mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 05:41:12 +00:00
Bug 1345368 - land NSS 6fafb8fd9ff4, r=me
--HG-- extra : rebase_source : 947524eb4e61414a5809df3453946b32882fdf17
This commit is contained in:
parent
990418f338
commit
aa22632bd1
@ -1 +1 @@
|
||||
dec8c06d7ed9
|
||||
6fafb8fd9ff4
|
||||
|
@ -19,43 +19,7 @@ source "$cwd"/coreconf/sanitizers.sh
|
||||
# Usage info
|
||||
show_help()
|
||||
{
|
||||
cat << EOF
|
||||
Usage: ${0##*/} [-hcv] [-j <n>] [--nspr] [--gyp|-g] [--opt|-o] [-m32]
|
||||
[--test] [--pprof] [--scan-build[=output]] [--ct-verif]
|
||||
[--asan] [--ubsan] [--msan] [--sancov[=edge|bb|func|...]]
|
||||
[--disable-tests] [--fuzz[=tls|oss]]
|
||||
|
||||
This script builds NSS with gyp and ninja.
|
||||
|
||||
This build system is still under development. It does not yet support all
|
||||
the features or platforms that NSS supports.
|
||||
|
||||
NSS build tool options:
|
||||
|
||||
-h display this help and exit
|
||||
-c clean before build
|
||||
-v verbose build
|
||||
-j <n> run at most <n> concurrent jobs
|
||||
--nspr force a rebuild of NSPR
|
||||
--gyp|-g force a rerun of gyp
|
||||
--opt|-o do an opt build
|
||||
-m32 do a 32-bit build on a 64-bit system
|
||||
--test ignore map files and export everything we have
|
||||
--fuzz build fuzzing targets (this always enables test builds)
|
||||
--fuzz=tls to enable TLS fuzzing mode
|
||||
--fuzz=oss to build for OSS-Fuzz
|
||||
--pprof build with gperftool support
|
||||
--ct-verif build with valgrind for ct-verif
|
||||
--scan-build run the build with scan-build (scan-build has to be in the path)
|
||||
--scan-build=/out/path sets the output path for scan-build
|
||||
--asan do an asan build
|
||||
--ubsan do an ubsan build
|
||||
--ubsan=bool,shift,... sets specific UB sanitizers
|
||||
--msan do an msan build
|
||||
--sancov do sanitize coverage builds
|
||||
--sancov=func sets coverage to function level for example
|
||||
--disable-tests don't build tests and corresponding cmdline utils
|
||||
EOF
|
||||
cat "$cwd"/help.txt
|
||||
}
|
||||
|
||||
run_verbose()
|
||||
@ -84,6 +48,7 @@ verbose=0
|
||||
fuzz=0
|
||||
fuzz_tls=0
|
||||
fuzz_oss=0
|
||||
no_local_nspr=0
|
||||
|
||||
gyp_params=(--depth="$cwd" --generator-output=".")
|
||||
nspr_params=()
|
||||
@ -121,6 +86,9 @@ while [ $# -gt 0 ]; do
|
||||
--ct-verif) gyp_params+=(-Dct_verif=1) ;;
|
||||
--disable-tests) gyp_params+=(-Ddisable_tests=1) ;;
|
||||
--no-zdefs) gyp_params+=(-Dno_zdefs=1) ;;
|
||||
--system-sqlite) gyp_params+=(-Duse_system_sqlite=1) ;;
|
||||
--with-nspr=?*) set_nspr_path "${1#*=}"; no_local_nspr=1 ;;
|
||||
--system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;;
|
||||
*) show_help; exit 2 ;;
|
||||
esac
|
||||
shift
|
||||
@ -207,7 +175,7 @@ fi
|
||||
mkdir -p "$dist_dir"
|
||||
echo $target > "$dist_dir"/latest
|
||||
|
||||
if [ "$rebuild_nspr" = 1 ]; then
|
||||
if [[ "$rebuild_nspr" = 1 && "$no_local_nspr" = 0 ]]; then
|
||||
nspr_build "${nspr_params[@]}"
|
||||
mv -f "$nspr_config".new "$nspr_config"
