Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(189)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/ssl3con.c

Issue 7493056: net: allow SSL secrets to be exported sooner. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 9 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/ssl/ssl.h ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * SSL3 Protocol 2 * SSL3 Protocol
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 8434 matching lines...) Expand 10 before | Expand all | Expand 10 after
8445 /* The calling function must acquire and release the appropriate lock (i.e., 8445 /* The calling function must acquire and release the appropriate lock (i.e.,
8446 * ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for ss->ssl3.crSpec). Any 8446 * ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for ss->ssl3.crSpec). Any
8447 * label must already be concatenated onto the beginning of val. 8447 * label must already be concatenated onto the beginning of val.
8448 */ 8448 */
8449 SECStatus 8449 SECStatus
8450 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label, 8450 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label,
8451 unsigned int labelLen, const unsigned char *val, unsigned int valLen, 8451 unsigned int labelLen, const unsigned char *val, unsigned int valLen,
8452 unsigned char *out, unsigned int outLen) 8452 unsigned char *out, unsigned int outLen)
8453 { 8453 {
8454 SECStatus rv = SECSuccess; 8454 SECStatus rv = SECSuccess;
8455 unsigned int retLen;
8456 8455
8457 if (spec->master_secret && !spec->bypassCiphers) { 8456 if (spec->master_secret && !spec->bypassCiphers) {
8458 SECItem param = {siBuffer, NULL, 0}; 8457 SECItem param = {siBuffer, NULL, 0};
8459 PK11Context *prf_context = 8458 PK11Context *prf_context =
8460 PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN, 8459 PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN,
8461 spec->master_secret, &param); 8460 spec->master_secret, &param);
8461 unsigned int retLen;
8462
8462 if (!prf_context) 8463 if (!prf_context)
8463 return SECFailure; 8464 return SECFailure;
8464 8465
8465 rv = PK11_DigestBegin(prf_context); 8466 rv = PK11_DigestBegin(prf_context);
8466 rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen); 8467 rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen);
8467 rv |= PK11_DigestOp(prf_context, val, valLen); 8468 rv |= PK11_DigestOp(prf_context, val, valLen);
8468 rv |= PK11_DigestFinal(prf_context, out, 8469 rv |= PK11_DigestFinal(prf_context, out,
8469 &retLen, outLen); 8470 &retLen, outLen);
8470 PORT_Assert(rv != SECSuccess || retLen == outLen); 8471 PORT_Assert(rv != SECSuccess || retLen == outLen);
8471 8472
(...skipping 15 matching lines...) Expand all
8487 } 8488 }
8488 8489
8489 static SECStatus 8490 static SECStatus
8490 ssl3_ComputeTLSFinished(ssl3CipherSpec *spec, 8491 ssl3_ComputeTLSFinished(ssl3CipherSpec *spec,
8491 PRBool isServer, 8492 PRBool isServer,
8492 const SSL3Finished * hashes, 8493 const SSL3Finished * hashes,
8493 TLSFinished * tlsFinished) 8494 TLSFinished * tlsFinished)
8494 { 8495 {
8495 const char * label; 8496 const char * label;
8496 SECStatus rv; 8497 SECStatus rv;
8498 unsigned int len;
8497 8499
8498 label = isServer ? "server finished" : "client finished"; 8500 label = isServer ? "server finished" : "client finished";
8501 len = 15;
8499 8502
8500 rv = ssl3_TLSPRFWithMasterSecret(spec, label, 15, hashes->md5, 8503 rv = ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->md5,
8501 sizeof *hashes, tlsFinished->verify_data, 8504 sizeof *hashes, tlsFinished->verify_data,
8502 sizeof tlsFinished->verify_data); 8505 sizeof tlsFinished->verify_data);
8503 8506
8504 return rv; 8507 return rv;
8505 } 8508 }
8506 8509
8507 /* called from ssl3_HandleServerHelloDone 8510 /* called from ssl3_HandleServerHelloDone
8508 */ 8511 */
8509 static SECStatus 8512 static SECStatus
8510 ssl3_SendNextProto(sslSocket *ss) 8513 ssl3_SendNextProto(sslSocket *ss)
(...skipping 1438 matching lines...) Expand 10 before | Expand all | Expand 10 after
9949 9952
9950 ss->ssl3.initialized = PR_FALSE; 9953 ss->ssl3.initialized = PR_FALSE;
9951 9954
9952 if (ss->ssl3.nextProto.data) { 9955 if (ss->ssl3.nextProto.data) {
9953 PORT_Free(ss->ssl3.nextProto.data); 9956 PORT_Free(ss->ssl3.nextProto.data);
9954 ss->ssl3.nextProto.data = NULL; 9957 ss->ssl3.nextProto.data = NULL;
9955 } 9958 }
9956 } 9959 }
9957 9960
9958 /* End of ssl3con.c */ 9961 /* End of ssl3con.c */
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/ssl.h ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698