OLD | NEW |
1 /* | 1 /* |
2 * vtables (and methods that call through them) for the 4 types of | 2 * vtables (and methods that call through them) for the 4 types of |
3 * SSLSockets supported. Only one type is still supported. | 3 * SSLSockets supported. Only one type is still supported. |
4 * Various other functions. | 4 * Various other functions. |
5 * | 5 * |
6 * This Source Code Form is subject to the terms of the Mozilla Public | 6 * This Source Code Form is subject to the terms of the Mozilla Public |
7 * License, v. 2.0. If a copy of the MPL was not distributed with this | 7 * License, v. 2.0. If a copy of the MPL was not distributed with this |
8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
9 #include "seccomon.h" | 9 #include "seccomon.h" |
10 #include "cert.h" | 10 #include "cert.h" |
11 #include "keyhi.h" | 11 #include "keyhi.h" |
12 #include "ssl.h" | 12 #include "ssl.h" |
13 #include "sslimpl.h" | 13 #include "sslimpl.h" |
14 #include "sslproto.h" | 14 #include "sslproto.h" |
15 #include "nspr.h" | 15 #include "nspr.h" |
16 #include "private/pprio.h" | 16 #include "private/pprio.h" |
17 #ifndef NO_PKCS11_BYPASS | 17 #ifndef NO_PKCS11_BYPASS |
18 #include "blapi.h" | 18 #include "blapi.h" |
19 #endif | 19 #endif |
20 #include "pk11pub.h" | 20 #include "pk11pub.h" |
21 #include "nss.h" | 21 #include "nss.h" |
| 22 #include "pk11pqg.h" |
22 | 23 |
23 /* This is a bodge to allow this code to be compiled against older NSS headers | 24 /* This is a bodge to allow this code to be compiled against older NSS headers |
24 * that don't contain the TLS 1.2 changes. */ | 25 * that don't contain the TLS 1.2 changes. */ |
25 #ifndef CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 | 26 #ifndef CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 |
26 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) | 27 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
27 #endif | 28 #endif |
28 | 29 |
29 #define SET_ERROR_CODE /* reminder */ | 30 #define SET_ERROR_CODE /* reminder */ |
30 | 31 |
31 static const sslSocketOps ssl_default_ops = { /* No SSL. */ | 32 static const sslSocketOps ssl_default_ops = { /* No SSL. */ |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
83 PR_FALSE, /* enableDeflate */ | 84 PR_FALSE, /* enableDeflate */ |
84 2, /* enableRenegotiation (default: requires extension) */ | 85 2, /* enableRenegotiation (default: requires extension) */ |
85 PR_FALSE, /* requireSafeNegotiation */ | 86 PR_FALSE, /* requireSafeNegotiation */ |
86 PR_FALSE, /* enableFalseStart */ | 87 PR_FALSE, /* enableFalseStart */ |
87 PR_TRUE, /* cbcRandomIV */ | 88 PR_TRUE, /* cbcRandomIV */ |
88 PR_FALSE, /* enableOCSPStapling */ | 89 PR_FALSE, /* enableOCSPStapling */ |
89 PR_TRUE, /* enableNPN */ | 90 PR_TRUE, /* enableNPN */ |
90 PR_FALSE, /* enableALPN */ | 91 PR_FALSE, /* enableALPN */ |
91 PR_TRUE, /* reuseServerECDHEKey */ | 92 PR_TRUE, /* reuseServerECDHEKey */ |
92 PR_FALSE, /* enableFallbackSCSV */ | 93 PR_FALSE, /* enableFallbackSCSV */ |
| 94 PR_TRUE, /* enableServerDhe */ |
| 95 PR_FALSE, /* enableExtendedMS */ |
93 PR_FALSE, /* enableSignedCertTimestamps */ | 96 PR_FALSE, /* enableSignedCertTimestamps */ |
94 }; | 97 }; |
95 | 98 |
96 /* | 99 /* |
97 * default range of enabled SSL/TLS protocols | 100 * default range of enabled SSL/TLS protocols |
98 */ | 101 */ |
99 static SSLVersionRange versions_defaults_stream = { | 102 static SSLVersionRange versions_defaults_stream = { |
100 SSL_LIBRARY_VERSION_TLS_1_0, | 103 SSL_LIBRARY_VERSION_TLS_1_0, |