|
||||
fi
|
||||
@ -216,8 +184,9 @@ if [ "$rebuild_gyp" = 1 ]; then
|
||||
# These extra arguments aren't used in determining whether to rebuild.
|
||||
obj_dir="$dist_dir"/$target
|
||||
gyp_params+=(-Dnss_dist_obj_dir=$obj_dir)
|
||||
gyp_params+=(-Dnspr_lib_dir=$obj_dir/lib)
|
||||
gyp_params+=(-Dnspr_include_dir=$obj_dir/include/nspr)
|
||||
if [ "$no_local_nspr" = 0 ]; then
|
||||
set_nspr_path "$obj_dir/include/nspr:$obj_dir/lib"
|
||||
fi
|
||||
|
||||
run_verbose run_scanbuild gyp -f ninja "${gyp_params[@]}" "$cwd"/nss.gyp
|
||||
|
||||
|
@ -494,7 +494,7 @@ static char *disableReasonStr[] = {
|
||||
"could not verify token",
|
||||
"token not present"
|
||||
};
|
||||
static int numDisableReasonStr =
|
||||
static size_t numDisableReasonStr =
|
||||
sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
|
||||
|
||||
/***********************************************************************
|
||||
@ -513,7 +513,7 @@ ListModule(char *moduleName)
|
||||
CK_SLOT_INFO slotinfo;
|
||||
CK_TOKEN_INFO tokeninfo;
|
||||
char *ciphers, *mechanisms;
|
||||
PK11DisableReasons reason;
|
||||
size_t reasonIdx;
|
||||
Error rv = SUCCESS;
|
||||
|
||||
if (!moduleName) {
|
||||
@ -604,10 +604,10 @@ ListModule(char *moduleName)
|
||||
PR_fprintf(PR_STDOUT, PAD "Firmware Version: %d.%d\n",
|
||||
slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
|
||||
if (PK11_IsDisabled(slot)) {
|
||||
reason = PK11_GetDisabledReason(slot);
|
||||
if (reason < numDisableReasonStr) {
|
||||
reasonIdx = PK11_GetDisabledReason(slot);
|
||||
if (reasonIdx < numDisableReasonStr) {
|
||||
PR_fprintf(PR_STDOUT, PAD "Status: DISABLED (%s)\n",
|
||||
disableReasonStr[reason]);
|
||||
disableReasonStr[reasonIdx]);
|
||||
} else {
|
||||
PR_fprintf(PR_STDOUT, PAD "Status: DISABLED\n");
|
||||
}
|
||||
|
@ -10,4 +10,3 @@
|
||||
*/
|
||||
|
||||
#error "Do not include this header file."
|
||||
|
||||
|
@ -49,3 +49,11 @@ nspr_clean()
|
||||
{
|
||||
rm -rf "$cwd"/../nspr/$target
|
||||
}
|
||||
|
||||
set_nspr_path()
|
||||
{
|
||||
local include=$(echo "$1" | cut -d: -f1)
|
||||
local lib=$(echo "$1" | cut -d: -f2)
|
||||
gyp_params+=(-Dnspr_include_dir="$include")
|
||||
gyp_params+=(-Dnspr_lib_dir="$lib")
|
||||
}
|
||||
|
@ -10,8 +10,12 @@
|
||||
int main(int argc, char **argv) {
|
||||
::testing::InitGoogleTest(&argc, argv);
|
||||
|
||||
NSS_NoDB_Init(nullptr);
|
||||
NSS_SetDomesticPolicy();
|
||||
if (NSS_NoDB_Init(nullptr) != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
if (NSS_SetDomesticPolicy() != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
int rv = RUN_ALL_TESTS();
|
||||
|
||||
if (NSS_Shutdown() != SECSuccess) {
|
||||
|
@ -35,7 +35,28 @@
|
||||
],
|
||||
}],
|
||||
],
|
||||
}
|
||||
},
|
||||
{
|
||||
'target_name': 'prng_gtest',
|
||||
'type': 'executable',
|
||||
'sources': [
|
||||
'prng_kat_unittest.cc',
|
||||
],
|
||||
'dependencies': [
|
||||
'<(DEPTH)/exports.gyp:nss_exports',
|
||||
'<(DEPTH)/lib/util/util.gyp:nssutil3',
|
||||
'<(DEPTH)/gtests/google_test/google_test.gyp:gtest',
|
||||
'<(DEPTH)/lib/nss/nss.gyp:nss_static',
|
||||
'<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static',
|
||||
'<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi',
|
||||
'<(DEPTH)/lib/certhigh/certhigh.gyp:certhi',
