Left: | ||
Right: |
OLD | NEW |
---|---|
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 /* | 2 /* |
3 * SSL3 Protocol | 3 * SSL3 Protocol |
4 * | 4 * |
5 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
8 | 8 |
9 /* ECC code moved here from ssl3con.c */ | 9 /* ECC code moved here from ssl3con.c */ |
10 | 10 |
(...skipping 406 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
417 | 417 |
418 rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.ec.publicValue, &ecPoint); | 418 rv = SECITEM_CopyItem(peerKey->arena, &peerKey->u.ec.publicValue, &ecPoint); |
419 if (rv != SECSuccess) { | 419 if (rv != SECSuccess) { |
420 return SECFailure; | 420 return SECFailure; |
421 } | 421 } |
422 | 422 |
423 return SECSuccess; | 423 return SECSuccess; |
424 } | 424 } |
425 | 425 |
426 const namedGroupDef * | 426 const namedGroupDef * |
427 ssl_GetECGroupWithStrength(PRUint32 curvemsk, unsigned int requiredECCbits) | 427 ssl_GetECGroupWithStrength(sslSocket *ss, PRUint32 curvemsk, |
428 unsigned int requiredECCbits) | |
428 { | 429 { |
429 int i; | 430 int i; |
431 unsigned int groupCount; | |
430 | 432 |
431 for (i = 0; i < ssl_named_group_count; i++) { | 433 /* If a custom list of named groups is configured, use that. */ |
432 if (ssl_named_groups[i].type != group_type_ec || | 434 if (ss->numConfiguredGroups && ss->namedGroupsConfig) { |
mt
2016/08/24 00:19:32
BUG: This will crash when invoked from the code in
franziskus
2016/08/25 13:03:20
Done.
| |
433 ssl_named_groups[i].bits < requiredECCbits) { | 435 groupCount = ss->numConfiguredGroups; |
436 } else { | |
437 groupCount = ssl_named_group_count; | |
438 } | |
mt
2016/08/24 00:19:32
Initialize a pointer to the list as well at the sa
franziskus
2016/08/25 13:03:20
well, if it would be that easy... ssl_named_groups
mt
2016/09/01 05:55:45
Acknowledged.
| |
439 | |
440 for (i = 0; i < groupCount; i++) { | |
441 const namedGroupDef *group; | |
442 if (ss->numConfiguredGroups && ss->namedGroupsConfig) { | |
443 group = ss->namedGroupsConfig[i]; | |
444 } else { | |
445 group = &ssl_named_groups[i]; | |
446 } | |
447 if (group->type != group_type_ec || | |
448 group->bits < requiredECCbits) { | |
434 continue; | 449 continue; |
435 } | 450 } |
436 if ((curvemsk & (1U << i))) { | 451 if ((curvemsk & (1U << group->index))) { |
mt
2016/08/24 00:19:32
This mask is crappy, we should be using ssl_NamedG
franziskus
2016/08/25 13:03:21
Done.
| |
437 return &ssl_named_groups[i]; | 452 return group; |
438 } | 453 } |
439 } | 454 } |
440 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); | 455 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); |
441 return NULL; | 456 return NULL; |
442 } | 457 } |
443 | 458 |
444 /* Find the "weakest link". Get the strength of the signature and symmetric | 459 /* Find the "weakest link". Get the strength of the signature and symmetric |
445 * keys and choose a curve based on the weakest of those two. */ | 460 * keys and choose a curve based on the weakest of those two. */ |
446 const namedGroupDef * | 461 const namedGroupDef * |
447 ssl_GetECGroupForServerSocket(sslSocket *ss) | 462 ssl_GetECGroupForServerSocket(sslSocket *ss) |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
479 return NULL; | 494 return NULL; |
480 } | 495 } |
481 bulkCipher = ssl_GetBulkCipherDef(ss->ssl3.hs.suite_def); | 496 bulkCipher = ssl_GetBulkCipherDef(ss->ssl3.hs.suite_def); |
482 requiredECCbits = bulkCipher->key_size * BPB * 2; | 497 requiredECCbits = bulkCipher->key_size * BPB * 2; |
483 PORT_Assert(requiredECCbits || | 498 PORT_Assert(requiredECCbits || |
484 ss->ssl3.hs.suite_def->bulk_cipher_alg == cipher_null); | 499 ss->ssl3.hs.suite_def->bulk_cipher_alg == cipher_null); |
485 if (requiredECCbits > certKeySize) { | 500 if (requiredECCbits > certKeySize) { |
486 requiredECCbits = certKeySize; | 501 requiredECCbits = certKeySize; |
487 } | 502 } |
488 | 503 |
489 return ssl_GetECGroupWithStrength(ss->namedGroups, requiredECCbits); | 504 return ssl_GetECGroupWithStrength(ss, ss->namedGroups, requiredECCbits); |
490 } | 505 } |
491 | 506 |
492 /* function to clear out the lists */ | 507 /* function to clear out the lists */ |
493 static SECStatus | 508 static SECStatus |
494 ssl_ShutdownECDHECurves(void *appData, void *nssData) | 509 ssl_ShutdownECDHECurves(void *appData, void *nssData) |
495 { | 510 { |
496 int i; | 511 int i; |
497 | 512 |
