Update NSS libSSL to NSS_3_15_BETA2.

net/third_party/nss/ssl/ssl3ecc.c

 /*
  * SSL3 Protocol
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /* ECC code moved here from ssl3con.c */
-/* $Id: ssl3ecc.c,v 1.29 2012/06/11 02:38:30 emaldona%redhat.com Exp $ */
+/* $Id$ */
 
 #include "nss.h"
 #include "cert.h"
 #include "ssl.h"
 #include "cryptohi.h"   /* for DSAU_ stuff */
 #include "keyhi.h"
 #include "secder.h"
 #include "secitem.h"
 
 #include "sslimpl.h"
@@ skipping 942 matching lines @@
         }
     }
 }
 
 /* Ask: is ANY ECC cipher suite enabled on this socket? */
 /* Order(N^2).  Yuk.  Also, this ignores export policy. */
 PRBool
 ssl3_IsECCEnabled(sslSocket * ss)
 {
     const ssl3CipherSuite * suite;
+    PK11SlotInfo *slot;
 
+    /* make sure we can do ECC */
+    slot = PK11_GetBestSlot(CKM_ECDH1_DERIVE,  ss->pkcs11PinArg);
+    if (!slot) {
+        return PR_FALSE;
+    }
+    PK11_FreeSlot(slot);
+
+    /* make sure an ECC cipher is enabled */
     for (suite = ecSuites; *suite; ++suite) {
         PRBool    enabled = PR_FALSE;
         SECStatus rv      = ssl3_CipherPrefGet(ss, *suite, &enabled);
 
         PORT_Assert(rv == SECSuccess); /* else is coding error */
         if (rv == SECSuccess && enabled)
             return PR_TRUE;
     }
     return PR_FALSE;
 }
 
 #define BE(n) 0, n
 
-#ifndef NSS_ECC_MORE_THAN_SUITE_B
 /* Prefabricated TLS client hello extension, Elliptic Curves List,
  * offers only 3 curves, the Suite B curves, 23-25 
  */
-static const PRUint8 EClist[12] = {
+static const PRUint8 suiteBECList[12] = {
     BE(10),         /* Extension type */
     BE( 8),         /* octets that follow ( 3 pairs + 1 length pair) */
     BE( 6),         /* octets that follow ( 3 pairs) */
     BE(23), BE(24), BE(25)
 };
-#else
+
 /* Prefabricated TLS client hello extension, Elliptic Curves List,
  * offers curves 1-25.
  */
-static const PRUint8 EClist[56] = {
+static const PRUint8 tlsECList[56] = {
     BE(10),         /* Extension type */
     BE(52),         /* octets that follow (25 pairs + 1 length pair) */
     BE(50),         /* octets that follow (25 pairs) */
             BE( 1), BE( 2), BE( 3), BE( 4), BE( 5), BE( 6), BE( 7), 
     BE( 8), BE( 9), BE(10), BE(11), BE(12), BE(13), BE(14), BE(15), 
     BE(16), BE(17), BE(18), BE(19), BE(20), BE(21), BE(22), BE(23), 
     BE(24), BE(25)
 };
-#endif
 
 static const PRUint8 ECPtFmt[6] = {
     BE(11),         /* Extension type */
     BE( 2),         /* octets that follow */
              1,     /* octets that follow */
                  0  /* uncompressed type only */
 };
 
+/* This function already presumes we can do ECC, ssl_IsECCEnabled must be
+ * called before this function. It looks to see if we have a token which
+ * is capable of doing smaller than SuiteB curves. If the token can, we
+ * presume the token can do the whole SSL suite of curves. If it can't we
+ * presume the token that allowed ECC to be enabled can only do suite B
+ * curves. */
+static PRBool
+ssl3_SuiteBOnly(sslSocket *ss)
+{
+    /* look to see if we can handle certs less than 163 bits */
+    PK11SlotInfo *slot =
+        PK11_GetBestSlotWithAttributes(CKM_ECDH1_DERIVE, 0, 163,
+                                        ss ? ss->pkcs11PinArg : NULL);
+
+    if (!slot) {
+        /* nope, presume we can only do suite B */
+        return PR_TRUE;
+    }
+    /* we can, presume we can do all curves */
+    PK11_FreeSlot(slot);
+    return PR_FALSE;
+}
+
 /* Send our "canned" (precompiled) Supported Elliptic Curves extension,
  * which says that we support all TLS-defined named curves.
  */
 PRInt32
 ssl3_SendSupportedCurvesXtn(
                         sslSocket * ss,
                         PRBool      append,
                         PRUint32    maxBytes)
 {
+    int ECListSize = 0;
+    const PRUint8 *ECList = NULL;
+
     if (!ss || !ssl3_IsECCEnabled(ss))
         return 0;
-    if (append && maxBytes >= (sizeof EClist)) {
-        SECStatus rv = ssl3_AppendHandshake(ss, EClist, (sizeof EClist));
+
+    if (ssl3_SuiteBOnly(ss)) {
+        ECListSize = sizeof (suiteBECList);
+        ECList = suiteBECList;
+    } else {
+        ECListSize = sizeof (tlsECList);
+        ECList = tlsECList;
+    }
+ 
+    if (append && maxBytes >= ECListSize) {
+        SECStatus rv = ssl3_AppendHandshake(ss, ECList, ECListSize);
         if (rv != SECSuccess)
             return -1;
         if (!ss->sec.isServer) {
             TLSExtensionData *xtnData = &ss->xtnData;
             xtnData->advertised[xtnData->numAdvertised++] =
                 ssl_elliptic_curves_xtn;
         }
     }
-    return (sizeof EClist);
+    return ECListSize;
+}
+
+PRInt32
+ssl3_GetSupportedECCCurveMask(sslSocket *ss)
+{
+    if (ssl3_SuiteBOnly(ss)) {
+        return SSL3_SUITE_B_SUPPORTED_CURVES_MASK;
+    }
+    return SSL3_ALL_SUPPORTED_CURVES_MASK;
 }
 
 /* Send our "canned" (precompiled) Supported Point Formats extension,
  * which says that we only support uncompressed points.
  */
 PRInt32
 ssl3_SendSupportedPointFormatsXtn(
                         sslSocket * ss,
                         PRBool      append,
                         PRUint32    maxBytes)
@@ skipping 108 matching lines @@
     ssl3_DisableECCSuites(ss, ecdhe_ecdsa_suites);
     return SECFailure;
 
 loser:
     /* no common curve supported */
     ssl3_DisableECCSuites(ss, ecSuites);
     return SECFailure;
 }
 
 #endif /* NSS_ENABLE_ECC */