diff -up nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc.disable-pss-gtests nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc --- nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc.disable-pss-gtests 2017-02-17 14:20:06.000000000 +0100 +++ nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc 2017-03-24 17:45:58.439916101 +0100 @@ -69,7 +69,7 @@ TEST_P(TlsConnectGeneric, ConnectEcdheP3 server_->ConfigNamedGroups(groups); Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); } // This causes a HelloRetryRequest in TLS 1.3. Earlier versions don't care. @@ -82,7 +82,7 @@ TEST_P(TlsConnectGeneric, ConnectEcdheP3 server_->ConfigNamedGroups(groups); Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); EXPECT_EQ(version_ == SSL_LIBRARY_VERSION_TLS_1_3, hrr_capture->buffer().len() != 0); } @@ -112,7 +112,7 @@ TEST_P(TlsKeyExchangeTest, P384Priority) Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); std::vector shares = {ssl_grp_ec_secp384r1}; CheckKEXDetails(groups, shares); @@ -129,7 +129,7 @@ TEST_P(TlsKeyExchangeTest, DuplicateGrou Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); std::vector shares = {ssl_grp_ec_secp384r1}; std::vector expectedGroups = {ssl_grp_ec_secp384r1, @@ -147,7 +147,7 @@ TEST_P(TlsKeyExchangeTest, P384PriorityD Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) { std::vector shares = {ssl_grp_ec_secp384r1}; @@ -172,7 +172,7 @@ TEST_P(TlsConnectGenericPre13, P384Prior Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); } TEST_P(TlsConnectGenericPre13, P384PriorityFromModelSocket) { @@ -188,7 +188,7 @@ TEST_P(TlsConnectGenericPre13, P384Prior Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); } class TlsKeyExchangeGroupCapture : public TlsHandshakeFilter { @@ -276,7 +276,7 @@ TEST_P(TlsConnectStreamPre13, Configured Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); CheckConnected(); // The renegotiation has to use the same preferences as the original session. @@ -284,7 +284,7 @@ TEST_P(TlsConnectStreamPre13, Configured client_->StartRenegotiate(); Handshake(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); } TEST_P(TlsKeyExchangeTest, Curve25519) { @@ -318,7 +318,7 @@ TEST_P(TlsConnectGenericPre13, GroupPref Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_curve25519, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); } #ifndef NSS_DISABLE_TLS_1_3 @@ -337,7 +337,7 @@ TEST_P(TlsKeyExchangeTest13, Curve25519P Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_secp256r1}; CheckKEXDetails(client_groups, shares); } @@ -357,7 +357,7 @@ TEST_P(TlsKeyExchangeTest13, Curve25519P Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_curve25519, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519}; CheckKEXDetails(client_groups, shares); } @@ -379,7 +379,7 @@ TEST_P(TlsKeyExchangeTest13, EqualPriori Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519}; CheckKEXDetails(client_groups, shares, ssl_grp_ec_secp256r1); } @@ -401,7 +401,7 @@ TEST_P(TlsKeyExchangeTest13, NotEqualPri Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519}; CheckKEXDetails(client_groups, shares, ssl_grp_ec_secp256r1); } @@ -423,7 +423,7 @@ TEST_P(TlsKeyExchangeTest13, Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519}; CheckKEXDetails(client_groups, shares, ssl_grp_ec_secp256r1); } @@ -445,7 +445,7 @@ TEST_P(TlsKeyExchangeTest13, Connect(); CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519}; CheckKEXDetails(client_groups, shares, ssl_grp_ec_secp256r1); } @@ -507,7 +507,7 @@ TEST_P(TlsKeyExchangeTest13, MultipleCli // The server would accept 25519 but its preferred group (P256) has to win. CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp256r1, ssl_auth_rsa_sign, - ssl_sig_rsa_pss_sha256); + ssl_sig_rsa_pkcs1_sha256); const std::vector shares = {ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1}; CheckKEXDetails(client_groups, shares);