Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(236)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/nss/ssl/ssl3con.c

Issue 23851032: Merge 222724 "The NSS client auth (as opposed to NSS_PLATFORM_CL..." (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1599/src/
Patch Set: Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/patches/tls12backuphash.patch ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/ssl/ssl3con.c
===================================================================
--- net/third_party/nss/ssl/ssl3con.c (revision 223079)
+++ net/third_party/nss/ssl/ssl3con.c (working copy)
@@ -6589,6 +6589,70 @@
}
+/*
+ * Returns true if the client authentication key is an RSA or DSA key that
+ * may be able to sign only SHA-1 hashes.
+ */
+static PRBool
+ssl3_ClientKeyPrefersSHA1(sslSocket *ss)
+{
+ SECKEYPublicKey *pubk;
+ PRBool prefer_sha1 = PR_FALSE;
+
+#if defined(NSS_PLATFORM_CLIENT_AUTH) && defined(_WIN32)
+ /* If the key is in CAPI, assume conservatively that the CAPI service
+ * provider may be unable to sign SHA-256 hashes.
+ */
+ if (ss->ssl3.platformClientKey->dwKeySpec != CERT_NCRYPT_KEY_SPEC) {
+ /* CAPI only supports RSA and DSA signatures, so we don't need to
+ * check the key type. */
+ return PR_TRUE;
+ }
+#endif /* NSS_PLATFORM_CLIENT_AUTH && _WIN32 */
+
+ /* If the key is a 1024-bit RSA or DSA key, assume conservatively that
+ * it may be unable to sign SHA-256 hashes. This is the case for older
+ * Estonian ID cards that have 1024-bit RSA keys. In FIPS 186-2 and
+ * older, DSA key size is at most 1024 bits and the hash function must
+ * be SHA-1.
+ */
+ pubk = CERT_ExtractPublicKey(ss->ssl3.clientCertificate);
+ if (pubk == NULL) {
+ return PR_FALSE;
+ }
+ if (pubk->keyType == rsaKey || pubk->keyType == dsaKey) {
+ prefer_sha1 = SECKEY_PublicKeyStrength(pubk) <= 128;
+ }
+ SECKEY_DestroyPublicKey(pubk);
+ return prefer_sha1;
+}
+
+/* Destroys the backup handshake hash context if we don't need it. */
+static void
+ssl3_DestroyBackupHandshakeHashIfNotNeeded(sslSocket *ss,
+ const SECItem *algorithms)
+{
+ PRBool need_backup_hash = PR_FALSE;
+ unsigned int i;
+
+ PORT_Assert(ss->ssl3.hs.md5);
+ if (ssl3_ClientKeyPrefersSHA1(ss)) {
+ /* Use SHA-1 if the server supports it. */
+ for (i = 0; i < algorithms->len; i += 2) {
+ if (algorithms->data[i] == tls_hash_sha1 &&
+ (algorithms->data[i+1] == tls_sig_rsa ||
+ algorithms->data[i+1] == tls_sig_dsa)) {
+ need_backup_hash = PR_TRUE;
+ break;
+ }
+ }
+ }
+ if (!need_backup_hash) {
+ PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);
+ ss->ssl3.hs.md5 = NULL;
+ }
+}
+
typedef struct dnameNode {
struct dnameNode *next;
SECItem name;
@@ -6781,55 +6845,8 @@
}
goto send_no_certificate;
}
-
- if (isTLS12 && ss->ssl3.hs.md5) {
- PRBool need_backup_hash = PR_FALSE;
- PRBool prefer_sha1 = PR_FALSE;
-#ifdef _WIN32
- /* If the key is in CAPI, assume conservatively that the CAPI
- * service provider may be unable to sign SHA-256 hashes.
- */
- if (ss->ssl3.platformClientKey->dwKeySpec !=
- CERT_NCRYPT_KEY_SPEC) {
- /* CAPI only supports RSA and DSA signatures, so we don't
- * need to check the key type. */
- prefer_sha1 = PR_TRUE;
- }
-#endif /* _WIN32 */
- /* If the key is a 1024-bit RSA or DSA key, assume
- * conservatively that it may be unable to sign SHA-256
- * hashes. This is the case for older Estonian ID cards that
- * have 1024-bit RSA keys. In FIPS 186-2 and older, DSA key
- * size is at most 1024 bits and the hash function must be
- * SHA-1.
- */
- if (!prefer_sha1) {
- SECKEYPublicKey *pubk =
- CERT_ExtractPublicKey(ss->ssl3.clientCertificate);
- if (pubk == NULL) {
- errCode = SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE;
- goto loser;
- }
- if (pubk->keyType == rsaKey || pubk->keyType == dsaKey) {
- prefer_sha1 = SECKEY_PublicKeyStrength(pubk) <= 128;
- }
- SECKEY_DestroyPublicKey(pubk);
- }
- /* Use SHA-1 if the server supports it. */
- if (prefer_sha1) {
- for (i = 0; i < algorithms.len; i += 2) {
- if (algorithms.data[i] == tls_hash_sha1 &&
- (algorithms.data[i+1] == tls_sig_rsa ||
- algorithms.data[i+1] == tls_sig_dsa)) {
- need_backup_hash = PR_TRUE;
- break;
- }
- }
- }
- if (!need_backup_hash) {
- PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);
- ss->ssl3.hs.md5 = NULL;
- }
+ if (isTLS12) {
+ ssl3_DestroyBackupHandshakeHashIfNotNeeded(ss, &algorithms);
}
break; /* not an error */
}
@@ -6866,6 +6883,9 @@
}
goto send_no_certificate;
}
+ if (isTLS12) {
+ ssl3_DestroyBackupHandshakeHashIfNotNeeded(ss, &algorithms);
+ }
break; /* not an error */
case SECFailure:
« no previous file with comments | « net/third_party/nss/patches/tls12backuphash.patch ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698