Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1363981 - Update tests to use SSLProtocolVariant instead of Mode,…
… r=ttaubert

--HG--
extra : rebase_source : 3e2746698cf0e1a3c27188723a096e473cd82bd0
extra : amend_source : 1878c2012d137979fc475934a14920c53ea3f0f6
extra : histedit_source : 0b73652afa6c74fbf33cd62bda10769be14ca19a
  • Loading branch information
martinthomson committed Apr 30, 2017
1 parent e9be8de commit c546432
Show file tree
Hide file tree
Showing 23 changed files with 252 additions and 254 deletions.
9 changes: 4 additions & 5 deletions cpputil/tls_parser.h
Expand Up @@ -16,7 +16,6 @@
#include <arpa/inet.h>
#endif
#include "databuffer.h"

#include "sslt.h"

namespace nss_test {
Expand Down Expand Up @@ -79,6 +78,10 @@ static const uint8_t kTls13PskDhKe = 1;
static const uint8_t kTls13PskAuth = 0;
static const uint8_t kTls13PskSignAuth = 1;

inline std::ostream& operator<<(std::ostream& os, SSLProtocolVariant v) {
return os << ((v == ssl_variant_stream) ? "TLS" : "DTLS");
}

inline bool IsDtls(uint16_t version) { return (version & 0x8000) == 0x8000; }

inline uint16_t NormalizeTlsVersion(uint16_t version) {
Expand Down Expand Up @@ -135,10 +138,6 @@ class TlsParser {
size_t offset_;
};

inline std::ostream& operator<<(std::ostream& os, SSLProtocolVariant v) {
return os << ((v == ssl_variant_stream) ? "TLS" : "DTLS");
}

} // namespace nss_test

#endif
16 changes: 8 additions & 8 deletions gtests/ssl_gtest/ssl_0rtt_unittest.cc
Expand Up @@ -227,7 +227,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngrade) {
client_->Set0RttEnabled(true);

client_->ExpectSendAlert(kTlsAlertIllegalParameter);
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
}
client_->Handshake();
Expand All @@ -237,7 +237,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngrade) {

// DTLS will timeout as we bump the epoch when installing the early app data
// cipher suite. Thus the encrypted alert will be ignored.
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
// The client sends an encrypted alert message.
ASSERT_TRUE_WAIT(
(server_->error_code() == SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA),
Expand Down Expand Up @@ -269,7 +269,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngradeEarlyData) {
client_->Set0RttEnabled(true);
ZeroRttSendReceive(true, false, [this]() {
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
}
return true;
Expand All @@ -282,7 +282,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngradeEarlyData) {

// DTLS will timeout as we bump the epoch when installing the early app data
// cipher suite. Thus the encrypted alert will be ignored.
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
// The server sends an alert when receiving the early app data record.
ASSERT_TRUE_WAIT(
(server_->error_code() == SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA),
Expand Down Expand Up @@ -316,7 +316,7 @@ TEST_P(TlsConnectTls13, SendTooMuchEarlyData) {

PRInt32 sent;
// Writing more than the limit will succeed in TLS, but fail in DTLS.
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
sent = PR_Write(client_->ssl_fd(), big_message,
static_cast<PRInt32>(strlen(big_message)));
} else {
Expand Down Expand Up @@ -377,7 +377,7 @@ TEST_P(TlsConnectTls13, ReceiveTooMuchEarlyData) {
const PRInt32 message_len = static_cast<PRInt32>(strlen(message));
EXPECT_EQ(message_len, PR_Write(client_->ssl_fd(), message, message_len));

if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
// This error isn't fatal for DTLS.
ExpectAlert(server_, kTlsAlertUnexpectedMessage);
}
Expand All @@ -388,13 +388,13 @@ TEST_P(TlsConnectTls13, ReceiveTooMuchEarlyData) {
// Attempt to read early data.
std::vector<uint8_t> buf(strlen(message) + 1);
EXPECT_GT(0, PR_Read(server_->ssl_fd(), buf.data(), buf.capacity()));
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
server_->CheckErrorCode(SSL_ERROR_TOO_MUCH_EARLY_DATA);
}

client_->Handshake(); // Process the handshake.
client_->Handshake(); // Process the alert.
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
client_->CheckErrorCode(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT);
}
}
Expand Down
13 changes: 7 additions & 6 deletions gtests/ssl_gtest/ssl_agent_unittest.cc
Expand Up @@ -204,14 +204,15 @@ TEST_F(TlsAgentStreamTestServer, Set0RttOptionClientHelloThenRead) {
ProcessMessage(buffer, TlsAgent::STATE_ERROR, SSL_ERROR_BAD_MAC_READ);
}

