From 3b584332ee6881c5b2f3d32c48bf987752336c60 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Tue, 24 Jan 2017 22:47:18 -0500 Subject: [PATCH] Fix ssl_test with BORINGSSL_ANDROID_SYSTEM. We need to suppress a few tests on the system Android build until RSA-PSS is shipped there. Change-Id: I5843997aae9fa499ec08d76f44fdf3b523599e1c Reviewed-on: https://boringssl-review.googlesource.com/13267 Commit-Queue: David Benjamin Reviewed-by: Adam Langley --- ssl/ssl_test.cc | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index 33ef025d..22a9b7ba 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -1917,6 +1917,12 @@ static bool TestClientHello() { return false; } + // kTLS12ClientHello assumes RSA-PSS, which is disabled for Android system + // builds. +#if defined(BORINGSSL_ANDROID_SYSTEM) + return true; +#endif + static const uint8_t kTLS12ClientHello[] = { 0x16, 0x03, 0x01, 0x00, 0x9a, 0x01, 0x00, 0x00, 0x96, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -3105,8 +3111,14 @@ static bool ForEachVersion(bool (*test_func)(bool is_dtls, const SSL_METHOD *method, uint16_t version)) { static uint16_t kTLSVersions[] = { - SSL3_VERSION, TLS1_VERSION, TLS1_1_VERSION, - TLS1_2_VERSION, TLS1_3_VERSION, + SSL3_VERSION, + TLS1_VERSION, + TLS1_1_VERSION, + TLS1_2_VERSION, +// TLS 1.3 requires RSA-PSS, which is disabled for Android system builds. +#if !defined(BORINGSSL_ANDROID_SYSTEM) + TLS1_3_VERSION, +#endif }; static uint16_t kDTLSVersions[] = {