Certificate Transparency TLS extension patch for NSS

net/third_party/nss/ssl/ssl.h

Index: net/third_party/nss/ssl/ssl.h
diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h
index 47468a0a289a1b712b2a7acde2a28c73dad4c31b..f8503eb5fba151900def95f59f2e145e5b8356f8 100644
--- a/net/third_party/nss/ssl/ssl.h
+++ b/net/third_party/nss/ssl/ssl.h
@@ -166,6 +166,8 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
  */
 #define SSL_CBC_RANDOM_IV 23
 #define SSL_ENABLE_OCSP_STAPLING       24 /* Request OCSP stapling (client) */
+/* Request Signed Certificate Timestamps via TLS extension (client) */
+#define SSL_ENABLE_SIGNED_CERT_TIMESTAMPS 25
 
 #ifdef SSL_DEPRECATED_FUNCTION 
 /* Old deprecated function names */
@@ -469,6 +471,24 @@ SSL_IMPORT CERTCertList *SSL_PeerCertificateChain(PRFileDesc *fd);
  */
 SSL_IMPORT const SECItemArray * SSL_PeerStapledOCSPResponses(PRFileDesc *fd);
 
+/* SSL_PeerSignedCertTimestamps returns the signed_certificate_timestamp
+ * extension data provided by the TLS server. The return value is a pointer
+ * to an internal SECItem that contains the returned response (as a serialized
+ * SignedCertificateTimestampList, see RFC 6962). The returned pointer is only
+ * valid until the callback function that calls SSL_PeerSignedCertTimestamps
+ * (e.g. the authenticate certificate hook, or the handshake callback) returns.

[wtc, 2013/11/19 23:52:29]

Thank you for improving this comment.

I now see that this comment comes from the comment for
SSL_PeerStapledOCSPResponses (lines 458-459). In the current implementation, I
believe the returned pointer is actually valid until the next handshake
(renegotiation) on the SSL connection. I wonder if we documented a shorter
validity period so that we may change the implementation if necessary.

[ekasper, 2013/11/20 16:06:27]

Yes, I'm pretty sure this is stricter than currently necessary but I wasn't sure
what exactly could trigger a reset (renegotiation, something else?) and, anyway,
I figured I'd keep it aligned with the stuff above.

+ *
+ * If no Signed Certificate Timestamps were given by the server then the result
+ * will be empty. If there was an error, or if SSLv2 was negotiated, then the

[wtc, 2013/11/19 23:52:29]

Nit: It's not necessary to mention "or if SSLv2 was negotiated" because that is
one of the possible errors. Not mentioning SSLv2 here means we won't need to
update this comment when we remove SSLv2 code from NSS.

[ekasper, 2013/11/20 16:06:27]

Done, and I've also made it a handshake error for the server to echo an empty
extension, so an empty response now always means "no SCT response from server".

+ * result will be NULL.
+ *
+ * You must set the SSL_ENABLE_SIGNED_CERT_TIMESTAMPS option to indicate support
+ * for Signed Certificate Timestamps to a server.
+ *
+ * libssl does not do any parsing or validation of the response itself.
+ */
+SSL_IMPORT const SECItem * SSL_PeerSignedCertTimestamps(PRFileDesc *fd);
+
 /* SSL_SetStapledOCSPResponses stores an array of one or multiple OCSP responses
  * in the fd's data, which may be sent as part of a server side cert_status
  * handshake message. Parameter |responses| is for the server certificate of