Chromium Code Reviews Chromium Code Reviews
Issue 14522022:
Update NSS libSSL to NSS_3_15_BETA2. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * SSL3 Protocol | 2 * SSL3 Protocol |
| 3 * | 3 * |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 7 | 7 |
| 8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
| 9 /* $Id: ssl3ext.c,v 1.28 2012/09/21 00:28:05 wtc%google.com Exp $ */ | 9 /* $Id$ */ |
| 10 | 10 |
| 11 #include "nssrenam.h" | 11 #include "nssrenam.h" |
| 12 #include "nss.h" | 12 #include "nss.h" |
| 13 #include "ssl.h" | 13 #include "ssl.h" |
| 14 #include "sslimpl.h" | 14 #include "sslimpl.h" |
| 15 #include "sslproto.h" | 15 #include "sslproto.h" |
| 16 #include "pk11pub.h" | 16 #include "pk11pub.h" |
| 17 #ifdef NO_PKCS11_BYPASS | 17 #ifdef NO_PKCS11_BYPASS |
| 18 #include "blapit.h" | 18 #include "blapit.h" |
| 19 #else | 19 #else |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 54 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, | 54 static SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, |
| 55 PRUint16 ex_type, SECItem *data); | 55 PRUint16 ex_type, SECItem *data); |
| 56 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, | 56 static SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, |
| 57 PRUint16 ex_type, SECItem *data); | 57 PRUint16 ex_type, SECItem *data); |
| 58 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, | 58 static PRInt32 ssl3_ClientSendNextProtoNegoXtn(sslSocket *ss, PRBool append, |
| 59 PRUint32 maxBytes); | 59 PRUint32 maxBytes); |
| 60 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, | 60 static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, |
| 61 PRUint32 maxBytes); | 61 PRUint32 maxBytes); |
| 62 static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, | 62 static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, |
| 63 SECItem *data); | 63 SECItem *data); |
| 64 static SECStatus ssl3_ServerSendStatusRequestXtn(sslSocket * ss, | |
| 65 PRBool append, PRUint32 maxBytes); | |
| 66 static SECStatus ssl3_ServerHandleStatusRequestXtn(sslSocket *ss, | |
| 67 PRUint16 ex_type, SECItem *data); | |
| 68 static SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, | |
| 69 PRUint16 ex_type, | |
| 70 SECItem *data); | |
| 71 static PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket * ss, PRBool append, | |
| 72 PRUint32 maxBytes); | |
| 64 static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, | 73 static SECStatus ssl3_ClientHandleChannelIDXtn(sslSocket *ss, |
| 65 PRUint16 ex_type, SECItem *data); | 74 PRUint16 ex_type, SECItem *data); |
| 66 static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, | 75 static PRInt32 ssl3_ClientSendChannelIDXtn(sslSocket *ss, PRBool append, |
| 67 PRUint32 maxBytes); | 76 PRUint32 maxBytes); |
| 68 | 77 |
| 69 /* | 78 /* |
| 70 * Write bytes. Using this function means the SECItem structure | 79 * Write bytes. Using this function means the SECItem structure |
| 71 * cannot be freed. The caller is expected to call this function | 80 * cannot be freed. The caller is expected to call this function |
| 72 * on a shallow copy of the structure. | 81 * on a shallow copy of the structure. |
| 73 */ | 82 */ |
| (...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 219 static const ssl3HelloExtensionHandler clientHelloHandlers[] = { | 228 static const ssl3HelloExtensionHandler clientHelloHandlers[] = { |
| 220 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 229 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, |
| 221 #ifdef NSS_ENABLE_ECC | 230 #ifdef NSS_ENABLE_ECC |
| 222 { ssl_elliptic_curves_xtn, &ssl3_HandleSupportedCurvesXtn }, | 231 { ssl_elliptic_curves_xtn, &ssl3_HandleSupportedCurvesXtn }, |
| 223 { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn }, | 232 { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn }, |
