diff --git a/tests/scripts/test_translate_ciphers_names.py b/tests/scripts/test_translate_ciphers_names.py index f6cfa6db5..c40d37697 100755 --- a/tests/scripts/test_translate_ciphers_names.py +++ b/tests/scripts/test_translate_ciphers_names.py @@ -17,21 +17,32 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# Purpose -# -# Test translate_ciphers.py by running every MBedTLS ciphersuite name -# combination through the translate functions and comparing them to their -# correct GNUTLS or OpenSSL counterpart. -from translate_ciphers import * +""" +Test translate_ciphers.py by running every MBedTLS ciphersuite name +combination through the translate functions and comparing them to their +correct GNUTLS or OpenSSL counterpart. +""" + +from translate_ciphers import translate_gnutls, translate_ossl def assert_equal(translate, original): + """ + Compare the translated ciphersuite name against the original + On fail, print the mismatch on the screen to directly compare the + differences + """ try: - assert(translate == original) + assert translate == original except AssertionError: print("%s\n%s\n" %(translate, original)) def test_all_common(): + """ + Translate the MBedTLS ciphersuite names to the common OpenSSL and + GnuTLS ciphersite names, and compare them with the true, expected + corresponding OpenSSL and GnuTLS ciphersuite names + """ m_ciphers = [ "TLS-ECDHE-ECDSA-WITH-NULL-SHA", "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", @@ -172,15 +183,20 @@ def test_all_common(): "PSK-AES256-CBC-SHA", ] - for i in range(len(m_ciphers)): + for i, m_cipher in enumerate(m_ciphers): - g = translate_gnutls(m_ciphers[i]) + g = translate_gnutls(m_cipher) assert_equal(g, g_ciphers[i]) - o = translate_ossl(m_ciphers[i]) + o = translate_ossl(m_cipher) assert_equal(o, o_ciphers[i]) def test_mbedtls_ossl_common(): + """ + Translate the MBedTLS ciphersuite names to the common OpenSSL + ciphersite names, and compare them with the true, expected + corresponding OpenSSL ciphersuite name + """ m_ciphers = [ "TLS-ECDH-ECDSA-WITH-NULL-SHA", "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", @@ -250,12 +266,17 @@ def test_mbedtls_ossl_common(): "DHE-PSK-CHACHA20-POLY1305", ] - for i in range(len(m_ciphers)): + for i, m_cipher in enumerate(m_ciphers): - o = translate_ossl(m_ciphers[i]) + o = translate_ossl(m_cipher) assert_equal(o, o_ciphers[i]) def test_mbedtls_gnutls_common(): + """ + Translate the MBedTLS ciphersuite names to the common GnuTLS + ciphersite names, and compare them with the true, expected + corresponding GnuTLS ciphersuite names + """ m_ciphers = [ "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", @@ -435,9 +456,9 @@ def test_mbedtls_gnutls_common(): "+RSA-PSK:+AES-128-GCM:+AEAD", ] - for i in range(len(m_ciphers)): + for i, m_ciphers in enumerate(m_ciphers): - g = translate_gnutls(m_ciphers[i]) + g = translate_gnutls(m_ciphers) assert_equal(g, g_ciphers[i]) test_all_common() diff --git a/tests/scripts/translate_ciphers.py b/tests/scripts/translate_ciphers.py index 2f1543c04..66c878ac3 100755 --- a/tests/scripts/translate_ciphers.py +++ b/tests/scripts/translate_ciphers.py @@ -16,23 +16,27 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# -# Purpose -# -# Translate ciphersuite names in MBedTLS format to OpenSSL and GNUTLS -# standards. -# -# Format and analyse strings past in via input arguments to match -# the expected strings utilised in compat.sh. -# -# sys.argv[1] should be "g" or "o" for GNUTLS or OpenSSL. -# sys.argv[2] should be a string containing one or more -# ciphersuite names. + +""" +Translate ciphersuite names in MBedTLS format to OpenSSL and GNUTLS +standards. + +Format and analyse strings past in via input arguments to match +the expected strings utilised in compat.sh. + +sys.argv[1] should be "g" or "o" for GNUTLS or OpenSSL. +sys.argv[2] should be a string containing one or more ciphersuite names. +""" import re import sys def translate_gnutls(m_cipher): + """ + Translate m_cipher from MBedTLS ciphersuite naming convention + and return the GnuTLS naming convention + """ + # Remove "TLS-" # Replace "-WITH-" with ":+" # Remove "EDE" @@ -51,13 +55,18 @@ def translate_gnutls(m_cipher): # Replace the last "-" with ":+" # Replace "GCM:+SHAxyz" with "GCM:+AEAD" else: - index=m_cipher.rindex("-") + index = m_cipher.rindex("-") m_cipher = m_cipher[:index]+":+"+m_cipher[index+1:] m_cipher = re.sub(r"GCM\:\+SHA\d\d\d", "GCM:+AEAD", m_cipher) return m_cipher def translate_ossl(m_cipher): + """ + Translate m_cipher from MBedTLS ciphersuite naming convention + and return the OpenSSL naming convention + """ + # Remove "TLS-" # Remove "WITH" m_cipher = m_cipher[4:] @@ -89,7 +98,7 @@ def translate_ossl(m_cipher): # POLY1305 should not be followed by anything if "POLY1305" in m_cipher: index = m_cipher.rindex("POLY1305") - m_cipher=m_cipher[:index+8] + m_cipher = m_cipher[:index+8] # If DES is being used, Replace DHE with EDH if "DES" in m_cipher and "DHE" in m_cipher and "ECDHE" not in m_cipher: @@ -101,9 +110,9 @@ def format_ciphersuite_names(mode, ciphers): try: t = {"g": translate_gnutls, "o": translate_ossl}[mode] return " ".join(t(c) for c in ciphers.split()) - except Exception as E: - if E != mode: print(E) - else: print("Incorrect use of argument 1, should be either \"g\" or \"o\"") + except (KeyError) as e: + print(e) + print("Incorrect use of argument 1, should be either \"g\" or \"o\"") sys.exit(1) def main():