mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-29 15:52:07 +00:00
Bug 1470914 - land NSS 247bf1dc3121 UPGRADE_NSS_RELEASE, r=me
--HG-- extra : rebase_source : 5f5889a767649aa6d223fbd3f72290c71f7ca74a
This commit is contained in:
Franziskus Kiefer
parent
18efd6980f
commit
f180fd777d
@ -1 +1 @@
|
||||
c84a61acb17d
|
||||
247bf1dc3121
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
84
security/nss/cmd/fipstest/kas.sh
Executable file
84
security/nss/cmd/fipstest/kas.sh
Executable file
@ -0,0 +1,84 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
#
|
||||
# A Bourne shell script for running the NIST DSA Validation System
|
||||
#
|
||||
# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
|
||||
# variables appropriately so that the fipstest command and the NSPR and NSS
|
||||
# shared libraries/DLLs are on the search path. Then run this script in the
|
||||
# directory where the REQUEST (.req) files reside. The script generates the
|
||||
# RESPONSE (.rsp) files in the same directory.
|
||||
BASEDIR=${1-.}
|
||||
TESTDIR=${BASEDIR}/KAS
|
||||
COMMAND=${2-run}
|
||||
REQDIR=${TESTDIR}/req
|
||||
RSPDIR=${TESTDIR}/resp
|
||||
|
||||
|
||||
#
|
||||
if [ ${COMMAND} = "verify" ]; then
|
||||
#
|
||||
# need verify for KAS tests
|
||||
|
||||
# verify generated keys
|
||||
# name=KeyPair
|
||||
# echo ">>>>> $name"
|
||||
# fipstest dsa keyver ${RSPDIR}/$name.rsp | grep ^Result.=.F
|
||||
# verify generated pqg values
|
||||
# name=PQGGen
|
||||
# echo ">>>>> $name"
|
||||
# fipstest dsa pqgver ${RSPDIR}/$name.rsp | grep ^Result.=.F
|
||||
# verify PQGVer with known answer
|
||||
# sh ./validate1.sh ${TESTDIR} PQGVer.req ' ' '-e /^Result.=.F/s;.(.*);; -e /^Result.=.P/s;.(.*);;'
|
||||
# verify signatures
|
||||
# name=SigGen
|
||||
# echo ">>>>> $name"
|
||||
# fipstest dsa sigver ${RSPDIR}/$name.rsp | grep ^Result.=.F
|
||||
# verify SigVer with known answer
|
||||
# sh ./validate1.sh ${TESTDIR} SigVer.req ' ' '-e /^X.=/d -e /^Result.=.F/s;.(.*);;'
|
||||
exit 0
|
||||
fi
|
||||
|
||||
request=KASFunctionTest_ECCEphemeralUnified_NOKC_ZZOnly_init.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest ecdh init-func ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASFunctionTest_ECCEphemeralUnified_NOKC_ZZOnly_resp.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest ecdh resp-func ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASValidityTest_ECCEphemeralUnified_NOKC_ZZOnly_init.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest ecdh init-verify ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASValidityTest_ECCEphemeralUnified_NOKC_ZZOnly_resp.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest ecdh resp-verify ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASFunctionTest_FFCEphem_NOKC_ZZOnly_init.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest dh init-func ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASFunctionTest_FFCEphem_NOKC_ZZOnly_resp.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest dh resp-func ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASValidityTest_FFCEphem_NOKC_ZZOnly_init.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest dh init-verify ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
request=KASValidityTest_FFCEphem_NOKC_ZZOnly_resp.req
|
||||
response=`echo $request | sed -e "s/req/rsp/"`
|
||||
echo $request $response
|
||||
fipstest dh resp-verify ${REQDIR}/$request > ${RSPDIR}/$response
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
#
|
||||
TESTDIR=${1-.}
|
||||
COMMAND=${2-run}
|
||||
TESTS="aes aesgcm dsa ecdsa hmac tls rng rsa sha tdea"
|
||||
TESTS="aes aesgcm dsa ecdsa hmac kas tls rng rsa sha tdea"
|
||||
for i in $TESTS
|
||||
do
|
||||
echo "********************Running $i tests"
|
||||
|
||||
@ -10,3 +10,4 @@
|
||||
*/
|
||||
|
||||
#error "Do not include this header file."
