OLD | NEW |
(Empty) | |
| 1 Index: net/third_party/nss/ssl/ssl3con.c |
| 2 =================================================================== |
| 3 --- net/third_party/nss/ssl/ssl3con.c (revision 203164) |
| 4 +++ net/third_party/nss/ssl/ssl3con.c (working copy) |
| 5 @@ -196,12 +196,27 @@ |
| 6 |
| 7 static const /*SSL3ClientCertificateType */ uint8 certificate_types [] = { |
| 8 ct_RSA_sign, |
| 9 - ct_DSS_sign, |
| 10 #ifdef NSS_ENABLE_ECC |
| 11 ct_ECDSA_sign, |
| 12 #endif /* NSS_ENABLE_ECC */ |
| 13 + ct_DSS_sign, |
| 14 }; |
| 15 |
| 16 +/* This block is our supported_signature_algorithms value, in wire format. |
| 17 + * See https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
| 18 +static const PRUint8 supported_signature_algorithms[] = { |
| 19 + tls_hash_sha256, tls_sig_rsa, |
| 20 + tls_hash_sha384, tls_sig_rsa, |
| 21 + tls_hash_sha1, tls_sig_rsa, |
| 22 +#ifdef NSS_ENABLE_ECC |
| 23 + tls_hash_sha256, tls_sig_ecdsa, |
| 24 + tls_hash_sha384, tls_sig_ecdsa, |
| 25 + tls_hash_sha1, tls_sig_ecdsa, |
| 26 +#endif |
| 27 + tls_hash_sha256, tls_sig_dsa, |
| 28 + tls_hash_sha1, tls_sig_dsa, |
| 29 +}; |
| 30 + |
| 31 #define EXPORT_RSA_KEY_LENGTH 64 /* bytes */ |
| 32 |
| 33 |
| 34 @@ -3932,6 +3947,23 @@ |
| 35 return ssl3_AppendHandshake(ss, serialized, sizeof(serialized)); |
| 36 } |
| 37 |
| 38 +/* Appends our supported_signature_algorithms value to the current handshake |
| 39 + * message. */ |
| 40 +SECStatus |
| 41 +ssl3_AppendSupportedSignatureAlgorithms(sslSocket *ss) |
| 42 +{ |
| 43 + return ssl3_AppendHandshakeVariable(ss, supported_signature_algorithms, |
| 44 + sizeof supported_signature_algorithms, |
| 45 + 2); |
| 46 +} |
| 47 + |
| 48 +/* Returns the size in bytes of our supported_signature_algorithms value. */ |
| 49 +unsigned int |
| 50 +ssl3_SizeOfSupportedSignatureAlgorithms(void) |
| 51 +{ |
| 52 + return sizeof supported_signature_algorithms; |
| 53 +} |
| 54 + |
| 55 /************************************************************************** |
| 56 * Consume Handshake functions. |
| 57 * |
| 58 @@ -6508,12 +6540,14 @@ |
| 59 dnameNode * node; |
| 60 PRInt32 remaining; |
| 61 PRBool isTLS = PR_FALSE; |
| 62 + PRBool isTLS12 = PR_FALSE; |
| 63 int i; |
| 64 int errCode = SSL_ERROR_RX_MALFORMED_CERT_REQUEST; |
| 65 int nnames = 0; |
| 66 SECStatus rv; |
| 67 SSL3AlertDescription desc = illegal_parameter; |
| 68 SECItem cert_types = {siBuffer, NULL, 0}; |
| 69 + SECItem algorithms = {siBuffer, NULL, 0}; |
| 70 CERTDistNames ca_list; |
| 71 #ifdef NSS_PLATFORM_CLIENT_AUTH |
| 72 CERTCertList * platform_cert_list = NULL; |
| 73 @@ -6538,6 +6572,7 @@ |
| 74 PORT_Assert(ss->ssl3.platformClientKey == (PlatformKey)NULL); |
| 75 |
| 76 isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0); |
| 77 + isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2)
; |
| 78 rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length); |
| 79 if (rv != SECSuccess) |
| 80 goto loser; /* malformed, alert has been sent */ |
| 81 @@ -6545,6 +6580,18 @@ |
| 82 PORT_Assert(!ss->requestedCertTypes); |
| 83 ss->requestedCertTypes = &cert_types; |
| 84 |
