Issue #1746 - Revert "Update to NSS 3.59.1.1"

author: Moonchild <moonchild@palemoon.org> 2021-03-14 22:47:32 +0000
committer: Moonchild <moonchild@palemoon.org> 2021-03-14 22:47:32 +0000
commit: 52d5ff242f1327c1c6d6e9f7209930c1ec9f7828 (patch)
tree: bcedd9b5bfbe4b97b2dc0fe60a7e83ef6a4ec1e0 /security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc
parent: 0038394c392080b2d2765ccaccd8e84c0d9daf05 (diff)
download: uxp-52d5ff242f1327c1c6d6e9f7209930c1ec9f7828.tar.gz
1 files changed, 10 insertions, 61 deletions
diff --git a/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc
index 7f950422f2..1e4aa2faf2 100644
--- a/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc
@@ -1,5 +1,4 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
@@ -9,10 +8,8 @@
 #include "pk11pub.h"
 #include "secerr.h"
 
-#include "gtest/gtest.h"
 #include "nss_scoped_ptrs.h"
-#include "testvectors/cbc-vectors.h"
-#include "util.h"
+#include "gtest/gtest.h"
 
 namespace nss_test {
 
@@ -256,8 +253,8 @@ TEST_F(Pkcs11CbcPadTest, FailEncryptShortParam) {
   unsigned int encrypted_len = 0;
   size_t input_len = AES_BLOCK_SIZE;
 
-  // CK_NSS_GCM_PARAMS is the largest param struct used across AES modes
-  uint8_t param_buf[sizeof(CK_NSS_GCM_PARAMS)];
+  // CK_GCM_PARAMS is the largest param struct used across AES modes
+  uint8_t param_buf[sizeof(CK_GCM_PARAMS)];
   SECItem param = {siBuffer, param_buf, sizeof(param_buf)};
   SECItem key_item = {siBuffer, const_cast<uint8_t*>(kKeyData), 16};
 
@@ -281,18 +278,18 @@ TEST_F(Pkcs11CbcPadTest, FailEncryptShortParam) {
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECSuccess, rv);
 
-  // GCM should have a CK_NSS_GCM_PARAMS
-  param.len = sizeof(CK_NSS_GCM_PARAMS) - 1;
+  // GCM should have a CK_GCM_PARAMS
+  param.len = sizeof(CK_GCM_PARAMS) - 1;
   rv = PK11_Encrypt(key.get(), CKM_AES_GCM, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECFailure, rv);
 
   param.len++;
-  reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->pIv = param_buf;
-  reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulIvLen = 12;
-  reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->pAAD = nullptr;
-  reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulAADLen = 0;
-  reinterpret_cast<CK_NSS_GCM_PARAMS*>(param.data)->ulTagBits = 128;
+  reinterpret_cast<CK_GCM_PARAMS*>(param.data)->pIv = param_buf;
+  reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulIvLen = 12;
+  reinterpret_cast<CK_GCM_PARAMS*>(param.data)->pAAD = nullptr;
+  reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulAADLen = 0;
+  reinterpret_cast<CK_GCM_PARAMS*>(param.data)->ulTagBits = 128;
   rv = PK11_Encrypt(key.get(), CKM_AES_GCM, &param, encrypted, &encrypted_len,
                     sizeof(encrypted), kInput, input_len);
   EXPECT_EQ(SECSuccess, rv);
@@ -557,52 +554,4 @@ INSTANTIATE_TEST_CASE_P(EncryptDecrypt, Pkcs11CbcPadTest,
                         ::testing::Values(CKM_AES_CBC_PAD, CKM_AES_CBC,
                                           CKM_DES3_CBC_PAD, CKM_DES3_CBC));
 
-class Pkcs11AesCbcWycheproofTest
-    : public ::testing::TestWithParam<AesCbcTestVector> {
- protected:
-  void RunTest(const AesCbcTestVector vec) {
-    bool valid = vec.valid;
-    std::string err = "Test #" + std::to_string(vec.id) + " failed";
-    std::vector<uint8_t> key = hex_string_to_bytes(vec.key);
-    std::vector<uint8_t> iv = hex_string_to_bytes(vec.iv);
-    std::vector<uint8_t> ciphertext = hex_string_to_bytes(vec.ciphertext);
-    std::vector<uint8_t> msg = hex_string_to_bytes(vec.msg);
-    std::vector<uint8_t> decrypted(vec.ciphertext.size());
-    unsigned int decrypted_len = 0;
-
-    ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
-    ASSERT_NE(nullptr, slot);
-
-    // Don't provide a null pointer, even if the length is 0. We don't want to
-    // fail on trivial checks.
-    uint8_t tmp;
-    SECItem iv_item = {siBuffer, iv.data() ? iv.data() : &tmp,
-                       static_cast<unsigned int>(iv.size())};
-    SECItem key_item = {siBuffer, key.data() ? key.data() : &tmp,
-                        static_cast<unsigned int>(key.size())};
-
-    PK11SymKey* pKey = PK11_ImportSymKey(slot.get(), kMech, PK11_OriginUnwrap,
-                                         CKA_ENCRYPT, &key_item, nullptr);
-    ASSERT_NE(nullptr, pKey);
-    ScopedPK11SymKey spKey = ScopedPK11SymKey(pKey);
-
-    SECStatus rv = PK11_Decrypt(spKey.get(), kMech, &iv_item, decrypted.data(),
-                                &decrypted_len, decrypted.size(),
-                                ciphertext.data(), ciphertext.size());
-
-    ASSERT_EQ(valid ? SECSuccess : SECFailure, rv) << err;
-    if (valid) {
-      EXPECT_EQ(msg.size(), static_cast<size_t>(decrypted_len)) << err;
-      EXPECT_EQ(0, memcmp(msg.data(), decrypted.data(), decrypted_len)) << err;
-    }
-  }
-
-  const CK_MECHANISM_TYPE kMech = CKM_AES_CBC_PAD;
-};
-
-TEST_P(Pkcs11AesCbcWycheproofTest, TestVectors) { RunTest(GetParam()); }
-
-INSTANTIATE_TEST_CASE_P(WycheproofTestVector, Pkcs11AesCbcWycheproofTest,
-                        ::testing::ValuesIn(kCbcWycheproofVectors));
-
 }  // namespace nss_test
author	Moonchild <moonchild@palemoon.org>	2021-03-14 22:47:32 +0000
committer	Moonchild <moonchild@palemoon.org>	2021-03-14 22:47:32 +0000
commit	52d5ff242f1327c1c6d6e9f7209930c1ec9f7828 (patch)
tree	bcedd9b5bfbe4b97b2dc0fe60a7e83ef6a4ec1e0 /security/nss/gtests/pk11_gtest/pk11_cbc_unittest.cc
parent	0038394c392080b2d2765ccaccd8e84c0d9daf05 (diff)
download	uxp-52d5ff242f1327c1c6d6e9f7209930c1ec9f7828.tar.gz