OLD | NEW |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ | 9 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ |
10 | 10 |
(...skipping 25 matching lines...) Expand all Loading... |
36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 | 36 #ifndef CKM_NSS_TLS_PRF_GENERAL_SHA256 |
37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) | 37 #define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21) |
38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) | 38 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22) |
39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) | 39 #define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23) |
40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) | 40 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
41 #endif | 41 #endif |
42 | 42 |
43 /* This is a bodge to allow this code to be compiled against older NSS | 43 /* This is a bodge to allow this code to be compiled against older NSS |
44 * headers. */ | 44 * headers. */ |
45 #ifndef CKM_NSS_CHACHA20_POLY1305 | 45 #ifndef CKM_NSS_CHACHA20_POLY1305 |
46 #define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 25) | 46 #define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 26) |
47 | 47 |
48 typedef struct CK_AEAD_PARAMS { | 48 typedef struct CK_NSS_AEAD_PARAMS { |
49 CK_BYTE_PTR pIv; /* This is the nonce. */ | 49 CK_BYTE_PTR pIv; /* This is the nonce. */ |
50 CK_ULONG ulIvLen; | 50 CK_ULONG ulIvLen; |
51 CK_BYTE_PTR pAAD; | 51 CK_BYTE_PTR pAAD; |
52 CK_ULONG ulAADLen; | 52 CK_ULONG ulAADLen; |
53 CK_ULONG ulTagBits; | 53 CK_ULONG ulTagLen; |
54 } CK_AEAD_PARAMS; | 54 } CK_NSS_AEAD_PARAMS; |
55 | 55 |
56 #endif | 56 #endif |
57 | 57 |
58 #include <stdio.h> | 58 #include <stdio.h> |
59 #ifdef NSS_ENABLE_ZLIB | 59 #ifdef NSS_ENABLE_ZLIB |
60 #include "zlib.h" | 60 #include "zlib.h" |
61 #endif | 61 #endif |
62 #ifdef LINUX | 62 #ifdef LINUX |
63 #include <dlfcn.h> | 63 #include <dlfcn.h> |
64 #endif | 64 #endif |
(...skipping 1992 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2057 int *outlen, | 2057 int *outlen, |
2058 int maxout, | 2058 int maxout, |
2059 const unsigned char *in, | 2059 const unsigned char *in, |
2060 int inlen, | 2060 int inlen, |
2061 const unsigned char *additionalData, | 2061 const unsigned char *additionalData, |
2062 int additionalDataLen) | 2062 int additionalDataLen) |
2063 { | 2063 { |
2064 SECItem param; | 2064 SECItem param; |
2065 SECStatus rv = SECFailure; | 2065 SECStatus rv = SECFailure; |
2066 unsigned int uOutLen; | 2066 unsigned int uOutLen; |
2067 CK_AEAD_PARAMS aeadParams; | 2067 CK_NSS_AEAD_PARAMS aeadParams; |
2068 static const int tagSize = 16; | 2068 static const int tagSize = 16; |
2069 | 2069 |
2070 param.type = siBuffer; | 2070 param.type = siBuffer; |
2071 param.len = sizeof(aeadParams); | 2071 param.len = sizeof(aeadParams); |
2072 param.data = (unsigned char *) &aeadParams; | 2072 param.data = (unsigned char *) &aeadParams; |
2073 memset(&aeadParams, 0, sizeof(CK_AEAD_PARAMS)); | 2073 memset(&aeadParams, 0, sizeof(aeadParams)); |
2074 aeadParams.pIv = (unsigned char *) additionalData; | 2074 aeadParams.pIv = (unsigned char *) additionalData; |
2075 aeadParams.ulIvLen = 8; | 2075 aeadParams.ulIvLen = 8; |
2076 aeadParams.pAAD = (unsigned char *) additionalData; | 2076 aeadParams.pAAD = (unsigned char *) additionalData; |
2077 aeadParams.ulAADLen = additionalDataLen; | 2077 aeadParams.ulAADLen = additionalDataLen; |
2078 aeadParams.ulTagBits = tagSize * 8; | 2078 aeadParams.ulTagLen = tagSize; |
2079 | 2079 |
2080 if (doDecrypt) { | 2080 if (doDecrypt) { |
2081 rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | 2081 rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
2082 out, &uOutLen, maxout, in, inlen); | 2082 out, &uOutLen, maxout, in, inlen); |
2083 } else { | 2083 } else { |
2084 rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | 2084 rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
2085 out, &uOutLen, maxout, in, inlen); | 2085 out, &uOutLen, maxout, in, inlen); |
2086 } | 2086 } |
2087 *outlen = (int) uOutLen; | 2087 *outlen = (int) uOutLen; |
2088 | 2088 |
(...skipping 10474 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
12563 PORT_Free(ss->ssl3.hs.recvdFragments.buf); | 12563 PORT_Free(ss->ssl3.hs.recvdFragments.buf); |
12564 } | 12564 } |
12565 } | 12565 } |
12566 | 12566 |
12567 ss->ssl3.initialized = PR_FALSE; | 12567 ss->ssl3.initialized = PR_FALSE; |
12568 | 12568 |
12569 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); | 12569 SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE); |
12570 } | 12570 } |
12571 | 12571 |
12572 /* End of ssl3con.c */ | 12572 /* End of ssl3con.c */ |
OLD | NEW |