diff options
-rw-r--r-- | tests/slow/cipher-api-test.c | 64 |
1 files changed, 31 insertions, 33 deletions
diff --git a/tests/slow/cipher-api-test.c b/tests/slow/cipher-api-test.c index 66b164037d..94e462358d 100644 --- a/tests/slow/cipher-api-test.c +++ b/tests/slow/cipher-api-test.c @@ -40,6 +40,7 @@ int main(int argc, char **argv) #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> +#include <signal.h> #include <assert.h> #include <utils.h> @@ -48,14 +49,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "<%d>| %s", level, str); } -static unsigned error_detected = 0; - -static void custom_abrt(int sig) -{ - error_detected = 1; -} - -static void test_cipher(int algo, unsigned aead) +static void test_cipher(int algo, unsigned aead, int testmode) { int ret; gnutls_cipher_hd_t ch; @@ -100,11 +94,12 @@ static void test_cipher(int algo, unsigned aead) if (ret < 0) fail("could not add auth data\n"); - signal(SIGABRT, custom_abrt); - ret = gnutls_cipher_add_auth(ch, data, 16); - signal(SIGABRT, SIG_DFL); - if (ret >= 0 && error_detected == 0) - fail("succeeded in adding auth data data after partial data were given\n"); + if (testmode == 1) { + /* either fails or calls abort() via assert(): */ + ret = gnutls_cipher_add_auth(ch, data, 16); + if (ret >= 0) + fail("succeeded in adding auth data data after partial data were given\n"); + } } /* try encrypting in a way that violates nettle's AEAD conventions */ @@ -112,28 +107,28 @@ static void test_cipher(int algo, unsigned aead) if (ret < 0) fail("could not encrypt data\n"); - signal(SIGABRT, custom_abrt); - ret = gnutls_cipher_encrypt(ch, data, sizeof(data)); - signal(SIGABRT, SIG_DFL); - if (ret >= 0 && error_detected == 0) - fail("succeeded in encrypting partial data after partial data were given\n"); + if (testmode == 2) { + /* either fails or calls abort() via assert(): */ + ret = gnutls_cipher_encrypt(ch, data, sizeof(data)); + if (ret >= 0) + fail("succeeded in encrypting partial data after partial data were given\n"); + } } else { - /* try encrypting in a way that violates nettle's block conventions */ - signal(SIGABRT, custom_abrt); + /* try encrypting in a way that violates nettle's block conventions. + * it either fails or calls abort() via assert(): */ ret = gnutls_cipher_encrypt(ch, data, sizeof(data)-1); - signal(SIGABRT, SIG_DFL); - if (ret >= 0 && error_detected == 0) + if (ret >= 0) fail("succeeded in encrypting partial data on block cipher\n"); } + gnutls_cipher_deinit(ch); gnutls_global_deinit(); - return; } static -void start(const char *name, int algo, unsigned aead) +void start(const char *name, int algo, unsigned aead, int testmode) { pid_t child; @@ -154,22 +149,25 @@ void start(const char *name, int algo, unsigned aead) wait(&status); check_wait_status(status); } else { - test_cipher(algo,aead); + test_cipher(algo, aead, testmode); exit(0); } } void doit(void) { - start("aes128-gcm", GNUTLS_CIPHER_AES_128_GCM, 1); - start("aes256-gcm", GNUTLS_CIPHER_AES_256_GCM, 1); - start("aes128-cbc", GNUTLS_CIPHER_AES_128_CBC, 0); - start("aes256-cbc", GNUTLS_CIPHER_AES_256_CBC, 0); - start("3des-cbc", GNUTLS_CIPHER_3DES_CBC, 0); + start("aes128-gcm", GNUTLS_CIPHER_AES_128_GCM, 1, 0); + start("aes256-gcm", GNUTLS_CIPHER_AES_256_GCM, 1, 0); + start("aes128-cbc", GNUTLS_CIPHER_AES_128_CBC, 0, 1); + start("aes128-cbc", GNUTLS_CIPHER_AES_128_CBC, 0, 2); + start("aes256-cbc", GNUTLS_CIPHER_AES_256_CBC, 0, 1); + start("aes256-cbc", GNUTLS_CIPHER_AES_256_CBC, 0, 2); + start("3des-cbc", GNUTLS_CIPHER_3DES_CBC, 0, 1); + start("3des-cbc", GNUTLS_CIPHER_3DES_CBC, 0, 2); if (!gnutls_fips140_mode_enabled()) { - start("camellia128-gcm", GNUTLS_CIPHER_CAMELLIA_128_GCM, 1); - start("camellia256-gcm", GNUTLS_CIPHER_CAMELLIA_256_GCM, 1); - start("chacha20-poly1305", GNUTLS_CIPHER_CHACHA20_POLY1305, 1); + start("camellia128-gcm", GNUTLS_CIPHER_CAMELLIA_128_GCM, 1, 0); + start("camellia256-gcm", GNUTLS_CIPHER_CAMELLIA_256_GCM, 1, 0); + start("chacha20-poly1305", GNUTLS_CIPHER_CHACHA20_POLY1305, 1, 0); } } |