tls: Add a test case to check correct enum name mapping of cipher suites

3 files changed, 250 insertions, 0 deletions

diff --git a/src/libtls/tests/Makefile.am b/src/libtls/tests/Makefile.am
index 94f321bbd..1c0e2f941 100644
--- a/src/libtls/tests/Makefile.am
+++ b/src/libtls/tests/Makefile.am
@@ -4,6 +4,7 @@ check_PROGRAMS = $(TESTS)
 
 tls_tests_SOURCES = \
 	suites/test_socket.c \
+	suites/test_suites.c \
 	tls_tests.h tls_tests.c
 
 tls_tests_CFLAGS = \
@@ -17,4 +18,5 @@ tls_tests_CFLAGS = \
 tls_tests_LDFLAGS = @COVERAGE_LDFLAGS@
 tls_tests_LDADD = \
 	$(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libstrongswan/libstrongswan.la \
 	$(top_builddir)/src/libstrongswan/tests/libtest.la
diff --git a/src/libtls/tests/suites/test_suites.c b/src/libtls/tests/suites/test_suites.c
new file mode 100644
index 000000000..f8ae12eb3
--- /dev/null
+++ b/src/libtls/tests/suites/test_suites.c
@@ -0,0 +1,247 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_suite.h>
+
+#include <unistd.h>
+
+#include "tls_crypto.h"
+
+START_TEST(test_cipher_names)
+{
+	char buf[128];
+
+#define CHECK_NAME(x) { \
+	snprintf(buf, sizeof(buf), "%N", tls_cipher_suite_names, x); \
+	ck_assert_str_eq(#x, buf); }
+
+	CHECK_NAME(TLS_NULL_WITH_NULL_NULL);
+	CHECK_NAME(TLS_RSA_WITH_NULL_MD5);
+	CHECK_NAME(TLS_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_RSA_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5);
+	CHECK_NAME(TLS_RSA_WITH_IDEA_CBC_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_DH_anon_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_IDEA_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_DES_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_3DES_EDE_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_IDEA_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC4_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA384);
+}
+END_TEST
+
+Suite *suites_suite_create()
+{
+	Suite *s;
+	TCase *tc;
+
+	s = suite_create("suites");
+
+	tc = tcase_create("cipher-names");
+	tcase_add_test(tc, test_cipher_names);
+	suite_add_tcase(s, tc);
+
+	return s;
+}
diff --git a/src/libtls/tests/tls_tests.h b/src/libtls/tests/tls_tests.h
index 2b6715a78..489b2ddb1 100644
--- a/src/libtls/tests/tls_tests.h
+++ b/src/libtls/tests/tls_tests.h
@@ -14,3 +14,4 @@
  */
 
 TEST_SUITE(socket_suite_create)
+TEST_SUITE(suites_suite_create)