diff options
Diffstat (limited to 'lib/ssl/test')
-rw-r--r-- | lib/ssl/test/ssl_reject_SUITE.erl | 5 | ||||
-rw-r--r-- | lib/ssl/test/tls_api_SUITE.erl | 22 |
2 files changed, 25 insertions, 2 deletions
diff --git a/lib/ssl/test/ssl_reject_SUITE.erl b/lib/ssl/test/ssl_reject_SUITE.erl index cc24ffbcfe..be79e0543b 100644 --- a/lib/ssl/test/ssl_reject_SUITE.erl +++ b/lib/ssl/test/ssl_reject_SUITE.erl @@ -184,9 +184,12 @@ accept_sslv3_record_hello(Config) when is_list(Config) -> Allversions = all_versions(), + AllSigAlgs = ssl:signature_algs(all, 'tlsv1.3'), + Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, {from, self()}, - {options, [{versions, Allversions} | ServerOpts]}]), + {options, [{versions, Allversions}, + {signature_algs, AllSigAlgs} | ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), %% TLS-1.X Hello with SSL-3.0 record version diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl index 405bb74b2d..74b4e76566 100644 --- a/lib/ssl/test/tls_api_SUITE.erl +++ b/lib/ssl/test/tls_api_SUITE.erl @@ -109,7 +109,9 @@ accept_pool/0, accept_pool/1, reuseaddr/0, - reuseaddr/1 + reuseaddr/1, + signature_algs/0, + signature_algs/1 ]). %% Apply export @@ -1307,6 +1309,24 @@ tls_password_badarg(Config) when is_list(Config) -> {error, {keyfile,badarg}}). %%-------------------------------------------------------------------- +signature_algs() -> + [{doc, "Check that listing of signature algorithms for different version and configure combinations"}]. +signature_algs(Config) when is_list(Config) -> + true = [] =/= [Alg || Alg <- ssl:signature_algs(default, 'tlsv1.3'), is_tuple(Alg)], + true = [] == [Alg || Alg <- ssl:signature_algs(exclusive, 'tlsv1.3'), is_tuple(Alg)], + true = ssl:signature_algs(exclusive, 'tlsv1.3') =/= ssl:signature_algs(exclusive, 'tlsv1.2'), + true = length(ssl:signature_algs(defalt, 'tlsv1.2')) < + length(ssl:signature_algs(all, 'tlsv1.2')), + TLS_1_3_All = ssl:signature_algs(all, 'tlsv1.3'), + true = lists:member(rsa_pkcs1_sha512, TLS_1_3_All) andalso (not lists:member({sha512, rsa}, TLS_1_3_All)), + true = lists:member(rsa_pkcs1_sha384, TLS_1_3_All) andalso (not lists:member({sha384, rsa}, TLS_1_3_All)), + true = lists:member(rsa_pkcs1_sha256, TLS_1_3_All) andalso (not lists:member({sha256, rsa}, TLS_1_3_All)), + TLS_1_2_All = ssl:signature_algs(all, 'tlsv1.2'), + true = (not lists:member(rsa_pkcs1_sha512, TLS_1_2_All)) andalso lists:member({sha512, rsa}, TLS_1_2_All), + true = (not lists:member(rsa_pkcs1_sha384, TLS_1_2_All)) andalso lists:member({sha384, rsa}, TLS_1_2_All), + true = (not lists:member(rsa_pkcs1_sha256, TLS_1_2_All)) andalso lists:member({sha256, rsa}, TLS_1_2_All). + +%%-------------------------------------------------------------------- %% Internal functions ------------------------------------------------ %%-------------------------------------------------------------------- |