Closed Bug 1644774 Opened 5 years ago Closed 5 years ago

SSL gtests should use ClearServerCache when resetting self-encrypt keys

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.54

People

(Reporter: kjacobs, Assigned: kjacobs)

Details

Attachments

(1 file)

Bug 1644774 - Use ClearServerCache instead of SSLInt_ClearSelfEncryptKey for ticket invalidation. 5 years ago Kevin Jacobs [:kjacobs] 47 bytes, text/x-phabricator-request		Details \| Review

Kevin Jacobs [:kjacobs]

Assignee

Description

•

5 years ago

We have a few gtests that rely on SSLInt_ClearSelfEncryptKey to reset self-encrypt keys and invalidate previously-issued tickets.

This doesn't quite accomplish the goal: when there is a subsequent call to ssl_GenerateSelfEncryptKeysOnce (via issuing a new ticket or attempting to decrypt an old one), the previously-used key is retrieved from the cache at [1]. These tests should use ClearServerCache instead.

This is a test correctness issue only.

[1] https://searchfox.org/mozilla-central/source/security/nss/lib/ssl/sslsnce.c#2105

Kevin Jacobs [:kjacobs]

Assignee

Comment 1

•

5 years ago

Attached file Bug 1644774 - Use ClearServerCache instead of SSLInt_ClearSelfEncryptKey for ticket invalidation. — Details

Kevin Jacobs [:kjacobs]

Assignee

Comment 2

•

5 years ago

https://hg.mozilla.org/projects/nss/rev/7b2413d80ce3f952c58aff03b0e66325bca670fa

Status: ASSIGNED → RESOLVED

Closed: 5 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.54

You need to log in before you can comment on or make changes to this bug.

Bugzilla

SSL gtests should use ClearServerCache when resetting self-encrypt keys

Categories

(NSS :: Test, defect)

Tracking

(Not tracked)

People

(Reporter: kjacobs, Assigned: kjacobs)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Attachment

General

Description

File Name

Content Type