| 224 #endif | 233 #endif |
| 225 { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn }, | 234 { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn }, |
| 226 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 235 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| 227 { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, | 236 { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, |
| 228 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | 237 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
| 238 { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn }, | |
| 229 { -1, NULL } | 239 { -1, NULL } |
| 230 }; | 240 }; |
| 231 | 241 |
| 232 /* These two tables are used by the client, to handle server hello | 242 /* These two tables are used by the client, to handle server hello |
| 233 * extensions. */ | 243 * extensions. */ |
| 234 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { | 244 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { |
| 235 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 245 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, |
| 236 /* TODO: add a handler for ssl_ec_point_formats_xtn */ | 246 /* TODO: add a handler for ssl_ec_point_formats_xtn */ |
| 237 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 247 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
| 238 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 248 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
| (...skipping 411 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 650 return 0; | 660 return 0; |
| 651 } | 661 } |
| 652 | 662 |
| 653 return extension_length; | 663 return extension_length; |
| 654 | 664 |
| 655 loser: | 665 loser: |
| 656 return -1; | 666 return -1; |
| 657 } | 667 } |
| 658 | 668 |
| 659 static SECStatus | 669 static SECStatus |
| 660 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, | 670 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, |
| 661 » » » SECItem *data) | 671 SECItem *data) |
| 662 { | 672 { |
| 663 PORT_Assert(ss->getChannelID != NULL); | |
| 664 | |
| 665 if (data->len) { | |
| 666 PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); | |
| 667 return SECFailure; | |
| 668 } | |
| 669 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | |
| 670 return SECSuccess; | |
| 671 } | |
| 672 | |
| 673 static PRInt32 | |
| 674 ssl3_ClientSendChannelIDXtn(sslSocket * ss, PRBool append, | |
| 675 PRUint32 maxBytes) | |
| 676 { | |
| 677 PRInt32 extension_length = 4; | |
| 678 | |
| 679 if (!ss->getChannelID) | |
| 680 return 0; | |
| 681 | |
| 682 if (maxBytes < extension_length) { | |
| 683 PORT_Assert(0); | |
| 684 return 0; | |
| 685 } | |
| 686 | |
| 687 if (append) { | |
| 688 SECStatus rv; | |
| 689 rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); | |
| 690 if (rv != SECSuccess) | |
| 691 goto loser; | |
| 692 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | |
| 693 if (rv != SECSuccess) | |
| 694 goto loser; | |
| 695 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | |
| 696 ssl_channel_id_xtn; | |
| 697 } | |
| 698 | |
| 699 return extension_length; | |
| 700 | |
| 701 loser: | |
| 702 return -1; | |
| 703 } | |
| 704 | |
| 705 SECStatus | |
| 706 ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, | |
| 707 SECItem *data) | |
| 708 { | |
| 709 /* If we didn't request this extension, then the server may not echo it. */ | |
| 710 if (!ss->opt.enableOCSPStapling) | |
| 711 return SECFailure; | |
|
wtc
2013/04/29 17:44:36
Lines 709-711 should not be deleted.
wtc
2013/05/01 23:58:37
It is correct to delete this check.
ssl3_HandleHel
| |
| 712 | |
| 713 /* The echoed extension must be empty. */ | 673 /* The echoed extension must be empty. */ |