|
||||
'<(DEPTH)/lib/certdb/certdb.gyp:certdb',
|
||||
'<(DEPTH)/lib/base/base.gyp:nssb',
|
||||
'<(DEPTH)/lib/dev/dev.gyp:nssdev',
|
||||
'<(DEPTH)/lib/pki/pki.gyp:nsspki',
|
||||
'<(DEPTH)/lib/ssl/ssl.gyp:ssl',
|
||||
],
|
||||
},
|
||||
],
|
||||
'target_defaults': {
|
||||
'include_dirs': [
|
||||
|
17702
security/nss/gtests/freebl_gtest/kat/Hash_DRBG.rsp
Normal file
17702
security/nss/gtests/freebl_gtest/kat/Hash_DRBG.rsp
Normal file
File diff suppressed because it is too large
Load Diff
44582
security/nss/gtests/freebl_gtest/kat/Hash_DRBG.txt
Normal file
44582
security/nss/gtests/freebl_gtest/kat/Hash_DRBG.txt
Normal file
File diff suppressed because it is too large
Load Diff
195
security/nss/gtests/freebl_gtest/prng_kat_unittest.cc
Normal file
195
security/nss/gtests/freebl_gtest/prng_kat_unittest.cc
Normal file
@ -0,0 +1,195 @@
|
||||
// This Source Code Form is subject to the terms of the Mozilla Public
|
||||
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
// You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
#include "nspr.h"
|
||||
#include "nss.h"
|
||||
#include "ssl.h"
|
||||
|
||||
#include <cstdlib>
|
||||
#include <fstream>
|
||||
#include <string>
|
||||
|
||||
#define GTEST_HAS_RTTI 0
|
||||
#include "gtest/gtest.h"
|
||||
|
||||
#include "blapi.h"
|
||||
|
||||
namespace nss_test {
|
||||
|
||||
typedef struct PRNGTestValuesStr {
|
||||
std::vector<uint8_t> entropy;
|
||||
std::vector<uint8_t> nonce;
|
||||
std::vector<uint8_t> personal;
|
||||
std::vector<uint8_t> expected_result;
|
||||
std::vector<uint8_t> additional_entropy;
|
||||
std::vector<uint8_t> additional_input_reseed;
|
||||
std::vector<std::vector<uint8_t>> additional_input;
|
||||
} PRNGTestValues;
|
||||
|
||||
std::vector<PRNGTestValues> test_vector;
|
||||
|
||||
bool contains(std::string& s, const char* to_find) {
|
||||
return s.find(to_find) != std::string::npos;
|
||||
}
|
||||
|
||||
std::string trim(std::string str) {
|
||||
std::string whitespace = " \t";
|
||||
const auto strBegin = str.find_first_not_of(whitespace);
|
||||
if (strBegin == std::string::npos) {
|
||||
return "";
|
||||
}
|
||||
const auto strEnd = str.find_last_not_of(whitespace);
|
||||
const auto strRange = strEnd - strBegin + 1;
|
||||
return str.substr(strBegin, strRange);
|
||||
}
|
||||
|
||||
std::vector<uint8_t> hex_string_to_bytes(std::string s) {
|
||||
std::vector<uint8_t> bytes;
|
||||
for (size_t i = 0; i < s.length() - 1; i += 2) {
|
||||
bytes.push_back(std::stoul(s.substr(i, 2), nullptr, 16));
|
||||
}
|
||||
return bytes;
|
||||
}
|
||||
|
||||
std::vector<uint8_t> read_option_s(std::string& s) {
|
||||
size_t start = s.find("=") + 1;
|
||||
assert(start > 0);
|
||||
return hex_string_to_bytes(trim(s.substr(start, s.find("]", start))));
|
||||
}
|
||||
|
||||
void print_bytes(std::vector<uint8_t> bytes, std::string name) {
|
||||
std::cout << name << ": ";
|
||||
for (auto b : bytes) {
|
||||
std::cout << std::setfill('0') << std::setw(2) << std::hex
|
||||
<< static_cast<int>(b);
|
||||
}
|
||||
std::cout << std::endl;
|
||||
}
|
||||
|
||||
static void ReadFile(const std::string file_name) {
|
||||
std::ifstream infile(file_name);
|
||||
std::string line;
|
||||
|
||||
// Variables holding the input for each test.
