Chromium Code Reviews Chromium Code Reviews
Issue 17425002:
Under some circumstances, certain TLS connections are dropped by certain (Closed)
Base URL: https://src.chromium.org/chrome/trunk/deps/third_party/openssl/| OLD | NEW |
|---|---|
| 1 /* ssl/t1_lib.c */ | 1 /* ssl/t1_lib.c */ |
| 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 * All rights reserved. | 3 * All rights reserved. |
| 4 * | 4 * |
| 5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
| 6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
| 7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
| 8 * | 8 * |
| 9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
| 10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
| (...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 195 NID_secp192k1, /* secp192k1 (18) */ | 195 NID_secp192k1, /* secp192k1 (18) */ |
| 196 NID_X9_62_prime192v1, /* secp192r1 (19) */ | 196 NID_X9_62_prime192v1, /* secp192r1 (19) */ |
| 197 NID_secp224k1, /* secp224k1 (20) */ | 197 NID_secp224k1, /* secp224k1 (20) */ |
| 198 NID_secp224r1, /* secp224r1 (21) */ | 198 NID_secp224r1, /* secp224r1 (21) */ |
| 199 NID_secp256k1, /* secp256k1 (22) */ | 199 NID_secp256k1, /* secp256k1 (22) */ |
| 200 NID_X9_62_prime256v1, /* secp256r1 (23) */ | 200 NID_X9_62_prime256v1, /* secp256r1 (23) */ |
| 201 NID_secp384r1, /* secp384r1 (24) */ | 201 NID_secp384r1, /* secp384r1 (24) */ |
| 202 NID_secp521r1 /* secp521r1 (25) */ | 202 NID_secp521r1 /* secp521r1 (25) */ |
| 203 }; | 203 }; |
| 204 | 204 |
| 205 /* We support only the elliptic curves that are also supported by NSS | |
| 206 * to improve compatibility with sites that don't accept large ClientHellos. | |
| 207 */ | |
| 205 static int pref_list[] = | 208 static int pref_list[] = |
| 206 { | 209 { |
| 207 NID_sect571r1, /* sect571r1 (14) */ | |
| 208 NID_sect571k1, /* sect571k1 (13) */ | |
| 209 NID_secp521r1, /* secp521r1 (25) */ | 210 NID_secp521r1, /* secp521r1 (25) */ |
| 210 NID_sect409k1, /* sect409k1 (11) */ | |
| 211 NID_sect409r1, /* sect409r1 (12) */ | |
| 212 NID_secp384r1, /* secp384r1 (24) */ | 211 NID_secp384r1, /* secp384r1 (24) */ |
| 213 NID_sect283k1, /* sect283k1 (9) */ | |
| 214 NID_sect283r1, /* sect283r1 (10) */ | |
| 215 NID_secp256k1, /* secp256k1 (22) */ | |
| 216 NID_X9_62_prime256v1, /* secp256r1 (23) */ | 212 NID_X9_62_prime256v1, /* secp256r1 (23) */ |
| 217 NID_sect239k1, /* sect239k1 (8) */ | |
| 218 NID_sect233k1, /* sect233k1 (6) */ | |
| 219 NID_sect233r1, /* sect233r1 (7) */ | |
| 220 NID_secp224k1, /* secp224k1 (20) */ | |
| 221 NID_secp224r1, /* secp224r1 (21) */ | |
| 222 NID_sect193r1, /* sect193r1 (4) */ | |
| 223 NID_sect193r2, /* sect193r2 (5) */ | |
| 224 NID_secp192k1, /* secp192k1 (18) */ | |
| 225 NID_X9_62_prime192v1, /* secp192r1 (19) */ | |
| 226 NID_sect163k1, /* sect163k1 (1) */ | |
| 227 NID_sect163r1, /* sect163r1 (2) */ | |
| 228 NID_sect163r2, /* sect163r2 (3) */ | |
| 229 NID_secp160k1, /* secp160k1 (15) */ | |
| 230 NID_secp160r1, /* secp160r1 (16) */ | |
| 231 NID_secp160r2, /* secp160r2 (17) */ | |
| 232 }; | 213 }; |
| 233 | 214 |
| 234 int tls1_ec_curve_id2nid(int curve_id) | 215 int tls1_ec_curve_id2nid(int curve_id) |
| 235 { | 216 { |
| 236 /* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */ | 217 /* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */ |
| 237 if ((curve_id < 1) || ((unsigned int)curve_id > | 218 if ((curve_id < 1) || ((unsigned int)curve_id > |
| 238 sizeof(nid_list)/sizeof(nid_list[0]))) | 219 sizeof(nid_list)/sizeof(nid_list[0]))) |
| 239 return 0; | 220 return 0; |
| 240 return nid_list[curve_id-1]; | 221 return nid_list[curve_id-1]; |
| 241 } | 222 } |
