OLD | NEW |
---|---|
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 22 matching lines...) Expand all Loading... | |
33 | 33 |
34 /* This is a bodge to allow this code to be compiled against older NSS headers | 34 /* This is a bodge to allow this code to be compiled against older NSS headers |
35 * that don't contain the TLS 1.2 changes. */ | 35 * that don't contain the TLS 1.2 changes. */ |
36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 | 36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 |
37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) | 37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) |
38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) | 38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) |
39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) | 39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) |
40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) | 40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
41 #endif | 41 #endif |
42 | 42 |
43 /* This is a bodge to allow this code to be compiled against older NSS | |
44 * headers. */ | |
45 #ifndef CKM_NSS_CHACHA20_POLY1305 | |
46 #define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 25) | |
47 | |
48 typedef struct CK_AEAD_PARAMS { | |
49 CK_BYTE_PTR pIv; /* This is the nonce. */ | |
50 CK_ULONG ulIvLen; | |
51 CK_BYTE_PTR pAAD; | |
52 CK_ULONG ulAADLen; | |
53 } CK_AEAD_PARAMS; | |
wtc
2013/09/13 17:29:14
This differs from CK_GCM_PARAMS only in the ulTagB
agl
2013/09/13 20:51:45
I don't plan on truncating the MAC, but others mig
wtc
2013/09/13 21:32:26
For the struct to be named CK_AEAD_PARAMS, it shou
agl
2013/09/16 22:19:07
I've added the ulTagBit member.
| |
54 | |
55 #endif | |
56 | |
43 #include <stdio.h> | 57 #include <stdio.h> |
44 #ifdef NSS_ENABLE_ZLIB | 58 #ifdef NSS_ENABLE_ZLIB |
45 #include "zlib.h" | 59 #include "zlib.h" |
46 #endif | 60 #endif |
47 #ifdef LINUX | 61 #ifdef LINUX |
48 #include <dlfcn.h> | 62 #include <dlfcn.h> |
49 #endif | 63 #endif |
50 | 64 |
51 #ifndef PK11_SETATTRS | 65 #ifndef PK11_SETATTRS |
52 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ | 66 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
93 #define MIN_SEND_BUF_LENGTH 4000 | 107 #define MIN_SEND_BUF_LENGTH 4000 |
94 | 108 |
95 /* This list of SSL3 cipher suites is sorted in descending order of | 109 /* This list of SSL3 cipher suites is sorted in descending order of |
96 * precedence (desirability). It only includes cipher suites we implement. | 110 * precedence (desirability). It only includes cipher suites we implement. |
97 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites | 111 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites |
98 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c) | 112 * in this table must match the ordering in SSL_ImplementedCiphers (sslenum.c) |
99 */ | 113 */ |
100 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { | 114 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
101 /* cipher_suite policy enabled is_present*/ | 115 /* cipher_suite policy enabled is_present*/ |
102 #ifdef NSS_ENABLE_ECC | 116 #ifdef NSS_ENABLE_ECC |
117 { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE}, | |
118 { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE}, | |
wtc
2013/09/13 17:29:14
The |enabled| setting for the two CHACHA20_POLY130
agl
2013/09/13 20:51:45
Done.
