From 1c57460735abb922c395b3428d420f1d91c4cac1 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 17 Apr 2023 11:50:50 +0200 Subject: ssl: Let test case use stronger key Caused test case failiur due to fix by ingela/ssl/correct-sigalg-order/OTP-18550 --- lib/ssl/test/ssl_session_SUITE.erl | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/lib/ssl/test/ssl_session_SUITE.erl b/lib/ssl/test/ssl_session_SUITE.erl index 40fff3bbbd..f597c78bb5 100644 --- a/lib/ssl/test/ssl_session_SUITE.erl +++ b/lib/ssl/test/ssl_session_SUITE.erl @@ -464,8 +464,11 @@ no_reuses_session_server_restart_new_cert() -> no_reuses_session_server_restart_new_cert(Config) when is_list(Config) -> ClientOpts = ssl_test_lib:ssl_options(client_rsa_der_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_der_verify_opts, Config), - RSA1024ServerOpts = ssl_test_lib:ssl_options(server_rsa_1024_der_opts, Config), - RSA1024ClientOpts = ssl_test_lib:ssl_options(client_rsa_1024_der_opts, Config), + #{client_config := NewCOpts, + server_config := NewSOpts} = ssl_test_lib:make_cert_chains_der(rsa, + [[{key, ssl_test_lib:hardcode_rsa_key(4)}], + [{key, ssl_test_lib:hardcode_rsa_key(5)}], + [{key, ssl_test_lib:hardcode_rsa_key(6)}]]), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), @@ -490,12 +493,12 @@ no_reuses_session_server_restart_new_cert(Config) when is_list(Config) -> Server1 = ssl_test_lib:start_server([{node, ServerNode}, {port, Port}, {from, self()}, {mfa, {ssl_test_lib, session_info_result, []}}, - {options, [{reuseaddr, true} | RSA1024ServerOpts]}]), + {options, [{reuseaddr, true} | NewSOpts]}]), Client1 = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_info_result, []}}, - {from, self()}, {options, RSA1024ClientOpts}]), + {from, self()}, {options, NewCOpts}]), Info1 = receive {Server1, Info10} -> Info10 end, receive @@ -517,7 +520,12 @@ no_reuses_session_server_restart_new_cert_file() -> no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), - RSA1024ServerOpts = ssl_test_lib:ssl_options(server_rsa_1024_verify_opts, Config), + #{client_config := NewCOpts, + server_config := NewSOpts} = ssl_test_lib:make_cert_chains_pem(rsa, + [[{key, ssl_test_lib:hardcode_rsa_key(4)}], + [{key, ssl_test_lib:hardcode_rsa_key(5)}], + [{key, ssl_test_lib:hardcode_rsa_key(6)}]], + Config, "ssl_session_new_rsa"), PrivDir = proplists:get_value(priv_dir, Config), NewServerOpts0 = ssl_test_lib:new_config(PrivDir, ServerOpts), @@ -548,7 +556,7 @@ no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ssl:clear_pem_cache(), - NewServerOpts1 = ssl_test_lib:new_config(PrivDir, RSA1024ServerOpts), + NewServerOpts1 = ssl_test_lib:new_config(PrivDir, NewSOpts), Server1 = ssl_test_lib:start_server([{node, ServerNode}, {port, Port}, @@ -559,7 +567,7 @@ no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_info_result, []}}, - {from, self()}, {options, ClientOpts}]), + {from, self()}, {options, NewCOpts}]), receive {Client1, SessionInfo} -> ct:fail(session_reused_when_server_has_new_cert); -- cgit v1.2.1