Index: net/third_party/nss/patches/chacha20poly1305.patch |
diff --git a/net/third_party/nss/patches/chacha20poly1305.patch b/net/third_party/nss/patches/chacha20poly1305.patch |
index 028ed70be5e6277500b6a586e9511e2eba0d5514..2a4c56405c07cfc4533816bbb4473206e7595d70 100644 |
--- a/net/third_party/nss/patches/chacha20poly1305.patch |
+++ b/net/third_party/nss/patches/chacha20poly1305.patch |
@@ -1,7 +1,8 @@ |
-diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
---- a/nss/lib/ssl/ssl3con.c 2014-01-17 18:06:41.659713513 -0800 |
-+++ b/nss/lib/ssl/ssl3con.c 2014-01-17 18:07:10.270188062 -0800 |
-@@ -40,6 +40,21 @@ |
+diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c |
+index 375ed6a..adaa9a4 100644 |
+--- a/ssl/ssl3con.c |
++++ b/ssl/ssl3con.c |
+@@ -41,6 +41,21 @@ |
#define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
#endif |
@@ -23,16 +24,16 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
#include <stdio.h> |
#ifdef NSS_ENABLE_ZLIB |
#include "zlib.h" |
-@@ -104,6 +119,8 @@ static ssl3CipherSuiteCfg cipherSuites[s |
+@@ -105,6 +120,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
/* cipher_suite policy enabled isPresent */ |
- #ifdef NSS_ENABLE_ECC |
+ #ifndef NSS_DISABLE_ECC |
+ { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
+ { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE}, |
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around |
-@@ -292,6 +309,7 @@ static const ssl3BulkCipherDef bulk_ciph |
+@@ -296,6 +313,7 @@ static const ssl3BulkCipherDef bulk_cipher_defs[] = { |
{cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0}, |
{cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0}, |
{cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8}, |
@@ -40,16 +41,16 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
{cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0}, |
}; |
-@@ -418,6 +436,8 @@ static const ssl3CipherSuiteDef cipher_s |
+@@ -422,6 +440,8 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] = |
{TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa}, |
{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_rsa}, |
{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_ecdsa}, |
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdhe_rsa}, |
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdhe_ecdsa}, |
- #ifdef NSS_ENABLE_ECC |
+ #ifndef NSS_DISABLE_ECC |
{TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, |
-@@ -483,6 +503,7 @@ static const SSLCipher2Mech alg2Mech[] = |
+@@ -487,6 +507,7 @@ static const SSLCipher2Mech alg2Mech[] = { |
{ calg_camellia , CKM_CAMELLIA_CBC }, |
{ calg_seed , CKM_SEED_CBC }, |
{ calg_aes_gcm , CKM_AES_GCM }, |
@@ -57,16 +58,16 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
/* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */ |
}; |
-@@ -647,6 +668,8 @@ ssl3_CipherSuiteAllowedForVersionRange( |
- * SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: never implemented |
- */ |
- return vrange->min <= SSL_LIBRARY_VERSION_TLS_1_0; |
+@@ -662,6 +683,8 @@ ssl3_CipherSuiteAllowedForVersionRange( |
+ case TLS_RSA_WITH_NULL_SHA256: |
+ return vrange->max == SSL_LIBRARY_VERSION_TLS_1_2; |
+ |
+ case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: |
+ case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: |
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: |
- case TLS_RSA_WITH_AES_256_CBC_SHA256: |
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: |
-@@ -2043,6 +2066,46 @@ ssl3_AESGCMBypass(ssl3KeyMaterial *keys, |
+ case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: |