| |
103 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 119 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
104 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 120 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
105 #endif /* NSS_ENABLE_ECC */ | 121 #endif /* NSS_ENABLE_ECC */ |
106 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, | 122 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
107 { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, | 123 { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_TRUE,PR_FALSE}, |
108 | 124 |
109 #ifdef NSS_ENABLE_ECC | 125 #ifdef NSS_ENABLE_ECC |
110 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 126 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
111 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, | 127 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}, |
112 #endif /* NSS_ENABLE_ECC */ | 128 #endif /* NSS_ENABLE_ECC */ |
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
266 {cipher_des, calg_des, 8, 8, type_block, 8, 8, 0, 0}, | 282 {cipher_des, calg_des, 8, 8, type_block, 8, 8, 0, 0}, |
267 {cipher_3des, calg_3des, 24,24, type_block, 8, 8, 0, 0}, | 283 {cipher_3des, calg_3des, 24,24, type_block, 8, 8, 0, 0}, |
268 {cipher_des40, calg_des, 8, 5, type_block, 8, 8, 0, 0}, | 284 {cipher_des40, calg_des, 8, 5, type_block, 8, 8, 0, 0}, |
269 {cipher_idea, calg_idea, 16,16, type_block, 8, 8, 0, 0}, | 285 {cipher_idea, calg_idea, 16,16, type_block, 8, 8, 0, 0}, |
270 {cipher_aes_128, calg_aes, 16,16, type_block, 16,16, 0, 0}, | 286 {cipher_aes_128, calg_aes, 16,16, type_block, 16,16, 0, 0}, |
271 {cipher_aes_256, calg_aes, 32,32, type_block, 16,16, 0, 0}, | 287 {cipher_aes_256, calg_aes, 32,32, type_block, 16,16, 0, 0}, |
272 {cipher_camellia_128, calg_camellia, 16,16, type_block, 16,16, 0, 0}, | 288 {cipher_camellia_128, calg_camellia, 16,16, type_block, 16,16, 0, 0}, |
273 {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0}, | 289 {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0}, |
274 {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0}, | 290 {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0}, |
275 {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8}, | 291 {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8}, |
292 {cipher_c20p1305, calg_c20p1305, 32,32, type_aead, 0, 0,16, 0}, | |
276 {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0}, | 293 {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0}, |
277 }; | 294 }; |
278 | 295 |
279 static const ssl3KEADef kea_defs[] = | 296 static const ssl3KEADef kea_defs[] = |
280 { /* indexed by SSL3KeyExchangeAlgorithm */ | 297 { /* indexed by SSL3KeyExchangeAlgorithm */ |
281 /* kea exchKeyType signKeyType is_limited limit tls_keygen */ | 298 /* kea exchKeyType signKeyType is_limited limit tls_keygen */ |
282 {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE}, | 299 {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE}, |
283 {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE}, | 300 {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE}, |
284 {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE}, | 301 {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE}, |
285 {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE}, | 302 {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE}, |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
392 {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, | 409 {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, |
393 cipher_rc4_56, mac_sha,kea_rsa_export_1024}, | 410 cipher_rc4_56, mac_sha,kea_rsa_export_1024}, |
394 | 411 |
395 {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips}, | 412 {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips}, |
396 {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips}, | 413 {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips}, |
397 | 414 |
398 {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_ rsa}, | 415 {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_ rsa}, |
399 {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa}, | 416 {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa}, |
400 {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ec dhe_rsa}, | 417 {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ec dhe_rsa}, |
