testing: Make sure ML-KEM scenarios use our ml plugin

We now support OpenSSL's implementation in the openssl plugin. This makes sure our plugin is used on at least one of the hosts if we ever switch to an OpenSSL version that supports ML-KEM. In the ikev2/rw-mlkem scenario the logic is reversed. There the ml plugin is preferred on moon to test the responder side (and carol for the initiator) and dave will switch to OpenSSL if it ever provides ML-KEM.
2025-10-03 00:00:24 -04:00 · 2025-06-06 11:17:38 +02:00 · 2025-06-06 11:17:38 +02:00 · 9a6aa2530e
commit 9a6aa2530e
parent faf7ad2331
4 changed files with 6 additions and 6 deletions
--- a/testing/tests/botan/rw-mlkem/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/botan/rw-mlkem/hosts/dave/etc/strongswan.conf
@ -5,7 +5,7 @@ swanctl {
 }

 charon-systemd {
-  load = nonce openssl ml pem revocation constraints pubkey curl kernel-netlink socket-default updown vici
+  load = nonce ml openssl pem revocation constraints pubkey curl kernel-netlink socket-default updown vici

  rsa_pss = yes
 }
--- a/testing/tests/ikev2/rw-mlkem/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-mlkem/hosts/carol/etc/strongswan.conf
@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file

 swanctl {
-  load = botan pem x509 revocation constraints pubkey
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random
 }

 charon-systemd {
-  load = nonce pem pkcs1 openssl ml revocation constraints pubkey curl kernel-netlink socket-default updown vici
+  load = nonce pem pkcs1 ml openssl revocation constraints pubkey curl kernel-netlink socket-default updown vici

  rsa_pss = yes
 }
--- a/testing/tests/ikev2/rw-mlkem/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-mlkem/hosts/moon/etc/strongswan.conf
@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file

 swanctl {
-  load = pem botan x509 revocation constraints pubkey
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random
 }

 charon-systemd {
-  load = nonce pem pkcs1 openssl ml revocation constraints pubkey curl kernel-netlink socket-default updown vici
+  load = nonce pem pkcs1 ml openssl revocation constraints pubkey curl kernel-netlink socket-default updown vici

  rsa_pss = yes
 }
--- a/testing/tests/wolfssl/rw-mlkem/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/wolfssl/rw-mlkem/hosts/dave/etc/strongswan.conf
@ -5,7 +5,7 @@ swanctl {
 }

 charon-systemd {
-  load = nonce openssl ml pem revocation constraints pubkey curl kernel-netlink socket-default updown vici
+  load = nonce ml openssl pem revocation constraints pubkey curl kernel-netlink socket-default updown vici

  rsa_pss = yes
 }