diff options
| author | Sverker Eriksson <[email protected]> | 2016-02-08 18:45:54 +0100 |
|---|---|---|
| committer | Sverker Eriksson <[email protected]> | 2016-02-08 18:45:54 +0100 |
| commit | 3c56cb7a4c3bcb8a089c0b83375aad46c010a9b7 (patch) | |
| tree | 527bfa03df4b09fdbf5d4c0ab47fd463b77551db /lib/ssl | |
| parent | 1430a673d453ab330a93930719c41a2e786c948f (diff) | |
| parent | 62ad9fb02820b7563402702e6026d9f4213149c6 (diff) | |
| download | otp-3c56cb7a4c3bcb8a089c0b83375aad46c010a9b7.tar.gz otp-3c56cb7a4c3bcb8a089c0b83375aad46c010a9b7.tar.bz2 otp-3c56cb7a4c3bcb8a089c0b83375aad46c010a9b7.zip | |
Merge branch 'sverk/ecc-fixes' into maint
OTP-13311
* sverk/ecc-fixes:
Ensure testing ssl with supported ciphers only
Only use supported EC curves in crypto tests
Check the result of EC_GROUP_new_curve_* calls
Diffstat (limited to 'lib/ssl')
| -rw-r--r-- | lib/ssl/test/erl_make_certs.erl | 4 | ||||
| -rw-r--r-- | lib/ssl/test/ssl_test_lib.erl | 12 |
2 files changed, 14 insertions, 2 deletions
diff --git a/lib/ssl/test/erl_make_certs.erl b/lib/ssl/test/erl_make_certs.erl index 8e909a5b74..f5cada9021 100644 --- a/lib/ssl/test/erl_make_certs.erl +++ b/lib/ssl/test/erl_make_certs.erl @@ -334,7 +334,9 @@ make_key(dsa, _Opts) -> gen_dsa2(128, 20); %% Bytes i.e. {1024, 160} make_key(ec, _Opts) -> %% (OBS: for testing only) - gen_ec2(secp256k1). + CurveOid = hd(tls_v1:ecc_curves(0)), + NamedCurve = pubkey_cert_records:namedCurves(CurveOid), + gen_ec2(NamedCurve). %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% RSA key generation (OBS: for testing only) diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl index 77c29668b5..afd21f0d2f 100644 --- a/lib/ssl/test/ssl_test_lib.erl +++ b/lib/ssl/test/ssl_test_lib.erl @@ -818,7 +818,17 @@ rsa_suites(CounterPart) -> (_) -> false end, - ssl:cipher_suites()). + common_ciphers(CounterPart)). + +common_ciphers(crypto) -> + ssl:cipher_suites(); +common_ciphers(openssl) -> + OpenSslSuites = + string:tokens(string:strip(os:cmd("openssl ciphers"), right, $\n), ":"), + [ssl:suite_definition(S) + || S <- ssl_cipher:suites(tls_record:highest_protocol_version([])), + lists:member(ssl_cipher:openssl_suite_name(S), OpenSslSuites) + ]. rsa_non_signed_suites() -> lists:filter(fun({rsa, _, _}) -> |