| OLD | NEW |
|---|
| 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
| 2 /* | 2 /* |
| 3 * SSL3 Protocol | 3 * SSL3 Protocol |
| 4 * | 4 * |
| 5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
| 6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 8 | 8 |
| 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
| 10 | 10 |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 | 33 |
| 34 /* This is a bodge to allow this code to be compiled against older NSS headers | 34 /* This is a bodge to allow this code to be compiled against older NSS headers |
| 35 * that don't contain the TLS 1.2 changes. */ | 35 * that don't contain the TLS 1.2 changes. */ |
| 36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 | 36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 |
| 37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) | 37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) |
| 38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) | 38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) |
| 39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) | 39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) |
| 40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) | 40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
| 41 #endif | 41 #endif |
| 42 | 42 |
| 43 /* This is a bodge to allow this code to be compiled against older NSS |
| 44 * headers. */ |
| 45 #ifndef CKM_NSS_CHACHA20_POLY1305 |
| 46 #define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 25) |
| 47 |
| 48 typedef struct CK_AEAD_PARAMS { |
| 49 CK_BYTE_PTR pIv; /* This is the nonce. */ |
| 50 CK_ULONG ulIvLen; |
| 51 CK_BYTE_PTR pAAD; |
| 52 CK_ULONG ulAADLen; |
| 53 } CK_AEAD_PARAMS; |
| 54 |
| 55 #endif |
| 56 |
| 43 #include <stdio.h> | 57 #include <stdio.h> |
| 44 #ifdef NSS_ENABLE_ZLIB | 58 #ifdef NSS_ENABLE_ZLIB |
| 45 #include "zlib.h" | 59 #include "zlib.h" |
| 46 #endif | 60 #endif |
| 47 #ifdef LINUX | 61 #ifdef LINUX |
| 48 #include <dlfcn.h> | 62 #include <dlfcn.h> |
| 49 #endif | 63 #endif |
| 50 | 64 |
| 51 #ifndef PK11_SETATTRS | 65 #ifndef PK11_SETATTRS |
| 52 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ | 66 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 93 #define MIN_SEND_BUF_LENGTH 4000 | 107 #define MIN_SEND_BUF_LENGTH 4000 |
| 94 | 108 |
| 95 /* This list of SSL3 cipher suites is sorted in descending order of | 109 /* This list of SSL3 cipher suites is sorted in descending order of |
| 96 * precedence (desirability). It only includes cipher suites we implement. | 110 * precedence (desirability). It only includes cipher suites we implement. |
| 97 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites | 111 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites |
| 98 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c) | 112 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c) |
| 99 */ | 113 */ |
| 100 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { | 114 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
| 101 /* cipher_suite policy enabled is_present*/ | 115 /* cipher_suite policy enabled is_present*/ |
| 102 #ifdef NSS_ENABLE_ECC | 116 #ifdef NSS_ENABLE_ECC |
| 117 { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 118 { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 103 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 119 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 104 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 120 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 105 #endif /* NSS_ENABLE_ECC */ | 121 #endif /* NSS_ENABLE_ECC */ |
| 106 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, | 122 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
| 107 { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, | 123 { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
| 108 | 124 |
| 109 #ifdef NSS_ENABLE_ECC | 125 #ifdef NSS_ENABLE_ECC |