|
||||
|
||||
|
||||
@ -20,13 +20,6 @@
|
||||
|
||||
namespace nss_test {
|
||||
|
||||
const uint8_t kTlsChangeCipherSpecType = 20;
|
||||
const uint8_t kTlsAlertType = 21;
|
||||
const uint8_t kTlsHandshakeType = 22;
|
||||
const uint8_t kTlsApplicationDataType = 23;
|
||||
const uint8_t kTlsAltHandshakeType = 24;
|
||||
const uint8_t kTlsAckType = 25;
|
||||
|
||||
const uint8_t kTlsHandshakeClientHello = 1;
|
||||
const uint8_t kTlsHandshakeServerHello = 2;
|
||||
const uint8_t kTlsHandshakeNewSessionTicket = 4;
|
||||
@ -60,7 +53,7 @@ const uint8_t kTlsAlertUnrecognizedName = 112;
|
||||
const uint8_t kTlsAlertNoApplicationProtocol = 120;
|
||||
|
||||
const uint8_t kTlsFakeChangeCipherSpec[] = {
|
||||
kTlsChangeCipherSpecType, // Type
|
||||
ssl_ct_change_cipher_spec, // Type
|
||||
0xfe,
|
||||
0xff, // Version
|
||||
0x00,
|
||||
|
||||
@ -64,8 +64,8 @@ TEST_P(TlsAgentTestClient13, CannedHello) {
|
||||
auto sh = MakeCannedTls13ServerHello();
|
||||
MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(),
|
||||
&server_hello);
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello.data(), server_hello.len(), &buffer);
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
|
||||
server_hello.len(), &buffer);
|
||||
ProcessMessage(buffer, TlsAgent::STATE_CONNECTING);
|
||||
}
|
||||
|
||||
@ -79,8 +79,8 @@ TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) {
|
||||
&encrypted_extensions, 1);
|
||||
server_hello.Append(encrypted_extensions);
|
||||
DataBuffer buffer;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello.data(), server_hello.len(), &buffer);
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
|
||||
server_hello.len(), &buffer);
|
||||
EnsureInit();
|
||||
ExpectAlert(kTlsAlertUnexpectedMessage);
|
||||
ProcessMessage(buffer, TlsAgent::STATE_ERROR,
|
||||
@ -97,11 +97,11 @@ TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) {
|
||||
&encrypted_extensions, 1);
|
||||
server_hello.Append(encrypted_extensions);
|
||||
DataBuffer buffer;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello.data(), kFirstFragmentSize, &buffer);
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
|
||||
kFirstFragmentSize, &buffer);
|
||||
|
||||
DataBuffer buffer2;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello.data() + kFirstFragmentSize,
|
||||
server_hello.len() - kFirstFragmentSize, &buffer2);
|
||||
|
||||
@ -129,11 +129,11 @@ TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) {
|
||||
&encrypted_extensions, 1);
|
||||
server_hello_frag2.Append(encrypted_extensions);
|
||||
DataBuffer buffer;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello_frag1.data(), server_hello_frag1.len(), &buffer);
|
||||
|
||||
DataBuffer buffer2;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
server_hello_frag2.data(), server_hello_frag2.len(), &buffer2, 1);
|
||||
|
||||
EnsureInit();
|
||||
@ -150,7 +150,7 @@ TEST_F(TlsAgentDgramTestClient, AckWithBogusLengthField) {
|
||||
// Length doesn't match
|
||||
const uint8_t ackBuf[] = {0x00, 0x08, 0x00};
|
||||
DataBuffer record;
|
||||
MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
|
||||
MakeRecord(variant_, ssl_ct_ack, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
|
||||
sizeof(ackBuf), &record, 0);
|
||||
agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
SSL_LIBRARY_VERSION_TLS_1_3);
|
||||
@ -164,7 +164,7 @@ TEST_F(TlsAgentDgramTestClient, AckWithNonEvenLength) {
|
||||
// Length isn't a multiple of 8
|
||||
const uint8_t ackBuf[] = {0x00, 0x01, 0x00};
|
||||
