better RSA-PSS libcrypto check

aws · Apr 21, 2023 · 8b91df5 · 8b91df5
1 parent ece7aa3
commit 8b91df5
Showing 1 changed file with 2 additions and 8 deletions.
diff --git a/tests/integrationv2/test_client_authentication.py b/tests/integrationv2/test_client_authentication.py
@@ -277,14 +277,8 @@ def test_tls_12_client_auth_downgrade(managed_process):
     # The downgrade occurs because openssl-1.0.2 doesn't support RSA-PSS signature scheme.
     #
     # TLS 1.3 is disabled when s2n-tls is built with libressl and boringssl, so TLS 1.2 will be negotiated
-    # with these libcryptos as well. https://github.com/aws/s2n-tls/issues/3250
-    if any([
-        libcrypto_str in get_flag(S2N_PROVIDER_VERSION) for libcrypto_str in [
-            "openssl-1.0.2",
-            "libressl",
-            "boringssl"
-        ]
-    ]):
+    # with these libcryptos as well. See https://github.com/aws/s2n-tls/issues/3250.
+    if not S2N.supports_signature(Signatures.RSA_PSS_RSAE_SHA256):
         expected_protocol_version = Protocols.TLS12.value
     else:
         expected_protocol_version = Protocols.TLS13.value