From 15d7124661e79a87f389be39fc21524fa0f30cc3 Mon Sep 17 00:00:00 2001 From: Joe Subbiani Date: Mon, 26 Jul 2021 12:20:00 +0100 Subject: [PATCH] Replace lists with calls to translate_ciphersuite.py Replace the OpenSSL $O_CIPHERS and GNU $G_CIPHERS declarations with calls to translate_ciphersuite.py Declared a new variable for each sublist $CIPHERS which is appended to MBedTLS $M_CIPHERS and translated+appended to the OpenSSL and GNU lists. Fixes #4674 Signed-off-by: Joe Subbiani --- tests/compat.sh | 391 ++++++++++----------------------- tests/test_translate_format.sh | 18 +- 2 files changed, 120 insertions(+), 289 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index c2bef26121..04b4dd521c 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -246,51 +246,38 @@ add_common_ciphersuites() "ECDSA") if [ `minor_ver "$MODE"` -gt 0 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-NULL-SHA \ + CIPHERS="TLS-ECDHE-ECDSA-WITH-NULL-SHA \ TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \ TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \ TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+NULL:+SHA1 \ - +ECDHE-ECDSA:+3DES-CBC:+SHA1 \ - +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \ - +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ECDSA-NULL-SHA \ - ECDHE-ECDSA-DES-CBC3-SHA \ - ECDHE-ECDSA-AES128-SHA \ - ECDHE-ECDSA-AES256-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ + CIPHERS="TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \ TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \ - +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \ - +ECDHE-ECDSA:+AES-128-GCM:+AEAD \ - +ECDHE-ECDSA:+AES-256-GCM:+AEAD \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ECDSA-AES128-SHA256 \ - ECDHE-ECDSA-AES256-SHA384 \ - ECDHE-ECDSA-AES128-GCM-SHA256 \ - ECDHE-ECDSA-AES256-GCM-SHA384 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi ;; "RSA") - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + CIPHERS="TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ TLS-DHE-RSA-WITH-AES-256-CBC-SHA \ TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \ TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \ @@ -303,59 +290,32 @@ add_common_ciphersuites() TLS-RSA-WITH-NULL-MD5 \ TLS-RSA-WITH-NULL-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +DHE-RSA:+AES-128-CBC:+SHA1 \ - +DHE-RSA:+AES-256-CBC:+SHA1 \ - +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \ - +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \ - +DHE-RSA:+3DES-CBC:+SHA1 \ - +RSA:+AES-256-CBC:+SHA1 \ - +RSA:+CAMELLIA-256-CBC:+SHA1 \ - +RSA:+AES-128-CBC:+SHA1 \ - +RSA:+CAMELLIA-128-CBC:+SHA1 \ - +RSA:+3DES-CBC:+SHA1 \ - +RSA:+NULL:+MD5 \ - +RSA:+NULL:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - DHE-RSA-AES128-SHA \ - DHE-RSA-AES256-SHA \ - DHE-RSA-CAMELLIA128-SHA \ - DHE-RSA-CAMELLIA256-SHA \ - EDH-RSA-DES-CBC3-SHA \ - AES256-SHA \ - CAMELLIA256-SHA \ - AES128-SHA \ - CAMELLIA128-SHA \ - DES-CBC3-SHA \ - NULL-MD5 \ - NULL-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" + if [ `minor_ver "$MODE"` -gt 0 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ + CIPHERS="TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \ TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \ TLS-ECDHE-RSA-WITH-NULL-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-RSA:+AES-128-CBC:+SHA1 \ - +ECDHE-RSA:+AES-256-CBC:+SHA1 \ - +ECDHE-RSA:+3DES-CBC:+SHA1 \ - +ECDHE-RSA:+NULL:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - ECDHE-RSA-AES256-SHA \ - ECDHE-RSA-AES128-SHA \ - ECDHE-RSA-DES-CBC3-SHA \ - ECDHE-RSA-NULL-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-AES-128-CBC-SHA256 \ + CIPHERS="TLS-RSA-WITH-AES-128-CBC-SHA256 \ TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \ TLS-RSA-WITH-AES-256-CBC-SHA256 \ TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \ @@ -368,54 +328,28 @@ add_common_ciphersuites() TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \ " - G_CIPHERS="$G_CIPHERS \ - +RSA:+AES-128-CBC:+SHA256 \ - +DHE-RSA:+AES-128-CBC:+SHA256 \ - +RSA:+AES-256-CBC:+SHA256 \ - +DHE-RSA:+AES-256-CBC:+SHA256 \ - +ECDHE-RSA:+AES-128-CBC:+SHA256 \ - +ECDHE-RSA:+AES-256-CBC:+SHA384 \ - +RSA:+AES-128-GCM:+AEAD \ - +RSA:+AES-256-GCM:+AEAD \ - +DHE-RSA:+AES-128-GCM:+AEAD \ - +DHE-RSA:+AES-256-GCM:+AEAD \ - +ECDHE-RSA:+AES-128-GCM:+AEAD \ - +ECDHE-RSA:+AES-256-GCM:+AEAD \ - " - O_CIPHERS="$O_CIPHERS \ - NULL-SHA256 \ - AES128-SHA256 \ - DHE-RSA-AES128-SHA256 \ - AES256-SHA256 \ - DHE-RSA-AES256-SHA256 \ - ECDHE-RSA-AES128-SHA256 \ - ECDHE-RSA-AES256-SHA384 \ - AES128-GCM-SHA256 \ - DHE-RSA-AES128-GCM-SHA256 \ - AES256-GCM-SHA384 \ - DHE-RSA-AES256-GCM-SHA384 \ - ECDHE-RSA-AES128-GCM-SHA256 \ - ECDHE-RSA-AES256-GCM-SHA384 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS NULL-SHA256 $O" fi ;; "PSK") - M_CIPHERS="$M_CIPHERS \ - TLS-PSK-WITH-3DES-EDE-CBC-SHA \ + CIPHERS="TLS-PSK-WITH-3DES-EDE-CBC-SH \ TLS-PSK-WITH-AES-128-CBC-SHA \ TLS-PSK-WITH-AES-256-CBC-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +PSK:+3DES-CBC:+SHA1 \ - +PSK:+AES-128-CBC:+SHA1 \ - +PSK:+AES-256-CBC:+SHA1 \ - " - O_CIPHERS="$O_CIPHERS \ - PSK-3DES-EDE-CBC-SHA \ - PSK-AES128-CBC-SHA \ - PSK-AES256-CBC-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" ;; esac } @@ -437,23 +371,19 @@ add_openssl_ciphersuites() "ECDSA") if [ `minor_ver "$MODE"` -gt 0 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-NULL-SHA \ + CIPHERS="TLS-ECDH-ECDSA-WITH-NULL-SHA \ TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \ TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \ TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ " - O_CIPHERS="$O_CIPHERS \ - ECDH-ECDSA-NULL-SHA \ - ECDH-ECDSA-DES-CBC3-SHA \ - ECDH-ECDSA-AES128-SHA \ - ECDH-ECDSA-AES256-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ + CIPHERS="TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \ TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \ @@ -461,31 +391,25 @@ add_openssl_ciphersuites() TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \ TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ " - O_CIPHERS="$O_CIPHERS \ - ECDH-ECDSA-AES128-SHA256 \ - ECDH-ECDSA-AES256-SHA384 \ - ECDH-ECDSA-AES128-GCM-SHA256 \ - ECDH-ECDSA-AES256-GCM-SHA384 \ - ECDHE-ECDSA-ARIA256-GCM-SHA384 \ - ECDHE-ECDSA-ARIA128-GCM-SHA256 \ - ECDHE-ECDSA-CHACHA20-POLY1305 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi ;; "RSA") - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-DES-CBC-SHA \ + CIPHERS="TLS-RSA-WITH-DES-CBC-SHA \ TLS-DHE-RSA-WITH-DES-CBC-SHA \ " - O_CIPHERS="$O_CIPHERS \ - DES-CBC-SHA \ - EDH-RSA-DES-CBC-SHA \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" + if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ + CIPHERS="TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \ TLS-RSA-WITH-ARIA-256-GCM-SHA384 \ TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \ @@ -494,24 +418,17 @@ add_openssl_ciphersuites() TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ " - O_CIPHERS="$O_CIPHERS \ - ECDHE-ARIA256-GCM-SHA384 \ - DHE-RSA-ARIA256-GCM-SHA384 \ - ARIA256-GCM-SHA384 \ - ECDHE-ARIA128-GCM-SHA256 \ - DHE-RSA-ARIA128-GCM-SHA256 \ - ARIA128-GCM-SHA256 \ - DHE-RSA-CHACHA20-POLY1305 \ - ECDHE-RSA-CHACHA20-POLY1305 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi ;; "PSK") if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ + CIPHERS="TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ @@ -519,15 +436,10 @@ add_openssl_ciphersuites() TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ " - O_CIPHERS="$O_CIPHERS \ - DHE-PSK-ARIA256-GCM-SHA384 \ - DHE-PSK-ARIA128-GCM-SHA256 \ - PSK-ARIA256-GCM-SHA384 \ - PSK-ARIA128-GCM-SHA256 \ - DHE-PSK-CHACHA20-POLY1305 \ - ECDHE-PSK-CHACHA20-POLY1305 \ - PSK-CHACHA20-POLY1305 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + O=`python3 translate_ciphers.py o "$CIPHERS"` + O_CIPHERS="$O_CIPHERS $O" fi ;; esac @@ -543,43 +455,34 @@ add_gnutls_ciphersuites() "ECDSA") if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ - " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \ - +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \ - +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \ - +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \ - +ECDHE-ECDSA:+AES-128-CCM:+AEAD \ - +ECDHE-ECDSA:+AES-256-CCM:+AEAD \ - +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \ - +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \ + CIPHERS="TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ + TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ + TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ + TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ + TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" fi ;; "RSA") if [ `minor_ver "$MODE"` -gt 0 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-RSA-WITH-NULL-SHA256 \ - " - G_CIPHERS="$G_CIPHERS \ - +RSA:+NULL:+SHA256 \ - " + CIPHERS="TLS-RSA-WITH-NULL-SHA256" + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" fi if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ + CIPHERS="TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ @@ -600,65 +503,41 @@ add_gnutls_ciphersuites() TLS-DHE-RSA-WITH-AES-128-CCM-8 \ TLS-DHE-RSA-WITH-AES-256-CCM-8 \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ - +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \ - +RSA:+CAMELLIA-128-CBC:+SHA256 \ - +RSA:+CAMELLIA-256-CBC:+SHA256 \ - +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ - +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \ - +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \ - +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \ - +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \ - +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \ - +RSA:+CAMELLIA-128-GCM:+AEAD \ - +RSA:+CAMELLIA-256-GCM:+AEAD \ - +RSA:+AES-128-CCM:+AEAD \ - +RSA:+AES-256-CCM:+AEAD \ - +RSA:+AES-128-CCM-8:+AEAD \ - +RSA:+AES-256-CCM-8:+AEAD \ - +DHE-RSA:+AES-128-CCM:+AEAD \ - +DHE-RSA:+AES-256-CCM:+AEAD \ - +DHE-RSA:+AES-128-CCM-8:+AEAD \ - +DHE-RSA:+AES-256-CCM-8:+AEAD \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" fi ;; "PSK") - M_CIPHERS="$M_CIPHERS \ - TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ + CIPHERS="TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +DHE-PSK:+3DES-CBC:+SHA1 \ - +DHE-PSK:+AES-128-CBC:+SHA1 \ - +DHE-PSK:+AES-256-CBC:+SHA1 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + if [ `minor_ver "$MODE"` -gt 0 