+ case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: |
+ case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: |
+@@ -2070,6 +2093,46 @@ ssl3_AESGCMBypass(ssl3KeyMaterial *keys, |
} |
#endif |
@@ -113,7 +114,7 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
/* Initialize encryption and MAC contexts for pending spec. |
* Master Secret already is derived. |
* Caller holds Spec write lock. |
-@@ -2076,13 +2139,17 @@ ssl3_InitPendingContextsPKCS11(sslSocket |
+@@ -2103,13 +2166,17 @@ ssl3_InitPendingContextsPKCS11(sslSocket *ss) |
pwSpec->client.write_mac_context = NULL; |
pwSpec->server.write_mac_context = NULL; |
@@ -133,10 +134,11 @@ diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
return SECSuccess; |
} |
-diff -pu a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c |
---- a/nss/lib/ssl/ssl3ecc.c 2014-01-17 18:04:43.127747463 -0800 |
-+++ b/nss/lib/ssl/ssl3ecc.c 2014-01-17 18:07:10.270188062 -0800 |
-@@ -904,6 +904,7 @@ static const ssl3CipherSuite ecdhe_ecdsa |
+diff --git a/ssl/ssl3ecc.c b/ssl/ssl3ecc.c |
+index 003ed78..d5d6c9c 100644 |
+--- a/ssl/ssl3ecc.c |
++++ b/ssl/ssl3ecc.c |
+@@ -920,6 +920,7 @@ static const ssl3CipherSuite ecdhe_ecdsa_suites[] = { |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
@@ -144,7 +146,7 @@ diff -pu a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c |
TLS_ECDHE_ECDSA_WITH_NULL_SHA, |
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, |
0 /* end of list marker */ |
-@@ -915,6 +916,7 @@ static const ssl3CipherSuite ecdhe_rsa_s |
+@@ -931,6 +932,7 @@ static const ssl3CipherSuite ecdhe_rsa_suites[] = { |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, |
@@ -152,7 +154,7 @@ diff -pu a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c |
TLS_ECDHE_RSA_WITH_NULL_SHA, |
TLS_ECDHE_RSA_WITH_RC4_128_SHA, |
0 /* end of list marker */ |
-@@ -927,6 +929,7 @@ static const ssl3CipherSuite ecSuites[] |
+@@ -943,6 +945,7 @@ static const ssl3CipherSuite ecSuites[] = { |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
@@ -160,7 +162,7 @@ diff -pu a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c |
TLS_ECDHE_ECDSA_WITH_NULL_SHA, |
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, |
-@@ -934,6 +937,7 @@ static const ssl3CipherSuite ecSuites[] |
+@@ -950,6 +953,7 @@ static const ssl3CipherSuite ecSuites[] = { |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, |
@@ -168,9 +170,10 @@ diff -pu a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c |
TLS_ECDHE_RSA_WITH_NULL_SHA, |
TLS_ECDHE_RSA_WITH_RC4_128_SHA, |
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, |
-diff -pu a/nss/lib/ssl/sslenum.c b/nss/lib/ssl/sslenum.c |
---- a/nss/lib/ssl/sslenum.c 2014-01-17 17:49:26.072517368 -0800 |
-+++ b/nss/lib/ssl/sslenum.c 2014-01-17 18:08:43.791739267 -0800 |
+diff --git a/ssl/sslenum.c b/ssl/sslenum.c |
+index 09ce43f..a036627 100644 |
+--- a/ssl/sslenum.c |
++++ b/ssl/sslenum.c |
@@ -37,17 +37,21 @@ |
* |
* Exception: Because some servers ignore the high-order byte of the cipher |
@@ -190,15 +193,16 @@ diff -pu a/nss/lib/ssl/sslenum.c b/nss/lib/ssl/sslenum.c |
+ * the fifth one. |
*/ |
const PRUint16 SSL_ImplementedCiphers[] = { |
- #ifdef NSS_ENABLE_ECC |
+ #ifndef NSS_DISABLE_ECC |
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, |
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before |
-diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
---- a/nss/lib/ssl/sslimpl.h 2014-01-17 18:03:47.906831535 -0800 |
-+++ b/nss/lib/ssl/sslimpl.h 2014-01-17 18:07:10.270188062 -0800 |
+diff --git a/ssl/sslimpl.h b/ssl/sslimpl.h |
+index 88f559a..643570f 100644 |
+--- a/ssl/sslimpl.h |
