summaryrefslogtreecommitdiffstats
path: root/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-02-23 11:04:39 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-23 11:04:39 +0100
commitf1a0f0a56fdd0fc39f255174ce08c06b91c66c94 (patch)
tree99ccc8e212257e1da1902036ae261e8e55d55c1c /security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
parent8781f745556be5d7402d0f3adc67ecfe32fe04a0 (diff)
downloadUXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar
UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.gz
UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.lz
UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.tar.xz
UXP-f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.zip
Update NSS to 3.35-RTM
Diffstat (limited to 'security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc')
-rw-r--r--security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc24
1 files changed, 4 insertions, 20 deletions
diff --git a/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
index 69fd00331..d1668b823 100644
--- a/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
@@ -29,8 +29,7 @@ TEST_F(TlsConnectTest, DamageSecretHandleClientFinished) {
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_3);
- server_->StartConnect();
- client_->StartConnect();
+ StartConnect();
client_->Handshake();
server_->Handshake();
std::cerr << "Damaging HS secret" << std::endl;
@@ -51,16 +50,12 @@ TEST_F(TlsConnectTest, DamageSecretHandleServerFinished) {
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_3);
- client_->ExpectSendAlert(kTlsAlertDecryptError);
- // The server can't read the client's alert, so it also sends an alert.
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
server_->SetPacketFilter(std::make_shared<AfterRecordN>(
server_, client_,
0, // ServerHello.
[this]() { SSLInt_DamageServerHsTrafficSecret(client_->ssl_fd()); }));
- ConnectExpectFail();
+ ConnectExpectAlert(client_, kTlsAlertDecryptError);
client_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
}
TEST_P(TlsConnectGenericPre13, DamageServerSignature) {
@@ -79,16 +74,7 @@ TEST_P(TlsConnectTls13, DamageServerSignature) {
auto filter =
std::make_shared<TlsLastByteDamager>(kTlsHandshakeCertificateVerify);
server_->SetTlsRecordFilter(filter);
- filter->EnableDecryption();
- client_->ExpectSendAlert(kTlsAlertDecryptError);
- // The server can't read the client's alert, so it also sends an alert.
- if (variant_ == ssl_variant_stream) {
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
- ConnectExpectFail();
- server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
- } else {
- ConnectExpectFailOneSide(TlsAgent::CLIENT);
- }
+ ConnectExpectAlert(client_, kTlsAlertDecryptError);
client_->CheckErrorCode(SEC_ERROR_BAD_SIGNATURE);
}
@@ -100,11 +86,9 @@ TEST_P(TlsConnectGeneric, DamageClientSignature) {
std::make_shared<TlsLastByteDamager>(kTlsHandshakeCertificateVerify);
client_->SetTlsRecordFilter(filter);
server_->ExpectSendAlert(kTlsAlertDecryptError);
- filter->EnableDecryption();
// Do these handshakes by hand to avoid race condition on
// the client processing the server's alert.
- client_->StartConnect();
- server_->StartConnect();
+ StartConnect();
client_->Handshake();
server_->Handshake();
client_->Handshake();
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-22 12:35:51 +0000