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ + CIPHERS="TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \ TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \ TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-PSK:+3DES-CBC:+SHA1 \ - +ECDHE-PSK:+AES-128-CBC:+SHA1 \ - +ECDHE-PSK:+AES-256-CBC:+SHA1 \ - +RSA-PSK:+3DES-CBC:+SHA1 \ - +RSA-PSK:+AES-256-CBC:+SHA1 \ - +RSA-PSK:+AES-128-CBC:+SHA1 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" + fi if [ `minor_ver "$MODE"` -ge 3 ] then - M_CIPHERS="$M_CIPHERS \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ + CIPHERS="TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ @@ -703,52 +582,10 @@ add_gnutls_ciphersuites() TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ " - G_CIPHERS="$G_CIPHERS \ - +ECDHE-PSK:+AES-256-CBC:+SHA384 \ - +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +ECDHE-PSK:+AES-128-CBC:+SHA256 \ - +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+AES-128-CBC:+SHA256 \ - +PSK:+AES-256-CBC:+SHA384 \ - +DHE-PSK:+AES-128-CBC:+SHA256 \ - +DHE-PSK:+AES-256-CBC:+SHA384 \ - +RSA-PSK:+AES-256-CBC:+SHA384 \ - +RSA-PSK:+AES-128-CBC:+SHA256 \ - +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+CAMELLIA-256-CBC:+SHA384 \ - +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \ - +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \ - +PSK:+AES-128-GCM:+AEAD \ - +PSK:+AES-256-GCM:+AEAD \ - +DHE-PSK:+AES-128-GCM:+AEAD \ - +DHE-PSK:+AES-256-GCM:+AEAD \ - +PSK:+AES-128-CCM:+AEAD \ - +PSK:+AES-256-CCM:+AEAD \ - +DHE-PSK:+AES-128-CCM:+AEAD \ - +DHE-PSK:+AES-256-CCM:+AEAD \ - +PSK:+AES-128-CCM-8:+AEAD \ - +PSK:+AES-256-CCM-8:+AEAD \ - +DHE-PSK:+AES-128-CCM-8:+AEAD \ - +DHE-PSK:+AES-256-CCM-8:+AEAD \ - +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \ - +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \ - +PSK:+CAMELLIA-128-GCM:+AEAD \ - +PSK:+CAMELLIA-256-GCM:+AEAD \ - +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \ - +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \ - +RSA-PSK:+AES-256-GCM:+AEAD \ - +RSA-PSK:+AES-128-GCM:+AEAD \ - +ECDHE-PSK:+NULL:+SHA384 \ - +ECDHE-PSK:+NULL:+SHA256 \ - +PSK:+NULL:+SHA256 \ - +PSK:+NULL:+SHA384 \ - +DHE-PSK:+NULL:+SHA256 \ - +DHE-PSK:+NULL:+SHA384 \ - +RSA-PSK:+NULL:+SHA256 \ - +RSA-PSK:+NULL:+SHA384 \ - " + M_CIPHERS="$M_CIPHERS $CIPHERS" + + G=`python3 translate_ciphers.py g "$CIPHERS"` + G_CIPHERS="$G_CIPHERS $G" fi ;; esac diff --git a/tests/test_translate_format.sh b/tests/test_translate_format.sh index 55d8a8a8e8..241db47398 100755 --- a/tests/test_translate_format.sh +++ b/tests/test_translate_format.sh @@ -46,16 +46,13 @@ CIPHERS="TLS-ECDHE-ECDSA-WITH-NULL-SHA \ TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ " -M_CIPHERS="$M_CIPHERS \ - $CIPHERS" +M_CIPHERS="$M_CIPHERS $CIPHERS" G=`python3 translate_ciphers.py g "$CIPHERS"` -G_CIPHERS="$G_CIPHERS \ - $G" +G_CIPHERS="$G_CIPHERS $G" O=`python3 translate_ciphers.py o "$CIPHERS"` -O_CIPHERS="$O_CIPHERS \ - $O" +O_CIPHERS="$O_CIPHERS $O" Mt_CIPHERS="$Mt_CIPHERS \ TLS-ECDHE-ECDSA-WITH-NULL-SHA \ @@ -84,16 +81,13 @@ CIPHERS="TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ " -M_CIPHERS="$M_CIPHERS \ - $CIPHERS" +M_CIPHERS="$M_CIPHERS $CIPHERS" G=`python3 translate_ciphers.py g "$CIPHERS"` -G_CIPHERS="$G_CIPHERS \ - $G" +G_CIPHERS="$G_CIPHERS $G" O=`python3 translate_ciphers.py o "$CIPHERS"` -O_CIPHERS="$O_CIPHERS \ - $O" +O_CIPHERS="$O_CIPHERS $O" Mt_CIPHERS="$Mt_CIPHERS \ TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \