зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1144055
- Upgrade Firefox 39 to use NSS 3.19, land NSS_3_19_BETA2, r=nss-confcall
This commit is contained in:
Родитель
864a4ea2e6
Коммит
c2568b80a0
|
@ -1 +1 @@
|
||||||
NSS_3_18_1_BETA1
|
NSS_3_19_BETA2
|
||||||
|
|
|
@ -987,10 +987,13 @@ AddNameConstraints(void *extHandle)
|
||||||
GEN_BREAK(SECFailure);
|
GEN_BREAK(SECFailure);
|
||||||
}
|
}
|
||||||
|
|
||||||
PrintChoicesAndGetAnswer("Type of Name Constraint?\n"
|
if (PrintChoicesAndGetAnswer("Type of Name Constraint?\n"
|
||||||
"\t1 - permitted\n\t2 - excluded\n\tAny"
|
"\t1 - permitted\n\t2 - excluded\n\tAny"
|
||||||
"other number to finish\n\tChoice",
|
"other number to finish\n\tChoice",
|
||||||
buffer, sizeof(buffer));
|
buffer, sizeof(buffer)) != SECSuccess) {
|
||||||
|
GEN_BREAK(SECFailure);
|
||||||
|
}
|
||||||
|
|
||||||
intValue = PORT_Atoi(buffer);
|
intValue = PORT_Atoi(buffer);
|
||||||
switch (intValue) {
|
switch (intValue) {
|
||||||
case 1:
|
case 1:
|
||||||
|
@ -1826,11 +1829,13 @@ AddInfoAccess(void *extHandle, PRBool addSIAExt, PRBool isCACert)
|
||||||
intValue = timeStamping;
|
intValue = timeStamping;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
PrintChoicesAndGetAnswer("Enter access method type "
|
if (PrintChoicesAndGetAnswer("Enter access method type "
|
||||||
"for Authority Information Access extension:\n"
|
"for Authority Information Access extension:\n"
|
||||||
"\t1 - CA Issuers\n\t2 - OCSP\n\tAny"
|
"\t1 - CA Issuers\n\t2 - OCSP\n\tAny"
|
||||||
"other number to finish\n\tChoice",
|
"other number to finish\n\tChoice",
|
||||||
buffer, sizeof(buffer));
|
buffer, sizeof(buffer)) != SECSuccess) {
|
||||||
|
GEN_BREAK (SECFailure);
|
||||||
|
}
|
||||||
intValue = PORT_Atoi(buffer);
|
intValue = PORT_Atoi(buffer);
|
||||||
}
|
}
|
||||||
if (addSIAExt) {
|
if (addSIAExt) {
|
||||||
|
|
|
@ -220,14 +220,12 @@ CERTCertificate *createEmptyCertificate(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
return c;
|
return c;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
int main(int argc, char **argv)
|
int main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
int rv, verbose=0, force=0;
|
int verbose=0, force=0;
|
||||||
int ascii=0, issuerAscii=0;
|
int ascii=0, issuerAscii=0;
|
||||||
char *progName=0;
|
char *progName=0;
|
||||||
PRFileDesc *inFile=0, *issuerCertFile=0;
|
PRFileDesc *inFile=0, *issuerCertFile=0;
|
||||||
|
@ -244,6 +242,7 @@ int main(int argc, char **argv)
|
||||||
char *inFileName = NULL, *issuerCertFileName = NULL;
|
char *inFileName = NULL, *issuerCertFileName = NULL;
|
||||||
PLOptState *optstate;
|
PLOptState *optstate;
|
||||||
PLOptStatus status;
|
PLOptStatus status;
|
||||||
|
SECStatus rv;
|
||||||
|
|
||||||
PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption));
|
PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption));
|
||||||
PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption));
|
PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption));
|
||||||
|
@ -405,17 +404,37 @@ int main(int argc, char **argv)
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
/* Check algorithms */
|
/* Check algorithms */
|
||||||
SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption,
|
rv = SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption,
|
||||||
SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL);
|
SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL);
|
||||||
|
if (rv) {
|
||||||
|
fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION.\n",
|
||||||
|
progName);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption,
|
rv = SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption,
|
||||||
SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL);
|
SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL);
|
||||||
|
if (rv) {
|
||||||
|
fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION.\n",
|
||||||
|
progName);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption,
|
rv = SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption,
|
||||||
SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL);
|
SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL);
|
||||||
|
if (rv) {
|
||||||
|
fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION.\n",
|
||||||
|
progName);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
SECOID_SetAlgorithmID(arena, &rsaEncryption,
|
rv = SECOID_SetAlgorithmID(arena, &rsaEncryption,
|
||||||
SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
|
SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
|
||||||
|
if (rv) {
|
||||||
|
fprintf(stderr, "%s: failed to set algorithm ID for SEC_OID_PKCS1_RSA_ENCRYPTION.\n",
|
||||||
|
progName);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature,
|
int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature,
|
||||||
|
|
|
@ -120,9 +120,10 @@ typedef struct StringNode_str {
|
||||||
StringNode* StringNode_new()
|
StringNode* StringNode_new()
|
||||||
{
|
{
|
||||||
StringNode* new_this;
|
StringNode* new_this;
|
||||||
new_this = (StringNode*)malloc(sizeof(StringNode));
|
new_this = (StringNode*)PR_Malloc(sizeof(StringNode));
|
||||||
new_this->str=NULL;
|
PORT_Assert(new_this != NULL);
|
||||||
new_this->next=NULL;
|
new_this->str = NULL;
|
||||||
|
new_this->next = NULL;
|
||||||
return new_this;
|
return new_this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,4 +10,3 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#error "Do not include this header file."
|
#error "Do not include this header file."
|
||||||
|
|
||||||
|
|
|
@ -21,11 +21,11 @@ You should be able to run the unit tests manually as:
|
||||||
|
|
||||||
ssl_gtest -d ${SSLGTESTDIR}
|
ssl_gtest -d ${SSLGTESTDIR}
|
||||||
|
|
||||||
Where $SSLGTESTDIR the directory created by ./all.sh or a manually
|
Where $SSLGTESTDIR is a directory with a database containing:
|
||||||
created directory with a database containing a certificate called
|
- an RSA certificate called server (with its private key)
|
||||||
server (with its private keys)
|
- an ECDSA certificate called ecdsa (with its private key)
|
||||||
|
|
||||||
|
A directory like this is created by ./all.sh and can be found
|
||||||
|
in a directory named something like
|
||||||
|
|
||||||
There is a very trivial set of tests that demonstrate some
|
tests_results/security/${hostname}.${NUMBER}/ssl_gtests
|
||||||
of the features.
|
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,7 @@ MODULE = nss
|
||||||
CPPSRCS = \
|
CPPSRCS = \
|
||||||
ssl_loopback_unittest.cc \
|
ssl_loopback_unittest.cc \
|
||||||
ssl_extension_unittest.cc \
|
ssl_extension_unittest.cc \
|
||||||
|
ssl_skip_unittest.cc \
|
||||||
ssl_gtest.cc \
|
ssl_gtest.cc \
|
||||||
test_io.cc \
|
test_io.cc \
|
||||||
tls_agent.cc \
|
tls_agent.cc \
|
||||||
|
|
|
@ -268,8 +268,8 @@ class TlsExtensionTestBase : public TlsConnectTestBase {
|
||||||
client_->SetPacketFilter(filter);
|
client_->SetPacketFilter(filter);
|
||||||
}
|
}
|
||||||
ConnectExpectFail();
|
ConnectExpectFail();
|
||||||
ASSERT_EQ(kTlsAlertFatal, alert_recorder->level());
|
EXPECT_EQ(kTlsAlertFatal, alert_recorder->level());
|
||||||
ASSERT_EQ(alert, alert_recorder->description());
|
EXPECT_EQ(alert, alert_recorder->description());
|
||||||
}
|
}
|
||||||
|
|
||||||
void ServerHelloErrorTest(PacketFilter* filter,
|
void ServerHelloErrorTest(PacketFilter* filter,
|
||||||
|
@ -280,8 +280,8 @@ class TlsExtensionTestBase : public TlsConnectTestBase {
|
||||||
server_->SetPacketFilter(filter);
|
server_->SetPacketFilter(filter);
|
||||||
}
|
}
|
||||||
ConnectExpectFail();
|
ConnectExpectFail();
|
||||||
ASSERT_EQ(kTlsAlertFatal, alert_recorder->level());
|
EXPECT_EQ(kTlsAlertFatal, alert_recorder->level());
|
||||||
ASSERT_EQ(alert, alert_recorder->description());
|
EXPECT_EQ(alert, alert_recorder->description());
|
||||||
}
|
}
|
||||||
|
|
||||||
static void InitSimpleSni(DataBuffer* extension) {
|
static void InitSimpleSni(DataBuffer* extension) {
|
||||||
|
@ -494,7 +494,7 @@ TEST_P(TlsExtensionTest12Plus, DISABLED_SignatureAlgorithmsSigUnsupported) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedCurvesShort) {
|
TEST_P(TlsExtensionTestGeneric, SupportedCurvesShort) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x00, 0x01, 0x00 };
|
const uint8_t val[] = { 0x00, 0x01, 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
||||||
|
@ -502,7 +502,7 @@ TEST_P(TlsExtensionTestGeneric, SupportedCurvesShort) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedCurvesBadLength) {
|
TEST_P(TlsExtensionTestGeneric, SupportedCurvesBadLength) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x09, 0x99, 0x00, 0x00 };
|
const uint8_t val[] = { 0x09, 0x99, 0x00, 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
||||||
|
@ -510,7 +510,7 @@ TEST_P(TlsExtensionTestGeneric, SupportedCurvesBadLength) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedCurvesTrailingData) {
|
TEST_P(TlsExtensionTestGeneric, SupportedCurvesTrailingData) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x00, 0x02, 0x00, 0x00, 0x00 };
|
const uint8_t val[] = { 0x00, 0x02, 0x00, 0x00, 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_elliptic_curves_xtn,
|
||||||
|
@ -518,7 +518,7 @@ TEST_P(TlsExtensionTestGeneric, SupportedCurvesTrailingData) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedPointsEmpty) {
|
TEST_P(TlsExtensionTestGeneric, SupportedPointsEmpty) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x00 };
|
const uint8_t val[] = { 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
||||||
|
@ -526,7 +526,7 @@ TEST_P(TlsExtensionTestGeneric, SupportedPointsEmpty) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedPointsBadLength) {
|
TEST_P(TlsExtensionTestGeneric, SupportedPointsBadLength) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x99, 0x00, 0x00 };
|
const uint8_t val[] = { 0x99, 0x00, 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
||||||
|
@ -534,7 +534,7 @@ TEST_P(TlsExtensionTestGeneric, SupportedPointsBadLength) {
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsExtensionTestGeneric, SupportedPointsTrailingData) {
|
TEST_P(TlsExtensionTestGeneric, SupportedPointsTrailingData) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
const uint8_t val[] = { 0x01, 0x00, 0x00 };
|
const uint8_t val[] = { 0x01, 0x00, 0x00 };
|
||||||
DataBuffer extension(val, sizeof(val));
|
DataBuffer extension(val, sizeof(val));
|
||||||
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
ClientHelloErrorTest(new TlsExtensionReplacer(ssl_ec_point_formats_xtn,
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
|
|
||||||
namespace nss_test {
|
namespace nss_test {
|
||||||
|
|
||||||
class TlsServerKeyExchangeECDHE {
|
class TlsServerKeyExchangeEcdhe {
|
||||||
public:
|
public:
|
||||||
bool Parse(const DataBuffer& buffer) {
|
bool Parse(const DataBuffer& buffer) {
|
||||||
TlsParser parser(buffer);
|
TlsParser parser(buffer);
|
||||||
|
@ -44,14 +44,15 @@ TEST_P(TlsConnectGeneric, SetupOnly) {}
|
||||||
|
|
||||||
TEST_P(TlsConnectGeneric, Connect) {
|
TEST_P(TlsConnectGeneric, Connect) {
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckVersion(SSL_LIBRARY_VERSION_TLS_1_2);
|
client_->CheckVersion(std::get<1>(GetParam()));
|
||||||
|
client_->CheckAuthType(ssl_auth_rsa);
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectGeneric, ConnectResumed) {
|
TEST_P(TlsConnectGeneric, ConnectResumed) {
|
||||||
ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID);
|
ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_SESSIONID);
|
CheckResumption(RESUME_SESSIONID);
|
||||||
}
|
}
|
||||||
|
@ -59,7 +60,7 @@ TEST_P(TlsConnectGeneric, ConnectResumed) {
|
||||||
TEST_P(TlsConnectGeneric, ConnectClientCacheDisabled) {
|
TEST_P(TlsConnectGeneric, ConnectClientCacheDisabled) {
|
||||||
ConfigureSessionCache(RESUME_NONE, RESUME_SESSIONID);
|
ConfigureSessionCache(RESUME_NONE, RESUME_SESSIONID);
|
||||||
Connect();
|
Connect();
|
||||||
Reset();
|
ResetRsa();
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
}
|
}
|
||||||
|
@ -67,7 +68,7 @@ TEST_P(TlsConnectGeneric, ConnectClientCacheDisabled) {
|
||||||
TEST_P(TlsConnectGeneric, ConnectServerCacheDisabled) {
|
TEST_P(TlsConnectGeneric, ConnectServerCacheDisabled) {
|
||||||
ConfigureSessionCache(RESUME_SESSIONID, RESUME_NONE);
|
ConfigureSessionCache(RESUME_SESSIONID, RESUME_NONE);
|
||||||
Connect();
|
Connect();
|
||||||
Reset();
|
ResetRsa();
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
}
|
}
|
||||||
|
@ -75,7 +76,7 @@ TEST_P(TlsConnectGeneric, ConnectServerCacheDisabled) {
|
||||||
TEST_P(TlsConnectGeneric, ConnectSessionCacheDisabled) {
|
TEST_P(TlsConnectGeneric, ConnectSessionCacheDisabled) {
|
||||||
ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
|
ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
|
||||||
Connect();
|
Connect();
|
||||||
Reset();
|
ResetRsa();
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
}
|
}
|
||||||
|
@ -85,7 +86,7 @@ TEST_P(TlsConnectGeneric, ConnectResumeSupportBoth) {
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_TICKET);
|
CheckResumption(RESUME_TICKET);
|
||||||
|
@ -97,7 +98,7 @@ TEST_P(TlsConnectGeneric, ConnectResumeClientTicketServerBoth) {
|
||||||
ConfigureSessionCache(RESUME_TICKET, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_TICKET, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_TICKET, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_TICKET, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
|
@ -108,7 +109,7 @@ TEST_P(TlsConnectGeneric, ConnectResumeClientBothTicketServerTicket) {
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_TICKET);
|
CheckResumption(RESUME_TICKET);
|
||||||
|
@ -120,7 +121,7 @@ TEST_P(TlsConnectGeneric, ConnectClientServerTicketOnly) {
|
||||||
ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
|
ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
|
ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
|
@ -130,7 +131,7 @@ TEST_P(TlsConnectGeneric, ConnectClientBothServerNone) {
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_NONE);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_NONE);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_BOTH, RESUME_NONE);
|
ConfigureSessionCache(RESUME_BOTH, RESUME_NONE);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
|
@ -140,12 +141,32 @@ TEST_P(TlsConnectGeneric, ConnectClientNoneServerBoth) {
|
||||||
ConfigureSessionCache(RESUME_NONE, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_NONE, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
|
|
||||||
Reset();
|
ResetRsa();
|
||||||
ConfigureSessionCache(RESUME_NONE, RESUME_BOTH);
|
ConfigureSessionCache(RESUME_NONE, RESUME_BOTH);
|
||||||
Connect();
|
Connect();
|
||||||
CheckResumption(RESUME_NONE);
|
CheckResumption(RESUME_NONE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsConnectGeneric, ResumeWithHigherVersion) {
|
||||||
|
EnsureTlsSetup();
|
||||||
|
ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID);
|
||||||
|
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
|
||||||
|
SSL_LIBRARY_VERSION_TLS_1_1);
|
||||||
|
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
|
||||||
|
SSL_LIBRARY_VERSION_TLS_1_1);
|
||||||
|
Connect();
|
||||||
|
|
||||||
|
ResetRsa();
|
||||||
|
EnsureTlsSetup();
|
||||||
|
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
|
||||||
|
SSL_LIBRARY_VERSION_TLS_1_2);
|
||||||
|
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
|
||||||
|
SSL_LIBRARY_VERSION_TLS_1_2);
|
||||||
|
Connect();
|
||||||
|
CheckResumption(RESUME_NONE);
|
||||||
|
client_->CheckVersion(SSL_LIBRARY_VERSION_TLS_1_2);
|
||||||
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectGeneric, ConnectAlpn) {
|
TEST_P(TlsConnectGeneric, ConnectAlpn) {
|
||||||
EnableAlpn();
|
EnableAlpn();
|
||||||
Connect();
|
Connect();
|
||||||
|
@ -153,65 +174,72 @@ TEST_P(TlsConnectGeneric, ConnectAlpn) {
|
||||||
server_->CheckAlpn(SSL_NEXT_PROTO_NEGOTIATED, "a");
|
server_->CheckAlpn(SSL_NEXT_PROTO_NEGOTIATED, "a");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsConnectGeneric, ConnectEcdsa) {
|
||||||
|
ResetEcdsa();
|
||||||
|
Connect();
|
||||||
|
client_->CheckVersion(std::get<1>(GetParam()));
|
||||||
|
client_->CheckAuthType(ssl_auth_ecdsa);
|
||||||
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectDatagram, ConnectSrtp) {
|
TEST_P(TlsConnectDatagram, ConnectSrtp) {
|
||||||
EnableSrtp();
|
EnableSrtp();
|
||||||
Connect();
|
Connect();
|
||||||
CheckSrtp();
|
CheckSrtp();
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectStream, ConnectECDHE) {
|
TEST_P(TlsConnectStream, ConnectEcdhe) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckKEAType(ssl_kea_ecdh);
|
client_->CheckKEAType(ssl_kea_ecdh);
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectStream, ConnectECDHETwiceReuseKey) {
|
TEST_P(TlsConnectStream, ConnectEcdheTwiceReuseKey) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
TlsInspectorRecordHandshakeMessage* i1 =
|
TlsInspectorRecordHandshakeMessage* i1 =
|
||||||
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
||||||
server_->SetPacketFilter(i1);
|
server_->SetPacketFilter(i1);
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckKEAType(ssl_kea_ecdh);
|
client_->CheckKEAType(ssl_kea_ecdh);
|
||||||
TlsServerKeyExchangeECDHE dhe1;
|
TlsServerKeyExchangeEcdhe dhe1;
|
||||||
ASSERT_TRUE(dhe1.Parse(i1->buffer()));
|
EXPECT_TRUE(dhe1.Parse(i1->buffer()));
|
||||||
|
|
||||||
// Restart
|
// Restart
|
||||||
Reset();
|
ResetRsa();
|
||||||
TlsInspectorRecordHandshakeMessage* i2 =
|
TlsInspectorRecordHandshakeMessage* i2 =
|
||||||
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
||||||
server_->SetPacketFilter(i2);
|
server_->SetPacketFilter(i2);
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
|
ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckKEAType(ssl_kea_ecdh);
|
client_->CheckKEAType(ssl_kea_ecdh);
|
||||||
|
|
||||||
TlsServerKeyExchangeECDHE dhe2;
|
TlsServerKeyExchangeEcdhe dhe2;
|
||||||
ASSERT_TRUE(dhe2.Parse(i2->buffer()));
|
EXPECT_TRUE(dhe2.Parse(i2->buffer()));
|
||||||
|
|
||||||
// Make sure they are the same.
|
// Make sure they are the same.
|
||||||
ASSERT_EQ(dhe1.public_key_.len(), dhe2.public_key_.len());
|
EXPECT_EQ(dhe1.public_key_.len(), dhe2.public_key_.len());
|
||||||
ASSERT_TRUE(!memcmp(dhe1.public_key_.data(), dhe2.public_key_.data(),
|
EXPECT_TRUE(!memcmp(dhe1.public_key_.data(), dhe2.public_key_.data(),
|
||||||
dhe1.public_key_.len()));
|
dhe1.public_key_.len()));
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_P(TlsConnectStream, ConnectECDHETwiceNewKey) {
|
TEST_P(TlsConnectStream, ConnectEcdheTwiceNewKey) {
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
SECStatus rv =
|
SECStatus rv =
|
||||||
SSL_OptionSet(server_->ssl_fd(), SSL_REUSE_SERVER_ECDHE_KEY, PR_FALSE);
|
SSL_OptionSet(server_->ssl_fd(), SSL_REUSE_SERVER_ECDHE_KEY, PR_FALSE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
TlsInspectorRecordHandshakeMessage* i1 =
|
TlsInspectorRecordHandshakeMessage* i1 =
|
||||||
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
||||||
server_->SetPacketFilter(i1);
|
server_->SetPacketFilter(i1);
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckKEAType(ssl_kea_ecdh);
|
client_->CheckKEAType(ssl_kea_ecdh);
|
||||||
TlsServerKeyExchangeECDHE dhe1;
|
TlsServerKeyExchangeEcdhe dhe1;
|
||||||
ASSERT_TRUE(dhe1.Parse(i1->buffer()));
|
EXPECT_TRUE(dhe1.Parse(i1->buffer()));
|
||||||
|
|
||||||
// Restart
|
// Restart
|
||||||
Reset();
|
ResetRsa();
|
||||||
EnableSomeECDHECiphers();
|
EnableSomeEcdheCiphers();
|
||||||
rv = SSL_OptionSet(server_->ssl_fd(), SSL_REUSE_SERVER_ECDHE_KEY, PR_FALSE);
|
rv = SSL_OptionSet(server_->ssl_fd(), SSL_REUSE_SERVER_ECDHE_KEY, PR_FALSE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
TlsInspectorRecordHandshakeMessage* i2 =
|
TlsInspectorRecordHandshakeMessage* i2 =
|
||||||
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
new TlsInspectorRecordHandshakeMessage(kTlsHandshakeServerKeyExchange);
|
||||||
server_->SetPacketFilter(i2);
|
server_->SetPacketFilter(i2);
|
||||||
|
@ -219,11 +247,11 @@ TEST_P(TlsConnectStream, ConnectECDHETwiceNewKey) {
|
||||||
Connect();
|
Connect();
|
||||||
client_->CheckKEAType(ssl_kea_ecdh);
|
client_->CheckKEAType(ssl_kea_ecdh);
|
||||||
|
|
||||||
TlsServerKeyExchangeECDHE dhe2;
|
TlsServerKeyExchangeEcdhe dhe2;
|
||||||
ASSERT_TRUE(dhe2.Parse(i2->buffer()));
|
EXPECT_TRUE(dhe2.Parse(i2->buffer()));
|
||||||
|
|
||||||
// Make sure they are different.
|
// Make sure they are different.
|
||||||
ASSERT_FALSE((dhe1.public_key_.len() == dhe2.public_key_.len()) &&
|
EXPECT_FALSE((dhe1.public_key_.len() == dhe2.public_key_.len()) &&
|
||||||
(!memcmp(dhe1.public_key_.data(), dhe2.public_key_.data(),
|
(!memcmp(dhe1.public_key_.data(), dhe2.public_key_.data(),
|
||||||
dhe1.public_key_.len())));
|
dhe1.public_key_.len())));
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,167 @@
|
||||||
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||||
|
/* vim: set ts=2 et sw=2 tw=80: */
|
||||||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||||
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
#include "sslerr.h"
|
||||||
|
|
||||||
|
#include "tls_parser.h"
|
||||||
|
#include "tls_filter.h"
|
||||||
|
#include "tls_connect.h"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The tests in this file test that the TLS state machine is robust against
|
||||||
|
* attacks that alter the order of handshake messages.
|
||||||
|
*
|
||||||
|
* See <https://www.smacktls.com/smack.pdf> for a description of the problems
|
||||||
|
* that this sort of attack can enable.
|
||||||
|
*/
|
||||||
|
namespace nss_test {
|
||||||
|
|
||||||
|
class TlsHandshakeSkipFilter : public TlsRecordFilter {
|
||||||
|
public:
|
||||||
|
// A TLS record filter that skips handshake messages of the identified type.
|
||||||
|
TlsHandshakeSkipFilter(uint8_t handshake_type)
|
||||||
|
: handshake_type_(handshake_type),
|
||||||
|
skipped_(false) {}
|
||||||
|
|
||||||
|
protected:
|
||||||
|
// Takes a record; if it is a handshake record, it removes the first handshake
|
||||||
|
// message that is of handshake_type_ type.
|
||||||
|
virtual bool FilterRecord(uint8_t content_type, uint16_t version,
|
||||||
|
const DataBuffer& input, DataBuffer* output) {
|
||||||
|
if (content_type != kTlsHandshakeType) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t output_offset = 0U;
|
||||||
|
output->Allocate(input.len());
|
||||||
|
|
||||||
|
TlsParser parser(input);
|
||||||
|
while (parser.remaining()) {
|
||||||
|
size_t start = parser.consumed();
|
||||||
|
uint8_t handshake_type;
|
||||||
|
if (!parser.Read(&handshake_type)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
uint32_t length;
|
||||||
|
if (!TlsHandshakeFilter::ReadLength(&parser, version, &length)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!parser.Skip(length)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (skipped_ || handshake_type != handshake_type_) {
|
||||||
|
size_t entire_length = parser.consumed() - start;
|
||||||
|
output->Write(output_offset, input.data() + start,
|
||||||
|
entire_length);
|
||||||
|
// DTLS sequence numbers need to be rewritten
|
||||||
|
if (skipped_ && IsDtls(version)) {
|
||||||
|
output->data()[start + 5] -= 1;
|
||||||
|
}
|
||||||
|
output_offset += entire_length;
|
||||||
|
} else {
|
||||||
|
std::cerr << "Dropping handshake: "
|
||||||
|
<< static_cast<unsigned>(handshake_type_) << std::endl;
|
||||||
|
// We only need to report that the output contains changed data if we
|
||||||
|
// drop a handshake message. But once we've skipped one message, we
|
||||||
|
// have to modify all subsequent handshake messages so that they include
|
||||||
|
// the correct DTLS sequence numbers.
|
||||||
|
skipped_ = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
output->Truncate(output_offset);
|
||||||
|
return skipped_;
|
||||||
|
}
|
||||||
|
|
||||||
|
private:
|
||||||
|
// The type of handshake message to drop.
|
||||||
|
uint8_t handshake_type_;
|
||||||
|
// Whether this filter has ever skipped a handshake message. Track this so
|
||||||
|
// that sequence numbers on DTLS handshake messages can be rewritten in
|
||||||
|
// subsequent calls.
|
||||||
|
bool skipped_;
|
||||||
|
};
|
||||||
|
|
||||||
|
class TlsSkipTest
|
||||||
|
: public TlsConnectTestBase,
|
||||||
|
public ::testing::WithParamInterface<std::tuple<std::string, uint16_t>> {
|
||||||
|
|
||||||
|
protected:
|
||||||
|
TlsSkipTest()
|
||||||
|
: TlsConnectTestBase(TlsConnectTestBase::ToMode(std::get<0>(GetParam())),
|
||||||
|
std::get<1>(GetParam())) {}
|
||||||
|
|
||||||
|
void ServerSkipTest(PacketFilter* filter,
|
||||||
|
uint8_t alert = kTlsAlertUnexpectedMessage) {
|
||||||
|
auto alert_recorder = new TlsAlertRecorder();
|
||||||
|
client_->SetPacketFilter(alert_recorder);
|
||||||
|
if (filter) {
|
||||||
|
server_->SetPacketFilter(filter);
|
||||||
|
}
|
||||||
|
ConnectExpectFail();
|
||||||
|
EXPECT_EQ(kTlsAlertFatal, alert_recorder->level());
|
||||||
|
EXPECT_EQ(alert, alert_recorder->description());
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipCertificate) {
|
||||||
|
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipCertificateEcdhe) {
|
||||||
|
EnableSomeEcdheCiphers();
|
||||||
|
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipCertificateEcdsa) {
|
||||||
|
ResetEcdsa();
|
||||||
|
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipServerKeyExchange) {
|
||||||
|
// Have to enable some ephemeral suites, or ServerKeyExchange doesn't appear.
|
||||||
|
EnableSomeEcdheCiphers();
|
||||||
|
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeServerKeyExchange));
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipServerKeyExchangeEcdsa) {
|
||||||
|
ResetEcdsa();
|
||||||
|
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeServerKeyExchange));
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipCertAndKeyExch) {
|
||||||
|
auto chain = new ChainedPacketFilter();
|
||||||
|
chain->Add(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
|
||||||
|
chain->Add(new TlsHandshakeSkipFilter(kTlsHandshakeServerKeyExchange));
|
||||||
|
ServerSkipTest(chain);
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_P(TlsSkipTest, SkipCertAndKeyExchEcdsa) {
|
||||||
|
ResetEcdsa();
|
||||||
|
auto chain = new ChainedPacketFilter();
|
||||||
|
chain->Add(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
|
||||||
|
chain->Add(new TlsHandshakeSkipFilter(kTlsHandshakeServerKeyExchange));
|
||||||
|
ServerSkipTest(chain);
|
||||||
|
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
INSTANTIATE_TEST_CASE_P(SkipTls10, TlsSkipTest,
|
||||||
|
::testing::Combine(
|
||||||
|
TlsConnectTestBase::kTlsModesStream,
|
||||||
|
TlsConnectTestBase::kTlsV10));
|
||||||
|
INSTANTIATE_TEST_CASE_P(SkipVariants, TlsSkipTest,
|
||||||
|
::testing::Combine(
|
||||||
|
TlsConnectTestBase::kTlsModesAll,
|
||||||
|
TlsConnectTestBase::kTlsV11V12));
|
||||||
|
|
||||||
|
} // namespace nss_test
|
|
@ -42,7 +42,7 @@ bool TlsAgent::EnsureTlsSetup() {
|
||||||
EXPECT_NE(nullptr, priv);
|
EXPECT_NE(nullptr, priv);
|
||||||
if (!priv) return false; // Leak cert.
|
if (!priv) return false; // Leak cert.
|
||||||
|
|
||||||
SECStatus rv = SSL_ConfigSecureServer(ssl_fd_, cert, priv, kt_rsa);
|
SECStatus rv = SSL_ConfigSecureServer(ssl_fd_, cert, priv, kea_);
|
||||||
EXPECT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
if (rv != SECSuccess) return false; // Leak cert and key.
|
if (rv != SECSuccess) return false; // Leak cert and key.
|
||||||
|
|
||||||
|
@ -71,40 +71,42 @@ bool TlsAgent::EnsureTlsSetup() {
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::StartConnect() {
|
void TlsAgent::StartConnect() {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
rv = SSL_ResetHandshake(ssl_fd_, role_ == SERVER ? PR_TRUE : PR_FALSE);
|
rv = SSL_ResetHandshake(ssl_fd_, role_ == SERVER ? PR_TRUE : PR_FALSE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
SetState(CONNECTING);
|
SetState(CONNECTING);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::EnableSomeECDHECiphers() {
|
void TlsAgent::EnableSomeEcdheCiphers() {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
const uint32_t EnabledCiphers[] = {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
const uint32_t EcdheCiphers[] = {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA};
|
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||||
|
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA};
|
||||||
|
|
||||||
for (size_t i = 0; i < PR_ARRAY_SIZE(EnabledCiphers); ++i) {
|
for (size_t i = 0; i < PR_ARRAY_SIZE(EcdheCiphers); ++i) {
|
||||||
SECStatus rv = SSL_CipherPrefSet(ssl_fd_, EnabledCiphers[i], PR_TRUE);
|
SECStatus rv = SSL_CipherPrefSet(ssl_fd_, EcdheCiphers[i], PR_TRUE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::SetSessionTicketsEnabled(bool en) {
|
void TlsAgent::SetSessionTicketsEnabled(bool en) {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS,
|
SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS,
|
||||||
en ? PR_TRUE : PR_FALSE);
|
en ? PR_TRUE : PR_FALSE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::SetSessionCacheEnabled(bool en) {
|
void TlsAgent::SetSessionCacheEnabled(bool en) {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_NO_CACHE,
|
SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_NO_CACHE,
|
||||||
en ? PR_FALSE : PR_TRUE);
|
en ? PR_FALSE : PR_TRUE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::SetVersionRange(uint16_t minver, uint16_t maxver) {
|
void TlsAgent::SetVersionRange(uint16_t minver, uint16_t maxver) {
|
||||||
|
@ -113,25 +115,30 @@ void TlsAgent::SetVersionRange(uint16_t minver, uint16_t maxver) {
|
||||||
|
|
||||||
if (ssl_fd_) {
|
if (ssl_fd_) {
|
||||||
SECStatus rv = SSL_VersionRangeSet(ssl_fd_, &vrange_);
|
SECStatus rv = SSL_VersionRangeSet(ssl_fd_, &vrange_);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::CheckKEAType(SSLKEAType type) const {
|
void TlsAgent::CheckKEAType(SSLKEAType type) const {
|
||||||
ASSERT_EQ(CONNECTED, state_);
|
EXPECT_EQ(CONNECTED, state_);
|
||||||
ASSERT_EQ(type, csinfo_.keaType);
|
EXPECT_EQ(type, csinfo_.keaType);
|
||||||
|
}
|
||||||
|
|
||||||
|
void TlsAgent::CheckAuthType(SSLAuthType type) const {
|
||||||
|
EXPECT_EQ(CONNECTED, state_);
|
||||||
|
EXPECT_EQ(type, csinfo_.authAlgorithm);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::CheckVersion(uint16_t version) const {
|
void TlsAgent::CheckVersion(uint16_t version) const {
|
||||||
ASSERT_EQ(CONNECTED, state_);
|
EXPECT_EQ(CONNECTED, state_);
|
||||||
ASSERT_EQ(version, info_.protocolVersion);
|
EXPECT_EQ(version, info_.protocolVersion);
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::EnableAlpn(const uint8_t* val, size_t len) {
|
void TlsAgent::EnableAlpn(const uint8_t* val, size_t len) {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
ASSERT_EQ(SECSuccess, SSL_OptionSet(ssl_fd_, SSL_ENABLE_ALPN, PR_TRUE));
|
EXPECT_EQ(SECSuccess, SSL_OptionSet(ssl_fd_, SSL_ENABLE_ALPN, PR_TRUE));
|
||||||
ASSERT_EQ(SECSuccess, SSL_SetNextProtoNego(ssl_fd_, val, len));
|
EXPECT_EQ(SECSuccess, SSL_SetNextProtoNego(ssl_fd_, val, len));
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::CheckAlpn(SSLNextProtoState expected_state,
|
void TlsAgent::CheckAlpn(SSLNextProtoState expected_state,
|
||||||
|
@ -142,37 +149,41 @@ void TlsAgent::CheckAlpn(SSLNextProtoState expected_state,
|
||||||
SECStatus rv = SSL_GetNextProto(ssl_fd_, &state,
|
SECStatus rv = SSL_GetNextProto(ssl_fd_, &state,
|
||||||
reinterpret_cast<unsigned char*>(chosen),
|
reinterpret_cast<unsigned char*>(chosen),
|
||||||
&chosen_len, sizeof(chosen));
|
&chosen_len, sizeof(chosen));
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
ASSERT_EQ(expected_state, state);
|
EXPECT_EQ(expected_state, state);
|
||||||
ASSERT_EQ(expected, std::string(chosen, chosen_len));
|
EXPECT_EQ(expected, std::string(chosen, chosen_len));
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::EnableSrtp() {
|
void TlsAgent::EnableSrtp() {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
const uint16_t ciphers[] = {
|
const uint16_t ciphers[] = {
|
||||||
SRTP_AES128_CM_HMAC_SHA1_80, SRTP_AES128_CM_HMAC_SHA1_32
|
SRTP_AES128_CM_HMAC_SHA1_80, SRTP_AES128_CM_HMAC_SHA1_32
|
||||||
};
|
};
|
||||||
ASSERT_EQ(SECSuccess, SSL_SetSRTPCiphers(ssl_fd_, ciphers,
|
EXPECT_EQ(SECSuccess, SSL_SetSRTPCiphers(ssl_fd_, ciphers,
|
||||||
PR_ARRAY_SIZE(ciphers)));
|
PR_ARRAY_SIZE(ciphers)));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::CheckSrtp() {
|
void TlsAgent::CheckSrtp() {
|
||||||
uint16_t actual;
|
uint16_t actual;
|
||||||
ASSERT_EQ(SECSuccess, SSL_GetSRTPCipher(ssl_fd_, &actual));
|
EXPECT_EQ(SECSuccess, SSL_GetSRTPCipher(ssl_fd_, &actual));
|
||||||
ASSERT_EQ(SRTP_AES128_CM_HMAC_SHA1_80, actual);
|
EXPECT_EQ(SRTP_AES128_CM_HMAC_SHA1_80, actual);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void TlsAgent::CheckErrorCode(int32_t expected) const {
|
||||||
|
EXPECT_EQ(ERROR, state_);
|
||||||
|
EXPECT_EQ(expected, error_code_);
|
||||||
|
}
|
||||||
|
|
||||||
void TlsAgent::Handshake() {
|
void TlsAgent::Handshake() {
|
||||||
SECStatus rv = SSL_ForceHandshake(ssl_fd_);
|
SECStatus rv = SSL_ForceHandshake(ssl_fd_);
|
||||||
if (rv == SECSuccess) {
|
if (rv == SECSuccess) {
|
||||||
LOG("Handshake success");
|
LOG("Handshake success");
|
||||||
SECStatus rv = SSL_GetChannelInfo(ssl_fd_, &info_, sizeof(info_));
|
SECStatus rv = SSL_GetChannelInfo(ssl_fd_, &info_, sizeof(info_));
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
|
|
||||||
rv = SSL_GetCipherSuiteInfo(info_.cipherSuite, &csinfo_, sizeof(csinfo_));
|
rv = SSL_GetCipherSuiteInfo(info_.cipherSuite, &csinfo_, sizeof(csinfo_));
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
|
|
||||||
SetState(CONNECTED);
|
SetState(CONNECTED);
|
||||||
return;
|
return;
|
||||||
|
@ -192,25 +203,26 @@ void TlsAgent::Handshake() {
|
||||||
case SSL_ERROR_RX_MALFORMED_HANDSHAKE:
|
case SSL_ERROR_RX_MALFORMED_HANDSHAKE:
|
||||||
default:
|
default:
|
||||||
LOG("Handshake failed with error " << err);
|
LOG("Handshake failed with error " << err);
|
||||||
|
error_code_ = err;
|
||||||
SetState(ERROR);
|
SetState(ERROR);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsAgent::ConfigureSessionCache(SessionResumptionMode mode) {
|
void TlsAgent::ConfigureSessionCache(SessionResumptionMode mode) {
|
||||||
ASSERT_TRUE(EnsureTlsSetup());
|
EXPECT_TRUE(EnsureTlsSetup());
|
||||||
|
|
||||||
SECStatus rv = SSL_OptionSet(ssl_fd_,
|
SECStatus rv = SSL_OptionSet(ssl_fd_,
|
||||||
SSL_NO_CACHE,
|
SSL_NO_CACHE,
|
||||||
mode & RESUME_SESSIONID ?
|
mode & RESUME_SESSIONID ?
|
||||||
PR_FALSE : PR_TRUE);
|
PR_FALSE : PR_TRUE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
|
|
||||||
rv = SSL_OptionSet(ssl_fd_,
|
rv = SSL_OptionSet(ssl_fd_,
|
||||||
SSL_ENABLE_SESSION_TICKETS,
|
SSL_ENABLE_SESSION_TICKETS,
|
||||||
mode & RESUME_TICKET ?
|
mode & RESUME_TICKET ?
|
||||||
PR_TRUE : PR_FALSE);
|
PR_TRUE : PR_FALSE);
|
||||||
ASSERT_EQ(SECSuccess, rv);
|
EXPECT_EQ(SECSuccess, rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -33,14 +33,16 @@ class TlsAgent : public PollTarget {
|
||||||
enum Role { CLIENT, SERVER };
|
enum Role { CLIENT, SERVER };
|
||||||
enum State { INIT, CONNECTING, CONNECTED, ERROR };
|
enum State { INIT, CONNECTING, CONNECTED, ERROR };
|
||||||
|
|
||||||
TlsAgent(const std::string& name, Role role, Mode mode)
|
TlsAgent(const std::string& name, Role role, Mode mode, SSLKEAType kea)
|
||||||
: name_(name),
|
: name_(name),
|
||||||
mode_(mode),
|
mode_(mode),
|
||||||
|
kea_(kea),
|
||||||
pr_fd_(nullptr),
|
pr_fd_(nullptr),
|
||||||
adapter_(nullptr),
|
adapter_(nullptr),
|
||||||
ssl_fd_(nullptr),
|
ssl_fd_(nullptr),
|
||||||
role_(role),
|
role_(role),
|
||||||
state_(INIT) {
|
state_(INIT),
|
||||||
|
error_code_(0) {
|
||||||
memset(&info_, 0, sizeof(info_));
|
memset(&info_, 0, sizeof(info_));
|
||||||
memset(&csinfo_, 0, sizeof(csinfo_));
|
memset(&csinfo_, 0, sizeof(csinfo_));
|
||||||
SECStatus rv = SSL_VersionRangeGetDefault(mode_ == STREAM ?
|
SECStatus rv = SSL_VersionRangeGetDefault(mode_ == STREAM ?
|
||||||
|
@ -78,10 +80,11 @@ class TlsAgent : public PollTarget {
|
||||||
|
|
||||||
void StartConnect();
|
void StartConnect();
|
||||||
void CheckKEAType(SSLKEAType type) const;
|
void CheckKEAType(SSLKEAType type) const;
|
||||||
|
void CheckAuthType(SSLAuthType type) const;
|
||||||
void CheckVersion(uint16_t version) const;
|
void CheckVersion(uint16_t version) const;
|
||||||
|
|
||||||
void Handshake();
|
void Handshake();
|
||||||
void EnableSomeECDHECiphers();
|
void EnableSomeEcdheCiphers();
|
||||||
bool EnsureTlsSetup();
|
bool EnsureTlsSetup();
|
||||||
|
|
||||||
void ConfigureSessionCache(SessionResumptionMode mode);
|
void ConfigureSessionCache(SessionResumptionMode mode);
|
||||||
|
@ -93,6 +96,7 @@ class TlsAgent : public PollTarget {
|
||||||
const std::string& expected);
|
const std::string& expected);
|
||||||
void EnableSrtp();
|
void EnableSrtp();
|
||||||
void CheckSrtp();
|
void CheckSrtp();
|
||||||
|
void CheckErrorCode(int32_t expected) const;
|
||||||
|
|
||||||
State state() const { return state_; }
|
State state() const { return state_; }
|
||||||
|
|
||||||
|
@ -172,6 +176,7 @@ class TlsAgent : public PollTarget {
|
||||||
|
|
||||||
const std::string name_;
|
const std::string name_;
|
||||||
Mode mode_;
|
Mode mode_;
|
||||||
|
SSLKEAType kea_;
|
||||||
PRFileDesc* pr_fd_;
|
PRFileDesc* pr_fd_;
|
||||||
DummyPrSocket* adapter_;
|
DummyPrSocket* adapter_;
|
||||||
PRFileDesc* ssl_fd_;
|
PRFileDesc* ssl_fd_;
|
||||||
|
@ -180,6 +185,7 @@ class TlsAgent : public PollTarget {
|
||||||
SSLChannelInfo info_;
|
SSLChannelInfo info_;
|
||||||
SSLCipherSuiteInfo csinfo_;
|
SSLCipherSuiteInfo csinfo_;
|
||||||
SSLVersionRange vrange_;
|
SSLVersionRange vrange_;
|
||||||
|
int32_t error_code_;
|
||||||
};
|
};
|
||||||
|
|
||||||
} // namespace nss_test
|
} // namespace nss_test
|
||||||
|
|
|
@ -52,8 +52,8 @@ static std::string VersionString(uint16_t version) {
|
||||||
|
|
||||||
TlsConnectTestBase::TlsConnectTestBase(Mode mode, uint16_t version)
|
TlsConnectTestBase::TlsConnectTestBase(Mode mode, uint16_t version)
|
||||||
: mode_(mode),
|
: mode_(mode),
|
||||||
client_(new TlsAgent("client", TlsAgent::CLIENT, mode_)),
|
client_(new TlsAgent("client", TlsAgent::CLIENT, mode_, ssl_kea_rsa)),
|
||||||
server_(new TlsAgent("server", TlsAgent::SERVER, mode_)),
|
server_(new TlsAgent("server", TlsAgent::SERVER, mode_, ssl_kea_rsa)),
|
||||||
version_(version),
|
version_(version),
|
||||||
session_ids_() {
|
session_ids_() {
|
||||||
std::cerr << "Version: " << mode_ << " " << VersionString(version_) << std::endl;
|
std::cerr << "Version: " << mode_ << " " << VersionString(version_) << std::endl;
|
||||||
|
@ -84,8 +84,8 @@ void TlsConnectTestBase::TearDown() {
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::Init() {
|
void TlsConnectTestBase::Init() {
|
||||||
ASSERT_TRUE(client_->Init());
|
EXPECT_TRUE(client_->Init());
|
||||||
ASSERT_TRUE(server_->Init());
|
EXPECT_TRUE(server_->Init());
|
||||||
|
|
||||||
client_->SetPeer(server_);
|
client_->SetPeer(server_);
|
||||||
server_->SetPeer(client_);
|
server_->SetPeer(client_);
|
||||||
|
@ -96,19 +96,28 @@ void TlsConnectTestBase::Init() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::Reset() {
|
void TlsConnectTestBase::Reset(const std::string& server_name, SSLKEAType kea) {
|
||||||
delete client_;
|
delete client_;
|
||||||
delete server_;
|
delete server_;
|
||||||
|
|
||||||
client_ = new TlsAgent("client", TlsAgent::CLIENT, mode_);
|
client_ = new TlsAgent("client", TlsAgent::CLIENT, mode_, kea);
|
||||||
server_ = new TlsAgent("server", TlsAgent::SERVER, mode_);
|
server_ = new TlsAgent(server_name, TlsAgent::SERVER, mode_, kea);
|
||||||
|
|
||||||
Init();
|
Init();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void TlsConnectTestBase::ResetRsa() {
|
||||||
|
Reset("server", ssl_kea_rsa);
|
||||||
|
}
|
||||||
|
|
||||||
|
void TlsConnectTestBase::ResetEcdsa() {
|
||||||
|
Reset("ecdsa", ssl_kea_ecdh);
|
||||||
|
EnableSomeEcdheCiphers();
|
||||||
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::EnsureTlsSetup() {
|
void TlsConnectTestBase::EnsureTlsSetup() {
|
||||||
ASSERT_TRUE(client_->EnsureTlsSetup());
|
EXPECT_TRUE(client_->EnsureTlsSetup());
|
||||||
ASSERT_TRUE(server_->EnsureTlsSetup());
|
EXPECT_TRUE(server_->EnsureTlsSetup());
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::Handshake() {
|
void TlsConnectTestBase::Handshake() {
|
||||||
|
@ -127,20 +136,20 @@ void TlsConnectTestBase::Connect() {
|
||||||
Handshake();
|
Handshake();
|
||||||
|
|
||||||
// Check the version is as expected
|
// Check the version is as expected
|
||||||
ASSERT_EQ(client_->version(), server_->version());
|
EXPECT_EQ(client_->version(), server_->version());
|
||||||
ASSERT_EQ(std::min(client_->max_version(),
|
EXPECT_EQ(std::min(client_->max_version(),
|
||||||
server_->max_version()),
|
server_->max_version()),
|
||||||
client_->version());
|
client_->version());
|
||||||
|
|
||||||
ASSERT_EQ(TlsAgent::CONNECTED, client_->state());
|
EXPECT_EQ(TlsAgent::CONNECTED, client_->state());
|
||||||
ASSERT_EQ(TlsAgent::CONNECTED, server_->state());
|
EXPECT_EQ(TlsAgent::CONNECTED, server_->state());
|
||||||
|
|
||||||
int16_t cipher_suite1, cipher_suite2;
|
int16_t cipher_suite1, cipher_suite2;
|
||||||
bool ret = client_->cipher_suite(&cipher_suite1);
|
bool ret = client_->cipher_suite(&cipher_suite1);
|
||||||
ASSERT_TRUE(ret);
|
EXPECT_TRUE(ret);
|
||||||
ret = server_->cipher_suite(&cipher_suite2);
|
ret = server_->cipher_suite(&cipher_suite2);
|
||||||
ASSERT_TRUE(ret);
|
EXPECT_TRUE(ret);
|
||||||
ASSERT_EQ(cipher_suite1, cipher_suite2);
|
EXPECT_EQ(cipher_suite1, cipher_suite2);
|
||||||
|
|
||||||
std::cerr << "Connected with version " << client_->version()
|
std::cerr << "Connected with version " << client_->version()
|
||||||
<< " cipher suite " << client_->cipher_suite_name()
|
<< " cipher suite " << client_->cipher_suite_name()
|
||||||
|
@ -148,10 +157,10 @@ void TlsConnectTestBase::Connect() {
|
||||||
|
|
||||||
// Check and store session ids.
|
// Check and store session ids.
|
||||||
std::vector<uint8_t> sid_c1 = client_->session_id();
|
std::vector<uint8_t> sid_c1 = client_->session_id();
|
||||||
ASSERT_EQ(32U, sid_c1.size());
|
EXPECT_EQ(32U, sid_c1.size());
|
||||||
std::vector<uint8_t> sid_s1 = server_->session_id();
|
std::vector<uint8_t> sid_s1 = server_->session_id();
|
||||||
ASSERT_EQ(32U, sid_s1.size());
|
EXPECT_EQ(32U, sid_s1.size());
|
||||||
ASSERT_EQ(sid_c1, sid_s1);
|
EXPECT_EQ(sid_c1, sid_s1);
|
||||||
session_ids_.push_back(sid_c1);
|
session_ids_.push_back(sid_c1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -162,9 +171,9 @@ void TlsConnectTestBase::ConnectExpectFail() {
|
||||||
ASSERT_EQ(TlsAgent::ERROR, server_->state());
|
ASSERT_EQ(TlsAgent::ERROR, server_->state());
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::EnableSomeECDHECiphers() {
|
void TlsConnectTestBase::EnableSomeEcdheCiphers() {
|
||||||
client_->EnableSomeECDHECiphers();
|
client_->EnableSomeEcdheCiphers();
|
||||||
server_->EnableSomeECDHECiphers();
|
server_->EnableSomeEcdheCiphers();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -175,22 +184,22 @@ void TlsConnectTestBase::ConfigureSessionCache(SessionResumptionMode client,
|
||||||
}
|
}
|
||||||
|
|
||||||
void TlsConnectTestBase::CheckResumption(SessionResumptionMode expected) {
|
void TlsConnectTestBase::CheckResumption(SessionResumptionMode expected) {
|
||||||
ASSERT_NE(RESUME_BOTH, expected);
|
EXPECT_NE(RESUME_BOTH, expected);
|
||||||
|
|
||||||
int resume_ct = expected ? 1 : 0;
|
int resume_ct = expected ? 1 : 0;
|
||||||
int stateless_ct = (expected & RESUME_TICKET) ? 1 : 0;
|
int stateless_ct = (expected & RESUME_TICKET) ? 1 : 0;
|
||||||
|
|
||||||
SSL3Statistics* stats = SSL_GetStatistics();
|
SSL3Statistics* stats = SSL_GetStatistics();
|
||||||
ASSERT_EQ(resume_ct, stats->hch_sid_cache_hits);
|
EXPECT_EQ(resume_ct, stats->hch_sid_cache_hits);
|
||||||
ASSERT_EQ(resume_ct, stats->hsh_sid_cache_hits);
|
EXPECT_EQ(resume_ct, stats->hsh_sid_cache_hits);
|
||||||
|
|
||||||
ASSERT_EQ(stateless_ct, stats->hch_sid_stateless_resumes);
|
EXPECT_EQ(stateless_ct, stats->hch_sid_stateless_resumes);
|
||||||
ASSERT_EQ(stateless_ct, stats->hsh_sid_stateless_resumes);
|
EXPECT_EQ(stateless_ct, stats->hsh_sid_stateless_resumes);
|
||||||
|
|
||||||
if (resume_ct) {
|
if (resume_ct) {
|
||||||
// Check that the last two session ids match.
|
// Check that the last two session ids match.
|
||||||
ASSERT_GE(2U, session_ids_.size());
|
EXPECT_GE(2U, session_ids_.size());
|
||||||
ASSERT_EQ(session_ids_[session_ids_.size()-1],
|
EXPECT_EQ(session_ids_[session_ids_.size()-1],
|
||||||
session_ids_[session_ids_.size()-2]);
|
session_ids_[session_ids_.size()-2]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,8 +39,11 @@ class TlsConnectTestBase : public ::testing::Test {
|
||||||
|
|
||||||
// Initialize client and server.
|
// Initialize client and server.
|
||||||
void Init();
|
void Init();
|
||||||
// Re-initialize client and server.
|
// Re-initialize client and server with the default RSA cert.
|
||||||
void Reset();
|
void ResetRsa();
|
||||||
|
// Re-initialize client and server with an ECDSA cert on the server
|
||||||
|
// and some ECDHE suites.
|
||||||
|
void ResetEcdsa();
|
||||||
// Make sure TLS is configured for a connection.
|
// Make sure TLS is configured for a connection.
|
||||||
void EnsureTlsSetup();
|
void EnsureTlsSetup();
|
||||||
|
|
||||||
|
@ -51,7 +54,7 @@ class TlsConnectTestBase : public ::testing::Test {
|
||||||
// Connect and expect it to fail.
|
// Connect and expect it to fail.
|
||||||
void ConnectExpectFail();
|
void ConnectExpectFail();
|
||||||
|
|
||||||
void EnableSomeECDHECiphers();
|
void EnableSomeEcdheCiphers();
|
||||||
void ConfigureSessionCache(SessionResumptionMode client,
|
void ConfigureSessionCache(SessionResumptionMode client,
|
||||||
SessionResumptionMode server);
|
SessionResumptionMode server);
|
||||||
void CheckResumption(SessionResumptionMode expected);
|
void CheckResumption(SessionResumptionMode expected);
|
||||||
|
@ -65,6 +68,9 @@ class TlsConnectTestBase : public ::testing::Test {
|
||||||
TlsAgent* server_;
|
TlsAgent* server_;
|
||||||
uint16_t version_;
|
uint16_t version_;
|
||||||
std::vector<std::vector<uint8_t>> session_ids_;
|
std::vector<std::vector<uint8_t>> session_ids_;
|
||||||
|
|
||||||
|
private:
|
||||||
|
void Reset(const std::string& server_name, SSLKEAType kea);
|
||||||
};
|
};
|
||||||
|
|
||||||
// A TLS-only test base.
|
// A TLS-only test base.
|
||||||
|
|
|
@ -67,7 +67,7 @@ size_t TlsRecordFilter::ApplyFilter(uint8_t content_type, uint16_t version,
|
||||||
filtered.len() < 0x10000) {
|
filtered.len() < 0x10000) {
|
||||||
*changed = true;
|
*changed = true;
|
||||||
std::cerr << "record old: " << record << std::endl;
|
std::cerr << "record old: " << record << std::endl;
|
||||||
std::cerr << "record old: " << filtered << std::endl;
|
std::cerr << "record new: " << filtered << std::endl;
|
||||||
source = &filtered;
|
source = &filtered;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -96,11 +96,7 @@ bool TlsHandshakeFilter::FilterRecord(uint8_t content_type, uint16_t version,
|
||||||
return false; // malformed
|
return false; // malformed
|
||||||
}
|
}
|
||||||
uint32_t length;
|
uint32_t length;
|
||||||
if (!parser.Read(&length, 3)) {
|
if (!ReadLength(&parser, version, &length)) {
|
||||||
return false; // malformed
|
|
||||||
}
|
|
||||||
|
|
||||||
if (IsDtls(version) && !CheckDtls(parser, length)) {
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -125,24 +121,32 @@ bool TlsHandshakeFilter::FilterRecord(uint8_t content_type, uint16_t version,
|
||||||
return changed;
|
return changed;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool TlsHandshakeFilter::CheckDtls(TlsParser& parser, size_t length) {
|
bool TlsHandshakeFilter::ReadLength(TlsParser* parser, uint16_t version, uint32_t *length) {
|
||||||
|
if (!parser->Read(length, 3)) {
|
||||||
|
return false; // malformed
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!IsDtls(version)) {
|
||||||
|
return true; // nothing left to do
|
||||||
|
}
|
||||||
|
|
||||||
// Read and check DTLS parameters
|
// Read and check DTLS parameters
|
||||||
if (!parser.Skip(2)) { // sequence number
|
if (!parser->Skip(2)) { // sequence number
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t fragment_offset;
|
uint32_t fragment_offset;
|
||||||
if (!parser.Read(&fragment_offset, 3)) {
|
if (!parser->Read(&fragment_offset, 3)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t fragment_length;
|
uint32_t fragment_length;
|
||||||
if (!parser.Read(&fragment_length, 3)) {
|
if (!parser->Read(&fragment_length, 3)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// All current tests where we are using this code don't fragment.
|
// All current tests where we are using this code don't fragment.
|
||||||
return (fragment_offset == 0 && fragment_length == length);
|
return (fragment_offset == 0 && fragment_length == *length);
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t TlsHandshakeFilter::ApplyFilter(
|
size_t TlsHandshakeFilter::ApplyFilter(
|
||||||
|
|
|
@ -43,6 +43,10 @@ class TlsHandshakeFilter : public TlsRecordFilter {
|
||||||
public:
|
public:
|
||||||
TlsHandshakeFilter() {}
|
TlsHandshakeFilter() {}
|
||||||
|
|
||||||
|
// Reads the length from the record header.
|
||||||
|
// This also reads the DTLS fragment information and checks it.
