OLD | NEW |
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
9 | 9 |
10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append, | 80 static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append, |
81 PRUint32 maxBytes); | 81 PRUint32 maxBytes); |
82 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, | 82 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, |
83 SECItem *data); | 83 SECItem *data); |
84 static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, | 84 static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, |
85 PRBool append, | 85 PRBool append, |
86 PRUint32 maxBytes); | 86 PRUint32 maxBytes); |
87 static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, | 87 static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, |
88 PRUint16 ex_type, | 88 PRUint16 ex_type, |
89 SECItem *data); | 89 SECItem *data); |
| 90 static PRInt32 ssl3_ClientSendEncryptThenMACXtn(sslSocket *ss, |
| 91 PRBool append, |
| 92 PRUint32 maxBytes); |
| 93 static SECStatus ssl3_ClientHandleEncryptThenMACXtn(sslSocket *ss, |
| 94 PRUint16 ex_type, |
| 95 SECItem *data); |
90 | 96 |
91 /* | 97 /* |
92 * Write bytes. Using this function means the SECItem structure | 98 * Write bytes. Using this function means the SECItem structure |
93 * cannot be freed. The caller is expected to call this function | 99 * cannot be freed. The caller is expected to call this function |
94 * on a shallow copy of the structure. | 100 * on a shallow copy of the structure. |
95 */ | 101 */ |
96 static SECStatus | 102 static SECStatus |
97 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) | 103 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) |
98 { | 104 { |
99 if (bytes > item->len) | 105 if (bytes > item->len) |
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 /* TODO: add a handler for ssl_ec_point_formats_xtn */ | 266 /* TODO: add a handler for ssl_ec_point_formats_xtn */ |
261 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 267 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
262 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 268 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
263 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | 269 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
264 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, | 270 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, |
265 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | 271 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
266 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | 272 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
267 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 273 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
268 { ssl_signed_certificate_timestamp_xtn, | 274 { ssl_signed_certificate_timestamp_xtn, |
269 &ssl3_ClientHandleSignedCertTimestampXtn }, | 275 &ssl3_ClientHandleSignedCertTimestampXtn }, |
| 276 { ssl_encrypt_then_mac_xtn, &ssl3_ClientHandleEncryptThenMACXtn }, |
270 { -1, NULL } | 277 { -1, NULL } |
271 }; | 278 }; |
272 | 279 |
273 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { | 280 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { |
274 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 281 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
275 { -1, NULL } | 282 { -1, NULL } |
276 }; | 283 }; |
277 | 284 |
278 /* Tables of functions to format TLS hello extensions, one function per | 285 /* Tables of functions to format TLS hello extensions, one function per |
279 * extension. | 286 * extension. |
(...skipping 10 matching lines...) Expand all Loading... |
290 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 297 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
291 #endif | 298 #endif |
292 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 299 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
293 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 300 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
294 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 301 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
295 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 302 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
296 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 303 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
297 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 304 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
298 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, | 305 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, |
299 { ssl_signed_certificate_timestamp_xtn, | 306 { ssl_signed_certificate_timestamp_xtn, |
300 &ssl3_ClientSendSignedCertTimestampXtn } | 307 &ssl3_ClientSendSignedCertTimestampXtn }, |
| 308 { ssl_encrypt_then_mac_xtn, &ssl3_ClientSendEncryptThenMACXtn } |
301 /* any extra entries will appear as { 0, NULL } */ | 309 /* any extra entries will appear as { 0, NULL } */ |
302 }; | 310 }; |
303 | 311 |
304 static const | 312 static const |
305 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 313 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
306 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 314 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
307 /* any extra entries will appear as { 0, NULL } */ | 315 /* any extra entries will appear as { 0, NULL } */ |
308 }; | 316 }; |
309 | 317 |
310 static PRBool | 318 static PRBool |
(...skipping 2133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2444 | 2452 |
2445 if (!data->len) { | 2453 if (!data->len) { |
2446 /* Empty extension data: RFC 6962 mandates non-empty contents. */ | 2454 /* Empty extension data: RFC 6962 mandates non-empty contents. */ |
2447 return SECFailure; | 2455 return SECFailure; |
2448 } | 2456 } |
2449 *scts = *data; | 2457 *scts = *data; |
2450 /* Keep track of negotiated extensions. */ | 2458 /* Keep track of negotiated extensions. */ |
2451 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 2459 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
2452 return SECSuccess; | 2460 return SECSuccess; |
2453 } | 2461 } |
| 2462 |
| 2463 static PRInt32 |
| 2464 ssl3_ClientSendEncryptThenMACXtn(sslSocket *ss, PRBool append, |
| 2465 PRUint32 maxBytes) |
| 2466 { |
| 2467 PRInt32 extension_length = 2 /* extension_type */ + |
| 2468 2 /* length(extension_data) */; |
| 2469 |
| 2470 /* Only send the extension if processing is enabled. */ |
| 2471 if (!ss->opt.enableEncryptThenMAC) |
| 2472 return 0; |
| 2473 |
| 2474 if (append && maxBytes >= extension_length) { |
| 2475 SECStatus rv; |
| 2476 /* extension_type */ |
| 2477 rv = ssl3_AppendHandshakeNumber(ss, |
| 2478 ssl_encrypt_then_mac_xtn, |
| 2479 2); |
| 2480 if (rv != SECSuccess) |
| 2481 goto loser; |
| 2482 /* zero length */ |
| 2483 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); |
| 2484 if (rv != SECSuccess) |
| 2485 goto loser; |
| 2486 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = |
| 2487 ssl_encrypt_then_mac_xtn; |
| 2488 } else if (maxBytes < extension_length) { |
| 2489 PORT_Assert(0); |
| 2490 return 0; |
| 2491 } |
| 2492 |
| 2493 return extension_length; |
| 2494 loser: |
| 2495 return -1; |
| 2496 } |
| 2497 |
| 2498 static SECStatus |
| 2499 ssl3_ClientHandleEncryptThenMACXtn(sslSocket *ss, PRUint16 ex_type, |
| 2500 SECItem *data) |
| 2501 { |
| 2502 /* The echoed extension must be empty. */ |
| 2503 if (data->len != 0) |
| 2504 return SECFailure; |
| 2505 /* Keep track of negotiated extensions. */ |
| 2506 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
| 2507 return SECSuccess; |
| 2508 } |
OLD | NEW |