summaryrefslogtreecommitdiff
path: root/lib/ssl/test/openssl_server_cert_SUITE.erl
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ssl/test/openssl_server_cert_SUITE.erl')
-rw-r--r--lib/ssl/test/openssl_server_cert_SUITE.erl82
1 files changed, 42 insertions, 40 deletions
diff --git a/lib/ssl/test/openssl_server_cert_SUITE.erl b/lib/ssl/test/openssl_server_cert_SUITE.erl
index 7f7a9b739e..057d80b6f3 100644
--- a/lib/ssl/test/openssl_server_cert_SUITE.erl
+++ b/lib/ssl/test/openssl_server_cert_SUITE.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2019-2022. All Rights Reserved.
+%% Copyright Ericsson AB 2019-2023. All Rights Reserved.
%%
%% Licensed under the Apache License, Version 2.0 (the "License");
%% you may not use this file except in compliance with the License.
@@ -74,7 +74,7 @@
%%--------------------------------------------------------------------
%% Common Test interface functions -----------------------------------
%%--------------------------------------------------------------------
-all() ->
+all() ->
[
{group, openssl_server}].
@@ -103,7 +103,7 @@ groups() ->
].
protocol_groups() ->
- case ssl_test_lib:openssl_sane_dtls() of
+ case ssl_test_lib:openssl_sane_dtls() of
true ->
[{group, 'tlsv1.3'},
{group, 'tlsv1.2'},
@@ -117,7 +117,7 @@ protocol_groups() ->
{group, 'tlsv1.1'},
{group, 'tlsv1'}
]
- end.
+ end.
pre_tls_1_3_protocol_groups() ->
[{group, rsa},
@@ -156,27 +156,27 @@ end_per_suite(Config) ->
init_per_group(openssl_server, Config0) ->
Config = proplists:delete(server_type, proplists:delete(client_type, Config0)),
- [{client_type, erlang}, {server_type, openssl} | Config];
+ [{client_type, erlang}, {server_type, openssl} | Config];
init_per_group(rsa = Group, Config0) ->
Config = ssl_test_lib:make_rsa_cert(Config0),
COpts = proplists:get_value(client_rsa_opts, Config),
SOpts = proplists:get_value(server_rsa_opts, Config),
%% Make sure _rsa* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
- Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) ->
+ Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) ->
true;
- (ecdhe_rsa) ->
+ (ecdhe_rsa) ->
true;
(_) ->
- false
- end, Version),
+ false
+ end, Version),
case Ciphers of
[_|_] ->
[{cert_key_alg, rsa} |
- lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
- lists:delete(server_cert_opts,
+ lists:delete(cert_key_alg,
+ [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
+ {server_cert_opts, SOpts} |
+ lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
{skip, {no_sup, Group, Version}}
@@ -203,9 +203,9 @@ init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
Alg == rsa_pss_pss ->
Supports = crypto:supports(),
RSAOpts = proplists:get_value(rsa_opts, Supports),
-
- case lists:member(rsa_pkcs1_pss_padding, RSAOpts)
- andalso lists:member(rsa_pss_saltlen, RSAOpts)
+
+ case lists:member(rsa_pkcs1_pss_padding, RSAOpts)
+ andalso lists:member(rsa_pss_saltlen, RSAOpts)
andalso lists:member(rsa_mgf1_md, RSAOpts)
andalso ssl_test_lib:is_sane_oppenssl_pss(Alg)
of
@@ -223,9 +223,9 @@ init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
end;
init_per_group(ecdsa = Group, Config0) ->
PKAlg = crypto:supports(public_keys),
- case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse
- lists:member(dh, PKAlg))
- andalso (ssl_test_lib:openssl_ecdsa_suites() =/= [])
+ case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse
+ lists:member(dh, PKAlg))
+ andalso (ssl_test_lib:openssl_ecdsa_suites() =/= [])
of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
@@ -233,20 +233,20 @@ init_per_group(ecdsa = Group, Config0) ->
SOpts = proplists:get_value(server_ecdsa_opts, Config),
%% Make sure ecdh* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
- Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) ->
+ Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) ->
true;
- (ecdhe_ecdsa) ->
+ (ecdhe_ecdsa) ->
true;
(_) ->
- false
- end, Version),
+ false
+ end, Version),
case Ciphers of
[_|_] ->
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
- lists:delete(server_cert_opts,
+ [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
+ {server_cert_opts, SOpts} |
+ lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
[] ->
@@ -258,8 +258,8 @@ init_per_group(ecdsa = Group, Config0) ->
init_per_group(ecdsa_1_3 = Group, Config0) ->
PKAlg = crypto:supports(public_keys),
case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse
- lists:member(dh, PKAlg))
- andalso (ssl_test_lib:openssl_ecdsa_suites() =/= [])
+ lists:member(dh, PKAlg))
+ andalso (ssl_test_lib:openssl_ecdsa_suites() =/= [])
of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
@@ -311,35 +311,37 @@ init_per_group(eddsa_1_3, Config0) ->
end;
init_per_group(dsa = Group, Config0) ->
PKAlg = crypto:supports(public_keys),
- case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) andalso
- (ssl_test_lib:openssl_dsa_suites() =/= []) of
+ case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) andalso
+ (ssl_test_lib:openssl_dsa_suites() =/= [])
+ andalso (ssl_test_lib:check_sane_openssl_dsa(Config0))
+ of
true ->
- Config = ssl_test_lib:make_dsa_cert(Config0),
+ Config = ssl_test_lib:make_dsa_cert(Config0),
COpts = proplists:get_value(client_dsa_opts, Config),
SOpts = proplists:get_value(server_dsa_opts, Config),
%% Make sure dhe_dss* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
- Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) ->
+ Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) ->
true;
- (dhe_dss) ->
+ (dhe_dss) ->
true;
(_) ->
- false
- end, Version),
+ false
+ end, Version),
case Ciphers of
[_|_] ->
[{cert_key_alg, dsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
- lists:delete(server_cert_opts,
+ [{client_cert_opts, [{ciphers, Ciphers} | COpts] ++ ssl_test_lib:sig_algs(dsa, Version)},
+ {server_cert_opts, SOpts} |
+ lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
{skip, {no_sup, Group, Version}}
end;
false ->
{skip, "Missing DSS crypto support"}
- end;
+ end;
init_per_group(GroupName, Config) ->
case ssl_test_lib:is_protocol_version(GroupName) of
true ->
@@ -361,7 +363,7 @@ init_per_testcase(_TestCase, Config) ->
ct:timetrap({seconds, 30}),
Config.
-end_per_testcase(_TestCase, Config) ->
+end_per_testcase(_TestCase, Config) ->
Config.
%%--------------------------------------------------------------------
View Lorry Controller Status