| 714 if (data->len != 0) | 674 if (data->len != 0) |
| 715 » return SECFailure; | 675 return SECFailure; |
| 716 | |
| 717 ss->ssl3.hs.may_get_cert_status = PR_TRUE; | |
| 718 | 676 |
| 719 /* Keep track of negotiated extensions. */ | 677 /* Keep track of negotiated extensions. */ |
| 720 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 678 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 721 | 679 |
| 722 return SECSuccess; | 680 return SECSuccess; |
| 723 } | 681 } |
| 724 | 682 |
| 683 static PRInt32 | |
| 684 ssl3_ServerSendStatusRequestXtn( | |
| 685 sslSocket * ss, | |
| 686 PRBool append, | |
| 687 PRUint32 maxBytes) | |
| 688 { | |
| 689 PRInt32 extension_length; | |
| 690 SECStatus rv; | |
| 691 | |
| 692 if (!ss->certStatusArray) | |
| 693 return 0; | |
| 694 | |
| 695 extension_length = 2 + 2; | |
| 696 if (append && maxBytes >= extension_length) { | |
| 697 /* extension_type */ | |
| 698 rv = ssl3_AppendHandshakeNumber(ss, ssl_cert_status_xtn, 2); | |
| 699 if (rv != SECSuccess) | |
| 700 return -1; | |
| 701 /* length of extension_data */ | |
| 702 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | |
| 703 if (rv != SECSuccess) | |
| 704 return -1; | |
| 705 } | |
| 706 | |
| 707 return extension_length; | |
| 708 } | |
| 709 | |
| 725 /* ssl3_ClientSendStatusRequestXtn builds the status_request extension on the | 710 /* ssl3_ClientSendStatusRequestXtn builds the status_request extension on the |
| 726 * client side. See RFC 4366 section 3.6. */ | 711 * client side. See RFC 4366 section 3.6. */ |
| 727 PRInt32 | 712 static PRInt32 |
| 728 ssl3_ClientSendStatusRequestXtn(sslSocket * ss, PRBool append, | 713 ssl3_ClientSendStatusRequestXtn(sslSocket * ss, PRBool append, |
| 729 » » » » PRUint32 maxBytes) | 714 PRUint32 maxBytes) |
| 730 { | 715 { |
| 731 PRInt32 extension_length; | 716 PRInt32 extension_length; |
| 732 | 717 |
| 733 if (!ss->opt.enableOCSPStapling) | 718 if (!ss->opt.enableOCSPStapling) |
| 734 » return 0; | 719 return 0; |
| 735 | 720 |
| 736 /* extension_type (2-bytes) + | 721 /* extension_type (2-bytes) + |
| 737 * length(extension_data) (2-bytes) + | 722 * length(extension_data) (2-bytes) + |
| 738 * status_type (1) + | 723 * status_type (1) + |
| 739 * responder_id_list length (2) + | 724 * responder_id_list length (2) + |
| 740 * request_extensions length (2) | 725 * request_extensions length (2) |
| 741 */ | 726 */ |
| 742 extension_length = 9; | 727 extension_length = 9; |
| 743 | 728 |
| 744 if (append && maxBytes >= extension_length) { | 729 if (append && maxBytes >= extension_length) { |
| 745 » SECStatus rv; | 730 SECStatus rv; |
| 746 » TLSExtensionData *xtnData; | 731 TLSExtensionData *xtnData; |
| 747 | 732 |
| 748 » /* extension_type */ | 733 /* extension_type */ |
| 749 » rv = ssl3_AppendHandshakeNumber(ss, ssl_cert_status_xtn, 2); | 734 rv = ssl3_AppendHandshakeNumber(ss, ssl_cert_status_xtn, 2); |
| 750 » if (rv != SECSuccess) | 735 if (rv != SECSuccess) |
| 751 » return -1; | 736 return -1; |
| 752 » rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); | 737 rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); |
| 753 » if (rv != SECSuccess) | 738 if (rv != SECSuccess) |
| 754 » return -1; | 739 return -1; |
| 755 » rv = ssl3_AppendHandshakeNumber(ss, 1 /* status_type ocsp */, 1); | 740 rv = ssl3_AppendHandshakeNumber(ss, 1 /* status_type ocsp */, 1); |
| 756 » if (rv != SECSuccess) | 741 if (rv != SECSuccess) |
| 757 » return -1; | 742 return -1; |
| 758 » /* A zero length responder_id_list means that the responders are | 743 /* A zero length responder_id_list means that the responders are |
| 759 » * implicitly known to the server. */ | 744 * implicitly known to the server. */ |
| 760 » rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | 745 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); |