DataBuffer record;
|
||||
MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
|
||||
MakeRecord(variant_, ssl_ct_ack, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
|
||||
sizeof(ackBuf), &record, 0);
|
||||
agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
SSL_LIBRARY_VERSION_TLS_1_3);
|
||||
@ -196,7 +196,7 @@ TEST_F(TlsAgentStreamTestClient, Set0RttOptionThenRead) {
|
||||
agent_->StartConnect();
|
||||
agent_->Set0RttEnabled(true);
|
||||
DataBuffer buffer;
|
||||
MakeRecord(kTlsApplicationDataType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_application_data, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
reinterpret_cast<const uint8_t *>(k0RttData), strlen(k0RttData),
|
||||
&buffer);
|
||||
ExpectAlert(kTlsAlertUnexpectedMessage);
|
||||
@ -214,10 +214,10 @@ TEST_F(TlsAgentStreamTestServer, Set0RttOptionClientHelloThenRead) {
|
||||
agent_->StartConnect();
|
||||
agent_->Set0RttEnabled(true);
|
||||
DataBuffer buffer;
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
kCannedTls13ClientHello, sizeof(kCannedTls13ClientHello), &buffer);
|
||||
ProcessMessage(buffer, TlsAgent::STATE_CONNECTING);
|
||||
MakeRecord(kTlsApplicationDataType, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
MakeRecord(ssl_ct_application_data, SSL_LIBRARY_VERSION_TLS_1_3,
|
||||
reinterpret_cast<const uint8_t *>(k0RttData), strlen(k0RttData),
|
||||
&buffer);
|
||||
ExpectAlert(kTlsAlertBadRecordMac);
|
||||
|
||||
@ -482,7 +482,7 @@ class BeforeFinished : public TlsRecordFilter {
|
||||
switch (state_) {
|
||||
case BEFORE_CCS:
|
||||
// Awaken when we see the CCS.
|
||||
if (header.content_type() == kTlsChangeCipherSpecType) {
|
||||
if (header.content_type() == ssl_ct_change_cipher_spec) {
|
||||
before_ccs_();
|
||||
|
||||
// Write the CCS out as a separate write, so that we can make
|
||||
@ -499,7 +499,7 @@ class BeforeFinished : public TlsRecordFilter {
|
||||
break;
|
||||
|
||||
case AFTER_CCS:
|
||||
EXPECT_EQ(kTlsHandshakeType, header.content_type());
|
||||
EXPECT_EQ(ssl_ct_handshake, header.content_type());
|
||||
// This could check that data contains a Finished message, but it's
|
||||
// encrypted, so that's too much extra work.
|
||||
|
||||
|
||||
@ -282,7 +282,7 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) {
|
||||
} else {
|
||||
epoch = 0;
|
||||
}
|
||||
TlsAgentTestBase::MakeRecord(variant_, kTlsApplicationDataType, version_,
|
||||
TlsAgentTestBase::MakeRecord(variant_, ssl_ct_application_data, version_,
|
||||
payload, sizeof(payload), &record,
|
||||
(epoch << 48) | record_limit());
|
||||
client_->SendDirect(record);
|
||||
|
||||
@ -123,7 +123,7 @@ class TlsDropDatagram13 : public TlsConnectDatagram13,
|
||||
|
||||
void Init(const std::shared_ptr<TlsAgent>& agent) {
|
||||
records_ = std::make_shared<TlsRecordRecorder>(agent);
|
||||
ack_ = std::make_shared<TlsRecordRecorder>(agent, content_ack);
|
||||
ack_ = std::make_shared<TlsRecordRecorder>(agent, ssl_ct_ack);
|
||||
ack_->EnableDecryption();
|
||||
drop_ = std::make_shared<SelectiveRecordDropFilter>(agent, 0, false);
|
||||
chain_ = std::make_shared<ChainedPacketFilter>(
|
||||
@ -670,7 +670,7 @@ TEST_P(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) {
|
||||
ASSERT_NE(nullptr, spec.get());
|
||||
ASSERT_EQ(2, spec->epoch());
|
||||
ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002,
|
||||
kTlsApplicationDataType,
|
||||
ssl_ct_application_data,
|
||||
DataBuffer(buf, sizeof(buf))));
|
||||
|
||||
// Now have the server consume the bogus message.
