Index: net/third_party/nss/ssl/ssl3con.c |
=================================================================== |
--- net/third_party/nss/ssl/ssl3con.c (revision 203497) |
+++ net/third_party/nss/ssl/ssl3con.c (working copy) |
@@ -97,6 +97,7 @@ |
{ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
+ { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
{ TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
#ifdef NSS_ENABLE_ECC |
{ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
@@ -104,17 +105,21 @@ |
#endif /* NSS_ENABLE_ECC */ |
{ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
+ { TLS_RSA_WITH_AES_256_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
#ifdef NSS_ENABLE_ECC |
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
+ { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
+ { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
#endif /* NSS_ENABLE_ECC */ |
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
+ { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
#ifdef NSS_ENABLE_ECC |
{ TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
@@ -127,6 +132,7 @@ |
{ SSL_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
{ SSL_RSA_WITH_RC4_128_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE}, |
{ TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
+ { TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
#ifdef NSS_ENABLE_ECC |
{ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
@@ -159,6 +165,7 @@ |
{ TLS_ECDH_ECDSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE, PR_FALSE}, |
#endif /* NSS_ENABLE_ECC */ |
{ SSL_RSA_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
+ { TLS_RSA_WITH_NULL_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
{ SSL_RSA_WITH_NULL_MD5, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
}; |
@@ -282,6 +289,7 @@ |
{SSL_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null}, |
{SSL_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa}, |
{SSL_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa}, |
+ {TLS_RSA_WITH_NULL_SHA256, cipher_null, hmac_sha256, kea_rsa}, |
{SSL_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export}, |
{SSL_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa}, |
{SSL_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa}, |
@@ -326,11 +334,15 @@ |
/* New TLS cipher suites */ |
{TLS_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_rsa}, |
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_rsa}, |
{TLS_DHE_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_dss}, |
{TLS_DHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_rsa}, |
+ {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_dhe_rsa}, |
{TLS_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_rsa}, |
+ {TLS_RSA_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_rsa}, |
{TLS_DHE_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_dss}, |
{TLS_DHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_rsa}, |
+ {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_dhe_rsa}, |
#if 0 |
{TLS_DH_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_dss}, |
{TLS_DH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_rsa}, |
@@ -372,6 +384,7 @@ |
{TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa}, |
{TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdhe_ecdsa}, |
{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_ecdsa}, |
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_ecdhe_ecdsa}, |
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdhe_ecdsa}, |
{TLS_ECDH_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_rsa}, |
@@ -384,6 +397,7 @@ |
{TLS_ECDHE_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_rsa}, |
{TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdhe_rsa}, |
{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdhe_rsa}, |
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_ecdhe_rsa}, |
{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdhe_rsa}, |
#if 0 |
@@ -430,14 +444,17 @@ |
#define mmech_sha CKM_SSL3_SHA1_MAC |
#define mmech_md5_hmac CKM_MD5_HMAC |
#define mmech_sha_hmac CKM_SHA_1_HMAC |
+#define mmech_sha256_hmac CKM_SHA256_HMAC |
static const ssl3MACDef mac_defs[] = { /* indexed by SSL3MACAlgorithm */ |
+ /* pad_size is only used for SSL 3.0 MAC. See RFC 6101 Sec. 5.2.3.1. */ |
/* mac mmech pad_size mac_size */ |
{ mac_null, mmech_null, 0, 0 }, |
{ mac_md5, mmech_md5, 48, MD5_LENGTH }, |
{ mac_sha, mmech_sha, 40, SHA1_LENGTH}, |
- {hmac_md5, mmech_md5_hmac, 48, MD5_LENGTH }, |
- {hmac_sha, mmech_sha_hmac, 40, SHA1_LENGTH}, |
+ {hmac_md5, mmech_md5_hmac, 0, MD5_LENGTH }, |
+ {hmac_sha, mmech_sha_hmac, 0, SHA1_LENGTH}, |
+ {hmac_sha256, mmech_sha256_hmac, 0, SHA256_LENGTH}, |
}; |
/* indexed by SSL3BulkCipher */ |
@@ -580,6 +597,14 @@ |
* SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: never implemented |
*/ |
return version <= SSL_LIBRARY_VERSION_TLS_1_0; |
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: |
+ case TLS_RSA_WITH_AES_256_CBC_SHA256: |
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: |
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: |
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: |
+ case TLS_RSA_WITH_AES_128_CBC_SHA256: |
+ case TLS_RSA_WITH_NULL_SHA256: |
+ return version >= SSL_LIBRARY_VERSION_TLS_1_2; |
default: |
return PR_TRUE; |
} |
@@ -1334,7 +1359,7 @@ |
cipher = suite_def->bulk_cipher_alg; |
kea = suite_def->key_exchange_alg; |
mac = suite_def->mac_alg; |
- if (isTLS) |
+ if (mac <= ssl_mac_sha && isTLS) |
mac += 2; |
ss->ssl3.hs.suite_def = suite_def; |
@@ -2060,6 +2085,9 @@ |
case ssl_hmac_sha: /* used with TLS */ |
hashObj = HASH_GetRawHashObject(HASH_AlgSHA1); |
break; |
+ case ssl_hmac_sha256: /* used with TLS */ |
+ hashObj = HASH_GetRawHashObject(HASH_AlgSHA256); |
+ break; |
default: |
break; |
} |
@@ -3517,6 +3545,13 @@ |
key_material_params.ulMacSizeInBits = pwSpec->mac_size * BPB; |
key_material_params.ulKeySizeInBits = cipher_def->secret_key_size* BPB; |
key_material_params.ulIVSizeInBits = cipher_def->iv_size * BPB; |
+ if (cipher_def->type == type_block && |
+ pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) { |
+ /* Block ciphers in >= TLS 1.1 use a per-record, explicit IV. */ |
+ key_material_params.ulIVSizeInBits = 0; |
+ memset(pwSpec->client.write_iv, 0, cipher_def->iv_size); |
+ memset(pwSpec->server.write_iv, 0, cipher_def->iv_size); |
+ } |
key_material_params.bIsExport = (CK_BBOOL)(kea_def->is_limited); |
/* was: (CK_BBOOL)(cipher_def->keygen_mode != kg_strong); */ |