|
||||||
|
static bool ReadLength(TlsParser* parser, uint16_t version, uint32_t *length);
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
virtual bool FilterRecord(uint8_t content_type, uint16_t version,
|
virtual bool FilterRecord(uint8_t content_type, uint16_t version,
|
||||||
const DataBuffer& input, DataBuffer* output);
|
const DataBuffer& input, DataBuffer* output);
|
||||||
|
@ -50,7 +54,6 @@ class TlsHandshakeFilter : public TlsRecordFilter {
|
||||||
const DataBuffer& input, DataBuffer* output) = 0;
|
const DataBuffer& input, DataBuffer* output) = 0;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
bool CheckDtls(TlsParser& parser, size_t length);
|
|
||||||
size_t ApplyFilter(uint16_t version, uint8_t handshake_type,
|
size_t ApplyFilter(uint16_t version, uint8_t handshake_type,
|
||||||
const DataBuffer& record, DataBuffer* output,
|
const DataBuffer& record, DataBuffer* output,
|
||||||
size_t length_offset, size_t value_offset, bool* changed);
|
size_t length_offset, size_t value_offset, bool* changed);
|
||||||
|
|
|
@ -15,23 +15,24 @@
|
||||||
|
|
||||||
namespace nss_test {
|
namespace nss_test {
|
||||||
|
|
||||||
const uint8_t kTlsChangeCipherSpecType = 0x14;
|
const uint8_t kTlsChangeCipherSpecType = 20;
|
||||||
const uint8_t kTlsAlertType = 0x15;
|
const uint8_t kTlsAlertType = 21;
|
||||||
const uint8_t kTlsHandshakeType = 0x16;
|
const uint8_t kTlsHandshakeType = 22;
|
||||||
|
|
||||||
const uint8_t kTlsHandshakeClientHello = 0x01;
|
const uint8_t kTlsHandshakeClientHello = 1;
|
||||||
const uint8_t kTlsHandshakeServerHello = 0x02;
|
const uint8_t kTlsHandshakeServerHello = 2;
|
||||||
const uint8_t kTlsHandshakeCertificate = 0x0b;
|
const uint8_t kTlsHandshakeCertificate = 11;
|
||||||
const uint8_t kTlsHandshakeServerKeyExchange = 0x0c;
|
const uint8_t kTlsHandshakeServerKeyExchange = 12;
|
||||||
|
|
||||||
const uint8_t kTlsAlertWarning = 1;
|
const uint8_t kTlsAlertWarning = 1;
|
||||||
const uint8_t kTlsAlertFatal = 2;
|
const uint8_t kTlsAlertFatal = 2;
|
||||||
|
|
||||||
const uint8_t kTlsAlertHandshakeFailure = 0x28;
|
const uint8_t kTlsAlertUnexpectedMessage = 10;
|
||||||
const uint8_t kTlsAlertIllegalParameter = 0x2f;
|
const uint8_t kTlsAlertHandshakeFailure = 40;
|
||||||
const uint8_t kTlsAlertDecodeError = 0x32;
|
const uint8_t kTlsAlertIllegalParameter = 47;
|
||||||
const uint8_t kTlsAlertUnsupportedExtension = 0x6e;
|
const uint8_t kTlsAlertDecodeError = 50;
|
||||||
const uint8_t kTlsAlertNoApplicationProtocol = 0x78;
|
const uint8_t kTlsAlertUnsupportedExtension = 110;
|
||||||
|
const uint8_t kTlsAlertNoApplicationProtocol = 120;
|
||||||
|
|
||||||
const uint8_t kTlsFakeChangeCipherSpec[] = {
|
const uint8_t kTlsFakeChangeCipherSpec[] = {
|
||||||
kTlsChangeCipherSpecType, // Type
|
kTlsChangeCipherSpecType, // Type
|
||||||
|
|
|
@ -1172,6 +1172,20 @@ CERT_GetNextGeneralName(CERTGeneralName *current);
|
||||||
extern CERTGeneralName *
|
extern CERTGeneralName *
|
||||||
CERT_GetPrevGeneralName(CERTGeneralName *current);
|
CERT_GetPrevGeneralName(CERTGeneralName *current);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Look up name constraints for some certs that do not include name constraints
|
||||||
|
* (Most importantly, root certificates)
|
||||||
|
*
|
||||||
|
* If a matching subject is found, |extensions| will be populated with a copy of the
|
||||||
|
* DER-encoded name constraints extension. The data in |extensions| will point to
|
||||||
|
* memory that the caller owns.
|
||||||
|
*
|
||||||
|
* There is no mechanism to configure imposed name constraints right now. All
|
||||||
|
* imposed name constraints are built into NSS.
|
||||||
|
*/
|
||||||
|
SECStatus
|
||||||
|
CERT_GetImposedNameConstraints(const SECItem *derSubject, SECItem *extensions);
|
||||||
|
|
||||||
CERTNameConstraint *
|
CERTNameConstraint *
|
||||||
CERT_GetNextNameConstraint(CERTNameConstraint *current);
|
CERT_GetNextNameConstraint(CERTNameConstraint *current);
|
||||||
|
|
||||||
|
@ -1543,6 +1557,9 @@ CERT_CheckNameSpace(PLArenaPool *arena,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Extract and allocate the name constraints extension from the CA cert.
|
* Extract and allocate the name constraints extension from the CA cert.
|
||||||
|
* If the certificate contains no name constraints extension, but
|
||||||
|
* CERT_GetImposedNameConstraints returns a name constraints extension
|
||||||
|
* for the subject of the certificate, then that extension will be returned.
|
||||||
*/
|
*/
|
||||||
extern SECStatus
|
extern SECStatus
|
||||||
CERT_FindNameConstraintsExten(PLArenaPool *arena,
|
CERT_FindNameConstraintsExten(PLArenaPool *arena,
|
||||||
|
|
|
@ -186,7 +186,7 @@ struct CERTSubjectListStr {
|
||||||
struct CERTCertificateStr {
|
struct CERTCertificateStr {
|
||||||
/* the arena is used to allocate any data structures that have the same
|
/* the arena is used to allocate any data structures that have the same
|
||||||
* lifetime as the cert. This is all stuff that hangs off of the cert
|
* lifetime as the cert. This is all stuff that hangs off of the cert
|
||||||
* structure, and is all freed at the same time. I is used when the
|
* structure, and is all freed at the same time. It is used when the
|
||||||
* cert is decoded, destroyed, and at some times when it changes
|
* cert is decoded, destroyed, and at some times when it changes
|
||||||
* state
|
* state
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1556,76 +1556,98 @@ done:
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Add name constraints to certain certs that do not include name constraints
|
/*
|
||||||
* This is the core of the implementation for bug 952572.
|
* Here we define a list of name constraints to be imposed on
|
||||||
|
* certain certificates, most importantly root certificates.
|
||||||
|
*
|
||||||
|
* Each entry in the name constraints list is constructed with this
|
||||||
|
* macro. An entry contains two SECItems, which have names in
|
||||||
|
* specific forms to make the macro work:
|
||||||
|
*
|
||||||
|
* * ${CA}_SUBJECT_DN - The subject DN for which the constraints
|
||||||
|
* should be applied
|
||||||
|
* * ${CA}_NAME_CONSTRAINTS - The name constraints extension
|
||||||
|
*
|
||||||
|
* Entities subject to name constraints are identified by subject name
|
||||||
|
* so that we can cover all certificates for that entity, including, e.g.,
|
||||||
|
* cross-certificates. We use subject rather than public key because
|
||||||
|
* calling methods often have easy access to that field (vs., say, a key ID),
|
||||||
|
* and in practice, subject names and public keys are usually in one-to-one
|
||||||
|
* correspondence anyway.
|
||||||
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static SECStatus
|
#define STRING_TO_SECITEM(str) \
|
||||||
getNameExtensionsBuiltIn(CERTCertificate *cert,
|
{ siBuffer, (unsigned char*) str, sizeof(str) - 1 }
|
||||||
SECItem *extensions)
|
|
||||||
|
#define NAME_CONSTRAINTS_ENTRY(CA) \
|
||||||
|
{ \
|
||||||
|
STRING_TO_SECITEM(CA ## _SUBJECT_DN), \
|
||||||
|
STRING_TO_SECITEM(CA ## _NAME_CONSTRAINTS) \
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Agence Nationale de la Securite des Systemes d'Information (ANSSI) */
|
||||||
|
|
||||||
|
#define ANSSI_SUBJECT_DN \
|
||||||
|
"\x30\x81\x85" \
|
||||||
|
"\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02" "FR" /* C */ \
|
||||||
|
"\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x13\x06" "France" /* ST */ \
|
||||||
|
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05" "Paris" /* L */ \
|
||||||
|
"\x31\x10\x30\x0E\x06\x03\x55\x04\x0A\x13\x07" "PM/SGDN" /* O */ \
|
||||||
|
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13\x05" "DCSSI" /* OU */ \
|
||||||
|
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x03\x13\x05" "IGC/A" /* CN */ \
|
||||||
|
"\x31\x23\x30\x21\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01" \
|
||||||
|
"\x16\x14" "igca@sgdn.pm.gouv.fr" /* emailAddress */ \
|
||||||
|
|
||||||
|
#define ANSSI_NAME_CONSTRAINTS \
|
||||||
|
"\x30\x5D\xA0\x5B" \
|
||||||
|
"\x30\x05\x82\x03" ".fr" \
|
||||||
|
"\x30\x05\x82\x03" ".gp" \
|
||||||
|
"\x30\x05\x82\x03" ".gf" \
|
||||||
|
"\x30\x05\x82\x03" ".mq" \
|
||||||
|
"\x30\x05\x82\x03" ".re" \
|
||||||
|
"\x30\x05\x82\x03" ".yt" \
|
||||||
|
"\x30\x05\x82\x03" ".pm" \
|
||||||
|
"\x30\x05\x82\x03" ".bl" \
|
||||||
|
"\x30\x05\x82\x03" ".mf" \
|
||||||
|
"\x30\x05\x82\x03" ".wf" \
|
||||||
|
"\x30\x05\x82\x03" ".pf" \
|
||||||
|
"\x30\x05\x82\x03" ".nc" \
|
||||||
|
"\x30\x05\x82\x03" ".tf" \
|
||||||
|
|
||||||
|
static const SECItem builtInNameConstraints[][2] = {
|
||||||
|
NAME_CONSTRAINTS_ENTRY(ANSSI)
|
||||||
|
};
|
||||||
|
|
||||||
|
SECStatus
|
||||||
|
CERT_GetImposedNameConstraints(const SECItem *derSubject,
|
||||||
|
SECItem *extensions)
|
||||||
{
|
{
|
||||||
const char constraintFranceGov[] = "\x30\x5D" /* sequence len = 93*/
|
size_t i;
|
||||||
"\xA0\x5B" /* element len =91 */
|
|
||||||
"\x30\x05" /* sequence len 5 */
|
|
||||||
"\x82\x03" /* entry len 3 */
|
|
||||||
".fr"
|
|
||||||
"\x30\x05\x82\x03" /* sequence len5, entry len 3 */
|
|
||||||
".gp"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".gf"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".mq"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".re"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".yt"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".pm"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".bl"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".mf"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".wf"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".pf"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".nc"
|
|
||||||
"\x30\x05\x82\x03"
|
|
||||||
".tf";
|
|
||||||
|
|
||||||
/* The stringified value for the subject is:
|
if (!extensions) {
|
||||||
E=igca@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR
|
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||||
*/
|
return SECFailure;
|
||||||
const char rawANSSISubject[] = "\x30\x81\x85\x31\x0B\x30\x09\x06\x03\x55\x04"
|
}
|
||||||
"\x06\x13\x02\x46\x52\x31\x0F\x30\x0D\x06\x03"
|
|
||||||
"\x55\x04\x08\x13\x06\x46\x72\x61\x6E\x63\x65"
|
|
||||||
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05"
|
|
||||||
"\x50\x61\x72\x69\x73\x31\x10\x30\x0E\x06\x03"
|
|
||||||
"\x55\x04\x0A\x13\x07\x50\x4D\x2F\x53\x47\x44"
|
|
||||||
"\x4E\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13"
|
|
||||||
"\x05\x44\x43\x53\x53\x49\x31\x0E\x30\x0C\x06"
|
|
||||||
"\x03\x55\x04\x03\x13\x05\x49\x47\x43\x2F\x41"
|
|
||||||
"\x31\x23\x30\x21\x06\x09\x2A\x86\x48\x86\xF7"
|
|
||||||
"\x0D\x01\x09\x01\x16\x14\x69\x67\x63\x61\x40"
|
|
||||||
"\x73\x67\x64\x6E\x2E\x70\x6D\x2E\x67\x6F\x75"
|
|
||||||
"\x76\x2E\x66\x72";
|
|
||||||
|
|
||||||
const SECItem anssi_subject = {0, (unsigned char *) rawANSSISubject,
|
for (i = 0; i < PR_ARRAY_SIZE(builtInNameConstraints); ++i) {
|
||||||
sizeof(rawANSSISubject)-1};
|
if (SECITEM_ItemsAreEqual(derSubject, &builtInNameConstraints[i][0])) {
|
||||||
const SECItem permitFranceGovNC = {0, (unsigned char *) constraintFranceGov,
|
return SECITEM_CopyItem(NULL,
|
||||||
sizeof(constraintFranceGov)-1};
|
extensions,
|
||||||
|
&builtInNameConstraints[i][1]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (SECITEM_ItemsAreEqual(&cert->derSubject, &anssi_subject)) {
|
PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
|
||||||
SECStatus rv;
|
return SECFailure;
|
||||||
rv = SECITEM_CopyItem(NULL, extensions, &permitFranceGovNC);
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
|
|
||||||
return SECFailure;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Extract the name constraints extension from the CA cert. */
|
/*
|
||||||
|
* Extract the name constraints extension from the CA cert.
|
||||||
|
* If the certificate contains no name constraints extension, but
|
||||||
|
* CERT_GetImposedNameConstraints returns a name constraints extension
|
||||||
|
* for the subject of the certificate, then that extension will be returned.
