Index: net/third_party/nss/ssl/sslimpl.h |
diff --git a/net/third_party/nss/ssl/sslimpl.h b/net/third_party/nss/ssl/sslimpl.h |
index efcbf9faddcb17bbe70a7b430c26b9a0af7da817..874e59c62232cde1ce4231e35245d532c456d22c 100644 |
--- a/net/third_party/nss/ssl/sslimpl.h |
+++ b/net/third_party/nss/ssl/sslimpl.h |
@@ -1,3 +1,4 @@ |
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
/* |
* This file is PRIVATE to SSL and should be the first thing included by |
* any SSL implementation file. |
@@ -181,6 +182,7 @@ typedef struct ssl3CertNodeStr ssl3CertNode; |
typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef; |
typedef struct ssl3MACDefStr ssl3MACDef; |
typedef struct ssl3KeyPairStr ssl3KeyPair; |
+typedef struct ssl3DHParamsStr ssl3DHParams; |
struct ssl3CertNodeStr { |
struct ssl3CertNodeStr *next; |
@@ -300,13 +302,19 @@ typedef struct { |
} ssl3CipherSuiteCfg; |
#ifndef NSS_DISABLE_ECC |
-#define ssl_V3_SUITES_IMPLEMENTED 63 |
+#define ssl_V3_SUITES_IMPLEMENTED 66 |
#else |
-#define ssl_V3_SUITES_IMPLEMENTED 37 |
+#define ssl_V3_SUITES_IMPLEMENTED 40 |
#endif /* NSS_DISABLE_ECC */ |
#define MAX_DTLS_SRTP_CIPHER_SUITES 4 |
+/* MAX_SIGNATURE_ALGORITHMS allows for a large number of combinations of |
+ * SSLSignType and SSLHashType, but not all combinations (specifically, this |
+ * doesn't allow space for combinations with MD5). */ |
+#define MAX_SIGNATURE_ALGORITHMS 15 |
+ |
+ |
typedef struct sslOptionsStr { |
/* If SSL_SetNextProtoNego has been called, then this contains the |
* list of supported protocols. */ |
@@ -339,7 +347,9 @@ typedef struct sslOptionsStr { |
unsigned int enableALPN : 1; /* 27 */ |
unsigned int reuseServerECDHEKey : 1; /* 28 */ |
unsigned int enableFallbackSCSV : 1; /* 29 */ |
- unsigned int enableSignedCertTimestamps : 1; /* 30 */ |
+ unsigned int enableServerDhe : 1; /* 30 */ |
+ unsigned int enableExtendedMS : 1; /* 31 */ |
+ unsigned int enableSignedCertTimestamps : 1; /* 32 */ |
} sslOptions; |
typedef enum { sslHandshakingUndetermined = 0, |
@@ -521,6 +531,7 @@ typedef struct { |
PRUint16 wrapped_master_secret_len; |
PRUint8 msIsWrapped; |
PRUint8 resumable; |
+ PRUint8 extendedMasterSecretUsed; |
} ssl3SidKeys; /* 52 bytes */ |
typedef struct { |
@@ -766,10 +777,10 @@ typedef struct { |
* is_limited identifies a suite as having a limit on the key size. |
* key_size_limit provides the corresponding limit. */ |
PRBool is_limited; |
- int key_size_limit; |
+ unsigned int key_size_limit; |
PRBool tls_keygen; |
- /* True if the key exchange for the suite can be ephemeral. Or to be more |
- * precise: true if the ServerKeyExchange message is required. */ |
+ /* True if the key exchange for the suite is ephemeral. Or to be more |
+ * precise: true if the ServerKeyExchange message is always required. */ |
PRBool ephemeral; |
} ssl3KEADef; |
@@ -955,12 +966,14 @@ const ssl3CipherSuiteDef *suite_def; |
PRBool cacheSID; |
PRBool canFalseStart; /* Can/did we False Start */ |
+ /* Which preliminaryinfo values have been set. */ |
+ PRUint32 preliminaryInfo; |