498 for (i = 0; i < PR_ARRAY_SIZE(gECDHEKeyPairs); i++) { | 513 for (i = 0; i < PR_ARRAY_SIZE(gECDHEKeyPairs); i++) { |
499 if (gECDHEKeyPairs[i].pair) { | 514 if (gECDHEKeyPairs[i].pair) { |
(...skipping 527 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1027 /* Send our Supported Groups extension. */ | 1042 /* Send our Supported Groups extension. */ |
1028 PRInt32 | 1043 PRInt32 |
1029 ssl_SendSupportedGroupsXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes) | 1044 ssl_SendSupportedGroupsXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes) |
1030 { | 1045 { |
1031 PRInt32 extension_length; | 1046 PRInt32 extension_length; |
1032 unsigned char enabledGroups[64]; | 1047 unsigned char enabledGroups[64]; |
1033 unsigned int enabledGroupsLen = 0; | 1048 unsigned int enabledGroupsLen = 0; |
1034 unsigned int i; | 1049 unsigned int i; |
1035 PRBool ec; | 1050 PRBool ec; |
1036 PRBool ff = PR_FALSE; | 1051 PRBool ff = PR_FALSE; |
1052 unsigned int groupCount; | |
1037 | 1053 |
1038 if (!ss) | 1054 if (!ss) |
1039 return 0; | 1055 return 0; |
1040 | 1056 |
1041 ec = ssl_IsECCEnabled(ss); | 1057 ec = ssl_IsECCEnabled(ss); |
1042 /* We only send FF supported groups if we require DH named groups or if TLS | 1058 /* We only send FF supported groups if we require DH named groups or if TLS |
1043 * 1.3 is a possibility. */ | 1059 * 1.3 is a possibility. */ |
1044 if (ss->opt.requireDHENamedGroups || | 1060 if (ss->opt.requireDHENamedGroups || |
1045 ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3) { | 1061 ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3) { |
1046 ff = ssl_IsDHEEnabled(ss); | 1062 ff = ssl_IsDHEEnabled(ss); |
1047 } | 1063 } |
1048 if (!ec && !ff) { | 1064 if (!ec && !ff) { |
1049 return 0; | 1065 return 0; |
1050 } | 1066 } |
1051 | 1067 |
1052 PORT_Assert(sizeof(enabledGroups) > ssl_named_group_count * 2); | 1068 /* If a custom list of named groups is configured, use that. */ |
1053 for (i = 0; i < ssl_named_group_count; ++i) { | 1069 if (ss->numConfiguredGroups && ss->namedGroupsConfig) { |
1054 if (ssl_named_groups[i].type == group_type_ec && !ec) { | 1070 groupCount = ss->numConfiguredGroups; |
1071 // groups = ss->namedGroupsConfig; | |
1072 } else { | |
1073 groupCount = ssl_named_group_count; | |
1074 // groups = ssl_named_groups; | |
1075 } | |
1076 | |
1077 PORT_Assert(sizeof(enabledGroups) > groupCount * 2); | |
1078 for (i = 0; i < groupCount; ++i) { | |
1079 const namedGroupDef *group = NULL; | |
1080 if (ss->numConfiguredGroups && ss->namedGroupsConfig) { | |
1081 group = ss->namedGroupsConfig[i]; | |
1082 } else { | |
1083 group = &ssl_named_groups[i]; | |
1084 } | |
1085 PORT_Assert(group); | |
1086 if (group->type == group_type_ec && !ec) { | |
1055 continue; | 1087 continue; |
1056 } | 1088 } |
1057 if (ssl_named_groups[i].type == group_type_ff && !ff) { | 1089 if (group->type == group_type_ff && !ff) { |
1058 continue; | 1090 continue; |
1059 } | 1091 } |
1060 if (!ssl_NamedGroupEnabled(ss, &ssl_named_groups[i])) { | 1092 if (!ssl_NamedGroupEnabled(ss, group)) { |
1061 continue; | 1093 continue; |
1062 } | 1094 } |
1063 | 1095 |
1064 if (append) { | 1096 if (append) { |
1065 enabledGroups[enabledGroupsLen++] = ssl_named_groups[i].name >> 8; | 1097 enabledGroups[enabledGroupsLen++] = group->name >> 8; |
1066 enabledGroups[enabledGroupsLen++] = ssl_named_groups[i].name & 0xff; | 1098 enabledGroups[enabledGroupsLen++] = group->name & 0xff; |
1067 } else { | 1099 } else { |
1068 enabledGroupsLen += 2; | 1100 enabledGroupsLen += 2; |
1069 } | 1101 } |
1070 } | 1102 } |
1071 | 1103 |
1072 extension_length = | 1104 extension_length = |
1073 2 /* extension type */ + | 1105 2 /* extension type */ + |
1074 2 /* extension length */ + | 1106 2 /* extension length */ + |
1075 2 /* enabled groups length */ + | 1107 2 /* enabled groups length */ + |
1076 enabledGroupsLen; | 1108 enabledGroupsLen; |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1240 if (rv != SECSuccess) { | 1272 if (rv != SECSuccess) { |
1241 return SECFailure; /* error already set. */ | 1273 return SECFailure; /* error already set. */ |
1242 } | 1274 } |
1243 } | 1275 } |
1244 | 1276 |
1245 /* Remember that we negotiated this extension. */ | 1277 /* Remember that we negotiated this extension. */ |
1246 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; | 1278 ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type; |
1247 | 1279 |
1248 return SECSuccess; | 1280 return SECSuccess; |
1249 } | 1281 } |
OLD | NEW |