aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test/ssl_test_lib.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2017-02-24 10:32:37 +0100
committerIngela Anderton Andin <[email protected]>2017-03-23 15:02:23 +0100
commit9f4c3f973e44ee5784d1d7eddf225ca0458f4525 (patch)
treec10da4af0fc51fa0b10f61b57b5d5dceb5d21636 /lib/ssl/test/ssl_test_lib.erl
parentbce42f4c31bf552269eb787c61a979b3fb34c87e (diff)
downloadotp-9f4c3f973e44ee5784d1d7eddf225ca0458f4525.tar.gz
otp-9f4c3f973e44ee5784d1d7eddf225ca0458f4525.tar.bz2
otp-9f4c3f973e44ee5784d1d7eddf225ca0458f4525.zip
ssl, public_key: Add functionality for generating X509 cert test data
For now this functionality is located in ssl. And existing public_key function is extended. However some of the functionality may be moved to public_key in a later stage.
Diffstat (limited to 'lib/ssl/test/ssl_test_lib.erl')
-rw-r--r--lib/ssl/test/ssl_test_lib.erl41
1 files changed, 25 insertions, 16 deletions
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 4b740c79db..d91f3de79e 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -488,23 +488,32 @@ make_dsa_cert(Config) ->
make_ecdsa_cert(Config) ->
CryptoSupport = crypto:supports(),
case proplists:get_bool(ecdsa, proplists:get_value(public_keys, CryptoSupport)) of
- true ->
- {ServerCaCertFile, ServerCertFile, ServerKeyFile} =
- make_cert_files("server", Config, ec, ec, "", [{digest, appropriate_sha(CryptoSupport)}]),
- {ClientCaCertFile, ClientCertFile, ClientKeyFile} =
- make_cert_files("client", Config, ec, ec, "", [{digest, appropriate_sha(CryptoSupport)}]),
- [{server_ecdsa_opts, [{ssl_imp, new},{reuseaddr, true},
- {cacertfile, ServerCaCertFile},
- {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
- {server_ecdsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
- {cacertfile, ClientCaCertFile},
- {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
- {verify, verify_peer}]},
- {client_ecdsa_opts, [{ssl_imp, new},
- {cacertfile, ClientCaCertFile},
- {certfile, ClientCertFile}, {keyfile, ClientKeyFile}]}
+ true ->
+ %% {ServerCaCertFile, ServerCertFile, ServerKeyFile} =
+ %% make_cert_files("server", Config, ec, ec, "", [{digest, appropriate_sha(CryptoSupport)}]),
+ %% {ClientCaCertFile, ClientCertFile, ClientKeyFile} =
+ %% make_cert_files("client", Config, ec, ec, "", [{digest, appropriate_sha(CryptoSupport)}]),
+ CertFileBase = filename:join([proplists:get_value(priv_dir, Config), "ecdsa_cert.pem"]),
+ KeyFileBase = filename:join([proplists:get_value(priv_dir, Config), "ecdsa_key.pem"]),
+ CaCertFileBase = filename:join([proplists:get_value(priv_dir, Config), "ecdsa_cacerts.pem"]),
+ CurveOid = hd(tls_v1:ecc_curves(0)),
+ GenCertData = x509_test:gen_test_certs([{server_key_gen, {namedCurve, CurveOid}},
+ {client_key_gen, {namedCurve, CurveOid}},
+ {server_key_gen_chain, [{namedCurve, CurveOid},
+ {namedCurve, CurveOid}]},
+ {client_key_gen_chain, [{namedCurve, CurveOid},
+ {namedCurve, CurveOid}]},
+ {digest, appropriate_sha(CryptoSupport)}]),
+ [{server_config, ServerConf},
+ {client_config, ClientConf}] =
+ x509_test:gen_pem_config_files(GenCertData, CertFileBase, KeyFileBase, CaCertFileBase),
+ [{server_ecdsa_opts, [{ssl_imp, new},{reuseaddr, true} | ServerConf]},
+
+ {server_ecdsa_verify_opts, [{ssl_imp, new}, {reuseaddr, true},
+ {verify, verify_peer} | ServerConf]},
+ {client_ecdsa_opts, [{ssl_imp, new}, {reuseaddr, true} | ClientConf]}
| Config];
- _ ->
+ false ->
Config
end.