diff options
author | Danil Zagoskin <[email protected]> | 2014-04-21 20:57:03 +0400 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2014-04-23 10:59:27 +0200 |
commit | a7446cd75e2a48e810faef26d91e9d70247297d1 (patch) | |
tree | 2c572c11e268108faae1fbb5c24bf64e6ab70c63 /lib/ssl/test | |
parent | ed1c35ea483db86d208335f43565026b12c426d6 (diff) | |
download | otp-a7446cd75e2a48e810faef26d91e9d70247297d1.tar.gz otp-a7446cd75e2a48e810faef26d91e9d70247297d1.tar.bz2 otp-a7446cd75e2a48e810faef26d91e9d70247297d1.zip |
ssl: TLSv1.2: proper default sign algo for RSA
Diffstat (limited to 'lib/ssl/test')
-rw-r--r-- | lib/ssl/test/ssl_handshake_SUITE.erl | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/ssl/test/ssl_handshake_SUITE.erl b/lib/ssl/test/ssl_handshake_SUITE.erl index 6d020c472b..4c4b8e5137 100644 --- a/lib/ssl/test/ssl_handshake_SUITE.erl +++ b/lib/ssl/test/ssl_handshake_SUITE.erl @@ -26,6 +26,7 @@ -include_lib("common_test/include/ct.hrl"). -include("ssl_internal.hrl"). -include("tls_handshake.hrl"). +-include_lib("public_key/include/public_key.hrl"). %%-------------------------------------------------------------------- %% Common Test interface functions ----------------------------------- @@ -36,7 +37,8 @@ all() -> [decode_hello_handshake, decode_single_hello_extension_correctly, decode_supported_elliptic_curves_hello_extension_correctly, decode_unknown_hello_extension_correctly, - encode_single_hello_sni_extension_correctly]. + encode_single_hello_sni_extension_correctly, + select_proper_tls_1_2_rsa_default_hashsign]. %%-------------------------------------------------------------------- %% Test Cases -------------------------------------------------------- @@ -95,3 +97,9 @@ encode_single_hello_sni_extension_correctly(_Config) -> HelloExt = <<ExtSize:16/unsigned-big-integer, SNI/binary>>, Encoded = ssl_handshake:encode_hello_extensions(Exts), HelloExt = Encoded. + +select_proper_tls_1_2_rsa_default_hashsign(_Config) -> + % RFC 5246 section 7.4.1.4.1 tells to use {sha1,rsa} as default signature_algorithm for RSA key exchanges + {sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {3,3}), + {md5sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {undefined,undefined}). + |