++++ b/ssl/sslimpl.h |
@@ -65,6 +65,7 @@ typedef SSLSignType SSL3SignType; |
#define calg_camellia ssl_calg_camellia |
#define calg_seed ssl_calg_seed |
@@ -210,13 +214,13 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
@@ -299,7 +300,7 @@ typedef struct { |
} ssl3CipherSuiteCfg; |
- #ifdef NSS_ENABLE_ECC |
+ #ifndef NSS_DISABLE_ECC |
-#define ssl_V3_SUITES_IMPLEMENTED 61 |
+#define ssl_V3_SUITES_IMPLEMENTED 63 |
#else |
#define ssl_V3_SUITES_IMPLEMENTED 37 |
- #endif /* NSS_ENABLE_ECC */ |
-@@ -483,6 +484,7 @@ typedef enum { |
+ #endif /* NSS_DISABLE_ECC */ |
+@@ -485,6 +486,7 @@ typedef enum { |
cipher_camellia_256, |
cipher_seed, |
cipher_aes_128_gcm, |
@@ -224,10 +228,11 @@ diff -pu a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h |
cipher_missing /* reserved for no such supported cipher */ |
/* This enum must match ssl3_cipherName[] in ssl3con.c. */ |
} SSL3BulkCipher; |
-diff -pu a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c |
---- a/nss/lib/ssl/sslinfo.c 2014-01-17 18:00:45.503806125 -0800 |
-+++ b/nss/lib/ssl/sslinfo.c 2014-01-17 18:07:10.270188062 -0800 |
-@@ -110,6 +110,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLCh |
+diff --git a/ssl/sslinfo.c b/ssl/sslinfo.c |
+index ba230d2..845d9f0 100644 |
+--- a/ssl/sslinfo.c |
++++ b/ssl/sslinfo.c |
+@@ -110,6 +110,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) |
#define C_NULL "NULL", calg_null |
#define C_SJ "SKIPJACK", calg_sj |
#define C_AESGCM "AES-GCM", calg_aes_gcm |
@@ -235,7 +240,7 @@ diff -pu a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c |
#define B_256 256, 256, 256 |
#define B_128 128, 128, 128 |
-@@ -188,12 +189,14 @@ static const SSLCipherSuiteInfo suiteInf |
+@@ -188,12 +189,14 @@ static const SSLCipherSuiteInfo suiteInfo[] = { |
{0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA, 1, 0, 0, }, |
{0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA256, 1, 0, 0, }, |
{0,CS(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_256, M_SHA, 1, 0, 0, }, |
@@ -250,10 +255,11 @@ diff -pu a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c |
{0,CS(TLS_ECDHE_RSA_WITH_NULL_SHA), S_RSA, K_ECDHE, C_NULL, B_0, M_SHA, 0, 0, 0, }, |
{0,CS(TLS_ECDHE_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDHE, C_RC4, B_128, M_SHA, 0, 0, 0, }, |
-diff -pu a/nss/lib/ssl/sslproto.h b/nss/lib/ssl/sslproto.h |
---- a/nss/lib/ssl/sslproto.h 2014-01-17 17:49:26.072517368 -0800 |
-+++ b/nss/lib/ssl/sslproto.h 2014-01-17 18:07:10.270188062 -0800 |
-@@ -213,6 +213,9 @@ |
+diff --git a/ssl/sslproto.h b/ssl/sslproto.h |
+index e02442c..dc653c9 100644 |
+--- a/ssl/sslproto.h |
++++ b/ssl/sslproto.h |
+@@ -258,6 +258,9 @@ |
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F |
#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 |
@@ -261,11 +267,12 @@ diff -pu a/nss/lib/ssl/sslproto.h b/nss/lib/ssl/sslproto.h |
+#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0xCC14 |
+ |
/* Netscape "experimental" cipher suites. */ |
- #define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0 |
- #define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1 |
-diff -pu a/nss/lib/ssl/sslt.h b/nss/lib/ssl/sslt.h |
---- a/nss/lib/ssl/sslt.h 2014-01-17 18:03:47.906831535 -0800 |
-+++ b/nss/lib/ssl/sslt.h 2014-01-17 18:07:10.270188062 -0800 |
+ #define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0 |
+ #define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1 |
+diff --git a/ssl/sslt.h b/ssl/sslt.h |
+index 430d216..fe0ad07 100644 |
+--- a/ssl/sslt.h |
++++ b/ssl/sslt.h |
@@ -94,7 +94,8 @@ typedef enum { |
ssl_calg_aes = 7, |
ssl_calg_camellia = 8, |