|
||||
@ -696,7 +696,7 @@ TEST_P(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) {
|
||||
ASSERT_NE(nullptr, spec.get());
|
||||
ASSERT_EQ(2, spec->epoch());
|
||||
ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002,
|
||||
kTlsHandshakeType,
|
||||
ssl_ct_handshake,
|
||||
DataBuffer(buf, sizeof(buf))));
|
||||
server_->Handshake();
|
||||
EXPECT_EQ(2UL, server_filters_.ack_->count());
|
||||
@ -899,7 +899,7 @@ class TlsReplaceFirstRecordWithJunk : public TlsRecordFilter {
|
||||
}
|
||||
replaced_ = true;
|
||||
TlsRecordHeader out_header(header.variant(), header.version(),
|
||||
kTlsApplicationDataType,
|
||||
ssl_ct_application_data,
|
||||
header.sequence_number());
|
||||
|
||||
static const uint8_t junk[] = {1, 2, 3, 4};
|
||||
|
||||
@ -106,8 +106,8 @@ class RecordFragmenter : public PacketFilter {
|
||||
}
|
||||
|
||||
// Just rewrite the sequence number (CCS only).
|
||||
if (header.content_type() != kTlsHandshakeType) {
|
||||
EXPECT_EQ(kTlsChangeCipherSpecType, header.content_type());
|
||||
if (header.content_type() != ssl_ct_handshake) {
|
||||
EXPECT_EQ(ssl_ct_change_cipher_spec, header.content_type());
|
||||
WriteRecord(header, record);
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -33,7 +33,7 @@ class TlsApplicationDataRecorder : public TlsRecordFilter {
|
||||
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& input,
|
||||
DataBuffer* output) {
|
||||
if (header.content_type() == kTlsApplicationDataType) {
|
||||
if (header.content_type() == ssl_ct_application_data) {
|
||||
buffer_.Append(input);
|
||||
}
|
||||
|
||||
|
||||
@ -76,7 +76,7 @@ class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter {
|
||||
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& record, size_t* offset,
|
||||
DataBuffer* output) {
|
||||
if (filtered_packets() > 0 || header.content_type() != content_handshake) {
|
||||
if (filtered_packets() > 0 || header.content_type() != ssl_ct_handshake) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
@ -1014,7 +1014,7 @@ class HelloRetryRequestAgentTest : public TlsAgentTestClient {
|
||||
DataBuffer hrr;
|
||||
MakeHandshakeMessage(kTlsHandshakeServerHello, hrr_data.data(),
|
||||
hrr_data.len(), &hrr, seq_num);
|
||||
MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, hrr.data(),
|
||||
MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, hrr.data(),
|
||||
hrr.len(), hrr_record, seq_num);
|
||||
}
|
||||
|
||||
|
||||
@ -65,7 +65,7 @@ class TlsAlertRecorder : public TlsRecordFilter {
|
||||
if (level_ != 255) { // Already captured.
|
||||
return KEEP;
|
||||
}
|
||||
if (header.content_type() != kTlsAlertType) {
|
||||
if (header.content_type() != ssl_ct_alert) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
@ -426,13 +426,15 @@ class TlsPreCCSHeaderInjector : public TlsRecordFilter {
|
||||
virtual PacketFilter::Action FilterRecord(
|
||||
const TlsRecordHeader& record_header, const DataBuffer& input,
|
||||
size_t* offset, DataBuffer* output) override {
|
||||
if (record_header.content_type() != kTlsChangeCipherSpecType) return KEEP;
|
||||
if (record_header.content_type() != ssl_ct_change_cipher_spec) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
std::cerr << "Injecting Finished header before CCS\n";
|
||||
const uint8_t hhdr[] = {kTlsHandshakeFinished, 0x00, 0x00, 0x0c};
|
||||
DataBuffer hhdr_buf(hhdr, sizeof(hhdr));
|
||||
TlsRecordHeader nhdr(record_header.variant(), record_header.version(),
|
||||
kTlsHandshakeType, 0);
|
||||
ssl_ct_handshake, 0);
|
||||
*offset = nhdr.Write(output, *offset, hhdr_buf);
|
||||
*offset = record_header.Write(output, *offset, input);
|
||||
return CHANGE;
|
||||
|
||||
@ -111,7 +111,7 @@ class RecordReplacer : public TlsRecordFilter {
|
||||
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& data,
|
||||
DataBuffer* changed) override {
|
||||
EXPECT_EQ(kTlsApplicationDataType, header.content_type());
|
||||
EXPECT_EQ(ssl_ct_application_data, header.content_type());
|
||||
changed->Allocate(size_);
|
||||
|
||||
for (size_t i = 0; i < size_; ++i) {
|
||||
|
||||
@ -34,7 +34,7 @@ class TlsRecordMaximum : public TlsRecordFilter {
|
||||
DataBuffer* output) override {
|
||||
std::cerr << "max: " << record << std::endl;
|
||||
// Ignore unprotected packets.