101 SSL_LIBRARY_VERSION_TLS_1_2 | 104 SSL_LIBRARY_VERSION_TLS_1_2 |
102 }; | 105 }; |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
225 ss->dbHandle = os->dbHandle; | 228 ss->dbHandle = os->dbHandle; |
226 | 229 |
227 /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */ | 230 /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */ |
228 ss->allowedByPolicy = os->allowedByPolicy; | 231 ss->allowedByPolicy = os->allowedByPolicy; |
229 ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy; | 232 ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy; |
230 ss->chosenPreference = os->chosenPreference; | 233 ss->chosenPreference = os->chosenPreference; |
231 PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites)
; | 234 PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites)
; |
232 PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, os->ssl3.dtlsSRTPCiphers, | 235 PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, os->ssl3.dtlsSRTPCiphers, |
233 sizeof(PRUint16) * os->ssl3.dtlsSRTPCipherCount); | 236 sizeof(PRUint16) * os->ssl3.dtlsSRTPCipherCount); |
234 ss->ssl3.dtlsSRTPCipherCount = os->ssl3.dtlsSRTPCipherCount; | 237 ss->ssl3.dtlsSRTPCipherCount = os->ssl3.dtlsSRTPCipherCount; |
| 238 PORT_Memcpy(ss->ssl3.signatureAlgorithms, os->ssl3.signatureAlgorithms, |
| 239 sizeof(ss->ssl3.signatureAlgorithms[0]) * |
| 240 os->ssl3.signatureAlgorithmCount); |
| 241 ss->ssl3.signatureAlgorithmCount = os->ssl3.signatureAlgorithmCount; |
| 242 |
| 243 ss->ssl3.dheWeakGroupEnabled = os->ssl3.dheWeakGroupEnabled; |
| 244 ss->ssl3.numDHEGroups = os->ssl3.numDHEGroups; |
| 245 if (os->ssl3.dheGroups) { |
| 246 ss->ssl3.dheGroups = PORT_NewArray(SSLDHEGroupType, |
| 247 os->ssl3.numDHEGroups); |
| 248 if (!ss->ssl3.dheGroups) { |
| 249 goto loser; |
| 250 } |
| 251 PORT_Memcpy(ss->ssl3.dheGroups, os->ssl3.dheGroups, |
| 252 sizeof(SSLDHEGroupType) * os->ssl3.numDHEGroups); |
| 253 } else { |
| 254 ss->ssl3.dheGroups = NULL; |
| 255 } |
235 | 256 |
236 if (os->cipherSpecs) { | 257 if (os->cipherSpecs) { |
237 ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs); | 258 ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs); |
238 if (ss->cipherSpecs) | 259 if (ss->cipherSpecs) |
239 PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs, | 260 PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs, |
240 os->sizeCipherSpecs); | 261 os->sizeCipherSpecs); |
241 ss->sizeCipherSpecs = os->sizeCipherSpecs; | 262 ss->sizeCipherSpecs = os->sizeCipherSpecs; |
242 ss->preferredCipher = os->preferredCipher; | 263 ss->preferredCipher = os->preferredCipher; |
243 } else { | 264 } else { |
244 ss->cipherSpecs = NULL; /* produced lazily */ | 265 ss->cipherSpecs = NULL; /* produced lazily */ |
(...skipping 23 matching lines...) Expand all Loading... |
268 if (oc->serverKeyPair && !sc->serverKeyPair) | 289 if (oc->serverKeyPair && !sc->serverKeyPair) |
269 goto loser; | 290 goto loser; |
270 sc->serverKeyBits = oc->serverKeyBits; | 291 sc->serverKeyBits = oc->serverKeyBits; |
271 ss->certStatusArray[i] = !os->certStatusArray[i] ? NULL : | 292 ss->certStatusArray[i] = !os->certStatusArray[i] ? NULL : |
272 SECITEM_DupArray(NULL, os->certStatusArray[i]); | 293 SECITEM_DupArray(NULL, os->certStatusArray[i]); |
273 } | 294 } |
274 ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL : | 295 ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL : |
275 ssl3_GetKeyPairRef(os->stepDownKeyPair); | 296 ssl3_GetKeyPairRef(os->stepDownKeyPair); |
276 ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL : | 297 ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL : |
277 ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair); | 298 ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair); |
| 299 ss->dheKeyPair = !os->dheKeyPair ? NULL : |
| 300 ssl3_GetKeyPairRef(os->dheKeyPair); |
| 301 ss->dheParams = os->dheParams; |
| 302 |
278 /* | 303 /* |
279 * XXX the preceding CERT_ and SECKEY_ functions can fail and return NULL. | 304 * XXX the preceding CERT_ and SECKEY_ functions can fail and return NULL. |
280 * XXX We should detect this, and not just march on with NULL pointers. | 305 * XXX We should detect this, and not just march on with NULL pointers. |
281 */ | 306 */ |
282 ss->authCertificate = os->authCertificate; | 307 ss->authCertificate = os->authCertificate; |
283 ss->authCertificateArg = os->authCertificateArg; | 308 ss->authCertificateArg = os->authCertificateArg; |
284 ss->getClientAuthData = os->getClientAuthData; | 309 ss->getClientAuthData = os->getClientAuthData; |
285 ss->getClientAuthDataArg = os->getClientAuthDataArg; | 310 ss->getClientAuthDataArg = os->getClientAuthDataArg; |
286 #ifdef NSS_PLATFORM_CLIENT_AUTH | 311 #ifdef NSS_PLATFORM_CLIENT_AUTH |
287 ss->getPlatformClientAuthData = os->getPlatformClientAuthData; | 312 ss->getPlatformClientAuthData = os->getPlatformClientAuthData; |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
391 } | 416 } |
392 } | 417 } |
393 if (ss->stepDownKeyPair) { | 418 if (ss->stepDownKeyPair) { |
394 ssl3_FreeKeyPair(ss->stepDownKeyPair); | 419 ssl3_FreeKeyPair(ss->stepDownKeyPair); |
395 ss->stepDownKeyPair = NULL; | 420 ss->stepDownKeyPair = NULL; |
396 } | 421 } |
397 if (ss->ephemeralECDHKeyPair) { | 422 if (ss->ephemeralECDHKeyPair) { |
398 ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair); | 423 ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair); |
399 ss->ephemeralECDHKeyPair = NULL; | 424 ss->ephemeralECDHKeyPair = NULL; |
400 } | 425 } |
| 426 if (ss->dheKeyPair) { |
| 427 ssl3_FreeKeyPair(ss->dheKeyPair); |
| 428 ss->dheKeyPair = NULL; |
| 429 } |
401 SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE); | 430 SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE); |
402 PORT_Assert(!ss->xtnData.sniNameArr); | |
403 if (ss->xtnData.sniNameArr) { | 431 if (ss->xtnData.sniNameArr) { |
404 PORT_Free(ss->xtnData.sniNameArr); | 432 PORT_Free(ss->xtnData.sniNameArr); |
405 ss->xtnData.sniNameArr = NULL; | 433 ss->xtnData.sniNameArr = NULL; |
406 } | 434 } |
407 } | 435 } |
408 | 436 |
409 /* | 437 /* |
410 * free an sslSocket struct, and all the stuff that hangs off of it | 438 * free an sslSocket struct, and all the stuff that hangs off of it |
411 */ | 439 */ |
412 void | 440 void |
(...skipping 388 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
801 break; | 829 break; |
802 | 830 |
803 case SSL_REUSE_SERVER_ECDHE_KEY: | 831 case SSL_REUSE_SERVER_ECDHE_KEY: |
804 ss->opt.reuseServerECDHEKey = on; | 832 ss->opt.reuseServerECDHEKey = on; |
805 break; | 833 break; |
806 | 834 |
807 case SSL_ENABLE_FALLBACK_SCSV: | 835 case SSL_ENABLE_FALLBACK_SCSV: |
808 ss->opt.enableFallbackSCSV = on; | 836 ss->opt.enableFallbackSCSV = on; |
809 break; | 837 break; |
810 | 838 |
| 839 case SSL_ENABLE_SERVER_DHE: |
| 840 ss->opt.enableServerDhe = on; |
| 841 break; |
| 842 |
| 843 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
| 844 ss->opt.enableExtendedMS = on; |
| 845 break; |
| 846 |
811 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 847 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
