Index: net/third_party/nss/ssl/sslimpl.h |
=================================================================== |
--- net/third_party/nss/ssl/sslimpl.h (revision 206496) |
+++ net/third_party/nss/ssl/sslimpl.h (working copy) |
@@ -506,7 +506,9 @@ |
typedef void (*DTLSTimerCb)(sslSocket *); |
-#define MAX_MAC_CONTEXT_BYTES 400 |
+#define MAX_MAC_CONTEXT_BYTES 400 /* 400 is large enough for MD5, SHA-1, and |
+ * SHA-256. For SHA-384 support, increase |
+ * it to 712. */ |
#define MAX_MAC_CONTEXT_LLONGS (MAX_MAC_CONTEXT_BYTES / 8) |
#define MAX_CIPHER_CONTEXT_BYTES 2080 |
@@ -788,6 +790,12 @@ |
PRUint16 len; /* The data length */ |
} DTLSQueuedMessage; |
+typedef enum { |
+ handshake_hash_unknown = 0, |
+ handshake_hash_combo = 1, /* The MD5/SHA-1 combination */ |
+ handshake_hash_single = 2 /* A single hash */ |
+} SSL3HandshakeHashType; |
+ |
/* |
** This is the "hs" member of the "ssl3" struct. |
** This entire struct is protected by ssl3HandshakeLock |
@@ -796,11 +804,31 @@ |
SSL3Random server_random; |
SSL3Random client_random; |
SSL3WaitState ws; |
+ |
+ /* This group of members is used for handshake running hashes. */ |
+ SSL3HandshakeHashType hashType; |
+ sslBuffer messages; /* Accumulated handshake messages */ |
+#ifndef NO_PKCS11_BYPASS |
+ /* Bypass mode: |
+ * SSL 3.0 - TLS 1.1 use both |md5_cx| and |sha_cx|. |md5_cx| is used for |
+ * MD5 and |sha_cx| for SHA-1. |
+ * TLS 1.2 and later use only |sha_cx|, for SHA-256. NOTE: When we support |
+ * SHA-384, increase MAX_MAC_CONTEXT_BYTES to 712. */ |
PRUint64 md5_cx[MAX_MAC_CONTEXT_LLONGS]; |
PRUint64 sha_cx[MAX_MAC_CONTEXT_LLONGS]; |
- PK11Context * md5; /* handshake running hashes */ |
+ const SECHashObject * sha_obj; |
+ /* The function prototype of sha_obj->clone() does not match the prototype |
+ * of the freebl <HASH>_Clone functions, so we need a dedicated function |
+ * pointer for the <HASH>_Clone function. */ |
+ void (*sha_clone)(void *dest, void *src); |
+#endif |
+ /* PKCS #11 mode: |
+ * SSL 3.0 - TLS 1.1 use both |md5| and |sha|. |md5| is used for MD5 and |
+ * |sha| for SHA-1. |
+ * TLS 1.2 and later use only |sha|, for SHA-256. */ |
+ PK11Context * md5; |
PK11Context * sha; |
- PK11Context * tls12_handshake_hash; |
+ |
const ssl3KEADef * kea_def; |
ssl3CipherSuite cipher_suite; |
const ssl3CipherSuiteDef *suite_def; |
@@ -818,7 +846,6 @@ |
PRBool sendingSCSV; /* instead of empty RI */ |
sslBuffer msgState; /* current state for handshake messages*/ |
/* protected by recvBufLock */ |
- sslBuffer messages; /* Accumulated handshake messages */ |
PRUint16 finishedBytes; /* size of single finished below */ |
union { |
TLSFinished tFinished[2]; /* client, then server */ |