| 761 » if (rv != SECSuccess) | 746 if (rv != SECSuccess) |
| 762 » return -1; | 747 return -1; |
| 763 » /* A zero length request_extensions means that there are no extensions. | 748 /* A zero length request_extensions means that there are no extensions. |
| 764 » * Specifically, we don't set the id-pkix-ocsp-nonce extension. This | 749 * Specifically, we don't set the id-pkix-ocsp-nonce extension. This |
| 765 » * means that the server can replay a cached OCSP response to us. */ | 750 * means that the server can replay a cached OCSP response to us. */ |
| 766 » rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | 751 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); |
| 767 » if (rv != SECSuccess) | 752 if (rv != SECSuccess) |
| 768 » return -1; | 753 return -1; |
| 769 | 754 |
| 770 » xtnData = &ss->xtnData; | 755 xtnData = &ss->xtnData; |
| 771 » xtnData->advertised[xtnData->numAdvertised++] = ssl_cert_status_xtn; | 756 xtnData->advertised[xtnData->numAdvertised++] = ssl_cert_status_xtn; |
| 772 } else if (maxBytes < extension_length) { | 757 } else if (maxBytes < extension_length) { |
| 773 » PORT_Assert(0); | 758 PORT_Assert(0); |
| 774 » return 0; | 759 return 0; |
| 775 } | 760 } |
| 776 return extension_length; | 761 return extension_length; |
| 777 } | 762 } |
| 778 | 763 |
| 779 /* | 764 /* |
| 780 * NewSessionTicket | 765 * NewSessionTicket |
| 781 * Called from ssl3_HandleFinished | 766 * Called from ssl3_HandleFinished |
| 782 */ | 767 */ |
| 783 SECStatus | 768 SECStatus |
| 784 ssl3_SendNewSessionTicket(sslSocket *ss) | 769 ssl3_SendNewSessionTicket(sslSocket *ss) |
| (...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1125 SECItem *data) | 1110 SECItem *data) |
| 1126 { | 1111 { |
| 1127 if (data->len != 0) | 1112 if (data->len != 0) |
| 1128 return SECFailure; | 1113 return SECFailure; |
| 1129 | 1114 |
| 1130 /* Keep track of negotiated extensions. */ | 1115 /* Keep track of negotiated extensions. */ |
| 1131 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 1116 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 1132 return SECSuccess; | 1117 return SECSuccess; |
| 1133 } | 1118 } |
| 1134 | 1119 |
| 1120 static SECStatus | |
| 1121 ssl3_ClientHandleChannelIDXtn(sslSocket *ss, PRUint16 ex_type, | |
| 1122 SECItem *data) | |
| 1123 { | |
| 1124 PORT_Assert(ss->getChannelID != NULL); | |
| 1125 | |
| 1126 if (data->len) { | |
| 1127 PORT_SetError(SSL_ERROR_BAD_CHANNEL_ID_DATA); | |
| 1128 return SECFailure; | |
| 1129 } | |
| 1130 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | |
| 1131 return SECSuccess; | |
| 1132 } | |
| 1133 | |
| 1134 static PRInt32 | |
| 1135 ssl3_ClientSendChannelIDXtn(sslSocket * ss, PRBool append, | |
| 1136 PRUint32 maxBytes) | |
| 1137 { | |
| 1138 PRInt32 extension_length = 4; | |
| 1139 | |
| 1140 if (!ss->getChannelID) | |
| 1141 return 0; | |
| 1142 | |
| 1143 if (maxBytes < extension_length) { | |
| 1144 PORT_Assert(0); | |
| 1145 return 0; | |
| 1146 } | |
| 1147 | |
| 1148 if (append) { | |
| 1149 SECStatus rv; | |
| 1150 rv = ssl3_AppendHandshakeNumber(ss, ssl_channel_id_xtn, 2); | |
| 1151 if (rv != SECSuccess) | |
| 1152 goto loser; | |
| 1153 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | |
| 1154 if (rv != SECSuccess) | |
| 1155 goto loser; | |
| 1156 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | |
| 1157 ssl_channel_id_xtn; | |
| 1158 } | |
| 1159 | |
| 1160 return extension_length; | |
| 1161 | |
| 1162 loser: | |
| 1163 return -1; | |
| 1164 } | |
| 1165 | |
| 1135 SECStatus | 1166 SECStatus |
| 1136 ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type, | 1167 ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type, |
| 1137 SECItem *data) | 1168 SECItem *data) |
| 1138 { | 1169 { |
