diff options
Diffstat (limited to 'lib/ssl/test/ssl_cipher_SUITE.erl')
-rw-r--r-- | lib/ssl/test/ssl_cipher_SUITE.erl | 43 |
1 files changed, 17 insertions, 26 deletions
diff --git a/lib/ssl/test/ssl_cipher_SUITE.erl b/lib/ssl/test/ssl_cipher_SUITE.erl index 442cc5f790..687bbd6f58 100644 --- a/lib/ssl/test/ssl_cipher_SUITE.erl +++ b/lib/ssl/test/ssl_cipher_SUITE.erl @@ -25,6 +25,7 @@ -include_lib("common_test/include/ct.hrl"). -include("tls_record.hrl"). -include("ssl_cipher.hrl"). +-include("ssl_record.hrl"). %% Callback functions -export([all/0, @@ -97,10 +98,9 @@ aes_decipher_good() -> aes_decipher_good(Config) when is_list(Config) -> HashSz = 32, CipherState = correct_cipher_state(), - decipher_check_good(HashSz, CipherState, {3,0}), - decipher_check_good(HashSz, CipherState, {3,1}), - decipher_check_good(HashSz, CipherState, {3,2}), - decipher_check_good(HashSz, CipherState, {3,3}). + decipher_check_good(HashSz, CipherState, ?TLS_1_0), + decipher_check_good(HashSz, CipherState, ?TLS_1_1), + decipher_check_good(HashSz, CipherState, ?TLS_1_2). %%-------------------------------------------------------------------- aes_decipher_fail() -> @@ -109,19 +109,17 @@ aes_decipher_fail() -> aes_decipher_fail(Config) when is_list(Config) -> HashSz = 32, CipherState = incorrect_cipher_state(), - decipher_check_fail(HashSz, CipherState, {3,0}), - decipher_check_fail(HashSz, CipherState, {3,1}), - decipher_check_fail(HashSz, CipherState, {3,2}), - decipher_check_fail(HashSz, CipherState, {3,3}). + decipher_check_fail(HashSz, CipherState, ?TLS_1_0), + decipher_check_fail(HashSz, CipherState, ?TLS_1_1), + decipher_check_fail(HashSz, CipherState, ?TLS_1_2). %%-------------------------------------------------------------------- padding_test(Config) when is_list(Config) -> HashSz = 16, CipherState = correct_cipher_state(), - pad_test(HashSz, CipherState, {3,0}), - pad_test(HashSz, CipherState, {3,1}), - pad_test(HashSz, CipherState, {3,2}), - pad_test(HashSz, CipherState, {3,3}). + pad_test(HashSz, CipherState, ?TLS_1_0), + pad_test(HashSz, CipherState, ?TLS_1_1), + pad_test(HashSz, CipherState, ?TLS_1_2). %%-------------------------------------------------------------------- sign_algorithms(Config) when is_list(Config) -> @@ -140,21 +138,14 @@ decipher_check_fail(HashSz, CipherState, Version) -> true = {Content, Mac, #cipher_state{iv = NextIV}} =/= ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, aes_fragment(Version), Version, true). -pad_test(HashSz, CipherState, {3,0} = Version) -> - %% 3.0 does not have padding test - {Content, NextIV, Mac} = badpad_content_nextiv_mac(Version), - {Content, Mac, #cipher_state{iv = NextIV}} = - ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment({3,0}), {3,0}, true), - {Content, Mac, #cipher_state{iv = NextIV}} = - ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment({3,0}), {3,0}, false); -pad_test(HashSz, CipherState, {3,1} = Version) -> +pad_test(HashSz, CipherState, ?TLS_1_0 = Version) -> %% 3.1 should have padding test, but may be disabled {Content, NextIV, Mac} = badpad_content_nextiv_mac(Version), BadCont = badpad_content(Content), {Content, Mac, #cipher_state{iv = NextIV}} = - ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment({3,1}) , {3,1}, false), + ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment(?TLS_1_0) , ?TLS_1_0, false), {BadCont, Mac, #cipher_state{iv = NextIV}} = - ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment({3,1}), {3,1}, true); + ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment(?TLS_1_0), ?TLS_1_0, true); pad_test(HashSz, CipherState, Version) -> %% 3.2 and 3.3 must have padding test {Content, NextIV, Mac} = badpad_content_nextiv_mac(Version), @@ -164,7 +155,7 @@ pad_test(HashSz, CipherState, Version) -> {BadCont, Mac, #cipher_state{iv = NextIV}} = ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, badpad_aes_fragment(Version), Version, true). -aes_fragment({3,N}) when N == 0; N == 1-> +aes_fragment(?TLS_1_0) -> <<197,9,6,109,242,87,80,154,85,250,110,81,119,95,65,185,53,206,216,153,246,169, 119,177,178,238,248,174,253,220,242,81,33,0,177,251,91,44,247,53,183,198,165, 63,20,194,159,107>>; @@ -175,7 +166,7 @@ aes_fragment(_) -> 198,181,81,19,98,162,213,228,74,224,253,168,156,59,195,122, 108,101,107,242,20,15,169,150,163,107,101,94,93,104,241,165>>. -badpad_aes_fragment({3,N}) when N == 0; N == 1 -> +badpad_aes_fragment(?TLS_1_0) -> <<186,139,125,10,118,21,26,248,120,108,193,104,87,118,145,79,225,55,228,10,105, 30,190,37,1,88,139,243,210,99,65,41>>; badpad_aes_fragment(_) -> @@ -183,7 +174,7 @@ badpad_aes_fragment(_) -> 94,121,137,117,157,109,99,113,61,190,138,131,229,201,120,142,179,172,48,77, 234,19,240,33,38,91,93>>. -content_nextiv_mac({3,N}) when N == 0; N == 1 -> +content_nextiv_mac(?TLS_1_0) -> {<<"HELLO\n">>, <<72,196,247,97,62,213,222,109,210,204,217,186,172,184, 197,148>>, <<71,136,212,107,223,200,70,232,127,116,148,205,232,35,158,113,237,174,15,217,192,168,35,8,6,107,107,233,25,174,90,111>>}; @@ -192,7 +183,7 @@ content_nextiv_mac(_) -> <<183,139,16,132,10,209,67,86,168,100,61,217,145,57,36,56>>, <<71,136,212,107,223,200,70,232,127,116,148,205,232,35,158,113,237,174,15,217,192,168,35,8,6,107,107,233,25,174,90,111>>}. -badpad_content_nextiv_mac({3,N}) when N == 0; N == 1 -> +badpad_content_nextiv_mac(?TLS_1_0) -> {<<"HELLO\n">>, <<225,55,228,10,105,30,190,37,1,88,139,243,210,99,65,41>>, <<183,139,16,132,10,209,67,86,168,100,61,217,145,57,36,56>> |