Skip to content

Random selection of DEFAULT_ALGORITHM in system tests at runtime

Nicki Křížek requested to merge 3503-random-default-algorithm-in-tests into main
  • Allow randomization of selected DEFAULT_ALGORITHM with the use of ALGORITHM_SET env var
  • Use ecc_default set for mkeys test in order to test either ECDSA or EDDSA algorithm.
  • See commit messages for other details.

Demonstration it works

  • this was with debug logging turned on, which isn't the default - linking the results here for the reviewer's pleasure

oraclelinux7

get_algorithms.py DEBUG choosing from ALGORITHM_SET "ecc_default"
get_algorithms.py DEBUG Command '/builds/isc-projects/bind9/bin/tests/system/testcrypto.sh -q ED25519' returned non-zero exit status 255.
get_algorithms.py INFO algorithm ED25519 not supported
get_algorithms.py DEBUG Command '/builds/isc-projects/bind9/bin/tests/system/testcrypto.sh -q ED448' returned non-zero exit status 255.
get_algorithms.py INFO algorithm ED448 not supported
get_algorithms.py INFO selected algorithms: {'DEFAULT_ALGORITHM': 'ECDSAP256SHA256', 'DEFAULT_ALGORITHM_NUMBER': '13', 'DEFAULT_BITS': '256', 'ALTERNATIVE_ALGORITHM': 'RSASHA256', 'ALTERNATIVE_ALGORITHM_NUMBER': '8', 'ALTERNATIVE_BITS': '1280', 'DISABLED_ALGORITHM': 'RSASHA1', 'DISABLED_ALGORITHM_NUMBER': '5', 'DISABLED_BITS': '1280'}

oraclelinux9

get_algorithms.py DEBUG choosing from ALGORITHM_SET "ecc_default"
get_algorithms.py INFO selected algorithms: {'DEFAULT_ALGORITHM': 'ECDSAP256SHA256', 'DEFAULT_ALGORITHM_NUMBER': '13', 'DEFAULT_BITS': '256', 'ALTERNATIVE_ALGORITHM': 'RSASHA256', 'ALTERNATIVE_ALGORITHM_NUMBER': '8', 'ALTERNATIVE_BITS': '1280', 'DISABLED_ALGORITHM': 'ECDSAP384SHA384', 'DISABLED_ALGORITHM_NUMBER': '14', 'DISABLED_BITS': '384'}

bullseye

get_algorithms.py DEBUG choosing from ALGORITHM_SET "ecc_default"
get_algorithms.py INFO selected algorithms: {'DEFAULT_ALGORITHM': 'ED448', 'DEFAULT_ALGORITHM_NUMBER': '16', 'DEFAULT_BITS': '456', 'ALTERNATIVE_ALGORITHM': 'RSASHA256', 'ALTERNATIVE_ALGORITHM_NUMBER': '8', 'ALTERNATIVE_BITS': '1280', 'DISABLED_ALGORITHM': 'RSASHA1', 'DISABLED_ALGORITHM_NUMBER': '5', 'DISABLED_BITS': '1280'}
  • ECDSAP384SHA384 selected in another run:
get_algorithms.py DEBUG choosing from ALGORITHM_SET "ecc_default"
get_algorithms.py INFO selected algorithms: {'DEFAULT_ALGORITHM': 'ECDSAP384SHA384', 'DEFAULT_ALGORITHM_NUMBER': '14', 'DEFAULT_BITS': '384', 'ALTERNATIVE_ALGORITHM': 'RSASHA256', 'ALTERNATIVE_ALGORITHM_NUMBER': '8', 'ALTERNATIVE_BITS': '1280', 'DISABLED_ALGORITHM': 'RSASHA512', 'DISABLED_ALGORITHM_NUMBER': '10', 'DISABLED_BITS': '1280'}

Closes #3503 (closed)

Edited by Nicki Křížek

Merge request reports