OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
9 /* $Id$ */ | 9 /* $Id$ */ |
10 | 10 |
(...skipping 2052 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2063 } | 2063 } |
2064 | 2064 |
2065 /* Keep track of negotiated extensions. */ | 2065 /* Keep track of negotiated extensions. */ |
2066 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 2066 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
2067 | 2067 |
2068 rv = ssl3_ConsumeHandshakeVariable(ss, &algorithms, 2, &data->data, | 2068 rv = ssl3_ConsumeHandshakeVariable(ss, &algorithms, 2, &data->data, |
2069 &data->len); | 2069 &data->len); |
2070 if (rv != SECSuccess) { | 2070 if (rv != SECSuccess) { |
2071 return SECFailure; | 2071 return SECFailure; |
2072 } | 2072 } |
2073 /* Trailing data or odd-length parameters is invalid. */ | 2073 /* Trailing data, empty value, or odd-length value is invalid. */ |
2074 if (data->len != 0 || (algorithms.len & 1) != 0) { | 2074 if (data->len != 0 || algorithms.len == 0 || (algorithms.len & 1) != 0) { |
2075 PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); | 2075 PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); |
2076 return SECFailure; | 2076 return SECFailure; |
2077 } | 2077 } |
2078 | 2078 |
2079 numAlgorithms = algorithms.len/2; | 2079 numAlgorithms = algorithms.len/2; |
2080 | 2080 |
2081 if (numAlgorithms == 0) { | |
2082 return SECSuccess; | |
2083 } | |
2084 /* We don't care to process excessive numbers of algorithms. */ | 2081 /* We don't care to process excessive numbers of algorithms. */ |
2085 if (numAlgorithms > 512) { | 2082 if (numAlgorithms > 512) { |
2086 numAlgorithms = 512; | 2083 numAlgorithms = 512; |
2087 } | 2084 } |
2088 | 2085 |
2089 ss->ssl3.hs.clientSigAndHash = | 2086 ss->ssl3.hs.clientSigAndHash = |
2090 PORT_NewArray(SSL3SignatureAndHashAlgorithm, numAlgorithms); | 2087 PORT_NewArray(SSL3SignatureAndHashAlgorithm, numAlgorithms); |
2091 if (!ss->ssl3.hs.clientSigAndHash) { | 2088 if (!ss->ssl3.hs.clientSigAndHash) { |
2092 return SECFailure; | 2089 return SECFailure; |
2093 } | 2090 } |
(...skipping 24 matching lines...) Expand all Loading... |
2118 } | 2115 } |
2119 | 2116 |
2120 return SECSuccess; | 2117 return SECSuccess; |
2121 } | 2118 } |
2122 | 2119 |
2123 /* ssl3_ClientSendSigAlgsXtn sends the signature_algorithm extension for TLS | 2120 /* ssl3_ClientSendSigAlgsXtn sends the signature_algorithm extension for TLS |
2124 * 1.2 ClientHellos. */ | 2121 * 1.2 ClientHellos. */ |
2125 static PRInt32 | 2122 static PRInt32 |
2126 ssl3_ClientSendSigAlgsXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) | 2123 ssl3_ClientSendSigAlgsXtn(sslSocket * ss, PRBool append, PRUint32 maxBytes) |
2127 { | 2124 { |
2128 static const unsigned char signatureAlgorithms[] = { | |
2129 /* This block is the contents of our signature_algorithms extension, in | |
2130 * wire format. See | |
2131 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ | |
2132 tls_hash_sha256, tls_sig_rsa, | |
2133 tls_hash_sha384, tls_sig_rsa, | |
2134 tls_hash_sha1, tls_sig_rsa, | |
2135 #ifdef NSS_ENABLE_ECC | |
2136 tls_hash_sha256, tls_sig_ecdsa, | |
2137 tls_hash_sha384, tls_sig_ecdsa, | |
2138 tls_hash_sha1, tls_sig_ecdsa, | |
2139 #endif | |
2140 tls_hash_sha256, tls_sig_dsa, | |
2141 tls_hash_sha1, tls_sig_dsa, | |
2142 }; | |
2143 PRInt32 extension_length; | 2125 PRInt32 extension_length; |
2144 | 2126 |
2145 if (ss->version < SSL_LIBRARY_VERSION_TLS_1_2) { | 2127 if (ss->version < SSL_LIBRARY_VERSION_TLS_1_2) { |
2146 return 0; | 2128 return 0; |
2147 } | 2129 } |
2148 | 2130 |
2149 extension_length = | 2131 extension_length = |
2150 2 /* extension type */ + | 2132 2 /* extension type */ + |
2151 2 /* extension length */ + | 2133 2 /* extension length */ + |
2152 2 /* supported_signature_algorithms length */ + | 2134 2 /* supported_signature_algorithms length */ + |
2153 » sizeof(signatureAlgorithms); | 2135 » ssl3_SizeOfSupportedSignatureAlgorithms(); |
2154 | 2136 |
2155 if (append && maxBytes >= extension_length) { | 2137 if (append && maxBytes >= extension_length) { |
2156 SECStatus rv; | 2138 SECStatus rv; |
2157 rv = ssl3_AppendHandshakeNumber(ss, ssl_signature_algorithms_xtn, 2); | 2139 rv = ssl3_AppendHandshakeNumber(ss, ssl_signature_algorithms_xtn, 2); |
2158 if (rv != SECSuccess) | 2140 if (rv != SECSuccess) |
2159 goto loser; | 2141 goto loser; |
2160 rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); | 2142 rv = ssl3_AppendHandshakeNumber(ss, extension_length - 4, 2); |
2161 if (rv != SECSuccess) | 2143 if (rv != SECSuccess) |
2162 goto loser; | 2144 goto loser; |
2163 » rv = ssl3_AppendHandshakeVariable(ss, signatureAlgorithms, | 2145 » rv = ssl3_AppendSupportedSignatureAlgorithms(ss); |
2164 » » » » » sizeof(signatureAlgorithms), 2); | |
2165 if (rv != SECSuccess) | 2146 if (rv != SECSuccess) |
2166 goto loser; | 2147 goto loser; |
2167 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | 2148 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
2168 ssl_signature_algorithms_xtn; | 2149 ssl_signature_algorithms_xtn; |
2169 } else if (maxBytes < extension_length) { | 2150 } else if (maxBytes < extension_length) { |
2170 PORT_Assert(0); | 2151 PORT_Assert(0); |
2171 return 0; | 2152 return 0; |
2172 } | 2153 } |
2173 | 2154 |
2174 return extension_length; | 2155 return extension_length; |
2175 | 2156 |
2176 loser: | 2157 loser: |
2177 return -1; | 2158 return -1; |
2178 } | 2159 } |
OLD | NEW |