/* clientSigAndHash contains the contents of the signature_algorithms |
* extension (if any) from the client. This is only valid for TLS 1.2 |
* or later. */ |
- SSL3SignatureAndHashAlgorithm *clientSigAndHash; |
- unsigned int numClientSigAndHash; |
+ SSLSignatureAndHashAlg *clientSigAndHash; |
+ unsigned int numClientSigAndHash; |
/* This group of values is used for DTLS */ |
PRUint16 sendMessageSeq; /* The sending message sequence |
@@ -1044,9 +1057,17 @@ struct ssl3StateStr { |
PRUint16 dtlsSRTPCipherCount; |
PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */ |
PRBool fatalAlertSent; |
+ PRUint16 numDHEGroups; /* used by server */ |
+ SSLDHEGroupType * dheGroups; /* used by server */ |
+ PRBool dheWeakGroupEnabled; /* used by server */ |
+ |
+ /* TLS 1.2 introduces separate signature algorithm negotiation. |
+ * This is our preference order. */ |
+ SSLSignatureAndHashAlg signatureAlgorithms[MAX_SIGNATURE_ALGORITHMS]; |
+ unsigned int signatureAlgorithmCount; |
}; |
-#define DTLS_MAX_MTU 1500 /* Ethernet MTU but without subtracting the |
+#define DTLS_MAX_MTU 1500U /* Ethernet MTU but without subtracting the |
* headers, so slightly larger than expected */ |
#define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram) |
@@ -1063,6 +1084,11 @@ struct ssl3KeyPairStr { |
PRInt32 refCount; /* use PR_Atomic calls for this. */ |
}; |
+struct ssl3DHParamsStr { |
+ SECItem prime; /* p */ |
+ SECItem base; /* g */ |
+}; |
+ |
typedef struct SSLWrappedSymWrappingKeyStr { |
SSL3Opaque wrappedSymmetricWrappingkey[512]; |
CK_MECHANISM_TYPE symWrapMechanism; |
@@ -1093,6 +1119,7 @@ typedef struct SessionTicketStr { |
CK_MECHANISM_TYPE msWrapMech; |
PRUint16 ms_length; |
SSL3Opaque master_secret[48]; |
+ PRBool extendedMasterSecretUsed; |
ClientIdentity client_identity; |
SECItem peer_cert; |
PRUint32 timestamp; |
@@ -1275,6 +1302,9 @@ const unsigned char * preferredCipher; |
ssl3KeyPair * stepDownKeyPair; /* RSA step down keys */ |
+ const ssl3DHParams *dheParams; /* DHE param */ |
+ ssl3KeyPair * dheKeyPair; /* DHE keys */ |
+ |
/* Callbacks */ |
SSLAuthCertificate authCertificate; |
void *authCertificateArg; |
@@ -1634,7 +1664,7 @@ extern PRBool ssl3_VersionIsSupported(SSLProtocolVariant protocolVariant, |
extern SECStatus ssl3_KeyAndMacDeriveBypass(ssl3CipherSpec * pwSpec, |
const unsigned char * cr, const unsigned char * sr, |
PRBool isTLS, PRBool isExport); |
-extern SECStatus ssl3_MasterKeyDeriveBypass( ssl3CipherSpec * pwSpec, |
+extern SECStatus ssl3_MasterSecretDeriveBypass( ssl3CipherSpec * pwSpec, |
const unsigned char * cr, const unsigned char * sr, |
const SECItem * pms, PRBool isTLS, PRBool isRSA); |
@@ -1688,6 +1718,8 @@ int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags); |
*/ |
extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss); |
+extern SECStatus ssl3_SelectDHParams(sslSocket *ss); |
+ |
#ifndef NSS_DISABLE_ECC |
extern void ssl3_FilterECCipherSuitesByServerCerts(sslSocket *ss); |
extern PRBool ssl3_IsECCEnabled(sslSocket *ss); |
@@ -1790,11 +1822,11 @@ extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss, |
