diff options
Diffstat (limited to 'lib/ssl/test/ssl_ECC_SUITE.erl')
-rw-r--r-- | lib/ssl/test/ssl_ECC_SUITE.erl | 91 |
1 files changed, 44 insertions, 47 deletions
diff --git a/lib/ssl/test/ssl_ECC_SUITE.erl b/lib/ssl/test/ssl_ECC_SUITE.erl index bb3bb15c97..4b43954139 100644 --- a/lib/ssl/test/ssl_ECC_SUITE.erl +++ b/lib/ssl/test/ssl_ECC_SUITE.erl @@ -77,7 +77,7 @@ groups() -> {'tlsv1.1', [], test_cases()}, {'tlsv1', [], test_cases()}, {'dtlsv1.2', [], [mix_sign | test_cases()]}, - {'dtlsv1', [], test_cases()} + {'dtlsv1', [], test_cases()} ]. test_cases()-> @@ -99,7 +99,7 @@ ecc_negotiation() -> client_ecdhe_rsa_server_ecdh_rsa_server_custom, client_ecdhe_ecdsa_server_ecdhe_ecdsa_server_custom, client_ecdhe_ecdsa_server_ecdhe_rsa_server_custom, - client_ecdhe_ecdsa_server_ecdhe_ecdsa_client_custom, + client_ecdhe_ecdsa_server_ecdhe_ecdsa_client_custom, client_ecdhe_rsa_server_ecdhe_ecdsa_client_custom ]. @@ -125,9 +125,9 @@ end_per_suite(_Config) -> %%-------------------------------------------------------------------- init_per_group(GroupName, Config) -> case ssl_test_lib:is_protocol_version(GroupName) of - true -> + true -> ct:log("Ciphers: ~p~n ", [ssl:cipher_suites(default, GroupName)]), - ssl_test_lib:init_per_group(GroupName, + ssl_test_lib:init_per_group(GroupName, [{client_type, erlang}, {server_type, erlang}, {version, GroupName} | Config]); @@ -142,14 +142,12 @@ end_per_group(GroupName, Config) -> init_per_testcase(TestCase, Config) -> ssl_test_lib:ct_log_supported_protocol_versions(Config), - Version = proplists:get_value(version, Config), - ct:log("Ciphers: ~p~n ", [ssl:cipher_suites(default, Version)]), end_per_testcase(TestCase, Config), ssl:start(), - ct:timetrap({seconds, 15}), + ct:timetrap({seconds, 5}), Config. -end_per_testcase(_TestCase, Config) -> +end_per_testcase(_TestCase, Config) -> application:stop(ssl), Config. @@ -161,10 +159,10 @@ end_per_testcase(_TestCase, Config) -> client_ecdsa_server_ecdsa_with_raw_key(Config) when is_list(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}] , ecdhe_ecdsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ServerKeyFile = proplists:get_value(keyfile, SOpts), {ok, PemBin} = file:read_file(ServerKeyFile), @@ -183,11 +181,11 @@ client_ecdsa_server_ecdsa_with_raw_key(Config) when is_list(Config) -> ecc_default_order(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config, DefaultCurve), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [], case ssl_test_lib:supported_eccs([{eccs, [DefaultCurve]}]) of @@ -198,11 +196,11 @@ ecc_default_order(Config) -> ecc_default_order_custom_curves(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config, DefaultCurve), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -213,11 +211,11 @@ ecc_default_order_custom_curves(Config) -> ecc_client_order(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config, DefaultCurve), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, false}], case ssl_test_lib:supported_eccs([{eccs, [DefaultCurve]}]) of @@ -232,7 +230,7 @@ ecc_client_order_custom_curves(Config) -> {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config, DefaultCurve), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, false}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -244,8 +242,8 @@ ecc_unknown_curve(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], - ecdhe_ecdsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + ecdhe_ecdsa, ecdhe_ecdsa, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{eccs, ['123_fake_curve']}], ssl_test_lib:ecc_test_error(COpts, SOpts, [], ECCOpts, Config). @@ -254,9 +252,9 @@ client_ecdh_rsa_server_ecdhe_ecdsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, - {client_chain, Default}], + {client_chain, Default}], ecdh_rsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -267,13 +265,13 @@ client_ecdh_rsa_server_ecdhe_ecdsa_server_custom(Config) -> client_ecdh_rsa_server_ecdhe_rsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdh_rsa, ecdhe_rsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], - + case ssl_test_lib:supported_eccs(ECCOpts) of true -> ssl_test_lib:ecc_test(secp256r1, COpts, SOpts, [], ECCOpts, Config); false -> {skip, "unsupported named curves"} @@ -282,10 +280,10 @@ client_ecdh_rsa_server_ecdhe_rsa_server_custom(Config) -> client_ecdhe_rsa_server_ecdhe_ecdsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_rsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -296,11 +294,11 @@ client_ecdhe_rsa_server_ecdhe_ecdsa_server_custom(Config) -> client_ecdhe_rsa_server_ecdhe_rsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, - {client_chain, Default}], + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {client_chain, Default}], ecdhe_rsa, ecdhe_rsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -312,10 +310,10 @@ client_ecdhe_rsa_server_ecdh_rsa_server_custom(Config) -> DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), Ext = x509_test:extensions([{key_usage, [keyEncipherment]}]), {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, [[], [], [{extensions, Ext}]]}, - {client_chain, Default}], + {client_chain, Default}], ecdhe_rsa, ecdh_rsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], Expected = secp256r1, %% The certificate curve @@ -328,10 +326,10 @@ client_ecdhe_rsa_server_ecdh_rsa_server_custom(Config) -> client_ecdhe_ecdsa_server_ecdhe_ecdsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, - {client_chain, Default}], + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -342,10 +340,10 @@ client_ecdhe_ecdsa_server_ecdhe_ecdsa_server_custom(Config) -> client_ecdhe_ecdsa_server_ecdhe_rsa_server_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_ecdsa, ecdhe_rsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{honor_ecc_order, true}, {eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -356,10 +354,10 @@ client_ecdhe_ecdsa_server_ecdhe_rsa_server_custom(Config) -> client_ecdhe_ecdsa_server_ecdhe_ecdsa_client_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_ecdsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -370,10 +368,10 @@ client_ecdhe_ecdsa_server_ecdhe_ecdsa_client_custom(Config) -> client_ecdhe_rsa_server_ecdhe_ecdsa_client_custom(Config) -> Default = ssl_test_lib:default_cert_chain_conf(), DefaultCurve = pubkey_cert_records:namedCurves(hd(tls_v1:ecc_curves(1))), - {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, + {COpts0, SOpts0} = ssl_test_lib:make_ec_cert_chains([{server_chain, Default}, {client_chain, Default}], ecdhe_rsa, ecdhe_ecdsa, Config), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECCOpts = [{eccs, [secp256r1, DefaultCurve]}], case ssl_test_lib:supported_eccs(ECCOpts) of @@ -384,23 +382,22 @@ client_ecdhe_rsa_server_ecdhe_ecdsa_client_custom(Config) -> mix_sign(Config) -> mix_sign_rsa_peer(Config), mix_sign_ecdsa_peer(Config). - + mix_sign_ecdsa_peer(Config) -> {COpts0, SOpts0} = ssl_test_lib:make_mix_cert([{mix, peer_ecc} |Config]), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECDHE_ECDSA = - ssl:filter_cipher_suites(ssl:cipher_suites(default, 'tlsv1.2'), + ssl:filter_cipher_suites(ssl:cipher_suites(default, 'tlsv1.2'), [{key_exchange, fun(ecdhe_ecdsa) -> true; (_) -> false end}]), ssl_test_lib:basic_test(COpts, [{ciphers, ECDHE_ECDSA} | SOpts], Config). - + mix_sign_rsa_peer(Config) -> {COpts0, SOpts0} = ssl_test_lib:make_mix_cert([{mix, peer_rsa} |Config]), - COpts = ssl_test_lib:ssl_options(COpts0, Config), + COpts = ssl_test_lib:ssl_options(COpts0, Config), SOpts = ssl_test_lib:ssl_options(SOpts0, Config), ECDHE_RSA = - ssl:filter_cipher_suites(ssl:cipher_suites(default, 'tlsv1.2'), + ssl:filter_cipher_suites(ssl:cipher_suites(default, 'tlsv1.2'), [{key_exchange, fun(ecdhe_rsa) -> true; (_) -> false end}]), ssl_test_lib:basic_test(COpts, [{ciphers, ECDHE_RSA} | SOpts], Config). - |