summaryrefslogtreecommitdiffstats
path: root/security/nss/gtests/ssl_gtest
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-12 05:43:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-12 05:43:14 +0000
commit8dd16259287f58f9273002717ec4d27e97127719 (patch)
tree3863e62a53829a84037444beab3abd4ed9dfc7d0 /security/nss/gtests/ssl_gtest
parentReleasing progress-linux version 126.0.1-1~progress7.99u1. (diff)
downloadfirefox-8dd16259287f58f9273002717ec4d27e97127719.tar.xz
firefox-8dd16259287f58f9273002717ec4d27e97127719.zip
Merging upstream version 127.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/gtests/ssl_gtest')
-rw-r--r--security/nss/gtests/ssl_gtest/ssl_certificate_compression_unittest.cc46
1 files changed, 3 insertions, 43 deletions
diff --git a/security/nss/gtests/ssl_gtest/ssl_certificate_compression_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_certificate_compression_unittest.cc
index 01a02502c1..44c6a7e142 100644
--- a/security/nss/gtests/ssl_gtest/ssl_certificate_compression_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_certificate_compression_unittest.cc
@@ -221,6 +221,7 @@ class TLSCertificateToEncodedCertificateChanger : public TlsRecordFilter {
static SECStatus SimpleXorCertCompEncode(const SECItem* input,
SECItem* output) {
SECITEM_CopyItem(NULL, output, input);
+ PORT_Memcpy(output->data, input->data, output->len);
for (size_t i = 0; i < output->len; i++) {
output->data[i] ^= 0x55;
}
@@ -230,7 +231,7 @@ static SECStatus SimpleXorCertCompEncode(const SECItem* input,
/* Test decoding function. */
static SECStatus SimpleXorCertCompDecode(const SECItem* input, SECItem* output,
size_t expectedLenDecodedCertificate) {
- SECITEM_CopyItem(NULL, output, input);
+ PORT_Memcpy(output->data, input->data, input->len);
for (size_t i = 0; i < output->len; i++) {
output->data[i] ^= 0x55;
}
@@ -251,7 +252,7 @@ static SECStatus SimpleXorWithDifferentValueEncode(const SECItem* input,
static SECStatus SimpleXorWithDifferentValueDecode(
const SECItem* input, SECItem* output,
size_t expectedLenDecodedCertificate) {
- SECITEM_CopyItem(NULL, output, input);
+ PORT_Memcpy(output->data, input->data, input->len);
for (size_t i = 0; i < output->len; i++) {
output->data[i] ^= 0x77;
}
@@ -1128,47 +1129,6 @@ TEST_F(TlsConnectStreamTls13, CertificateCompression_ReceivedWrongAlgorithm) {
SEC_ERROR_CERTIFICATE_COMPRESSION_ALGORITHM_NOT_SUPPORTED);
}
-static SECStatus SimpleXorCertCompDecode_length_smaller_than_given(
- const SECItem* input, SECItem* output,
- size_t expectedLenDecodedCertificate) {
- SECITEM_MakeItem(NULL, output, input->data, input->len - 1);
- return SECSuccess;
-}
-
-/*
- * The next test modifies the length of the received certificate
- * (uncompressed_length field of CompressedCertificate).
- */
-TEST_F(TlsConnectStreamTls13, CertificateCompression_ReceivedWrongLength) {
- EnsureTlsSetup();
- auto filterExtension =
- MakeTlsFilter<TLSCertificateCompressionCertificateModifier>(server_, 0x6,
- 0xff);
- SSLCertificateCompressionAlgorithm t = {
- 0xff01, "test function", SimpleXorCertCompEncode,
- SimpleXorCertCompDecode_length_smaller_than_given};
-
- EXPECT_EQ(SECSuccess,
- SSLExp_SetCertificateCompressionAlgorithm(server_->ssl_fd(), t));
- EXPECT_EQ(SECSuccess,
- SSLExp_SetCertificateCompressionAlgorithm(client_->ssl_fd(), t));
-
- ExpectAlert(client_, kTlsAlertBadCertificate);
- StartConnect();
-
- client_->SetServerKeyBits(server_->server_key_bits());
- client_->Handshake();
- server_->Handshake();
-
- ASSERT_TRUE_WAIT((client_->state() != TlsAgent::STATE_CONNECTING), 5000);
- ASSERT_EQ(TlsAgent::STATE_ERROR, client_->state());
-
- client_->ExpectSendAlert(kTlsAlertCloseNotify);
- server_->ExpectReceiveAlert(kTlsAlertCloseNotify);
-
- client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CERTIFICATE);
-}
-
/* The next test modifies the length of the encoded certificate
* (compressed_certificate_message len);
* the new length is compressed_certificate_message is equal to 0.