|
||||
bool valid_option = false;
|
||||
|
||||
// Read the file.
|
||||
std::streampos pos;
|
||||
while (std::getline(infile, line)) {
|
||||
// We only implement SHA256. Skip all other tests.
|
||||
if (contains(line, "[SHA-")) {
|
||||
valid_option = contains(line, "[SHA-256]");
|
||||
}
|
||||
if (!valid_option) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// We ignore the options and infer them from the test case.
|
||||
|
||||
PRNGTestValues test;
|
||||
if (line.find("COUNT =")) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Read test input.
|
||||
do {
|
||||
pos = infile.tellg();
|
||||
std::getline(infile, line);
|
||||
if (contains(line, "EntropyInput ")) {
|
||||
test.entropy = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "Nonce")) {
|
||||
test.nonce = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "PersonalizationString")) {
|
||||
test.personal = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "AdditionalInput ")) {
|
||||
test.additional_input.push_back(read_option_s(line));
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "EntropyInputReseed")) {
|
||||
test.additional_entropy = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "AdditionalInputReseed")) {
|
||||
test.additional_input_reseed = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
if (contains(line, "ReturnedBits")) {
|
||||
test.expected_result = read_option_s(line);
|
||||
continue;
|
||||
}
|
||||
} while (!infile.eof() && line.find("COUNT =") && line.find("["));
|
||||
|
||||
// Save test case.
|
||||
test_vector.push_back(test);
|
||||
test = {};
|
||||
infile.seekg(pos);
|
||||
}
|
||||
}
|
||||
|
||||
class PRNGTest : public ::testing::TestWithParam<PRNGTestValues> {
|
||||
protected:
|
||||
void RunTest(PRNGTestValues test) {
|
||||
ASSERT_EQ(2U, test.additional_input.size());
|
||||
SECStatus rv = PRNGTEST_Instantiate_Kat(
|
||||
test.entropy.data(), test.entropy.size(), test.nonce.data(),
|
||||
test.nonce.size(), test.personal.data(), test.personal.size());
|
||||
ASSERT_EQ(SECSuccess, rv);
|
||||
rv = PRNGTEST_Reseed(test.additional_entropy.data(),
|
||||
test.additional_entropy.size(),
|
||||
test.additional_input_reseed.data(),
|
||||
test.additional_input_reseed.size());
|
||||
ASSERT_EQ(SECSuccess, rv);
|
||||
|
||||
// Generate bytes.
