diff -up nss/gtests/pk11_gtest/manifest.mn.disable-chacha20 nss/gtests/pk11_gtest/manifest.mn --- nss/gtests/pk11_gtest/manifest.mn.disable-chacha20 2017-01-30 02:06:08.000000000 +0100 +++ nss/gtests/pk11_gtest/manifest.mn 2017-02-17 11:40:26.749019359 +0100 @@ -8,7 +8,6 @@ MODULE = nss CPPSRCS = \ pk11_aeskeywrap_unittest.cc \ - pk11_chacha20poly1305_unittest.cc \ pk11_export_unittest.cc \ pk11_pbkdf2_unittest.cc \ pk11_prf_unittest.cc \ diff -up nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc.disable-chacha20 nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc --- nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc.disable-chacha20 2017-01-30 02:06:08.000000000 +0100 +++ nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc 2017-02-17 11:40:26.749019359 +0100 @@ -326,10 +326,7 @@ INSTANTIATE_CIPHER_TEST_P(AEAD, All, V12 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256); + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384); INSTANTIATE_CIPHER_TEST_P( CBC12, All, V12, kDummyNamedGroupParams, kDummySignatureSchemesParams, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, @@ -361,7 +358,7 @@ INSTANTIATE_CIPHER_TEST_P( INSTANTIATE_CIPHER_TEST_P(TLS13, All, V13, ::testing::ValuesIn(kFasterDHEGroups), ::testing::ValuesIn(kSignatureSchemesParamsArr), - TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, + TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384); INSTANTIATE_CIPHER_TEST_P(TLS13AllGroups, All, V13, ::testing::ValuesIn(kAllDHEGroups), @@ -446,9 +443,7 @@ static const SecStatusParams kSecStatusT {SSL_LIBRARY_VERSION_TLS_1_2, TLS_RSA_WITH_AES_128_GCM_SHA256, "AES-128-GCM", 128}, {SSL_LIBRARY_VERSION_TLS_1_2, TLS_RSA_WITH_AES_256_GCM_SHA384, - "AES-256-GCM", 256}, - {SSL_LIBRARY_VERSION_TLS_1_2, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - "ChaCha20-Poly1305", 256}}; + "AES-256-GCM", 256}}; INSTANTIATE_TEST_CASE_P(TestSecurityStatus, SecurityStatusTest, ::testing::ValuesIn(kSecStatusTestValuesArr)); diff -up nss/gtests/ssl_gtest/ssl_drop_unittest.cc.disable-chacha20 nss/gtests/ssl_gtest/ssl_drop_unittest.cc --- nss/gtests/ssl_gtest/ssl_drop_unittest.cc.disable-chacha20 2017-01-30 02:06:08.000000000 +0100 +++ nss/gtests/ssl_gtest/ssl_drop_unittest.cc 2017-02-17 11:41:03.656247032 +0100 @@ -65,69 +65,4 @@ TEST_P(TlsConnectDatagram, DropServerSec Connect(); } -static void GetCipherAndLimit(uint16_t version, uint16_t* cipher, - uint64_t* limit = nullptr) { - uint64_t l; - if (!limit) limit = &l; - - if (version < SSL_LIBRARY_VERSION_TLS_1_2) { - *cipher = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA; - *limit = 0x5aULL << 28; - } else if (version == SSL_LIBRARY_VERSION_TLS_1_2) { - *cipher = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; - *limit = (1ULL << 48) - 1; - } else { - *cipher = TLS_CHACHA20_POLY1305_SHA256; - *limit = (1ULL << 48) - 1; - } -} - -// This simulates a huge number of drops on one side. -TEST_P(TlsConnectDatagram, MissLotsOfPackets) { - uint16_t cipher; - uint64_t limit; - - GetCipherAndLimit(version_, &cipher, &limit); - - EnsureTlsSetup(); - server_->EnableSingleCipher(cipher); - Connect(); - - // Note that the limit for ChaCha is 2^48-1. - EXPECT_EQ(SECSuccess, - SSLInt_AdvanceWriteSeqNum(client_->ssl_fd(), limit - 10)); - SendReceive(); -} - -class TlsConnectDatagram12Plus : public TlsConnectDatagram { - public: - TlsConnectDatagram12Plus() : TlsConnectDatagram() {} -}; - -// This simulates missing a window's worth of packets. -TEST_P(TlsConnectDatagram12Plus, MissAWindow) { - EnsureTlsSetup(); - uint16_t cipher; - GetCipherAndLimit(version_, &cipher); - server_->EnableSingleCipher(cipher); - Connect(); - - EXPECT_EQ(SECSuccess, SSLInt_AdvanceWriteSeqByAWindow(client_->ssl_fd(), 0)); - SendReceive(); -} - -TEST_P(TlsConnectDatagram12Plus, MissAWindowAndOne) { - EnsureTlsSetup(); - uint16_t cipher; - GetCipherAndLimit(version_, &cipher); - server_->EnableSingleCipher(cipher); - Connect(); - - EXPECT_EQ(SECSuccess, SSLInt_AdvanceWriteSeqByAWindow(client_->ssl_fd(), 1)); - SendReceive(); -} - -INSTANTIATE_TEST_CASE_P(Datagram12Plus, TlsConnectDatagram12Plus, - TlsConnectTestBase::kTlsV12Plus); - } // namespace nss_test diff -up nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc.disable-chacha20 nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc --- nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc.disable-chacha20 2017-02-17 11:40:26.747019401 +0100 +++ nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc 2017-02-17 11:40:26.749019359 +0100 @@ -50,17 +50,6 @@ TEST_P(TlsConnectGeneric, ConnectEcdhe) CheckKeys(); } -// If we pick a 256-bit cipher suite and use a P-384 certificate, the server -// should choose P-384 for key exchange too. Only valid for TLS == 1.2 because -// we don't have 256-bit ciphers before then and 1.3 doesn't try to couple -// DHE size to symmetric size. -TEST_P(TlsConnectTls12, ConnectEcdheP384) { - Reset(TlsAgent::kServerEcdsa384); - ConnectWithCipherSuite(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256); - CheckKeys(ssl_kea_ecdh, ssl_grp_ec_secp384r1, ssl_auth_ecdsa, - ssl_sig_ecdsa_secp256r1_sha256); -} - TEST_P(TlsConnectGeneric, ConnectEcdheP384Client) { EnsureTlsSetup(); const std::vector groups = {ssl_grp_ec_secp384r1,