| (...skipping 1454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1696 if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_ aECDSA))) | 1677 if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_ aECDSA))) |
| 1697 { | 1678 { |
| 1698 using_ecc = 1; | 1679 using_ecc = 1; |
| 1699 break; | 1680 break; |
| 1700 } | 1681 } |
| 1701 } | 1682 } |
| 1702 using_ecc = using_ecc && (s->version >= TLS1_VERSION); | 1683 using_ecc = using_ecc && (s->version >= TLS1_VERSION); |
| 1703 if (using_ecc) | 1684 if (using_ecc) |
| 1704 { | 1685 { |
| 1705 if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ ecpointformatlist); | 1686 if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ ecpointformatlist); |
| 1706 » » if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) | 1687 » » /* To save an additional 2 bytes in the ClientHello, we only adv ertise support |
| 1688 » » * for the only EC Point Format that NSS supports (instead of al l 3). | |
| 1689 » » */ | |
| 1690 » » if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) | |
| 1707 { | 1691 { |
| 1708 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); | 1692 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); |
| 1709 return -1; | 1693 return -1; |
| 1710 } | 1694 } |
| 1711 » » s->tlsext_ecpointformatlist_length = 3; | 1695 » » s->tlsext_ecpointformatlist_length = 1; |
| 1712 s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompress ed; | 1696 s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompress ed; |
| 1713 s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_c ompressed_prime; | |
| 1714 s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_c ompressed_char2; | |
| 1715 | 1697 |
| 1716 » » /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ | 1698 » » /* we only support elliptic curves in NSA Suite B */ |
|
wtc
2013/06/21 22:12:04
I suggest we change
we only support ...
to
| |
| 1717 if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ ellipticcurvelist); | 1699 if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ ellipticcurvelist); |
| 1718 s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pr ef_list[0]) * 2; | 1700 s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pr ef_list[0]) * 2; |
| 1719 if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_elli pticcurvelist_length)) == NULL) | 1701 if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_elli pticcurvelist_length)) == NULL) |
| 1720 { | 1702 { |
| 1721 s->tlsext_ellipticcurvelist_length = 0; | 1703 s->tlsext_ellipticcurvelist_length = 0; |
| 1722 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); | 1704 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); |
| 1723 return -1; | 1705 return -1; |
| 1724 } | 1706 } |
| 1725 for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i < | 1707 for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i < |
| 1726 sizeof(pref_list)/sizeof(pref_list[0]); i++) | 1708 sizeof(pref_list)/sizeof(pref_list[0]); i++) |
| (...skipping 947 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2674 continue; | 2656 continue; |
| 2675 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); | 2657 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); |
| 2676 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); | 2658 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); |
| 2677 EVP_DigestUpdate(md, temp_digest, temp_digest_len); | 2659 EVP_DigestUpdate(md, temp_digest, temp_digest_len); |
| 2678 } | 2660 } |
| 2679 EVP_MD_CTX_cleanup(&ctx); | 2661 EVP_MD_CTX_cleanup(&ctx); |
| 2680 | 2662 |
| 2681 return 1; | 2663 return 1; |
| 2682 } | 2664 } |
| 2683 #endif | 2665 #endif |
| OLD | NEW |