| 85 + if (isTLS12) { |
| 86 + rv = ssl3_ConsumeHandshakeVariable(ss, &algorithms, 2, &b, &length); |
| 87 + if (rv != SECSuccess) |
| 88 + goto loser; /* malformed, alert has been sent */ |
| 89 + /* An empty or odd-length value is invalid. |
| 90 + * SignatureAndHashAlgorithm |
| 91 + * supported_signature_algorithms<2..2^16-2>; |
| 92 + */ |
| 93 + if (algorithms.len == 0 || (algorithms.len & 1) != 0) |
| 94 + goto alert_loser; |
| 95 + } |
| 96 + |
| 97 arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
| 98 if (arena == NULL) |
| 99 goto no_mem; |
| 100 @@ -6607,7 +6654,7 @@ |
| 101 |
| 102 #ifdef NSS_PLATFORM_CLIENT_AUTH |
| 103 if (ss->getPlatformClientAuthData != NULL) { |
| 104 - /* XXX Should pass cert_types in this call!! */ |
| 105 + /* XXX Should pass cert_types and algorithms in this call!! */ |
| 106 rv = (SECStatus)(*ss->getPlatformClientAuthData)( |
| 107 ss->getPlatformClientAuthDataArg, |
| 108 ss->fd, &ca_list, |
| 109 @@ -6618,7 +6665,7 @@ |
| 110 } else |
| 111 #endif |
| 112 if (ss->getClientAuthData != NULL) { |
| 113 - /* XXX Should pass cert_types in this call!! */ |
| 114 + /* XXX Should pass cert_types and algorithms in this call!! */ |
| 115 rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg, |
| 116 ss->fd, &ca_list, |
| 117 &ss->ssl3.clientCertificate, |
| 118 @@ -8492,6 +8539,7 @@ |
| 119 static SECStatus |
| 120 ssl3_SendCertificateRequest(sslSocket *ss) |
| 121 { |
| 122 + PRBool isTLS12; |
| 123 SECItem * name; |
| 124 CERTDistNames *ca_list; |
| 125 const uint8 * certTypes; |
| 126 @@ -8509,6 +8557,8 @@ |
| 127 PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss)); |
| 128 PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
| 129 |
| 130 + isTLS12 = (PRBool)(ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2)
; |
| 131 + |
| 132 /* ssl3.ca_list is initialized to NULL, and never changed. */ |
| 133 ca_list = ss->ssl3.ca_list; |
| 134 if (!ca_list) { |
| 135 @@ -8528,6 +8578,9 @@ |
| 136 certTypesLength = sizeof certificate_types; |
| 137 |
| 138 length = 1 + certTypesLength + 2 + calen; |
| 139 + if (isTLS12) { |
| 140 + length += 2 + ssl3_SizeOfSupportedSignatureAlgorithms(); |
| 141 + } |
| 142 |
| 143 rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length); |
| 144 if (rv != SECSuccess) { |
| 145 @@ -8537,6 +8590,12 @@ |
| 146 if (rv != SECSuccess) { |
| 147 return rv; /* err set by AppendHandshake. */ |
| 148 } |
| 149 + if (isTLS12) { |
| 150 + rv = ssl3_AppendSupportedSignatureAlgorithms(ss); |
| 151 + if (rv != SECSuccess) { |
| 152 + return rv; /* err set by AppendHandshake. */ |
| 153 + } |
| 154 + } |
| 155 rv = ssl3_AppendHandshakeNumber(ss, calen, 2); |
| 156 if (rv != SECSuccess) { |
| 157 return rv; /* err set by AppendHandshake. */ |
| 158 Index: net/third_party/nss/ssl/sslimpl.h |
| 159 =================================================================== |
| 160 --- net/third_party/nss/ssl/sslimpl.h (revision 203164) |
| 161 +++ net/third_party/nss/ssl/sslimpl.h (working copy) |
| 162 @@ -1666,6 +1666,8 @@ |
| 163 const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize); |