|
||||
uint8_t bytes[128];
|
||||
PRNGTEST_Generate(bytes, 128, test.additional_input[0].data(),
|
||||
test.additional_input[0].size());
|
||||
PRNGTEST_Generate(bytes, 128, test.additional_input[1].data(),
|
||||
test.additional_input[1].size());
|
||||
std::vector<uint8_t> result(bytes, bytes + 128);
|
||||
if (result != test.expected_result) {
|
||||
print_bytes(result, "result ");
|
||||
print_bytes(test.expected_result, "expected");
|
||||
}
|
||||
ASSERT_EQ(test.expected_result, result);
|
||||
rv = PRNGTEST_Uninstantiate();
|
||||
ASSERT_EQ(SECSuccess, rv);
|
||||
}
|
||||
};
|
||||
|
||||
TEST_P(PRNGTest, HashDRBG) { RunTest(GetParam()); }
|
||||
|
||||
INSTANTIATE_TEST_CASE_P(NISTTestVector, PRNGTest,
|
||||
::testing::ValuesIn(test_vector));
|
||||
|
||||
} // nss_test
|
||||
|
||||
int main(int argc, char** argv) {
|
||||
if (argc < 2) {
|
||||
std::cout << "usage: prng_gtest <.rsp file>" << std::endl;
|
||||
return 1;
|
||||
}
|
||||
|
||||
nss_test::ReadFile(argv[1]);
|
||||
assert(!nss_test::test_vector.empty());
|
||||
|
||||
::testing::InitGoogleTest(&argc, argv);
|
||||
|
||||
if (NSS_NoDB_Init(nullptr) != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
int rv = RUN_ALL_TESTS();
|
||||
|
||||
if (NSS_Shutdown() != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
return rv;
|
||||
}
|
@ -31,12 +31,18 @@ int main(int argc, char** argv) {
|
||||
}
|
||||
}
|
||||
|
||||
NSS_Initialize(g_working_dir_path.c_str(), "", "", SECMOD_DB,
|
||||
NSS_INIT_READONLY);
|
||||
NSS_SetDomesticPolicy();
|
||||
if (NSS_Initialize(g_working_dir_path.c_str(), "", "", SECMOD_DB,
|
||||
NSS_INIT_READONLY) != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
if (NSS_SetDomesticPolicy() != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
int rv = RUN_ALL_TESTS();
|
||||
|
||||
NSS_Shutdown();
|
||||
if (NSS_Shutdown() != SECSuccess) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
nss_test::Poller::Shutdown();
|
||||
|
||||
|
42
security/nss/help.txt
Normal file
42
security/nss/help.txt
Normal file
@ -0,0 +1,42 @@
|
||||
Usage: ${0##*/} [-hcv] [-j <n>] [--nspr] [--gyp|-g] [--opt|-o] [-m32]
|
||||
[--test] [--pprof] [--scan-build[=output]] [--ct-verif]
|
||||
[--asan] [--ubsan] [--msan] [--sancov[=edge|bb|func|...]]
|
||||
[--disable-tests] [--fuzz[=tls|oss]] [--system-sqlite]
|
||||
[--no-zdefs] [--with-nspr] [--system-nspr]
|
||||
|
||||
This script builds NSS with gyp and ninja.
|
||||
|
||||
This build system is still under development. It does not yet support all
|
||||
the features or platforms that NSS supports.
|
||||
|
||||
NSS build tool options:
|
||||
|
||||
-h display this help and exit
|
||||
-c clean before build
|
||||
-v verbose build
|
||||
-j <n> run at most <n> concurrent jobs
|
||||
--nspr force a rebuild of NSPR
|
||||
--gyp|-g force a rerun of gyp
|
||||
--opt|-o do an opt build
|
||||
-m32 do a 32-bit build on a 64-bit system
|
||||
--test ignore map files and export everything we have
|
||||
--fuzz build fuzzing targets (this always enables test builds)
|
||||
--fuzz=tls to enable TLS fuzzing mode
|
||||
--fuzz=oss to build for OSS-Fuzz
|
||||
--pprof build with gperftool support
|
||||
--ct-verif build with valgrind for ct-verif
|
||||
--scan-build run the build with scan-build (scan-build has to be in the path)
|
||||
--scan-build=/out/path sets the output path for scan-build
|
||||
--asan do an asan build
|
||||
--ubsan do an ubsan build
|
||||
--ubsan=bool,shift,... sets specific UB sanitizers
|
||||
--msan do an msan build
|
||||
--sancov do sanitize coverage builds
|
||||
--sancov=func sets coverage to function level for example
|
||||
--disable-tests don't build tests and corresponding cmdline utils
|
||||
--system-sqlite use system sqlite
|
||||
--no-zdefs don't set -Wl,-z,defs
|
||||
--with-nspr don't build NSPR but use the one at the given location, e.g.
|
||||
--with-nspr=/path/to/nspr/include:/path/to/nspr/lib
|
||||
--system-nspr use system nspr. This requires an installation of NSPR and
|
||||
might not work on all systems.