812 ss->opt.enableSignedCertTimestamps = on; | 848 ss->opt.enableSignedCertTimestamps = on; |
813 break; | 849 break; |
814 | 850 |
815 default: | 851 default: |
816 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 852 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
817 rv = SECFailure; | 853 rv = SECFailure; |
818 } | 854 } |
819 | 855 |
820 /* We can't use the macros for releasing the locks here, | 856 /* We can't use the macros for releasing the locks here, |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
880 case SSL_REQUIRE_SAFE_NEGOTIATION: | 916 case SSL_REQUIRE_SAFE_NEGOTIATION: |
881 on = ss->opt.requireSafeNegotiation; break; | 917 on = ss->opt.requireSafeNegotiation; break; |
882 case SSL_ENABLE_FALSE_START: on = ss->opt.enableFalseStart; break; | 918 case SSL_ENABLE_FALSE_START: on = ss->opt.enableFalseStart; break; |
883 case SSL_CBC_RANDOM_IV: on = ss->opt.cbcRandomIV; break; | 919 case SSL_CBC_RANDOM_IV: on = ss->opt.cbcRandomIV; break; |
884 case SSL_ENABLE_OCSP_STAPLING: on = ss->opt.enableOCSPStapling; break; | 920 case SSL_ENABLE_OCSP_STAPLING: on = ss->opt.enableOCSPStapling; break; |
885 case SSL_ENABLE_NPN: on = ss->opt.enableNPN; break; | 921 case SSL_ENABLE_NPN: on = ss->opt.enableNPN; break; |
886 case SSL_ENABLE_ALPN: on = ss->opt.enableALPN; break; | 922 case SSL_ENABLE_ALPN: on = ss->opt.enableALPN; break; |
887 case SSL_REUSE_SERVER_ECDHE_KEY: | 923 case SSL_REUSE_SERVER_ECDHE_KEY: |
888 on = ss->opt.reuseServerECDHEKey; break; | 924 on = ss->opt.reuseServerECDHEKey; break; |
889 case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break; | 925 case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break; |
| 926 case SSL_ENABLE_SERVER_DHE: on = ss->opt.enableServerDhe; break; |
| 927 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
| 928 on = ss->opt.enableExtendedMS; break; |
890 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 929 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
891 on = ss->opt.enableSignedCertTimestamps; | 930 on = ss->opt.enableSignedCertTimestamps; |
892 break; | 931 break; |
893 | 932 |
894 default: | 933 default: |
895 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 934 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
896 rv = SECFailure; | 935 rv = SECFailure; |
897 } | 936 } |
898 | 937 |
899 ssl_ReleaseSSL3HandshakeLock(ss); | 938 ssl_ReleaseSSL3HandshakeLock(ss); |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
952 on = ssl_defaults.enableOCSPStapling; | 991 on = ssl_defaults.enableOCSPStapling; |
953 break; | 992 break; |
954 case SSL_ENABLE_NPN: on = ssl_defaults.enableNPN; break; | 993 case SSL_ENABLE_NPN: on = ssl_defaults.enableNPN; break; |
955 case SSL_ENABLE_ALPN: on = ssl_defaults.enableALPN; break; | 994 case SSL_ENABLE_ALPN: on = ssl_defaults.enableALPN; break; |
956 case SSL_REUSE_SERVER_ECDHE_KEY: | 995 case SSL_REUSE_SERVER_ECDHE_KEY: |
957 on = ssl_defaults.reuseServerECDHEKey; | 996 on = ssl_defaults.reuseServerECDHEKey; |
958 break; | 997 break; |
959 case SSL_ENABLE_FALLBACK_SCSV: | 998 case SSL_ENABLE_FALLBACK_SCSV: |
960 on = ssl_defaults.enableFallbackSCSV; | 999 on = ssl_defaults.enableFallbackSCSV; |
961 break; | 1000 break; |
| 1001 case SSL_ENABLE_SERVER_DHE: |
| 1002 on = ssl_defaults.enableServerDhe; |
| 1003 break; |
| 1004 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
| 1005 on = ssl_defaults.enableExtendedMS; |
| 1006 break; |
962 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 1007 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