|
||||||
|
*/
|
||||||
SECStatus
|
SECStatus
|
||||||
CERT_FindNameConstraintsExten(PLArenaPool *arena,
|
CERT_FindNameConstraintsExten(PLArenaPool *arena,
|
||||||
CERTCertificate *cert,
|
CERTCertificate *cert,
|
||||||
|
@ -1643,7 +1665,8 @@ CERT_FindNameConstraintsExten(PLArenaPool *arena,
|
||||||
if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
|
if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
rv = getNameExtensionsBuiltIn(cert, &constraintsExtension);
|
rv = CERT_GetImposedNameConstraints(&cert->derSubject,
|
||||||
|
&constraintsExtension);
|
||||||
if (rv != SECSuccess) {
|
if (rv != SECSuccess) {
|
||||||
if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) {
|
if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) {
|
||||||
return SECSuccess;
|
return SECSuccess;
|
||||||
|
|
|
@ -17340,149 +17340,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
||||||
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
||||||
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
||||||
|
|
||||||
#
|
|
||||||
# Certificate "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
|
|
||||||
#
|
|
||||||
# Issuer: CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi,O=Elektronik Bilgi Guvenligi A.S.,C=TR
|
|
||||||
# Serial Number:44:99:8d:3c:c0:03:27:bd:9c:76:95:b9:ea:db:ac:b5
|
|
||||||
# Subject: CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi,O=Elektronik Bilgi Guvenligi A.S.,C=TR
|
|
||||||
# Not Valid Before: Thu Jan 04 11:32:48 2007
|
|
||||||
# Not Valid After : Wed Jan 04 11:32:48 2017
|
|
||||||
# Fingerprint (MD5): 3D:41:29:CB:1E:AA:11:74:CD:5D:B0:62:AF:B0:43:5B
|
|
||||||
# Fingerprint (SHA1): DD:E1:D2:A9:01:80:2E:1D:87:5E:84:B3:80:7E:4B:B1:FD:99:41:34
|
|
||||||
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
|
|
||||||
CKA_TOKEN CK_BBOOL CK_TRUE
|
|
||||||
CKA_PRIVATE CK_BBOOL CK_FALSE
|
|
||||||
CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
|
||||||
CKA_LABEL UTF8 "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
|
|
||||||
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
|
|
||||||
CKA_SUBJECT MULTILINE_OCTAL
|
|
||||||
\060\165\061\013\060\011\006\003\125\004\006\023\002\124\122\061
|
|
||||||
\050\060\046\006\003\125\004\012\023\037\105\154\145\153\164\162
|
|
||||||
\157\156\151\153\040\102\151\154\147\151\040\107\165\166\145\156
|
|
||||||
\154\151\147\151\040\101\056\123\056\061\074\060\072\006\003\125
|
|
||||||
\004\003\023\063\145\055\107\165\166\145\156\040\113\157\153\040
|
|
||||||
\105\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151
|
|
||||||
\146\151\153\141\040\110\151\172\155\145\164\040\123\141\147\154
|
|
||||||
\141\171\151\143\151\163\151
|
|
||||||
END
|
|
||||||
CKA_ID UTF8 "0"
|
|
||||||
CKA_ISSUER MULTILINE_OCTAL
|
|
||||||
\060\165\061\013\060\011\006\003\125\004\006\023\002\124\122\061
|
|
||||||
\050\060\046\006\003\125\004\012\023\037\105\154\145\153\164\162
|
|
||||||
\157\156\151\153\040\102\151\154\147\151\040\107\165\166\145\156
|
|
||||||
\154\151\147\151\040\101\056\123\056\061\074\060\072\006\003\125
|
|
||||||
\004\003\023\063\145\055\107\165\166\145\156\040\113\157\153\040
|
|
||||||
\105\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151
|
|
||||||
\146\151\153\141\040\110\151\172\155\145\164\040\123\141\147\154
|
|
||||||
\141\171\151\143\151\163\151
|
|
||||||
END
|
|
||||||
CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
|
||||||
\002\020\104\231\215\074\300\003\047\275\234\166\225\271\352\333
|
|
||||||
\254\265
|
|
||||||
END
|
|
||||||
CKA_VALUE MULTILINE_OCTAL
|
|
||||||
\060\202\003\266\060\202\002\236\240\003\002\001\002\002\020\104
|
|
||||||
\231\215\074\300\003\047\275\234\166\225\271\352\333\254\265\060
|
|
||||||
\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\165
|
|
||||||
\061\013\060\011\006\003\125\004\006\023\002\124\122\061\050\060
|
|
||||||
\046\006\003\125\004\012\023\037\105\154\145\153\164\162\157\156
|
|
||||||
\151\153\040\102\151\154\147\151\040\107\165\166\145\156\154\151
|
|
||||||
\147\151\040\101\056\123\056\061\074\060\072\006\003\125\004\003
|
|
||||||
\023\063\145\055\107\165\166\145\156\040\113\157\153\040\105\154
|
|
||||||
\145\153\164\162\157\156\151\153\040\123\145\162\164\151\146\151
|
|
||||||
\153\141\040\110\151\172\155\145\164\040\123\141\147\154\141\171
|
|
||||||
\151\143\151\163\151\060\036\027\015\060\067\060\061\060\064\061
|
|
||||||
\061\063\062\064\070\132\027\015\061\067\060\061\060\064\061\061
|
|
||||||
\063\062\064\070\132\060\165\061\013\060\011\006\003\125\004\006
|
|
||||||
\023\002\124\122\061\050\060\046\006\003\125\004\012\023\037\105
|
|
||||||
\154\145\153\164\162\157\156\151\153\040\102\151\154\147\151\040
|
|
||||||
\107\165\166\145\156\154\151\147\151\040\101\056\123\056\061\074
|
|
||||||
\060\072\006\003\125\004\003\023\063\145\055\107\165\166\145\156
|
|
||||||
\040\113\157\153\040\105\154\145\153\164\162\157\156\151\153\040
|
|
||||||
\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145\164
|
|
||||||
\040\123\141\147\154\141\171\151\143\151\163\151\060\202\001\042
|
|
||||||
\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
|
|
||||||
\202\001\017\000\060\202\001\012\002\202\001\001\000\303\022\040
|
|
||||||
\236\260\136\000\145\215\116\106\273\200\134\351\054\006\227\325
|
|
||||||
\363\162\311\160\271\347\113\145\200\301\113\276\176\074\327\124
|
|
||||||
\061\224\336\325\022\272\123\026\002\352\130\143\357\133\330\363
|
|
||||||
\355\052\032\252\161\110\243\334\020\055\137\137\353\134\113\234
|
|
||||||
\226\010\102\045\050\021\314\212\132\142\001\120\325\353\011\123
|
|
||||||
\057\370\303\217\376\263\374\375\235\242\343\137\175\276\355\013
|
|
||||||
\340\140\353\151\354\063\355\330\215\373\022\111\203\000\311\213
|
|
||||||
\227\214\073\163\052\062\263\022\367\271\115\362\364\115\155\307
|
|
||||||
\346\326\046\067\010\362\331\375\153\134\243\345\110\134\130\274
|
|
||||||
\102\276\003\132\201\272\034\065\014\000\323\365\043\176\161\060
|
|
||||||
\010\046\070\334\045\021\107\055\363\272\043\020\245\277\274\002
|
|
||||||
\367\103\136\307\376\260\067\120\231\173\017\223\316\346\103\054
|
|
||||||
\303\176\015\362\034\103\146\140\313\141\061\107\207\243\117\256
|
|
||||||
\275\126\154\114\274\274\370\005\312\144\364\351\064\241\054\265
|
|
||||||
\163\341\302\076\350\310\311\064\045\010\134\363\355\246\307\224
|
|
||||||
\237\255\210\103\045\327\341\071\140\376\254\071\131\002\003\001
|
|
||||||
\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
|
|
||||||
\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
|
|
||||||
\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
|
|
||||||
\004\024\237\356\104\263\224\325\372\221\117\056\331\125\232\004
|
|
||||||
\126\333\055\304\333\245\060\015\006\011\052\206\110\206\367\015
|
|
||||||
\001\001\005\005\000\003\202\001\001\000\177\137\271\123\133\143
|
|
||||||
\075\165\062\347\372\304\164\032\313\106\337\106\151\034\122\317
|
|
||||||
\252\117\302\150\353\377\200\251\121\350\075\142\167\211\075\012
|
|
||||||
\165\071\361\156\135\027\207\157\150\005\301\224\154\331\135\337
|
|
||||||
\332\262\131\313\245\020\212\312\314\071\315\237\353\116\336\122
|
|
||||||
\377\014\360\364\222\251\362\154\123\253\233\322\107\240\037\164
|
|
||||||
\367\233\232\361\057\025\237\172\144\060\030\007\074\052\017\147
|
|
||||||
\312\374\017\211\141\235\145\245\074\345\274\023\133\010\333\343
|
|
||||||
\377\355\273\006\273\152\006\261\172\117\145\306\202\375\036\234
|
|
||||||
\213\265\015\356\110\273\270\275\252\010\264\373\243\174\313\237
|
|
||||||
\315\220\166\134\206\226\170\127\012\146\371\130\032\235\375\227
|
|
||||||
\051\140\336\021\246\220\034\031\034\356\001\226\042\064\064\056
|
|
||||||
\221\371\267\304\047\321\173\346\277\373\200\104\132\026\345\353
|
|
||||||
\340\324\012\070\274\344\221\343\325\353\134\301\254\337\033\152
|
|
||||||
\174\236\345\165\322\266\227\207\333\314\207\053\103\072\204\010
|
|
||||||
\257\253\074\333\367\074\146\061\206\260\235\123\171\355\370\043
|
|
||||||
\336\102\343\055\202\361\017\345\372\227
|
|
||||||
END
|
|
||||||
|
|
||||||
# Trust for Certificate "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
|
|
||||||
# Issuer: CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi,O=Elektronik Bilgi Guvenligi A.S.,C=TR
|
|
||||||
# Serial Number:44:99:8d:3c:c0:03:27:bd:9c:76:95:b9:ea:db:ac:b5
|
|
||||||
# Subject: CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi,O=Elektronik Bilgi Guvenligi A.S.,C=TR
|
|
||||||
# Not Valid Before: Thu Jan 04 11:32:48 2007
|
|
||||||
# Not Valid After : Wed Jan 04 11:32:48 2017
|
|
||||||
# Fingerprint (MD5): 3D:41:29:CB:1E:AA:11:74:CD:5D:B0:62:AF:B0:43:5B
|
|
||||||
# Fingerprint (SHA1): DD:E1:D2:A9:01:80:2E:1D:87:5E:84:B3:80:7E:4B:B1:FD:99:41:34
|
|
||||||
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
|
|
||||||
CKA_TOKEN CK_BBOOL CK_TRUE
|
|
||||||
CKA_PRIVATE CK_BBOOL CK_FALSE
|
|
||||||
CKA_MODIFIABLE CK_BBOOL CK_FALSE
|
|
||||||
CKA_LABEL UTF8 "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi"
|
|
||||||
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
|
|
||||||
\335\341\322\251\001\200\056\035\207\136\204\263\200\176\113\261
|
|
||||||
\375\231\101\064
|
|
||||||
END
|
|
||||||
CKA_CERT_MD5_HASH MULTILINE_OCTAL
|
|
||||||
\075\101\051\313\036\252\021\164\315\135\260\142\257\260\103\133
|
|
||||||
END
|
|
||||||
CKA_ISSUER MULTILINE_OCTAL
|
|
||||||
\060\165\061\013\060\011\006\003\125\004\006\023\002\124\122\061
|
|
||||||
\050\060\046\006\003\125\004\012\023\037\105\154\145\153\164\162
|
|
||||||
\157\156\151\153\040\102\151\154\147\151\040\107\165\166\145\156
|
|
||||||
\154\151\147\151\040\101\056\123\056\061\074\060\072\006\003\125
|
|
||||||
\004\003\023\063\145\055\107\165\166\145\156\040\113\157\153\040
|
|
||||||
\105\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151
|
|
||||||
\146\151\153\141\040\110\151\172\155\145\164\040\123\141\147\154
|
|
||||||
\141\171\151\143\151\163\151
|
|
||||||
END
|
|
||||||
CKA_SERIAL_NUMBER MULTILINE_OCTAL
|
|
||||||
\002\020\104\231\215\074\300\003\047\275\234\166\225\271\352\333
|
|
||||||
\254\265
|
|
||||||
END
|
|
||||||
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
|
||||||
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
|
|
||||||
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
|
|
||||||
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Certificate "GlobalSign Root CA - R3"
|
# Certificate "GlobalSign Root CA - R3"
|
||||||
#
|
#
|
||||||
|
|
|
@ -45,8 +45,8 @@
|
||||||
* of the comment in the CK_VERSION type definition.
|
* of the comment in the CK_VERSION type definition.
|
||||||
*/
|
*/
|
||||||
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
|
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
|
||||||
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 3
|
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 4
|
||||||
#define NSS_BUILTINS_LIBRARY_VERSION "2.3"
|
#define NSS_BUILTINS_LIBRARY_VERSION "2.4"
|
||||||
|
|
||||||
/* These version numbers detail the semantic changes to the ckfw engine. */
|
/* These version numbers detail the semantic changes to the ckfw engine. */
|
||||||
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
|
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
|
||||||
|
|
|
@ -883,8 +883,8 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
int expOff;
|
int expOff;
|
||||||
mp_int accum1, accum2, accum[WEAVE_WORD_SIZE];
|
mp_int accum1, accum2, accum[WEAVE_WORD_SIZE];
|
||||||
mp_int tmp;
|
mp_int tmp;
|
||||||
unsigned char *powersArray;
|
unsigned char *powersArray = NULL;
|
||||||
unsigned char *powers;
|
unsigned char *powers = NULL;
|
||||||
|
|
||||||
MP_DIGITS(&accum1) = 0;
|
MP_DIGITS(&accum1) = 0;
|
||||||
MP_DIGITS(&accum2) = 0;
|
MP_DIGITS(&accum2) = 0;
|
||||||
|
@ -894,15 +894,6 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
MP_DIGITS(&accum[3]) = 0;
|
MP_DIGITS(&accum[3]) = 0;
|
||||||
MP_DIGITS(&tmp) = 0;
|
MP_DIGITS(&tmp) = 0;
|
||||||
|
|
||||||
powersArray = (unsigned char *)malloc(num_powers*(nLen*sizeof(mp_digit)+1));
|
|
||||||
if (powersArray == NULL) {
|
|
||||||
res = MP_MEM;
|
|
||||||
goto CLEANUP;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* powers[i] = base ** (i); */
|
|
||||||
powers = (unsigned char *)MP_ALIGN(powersArray,num_powers);
|
|
||||||
|
|
||||||
/* grab the first window value. This allows us to preload accumulator1
|
/* grab the first window value. This allows us to preload accumulator1
|
||||||
* and save a conversion, some squares and a multiple*/
|
* and save a conversion, some squares and a multiple*/
|
||||||
MP_CHECKOK( mpl_get_bits(exponent,
|
MP_CHECKOK( mpl_get_bits(exponent,
|
||||||
|
@ -911,7 +902,6 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
|
|
||||||
MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
|
MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
|
||||||
MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
|
MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
|
||||||
MP_CHECKOK( mp_init_size(&tmp, 3 * nLen + 2) );
|
|
||||||
|
|
||||||
/* build the first WEAVE_WORD powers inline */
|
/* build the first WEAVE_WORD powers inline */
|
||||||
/* if WEAVE_WORD_SIZE is not 4, this code will have to change */
|
/* if WEAVE_WORD_SIZE is not 4, this code will have to change */
|
||||||
|
@ -925,6 +915,13 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
MP_CHECKOK( mp_copy(montBase, &accum[1]) );
|
MP_CHECKOK( mp_copy(montBase, &accum[1]) );
|
||||||
SQR(montBase, &accum[2]);
|
SQR(montBase, &accum[2]);
|
||||||
MUL_NOWEAVE(montBase, &accum[2], &accum[3]);
|
MUL_NOWEAVE(montBase, &accum[2], &accum[3]);
|
||||||
|
powersArray = (unsigned char *)malloc(num_powers*(nLen*sizeof(mp_digit)+1));
|
||||||
|
if (!powersArray) {
|
||||||
|
res = MP_MEM;
|
||||||
|
goto CLEANUP;
|
||||||
|
}
|
||||||
|
/* powers[i] = base ** (i); */ \
|
||||||
|
powers = (unsigned char *)MP_ALIGN(powersArray,num_powers); \
|
||||||
MP_CHECKOK( mpi_to_weave(accum, powers, nLen, num_powers) );
|
MP_CHECKOK( mpi_to_weave(accum, powers, nLen, num_powers) );
|
||||||
if (first_window < 4) {
|
if (first_window < 4) {
|
||||||
MP_CHECKOK( mp_copy(&accum[first_window], &accum1) );
|
MP_CHECKOK( mp_copy(&accum[first_window], &accum1) );
|
||||||
|
@ -946,7 +943,10 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
* odd powers where k is the window size in the two other mp_modexpt
|
* odd powers where k is the window size in the two other mp_modexpt
|
||||||
* implementations in this file. We will get some of that
|
* implementations in this file. We will get some of that
|
||||||
* back by not needing the first 'k' squares and one multiply for the
|
* back by not needing the first 'k' squares and one multiply for the
|
||||||
* first window */
|
* first window.
|
||||||
|
* Given the value of 4 for WEAVE_WORD_SIZE, this loop will only execute if
|
||||||
|
* num_powers > 2, in which case powers will have been allocated.