| 1139 SECStatus rv; | 1170 SECStatus rv; |
| 1140 SECItem *decrypted_state = NULL; | 1171 SECItem *decrypted_state = NULL; |
| 1141 SessionTicket *parsed_session_ticket = NULL; | 1172 SessionTicket *parsed_session_ticket = NULL; |
| 1142 sslSessionID *sid = NULL; | 1173 sslSessionID *sid = NULL; |
| 1143 SSL3Statistics *ssl3stats; | 1174 SSL3Statistics *ssl3stats; |
| 1144 | 1175 |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1205 != SECSuccess) | 1236 != SECSuccess) |
| 1206 return SECFailure; | 1237 return SECFailure; |
| 1207 | 1238 |
| 1208 /* Get session ticket keys. */ | 1239 /* Get session ticket keys. */ |
| 1209 #ifndef NO_PKCS11_BYPASS | 1240 #ifndef NO_PKCS11_BYPASS |
| 1210 if (ss->opt.bypassPKCS11) { | 1241 if (ss->opt.bypassPKCS11) { |
| 1211 rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length, | 1242 rv = ssl3_GetSessionTicketKeys(&aes_key, &aes_key_length, |
| 1212 &mac_key, &mac_key_length); | 1243 &mac_key, &mac_key_length); |
| 1213 } else | 1244 } else |
| 1214 #endif | 1245 #endif |
| 1215 { | 1246 » { |
| 1216 rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11, | 1247 rv = ssl3_GetSessionTicketKeysPKCS11(ss, &aes_key_pkcs11, |
| 1217 &mac_key_pkcs11); | 1248 &mac_key_pkcs11); |
| 1218 } | 1249 } |
| 1219 if (rv != SECSuccess) { | 1250 if (rv != SECSuccess) { |
| 1220 SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.", | 1251 SSL_DBG(("%d: SSL[%d]: Unable to get/generate session ticket keys.", |
| 1221 SSL_GETPID(), ss->fd)); | 1252 SSL_GETPID(), ss->fd)); |
| 1222 goto loser; | 1253 goto loser; |
| 1223 } | 1254 } |
| 1224 | 1255 |
| 1225 /* If the ticket sent by the client was generated under a key different | 1256 /* If the ticket sent by the client was generated under a key different |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 1243 sizeof(session_ticket_mac_key), PR_FALSE) != SECSuccess) | 1274 sizeof(session_ticket_mac_key), PR_FALSE) != SECSuccess) |
| 1244 goto no_ticket; | 1275 goto no_ticket; |
| 1245 HMAC_Begin(hmac_ctx); | 1276 HMAC_Begin(hmac_ctx); |
| 1246 HMAC_Update(hmac_ctx, extension_data.data, | 1277 HMAC_Update(hmac_ctx, extension_data.data, |
| 1247 extension_data.len - TLS_EX_SESS_TICKET_MAC_LENGTH); | 1278 extension_data.len - TLS_EX_SESS_TICKET_MAC_LENGTH); |
| 1248 if (HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length, | 1279 if (HMAC_Finish(hmac_ctx, computed_mac, &computed_mac_length, |
| 1249 sizeof(computed_mac)) != SECSuccess) | 1280 sizeof(computed_mac)) != SECSuccess) |
| 1250 goto no_ticket; | 1281 goto no_ticket; |
| 1251 } else | 1282 } else |
| 1252 #endif | 1283 #endif |
| 1253 { | 1284 » { |
| 1254 SECItem macParam; | 1285 SECItem macParam; |
| 1255 macParam.data = NULL; | 1286 macParam.data = NULL; |
| 1256 macParam.len = 0; | 1287 macParam.len = 0; |
| 1257 hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech, | 1288 hmac_ctx_pkcs11 = PK11_CreateContextBySymKey(macMech, |
| 1258 CKA_SIGN, mac_key_pkcs11, &macParam); | 1289 CKA_SIGN, mac_key_pkcs11, &macParam); |
| 1259 if (!hmac_ctx_pkcs11) { | 1290 if (!hmac_ctx_pkcs11) { |
| 1260 SSL_DBG(("%d: SSL[%d]: Unable to create HMAC context: %d.", | 1291 SSL_DBG(("%d: SSL[%d]: Unable to create HMAC context: %d.", |
| 1261 SSL_GETPID(), ss->fd, PORT_GetError())); | 1292 SSL_GETPID(), ss->fd, PORT_GetError())); |
| 1262 goto no_ticket; | 1293 goto no_ticket; |
| 1263 } else { | 1294 } else { |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1307 } | 1338 } |
| 1308 | 1339 |
| 1309 rv = AES_Decrypt(aes_ctx, decrypted_state->data, | 1340 rv = AES_Decrypt(aes_ctx, decrypted_state->data, |
| 1310 &decrypted_state->len, decrypted_state->len, | 1341 &decrypted_state->len, decrypted_state->len, |
| 1311 enc_session_ticket.encrypted_state.data, | 1342 enc_session_ticket.encrypted_state.data, |
