OLD | NEW |
---|---|
1 /* | 1 /* |
2 * SSL3 Protocol | 2 * SSL3 Protocol |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 /* TLS extension code moved here from ssl3ecc.c */ | 8 /* TLS extension code moved here from ssl3ecc.c */ |
9 | 9 |
10 #include "nssrenam.h" | 10 #include "nssrenam.h" |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
74 PRUint16 ex_type, SECItem *data); | 74 PRUint16 ex_type, SECItem *data); |
75 static SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, | 75 static SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, |
76 PRUint16 ex_type, | 76 PRUint16 ex_type, |
77 SECItem *data); | 77 SECItem *data); |
78 static PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket * ss, PRBool append, | 78 static PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket * ss, PRBool append, |
79 PRUint32 maxBytes); | 79 PRUint32 maxBytes); |
80 static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append, | 80 static PRInt32 ssl3_ClientSendSigAlgsXtn(sslSocket *ss, PRBool append, |
81 PRUint32 maxBytes); | 81 PRUint32 maxBytes); |
82 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, | 82 static SECStatus ssl3_ServerHandleSigAlgsXtn(sslSocket *ss, PRUint16 ex_type, |
83 SECItem *data); | 83 SECItem *data); |
84 static PRInt32 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, | |
85 PRBool append, | |
86 PRUint32 maxBytes); | |
87 static SECStatus ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, | |
88 PRUint16 ex_type, | |
89 SECItem *data); | |
84 | 90 |
85 /* | 91 /* |
86 * Write bytes. Using this function means the SECItem structure | 92 * Write bytes. Using this function means the SECItem structure |
87 * cannot be freed. The caller is expected to call this function | 93 * cannot be freed. The caller is expected to call this function |
88 * on a shallow copy of the structure. | 94 * on a shallow copy of the structure. |
89 */ | 95 */ |
90 static SECStatus | 96 static SECStatus |
91 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) | 97 ssl3_AppendToItem(SECItem *item, const unsigned char *buf, PRUint32 bytes) |
92 { | 98 { |
93 if (bytes > item->len) | 99 if (bytes > item->len) |
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
252 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { | 258 static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = { |
253 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, | 259 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn }, |
254 /* TODO: add a handler for ssl_ec_point_formats_xtn */ | 260 /* TODO: add a handler for ssl_ec_point_formats_xtn */ |
255 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, | 261 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, |
256 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 262 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
257 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, | 263 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, |
258 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, | 264 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, |
259 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, | 265 { ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn }, |
260 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, | 266 { ssl_channel_id_xtn, &ssl3_ClientHandleChannelIDXtn }, |
261 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, | 267 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, |
268 { ssl_signed_certificate_timestamp_xtn, | |
269 &ssl3_ClientHandleSignedCertTimestampXtn }, | |
262 { -1, NULL } | 270 { -1, NULL } |
263 }; | 271 }; |
264 | 272 |
265 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { | 273 static const ssl3HelloExtensionHandler serverHelloHandlersSSL3[] = { |
266 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, | 274 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, |
267 { -1, NULL } | 275 { -1, NULL } |
268 }; | 276 }; |
269 | 277 |
270 /* Tables of functions to format TLS hello extensions, one function per | 278 /* Tables of functions to format TLS hello extensions, one function per |
271 * extension. | 279 * extension. |
272 * These static tables are for the formatting of client hello extensions. | 280 * These static tables are for the formatting of client hello extensions. |
273 * The server's table of hello senders is dynamic, in the socket struct, | 281 * The server's table of hello senders is dynamic, in the socket struct, |
274 * and sender functions are registered there. | 282 * and sender functions are registered there. |
275 */ | 283 */ |
276 static const | 284 static const |
277 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { | 285 ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = { |
278 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, | 286 { ssl_server_name_xtn, &ssl3_SendServerNameXtn }, |
279 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, | 287 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }, |
280 #ifdef NSS_ENABLE_ECC | 288 #ifdef NSS_ENABLE_ECC |
281 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, | 289 { ssl_elliptic_curves_xtn, &ssl3_SendSupportedCurvesXtn }, |
282 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, | 290 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, |
283 #endif | 291 #endif |
284 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, | 292 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn }, |
285 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, | 293 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, |
286 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, | 294 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, |
287 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, | 295 { ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn }, |
288 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, | 296 { ssl_channel_id_xtn, &ssl3_ClientSendChannelIDXtn }, |
289 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, | 297 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, |
290 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn } | 298 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn }, |
299 { ssl_signed_certificate_timestamp_xtn, | |
300 &ssl3_ClientSendSignedCertTimestampXtn }, | |
wtc
2013/11/08 19:51:31
Nit: omit the comma (,).