963 on = ssl_defaults.enableSignedCertTimestamps; | 1008 on = ssl_defaults.enableSignedCertTimestamps; |
964 break; | 1009 break; |
965 | 1010 |
966 default: | 1011 default: |
967 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 1012 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
968 rv = SECFailure; | 1013 rv = SECFailure; |
969 } | 1014 } |
970 | 1015 |
971 *pOn = on; | 1016 *pOn = on; |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1138 break; | 1183 break; |
1139 | 1184 |
1140 case SSL_REUSE_SERVER_ECDHE_KEY: | 1185 case SSL_REUSE_SERVER_ECDHE_KEY: |
1141 ssl_defaults.reuseServerECDHEKey = on; | 1186 ssl_defaults.reuseServerECDHEKey = on; |
1142 break; | 1187 break; |
1143 | 1188 |
1144 case SSL_ENABLE_FALLBACK_SCSV: | 1189 case SSL_ENABLE_FALLBACK_SCSV: |
1145 ssl_defaults.enableFallbackSCSV = on; | 1190 ssl_defaults.enableFallbackSCSV = on; |
1146 break; | 1191 break; |
1147 | 1192 |
| 1193 case SSL_ENABLE_SERVER_DHE: |
| 1194 ssl_defaults.enableServerDhe = on; |
| 1195 break; |
| 1196 |
| 1197 case SSL_ENABLE_EXTENDED_MASTER_SECRET: |
| 1198 ssl_defaults.enableExtendedMS = on; |
| 1199 break; |
| 1200 |
1148 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: | 1201 case SSL_ENABLE_SIGNED_CERT_TIMESTAMPS: |
1149 ssl_defaults.enableSignedCertTimestamps = on; | 1202 ssl_defaults.enableSignedCertTimestamps = on; |
1150 break; | 1203 break; |
1151 | 1204 |
1152 default: | 1205 default: |
1153 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 1206 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
1154 return SECFailure; | 1207 return SECFailure; |
1155 } | 1208 } |
1156 return SECSuccess; | 1209 return SECSuccess; |
1157 } | 1210 } |
(...skipping 216 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1374 return NSS_SetDomesticPolicy(); | 1427 return NSS_SetDomesticPolicy(); |
1375 } | 1428 } |
1376 | 1429 |
1377 SECStatus | 1430 SECStatus |
1378 NSS_SetFrancePolicy(void) | 1431 NSS_SetFrancePolicy(void) |
1379 { | 1432 { |
1380 return NSS_SetDomesticPolicy(); | 1433 return NSS_SetDomesticPolicy(); |
1381 } | 1434 } |
1382 | 1435 |
1383 SECStatus | 1436 SECStatus |
| 1437 SSL_DHEGroupPrefSet(PRFileDesc *fd, |
| 1438 SSLDHEGroupType *groups, |
| 1439 PRUint16 num_groups) |
| 1440 { |
| 1441 sslSocket *ss; |
| 1442 |
| 1443 if ((num_groups && !groups) || (!num_groups && groups)) { |
| 1444 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 1445 return SECFailure; |
| 1446 } |
| 1447 |
| 1448 ss = ssl_FindSocket(fd); |
| 1449 if (!ss) { |
| 1450 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(),
fd)); |
| 1451 return SECFailure; |
| 1452 } |
| 1453 |
| 1454 if (ss->ssl3.dheGroups) { |
| 1455 PORT_Free(ss->ssl3.dheGroups); |
| 1456 ss->ssl3.dheGroups = NULL; |
| 1457 ss->ssl3.numDHEGroups = 0; |
| 1458 } |
| 1459 |
| 1460 if (groups) { |
| 1461 ss->ssl3.dheGroups = PORT_NewArray(SSLDHEGroupType, num_groups); |
| 1462 if (!ss->ssl3.dheGroups) { |
| 1463 PORT_SetError(SEC_ERROR_NO_MEMORY); |
| 1464 return SECFailure; |
| 1465 } |
| 1466 PORT_Memcpy(ss->ssl3.dheGroups, groups, |
| 1467 sizeof(SSLDHEGroupType) * num_groups); |
| 1468 } |
| 1469 return SECSuccess; |
| 1470 } |
| 1471 |
| 1472 |
| 1473 PRCallOnceType gWeakDHParamsRegisterOnce; |
| 1474 int gWeakDHParamsRegisterError; |
| 1475 |
| 1476 PRCallOnceType gWeakDHParamsOnce; |
| 1477 int gWeakDHParamsError; |
| 1478 /* As our code allocates type PQGParams, we'll keep it around, |
| 1479 * even though we only make use of it's parameters through gWeakDHParam. */ |
| 1480 static PQGParams *gWeakParamsPQG; |
| 1481 static ssl3DHParams *gWeakDHParams; |