|
||||||
|
*/
|
||||||
for (i = WEAVE_WORD_SIZE; i < num_powers; i++) {
|
for (i = WEAVE_WORD_SIZE; i < num_powers; i++) {
|
||||||
int acc_index = i & (WEAVE_WORD_SIZE-1); /* i % WEAVE_WORD_SIZE */
|
int acc_index = i & (WEAVE_WORD_SIZE-1); /* i % WEAVE_WORD_SIZE */
|
||||||
if ( i & 1 ) {
|
if ( i & 1 ) {
|
||||||
|
@ -993,6 +993,11 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
|
||||||
pa1 = &accum1;
|
pa1 = &accum1;
|
||||||
pa2 = &accum2;
|
pa2 = &accum2;
|
||||||
|
|
||||||
|
/* tmp is not used if window_bits == 1. */
|
||||||
|
if (window_bits != 1) {
|
||||||
|
MP_CHECKOK( mp_init_size(&tmp, 3 * nLen + 2) );
|
||||||
|
}
|
||||||
|
|
||||||
for (expOff = bits_in_exponent - window_bits*2; expOff >= 0; expOff -= window_bits) {
|
for (expOff = bits_in_exponent - window_bits*2; expOff >= 0; expOff -= window_bits) {
|
||||||
mp_size smallExp;
|
mp_size smallExp;
|
||||||
MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
|
MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
|
||||||
|
|
|
@ -1132,8 +1132,6 @@ pkix_pl_HttpDefaultClient_KeepAliveSession(
|
||||||
PRPollDesc **pPollDesc,
|
PRPollDesc **pPollDesc,
|
||||||
void *plContext)
|
void *plContext)
|
||||||
{
|
{
|
||||||
PKIX_PL_HttpDefaultClient *client = NULL;
|
|
||||||
|
|
||||||
PKIX_ENTER
|
PKIX_ENTER
|
||||||
(HTTPDEFAULTCLIENT,
|
(HTTPDEFAULTCLIENT,
|
||||||
"pkix_pl_HttpDefaultClient_KeepAliveSession");
|
"pkix_pl_HttpDefaultClient_KeepAliveSession");
|
||||||
|
@ -1145,8 +1143,6 @@ pkix_pl_HttpDefaultClient_KeepAliveSession(
|
||||||
plContext),
|
plContext),
|
||||||
PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
|
PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
|
||||||
|
|
||||||
client = (PKIX_PL_HttpDefaultClient *)session;
|
|
||||||
|
|
||||||
/* XXX Not implemented */
|
/* XXX Not implemented */
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
|
@ -211,7 +211,6 @@ pkix_pl_PublicKey_Hashcode(
|
||||||
PKIX_UInt32 algOIDHash;
|
PKIX_UInt32 algOIDHash;
|
||||||
PKIX_UInt32 algParamsHash;
|
PKIX_UInt32 algParamsHash;
|
||||||
PKIX_UInt32 pubKeyHash;
|
PKIX_UInt32 pubKeyHash;
|
||||||
PKIX_UInt32 fullHash;
|
|
||||||
|
|
||||||
PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Hashcode");
|
PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Hashcode");
|
||||||
PKIX_NULLCHECK_TWO(object, pHashcode);
|
PKIX_NULLCHECK_TWO(object, pHashcode);
|
||||||
|
@ -239,8 +238,6 @@ pkix_pl_PublicKey_Hashcode(
|
||||||
(nssPubKey.data, nssPubKey.len, &pubKeyHash, plContext),
|
(nssPubKey.data, nssPubKey.len, &pubKeyHash, plContext),
|
||||||
PKIX_HASHFAILED);
|
PKIX_HASHFAILED);
|
||||||
|
|
||||||
fullHash = algOIDHash + algParamsHash + pubKeyHash;
|
|
||||||
|
|
||||||
*pHashcode = pubKeyHash;
|
*pHashcode = pubKeyHash;
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
|
@ -1070,3 +1070,9 @@ SEC_GetCrlTimes;
|
||||||
;+ local:
|
;+ local:
|
||||||
;+ *;
|
;+ *;
|
||||||
;+};
|
;+};
|
||||||
|
;+NSS_3.18.1 { # NSS 3.18.1 release
|
||||||
|
;+ global:
|
||||||
|
CERT_GetImposedNameConstraints;
|
||||||
|
;+ local:
|
||||||
|
;+ *;
|
||||||
|
;+};
|
||||||
|
|
|
@ -33,10 +33,10 @@
|
||||||
* The format of the version string should be
|
* The format of the version string should be
|
||||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
||||||
*/
|
*/
|
||||||
#define NSS_VERSION "3.18.1" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
|
#define NSS_VERSION "3.19" _NSS_ECC_STRING _NSS_CUSTOMIZED " Beta"
|
||||||
#define NSS_VMAJOR 3
|
#define NSS_VMAJOR 3
|
||||||
#define NSS_VMINOR 18
|
#define NSS_VMINOR 19
|
||||||
#define NSS_VPATCH 1
|
#define NSS_VPATCH 0
|
||||||
#define NSS_VBUILD 0
|
#define NSS_VBUILD 0
|
||||||
#define NSS_BETA PR_TRUE
|
#define NSS_BETA PR_TRUE
|
||||||
|
|
||||||
|
|
|
@ -28,26 +28,26 @@ NSS_CMSMessage_Create(PLArenaPool *poolp)
|
||||||
PRBool poolp_is_ours = PR_FALSE;
|
PRBool poolp_is_ours = PR_FALSE;
|
||||||
|
|
||||||
if (poolp == NULL) {
|
if (poolp == NULL) {
|
||||||
poolp = PORT_NewArena (1024); /* XXX what is right value? */
|
poolp = PORT_NewArena (1024); /* XXX what is right value? */
|
||||||
if (poolp == NULL)
|
if (poolp == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
poolp_is_ours = PR_TRUE;
|
poolp_is_ours = PR_TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!poolp_is_ours)
|
if (!poolp_is_ours)
|
||||||
mark = PORT_ArenaMark(poolp);
|
mark = PORT_ArenaMark(poolp);
|
||||||
|
|
||||||
cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage));
|
cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSMessage));
|
||||||
if (cmsg == NULL) {
|
if (cmsg == NULL ||
|
||||||
if (!poolp_is_ours) {
|
NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo)) != SECSuccess) {
|
||||||
if (mark) {
|
if (!poolp_is_ours) {
|
||||||
PORT_ArenaRelease(poolp, mark);
|
if (mark) {
|
||||||
}
|
PORT_ArenaRelease(poolp, mark);
|
||||||
} else
|
}
|
||||||
PORT_FreeArena(poolp, PR_FALSE);
|
} else
|
||||||
return NULL;
|
PORT_FreeArena(poolp, PR_FALSE);
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo));
|
|
||||||
|
|
||||||
cmsg->poolp = poolp;
|
cmsg->poolp = poolp;
|
||||||
cmsg->poolp_is_ours = poolp_is_ours;
|
cmsg->poolp_is_ours = poolp_is_ours;
|
||||||
|
|
|
@ -25,10 +25,10 @@
|
||||||
* The format of the version string should be
|
* The format of the version string should be
|
||||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
|
||||||
*/
|
*/
|
||||||
#define SOFTOKEN_VERSION "3.18.1" SOFTOKEN_ECC_STRING " Beta"
|
#define SOFTOKEN_VERSION "3.19" SOFTOKEN_ECC_STRING " Beta"
|
||||||
#define SOFTOKEN_VMAJOR 3
|
#define SOFTOKEN_VMAJOR 3
|
||||||
#define SOFTOKEN_VMINOR 18
|
#define SOFTOKEN_VMINOR 19
|
||||||
#define SOFTOKEN_VPATCH 1
|
#define SOFTOKEN_VPATCH 0
|
||||||
#define SOFTOKEN_VBUILD 0
|
#define SOFTOKEN_VBUILD 0
|
||||||
#define SOFTOKEN_BETA PR_TRUE
|
#define SOFTOKEN_BETA PR_TRUE
|
||||||
|
|
||||||
|
|
|
@ -284,30 +284,30 @@ static const ssl3BulkCipherDef bulk_cipher_defs[] = {
|
||||||
{cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0},
|
{cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0},
|
||||||
};
|
};
|
||||||
|
|
||||||
static const ssl3KEADef kea_defs[] =
|
static const ssl3KEADef kea_defs[] =
|
||||||
{ /* indexed by SSL3KeyExchangeAlgorithm */
|
{ /* indexed by SSL3KeyExchangeAlgorithm */
|
||||||
/* kea exchKeyType signKeyType is_limited limit tls_keygen */
|
/* kea exchKeyType signKeyType is_limited limit tls_keygen ephemeral */
|
||||||
{kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE},
|
{kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE},
|
{kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE},
|
{kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE, PR_TRUE},
|
||||||
{kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE},
|
{kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE, PR_TRUE},
|
||||||
{kea_dh_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
|
{kea_dh_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_dh_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
|
{kea_dh_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE, PR_FALSE},
|
||||||
{kea_dh_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
|
{kea_dh_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_dh_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
|
{kea_dh_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE, PR_FALSE},
|
||||||
{kea_dhe_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
|
{kea_dhe_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
{kea_dhe_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
|
{kea_dhe_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE, PR_TRUE},
|
||||||
{kea_dhe_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
|
{kea_dhe_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
{kea_dhe_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
|
{kea_dhe_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE, PR_TRUE},
|
||||||
{kea_dh_anon, kt_dh, sign_null, PR_FALSE, 0, PR_FALSE},
|
{kea_dh_anon, kt_dh, sign_null, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
{kea_dh_anon_export, kt_dh, sign_null, PR_TRUE, 512, PR_FALSE},
|
{kea_dh_anon_export, kt_dh, sign_null, PR_TRUE, 512, PR_FALSE, PR_TRUE},
|
||||||
{kea_rsa_fips, kt_rsa, sign_rsa, PR_FALSE, 0, PR_TRUE },
|
{kea_rsa_fips, kt_rsa, sign_rsa, PR_FALSE, 0, PR_TRUE, PR_FALSE},
|
||||||
#ifndef NSS_DISABLE_ECC
|
#ifndef NSS_DISABLE_ECC
|
||||||
{kea_ecdh_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE},
|
{kea_ecdh_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_ecdhe_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE},
|
{kea_ecdhe_ecdsa, kt_ecdh, sign_ecdsa, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
{kea_ecdh_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE},
|
{kea_ecdh_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
|
||||||
{kea_ecdhe_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE},
|
{kea_ecdhe_rsa, kt_ecdh, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
{kea_ecdh_anon, kt_ecdh, sign_null, PR_FALSE, 0, PR_FALSE},
|
{kea_ecdh_anon, kt_ecdh, sign_null, PR_FALSE, 0, PR_FALSE, PR_TRUE},
|
||||||
#endif /* NSS_DISABLE_ECC */
|
#endif /* NSS_DISABLE_ECC */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -4987,23 +4987,17 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
||||||
sidOK = PR_FALSE;
|
sidOK = PR_FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* TLS 1.0 (RFC 2246) Appendix E says:
|
|
||||||
* Whenever a client already knows the highest protocol known to
|
|
||||||
* a server (for example, when resuming a session), it should
|
|
||||||
* initiate the connection in that native protocol.
|
|
||||||
* So we pass sid->version to ssl3_NegotiateVersion() here, except
|
|
||||||
* when renegotiating.
|
|
||||||
*
|
|
||||||
* Windows SChannel compares the client_version inside the RSA
|
|
||||||
* EncryptedPreMasterSecret of a renegotiation with the
|
|
||||||
* client_version of the initial ClientHello rather than the
|
|
||||||
* ClientHello in the renegotiation. To work around this bug, we
|
|
||||||
* continue to use the client_version used in the initial
|
|
||||||
* ClientHello when renegotiating.
|
|
||||||
*/
|
|
||||||
if (sidOK) {
|
if (sidOK) {
|
||||||
|
/* Set ss->version based on the session cache */
|
||||||
if (ss->firstHsDone) {
|
if (ss->firstHsDone) {
|
||||||
/*
|
/*
|
||||||
|
* Windows SChannel compares the client_version inside the RSA
|
||||||
|
* EncryptedPreMasterSecret of a renegotiation with the
|
||||||
|
* client_version of the initial ClientHello rather than the
|
||||||
|
* ClientHello in the renegotiation. To work around this bug, we
|
||||||
|
* continue to use the client_version used in the initial
|
||||||
|
* ClientHello when renegotiating.
|
||||||
|
*
|
||||||
* The client_version of the initial ClientHello is still
|
* The client_version of the initial ClientHello is still
|
||||||
* available in ss->clientHelloVersion. Ensure that
|
* available in ss->clientHelloVersion. Ensure that
|
||||||
* sid->version is bounded within
|
* sid->version is bounded within
|
||||||
|
@ -5017,10 +5011,22 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
|
||||||
sidOK = PR_FALSE;
|
sidOK = PR_FALSE;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (ssl3_NegotiateVersion(ss, sid->version,
|
/*
|
||||||
PR_FALSE) != SECSuccess) {
|
* Check sid->version is OK first.
|
||||||
|
* Previously, we would cap the version based on sid->version,
|
||||||
|
* but that prevents negotiation of a higher version if the
|
||||||
|
* previous session was reduced (e.g., with version fallback)
|
||||||
|
*/
|
||||||
|
if (sid->version < ss->vrange.min ||
|
||||||
|
sid->version > ss->vrange.max) {
|
||||||
sidOK = PR_FALSE;
|
sidOK = PR_FALSE;
|
||||||
}
|
} else {
|
||||||
|
rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_MAX_SUPPORTED,
|
||||||
|
PR_TRUE);
|
||||||
|
if (rv != SECSuccess) {
|
||||||
|
return rv; /* error code was set */
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -6575,7 +6581,16 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
|
PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
|
||||||
|
|
||||||
ss->ssl3.hs.isResuming = PR_FALSE;
|
ss->ssl3.hs.isResuming = PR_FALSE;
|
||||||
ss->ssl3.hs.ws = wait_server_cert;
|
if (ss->ssl3.hs.kea_def->signKeyType != sign_null) {
|
||||||
|
/* All current cipher suites other than those with sign_null (i.e.,
|
||||||
|
* DH_anon_* suites) require a certificate, so use that signal. */
|
||||||
|
ss->ssl3.hs.ws = wait_server_cert;
|
||||||
|
} else if (ss->ssl3.hs.kea_def->ephemeral) {
|
||||||
|
/* Only ephemeral cipher suites use ServerKeyExchange. */
|
||||||
|
ss->ssl3.hs.ws = wait_server_key;
|
||||||
|
} else {
|
||||||
|
ss->ssl3.hs.ws = wait_cert_request;
|
||||||
|
}
|
||||||
return SECSuccess;
|
return SECSuccess;
|
||||||
|
|
||||||
alert_loser:
|
alert_loser:
|
||||||
|
@ -6634,16 +6649,10 @@ ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
||||||
|
|
||||||
if (ss->ssl3.hs.ws != wait_server_key &&
|
if (ss->ssl3.hs.ws != wait_server_key) {
|
||||||
ss->ssl3.hs.ws != wait_server_cert) {
|
errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
|
desc = unexpected_message;
|
||||||
desc = unexpected_message;
|
goto alert_loser;
|
||||||
goto alert_loser;
|
|
||||||
}
|
|
||||||
if (ss->sec.peerCert == NULL) {
|
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
|
|
||||||
desc = unexpected_message;
|
|
||||||
goto alert_loser;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
|
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
|
||||||
|
@ -6870,7 +6879,6 @@ no_memory: /* no-memory error has already been set. */
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Returns the TLS signature algorithm for the client authentication key and
|
* Returns the TLS signature algorithm for the client authentication key and
|
||||||
* whether it is an RSA or DSA key that may be able to sign only SHA-1 hashes.
|
* whether it is an RSA or DSA key that may be able to sign only SHA-1 hashes.
|
||||||
|
@ -6998,11 +7006,10 @@ ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
||||||
|
|
||||||
if (ss->ssl3.hs.ws != wait_cert_request &&
|
if (ss->ssl3.hs.ws != wait_cert_request) {
|
||||||
ss->ssl3.hs.ws != wait_server_key) {
|
desc = unexpected_message;
|
||||||
desc = unexpected_message;
|
errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
|
goto alert_loser;
|
||||||
goto alert_loser;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
PORT_Assert(ss->ssl3.clientCertChain == NULL);
|
PORT_Assert(ss->ssl3.clientCertChain == NULL);
|
||||||
|
@ -7251,9 +7258,8 @@ ssl3_HandleServerHelloDone(sslSocket *ss)
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
||||||
|
|
||||||
|
/* Skipping CertificateRequest is always permitted. */
|
||||||
if (ws != wait_hello_done &&
|
if (ws != wait_hello_done &&
|
||||||
ws != wait_server_cert &&
|
|
||||||
ws != wait_server_key &&
|
|
||||||
ws != wait_cert_request) {
|
ws != wait_cert_request) {
|
||||||
SSL3_SendAlert(ss, alert_fatal, unexpected_message);
|
SSL3_SendAlert(ss, alert_fatal, unexpected_message);
|
||||||
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
|
||||||
|
@ -7589,14 +7595,11 @@ ssl3_SendServerHelloSequence(sslSocket *ss)
|
||||||
return rv;
|
return rv;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
#ifndef NSS_DISABLE_ECC
|
} else if (kea_def->ephemeral) {
|
||||||
} else if ((kea_def->kea == kea_ecdhe_rsa) ||
|
rv = ssl3_SendServerKeyExchange(ss);
|
||||||
(kea_def->kea == kea_ecdhe_ecdsa)) {
|
if (rv != SECSuccess) {
|
||||||
rv = ssl3_SendServerKeyExchange(ss);
|
return rv; /* err code was set. */
|
||||||
if (rv != SECSuccess) {
|
}
|
||||||
return rv; /* err code was set. */
|
|
||||||
}
|
|
||||||
#endif /* NSS_DISABLE_ECC */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ss->opt.requestCertificate) {
|
if (ss->opt.requestCertificate) {
|
||||||
|
@ -7648,6 +7651,21 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
|
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
|
||||||
PORT_Assert( ss->ssl3.initialized );
|
PORT_Assert( ss->ssl3.initialized );
|
||||||
|
|
||||||
|
if (!ss->sec.isServer ||
|
||||||
|
(ss->ssl3.hs.ws != wait_client_hello &&
|
||||||
|
ss->ssl3.hs.ws != idle_handshake)) {
|
||||||
|
desc = unexpected_message;
|
||||||
|
errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
|
||||||
|
goto alert_loser;
|
||||||
|
}
|
||||||
|
if (ss->ssl3.hs.ws == idle_handshake &&
|
||||||
|
ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
|
||||||
|
desc = no_renegotiation;
|
||||||
|
level = alert_warning;
|
||||||
|
errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
|
||||||
|
goto alert_loser;
|
||||||
|
}
|
||||||
|
|
||||||
/* Get peer name of client */
|
/* Get peer name of client */
|
||||||
rv = ssl_GetPeerInfo(ss);
|
rv = ssl_GetPeerInfo(ss);
|
||||||
if (rv != SECSuccess) {
|
if (rv != SECSuccess) {
|
||||||
|
@ -7674,20 +7692,6 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Memset(&ss->xtnData, 0, sizeof(TLSExtensionData));
|
PORT_Memset(&ss->xtnData, 0, sizeof(TLSExtensionData));
|
||||||
ss->statelessResume = PR_FALSE;
|
ss->statelessResume = PR_FALSE;
|
||||||
|
|
||||||
if ((ss->ssl3.hs.ws != wait_client_hello) &&
|
|
||||||
(ss->ssl3.hs.ws != idle_handshake)) {
|
|
||||||
desc = unexpected_message;
|
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
|
|
||||||
goto alert_loser;
|
|
||||||
}
|
|
||||||
if (ss->ssl3.hs.ws == idle_handshake &&
|
|
||||||
ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
|
|
||||||
desc = no_renegotiation;
|
|
||||||
level = alert_warning;
|
|
||||||
errCode = SSL_ERROR_RENEGOTIATION_NOT_ALLOWED;
|
|
||||||
goto alert_loser;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (IS_DTLS(ss)) {
|
if (IS_DTLS(ss)) {
|
||||||
dtls_RehandshakeCleanup(ss);
|
dtls_RehandshakeCleanup(ss);
|
||||||
}
|
}
|
||||||
|
@ -9053,7 +9057,7 @@ ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
|
||||||
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
|
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
|
||||||
isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
|
isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
|
||||||
|
|
||||||
if (ss->ssl3.hs.ws != wait_cert_verify || ss->sec.peerCert == NULL) {
|
if (ss->ssl3.hs.ws != wait_cert_verify) {
|
||||||
desc = unexpected_message;
|
desc = unexpected_message;
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
|
errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
|
||||||
goto alert_loser;
|
goto alert_loser;
|
||||||
|
@ -9839,11 +9843,11 @@ ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
|
||||||
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
|
||||||
|
|
||||||
if ((ss->ssl3.hs.ws != wait_server_cert) &&
|
if ((isServer && ss->ssl3.hs.ws != wait_client_cert) ||
|
||||||
(ss->ssl3.hs.ws != wait_client_cert)) {
|
(!isServer && ss->ssl3.hs.ws != wait_server_cert)) {
|
||||||
desc = unexpected_message;
|
desc = unexpected_message;
|
||||||
errCode = SSL_ERROR_RX_UNEXPECTED_CERTIFICATE;
|
errCode = SSL_ERROR_RX_UNEXPECTED_CERTIFICATE;
|
||||||
goto alert_loser;
|
goto alert_loser;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ss->sec.peerCert != NULL) {
|
if (ss->sec.peerCert != NULL) {
|
||||||
|
@ -10082,16 +10086,11 @@ ssl3_AuthCertificate(sslSocket *ss)
|
||||||
pubKey = NULL;
|
pubKey = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ss->ssl3.hs.ws = wait_cert_request; /* disallow server_key_exchange */
|
if (ss->ssl3.hs.kea_def->ephemeral) {
|
||||||
if (ss->ssl3.hs.kea_def->is_limited ||
|
ss->ssl3.hs.ws = wait_server_key; /* require server_key_exchange */
|
||||||
/* XXX OR server cert is signing only. */
|
} else {
|
||||||
#ifndef NSS_DISABLE_ECC
|
ss->ssl3.hs.ws = wait_cert_request; /* disallow server_key_exchange */
|
||||||
ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
|
}
|
||||||
ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa ||
|
|
||||||
#endif /* NSS_DISABLE_ECC */
|
|
||||||
ss->ssl3.hs.kea_def->exchKeyType == kt_dh) {
|
|
||||||
ss->ssl3.hs.ws = wait_server_key; /* allow server_key_exchange */
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
ss->ssl3.hs.ws = wait_client_key;
|
ss->ssl3.hs.ws = wait_client_key;
|
||||||
}
|
}
|
||||||
|
|
|
@ -725,9 +725,15 @@ typedef struct {
|
||||||
SSL3KeyExchangeAlgorithm kea;
|
SSL3KeyExchangeAlgorithm kea;
|
||||||
SSL3KEAType exchKeyType;
|
SSL3KEAType exchKeyType;
|
||||||
SSL3SignType signKeyType;
|
SSL3SignType signKeyType;
|
||||||
|
/* For export cipher suites:
|
||||||
|
* is_limited identifies a suite as having a limit on the key size.
|
||||||
|
* key_size_limit provides the corresponding limit. */
|
||||||
PRBool is_limited;
|
PRBool is_limited;
|
||||||
int key_size_limit;
|
int key_size_limit;
|
||||||
PRBool tls_keygen;
|
PRBool tls_keygen;
|
||||||
|
/* True if the key exchange for the suite can be ephemeral. Or to be more
|
||||||
|
* precise: true if the ServerKeyExchange message is required. */
|
||||||
|
PRBool ephemeral;
|
||||||
} ssl3KEADef;
|
} ssl3KEADef;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -89,7 +89,7 @@ static sslOptions ssl_defaults = {
|
||||||
* default range of enabled SSL/TLS protocols
|
* default range of enabled SSL/TLS protocols
|
||||||
*/
|
*/
|
||||||
static SSLVersionRange versions_defaults_stream = {
|
static SSLVersionRange versions_defaults_stream = {
|
||||||
SSL_LIBRARY_VERSION_3_0,
|
SSL_LIBRARY_VERSION_TLS_1_0,
|
||||||
SSL_LIBRARY_VERSION_TLS_1_2
|
SSL_LIBRARY_VERSION_TLS_1_2
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -19,10 +19,10 @@
|
||||||
* The format of the version string should be
|
* The format of the version string should be
|
||||||
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
|
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
|
||||||
*/
|
*/
|
||||||
#define NSSUTIL_VERSION "3.18.1 Beta"
|
#define NSSUTIL_VERSION "3.19 Beta"
|
||||||
#define NSSUTIL_VMAJOR 3
|
#define NSSUTIL_VMAJOR 3
|
||||||
#define NSSUTIL_VMINOR 18
|
#define NSSUTIL_VMINOR 19
|
||||||
#define NSSUTIL_VPATCH 1
|
#define NSSUTIL_VPATCH 0
|
||||||
#define NSSUTIL_VBUILD 0
|
#define NSSUTIL_VBUILD 0
|
||||||
#define NSSUTIL_BETA PR_TRUE
|
#define NSSUTIL_BETA PR_TRUE
|
||||||
|
|
||||||
|
|
|
@ -302,7 +302,7 @@ fi
|
||||||
# following test for modutil should check for that instead.
|
# following test for modutil should check for that instead.
|
||||||
# Exception: when building softoken only, shlibsign is the
|
# Exception: when building softoken only, shlibsign is the
|
||||||
# last file created.
|
# last file created.
|
||||||
if [ ${NSS_BUILD_SOFTOKEN_ONLY} = "1" ]; then
|
if [ "${NSS_BUILD_SOFTOKEN_ONLY}" = "1" ]; then
|
||||||
LAST_FILE_BUILT=shlibsign
|
LAST_FILE_BUILT=shlibsign
|
||||||
else
|
else
|
||||||
LAST_FILE_BUILT=modutil
|
LAST_FILE_BUILT=modutil
|
||||||
|
|
|
@ -958,8 +958,23 @@ cert_ssl_gtests()
|
||||||
certu -N -d "${SSLGTESTDIR}" --empty-password 2>&1
|
certu -N -d "${SSLGTESTDIR}" --empty-password 2>&1
|
||||||
# the ssl server used here is special: is a self-signed server
|
# the ssl server used here is special: is a self-signed server
|
||||||
# certificate with name server.
|
# certificate with name server.
|
||||||
echo "$SCRIPTNAME: Creating server cert for ssl_gtests"
|
echo "$SCRIPTNAME: Creating server certs for ssl_gtests"
|
||||||
certu -S -z ${R_NOISE_FILE} -g 2048 -d ${SSLGTESTDIR} -n server -s "CN=server" -t C,C,C -x -m 1 -w -2 -v 120 -Z SHA256 -1 -2 <<CERTSCRIPT
|
certu -S -z ${R_NOISE_FILE} -g 2048 -d ${SSLGTESTDIR} -n server -s "CN=server" \
|
||||||
|
-t C,C,C -x -m 1 -w -2 -v 120 -Z SHA256 -1 -2 <<CERTSCRIPT
|
||||||
|
0
|
||||||
|
2
|
||||||
|
9
|
||||||
|
n
|
||||||
|
n
|
||||||
|
|
||||||
|
n
|
||||||
|
CERTSCRIPT
|
||||||
|
if [ "$RET" -ne 0 ]; then
|
||||||
|
echo "return value is $RET"
|
||||||
|
Exit 6 "Fatal - failed to create RSA server cert for ssl_gtests"
|
||||||
|
fi
|
||||||
|
certu -S -z ${R_NOISE_FILE} -k ec -q nistp256 -d ${SSLGTESTDIR} -n ecdsa -s CN=ecdsa \
|
||||||
|
-t C,C,C -x -m 1 -w -2 -v 120 -Z SHA256 -1 -2 <<CERTSCRIPT
|
||||||
0
|
0
|
||||||
2
|
2
|
||||||
9
|
9
|
||||||
|
@ -971,7 +986,7 @@ CERTSCRIPT
|
||||||
|
|
||||||
if [ "$RET" -ne 0 ]; then
|
if [ "$RET" -ne 0 ]; then
|
||||||
echo "return value is $RET"
|
echo "return value is $RET"
|
||||||
Exit 6 "Fatal - failed to create server cert for ssl_gtests"
|
Exit 6 "Fatal - failed to create ECDSA server cert for ssl_gtests"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -21,7 +21,7 @@ verify TestUser51:x
|
||||||
result pass
|
result pass
|
||||||
|
|
||||||
verify PayPalEE:x
|
verify PayPalEE:x
|
||||||
policy OID.2.16.840.1.113733.1.7.23.6
|
policy OID.2.16.840.1.114412.1.1
|
||||||
result pass
|
result pass
|
||||||
|
|
||||||
verify BrAirWaysBadSig:x
|
verify BrAirWaysBadSig:x
|
||||||
|
|
Двоичные данные
security/nss/tests/libpkix/certs/PayPalEE.cert
Двоичные данные
security/nss/tests/libpkix/certs/PayPalEE.cert
Двоичный файл не отображается.
Двоичные данные
security/nss/tests/libpkix/certs/PayPalICA.cert
Двоичные данные
security/nss/tests/libpkix/certs/PayPalICA.cert
Двоичный файл не отображается.
Двоичные данные
security/nss/tests/libpkix/certs/PayPalRootCA.cert
Двоичные данные
security/nss/tests/libpkix/certs/PayPalRootCA.cert
Двоичный файл не отображается.
|
@ -1,4 +1,4 @@
|
||||||
# Status | Leaf Cert | Policies | Others(undef)
|
# Status | Leaf Cert | Policies | Others(undef)
|
||||||
0 TestUser50 undef
|
0 TestUser50 undef
|
||||||
0 TestUser51 undef
|
0 TestUser51 undef
|
||||||
0 PayPalEE OID.2.16.840.1.113733.1.7.23.6
|
0 PayPalEE OID.2.16.840.1.114412.1.1
|
||||||
|
|
Загрузка…
Ссылка в новой задаче