aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test/ssl_handshake_SUITE.erl
diff options
context:
space:
mode:
authorDanil Zagoskin <[email protected]>2014-04-21 20:57:03 +0400
committerIngela Anderton Andin <[email protected]>2014-04-23 10:59:27 +0200
commita7446cd75e2a48e810faef26d91e9d70247297d1 (patch)
tree2c572c11e268108faae1fbb5c24bf64e6ab70c63 /lib/ssl/test/ssl_handshake_SUITE.erl
parented1c35ea483db86d208335f43565026b12c426d6 (diff)
downloadotp-a7446cd75e2a48e810faef26d91e9d70247297d1.tar.gz
otp-a7446cd75e2a48e810faef26d91e9d70247297d1.tar.bz2
otp-a7446cd75e2a48e810faef26d91e9d70247297d1.zip
ssl: TLSv1.2: proper default sign algo for RSA
Diffstat (limited to 'lib/ssl/test/ssl_handshake_SUITE.erl')
-rw-r--r--lib/ssl/test/ssl_handshake_SUITE.erl10
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/ssl/test/ssl_handshake_SUITE.erl b/lib/ssl/test/ssl_handshake_SUITE.erl
index 6d020c472b..4c4b8e5137 100644
--- a/lib/ssl/test/ssl_handshake_SUITE.erl
+++ b/lib/ssl/test/ssl_handshake_SUITE.erl
@@ -26,6 +26,7 @@
-include_lib("common_test/include/ct.hrl").
-include("ssl_internal.hrl").
-include("tls_handshake.hrl").
+-include_lib("public_key/include/public_key.hrl").
%%--------------------------------------------------------------------
%% Common Test interface functions -----------------------------------
@@ -36,7 +37,8 @@ all() -> [decode_hello_handshake,
decode_single_hello_extension_correctly,
decode_supported_elliptic_curves_hello_extension_correctly,
decode_unknown_hello_extension_correctly,
- encode_single_hello_sni_extension_correctly].
+ encode_single_hello_sni_extension_correctly,
+ select_proper_tls_1_2_rsa_default_hashsign].
%%--------------------------------------------------------------------
%% Test Cases --------------------------------------------------------
@@ -95,3 +97,9 @@ encode_single_hello_sni_extension_correctly(_Config) ->
HelloExt = <<ExtSize:16/unsigned-big-integer, SNI/binary>>,
Encoded = ssl_handshake:encode_hello_extensions(Exts),
HelloExt = Encoded.
+
+select_proper_tls_1_2_rsa_default_hashsign(_Config) ->
+ % RFC 5246 section 7.4.1.4.1 tells to use {sha1,rsa} as default signature_algorithm for RSA key exchanges
+ {sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {3,3}),
+ {md5sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {undefined,undefined}).
+