Description[For reference only. DO NOT CHECK THIS IN.]
Implement the encrypt-then-MAC TLS extension.
This implements the -05 draft at
http://tools.ietf.org/html/draft-gutmann-tls-encrypt-then-mac-05
Note that the test server at https://eid.vx4.net:443/ uses the
extension_type value of 0x42 (decimal 66). Also, the test server
passes the length of TLSCiphertext.fragment (excluding the length
of MAC), rather than TLSCipherText.length, to the MAC function.
The -05 draft specifies TLSCipherText.length should be passed.
This CL passes the same wrong length to interoperate with the
test server.
Upstream NSS bug: https://bugzilla.mozilla.org/show_bug.cgi?id=972145
R=ttuttle@chromium.org
BUG=none
TEST=none
Patch Set 1 #Patch Set 2 : Remove nss_ssl_util.cc from the CL #
Messages
Total messages: 1 (0 generated)
|