401 {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ ecdhe_ecdsa}, | 418 {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ ecdhe_ecdsa}, |
419 {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, cipher_c20p1305, mac_null, kea_ecdh e_ecdsa}, | |
420 {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, cipher_c20p1305, mac_null, kea_ecdhe_ rsa}, | |
wtc
2013/09/13 17:29:14
Use mac_aead instead of mac_null.
Nit: list ECDHE
agl
2013/09/13 20:51:45
Done.
| |
402 | 421 |
403 #ifdef NSS_ENABLE_ECC | 422 #ifdef NSS_ENABLE_ECC |
404 {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, | 423 {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa}, |
405 {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa}, | 424 {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa}, |
406 {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa} , | 425 {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_ecdh_ecdsa} , |
407 {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecds a}, | 426 {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_ecdh_ecds a}, |
408 {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecds a}, | 427 {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_ecdh_ecds a}, |
409 | 428 |
410 {TLS_ECDHE_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_ecdsa }, | 429 {TLS_ECDHE_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdhe_ecdsa }, |
411 {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa }, | 430 {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdhe_ecdsa }, |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
457 { calg_rc4 , CKM_RC4 }, | 476 { calg_rc4 , CKM_RC4 }, |
458 { calg_rc2 , CKM_RC2_CBC }, | 477 { calg_rc2 , CKM_RC2_CBC }, |
459 { calg_des , CKM_DES_CBC }, | 478 { calg_des , CKM_DES_CBC }, |
460 { calg_3des , CKM_DES3_CBC }, | 479 { calg_3des , CKM_DES3_CBC }, |
461 { calg_idea , CKM_IDEA_CBC }, | 480 { calg_idea , CKM_IDEA_CBC }, |
462 { calg_fortezza , CKM_SKIPJACK_CBC64 }, | 481 { calg_fortezza , CKM_SKIPJACK_CBC64 }, |
463 { calg_aes , CKM_AES_CBC }, | 482 { calg_aes , CKM_AES_CBC }, |
464 { calg_camellia , CKM_CAMELLIA_CBC }, | 483 { calg_camellia , CKM_CAMELLIA_CBC }, |
465 { calg_seed , CKM_SEED_CBC }, | 484 { calg_seed , CKM_SEED_CBC }, |
466 { calg_aes_gcm , CKM_AES_GCM }, | 485 { calg_aes_gcm , CKM_AES_GCM }, |
486 { calg_c20p1305 , CKM_NSS_CHACHA20_POLY1305 }, | |
467 /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */ | 487 /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */ |
468 }; | 488 }; |
469 | 489 |
470 #define mmech_invalid (CK_MECHANISM_TYPE)0x80000000L | 490 #define mmech_invalid (CK_MECHANISM_TYPE)0x80000000L |
471 #define mmech_md5 CKM_SSL3_MD5_MAC | 491 #define mmech_md5 CKM_SSL3_MD5_MAC |
472 #define mmech_sha CKM_SSL3_SHA1_MAC | 492 #define mmech_sha CKM_SSL3_SHA1_MAC |
473 #define mmech_md5_hmac CKM_MD5_HMAC | 493 #define mmech_md5_hmac CKM_MD5_HMAC |
474 #define mmech_sha_hmac CKM_SHA_1_HMAC | 494 #define mmech_sha_hmac CKM_SHA_1_HMAC |
475 #define mmech_sha256_hmac CKM_SHA256_HMAC | 495 #define mmech_sha256_hmac CKM_SHA256_HMAC |
476 #define mmech_sha384_hmac CKM_SHA384_HMAC | 496 #define mmech_sha384_hmac CKM_SHA384_HMAC |
(...skipping 1536 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2013 } else { | 2033 } else { |
2014 rv = AES_Encrypt(cx, out, &uOutLen, maxout, in, inlen); | 2034 rv = AES_Encrypt(cx, out, &uOutLen, maxout, in, inlen); |
2015 } | 2035 } |
2016 AES_DestroyContext(cx, PR_FALSE); | 2036 AES_DestroyContext(cx, PR_FALSE); |
2017 *outlen += (int) uOutLen; | 2037 *outlen += (int) uOutLen; |
2018 | 2038 |
2019 return rv; | 2039 return rv; |
2020 } | 2040 } |
2021 #endif | 2041 #endif |
2022 | 2042 |
2043 static SECStatus | |
2044 ssl3_ChaCha20Poly1305( | |
2045 ssl3KeyMaterial *keys, | |
2046 PRBool doDecrypt, | |
2047 unsigned char *out, | |
2048 int *outlen, | |
2049 int maxout, | |
2050 const unsigned char *in, | |
2051 int inlen, | |
2052 const unsigned char *additionalData, | |
2053 int additionalDataLen) | |
2054 { | |
2055 SECItem param; | |
2056 SECStatus rv = SECFailure; | |
2057 static const int tagSize = 16; | |
wtc
2013/09/13 17:29:14
Delete tagSize. It's not used.
agl
2013/09/13 20:51:45
Done.
| |
2058 unsigned int uOutLen; | |
2059 CK_AEAD_PARAMS aeadParams; | |
2060 | |
2061 memset(¶m, 0, sizeof(param)); | |
2062 param.len = sizeof(CK_AEAD_PARAMS); | |
wtc
2013/09/13 17:29:14
Nit: use sizeof(aeadParams).
Nit: SECItem has jus
agl
2013/09/13 20:51:45
Done.
