Closed Bug 1984704 Opened 2 months ago Closed 21 days ago

Add PKCS#11 trust tests

Categories

(NSS :: Test, task, P2)

Product:
NSS
Component:
Test
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jschanck, Assigned: rrelyea)

References

Details

Attachments

(1 file)

Bug 1984704 Add PKCS#11 trust tests
48 bytes, text/x-phabricator-request
Details | Review

Bug 1965328 made significant changes to how NSS handles trust objects. It should have included tests.

The trust system already has significant tests, which were critical in making these changes. The patches didn't change the sematics, only the underlying mechanisms.

If you can point out where the existing test coverage is missing, I would be happy to add these tests.

At the very least we're missing tests to ensure that we can handle NSS trust objects and PKCS#11 trust objects consistently. To catch Bug 1984165, we would have needed a test where two tokens store a trust objects for the same cert, one token has an NSS trust object, and one token has a standard PKCS#11 trust object.

Thanks. I'll add those. The use of PKCS #11 trust objects are new, so the test would have applied to the previous code as well. That but would hit if the NSS object has an MD5 hash and one had the SHA1 hash, so that's a reasonable request (or one PKCS #11 object had a SHA256 and the other had a SHA384 hash). I just wanted to know what kind of things you wanted test coverage on.

Assignee: nobody → rrelyea
Status: NEW → ASSIGNED
See Also: → 1985405
Status: ASSIGNED → RESOLVED
Closed: 21 days ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: