OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
6 * | 6 * |
7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
(...skipping 8434 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8445 /* The calling function must acquire and release the appropriate lock (i.e., | 8445 /* The calling function must acquire and release the appropriate lock (i.e., |
8446 * ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for ss->ssl3.crSpec). Any | 8446 * ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for ss->ssl3.crSpec). Any |
8447 * label must already be concatenated onto the beginning of val. | 8447 * label must already be concatenated onto the beginning of val. |
8448 */ | 8448 */ |
8449 SECStatus | 8449 SECStatus |
8450 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label, | 8450 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, const char *label, |
8451 unsigned int labelLen, const unsigned char *val, unsigned int valLen, | 8451 unsigned int labelLen, const unsigned char *val, unsigned int valLen, |
8452 unsigned char *out, unsigned int outLen) | 8452 unsigned char *out, unsigned int outLen) |
8453 { | 8453 { |
8454 SECStatus rv = SECSuccess; | 8454 SECStatus rv = SECSuccess; |
8455 unsigned int retLen; | |
8456 | 8455 |
8457 if (spec->master_secret && !spec->bypassCiphers) { | 8456 if (spec->master_secret && !spec->bypassCiphers) { |
8458 SECItem param = {siBuffer, NULL, 0}; | 8457 SECItem param = {siBuffer, NULL, 0}; |
8459 PK11Context *prf_context = | 8458 PK11Context *prf_context = |
8460 PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN, | 8459 PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN, |
8461 spec->master_secret, ¶m); | 8460 spec->master_secret, ¶m); |
| 8461 unsigned int retLen; |
| 8462 |
8462 if (!prf_context) | 8463 if (!prf_context) |
8463 return SECFailure; | 8464 return SECFailure; |
8464 | 8465 |
8465 rv = PK11_DigestBegin(prf_context); | 8466 rv = PK11_DigestBegin(prf_context); |
8466 rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen); | 8467 rv |= PK11_DigestOp(prf_context, (unsigned char *) label, labelLen); |
8467 rv |= PK11_DigestOp(prf_context, val, valLen); | 8468 rv |= PK11_DigestOp(prf_context, val, valLen); |
8468 rv |= PK11_DigestFinal(prf_context, out, | 8469 rv |= PK11_DigestFinal(prf_context, out, |
8469 &retLen, outLen); | 8470 &retLen, outLen); |
8470 PORT_Assert(rv != SECSuccess || retLen == outLen); | 8471 PORT_Assert(rv != SECSuccess || retLen == outLen); |
8471 | 8472 |
(...skipping 15 matching lines...) Expand all Loading... |
8487 } | 8488 } |
8488 | 8489 |
8489 static SECStatus | 8490 static SECStatus |
8490 ssl3_ComputeTLSFinished(ssl3CipherSpec *spec, | 8491 ssl3_ComputeTLSFinished(ssl3CipherSpec *spec, |
8491 PRBool isServer, | 8492 PRBool isServer, |
8492 const SSL3Finished * hashes, | 8493 const SSL3Finished * hashes, |
8493 TLSFinished * tlsFinished) | 8494 TLSFinished * tlsFinished) |
8494 { | 8495 { |
8495 const char * label; | 8496 const char * label; |
8496 SECStatus rv; | 8497 SECStatus rv; |
| 8498 unsigned int len; |
8497 | 8499 |
8498 label = isServer ? "server finished" : "client finished"; | 8500 label = isServer ? "server finished" : "client finished"; |
| 8501 len = 15; |
8499 | 8502 |
8500 rv = ssl3_TLSPRFWithMasterSecret(spec, label, 15, hashes->md5, | 8503 rv = ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->md5, |
8501 sizeof *hashes, tlsFinished->verify_data, | 8504 sizeof *hashes, tlsFinished->verify_data, |
8502 sizeof tlsFinished->verify_data); | 8505 sizeof tlsFinished->verify_data); |
8503 | 8506 |
8504 return rv; | 8507 return rv; |
8505 } | 8508 } |
8506 | 8509 |
8507 /* called from ssl3_HandleServerHelloDone | 8510 /* called from ssl3_HandleServerHelloDone |
8508 */ | 8511 */ |
8509 static SECStatus | 8512 static SECStatus |
8510 ssl3_SendNextProto(sslSocket *ss) | 8513 ssl3_SendNextProto(sslSocket *ss) |
(...skipping 1438 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
9949 | 9952 |
9950 ss->ssl3.initialized = PR_FALSE; | 9953 ss->ssl3.initialized = PR_FALSE; |
9951 | 9954 |
9952 if (ss->ssl3.nextProto.data) { | 9955 if (ss->ssl3.nextProto.data) { |
9953 PORT_Free(ss->ssl3.nextProto.data); | 9956 PORT_Free(ss->ssl3.nextProto.data); |
9954 ss->ssl3.nextProto.data = NULL; | 9957 ss->ssl3.nextProto.data = NULL; |
9955 } | 9958 } |
9956 } | 9959 } |
9957 | 9960 |
9958 /* End of ssl3con.c */ | 9961 /* End of ssl3con.c */ |
OLD | NEW |