| 1482 |
| 1483 static PRStatus |
| 1484 ssl3_CreateWeakDHParams(void) |
| 1485 { |
| 1486 PQGVerify *vfy; |
| 1487 SECStatus rv, passed; |
| 1488 |
| 1489 PORT_Assert(!gWeakDHParams && !gWeakParamsPQG); |
| 1490 |
| 1491 rv = PK11_PQG_ParamGenV2(1024, 160, 64 /*maximum seed that will work*/, |
| 1492 &gWeakParamsPQG, &vfy); |
| 1493 if (rv != SECSuccess) { |
| 1494 gWeakDHParamsError = PORT_GetError(); |
| 1495 return PR_FAILURE; |
| 1496 } |
| 1497 |
| 1498 rv = PK11_PQG_VerifyParams(gWeakParamsPQG, vfy, &passed); |
| 1499 if (rv != SECSuccess || passed != SECSuccess) { |
| 1500 SSL_DBG(("%d: PK11_PQG_VerifyParams failed in ssl3_CreateWeakDHParams", |
| 1501 SSL_GETPID())); |
| 1502 gWeakDHParamsError = PORT_GetError(); |
| 1503 return PR_FAILURE; |
| 1504 } |
| 1505 |
| 1506 gWeakDHParams = PORT_ArenaNew(gWeakParamsPQG->arena, ssl3DHParams); |
| 1507 if (!gWeakDHParams) { |
| 1508 gWeakDHParamsError = PORT_GetError(); |
| 1509 return PR_FAILURE; |
| 1510 } |
| 1511 |
| 1512 gWeakDHParams->prime.data = gWeakParamsPQG->prime.data; |
| 1513 gWeakDHParams->prime.len = gWeakParamsPQG->prime.len; |
| 1514 gWeakDHParams->base.data = gWeakParamsPQG->base.data; |
| 1515 gWeakDHParams->base.len = gWeakParamsPQG->base.len; |
| 1516 |
| 1517 PK11_PQG_DestroyVerify(vfy); |
| 1518 return PR_SUCCESS; |
| 1519 } |
| 1520 |
| 1521 static SECStatus |
| 1522 ssl3_WeakDHParamsShutdown(void *appData, void *nssData) |
| 1523 { |
| 1524 if (gWeakParamsPQG) { |
| 1525 PK11_PQG_DestroyParams(gWeakParamsPQG); |
| 1526 gWeakParamsPQG = NULL; |
| 1527 gWeakDHParams = NULL; |
| 1528 } |
| 1529 return SECSuccess; |
| 1530 } |
| 1531 |
| 1532 static PRStatus |
| 1533 ssl3_WeakDHParamsRegisterShutdown(void) |
| 1534 { |
| 1535 SECStatus rv; |
| 1536 rv = NSS_RegisterShutdown(ssl3_WeakDHParamsShutdown, NULL); |
| 1537 if (rv != SECSuccess) { |
| 1538 gWeakDHParamsRegisterError = PORT_GetError(); |
| 1539 } |
| 1540 return (PRStatus)rv; |
| 1541 } |
| 1542 |
| 1543 /* global init strategy inspired by ssl3_CreateECDHEphemeralKeys */ |
| 1544 SECStatus |
| 1545 SSL_EnableWeakDHEPrimeGroup(PRFileDesc *fd, PRBool enabled) |
| 1546 { |
| 1547 sslSocket *ss; |
| 1548 PRStatus status; |
| 1549 |
| 1550 if (enabled) { |
| 1551 status = PR_CallOnce(&gWeakDHParamsRegisterOnce, |
| 1552 ssl3_WeakDHParamsRegisterShutdown); |
| 1553 if (status != PR_SUCCESS) { |
| 1554 PORT_SetError(gWeakDHParamsRegisterError); |
| 1555 return SECFailure; |
| 1556 } |
| 1557 |
| 1558 status = PR_CallOnce(&gWeakDHParamsOnce, ssl3_CreateWeakDHParams); |
| 1559 if (status != PR_SUCCESS) { |
| 1560 PORT_SetError(gWeakDHParamsError); |
| 1561 return SECFailure; |
| 1562 } |
| 1563 } |
| 1564 |
| 1565 if (!fd) |
| 1566 return SECSuccess; |
| 1567 |
| 1568 ss = ssl_FindSocket(fd); |
| 1569 if (!ss) { |
| 1570 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(),
fd)); |
| 1571 return SECFailure; |
| 1572 } |
| 1573 |
| 1574 ss->ssl3.dheWeakGroupEnabled = enabled; |
| 1575 return SECSuccess; |
| 1576 } |
| 1577 |
| 1578 SECStatus |
1384 SSL_GetChannelBinding(PRFileDesc *fd, | 1579 SSL_GetChannelBinding(PRFileDesc *fd, |
1385 SSLChannelBindingType binding_type, | 1580 SSLChannelBindingType binding_type, |
1386 unsigned char *out, | 1581 unsigned char *out, |
1387 unsigned int *outLen, | 1582 unsigned int *outLen, |
1388 unsigned int outLenMax) { | 1583 unsigned int outLenMax) { |
1389 sslSocket *ss = ssl_FindSocket(fd); | 1584 sslSocket *ss = ssl_FindSocket(fd); |
1390 | 1585 |
1391 if (!ss) { | 1586 if (!ss) { |