|
@ -1469,6 +1469,12 @@ FIPS186Change_ReduceModQForDSA(const unsigned char *w,
|
||||
const unsigned char *q,
|
||||
unsigned char *xj);
|
||||
|
||||
/* To allow NIST KAT tests */
|
||||
extern SECStatus
|
||||
PRNGTEST_Instantiate_Kat(const PRUint8 *entropy, unsigned int entropy_len,
|
||||
const PRUint8 *nonce, unsigned int nonce_len,
|
||||
const PRUint8 *personal_string, unsigned int ps_len);
|
||||
|
||||
/*
|
||||
* The following functions are for FIPS poweron self test and FIPS algorithm
|
||||
* testing.
|
||||
|
@ -99,7 +99,8 @@ struct RNGContextStr {
|
||||
* RNG_RandomUpdate. */
|
||||
PRUint8 additionalDataCache[PRNG_ADDITONAL_DATA_CACHE_SIZE];
|
||||
PRUint32 additionalAvail;
|
||||
PRBool isValid; /* false if RNG reaches an invalid state */
|
||||
PRBool isValid; /* false if RNG reaches an invalid state */
|
||||
PRBool isKatTest; /* true if running NIST PRNG KAT tests */
|
||||
};
|
||||
|
||||
typedef struct RNGContextStr RNGContext;
|
||||
@ -150,7 +151,7 @@ prng_Hash_df(PRUint8 *requested_bytes, unsigned int no_of_bytes_to_return,
|
||||
}
|
||||
|
||||
/*
|
||||
* Hash_DRBG Instantiate NIST SP 800-80 10.1.1.2
|
||||
* Hash_DRBG Instantiate NIST SP 800-90 10.1.1.2
|
||||
*
|
||||
* NOTE: bytes & len are entropy || nonce || personalization_string. In
|
||||
* normal operation, NSS calculates them all together in a single call.
|
||||
@ -158,9 +159,11 @@ prng_Hash_df(PRUint8 *requested_bytes, unsigned int no_of_bytes_to_return,
|
||||
static SECStatus
|
||||
prng_instantiate(RNGContext *rng, const PRUint8 *bytes, unsigned int len)
|
||||
{
|
||||
if (len < PRNG_SEEDLEN) {
|
||||
/* if the seedlen is to small, it's probably because we failed to get
|
||||
* enough random data */
|
||||
if (!rng->isKatTest && len < PRNG_SEEDLEN) {
|
||||
/* If the seedlen is too small, it's probably because we failed to get
|
||||
* enough random data.
|
||||
* This is stricter than NIST SP800-90A requires. Don't enforce it for
|
||||
* tests. */
|
||||
PORT_SetError(SEC_ERROR_NEED_RANDOM);
|
||||
return SECFailure;
|
||||
}
|
||||
@ -272,7 +275,7 @@ prng_reseed_test(RNGContext *rng, const PRUint8 *entropy,
|
||||
|
||||
#define PRNG_ADD_BITS_AND_CARRY(dest, dest_len, add, len, carry) \
|
||||
PRNG_ADD_BITS(dest, dest_len, add, len, carry) \
|
||||
PRNG_ADD_CARRY_ONLY(dest, dest_len - len, carry)
|
||||
PRNG_ADD_CARRY_ONLY(dest, dest_len - len - 1, carry)
|
||||
|
||||
/*
|
||||
* This function expands the internal state of the prng to fulfill any number
|
||||
@ -445,6 +448,7 @@ rng_init(void)
|
||||
|
||||
/* the RNG is in a valid state */
|
||||
globalrng->isValid = PR_TRUE;
|
||||
globalrng->isKatTest = PR_FALSE;
|
||||
|
||||
/* fetch one random value so that we can populate rng->oldV for our
|
||||
* continous random number test. */
|
||||
@ -700,6 +704,17 @@ RNG_RNGShutdown(void)
|
||||
* entropy we may have previously collected. */
|
||||
RNGContext testContext;
|
||||
|
||||
SECStatus
|
||||
PRNGTEST_Instantiate_Kat(const PRUint8 *entropy, unsigned int entropy_len,
|
||||
const PRUint8 *nonce, unsigned int nonce_len,
|
||||
const PRUint8 *personal_string, unsigned int ps_len)
|
||||
{
|
||||
testContext.isKatTest = PR_TRUE;
|
||||
return PRNGTEST_Instantiate(entropy, entropy_len,
|
||||
nonce, nonce_len,
|
||||
personal_string, ps_len);
|
||||
}
|
||||
|
||||
/*
|
||||
* Test vector API. Use NIST SP 800-90 general interface so one of the
|
||||
* other NIST SP 800-90 algorithms may be used in the future.
