Skip to content

Commit 24c2e22

Browse files
SynssSynss
committed
tests: Do no test with ARIA as it is optional
- Avoid using ARIA in the tests as it may be disabled. - Modify README example to use stronger ciphers.
1 parent 54b4d1b commit 24c2e22

File tree

2 files changed

+37
-14
lines changed

2 files changed

+37
-14
lines changed

README.rst

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -613,8 +613,11 @@ and the server configuration receives the key store as a
613613

614614
>>> srv_conf = tls.DTLSConfiguration(
615615
... ciphers=(
616-
... "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
617-
... "TLS-PSK-WITH-AES-128-CBC-SHA256",
616+
... # PSK Requires the selection PSK ciphers.
617+
... "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
618+
... "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
619+
... "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
620+
... "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
618621
... ),
619622
... pre_shared_key_store={
620623
... "client0": b"a secret",

tests/test_tls.py

Lines changed: 32 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -546,9 +546,14 @@ class TestTLS_PSKAuthentication(_TLSCommunicationBase):
546546
@pytest.fixture(scope="class")
547547
def ciphers(self):
548548
return (
549-
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
550-
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
551-
"TLS-PSK-WITH-AES-128-CBC-SHA256",
549+
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
550+
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
551+
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
552+
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
553+
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
554+
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
555+
"TLS-PSK-WITH-AES-256-CBC-SHA",
556+
"TLS-PSK-WITH-AES-128-CBC-SHA",
552557
)
553558

554559
@pytest.fixture(scope="class")
@@ -568,9 +573,14 @@ class TestDTLS_PSKAuthentication(_DTLSCommunicationBase):
568573
@pytest.fixture(scope="class")
569574
def ciphers(self):
570575
return (
571-
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
572-
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
573-
"TLS-PSK-WITH-AES-128-CBC-SHA256",
576+
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
577+
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
578+
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
579+
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
580+
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
581+
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
582+
"TLS-PSK-WITH-AES-256-CBC-SHA",
583+
"TLS-PSK-WITH-AES-128-CBC-SHA",
574584
)
575585

576586
@pytest.fixture(scope="class")
@@ -590,9 +600,14 @@ class TestTLS_PSKAuthenticationFailure(_TLSCommunicationBase):
590600
@pytest.fixture(scope="class")
591601
def ciphers(self):
592602
return (
593-
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
594-
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
595-
"TLS-PSK-WITH-AES-128-CBC-SHA256",
603+
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
604+
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
605+
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
606+
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
607+
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
608+
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
609+
"TLS-PSK-WITH-AES-256-CBC-SHA",
610+
"TLS-PSK-WITH-AES-128-CBC-SHA",
596611
)
597612

598613
@pytest.fixture(
@@ -620,9 +635,14 @@ class TestDTLS_PSKAuthenticationFailure(_DTLSCommunicationBase):
620635
@pytest.fixture(scope="class")
621636
def ciphers(self):
622637
return (
623-
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
624-
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
625-
"TLS-PSK-WITH-AES-128-CBC-SHA256",
638+
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
639+
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
640+
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
641+
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
642+
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
643+
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
644+
"TLS-PSK-WITH-AES-256-CBC-SHA",
645+
"TLS-PSK-WITH-AES-128-CBC-SHA",
626646
)
627647

628648
@pytest.fixture(

0 commit comments

Comments
 (0)