| 1312 enc_session_ticket.encrypted_state.len); | 1343 enc_session_ticket.encrypted_state.len); |
| 1313 if (rv != SECSuccess) | 1344 if (rv != SECSuccess) |
| 1314 goto no_ticket; | 1345 goto no_ticket; |
| 1315 } else | 1346 } else |
| 1316 #endif | 1347 #endif |
| 1317 { | 1348 » { |
| 1318 SECItem ivItem; | 1349 SECItem ivItem; |
| 1319 ivItem.data = enc_session_ticket.iv; | 1350 ivItem.data = enc_session_ticket.iv; |
| 1320 ivItem.len = AES_BLOCK_SIZE; | 1351 ivItem.len = AES_BLOCK_SIZE; |
| 1321 aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech, | 1352 aes_ctx_pkcs11 = PK11_CreateContextBySymKey(cipherMech, |
| 1322 CKA_DECRYPT, aes_key_pkcs11, &ivItem); | 1353 CKA_DECRYPT, aes_key_pkcs11, &ivItem); |
| 1323 if (!aes_ctx_pkcs11) { | 1354 if (!aes_ctx_pkcs11) { |
| 1324 SSL_DBG(("%d: SSL[%d]: Unable to create AES context.", | 1355 SSL_DBG(("%d: SSL[%d]: Unable to create AES context.", |
| 1325 SSL_GETPID(), ss->fd)); | 1356 SSL_GETPID(), ss->fd)); |
| 1326 goto no_ticket; | 1357 goto no_ticket; |
| 1327 } | 1358 } |
| (...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1751 if (rv != SECSuccess) return -1; | 1782 if (rv != SECSuccess) return -1; |
| 1752 if (!ss->sec.isServer) { | 1783 if (!ss->sec.isServer) { |
| 1753 TLSExtensionData *xtnData = &ss->xtnData; | 1784 TLSExtensionData *xtnData = &ss->xtnData; |
| 1754 xtnData->advertised[xtnData->numAdvertised++] = | 1785 xtnData->advertised[xtnData->numAdvertised++] = |
| 1755 ssl_renegotiation_info_xtn; | 1786 ssl_renegotiation_info_xtn; |
| 1756 } | 1787 } |
| 1757 } | 1788 } |
| 1758 return needed; | 1789 return needed; |
| 1759 } | 1790 } |
| 1760 | 1791 |
| 1792 static SECStatus | |
| 1793 ssl3_ServerHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type, | |
| 1794 SECItem *data) | |
| 1795 { | |
| 1796 SECStatus rv = SECSuccess; | |
| 1797 PRUint32 len = 0; | |
| 1798 | |
| 1799 /* remember that we got this extension. */ | |
| 1800 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | |
| 1801 PORT_Assert(ss->sec.isServer); | |
| 1802 /* prepare to send back the appropriate response */ | |
| 1803 rv = ssl3_RegisterServerHelloExtensionSender(ss, ex_type, | |
| 1804 ssl3_ServerSendStatusRequestXtn); | |
| 1805 return rv; | |
| 1806 } | |
| 1807 | |
| 1761 /* This function runs in both the client and server. */ | 1808 /* This function runs in both the client and server. */ |
| 1762 static SECStatus | 1809 static SECStatus |
| 1763 ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data) | 1810 ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data) |
| 1764 { | 1811 { |
| 1765 SECStatus rv = SECSuccess; | 1812 SECStatus rv = SECSuccess; |
| 1766 PRUint32 len = 0; | 1813 PRUint32 len = 0; |
| 1767 | 1814 |
| 1768 if (ss->firstHsDone) { | 1815 if (ss->firstHsDone) { |
| 1769 len = ss->sec.isServer ? ss->ssl3.hs.finishedBytes | 1816 len = ss->sec.isServer ? ss->ssl3.hs.finishedBytes |
| 1770 : ss->ssl3.hs.finishedBytes * 2; | 1817 : ss->ssl3.hs.finishedBytes * 2; |
| (...skipping 214 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1985 return SECSuccess; | 2032 return SECSuccess; |
| 1986 } | 2033 } |
| 1987 | 2034 |
| 1988 /* OK, we have a valid cipher and we've selected it */ | 2035 /* OK, we have a valid cipher and we've selected it */ |
| 1989 ss->ssl3.dtlsSRTPCipherSuite = cipher; | 2036 ss->ssl3.dtlsSRTPCipherSuite = cipher; |
| 1990 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ssl_use_srtp_xtn; | 2037 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ssl_use_srtp_xtn; |
| 1991 | 2038 |
| 1992 return ssl3_RegisterServerHelloExtensionSender(ss, ssl_use_srtp_xtn, | 2039 return ssl3_RegisterServerHelloExtensionSender(ss, ssl_use_srtp_xtn, |
| 1993 ssl3_SendUseSRTPXtn); | 2040 ssl3_SendUseSRTPXtn); |
| 1994 } | 2041 } |
| OLD | NEW |
