|
 |
c70942 |
diff -up nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_auth_unittest.cc
|
|
|
c70942 |
--- nss/gtests/ssl_gtest/ssl_auth_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100
|
|
|
c70942 |
+++ nss/gtests/ssl_gtest/ssl_auth_unittest.cc 2019-03-22 11:25:50.523173253 +0100
|
|
|
c70942 |
@@ -728,7 +728,9 @@ static SSLNamedGroup NamedGroupForEcdsa3
|
|
|
c70942 |
// NSS tries to match the group size to the symmetric cipher. In TLS 1.1 and
|
|
|
c70942 |
// 1.0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is the highest priority suite, so
|
|
|
c70942 |
// we use P-384. With TLS 1.2 on we pick AES-128 GCM so use x25519.
|
|
|
c70942 |
- if (version <= SSL_LIBRARY_VERSION_TLS_1_1) {
|
|
|
c70942 |
+ // FIXME: In RHEL, we assign TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
|
|
|
c70942 |
+ // a higher priority than AES-128 GCM.
|
|
|
c70942 |
+ if (version <= SSL_LIBRARY_VERSION_TLS_1_2) {
|
|
|
c70942 |
return ssl_grp_ec_secp384r1;
|
|
|
c70942 |
}
|
|
|
c70942 |
return ssl_grp_ec_curve25519;
|
|
|
c70942 |
@@ -1377,20 +1379,24 @@ INSTANTIATE_TEST_CASE_P(
|
|
|
c70942 |
::testing::Values(TlsAgent::kServerEcdsa256),
|
|
|
c70942 |
::testing::Values(ssl_auth_ecdsa),
|
|
|
c70942 |
::testing::Values(ssl_sig_ecdsa_secp256r1_sha256)));
|
|
|
c70942 |
+ // FIXME: In RHEL, we assign TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
|
|
|
c70942 |
+ // a higher priority than AES-128 GCM, and that causes the following
|
|
|
c70942 |
+ // 3 TLS 1.2 tests to fail.
|
|
|
c70942 |
INSTANTIATE_TEST_CASE_P(
|
|
|
c70942 |
SignatureSchemeEcdsaP384, TlsSignatureSchemeConfiguration,
|
|
|
c70942 |
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
|
|
|
c70942 |
- TlsConnectTestBase::kTlsV12Plus,
|
|
|
c70942 |
+ TlsConnectTestBase::kTlsV13,
|
|
|
c70942 |
::testing::Values(TlsAgent::kServerEcdsa384),
|
|
|
c70942 |
::testing::Values(ssl_auth_ecdsa),
|
|
|
c70942 |
::testing::Values(ssl_sig_ecdsa_secp384r1_sha384)));
|
|
|
c70942 |
INSTANTIATE_TEST_CASE_P(
|
|
|
c70942 |
SignatureSchemeEcdsaP521, TlsSignatureSchemeConfiguration,
|
|
|
c70942 |
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
|
|
|
c70942 |
- TlsConnectTestBase::kTlsV12Plus,
|
|
|
c70942 |
+ TlsConnectTestBase::kTlsV13,
|
|
|
c70942 |
::testing::Values(TlsAgent::kServerEcdsa521),
|
|
|
c70942 |
::testing::Values(ssl_auth_ecdsa),
|
|
|
c70942 |
::testing::Values(ssl_sig_ecdsa_secp521r1_sha512)));
|
|
|
c70942 |
+#if 0
|
|
|
c70942 |
INSTANTIATE_TEST_CASE_P(
|
|
|
c70942 |
SignatureSchemeEcdsaSha1, TlsSignatureSchemeConfiguration,
|
|
|
c70942 |
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
|
|
|
c70942 |
@@ -1399,4 +1405,5 @@ INSTANTIATE_TEST_CASE_P(
|
|
|
c70942 |
TlsAgent::kServerEcdsa384),
|
|
|
c70942 |
::testing::Values(ssl_auth_ecdsa),
|
|
|
c70942 |
::testing::Values(ssl_sig_ecdsa_sha1)));
|
|
|
c70942 |
+#endif
|
|
|
c70942 |
} // namespace nss_test
|
|
|
c70942 |
diff -up nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc
|
|
|
c70942 |
--- nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100
|
|
|
c70942 |
+++ nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc 2019-03-22 11:25:50.523173253 +0100
|
|
|
c70942 |
@@ -71,11 +71,13 @@ void CheckRecordSizes(const std::shared_
|
|
|
c70942 |
break;
|
|
|
c70942 |
|
|
|
c70942 |
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
|
|
|
c70942 |
+ case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
|
|
|
c70942 |
expansion = 16;
|
|
|
c70942 |
iv = 8;
|
|
|
c70942 |
break;
|
|
|
c70942 |
|
|
|
c70942 |
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
|
|
|
c70942 |
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
|
|
|
c70942 |
// Expansion is 20 for the MAC. Maximum block padding is 16. Maximum
|
|
|
c70942 |
// padding is added when the input plus the MAC is an exact multiple of
|
|
|
c70942 |
// the block size.
|
|
|
c70942 |
diff -up nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc
|
|
|
c70942 |
--- nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc.reorder-cipher-suites-gtests 2019-03-16 01:25:08.000000000 +0100
|
|
|
c70942 |
+++ nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc 2019-03-22 11:29:30.452433420 +0100
|
|
|
c70942 |
@@ -133,7 +133,19 @@ TEST_P(TlsConnectGenericPre13, TooLargeR
|
|
|
c70942 |
TEST_P(TlsConnectGeneric, ServerAuthBiggestRsa) {
|
|
|
c70942 |
Reset(TlsAgent::kRsa8192);
|
|
|
c70942 |
Connect();
|
|
|
c70942 |
- CheckKeys();
|
|
|
c70942 |
+ if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
|
|
c70942 |
+ CheckKeys();
|
|
|
c70942 |
+ } else {
|
|
|
c70942 |
+ // in TLS 1.2 or TLS 1.1, AES-256 is selected by default, which
|
|
|
c70942 |
+ // needs a different kea setup
|
|
|
c70942 |
+ SSLSignatureScheme scheme;
|
|
|
c70942 |
+ if (version_ >= SSL_LIBRARY_VERSION_TLS_1_2) {
|
|
|
c70942 |
+ scheme = ssl_sig_rsa_pss_rsae_sha256;
|
|
|
c70942 |
+ } else {
|
|
|
c70942 |
+ scheme = ssl_sig_rsa_pkcs1_sha256;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+ CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp521r1, ssl_auth_rsa_sign, scheme);
|
|
|
c70942 |
+ }
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
} // namespace nss_test
|
|
|
c70942 |
diff -up nss/gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests nss/gtests/ssl_gtest/tls_agent.cc
|
|
|
c70942 |
--- nss/gtests/ssl_gtest/tls_agent.cc.reorder-cipher-suites-gtests 2019-03-22 11:28:19.936944328 +0100
|
|
|
c70942 |
+++ nss/gtests/ssl_gtest/tls_agent.cc 2019-03-22 11:29:58.712828287 +0100
|
|
|
c70942 |
@@ -532,6 +532,9 @@ void TlsAgent::CheckKEA(SSLKEAType kea,
|
|
|
c70942 |
case ssl_grp_ec_secp384r1:
|
|
|
c70942 |
kea_size = 384;
|
|
|
c70942 |
break;
|
|
|
c70942 |
+ case ssl_grp_ec_secp521r1:
|
|
|
c70942 |
+ kea_size = 521;
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
case ssl_grp_ffdhe_2048:
|
|
|
c70942 |
kea_size = 2048;
|
|
|
c70942 |
break;
|