SSL3Opaque *b, PRUint32 length, |
SECKEYPublicKey *srvrPubKey, |
SECKEYPrivateKey *srvrPrivKey); |
-extern SECStatus ssl3_SendECDHServerKeyExchange(sslSocket *ss, |
- const SSL3SignatureAndHashAlgorithm *sigAndHash); |
+extern SECStatus ssl3_SendECDHServerKeyExchange( |
+ sslSocket *ss, const SSLSignatureAndHashAlg *sigAndHash); |
#endif |
-extern SECStatus ssl3_ComputeCommonKeyHash(SECOidTag hashAlg, |
+extern SECStatus ssl3_ComputeCommonKeyHash(SSLHashType hashAlg, |
PRUint8 * hashBuf, |
unsigned int bufLen, SSL3Hashes *hashes, |
PRBool bypassPKCS11); |
@@ -1808,21 +1840,22 @@ extern SECStatus ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, |
PRInt32 lenSize); |
extern SECStatus ssl3_AppendHandshakeVariable( sslSocket *ss, |
const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize); |
-extern SECStatus ssl3_AppendSignatureAndHashAlgorithm(sslSocket *ss, |
- const SSL3SignatureAndHashAlgorithm* sigAndHash); |
+extern SECStatus ssl3_AppendSignatureAndHashAlgorithm( |
+ sslSocket *ss, const SSLSignatureAndHashAlg* sigAndHash); |
extern SECStatus ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, |
SSL3Opaque **b, PRUint32 *length); |
extern PRInt32 ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, |
SSL3Opaque **b, PRUint32 *length); |
extern SECStatus ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i, |
PRInt32 bytes, SSL3Opaque **b, PRUint32 *length); |
-extern SECOidTag ssl3_TLSHashAlgorithmToOID(int hashFunc); |
+extern PRBool ssl3_IsSupportedSignatureAlgorithm( |
+ const SSLSignatureAndHashAlg *alg); |
extern SECStatus ssl3_CheckSignatureAndHashAlgorithmConsistency( |
- const SSL3SignatureAndHashAlgorithm *sigAndHash, |
- CERTCertificate* cert); |
-extern SECStatus ssl3_ConsumeSignatureAndHashAlgorithm(sslSocket *ss, |
- SSL3Opaque **b, PRUint32 *length, |
- SSL3SignatureAndHashAlgorithm *out); |
+ sslSocket *ss, const SSLSignatureAndHashAlg *sigAndHash, |
+ CERTCertificate* cert); |
+extern SECStatus ssl3_ConsumeSignatureAndHashAlgorithm( |
+ sslSocket *ss, SSL3Opaque **b, PRUint32 *length, |
+ SSLSignatureAndHashAlg *out); |
extern SECStatus ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, |
SECItem *buf, PRBool isTLS); |
extern SECStatus ssl3_VerifySignedHashes(SSL3Hashes *hash, |
@@ -1890,7 +1923,7 @@ extern PRBool ssl_GetSessionTicketKeysPKCS11(SECKEYPrivateKey *svrPrivKey, |
/* Tell clients to consider tickets valid for this long. */ |
#define TLS_EX_SESS_TICKET_LIFETIME_HINT (2 * 24 * 60 * 60) /* 2 days */ |
-#define TLS_EX_SESS_TICKET_VERSION (0x0100) |
+#define TLS_EX_SESS_TICKET_VERSION (0x0101) |
extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char* data, |
unsigned int length); |
@@ -2024,6 +2057,8 @@ ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, |
const char *label, unsigned int labelLen, |
const unsigned char *val, unsigned int valLen, |
unsigned char *out, unsigned int outLen); |
+extern SECOidTag |
+ssl3_TLSHashAlgorithmToOID(SSLHashType hashFunc); |
#ifdef TRACE |
#define SSL_TRACE(msg) ssl_Trace msg |