INSTANTIATE_TEST_CASE_P(AgentTests, TlsAgentTest,
::testing::Combine(TlsAgentTestBase::kTlsRolesAll,
TlsConnectTestBase::kTlsModesStream,
TlsConnectTestBase::kTlsVAll));
INSTANTIATE_TEST_CASE_P(
AgentTests, TlsAgentTest,
::testing::Combine(TlsAgentTestBase::kTlsRolesAll,
TlsConnectTestBase::kTlsVariantsStream,
TlsConnectTestBase::kTlsVAll));
INSTANTIATE_TEST_CASE_P(ClientTests, TlsAgentTestClient,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsVAll));
INSTANTIATE_TEST_CASE_P(ClientTests13, TlsAgentTestClient13,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV13));
} // namespace nss_test
18 changes: 9 additions & 9 deletions gtests/ssl_gtest/ssl_auth_unittest.cc
Expand Up @@ -716,8 +716,8 @@ TEST_F(TlsAgentStreamTestServer, ConfigureCertRsaPss) {
&ServerCertDataRsaPss));
}

// mode, version, certificate, auth type, signature scheme
typedef std::tuple<std::string, uint16_t, std::string, SSLAuthType,
// variant, version, certificate, auth type, signature scheme
typedef std::tuple<SSLProtocolVariant, uint16_t, std::string, SSLAuthType,
SSLSignatureScheme>
SignatureSchemeProfile;

Expand Down Expand Up @@ -778,7 +778,7 @@ TEST_P(TlsSignatureSchemeConfiguration, SignatureSchemeConfigBoth) {
INSTANTIATE_TEST_CASE_P(
SignatureSchemeRsa, TlsSignatureSchemeConfiguration,
::testing::Combine(
TlsConnectTestBase::kTlsModesAll, TlsConnectTestBase::kTlsV12Plus,
TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV12Plus,
::testing::Values(TlsAgent::kServerRsaSign),
::testing::Values(ssl_auth_rsa_sign),
::testing::Values(ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pkcs1_sha384,
Expand All @@ -787,42 +787,42 @@ INSTANTIATE_TEST_CASE_P(
// PSS with SHA-512 needs a bigger key to work.
INSTANTIATE_TEST_CASE_P(
SignatureSchemeBigRsa, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12Plus,
::testing::Values(TlsAgent::kRsa2048),
::testing::Values(ssl_auth_rsa_sign),
::testing::Values(ssl_sig_rsa_pss_sha512)));
INSTANTIATE_TEST_CASE_P(
SignatureSchemeRsaSha1, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12,
::testing::Values(TlsAgent::kServerRsa),
::testing::Values(ssl_auth_rsa_sign),
::testing::Values(ssl_sig_rsa_pkcs1_sha1)));
INSTANTIATE_TEST_CASE_P(
SignatureSchemeEcdsaP256, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12Plus,
::testing::Values(TlsAgent::kServerEcdsa256),
::testing::Values(ssl_auth_ecdsa),
::testing::Values(ssl_sig_ecdsa_secp256r1_sha256)));
INSTANTIATE_TEST_CASE_P(
SignatureSchemeEcdsaP384, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12Plus,
::testing::Values(TlsAgent::kServerEcdsa384),
::testing::Values(ssl_auth_ecdsa),
::testing::Values(ssl_sig_ecdsa_secp384r1_sha384)));
INSTANTIATE_TEST_CASE_P(
SignatureSchemeEcdsaP521, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12Plus,
::testing::Values(TlsAgent::kServerEcdsa521),
::testing::Values(ssl_auth_ecdsa),
::testing::Values(ssl_sig_ecdsa_secp521r1_sha512)));
INSTANTIATE_TEST_CASE_P(
SignatureSchemeEcdsaSha1, TlsSignatureSchemeConfiguration,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV12,
::testing::Values(TlsAgent::kServerEcdsa256,
TlsAgent::kServerEcdsa384),
Expand Down
16 changes: 8 additions & 8 deletions gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
Expand Up @@ -22,17 +22,17 @@ extern "C" {

namespace nss_test {

// mode, version, cipher suite
typedef std::tuple<std::string, uint16_t, uint16_t, SSLNamedGroup,
// variant, version, cipher suite
typedef std::tuple<SSLProtocolVariant, uint16_t, uint16_t, SSLNamedGroup,
SSLSignatureScheme>
CipherSuiteProfile;

