net/third_party/nss/ssl/sslimpl.h - Issue 17109007: Miscellaneous cleanup of TLS 1.2 code.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/ssl/sslimpl.h

Issue 17109007: Miscellaneous cleanup of TLS 1.2 code. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Make error handling in ssl3_InitHandshakeHashes more uniform. Include the patch file. Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/third_party/nss/ssl/sslimpl.h

===================================================================

--- net/third_party/nss/ssl/sslimpl.h (revision 206496)

+++ net/third_party/nss/ssl/sslimpl.h (working copy)

@@ -506,7 +506,9 @@

typedef void (*DTLSTimerCb)(sslSocket *);

-#define MAX_MAC_CONTEXT_BYTES 400

+#define MAX_MAC_CONTEXT_BYTES 400 /* 400 is large enough for MD5, SHA-1, and

+ * SHA-256. For SHA-384 support, increase

+ * it to 712. */

#define MAX_MAC_CONTEXT_LLONGS (MAX_MAC_CONTEXT_BYTES / 8)

#define MAX_CIPHER_CONTEXT_BYTES 2080

@@ -788,6 +790,12 @@

PRUint16 len; /* The data length */

} DTLSQueuedMessage;

+typedef enum {

+ handshake_hash_unknown = 0,

+ handshake_hash_combo = 1, /* The MD5/SHA-1 combination */

+ handshake_hash_single = 2 /* A single hash */

+} SSL3HandshakeHashType;

** This is the "hs" member of the "ssl3" struct.

** This entire struct is protected by ssl3HandshakeLock

@@ -796,11 +804,31 @@

SSL3Random server_random;

SSL3Random client_random;

SSL3WaitState ws;

+ /* This group of members is used for handshake running hashes. */

+ SSL3HandshakeHashType hashType;

+ sslBuffer messages; /* Accumulated handshake messages */

+#ifndef NO_PKCS11_BYPASS

+ /* Bypass mode:

+ * MD5 and |sha_cx| for SHA-1.

+ * TLS 1.2 and later use only |sha_cx|, for SHA-256. NOTE: When we support

+ * SHA-384, increase MAX_MAC_CONTEXT_BYTES to 712. */

PRUint64 md5_cx[MAX_MAC_CONTEXT_LLONGS];

PRUint64 sha_cx[MAX_MAC_CONTEXT_LLONGS];

- PK11Context * md5; /* handshake running hashes */

+ const SECHashObject * sha_obj;

+ /* The function prototype of sha_obj->clone() does not match the prototype

+ * of the freebl <HASH>_Clone functions, so we need a dedicated function

+ * pointer for the <HASH>_Clone function. */

+ void (*sha_clone)(void *dest, void *src);

+#endif

+ /* PKCS #11 mode:

+ * SSL 3.0 - TLS 1.1 use both |md5| and |sha|. |md5| is used for MD5 and

+ * |sha| for SHA-1.

+ * TLS 1.2 and later use only |sha|, for SHA-256. */

+ PK11Context * md5;

PK11Context * sha;

- PK11Context * tls12_handshake_hash;

const ssl3KEADef * kea_def;

ssl3CipherSuite cipher_suite;

const ssl3CipherSuiteDef *suite_def;

@@ -818,7 +846,6 @@

PRBool sendingSCSV; /* instead of empty RI */

sslBuffer msgState; /* current state for handshake messages*/

/* protected by recvBufLock */

- sslBuffer messages; /* Accumulated handshake messages */

PRUint16 finishedBytes; /* size of single finished below */

union {

TLSFinished tFinished[2]; /* client, then server */

« no previous file with comments | « net/third_party/nss/ssl/ssl3con.c ('k') | net/third_party/nss/ssl/sslsock.c » ('j') | no next file with comments »