ekasper
2013/11/18 17:47:18
Done.
| |
291 /* any extra entries will appear as { 0, NULL } */ | 301 /* any extra entries will appear as { 0, NULL } */ |
292 }; | 302 }; |
293 | 303 |
294 static const | 304 static const |
295 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { | 305 ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = { |
296 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } | 306 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn } |
297 /* any extra entries will appear as { 0, NULL } */ | 307 /* any extra entries will appear as { 0, NULL } */ |
298 }; | 308 }; |
299 | 309 |
300 static PRBool | 310 static PRBool |
(...skipping 1989 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2290 } else if (maxBytes < extension_length) { | 2300 } else if (maxBytes < extension_length) { |
2291 PORT_Assert(0); | 2301 PORT_Assert(0); |
2292 return 0; | 2302 return 0; |
2293 } | 2303 } |
2294 | 2304 |
2295 return extension_length; | 2305 return extension_length; |
2296 | 2306 |
2297 loser: | 2307 loser: |
2298 return -1; | 2308 return -1; |
2299 } | 2309 } |
2310 | |
2311 /* ssl3_ClientSendSignedCertTimestampXtn sends the signed_certificate_timestamp | |
2312 * extension for TLS ClientHellos. */ | |
2313 static PRInt32 | |
2314 ssl3_ClientSendSignedCertTimestampXtn(sslSocket *ss, PRBool append, | |
2315 PRUint32 maxBytes) | |
2316 { | |
2317 /* Only send the extension if processing is enabled. */ | |
2318 if (!ss->opt.enableSignedCertTimestamps) | |
2319 return 0; | |
2320 | |
2321 PRInt32 extension_length = 2 /* extension_type */ + | |
2322 2 /* length(extension_data) */; | |
wtc
2013/11/08 19:51:31
IMPORTANT: move the variable declaration to the be
ekasper
2013/11/18 17:47:18
Done, thanks for catching this.
| |
2323 | |
2324 if (append && maxBytes >= extension_length) { | |
2325 SECStatus rv; | |
2326 /* extension_type */ | |
2327 rv = ssl3_AppendHandshakeNumber(ss, | |
2328 ssl_signed_certificate_timestamp_xtn, | |
2329 2); | |
2330 if (rv != SECSuccess) | |
2331 goto loser; | |
2332 /* zero length */ | |
2333 rv = ssl3_AppendHandshakeNumber(ss, 0, 2); | |
2334 if (rv != SECSuccess) | |
2335 goto loser; | |
2336 ss->xtnData.advertised[ss->xtnData.numAdvertised++] = | |
2337 ssl_signed_certificate_timestamp_xtn; | |
2338 } else if (maxBytes < extension_length) { | |
2339 PORT_Assert(0); | |
2340 return 0; | |
2341 } | |
2342 | |
2343 return extension_length; | |
2344 loser: | |
2345 return -1; | |
2346 } | |
2347 | |
2348 static SECStatus | |
2349 ssl3_ClientHandleSignedCertTimestampXtn(sslSocket *ss, PRUint16 ex_type, | |
2350 SECItem *data) | |
2351 { | |
2352 /* We do not yet know whether we'll be reusing a session or creating | |
wtc
2013/11/08 19:51:31
Nit: reusing => resuming
ekasper
2013/11/18 17:47:18
I actually meant "reusing" (as in reusing the stru
| |
2353 * a new one, so we keep a pointer to the data in the TLSExtensionData | |
2354 * structure. This pointer is only valid in the scope of | |
2355 * ssl3_HandleServerHello, and, if not resuming a session, a copy of the | |
2356 * data is made once a new session has been set up. | |
wtc
2013/11/08 19:51:31
Nit: "a copy of the data is made" => "the data is
ekasper
2013/11/18 17:47:18
Done.
| |
2357 * All parsing is currently left to the application and we accept | |
2358 * everything, including empty data. | |
2359 */ | |
2360 SECItem *scts = &ss->xtnData.signedCertTimestamps; | |
2361 PORT_Assert(!scts->data && !scts->len); | |
2362 *scts = *data; | |
2363 /* Keep track of negotiated extensions. */ | |
2364 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | |
2365 return SECSuccess; | |
2366 } | |
OLD | NEW |