| 110 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 126 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 111 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 127 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
| 112 #endif /* NSS_ENABLE_ECC */ | 128 #endif /* NSS_ENABLE_ECC */ |
| (...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 266 {cipher_des, calg_des, 8, 8, type_block, 8, 8, 0, 0}, | 282 {cipher_des, calg_des, 8, 8, type_block, 8, 8, 0, 0}, |
| 267 {cipher_3des, calg_3des, 24,24, type_block, 8, 8, 0, 0}, | 283 {cipher_3des, calg_3des, 24,24, type_block, 8, 8, 0, 0}, |
| 268 {cipher_des40, calg_des, 8, 5, type_block, 8, 8, 0, 0}, | 284 {cipher_des40, calg_des, 8, 5, type_block, 8, 8, 0, 0}, |
| 269 {cipher_idea, calg_idea, 16,16, type_block, 8, 8, 0, 0}, | 285 {cipher_idea, calg_idea, 16,16, type_block, 8, 8, 0, 0}, |
| 270 {cipher_aes_128, calg_aes, 16,16, type_block, 16,16, 0, 0}, | 286 {cipher_aes_128, calg_aes, 16,16, type_block, 16,16, 0, 0}, |
| 271 {cipher_aes_256, calg_aes, 32,32, type_block, 16,16, 0, 0}, | 287 {cipher_aes_256, calg_aes, 32,32, type_block, 16,16, 0, 0}, |
| 272 {cipher_camellia_128, calg_camellia, 16,16, type_block, 16,16, 0, 0}, | 288 {cipher_camellia_128, calg_camellia, 16,16, type_block, 16,16, 0, 0}, |
| 273 {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0}, | 289 {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0}, |
| 274 {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0}, | 290 {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0}, |
| 275 {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8}, | 291 {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8}, |
| 292 {cipher_chacha20, calg_chacha20, 32,32, type_aead, 0, 0,16, 0}, |
| 276 {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0}, | 293 {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0}, |
| 277 }; | 294 }; |
| 278 | 295 |
| 279 static const ssl3KEADef kea_defs[] = | 296 static const ssl3KEADef kea_defs[] = |
| 280 { /* indexed by SSL3KeyExchangeAlgorithm */ | 297 { /* indexed by SSL3KeyExchangeAlgorithm */ |
| 281 /* kea exchKeyType signKeyType is_limited limit tls_keygen */ | 298 /* kea exchKeyType signKeyType is_limited limit tls_keygen */ |
| 282 {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE}, | 299 {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE}, |
| 283 {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE}, | 300 {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE}, |
| 284 {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE}, | 301 {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE}, |
| 285 {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE}, | 302 {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE}, |
| (...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 392 {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, | 409 {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, |
| 393 cipher_rc4_56, mac_sha,kea_rsa_export_1024}, | 410 cipher_rc4_56, mac_sha,kea_rsa_export_1024}, |
| 394 | 411 |
| 395 {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips}, | 412 {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips}, |
| 396 {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips}, | 413 {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips}, |
| 397 | 414 |
| 398 {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_
rsa}, | 415 {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_
rsa}, |
| 399 {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa}, | 416 {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa}, |
| 400 {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ec
dhe_rsa}, | 417 {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ec
dhe_rsa}, |
| 401 {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_
ecdhe_ecdsa}, | 418 {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_
ecdhe_ecdsa}, |
| 419 {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdhe_
rsa}, |
