aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2012-08-09 15:15:51 +0200
committerIngela Anderton Andin <[email protected]>2012-08-22 14:00:46 +0200
commit4f68e36b57bf7b2cc608bf1fb5d50486529bff10 (patch)
tree937e5288965e629e924a95f44625bc4cd7bbe976
parenta0bd4951be74a5db1c382a7e19432903db10e576 (diff)
downloadotp-4f68e36b57bf7b2cc608bf1fb5d50486529bff10.tar.gz
otp-4f68e36b57bf7b2cc608bf1fb5d50486529bff10.tar.bz2
otp-4f68e36b57bf7b2cc608bf1fb5d50486529bff10.zip
ssl: Add crypto support check (TLS 1.2 require sha256 support)
-rw-r--r--lib/ssl/src/ssl_tls1.erl2
-rw-r--r--lib/ssl/test/ssl_basic_SUITE.erl15
-rw-r--r--lib/ssl/test/ssl_payload_SUITE.erl16
-rw-r--r--lib/ssl/test/ssl_test_lib.erl13
-rw-r--r--lib/ssl/test/ssl_to_openssl_SUITE.erl6
5 files changed, 39 insertions, 13 deletions
diff --git a/lib/ssl/src/ssl_tls1.erl b/lib/ssl/src/ssl_tls1.erl
index d62ea6e5a4..91b321bcd9 100644
--- a/lib/ssl/src/ssl_tls1.erl
+++ b/lib/ssl/src/ssl_tls1.erl
@@ -222,8 +222,6 @@ hmac_hash(?MD5, Key, Value) ->
crypto:md5_mac(Key, Value);
hmac_hash(?SHA, Key, Value) ->
crypto:sha_mac(Key, Value);
-hmac_hash(?MD5SHA, Key, Value) ->
- crypto:sha256_mac(Key, Value);
hmac_hash(?SHA256, Key, Value) ->
crypto:sha256_mac(Key, Value);
hmac_hash(?SHA384, Key, Value) ->
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 1cfe8d0367..de883d5425 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -198,11 +198,18 @@ all_versions_groups ()->
init_per_group(GroupName, Config) ->
case ssl_test_lib:is_tls_version(GroupName) of
true ->
- ssl_test_lib:init_tls_version(GroupName);
+ case ssl_test_lib:sufficient_crypto_support(GroupName) of
+ true ->
+ ssl_test_lib:init_tls_version(GroupName),
+ Config;
+ false ->
+ {skip, "Missing crypto support"}
+ end;
_ ->
- ssl:start()
- end,
- Config.
+ ssl:start(),
+ Config
+ end.
+
end_per_group(_GroupName, Config) ->
Config.
diff --git a/lib/ssl/test/ssl_payload_SUITE.erl b/lib/ssl/test/ssl_payload_SUITE.erl
index 9633942ac3..c97f97e70b 100644
--- a/lib/ssl/test/ssl_payload_SUITE.erl
+++ b/lib/ssl/test/ssl_payload_SUITE.erl
@@ -140,13 +140,19 @@ payload_tests() ->
init_per_group(GroupName, Config) ->
- case ssl_test_lib:is_tls_version(GroupName) of
+ case ssl_test_lib:is_tls_version(GroupName) of
true ->
- ssl_test_lib:init_tls_version(GroupName);
+ case ssl_test_lib:sufficient_crypto_support(GroupName) of
+ true ->
+ ssl_test_lib:init_tls_version(GroupName),
+ Config;
+ false ->
+ {skip, "Missing crypto support"}
+ end;
_ ->
- ssl:start()
- end,
- Config.
+ ssl:start(),
+ Config
+ end.
end_per_group(_GroupName, Config) ->
Config.
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 905801fe3d..b39c995552 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -725,3 +725,16 @@ init_tls_version(Version) ->
application:load(ssl),
application:set_env(ssl, protocol_version, Version),
ssl:start().
+
+sufficient_crypto_support('tlsv1.2') ->
+ Data = "Sampl",
+ Data2 = "e #1",
+ Key = <<0,1,2,3,16,17,18,19,32,33,34,35,48,49,50,51,4,5,6,7,20,21,22,23,36,37,38,39,
+ 52,53,54,55,8,9,10,11,24,25,26,27,40,41,42,43,56,57,58,59>>,
+ try
+ crypto:sha256_mac(Key, lists:flatten([Data, Data2])),
+ true
+ catch _:_ -> false
+ end;
+sufficient_crypto_support(_) ->
+ true.
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index e5f8d4ae4e..ec35c42773 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -112,7 +112,9 @@ special_init(TestCase, Config)
special_init(ssl2_erlang_server_openssl_client, Config) ->
check_sane_openssl_sslv2(Config);
-special_init(ciphers_dsa_signed_certs, Config) ->
+special_init(TestCase, Config) when TestCase == erlang_client_openssl_server_dsa_cert;
+ TestCase == erlang_server_openssl_client_dsa_cert;
+ TestCase == ciphers_dsa_signed_certs ->
check_sane_openssl_dsa(Config);
special_init(_, Config) ->
@@ -1186,7 +1188,7 @@ check_sane_openssl_renegotaite(Config) ->
{skip, "Known renegotiation bug in OpenSSL"};
"OpenSSL 0.9.7" ++ _ ->
{skip, "Known renegotiation bug in OpenSSL"};
- "OpenSSL 1.0.1c" ++ _ ->
+ "OpenSSL 1.0.1" ++ _ ->
{skip, "Known renegotiation bug in OpenSSL"};
_ ->
Config