{ "DisabledTests": { "### These tests break whenever we rev versions, so just leave them here for easy uncommenting":"", "*TLS13*":"(NSS=19, BoGo=18)", "*HelloRetryRequest*":"(NSS=19, BoGo=18)", "*KeyShare*":"(NSS=19, BoGo=18)", "*EncryptedExtensions*":"(NSS=19, BoGo=18)", "*SecondClientHello*":"(NSS=19, BoGo=18)", "*IgnoreClientVersionOrder*":"(NSS=19, BoGo=18)", "SkipEarlyData*":"(NSS=19, BoGo=18)", "*Binder*":"(NSS=19, BoGo=18)", "Resume-Server-BinderWrongLength":"Alert disagreement (Bug 1317633)", "Resume-Server-NoPSKBinder":"Alert disagreement (Bug 1317633)", "CheckRecordVersion-TLS*":"Bug 1317634", "GREASE-Server-TLS13":"BoringSSL GREASEs without a flag, but we ignore it", "TLS13-ExpectNoSessionTicketOnBadKEMode-Server":"Bug in NSS. Don't send ticket when not permitted by KE modes (Bug 1317635)", "*KeyUpdate*":"KeyUpdate Unimplemented", "ClientAuth-NoFallback-TLS13":"Disagreement about alerts. Bug 1294975", "SendWarningAlerts-TLS13":"NSS needs to trigger on warning alerts", "NoSupportedCurves":"This tests a non-spec behavior for TLS 1.2 and expects the wrong alert for TLS 1.3", "SendEmptyRecords":"Tests a non-spec behavior in BoGo where it chokes on too many empty records", "LargePlaintext":"NSS needs to check for over-long records. Bug 1294978", "TLS13-RC4-MD5-server":"This fails properly but returns an unexpected error. Not a bug but needs cleanup", "*SSL3*":"NSS disables SSLv3", "*SSLv3*":"NSS disables SSLv3", "*AES256*":"Inconsistent support for AES256", "*AES128-SHA256*":"No support for Suite B ciphers", "DuplicateExtension*":"NSS sends unexpected_extension alert", "WeakDH":"NSS supports 768-bit DH", "SillyDH":"NSS supports 4097-bit DH", "SendWarningAlerts":"This appears to be Boring-specific", "TLS12-AES128-GCM-client":"Bug 1292895", "*TLS12-AES128-GCM-LargeRecord*":"Bug 1292895", "Renegotiate-Client-Forbidden-1":"Bug 1292898", "Renegotiate-Server-Forbidden":"NSS doesn't disable renegotiation by default", "Renegotiate-Client-NoIgnore":"NSS doesn't disable renegotiation by default", "StrayHelloRequest*":"NSS doesn't disable renegotiation by default", "NoSupportedCurves-TLS13":"wanted SSL_ERROR_NO_CYPHER_OVERLAP, got missing extension error", "FragmentedClientVersion":"received a malformed Client Hello handshake message", "UnofferedExtension-Client-TLS13":"nss updated/broken", "UnknownExtension-Client-TLS13":"nss updated/broken", "WrongMessageType-TLS13-EncryptedExtensions":"nss updated/broken", "WrongMessageType-TLS13-CertificateRequest":"nss updated/broken", "WrongMessageType-TLS13-ServerCertificateVerify":"nss updated/broken", "WrongMessageType-TLS13-ServerCertificate":"nss updated/broken", "WrongMessageType-TLS13-ServerFinished":"nss updated/broken", "EncryptedExtensionsWithKeyShare":"nss updated/broken", "EmptyEncryptedExtensions":"nss updated/broken", "TrailingMessageData-*": "Bug 1304575", "DuplicateKeyShares":"Bug 1304578", "Resume-Server-TLS13-TLS13":"Bug 1314351", "SkipEarlyData-Interleaved":"Bug 1336916", "ECDSAKeyUsage-TLS1*":"Bug 1338194", "PointFormat-Client-MissingUncompressed":"We ignore ec_point_formats extensions sent by servers.", "SkipEarlyData-SecondClientHelloEarlyData":"Boring doesn't reject early_data in the 2nd CH but fails later with bad_record_mac.", "SkipEarlyData-*TooMuchData":"Bug 1339373", "UnsolicitedServerNameAck-TLS1*":"Boring wants us to fail with an unexpected_extension alert, we simply ignore ssl_server_name_xtn.", "RequireAnyClientCertificate-TLS1*":"Bug 1339387", "SendExtensionOnClientCertificate-TLS13":"Bug 1339392", "ALPNClient-Mismatch-TLS13":"NSS sends alerts in response to errors in protected handshake messages in the clear", "P224-Server":"NSS doesn't support P-224" }, "ErrorMap" : { ":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:":"SSL_ERROR_NO_CYPHER_OVERLAP", ":UNKNOWN_CIPHER_RETURNED:":"SSL_ERROR_NO_CYPHER_OVERLAP", ":OLD_SESSION_CIPHER_NOT_RETURNED:":"SSL_ERROR_RX_MALFORMED_SERVER_HELLO", ":NO_SHARED_CIPHER:":"SSL_ERROR_NO_CYPHER_OVERLAP", ":DIGEST_CHECK_FAILED:":"SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE" } }