ssl: Fix test case interopability

IngelaAndin · IngelaAndin · commit 56a3bbd9634d · 2026-04-13T11:42:03.000+02:00
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
@@ -68,6 +68,8 @@
          rsa_schemes/0,
          groups/0,
          groups/1,
+         pqc_groups/0,
+         ec_groups/0,
          group_to_enum/1,
          enum_to_group/1,
          default_groups/0,
@@ -1248,37 +1250,21 @@ ecc_curves(Version) when is_tuple(Version) ->
     ecc_curves(TLSCurves);
 ecc_curves(TLSCurves) ->
     [pubkey_cert_records:namedCurves(Curve) || Curve <- TLSCurves].
- 
+
 groups() ->
     TLSGroups = groups(all),
     groups(TLSGroups).
 
 -spec groups(all | default | TLSGroups :: list()) -> [ssl:group()].
 groups(all) ->
     default_pqc_hybrid_groups() ++
-        [x25519,
-         x448,
-         secp521r1,
-         secp384r1,
-         secp256r1,
-         brainpoolP256r1tls13,
-         brainpoolP384r1tls13,
-         brainpoolP512r1tls13
-         ] ++
+        ec_groups() ++
         other_pqc_hybrid_groups() ++
         pqc_plain_groups() ++
         dhe_groups();
 groups(default) ->
-    default_pqc_hybrid_groups() ++
-        [x25519,
-         x448,
-         secp521r1,
-         secp384r1,
-         secp256r1,
-         brainpoolP512r1tls13,
-         brainpoolP384r1tls13,
-         brainpoolP256r1tls13
-        ];
+    groups(default_pqc_hybrid_groups() ++
+               ec_groups());
 groups(TLSGroups) when is_list(TLSGroups) ->
     CryptoGroups = crypto_supported_groups(),
     lists:filter(fun(x25519mlkem768) ->
@@ -1293,6 +1279,21 @@ groups(TLSGroups) when is_list(TLSGroups) ->
                     (Group) ->
                          proplists:get_bool(maybe_group_to_curve(Group), CryptoGroups)
                  end, TLSGroups).
+ec_groups() ->
+     [x25519,
+      x448,
+      secp521r1,
+      secp384r1,
+      secp256r1,
+      brainpoolP512r1tls13,
+      brainpoolP384r1tls13,
+      brainpoolP256r1tls13
+     ].
+
+pqc_groups() ->
+    default_pqc_hybrid_groups() ++
+        other_pqc_hybrid_groups() ++
+        pqc_plain_groups().
 
 default_pqc_hybrid_groups() ->
     [x25519mlkem768].
diff --git a/lib/ssl/test/openssl_session_ticket_SUITE.erl b/lib/ssl/test/openssl_session_ticket_SUITE.erl
@@ -214,29 +214,29 @@ openssl_server_hrr_multiple_tickets(Config) when is_list(Config) ->
 openssl_server_early_data_basic() ->
     [{doc,"Test early data (erlang client - openssl server)"}].
 openssl_server_early_data_basic(Config) when is_list(Config) ->
-   erlang_client_auto_ticket(Config, [{supported_groups, one_supported_grop()}], [], true).
+   erlang_client_auto_ticket(Config, [{supported_groups, one_supported_grop(Config)}], [], true).
 
 openssl_server_early_data_big() ->
     [{doc,"Send more early data than the max_early_data_size (erlang client - openssl server)"}].
 openssl_server_early_data_big(Config) when is_list(Config) ->
-    erlang_client_auto_ticket(Config, [{supported_groups, one_supported_grop()}, 
+    erlang_client_auto_ticket(Config, [{supported_groups, one_supported_grop(Config)},
                                        {early_data, <<"SampleData">>}], [{early_data, 5}], false).
-    
+
 openssl_server_early_data_manual() ->
     [{doc,"Test sending early data - manual ticket handling (erlang client - openssl server)"}].
 openssl_server_early_data_manual(Config) when is_list(Config) ->
-    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop()}],
+    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop(Config)}],
                                 [{early_data, <<"SampleData">>}], [{early_data, 16384}]).
 
 openssl_server_early_data_manual_2_tickets() ->
     [{doc,"Test sending early data - manual ticket handling, 2 tickets (erlang client - openssl server)"}].
 openssl_server_early_data_manual_2_tickets(Config) when is_list(Config) ->
-    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop()}], 
+    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop(Config)}],
                                 [{early_data, <<"SampleData">>}], [{early_data, 16384}]).
 openssl_server_early_data_manual_2_chacha_tickets() ->
     [{doc,"Test sending early data - manual ticket handling, 2 tickets - chacha (erlang client - openssl server)"}].
 openssl_server_early_data_manual_2_chacha_tickets(Config) when is_list(Config) ->
-    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop()}, {ciphers, ["TLS_CHACHA20_POLY1305_SHA256"]}], 
+    erlang_client_manual_ticket(Config, [{supported_groups, one_supported_grop()}, {ciphers, ["TLS_CHACHA20_POLY1305_SHA256"]}],
                                 [{early_data, <<"SampleData">>}], [{early_data, 16384}]).
 
 openssl_server_early_data_manual_big() ->
@@ -434,8 +434,13 @@ create_request(File, EarlyData) ->
     io:format(S, "~s", [binary_to_list(EarlyData)]),
     file:close(S).
 
-one_supported_grop() ->
-   [hd(ssl:groups())].
+one_supported_grop(Config) ->
+    case proplists:get_value(openssl_version, Config) of
+        "OpenSSL 3.5" ++ _ ->
+            [hd(tls_v1:groups((tls_v1:pqc_groups())))];
+         _ ->
+            [hd(tls_v1:groups(tls_v1:ec_groups()))]
+    end.
 
 verify_early_data([]) ->
     [];
