Chromium Code Reviews Chromium Code Reviews
Issue 9764001:
Add DTLS support to NSS, contributed by Eric Rescorla. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Key Derivation that doesn't use PKCS11 | 2 * Key Derivation that doesn't use PKCS11 |
| 3 * | 3 * |
| 4 * ***** BEGIN LICENSE BLOCK ***** | 4 * ***** BEGIN LICENSE BLOCK ***** |
| 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 6 * | 6 * |
| 7 * The contents of this file are subject to the Mozilla Public License Version | 7 * The contents of this file are subject to the Mozilla Public License Version |
| 8 * 1.1 (the "License"); you may not use this file except in compliance with | 8 * 1.1 (the "License"); you may not use this file except in compliance with |
| 9 * the License. You may obtain a copy of the License at | 9 * the License. You may obtain a copy of the License at |
| 10 * http://www.mozilla.org/MPL/ | 10 * http://www.mozilla.org/MPL/ |
| (...skipping 565 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 576 * specified cert make sure the extract operation is attempted from the slot | 576 * specified cert make sure the extract operation is attempted from the slot |
| 577 * where the private key resides. | 577 * where the private key resides. |
| 578 * If MS can be extracted for all ciphers, (*pcanbypass) is set to TRUE and | 578 * If MS can be extracted for all ciphers, (*pcanbypass) is set to TRUE and |
| 579 * SECSuccess is returned. In all other cases but one (*pcanbypass) is | 579 * SECSuccess is returned. In all other cases but one (*pcanbypass) is |
| 580 * set to FALSE and SECFailure is returned. | 580 * set to FALSE and SECFailure is returned. |
| 581 * In that last case Derive() has been called successfully but the MS is null, | 581 * In that last case Derive() has been called successfully but the MS is null, |
| 582 * CanBypass sets (*pcanbypass) to FALSE and returns SECSuccess indicating the | 582 * CanBypass sets (*pcanbypass) to FALSE and returns SECSuccess indicating the |
| 583 * arguments were all valid but the slot cannot be bypassed. | 583 * arguments were all valid but the slot cannot be bypassed. |
| 584 */ | 584 */ |
| 585 | 585 |
| 586 /* TODO: Add a SSL_CBP_TLS1_1 mask here */ | |
|
Ryan Sleevi
2012/03/22 22:26:37
Should this be XXX, per NSS style?
I think the TO
ekr
2012/03/23 12:46:41
I'm the one who added this TODO, but I'll leave th
| |
| 587 | |
| 586 SECStatus | 588 SECStatus |
| 587 SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey, | 589 SSL_CanBypass(CERTCertificate *cert, SECKEYPrivateKey *srvPrivkey, |
| 588 PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites, | 590 PRUint32 protocolmask, PRUint16 *ciphersuites, int nsuites, |
| 589 PRBool *pcanbypass, void *pwArg) | 591 PRBool *pcanbypass, void *pwArg) |
| 590 { SECStatus rv; | 592 { SECStatus rv; |
| 591 int i; | 593 int i; |
| 592 PRUint16 suite; | 594 PRUint16 suite; |
| 593 PK11SymKey * pms = NULL; | 595 PK11SymKey * pms = NULL; |
| 594 SECKEYPublicKey * srvPubkey = NULL; | 596 SECKEYPublicKey * srvPubkey = NULL; |
| 595 KeyType privKeytype; | 597 KeyType privKeytype; |
| (...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 872 | 874 |
| 873 if (srvPubkey) { | 875 if (srvPubkey) { |
| 874 SECKEY_DestroyPublicKey(srvPubkey); | 876 SECKEY_DestroyPublicKey(srvPubkey); |
| 875 srvPubkey = NULL; | 877 srvPubkey = NULL; |
| 876 } | 878 } |
| 877 | 879 |
| 878 | 880 |
| 879 return rv; | 881 return rv; |
| 880 } | 882 } |
| 881 | 883 |
| OLD | NEW |
