OTP-8587 DSA key support

New ssl now support client/server-certificates signed by dsa keys.
author: Ingela Anderton Andin <[email protected]> 2010-06-07 15:14:08 +0000
committer: Erlang/OTP <[email protected]> 2010-06-07 15:14:08 +0000
commit: b989e946d56513c3d89a333f504e7e46cd4e2bf1 (patch)
tree: 389ee50a2bde4ea66f3028a0a213a7410acadcca /lib/ssl/test/ssl_test_lib.erl
parent: 3e97f3dc6ad63707d283e7b9924df5cc8eb13a84 (diff)
download: otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.tar.gz
otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.tar.bz2
otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.zip
1 files changed, 58 insertions, 0 deletions
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 46b6eb401d..d11acc8130 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -318,6 +318,25 @@ cert_options(Config) ->
      | Config].
 
 
+make_dsa_cert(Config) ->
+    ServerCaInfo = {ServerCaCert, _} = erl_make_certs:make_cert([{key, dsa}]),
+    {ServerCert, ServerCertKey} = erl_make_certs:make_cert([{key, dsa}, {issuer, ServerCaInfo}]),
+    ServerCaCertFile = filename:join([?config(priv_dir, Config), 
+				      "server", "dsa_cacerts.pem"]),
+    ServerCertFile = filename:join([?config(priv_dir, Config), 
+				      "server", "dsa_cert.pem"]),
+    ServerKeyFile = filename:join([?config(priv_dir, Config), 
+				   "server", "dsa_key.pem"]),
+
+    public_key:der_to_pem(ServerCaCertFile, [{cert, ServerCaCert, not_encrypted}]),
+    public_key:der_to_pem(ServerCertFile, [{cert, ServerCert, not_encrypted}]),
+    public_key:der_to_pem(ServerKeyFile, [ServerCertKey]),
+
+    [{server_dsa_opts, [{ssl_imp, new},{reuseaddr, true}, 
+				 {cacertfile, ServerCaCertFile},
+				 {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]} | Config].
+    
+    
 start_upgrade_server(Args) ->
     Result = spawn_link(?MODULE, run_upgrade_server, [Args]),
     receive
@@ -529,3 +548,42 @@ send_selected_port(Pid, 0, Socket) ->
     Pid ! {self(), {port, NewPort}};
 send_selected_port(_,_,_) ->
     ok.
+
+rsa_suites() ->
+    lists:filter(fun({dhe_dss, _, _}) ->
+			 false;
+		    (_) ->
+			 true
+		 end,
+		 ssl:cipher_suites()).
+
+dsa_suites() ->
+     lists:filter(fun({dhe_dss, _, _}) ->
+			 true;
+		    (_) ->
+			 false
+		 end,
+		 ssl:cipher_suites()).
+
+
+openssl_rsa_suites() ->
+    Ciphers = ssl:cipher_suites(openssl),
+    lists:filter(fun(Str) ->
+			 case re:run(Str,"DSS",[]) of
+			     nomatch ->
+				 true;
+			     _ ->
+				 false
+			 end 
+		 end, Ciphers).
+
+openssl_dsa_suites() ->
+    Ciphers = ssl:cipher_suites(openssl),
+    lists:filter(fun(Str) ->
+			 case re:run(Str,"DSS",[]) of
+			     nomatch ->
+				 false;
+			     _ ->
+				 true
+			 end 
+		 end, Ciphers).
author	Ingela Anderton Andin <[email protected]>	2010-06-07 15:14:08 +0000
committer	Erlang/OTP <[email protected]>	2010-06-07 15:14:08 +0000
commit	b989e946d56513c3d89a333f504e7e46cd4e2bf1 (patch)
tree	389ee50a2bde4ea66f3028a0a213a7410acadcca /lib/ssl/test/ssl_test_lib.erl
parent	3e97f3dc6ad63707d283e7b9924df5cc8eb13a84 (diff)
download	otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.tar.gz otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.tar.bz2 otp-b989e946d56513c3d89a333f504e7e46cd4e2bf1.zip