diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-08-14 07:52:35 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-08-14 16:42:52 +0200 |
commit | ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9 (patch) | |
tree | 5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/gtests/ssl_gtest/tls_agent.h | |
parent | f44e99950fc25d16a3cdaffe26dadf7b58a9d38c (diff) | |
download | UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.gz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.lz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.xz UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.zip |
Update NSS to 3.38
- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.
Diffstat (limited to 'security/nss/gtests/ssl_gtest/tls_agent.h')
-rw-r--r-- | security/nss/gtests/ssl_gtest/tls_agent.h | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h index 6cd6d5073..a93d0c6ee 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.h +++ b/security/nss/gtests/ssl_gtest/tls_agent.h @@ -10,6 +10,9 @@ #include "prio.h" #include "ssl.h" +// This is an internal header, used to get TLS_1_3_DRAFT_VERSION. +#include "ssl3prot.h" + #include <functional> #include <iostream> @@ -57,6 +60,8 @@ typedef std::function<int32_t(TlsAgent* agent, const SECItem* srvNameArr, PRUint32 srvNameArrSize)> SniCallbackFunction; +static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION; + class TlsAgent : public PollTarget { public: enum Role { CLIENT, SERVER }; @@ -64,6 +69,7 @@ class TlsAgent : public PollTarget { static const std::string kClient; // the client key is sign only static const std::string kRsa2048; // bigger sign and encrypt for either + static const std::string kRsa8192; // biggest sign and encrypt for either static const std::string kServerRsa; // both sign and encrypt static const std::string kServerRsaSign; static const std::string kServerRsaPss; @@ -143,8 +149,7 @@ class TlsAgent : public PollTarget { void SendData(size_t bytes, size_t blocksize = 1024); void SendBuffer(const DataBuffer& buf); bool SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec, - uint16_t wireVersion, uint64_t seq, uint8_t ct, - const DataBuffer& buf); + uint64_t seq, uint8_t ct, const DataBuffer& buf); // Send data directly to the underlying socket, skipping the TLS layer. void SendDirect(const DataBuffer& buf); void SendRecordDirect(const TlsRecord& record); @@ -209,10 +214,10 @@ class TlsAgent : public PollTarget { return info_.protocolVersion; } - bool cipher_suite(uint16_t* cipher_suite) const { + bool cipher_suite(uint16_t* suite) const { if (state_ != STATE_CONNECTED) return false; - *cipher_suite = info_.cipherSuite; + *suite = info_.cipherSuite; return true; } @@ -227,17 +232,17 @@ class TlsAgent : public PollTarget { info_.sessionID + info_.sessionIDLength); } - bool auth_type(SSLAuthType* auth_type) const { + bool auth_type(SSLAuthType* a) const { if (state_ != STATE_CONNECTED) return false; - *auth_type = info_.authType; + *a = info_.authType; return true; } - bool kea_type(SSLKEAType* kea_type) const { + bool kea_type(SSLKEAType* k) const { if (state_ != STATE_CONNECTED) return false; - *kea_type = info_.keaType; + *k = info_.keaType; return true; } @@ -264,6 +269,8 @@ class TlsAgent : public PollTarget { void ExpectReceiveAlert(uint8_t alert, uint8_t level = 0); void ExpectSendAlert(uint8_t alert, uint8_t level = 0); + std::string alpn_value_to_use_ = ""; + private: const static char* states[]; @@ -443,6 +450,7 @@ class TlsAgentTestBase : public ::testing::Test { size_t hs_len, DataBuffer* out, uint64_t seq_num, uint32_t fragment_offset, uint32_t fragment_length) const; + DataBuffer MakeCannedTls13ServerHello(); static void MakeTrivialHandshakeRecord(uint8_t hs_type, size_t hs_len, DataBuffer* out); static inline TlsAgent::Role ToRole(const std::string& str) { |