1392 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelBinding", | 1587 SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelBinding", |
1393 SSL_GETPID(), fd)); | 1588 SSL_GETPID(), fd)); |
1394 return SECFailure; | 1589 return SECFailure; |
1395 } | 1590 } |
1396 | 1591 |
1397 if (binding_type != SSL_CHANNEL_BINDING_TLS_UNIQUE) { | 1592 if (binding_type != SSL_CHANNEL_BINDING_TLS_UNIQUE) { |
1398 PORT_SetError(PR_INVALID_ARGUMENT_ERROR); | 1593 PORT_SetError(PR_INVALID_ARGUMENT_ERROR); |
1399 return SECFailure; | 1594 return SECFailure; |
1400 } | 1595 } |
1401 | 1596 |
1402 return ssl3_GetTLSUniqueChannelBinding(ss, out, outLen, outLenMax); | 1597 return ssl3_GetTLSUniqueChannelBinding(ss, out, outLen, outLenMax); |
1403 } | 1598 } |
1404 | 1599 |
| 1600 #include "dhe-param.c" |
| 1601 |
| 1602 static const SSLDHEGroupType ssl_default_dhe_groups[] = { |
| 1603 ssl_ff_dhe_2048_group |
| 1604 }; |
| 1605 |
| 1606 /* Keep this array synchronized with the index definitions in SSLDHEGroupType */ |
| 1607 static const ssl3DHParams *all_ssl3DHParams[] = { |
| 1608 NULL, /* ssl_dhe_group_none */ |
| 1609 &ff_dhe_2048, |
| 1610 &ff_dhe_3072, |
| 1611 &ff_dhe_4096, |
| 1612 &ff_dhe_6144, |
| 1613 &ff_dhe_8192, |
| 1614 }; |
| 1615 |
| 1616 static SSLDHEGroupType |
| 1617 selectDHEGroup(sslSocket *ss, const SSLDHEGroupType *groups, PRUint16 num_groups
) |
| 1618 { |
| 1619 if (!groups || !num_groups) |
| 1620 return ssl_dhe_group_none; |
| 1621 |
| 1622 /* We don't have automatic group parameter selection yet |
| 1623 * (potentially) based on socket parameters, e.g. key sizes. |
| 1624 * For now, we return the first available group from the allowed list. */ |
| 1625 return groups[0]; |
| 1626 } |
| 1627 |
| 1628 /* Ensure DH parameters have been selected */ |
| 1629 SECStatus |
| 1630 ssl3_SelectDHParams(sslSocket *ss) |
| 1631 { |
| 1632 SSLDHEGroupType selectedGroup = ssl_dhe_group_none; |
| 1633 |
| 1634 if (ss->ssl3.dheWeakGroupEnabled) { |
| 1635 ss->dheParams = gWeakDHParams; |
| 1636 } else { |
| 1637 if (ss->ssl3.dheGroups) { |
| 1638 selectedGroup = selectDHEGroup(ss, ss->ssl3.dheGroups, |
| 1639 ss->ssl3.numDHEGroups); |
| 1640 } else { |
| 1641 size_t number_of_default_groups = PR_ARRAY_SIZE(ssl_default_dhe_grou
ps); |
| 1642 selectedGroup = selectDHEGroup(ss, ssl_default_dhe_groups, |
| 1643 number_of_default_groups); |
| 1644 } |
| 1645 |
| 1646 if (selectedGroup == ssl_dhe_group_none || |
| 1647 selectedGroup >= ssl_dhe_group_max) { |
| 1648 return SECFailure; |
| 1649 } |
| 1650 |
| 1651 ss->dheParams = all_ssl3DHParams[selectedGroup]; |
| 1652 } |
| 1653 |
| 1654 return SECSuccess; |
| 1655 } |
1405 | 1656 |
1406 /* LOCKS ??? XXX */ | 1657 /* LOCKS ??? XXX */ |
1407 static PRFileDesc * | 1658 static PRFileDesc * |
1408 ssl_ImportFD(PRFileDesc *model, PRFileDesc *fd, SSLProtocolVariant variant) | 1659 ssl_ImportFD(PRFileDesc *model, PRFileDesc *fd, SSLProtocolVariant variant) |
1409 { | 1660 { |
1410 sslSocket * ns = NULL; | 1661 sslSocket * ns = NULL; |
1411 PRStatus rv; | 1662 PRStatus rv; |
1412 PRNetAddr addr; | 1663 PRNetAddr addr; |
1413 SECStatus status = ssl_Init(); | 1664 SECStatus status = ssl_Init(); |
1414 | 1665 |
(...skipping 277 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1692 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 1943 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
1693 return NULL; | 1944 return NULL; |
1694 } | 1945 } |
1695 | 1946 |
1696 ss->opt = sm->opt; | 1947 ss->opt = sm->opt; |
1697 ss->vrange = sm->vrange; | 1948 ss->vrange = sm->vrange; |