| |
2063 param.data = (unsigned char *) &aeadParams; | |
2064 memset(&aeadParams, 0, sizeof(CK_AEAD_PARAMS)); | |
2065 aeadParams.pIv = (unsigned char *) additionalData; | |
2066 aeadParams.ulIvLen = 8; | |
2067 aeadParams.pAAD = (unsigned char *) additionalData; | |
2068 aeadParams.ulAADLen = additionalDataLen; | |
2069 | |
2070 if (doDecrypt) { | |
2071 rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | |
2072 out, &uOutLen, maxout, in, inlen); | |
2073 } else { | |
2074 rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | |
2075 out, &uOutLen, maxout, in, inlen); | |
2076 } | |
2077 *outlen = (int) uOutLen; | |
2078 | |
2079 return rv; | |
2080 } | |
2081 | |
2023 /* Initialize encryption and MAC contexts for pending spec. | 2082 /* Initialize encryption and MAC contexts for pending spec. |
2024 * Master Secret already is derived. | 2083 * Master Secret already is derived. |
2025 * Caller holds Spec write lock. | 2084 * Caller holds Spec write lock. |
2026 */ | 2085 */ |
2027 static SECStatus | 2086 static SECStatus |
2028 ssl3_InitPendingContextsPKCS11(sslSocket *ss) | 2087 ssl3_InitPendingContextsPKCS11(sslSocket *ss) |
2029 { | 2088 { |
2030 ssl3CipherSpec * pwSpec; | 2089 ssl3CipherSpec * pwSpec; |
2031 const ssl3BulkCipherDef *cipher_def; | 2090 const ssl3BulkCipherDef *cipher_def; |
2032 PK11Context * serverContext = NULL; | 2091 PK11Context * serverContext = NULL; |
(...skipping 13 matching lines...) Expand all Loading... | |
2046 | 2105 |
2047 pwSpec = ss->ssl3.pwSpec; | 2106 pwSpec = ss->ssl3.pwSpec; |
2048 cipher_def = pwSpec->cipher_def; | 2107 cipher_def = pwSpec->cipher_def; |
2049 macLength = pwSpec->mac_size; | 2108 macLength = pwSpec->mac_size; |
2050 calg = cipher_def->calg; | 2109 calg = cipher_def->calg; |
2051 PORT_Assert(alg2Mech[calg].calg == calg); | 2110 PORT_Assert(alg2Mech[calg].calg == calg); |
2052 | 2111 |
2053 pwSpec->client.write_mac_context = NULL; | 2112 pwSpec->client.write_mac_context = NULL; |
2054 pwSpec->server.write_mac_context = NULL; | 2113 pwSpec->server.write_mac_context = NULL; |
2055 | 2114 |
2056 if (calg == calg_aes_gcm) { | 2115 if (calg == calg_aes_gcm || calg == calg_c20p1305) { |
wtc
2013/09/13 17:29:14
We should have a more systematic way to set the pw
| |
2057 pwSpec->encode = NULL; | 2116 pwSpec->encode = NULL; |
2058 pwSpec->decode = NULL; | 2117 pwSpec->decode = NULL; |
2059 pwSpec->destroy = NULL; | 2118 pwSpec->destroy = NULL; |
2060 pwSpec->encodeContext = NULL; | 2119 pwSpec->encodeContext = NULL; |
2061 pwSpec->decodeContext = NULL; | 2120 pwSpec->decodeContext = NULL; |
2062 » pwSpec->aead = ssl3_AESGCM; | 2121 » if (calg == calg_aes_gcm) { |
2122 » pwSpec->aead = ssl3_AESGCM; | |
2123 » } else { | |
2124 » pwSpec->aead = ssl3_ChaCha20Poly1305; | |
2125 » } | |
2063 return SECSuccess; | 2126 return SECSuccess; |
2064 } | 2127 } |
2065 | 2128 |
2066 /* | 2129 /* |
2067 ** Now setup the MAC contexts, | 2130 ** Now setup the MAC contexts, |
2068 ** crypto contexts are setup below. | 2131 ** crypto contexts are setup below. |
2069 */ | 2132 */ |
2070 | 2133 |
2071 mac_mech = pwSpec->mac_def->mmech; | 2134 mac_mech = pwSpec->mac_def->mmech; |
2072 mac_param.data = (unsigned char *)&macLength; | 2135 mac_param.data = (unsigned char *)&macLength; |
(...skipping 10318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
12391 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12454 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12392 } | 12455 } |
12393 } | 12456 } |
12394 | 12457 |
12395 ss->ssl3.initialized = PR_FALSE; | 12458 ss->ssl3.initialized = PR_FALSE; |
12396 | 12459 |
12397 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12460 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12398 } | 12461 } |
12399 | 12462 |
12400 /* End of ssl3con.c */ | 12463 /* End of ssl3con.c */ |
OLD | NEW |