summaryrefslogtreecommitdiffstats
path: root/security/nss/tests/tools
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-08-14 07:52:35 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-08-14 16:42:52 +0200
commitab1060037931158d3a8bf4c8f9f6cb4dbfe916e9 (patch)
tree5e4677e52b9a349602f04135a44b3000c8baa97b /security/nss/tests/tools
parentf44e99950fc25d16a3cdaffe26dadf7b58a9d38c (diff)
downloadUXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.gz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.lz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.tar.xz
UXP-ab1060037931158d3a8bf4c8f9f6cb4dbfe916e9.zip
Update NSS to 3.38
- Added HACL*Poly1305 32-bit (INRIA/Microsoft) - Updated to final TLS 1.3 draft version (28) - Removed TLS 1.3 prerelease draft limit check - Removed NPN code - Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments - Fixed several bugs with TLS 1.3 negotiation - Updated internal certificate store - Added support for the TLS Record Size Limit Extension. - Fixed CVE-2018-0495 - Various security fixes in the ASN.1 code.
Diffstat (limited to 'security/nss/tests/tools')
-rw-r--r--security/nss/tests/tools/TestRSAPSS.p12bin0 -> 2554 bytes
-rw-r--r--security/nss/tests/tools/tools.sh21
2 files changed, 21 insertions, 0 deletions
diff --git a/security/nss/tests/tools/TestRSAPSS.p12 b/security/nss/tests/tools/TestRSAPSS.p12
new file mode 100644
index 000000000..91473891c
--- /dev/null
+++ b/security/nss/tests/tools/TestRSAPSS.p12
Binary files differ
diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh
index 11be23e05..7cf1ef73f 100644
--- a/security/nss/tests/tools/tools.sh
+++ b/security/nss/tests/tools/tools.sh
@@ -105,6 +105,7 @@ tools_init()
mkdir -p ${TOOLSDIR}/data
cp ${QADIR}/tools/TestOldCA.p12 ${TOOLSDIR}/data
cp ${QADIR}/tools/TestOldAES128CA.p12 ${TOOLSDIR}/data
+ cp ${QADIR}/tools/TestRSAPSS.p12 ${TOOLSDIR}/data
cd ${TOOLSDIR}
}
@@ -436,6 +437,23 @@ tools_p12_import_old_files()
check_tmpfile
}
+tools_p12_import_rsa_pss_private_key()
+{
+ echo "$SCRIPTNAME: Importing RSA-PSS private key from PKCS#12 file --------------"
+ ${BINDIR}/pk12util -i ${TOOLSDIR}/data/TestRSAPSS.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '' 2>&1
+ ret=$?
+ html_msg $ret 0 "Importing RSA-PSS private key from PKCS#12 file"
+ check_tmpfile
+
+ # Check if RSA-PSS identifier is included in the key listing
+ ${BINDIR}/certutil -d ${P_R_COPYDIR} -K -f ${R_PWFILE} | grep '^<[0-9 ]*> *rsaPss'
+ ret=$?
+ html_msg $ret 0 "Listing RSA-PSS private key imported from PKCS#12 file"
+ check_tmpfile
+
+ return $ret
+}
+
############################## tools_p12 ###############################
# local shell function to test basic functionality of pk12util
########################################################################
@@ -448,6 +466,9 @@ tools_p12()
tools_p12_export_with_none_ciphers
tools_p12_export_with_invalid_ciphers
tools_p12_import_old_files
+ if [ "${TEST_MODE}" = "SHARED_DB" ] ; then
+ tools_p12_import_rsa_pss_private_key
+ fi
}
############################## tools_sign ##############################