Index: net/third_party/nss/ssl/ssl3con.c |
=================================================================== |
--- net/third_party/nss/ssl/ssl3con.c (revision 203164) |
+++ net/third_party/nss/ssl/ssl3con.c (working copy) |
@@ -196,12 +196,27 @@ |
static const /*SSL3ClientCertificateType */ uint8 certificate_types [] = { |
ct_RSA_sign, |
- ct_DSS_sign, |
#ifdef NSS_ENABLE_ECC |
ct_ECDSA_sign, |
#endif /* NSS_ENABLE_ECC */ |
+ ct_DSS_sign, |
}; |
+/* This block is our supported_signature_algorithms value, in wire format. |
+ * See https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
+static const PRUint8 supported_signature_algorithms[] = { |
+ tls_hash_sha256, tls_sig_rsa, |
+ tls_hash_sha384, tls_sig_rsa, |
+ tls_hash_sha1, tls_sig_rsa, |
+#ifdef NSS_ENABLE_ECC |
+ tls_hash_sha256, tls_sig_ecdsa, |
+ tls_hash_sha384, tls_sig_ecdsa, |
+ tls_hash_sha1, tls_sig_ecdsa, |
+#endif |
+ tls_hash_sha256, tls_sig_dsa, |
+ tls_hash_sha1, tls_sig_dsa, |
+}; |
+ |
#define EXPORT_RSA_KEY_LENGTH 64 /* bytes */ |
@@ -3932,6 +3947,23 @@ |
return ssl3_AppendHandshake(ss, serialized, sizeof(serialized)); |
} |
+/* Appends our supported_signature_algorithms value to the current handshake |
+ * message. */ |
+SECStatus |
+ssl3_AppendSupportedSignatureAlgorithms(sslSocket *ss) |
+{ |
+ return ssl3_AppendHandshakeVariable(ss, supported_signature_algorithms, |
+ sizeof supported_signature_algorithms, |
agl
2013/05/31 12:38:24
(nit: Other uses of sizeof seem to have parenthese
wtc
2013/05/31 16:30:55
This file uses both styles with sizeof. The code i
|
+ 2); |
+} |
+ |
+/* Returns the size in bytes of our supported_signature_algorithms value. */ |
+unsigned int |
+ssl3_SizeOfSupportedSignatureAlgorithms(void) |
+{ |
+ return sizeof supported_signature_algorithms; |
agl
2013/05/31 12:38:24
ditto.
|
+} |
+ |
/************************************************************************** |
* Consume Handshake functions. |
* |
@@ -6508,12 +6540,14 @@ |
dnameNode * node; |
PRInt32 remaining; |
PRBool isTLS = PR_FALSE; |
+ PRBool isTLS12 = PR_FALSE; |
int i; |
int errCode = SSL_ERROR_RX_MALFORMED_CERT_REQUEST; |
int nnames = 0; |
SECStatus rv; |
SSL3AlertDescription desc = illegal_parameter; |
SECItem cert_types = {siBuffer, NULL, 0}; |
+ SECItem algorithms = {siBuffer, NULL, 0}; |
CERTDistNames ca_list; |
#ifdef NSS_PLATFORM_CLIENT_AUTH |
CERTCertList * platform_cert_list = NULL; |
@@ -6538,6 +6572,7 @@ |
PORT_Assert(ss->ssl3.platformClientKey == (PlatformKey)NULL); |
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0); |
+ isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2); |
rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length); |
if (rv != SECSuccess) |
goto loser; /* malformed, alert has been sent */ |
@@ -6545,6 +6580,18 @@ |
PORT_Assert(!ss->requestedCertTypes); |
ss->requestedCertTypes = &cert_types; |
+ if (isTLS12) { |
+ rv = ssl3_ConsumeHandshakeVariable(ss, &algorithms, 2, &b, &length); |
+ if (rv != SECSuccess) |
+ goto loser; /* malformed, alert has been sent */ |
+ /* An empty or odd-length value is invalid. |
+ * SignatureAndHashAlgorithm |
+ * supported_signature_algorithms<2..2^16-2>; |
+ */ |
+ if (algorithms.len == 0 || (algorithms.len & 1) != 0) |
+ goto alert_loser; |
+ } |
+ |
arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
if (arena == NULL) |
goto no_mem; |
@@ -6607,7 +6654,7 @@ |
#ifdef NSS_PLATFORM_CLIENT_AUTH |
if (ss->getPlatformClientAuthData != NULL) { |
- /* XXX Should pass cert_types in this call!! */ |
+ /* XXX Should pass cert_types and algorithms in this call!! */ |
rv = (SECStatus)(*ss->getPlatformClientAuthData)( |
ss->getPlatformClientAuthDataArg, |
ss->fd, &ca_list, |
@@ -6618,7 +6665,7 @@ |
} else |
#endif |
if (ss->getClientAuthData != NULL) { |
- /* XXX Should pass cert_types in this call!! */ |
+ /* XXX Should pass cert_types and algorithms in this call!! */ |
rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg, |
ss->fd, &ca_list, |
&ss->ssl3.clientCertificate, |
@@ -8492,6 +8539,7 @@ |
static SECStatus |
ssl3_SendCertificateRequest(sslSocket *ss) |
{ |
+ PRBool isTLS12; |
SECItem * name; |
CERTDistNames *ca_list; |
const uint8 * certTypes; |
@@ -8509,6 +8557,8 @@ |
PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss)); |
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
+ isTLS12 = (PRBool)(ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2); |
+ |
/* ssl3.ca_list is initialized to NULL, and never changed. */ |
ca_list = ss->ssl3.ca_list; |
if (!ca_list) { |
@@ -8528,6 +8578,9 @@ |
certTypesLength = sizeof certificate_types; |
length = 1 + certTypesLength + 2 + calen; |
+ if (isTLS12) { |
+ length += 2 + ssl3_SizeOfSupportedSignatureAlgorithms(); |
+ } |
rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length); |
if (rv != SECSuccess) { |
@@ -8537,6 +8590,12 @@ |
if (rv != SECSuccess) { |
return rv; /* err set by AppendHandshake. */ |
} |
+ if (isTLS12) { |
+ rv = ssl3_AppendSupportedSignatureAlgorithms(ss); |
+ if (rv != SECSuccess) { |
+ return rv; /* err set by AppendHandshake. */ |
+ } |
+ } |
rv = ssl3_AppendHandshakeNumber(ss, calen, 2); |
if (rv != SECSuccess) { |
return rv; /* err set by AppendHandshake. */ |