class TlsCipherSuiteTestBase : public TlsConnectTestBase {
public:
TlsCipherSuiteTestBase(const std::string &mode, uint16_t version,
TlsCipherSuiteTestBase(SSLProtocolVariant variant, uint16_t version,
uint16_t cipher_suite, SSLNamedGroup group,
SSLSignatureScheme signature_scheme)
: TlsConnectTestBase(mode, version),
: TlsConnectTestBase(variant, version),
cipher_suite_(cipher_suite),
group_(group),
signature_scheme_(signature_scheme),
Expand Down Expand Up @@ -259,7 +259,7 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) {
static const uint8_t payload[18] = {6};
DataBuffer record;
uint64_t epoch;
if (mode_ == DGRAM) {
if (variant_ == ssl_variant_datagram) {
if (version_ == SSL_LIBRARY_VERSION_TLS_1_3) {
epoch = 3; // Application traffic keys.
} else {
Expand All @@ -268,7 +268,7 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) {
} else {
epoch = 0;
}
TlsAgentTestBase::MakeRecord(mode_, kTlsApplicationDataType, version_,
TlsAgentTestBase::MakeRecord(variant_, kTlsApplicationDataType, version_,
payload, sizeof(payload), &record,
(epoch << 48) | record_limit());
server_->adapter()->PacketReceived(record);
Expand Down Expand Up @@ -296,7 +296,7 @@ TEST_P(TlsCipherSuiteTest, WriteLimit) {
k##name##Ciphers = ::testing::ValuesIn(k##name##CiphersArr); \
INSTANTIATE_TEST_CASE_P( \
CipherSuite##name, TlsCipherSuiteTest, \
::testing::Combine(TlsConnectTestBase::kTlsModes##modes, \
::testing::Combine(TlsConnectTestBase::kTlsVariants##modes, \
TlsConnectTestBase::kTls##versions, k##name##Ciphers, \
groups, sigalgs));

Expand Down Expand Up @@ -405,7 +405,7 @@ class SecurityStatusTest
public ::testing::WithParamInterface<SecStatusParams> {
public:
SecurityStatusTest()
: TlsCipherSuiteTestBase("TLS", GetParam().version,
: TlsCipherSuiteTestBase(ssl_variant_stream, GetParam().version,
GetParam().cipher_suite, ssl_grp_none,
ssl_sig_none) {}
};
Expand Down
2 changes: 1 addition & 1 deletion gtests/ssl_gtest/ssl_damage_unittest.cc
Expand Up @@ -82,7 +82,7 @@ TEST_P(TlsConnectTls13, DamageServerSignature) {
filter->EnableDecryption();
client_->ExpectSendAlert(kTlsAlertDecryptError);
// The server can't read the client's alert, so it also sends an alert.
if (mode_ == STREAM) {
if (variant_ == ssl_variant_stream) {
server_->ExpectSendAlert(kTlsAlertBadRecordMac);
ConnectExpectFail();
server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
Expand Down
15 changes: 8 additions & 7 deletions gtests/ssl_gtest/ssl_dhe_unittest.cc
Expand Up @@ -272,10 +272,11 @@ class TlsDheSkeChangeYClient : public TlsDheSkeChangeY {
std::shared_ptr<const TlsDheSkeChangeYServer> server_filter_;
};

/* This matrix includes: mode (stream/datagram), TLS version, what change to
/* This matrix includes: variant (stream/datagram), TLS version, what change to
* make to dh_Ys, whether the client will be configured to require DH named
* groups. Test all combinations. */
typedef std::tuple<std::string, uint16_t, TlsDheSkeChangeY::ChangeYTo, bool>
typedef std::tuple<SSLProtocolVariant, uint16_t, TlsDheSkeChangeY::ChangeYTo,
bool>
DamageDHYProfile;
class TlsDamageDHYTest
: public TlsConnectTestBase,
Expand Down Expand Up @@ -358,13 +359,13 @@ static const bool kTrueFalseArr[] = {true, false};
static ::testing::internal::ParamGenerator<bool> kTrueFalse =
::testing::ValuesIn(kTrueFalseArr);

INSTANTIATE_TEST_CASE_P(DamageYStream, TlsDamageDHYTest,
::testing::Combine(TlsConnectTestBase::kTlsModesStream,
TlsConnectTestBase::kTlsV10ToV12,
kAllY, kTrueFalse));
INSTANTIATE_TEST_CASE_P(
DamageYStream, TlsDamageDHYTest,
::testing::Combine(TlsConnectTestBase::kTlsVariantsStream,
TlsConnectTestBase::kTlsV10ToV12, kAllY, kTrueFalse));
INSTANTIATE_TEST_CASE_P(
DamageYDatagram, TlsDamageDHYTest,
::testing::Combine(TlsConnectTestBase::kTlsModesDatagram,
::testing::Combine(TlsConnectTestBase::kTlsVariantsDatagram,
TlsConnectTestBase::kTlsV11V12, kAllY, kTrueFalse));

class TlsDheSkeMakePEven : public TlsHandshakeFilter {
Expand Down
4 changes: 2 additions & 2 deletions gtests/ssl_gtest/ssl_ecdh_unittest.cc
Expand Up @@ -574,12 +574,12 @@ TEST_P(TlsConnectGenericPre13, ConnectECDHEmptyClientPoint) {
}

INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV11Plus));

#ifndef NSS_DISABLE_TLS_1_3
INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest13,
::testing::Combine(TlsConnectTestBase::kTlsModesAll,
::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
TlsConnectTestBase::kTlsV13));
#endif

Expand Down

0 comments on commit c546432

Please sign in to comment.