAL */
+	try_prio("PERFORMANCE", normal, 12);
+	try_prio("SECURE256", 23, 5);
+	try_prio("SECURE128", sec128, 10);
+	try_prio("SECURE128:+SECURE256", sec128, 10);	/* should be the same as SECURE128 */
+	try_prio("SECURE128:+SECURE256:+NORMAL", normal, 12);	/* should be the same as NORMAL */
 	try_prio("SUITEB192", 1, 1);
 }
 
diff --git a/tests/suite/testcompat-main-polarssl b/tests/suite/testcompat-main-polarssl
index 2ac7956dfe..292354736a 100755
--- a/tests/suite/testcompat-main-polarssl
+++ b/tests/suite/testcompat-main-polarssl
@@ -245,6 +245,16 @@ $POLARSSL_CLI  server_name=localhost min_version=tls1_2 max_version=tls1_2 serve
 kill $PID
 wait
 
+echo "Check TLS 1.2 with AES-128-CCM-DHE-RSA ciphersuite"
+launch_server $$  --priority "NONE:-CIPHER-ALL:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA$ADD" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$POLARSSL_CLI  server_name=localhost min_version=tls1_2 max_version=tls1_2 server_port=$PORT crt_file=$CLI_CERT key_file=$CLI_KEY ca_file=$CA_CERT </dev/null >>$LOGFILE 2>&1 || \
+  fail $PID "Failed"
+
+kill $PID
+wait
+
 #echo "Check TLS 1.2 with DHE-DSS ciphersuite"
 #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS$ADD" --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh  & PID=$!
 #wait_server $PID