|
||||
|
@ -24,7 +24,7 @@
|
||||
*/
|
||||
#define NSS_VERSION "3.30" _NSS_CUSTOMIZED " Beta"
|
||||
#define NSS_VMAJOR 3
|
||||
#define NSS_VMINOR 30
|
||||
#define NSS_VMINOR 31
|
||||
#define NSS_VPATCH 0
|
||||
#define NSS_VBUILD 0
|
||||
#define NSS_BETA PR_TRUE
|
||||
|
@ -23,7 +23,7 @@
|
||||
*/
|
||||
#define SOFTOKEN_VERSION "3.30" SOFTOKEN_ECC_STRING " Beta"
|
||||
#define SOFTOKEN_VMAJOR 3
|
||||
#define SOFTOKEN_VMINOR 30
|
||||
#define SOFTOKEN_VMINOR 31
|
||||
#define SOFTOKEN_VPATCH 0
|
||||
#define SOFTOKEN_VBUILD 0
|
||||
#define SOFTOKEN_BETA PR_TRUE
|
||||
|
@ -21,7 +21,7 @@
|
||||
*/
|
||||
#define NSSUTIL_VERSION "3.30 Beta"
|
||||
#define NSSUTIL_VMAJOR 3
|
||||
#define NSSUTIL_VMINOR 30
|
||||
#define NSSUTIL_VMINOR 31
|
||||
#define NSSUTIL_VPATCH 0
|
||||
#define NSSUTIL_VBUILD 0
|
||||
#define NSSUTIL_BETA PR_TRUE
|
||||
|
@ -178,10 +178,11 @@
|
||||
'cmd/vfychain/vfychain.gyp:vfychain',
|
||||
'cmd/vfyserv/vfyserv.gyp:vfyserv',
|
||||
'gtests/der_gtest/der_gtest.gyp:der_gtest',
|
||||
'gtests/freebl_gtest/freebl_gtest.gyp:prng_gtest',
|
||||
'gtests/pk11_gtest/pk11_gtest.gyp:pk11_gtest',
|
||||
'gtests/ssl_gtest/ssl_gtest.gyp:ssl_gtest',
|
||||
'gtests/util_gtest/util_gtest.gyp:util_gtest',
|
||||
'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim'
|
||||
'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim',
|
||||
],
|
||||
'conditions': [
|
||||
[ 'OS=="linux"', {
|
||||
|
@ -55,7 +55,8 @@ gtest_start()
|
||||
GTESTREPORT="$GTESTDIR/report.xml"
|
||||
PARSED_REPORT="$GTESTDIR/report.parsed"
|
||||
echo "executing $i"
|
||||
${BINDIR}/$i -d "$GTESTDIR" --gtest_output=xml:"${GTESTREPORT}" \
|
||||
${BINDIR}/$i "${SOURCE_DIR}/gtests/freebl_gtest/kat/Hash_DRBG.rsp" \
|
||||
-d "$GTESTDIR" --gtest_output=xml:"${GTESTREPORT}" \
|
||||
--gtest_filter="${GTESTFILTER-*}"
|
||||
html_msg $? 0 "$i run successfully"
|
||||
echo "test output dir: ${GTESTREPORT}"
|
||||
@ -82,7 +83,8 @@ gtest_cleanup()
|
||||
}
|
||||
|
||||
################## main #################################################
|
||||
GTESTS="der_gtest pk11_gtest util_gtest"
|
||||
GTESTS="prng_gtest der_gtest pk11_gtest util_gtest"
|
||||
SOURCE_DIR="$PWD"/../..
|
||||
gtest_init $0
|
||||
gtest_start
|
||||
gtest_cleanup
|
||||
|
Loading…
Reference in New Issue
Block a user