| 420 {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, cipher_chacha20, mac_aead, kea_ecdh
e_ecdsa}, |
| 402 | 421 |
| 403 #ifdef NSS_ENABLE_ECC | 422 #ifdef NSS_ENABLE_ECC |
| 404 {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, | 423 {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, |
| 405 {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa}, | 424 {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa}, |
| 406 {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa}
, | 425 {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa}
, |
| 407 {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecds
a}, | 426 {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecds
a}, |
| 408 {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecds
a}, | 427 {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecds
a}, |
| 409 | 428 |
| 410 {TLS_ECDHE_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_ecdsa
}, | 429 {TLS_ECDHE_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_ecdsa
}, |
| 411 {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa
}, | 430 {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa
}, |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 457 { calg_rc4 , CKM_RC4 }, | 476 { calg_rc4 , CKM_RC4 }, |
| 458 { calg_rc2 , CKM_RC2_CBC }, | 477 { calg_rc2 , CKM_RC2_CBC }, |
| 459 { calg_des , CKM_DES_CBC }, | 478 { calg_des , CKM_DES_CBC }, |
| 460 { calg_3des , CKM_DES3_CBC }, | 479 { calg_3des , CKM_DES3_CBC }, |
| 461 { calg_idea , CKM_IDEA_CBC }, | 480 { calg_idea , CKM_IDEA_CBC }, |
| 462 { calg_fortezza , CKM_SKIPJACK_CBC64 }, | 481 { calg_fortezza , CKM_SKIPJACK_CBC64 }, |
| 463 { calg_aes , CKM_AES_CBC }, | 482 { calg_aes , CKM_AES_CBC }, |
| 464 { calg_camellia , CKM_CAMELLIA_CBC }, | 483 { calg_camellia , CKM_CAMELLIA_CBC }, |
| 465 { calg_seed , CKM_SEED_CBC }, | 484 { calg_seed , CKM_SEED_CBC }, |
| 466 { calg_aes_gcm , CKM_AES_GCM }, | 485 { calg_aes_gcm , CKM_AES_GCM }, |
| 486 { calg_chacha20 , CKM_NSS_CHACHA20_POLY1305 }, |
| 467 /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */ | 487 /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */ |
| 468 }; | 488 }; |
| 469 | 489 |
| 470 #define mmech_invalid (CK_MECHANISM_TYPE)0x80000000L | 490 #define mmech_invalid (CK_MECHANISM_TYPE)0x80000000L |
| 471 #define mmech_md5 CKM_SSL3_MD5_MAC | 491 #define mmech_md5 CKM_SSL3_MD5_MAC |
| 472 #define mmech_sha CKM_SSL3_SHA1_MAC | 492 #define mmech_sha CKM_SSL3_SHA1_MAC |
| 473 #define mmech_md5_hmac CKM_MD5_HMAC | 493 #define mmech_md5_hmac CKM_MD5_HMAC |
| 474 #define mmech_sha_hmac CKM_SHA_1_HMAC | 494 #define mmech_sha_hmac CKM_SHA_1_HMAC |
| 475 #define mmech_sha256_hmac CKM_SHA256_HMAC | 495 #define mmech_sha256_hmac CKM_SHA256_HMAC |
| 476 #define mmech_sha384_hmac CKM_SHA384_HMAC | 496 #define mmech_sha384_hmac CKM_SHA384_HMAC |
| (...skipping 1536 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2013 } else { | 2033 } else { |
| 2014 rv = AES_Encrypt(cx, out, &uOutLen, maxout, in, inlen); | 2034 rv = AES_Encrypt(cx, out, &uOutLen, maxout, in, inlen); |
| 2015 } | 2035 } |
| 2016 AES_DestroyContext(cx, PR_FALSE); | 2036 AES_DestroyContext(cx, PR_FALSE); |
| 2017 *outlen += (int) uOutLen; | 2037 *outlen += (int) uOutLen; |
| 2018 | 2038 |
| 2019 return rv; | 2039 return rv; |
| 2020 } | 2040 } |
| 2021 #endif | 2041 #endif |
| 2022 | 2042 |
| 2043 static SECStatus |
| 2044 ssl3_ChaCha20Poly1305( |
| 2045 ssl3KeyMaterial *keys, |
| 2046 PRBool doDecrypt, |
| 2047 unsigned char *out, |
| 2048 int *outlen, |
| 2049 int maxout, |
| 2050 const unsigned char *in, |
| 2051 int inlen, |
| 2052 const unsigned char *additionalData, |
| 2053 int additionalDataLen) |
| 2054 { |
| 2055 SECItem param; |
| 2056 SECStatus rv = SECFailure; |
| 2057 unsigned int uOutLen; |
| 2058 CK_AEAD_PARAMS aeadParams; |
| 2059 |
| 2060 param.type = siBuffer; |
| 2061 param.len = sizeof(aeadParams); |
| 2062 param.data = (unsigned char *) &aeadParams; |