1698 PORT_Memcpy(ss->cipherSuites, sm->cipherSuites, sizeof sm->cipherSuites); | 1949 PORT_Memcpy(ss->cipherSuites, sm->cipherSuites, sizeof sm->cipherSuites); |
1699 PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, sm->ssl3.dtlsSRTPCiphers, | 1950 PORT_Memcpy(ss->ssl3.dtlsSRTPCiphers, sm->ssl3.dtlsSRTPCiphers, |
1700 sizeof(PRUint16) * sm->ssl3.dtlsSRTPCipherCount); | 1951 sizeof(PRUint16) * sm->ssl3.dtlsSRTPCipherCount); |
1701 ss->ssl3.dtlsSRTPCipherCount = sm->ssl3.dtlsSRTPCipherCount; | 1952 ss->ssl3.dtlsSRTPCipherCount = sm->ssl3.dtlsSRTPCipherCount; |
| 1953 PORT_Memcpy(ss->ssl3.signatureAlgorithms, sm->ssl3.signatureAlgorithms, |
| 1954 sizeof(ss->ssl3.signatureAlgorithms[0]) * |
| 1955 sm->ssl3.signatureAlgorithmCount); |
| 1956 ss->ssl3.signatureAlgorithmCount = sm->ssl3.signatureAlgorithmCount; |
1702 | 1957 |
1703 if (!ss->opt.useSecurity) { | 1958 if (!ss->opt.useSecurity) { |
1704 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 1959 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
1705 return NULL; | 1960 return NULL; |
1706 } | 1961 } |
1707 /* This int should be SSLKEAType, but CC on Irix complains, | 1962 /* This int should be SSLKEAType, but CC on Irix complains, |
1708 * during the for loop. | 1963 * during the for loop. |
1709 */ | 1964 */ |
1710 for (i=kt_null; i < kt_kea_size; i++) { | 1965 for (i=kt_null; i < kt_kea_size; i++) { |
1711 mc = &(sm->serverCerts[i]); | 1966 mc = &(sm->serverCerts[i]); |
(...skipping 1403 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3115 for (i=kt_null; i < kt_kea_size; i++) { | 3370 for (i=kt_null; i < kt_kea_size; i++) { |
3116 sslServerCerts * sc = ss->serverCerts + i; | 3371 sslServerCerts * sc = ss->serverCerts + i; |
3117 sc->serverCert = NULL; | 3372 sc->serverCert = NULL; |
3118 sc->serverCertChain = NULL; | 3373 sc->serverCertChain = NULL; |
3119 sc->serverKeyPair = NULL; | 3374 sc->serverKeyPair = NULL; |
3120 sc->serverKeyBits = 0; | 3375 sc->serverKeyBits = 0; |
3121 ss->certStatusArray[i] = NULL; | 3376 ss->certStatusArray[i] = NULL; |
3122 } | 3377 } |
3123 ss->requestedCertTypes = NULL; | 3378 ss->requestedCertTypes = NULL; |
3124 ss->stepDownKeyPair = NULL; | 3379 ss->stepDownKeyPair = NULL; |
| 3380 |
| 3381 ss->dheParams = NULL; |
| 3382 ss->dheKeyPair = NULL; |
| 3383 |
3125 ss->dbHandle = CERT_GetDefaultCertDB(); | 3384 ss->dbHandle = CERT_GetDefaultCertDB(); |
3126 | 3385 |
3127 /* Provide default implementation of hooks */ | 3386 /* Provide default implementation of hooks */ |
3128 ss->authCertificate = SSL_AuthCertificate; | 3387 ss->authCertificate = SSL_AuthCertificate; |
3129 ss->authCertificateArg = (void *)ss->dbHandle; | 3388 ss->authCertificateArg = (void *)ss->dbHandle; |
3130 ss->sniSocketConfig = NULL; | 3389 ss->sniSocketConfig = NULL; |
3131 ss->sniSocketConfigArg = NULL; | 3390 ss->sniSocketConfigArg = NULL; |
3132 ss->getClientAuthData = NULL; | 3391 ss->getClientAuthData = NULL; |
3133 #ifdef NSS_PLATFORM_CLIENT_AUTH | 3392 #ifdef NSS_PLATFORM_CLIENT_AUTH |
3134 ss->getPlatformClientAuthData = NULL; | 3393 ss->getPlatformClientAuthData = NULL; |
(...skipping 23 matching lines...) Expand all Loading... |
3158 if (status != SECSuccess) { | 3417 if (status != SECSuccess) { |
3159 loser: | 3418 loser: |
3160 ssl_DestroySocketContents(ss); | 3419 ssl_DestroySocketContents(ss); |
3161 ssl_DestroyLocks(ss); | 3420 ssl_DestroyLocks(ss); |
3162 PORT_Free(ss); | 3421 PORT_Free(ss); |
3163 ss = NULL; | 3422 ss = NULL; |
3164 } | 3423 } |
3165 } | 3424 } |
3166 return ss; | 3425 return ss; |
3167 } | 3426 } |
OLD | NEW |