diff options
Diffstat (limited to 'security/nss/gtests/ssl_gtest/tls_connect.h')
| -rw-r--r-- | security/nss/gtests/ssl_gtest/tls_connect.h | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/security/nss/gtests/ssl_gtest/tls_connect.h b/security/nss/gtests/ssl_gtest/tls_connect.h index 000494501..23c60bf4f 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.h +++ b/security/nss/gtests/ssl_gtest/tls_connect.h @@ -48,6 +48,8 @@ class TlsConnectTestBase : public ::testing::Test { virtual void SetUp(); virtual void TearDown(); + PRTime now() const { return now_; } + // Initialize client and server. void Init(); // Clear the statistics. @@ -131,6 +133,13 @@ class TlsConnectTestBase : public ::testing::Test { // Move the DTLS timers for both endpoints to pop the next timer. void ShiftDtlsTimers(); + void AdvanceTime(PRTime time_shift); + + void ResetAntiReplay(PRTime window); + void RolloverAntiReplay(); + + void SaveAlgorithmPolicy(); + void RestoreAlgorithmPolicy(); protected: SSLProtocolVariant variant_; @@ -142,6 +151,7 @@ class TlsConnectTestBase : public ::testing::Test { SessionResumptionMode expected_resumption_mode_; uint8_t expected_resumptions_; std::vector<std::vector<uint8_t>> session_ids_; + ScopedSSLAntiReplayContext anti_replay_; // A simple value of "a", "b". Note that the preferred value of "a" is placed // at the end, because the NSS API follows the now defunct NPN specification, @@ -149,14 +159,24 @@ class TlsConnectTestBase : public ::testing::Test { // NSS will move this final entry to the front when used with ALPN. const uint8_t alpn_dummy_val_[4] = {0x01, 0x62, 0x01, 0x61}; + // A list of algorithm IDs whose policies need to be preserved + // around test cases. In particular, DSA is checked in + // ssl_extension_unittest.cc. + const std::vector<SECOidTag> algorithms_ = {SEC_OID_APPLY_SSL_POLICY, + SEC_OID_ANSIX9_DSA_SIGNATURE, + SEC_OID_CURVE25519, SEC_OID_SHA1}; + std::vector<std::tuple<SECOidTag, uint32_t>> saved_policies_; + private: void CheckResumption(SessionResumptionMode expected); void CheckExtendedMasterSecret(); void CheckEarlyDataAccepted(); + static PRTime TimeFunc(void* arg); bool expect_extended_master_secret_; bool expect_early_data_accepted_; bool skip_version_checks_; + PRTime now_; // Track groups and make sure that there are no duplicates. class DuplicateGroupChecker { |