Limit number ffdh test cases (ffdhe2048, ffdhe8192)

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-06-14 20:53:09 +02:00
parent 0c23147456
commit a53dca125e
3 changed files with 2 additions and 10214 deletions

File diff suppressed because it is too large Load diff

View file

@ -68,9 +68,6 @@ NAMED_GROUP_IANA_VALUE = {
'x25519': 0x1d, 'x25519': 0x1d,
'x448': 0x1e, 'x448': 0x1e,
'ffdhe2048': 0x100, 'ffdhe2048': 0x100,
'ffdhe3072': 0x101,
'ffdhe4096': 0x102,
'ffdhe6144': 0x103,
'ffdhe8192': 0x104, 'ffdhe8192': 0x104,
} }
@ -152,9 +149,6 @@ class OpenSSLBase(TLSProgram):
'x25519': 'X25519', 'x25519': 'X25519',
'x448': 'X448', 'x448': 'X448',
'ffdhe2048': 'ffdhe2048', 'ffdhe2048': 'ffdhe2048',
'ffdhe3072': 'ffdhe3072',
'ffdhe4096': 'ffdhe4096',
'ffdhe6144': 'ffdhe6144',
'ffdhe8192': 'ffdhe8192', 'ffdhe8192': 'ffdhe8192',
} }
@ -186,7 +180,7 @@ class OpenSSLBase(TLSProgram):
ret = ["requires_openssl_tls1_3"] ret = ["requires_openssl_tls1_3"]
# ffdh groups require at least openssl 3.0 # ffdh groups require at least openssl 3.0
ffdh_groups = ['ffdhe2048', 'ffdhe3072', 'ffdhe4096', 'ffdhe6144', 'ffdhe8192'] ffdh_groups = ['ffdhe2048', 'ffdhe8192']
if any(x in ffdh_groups for x in self._named_groups): if any(x in ffdh_groups for x in self._named_groups):
ret.append('requires_openssl_3_x') ret.append('requires_openssl_3_x')
@ -264,9 +258,6 @@ class GnuTLSBase(TLSProgram):
'x25519': ['GROUP-X25519'], 'x25519': ['GROUP-X25519'],
'x448': ['GROUP-X448'], 'x448': ['GROUP-X448'],
'ffdhe2048': ['GROUP-FFDHE2048'], 'ffdhe2048': ['GROUP-FFDHE2048'],
'ffdhe3072': ['GROUP-FFDHE3072'],
'ffdhe4096': ['GROUP-FFDHE4096'],
'ffdhe6144': ['GROUP-FFDHE6144'],
'ffdhe8192': ['GROUP-FFDHE8192'], 'ffdhe8192': ['GROUP-FFDHE8192'],
} }

View file

@ -695,7 +695,7 @@ requires_openssl_3_x() {
OPENSSL_3_X_AVAILABLE="NO" OPENSSL_3_X_AVAILABLE="NO"
fi fi
if [ -z "${OPENSSL_3_X_AVAILABLE:-}" ]; then if [ -z "${OPENSSL_3_X_AVAILABLE:-}" ]; then
if which $OPENSSL_NEXT 2>&1 | grep openssl-3 >/dev/null if $OPENSSL_NEXT version 2>&1 | grep "OpenSSL 3." >/dev/null
then then
OPENSSL_3_X_AVAILABLE="YES" OPENSSL_3_X_AVAILABLE="YES"
else else