aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test/ssl_test_lib.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2017-04-13 18:09:37 +0200
committerIngela Anderton Andin <[email protected]>2017-04-21 09:52:40 +0200
commitae877f133ee8d8beea37e7168677c9334aec6a75 (patch)
tree26f5fa05916635f84f5ea4357f3f574994e4dd91 /lib/ssl/test/ssl_test_lib.erl
parent72e0725c30960541e1209a45f6a9e56fecc3be95 (diff)
downloadotp-ae877f133ee8d8beea37e7168677c9334aec6a75.tar.gz
otp-ae877f133ee8d8beea37e7168677c9334aec6a75.tar.bz2
otp-ae877f133ee8d8beea37e7168677c9334aec6a75.zip
ssl: Rewrite test data generation
With the new help functions for creating test data we can simplify the code. And sometimes corrections have been made so that the test actually perform the test intended.
Diffstat (limited to 'lib/ssl/test/ssl_test_lib.erl')
-rw-r--r--lib/ssl/test/ssl_test_lib.erl31
1 files changed, 26 insertions, 5 deletions
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 302b5178a5..b8fd5dc975 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -485,6 +485,18 @@ make_dsa_cert(Config) ->
{certfile, ClientCertFile}, {keyfile, ClientKeyFile}]}
| Config].
+make_rsa_cert_chains(ChainConf, Config, Suffix) ->
+ CryptoSupport = crypto:supports(),
+ KeyGenSpec = key_gen_info(rsa, rsa),
+ ClientFileBase = filename:join([proplists:get_value(priv_dir, Config), "rsa" ++ Suffix]),
+ ServerFileBase = filename:join([proplists:get_value(priv_dir, Config), "rsa" ++ Suffix]),
+ GenCertData = x509_test:gen_test_certs([{digest, appropriate_sha(CryptoSupport)} | KeyGenSpec] ++ ChainConf),
+ [{server_config, ServerConf},
+ {client_config, ClientConf}] =
+ x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
+ {[{verify, verify_peer} | ClientConf],
+ [{reuseaddr, true}, {verify, verify_peer} | ServerConf]
+ }.
make_ec_cert_chains(ClientChainType, ServerChainType, Config) ->
CryptoSupport = crypto:supports(),
@@ -524,6 +536,11 @@ key_gen_spec(Role, ecdhe_rsa) ->
[{list_to_atom(Role ++ "_key_gen"), hardcode_rsa_key(1)},
{list_to_atom(Role ++ "_key_gen_chain"), [hardcode_rsa_key(2),
hardcode_rsa_key(3)]}
+ ];
+key_gen_spec(Role, rsa) ->
+ [{list_to_atom(Role ++ "_key_gen"), hardcode_rsa_key(1)},
+ {list_to_atom(Role ++ "_key_gen_chain"), [hardcode_rsa_key(2),
+ hardcode_rsa_key(3)]}
].
make_ecdsa_cert(Config) ->
CryptoSupport = crypto:supports(),
@@ -571,7 +588,8 @@ make_rsa_cert(Config) ->
{server_rsa_verify_opts, [{ssl_imp, new}, {reuseaddr, true},
{verify, verify_peer} | ServerConf]},
- {client_rsa_opts, ClientConf}
+ {client_rsa_opts, ClientConf},
+ {client_rsa_verify_opts, [{verify, verify_peer} |ClientConf]}
| Config];
false ->
Config
@@ -935,9 +953,9 @@ available_suites(Version) ->
rsa_non_signed_suites(Version) ->
lists:filter(fun({rsa, _, _}) ->
- true;
+ false;
(_) ->
- false
+ true
end,
available_suites(Version)).
@@ -1398,10 +1416,13 @@ do_supports_ssl_tls_version(Port) ->
true
end.
-ssl_options(Option, Config) ->
+ssl_options(Option, Config) when is_atom(Option) ->
ProtocolOpts = proplists:get_value(protocol_opts, Config, []),
Opts = proplists:get_value(Option, Config, []),
- Opts ++ ProtocolOpts.
+ Opts ++ ProtocolOpts;
+ssl_options(Options, Config) ->
+ ProtocolOpts = proplists:get_value(protocol_opts, Config, []),
+ Options ++ ProtocolOpts.
protocol_version(Config) ->
protocol_version(Config, atom).