| 164 extern SECStatus ssl3_AppendSignatureAndHashAlgorithm(sslSocket *ss, |
| 165 const SSL3SignatureAndHashAlgorithm* sigAndHash); |
| 166 +extern SECStatus ssl3_AppendSupportedSignatureAlgorithms(sslSocket *ss); |
| 167 +extern unsigned int ssl3_SizeOfSupportedSignatureAlgorithms(void); |
| 168 extern SECStatus ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, |
| 169 SSL3Opaque **b, PRUint32 *length); |
| 170 extern PRInt32 ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, |
| 171 Index: net/third_party/nss/ssl/ssl3ext.c |
| 172 =================================================================== |
| 173 --- net/third_party/nss/ssl/ssl3ext.c (revision 203164) |
| 174 +++ net/third_party/nss/ssl/ssl3ext.c (working copy) |
| 175 @@ -2070,17 +2070,14 @@ |
| 176 if (rv != SECSuccess) { |
| 177 return SECFailure; |
| 178 } |
| 179 - /* Trailing data or odd-length parameters is invalid. */ |
| 180 - if (data->len != 0 || (algorithms.len & 1) != 0) { |
| 181 + /* Trailing data, empty value, or odd-length value is invalid. */ |
| 182 + if (data->len != 0 || algorithms.len == 0 || (algorithms.len & 1) != 0) { |
| 183 PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); |
| 184 return SECFailure; |
| 185 } |
| 186 |
| 187 numAlgorithms = algorithms.len/2; |
| 188 |
| 189 - if (numAlgorithms == 0) { |
| 190 - return SECSuccess; |
| 191 - } |
| 192 /* We don't care to process excessive numbers of algorithms. */ |
| 193 if (numAlgorithms > 512) { |
| 194 numAlgorithms = 512; |
| 195 @@ -2125,21 +2122,6 @@ |
| 196 static PRInt32 |
| 197 ssl3_ClientSendSigAlgsXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) |
| 198 { |
| 199 - static const unsigned char signatureAlgorithms[] = { |
| 200 - /* This block is the contents of our signature_algorithms extension, in |
| 201 - * wire format. See |
| 202 - * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
| 203 - tls_hash_sha256, tls_sig_rsa, |
| 204 - tls_hash_sha384, tls_sig_rsa, |
| 205 - tls_hash_sha1, tls_sig_rsa, |
| 206 -#ifdef NSS_ENABLE_ECC |
| 207 - tls_hash_sha256, tls_sig_ecdsa, |
| 208 - tls_hash_sha384, tls_sig_ecdsa, |
| 209 - tls_hash_sha1, tls_sig_ecdsa, |
| 210 -#endif |
| 211 - tls_hash_sha256, tls_sig_dsa, |
| 212 - tls_hash_sha1, tls_sig_dsa, |
| 213 - }; |
| 214 PRInt32 extension_length; |
| 215 |
| 216 if (ss->version < SSL_LIBRARY_VERSION_TLS_1_2) { |
| 217 @@ -2150,7 +2132,7 @@ |
| 218 2 /* extension type */ + |
| 219 2 /* extension length */ + |
| 220 2 /* supported_signature_algorithms length */ + |
| 221 - sizeof(signatureAlgorithms); |
| 222 + ssl3_SizeOfSupportedSignatureAlgorithms(); |
| 223 |
| 224 if (append && maxBytes >= extension_length) { |
| 225 SECStatus rv; |
| 226 @@ -2160,8 +2142,7 @@ |
| 227 rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); |
| 228 if (rv != SECSuccess) |
| 229 goto loser; |
| 230 - rv = ssl3_AppendHandshakeVariable(ss, signatureAlgorithms, |
| 231 - sizeof(signatureAlgorithms), 2); |
| 232 + rv = ssl3_AppendSupportedSignatureAlgorithms(ss); |
| 233 if (rv != SECSuccess) |
| 234 goto loser; |
| 235 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
OLD | NEW |