| 2063 memset(&aeadParams, 0, sizeof(CK_AEAD_PARAMS)); |
| 2064 aeadParams.pIv = (unsigned char *) additionalData; |
| 2065 aeadParams.ulIvLen = 8; |
| 2066 aeadParams.pAAD = (unsigned char *) additionalData; |
| 2067 aeadParams.ulAADLen = additionalDataLen; |
| 2068 |
| 2069 if (doDecrypt) { |
| 2070 rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
| 2071 out, &uOutLen, maxout, in, inlen); |
| 2072 } else { |
| 2073 rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
| 2074 out, &uOutLen, maxout, in, inlen); |
| 2075 } |
| 2076 *outlen = (int) uOutLen; |
| 2077 |
| 2078 return rv; |
| 2079 } |
| 2080 |
| 2023 /* Initialize encryption and MAC contexts for pending spec. | 2081 /* Initialize encryption and MAC contexts for pending spec. |
| 2024 * Master Secret already is derived. | 2082 * Master Secret already is derived. |
| 2025 * Caller holds Spec write lock. | 2083 * Caller holds Spec write lock. |
| 2026 */ | 2084 */ |
| 2027 static SECStatus | 2085 static SECStatus |
| 2028 ssl3_InitPendingContextsPKCS11(sslSocket *ss) | 2086 ssl3_InitPendingContextsPKCS11(sslSocket *ss) |
| 2029 { | 2087 { |
| 2030 ssl3CipherSpec * pwSpec; | 2088 ssl3CipherSpec * pwSpec; |
| 2031 const ssl3BulkCipherDef *cipher_def; | 2089 const ssl3BulkCipherDef *cipher_def; |
| 2032 PK11Context * serverContext = NULL; | 2090 PK11Context * serverContext = NULL; |
| (...skipping 13 matching lines...) Expand all Loading... |
| 2046 | 2104 |
| 2047 pwSpec = ss->ssl3.pwSpec; | 2105 pwSpec = ss->ssl3.pwSpec; |
| 2048 cipher_def = pwSpec->cipher_def; | 2106 cipher_def = pwSpec->cipher_def; |
| 2049 macLength = pwSpec->mac_size; | 2107 macLength = pwSpec->mac_size; |
| 2050 calg = cipher_def->calg; | 2108 calg = cipher_def->calg; |
| 2051 PORT_Assert(alg2Mech[calg].calg == calg); | 2109 PORT_Assert(alg2Mech[calg].calg == calg); |
| 2052 | 2110 |
| 2053 pwSpec->client.write_mac_context = NULL; | 2111 pwSpec->client.write_mac_context = NULL; |
| 2054 pwSpec->server.write_mac_context = NULL; | 2112 pwSpec->server.write_mac_context = NULL; |
| 2055 | 2113 |
| 2056 if (calg == calg_aes_gcm) { | 2114 if (calg == calg_aes_gcm || calg == calg_chacha20) { |
| 2057 pwSpec->encode = NULL; | 2115 pwSpec->encode = NULL; |
| 2058 pwSpec->decode = NULL; | 2116 pwSpec->decode = NULL; |
| 2059 pwSpec->destroy = NULL; | 2117 pwSpec->destroy = NULL; |
| 2060 pwSpec->encodeContext = NULL; | 2118 pwSpec->encodeContext = NULL; |
| 2061 pwSpec->decodeContext = NULL; | 2119 pwSpec->decodeContext = NULL; |
| 2062 » pwSpec->aead = ssl3_AESGCM; | 2120 » if (calg == calg_aes_gcm) { |
| 2121 » pwSpec->aead = ssl3_AESGCM; |
| 2122 » } else { |
| 2123 » pwSpec->aead = ssl3_ChaCha20Poly1305; |
| 2124 » } |
| 2063 return SECSuccess; | 2125 return SECSuccess; |
| 2064 } | 2126 } |
| 2065 | 2127 |
| 2066 /* | 2128 /* |
| 2067 ** Now setup the MAC contexts, | 2129 ** Now setup the MAC contexts, |
| 2068 ** crypto contexts are setup below. | 2130 ** crypto contexts are setup below. |
| 2069 */ | 2131 */ |
| 2070 | 2132 |
| 2071 mac_mech = pwSpec->mac_def->mmech; | 2133 mac_mech = pwSpec->mac_def->mmech; |
| 2072 mac_param.data = (unsigned char *)&macLength; | 2134 mac_param.data = (unsigned char *)&macLength; |
| (...skipping 10318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 12391 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12453 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
| 12392 } | 12454 } |
| 12393 } | 12455 } |
| 12394 | 12456 |
| 12395 ss->ssl3.initialized = PR_FALSE; | 12457 ss->ssl3.initialized = PR_FALSE; |
| 12396 | 12458 |
| 12397 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12459 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
| 12398 } | 12460 } |
| 12399 | 12461 |
| 12400 /* End of ssl3con.c */ | 12462 /* End of ssl3con.c */ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23619044:
net: add ChaCha20+Poly1305 support to libssl. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src