|
||||
if (header.content_type() != kTlsApplicationDataType) {
|
||||
if (header.content_type() != ssl_ct_application_data) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
@ -187,7 +187,7 @@ class TlsRecordExpander : public TlsRecordFilter {
|
||||
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& data,
|
||||
DataBuffer* changed) {
|
||||
if (header.content_type() != kTlsApplicationDataType) {
|
||||
if (header.content_type() != ssl_ct_application_data) {
|
||||
return KEEP;
|
||||
}
|
||||
changed->Allocate(data.len() + expansion_);
|
||||
@ -252,7 +252,7 @@ class TlsRecordPadder : public TlsRecordFilter {
|
||||
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& record, size_t* offset,
|
||||
DataBuffer* output) override {
|
||||
if (header.content_type() != kTlsApplicationDataType) {
|
||||
if (header.content_type() != ssl_ct_application_data) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
@ -262,7 +262,7 @@ class TlsRecordPadder : public TlsRecordFilter {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
if (inner_content_type != kTlsApplicationDataType) {
|
||||
if (inner_content_type != ssl_ct_application_data) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ class TlsHandshakeSkipFilter : public TlsRecordFilter {
|
||||
virtual PacketFilter::Action FilterRecord(
|
||||
const TlsRecordHeader& record_header, const DataBuffer& input,
|
||||
DataBuffer* output) {
|
||||
if (record_header.content_type() != kTlsHandshakeType) {
|
||||
if (record_header.content_type() != ssl_ct_handshake) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
|
||||
@ -82,7 +82,7 @@ class Tls13CompatTest : public TlsConnectStreamTls13 {
|
||||
// Only the second record can be a CCS.
|
||||
bool expected_match = expected && (i == 1);
|
||||
EXPECT_EQ(expected_match,
|
||||
kTlsChangeCipherSpecType ==
|
||||
ssl_ct_change_cipher_spec ==
|
||||
records_->record(i).header.content_type());
|
||||
}
|
||||
}
|
||||
@ -307,7 +307,7 @@ TEST_F(TlsConnectTest, TLS13NonCompatModeSessionID) {
|
||||
}
|
||||
|
||||
static const uint8_t kCannedCcs[] = {
|
||||
kTlsChangeCipherSpecType,
|
||||
ssl_ct_change_cipher_spec,
|
||||
SSL_LIBRARY_VERSION_TLS_1_2 >> 8,
|
||||
SSL_LIBRARY_VERSION_TLS_1_2 & 0xff,
|
||||
0,
|
||||
@ -370,14 +370,14 @@ TEST_F(TlsConnectDatagram13, CompatModeDtlsClient) {
|
||||
Connect();
|
||||
|
||||
ASSERT_EQ(2U, client_records->count()); // CH, Fin
|
||||
EXPECT_EQ(kTlsHandshakeType, client_records->record(0).header.content_type());
|
||||
EXPECT_EQ(kTlsApplicationDataType,
|
||||
EXPECT_EQ(ssl_ct_handshake, client_records->record(0).header.content_type());
|
||||
EXPECT_EQ(ssl_ct_application_data,
|
||||
client_records->record(1).header.content_type());
|
||||
|
||||
ASSERT_EQ(6U, server_records->count()); // SH, EE, CT, CV, Fin, Ack
|
||||
EXPECT_EQ(kTlsHandshakeType, server_records->record(0).header.content_type());
|
||||
EXPECT_EQ(ssl_ct_handshake, server_records->record(0).header.content_type());
|
||||
for (size_t i = 1; i < server_records->count(); ++i) {
|
||||
EXPECT_EQ(kTlsApplicationDataType,
|
||||
EXPECT_EQ(ssl_ct_application_data,
|
||||
server_records->record(i).header.content_type());
|
||||
}
|
||||
}
|
||||
@ -422,12 +422,12 @@ TEST_F(TlsConnectDatagram13, CompatModeDtlsServer) {
|
||||
client_->Handshake();
|
||||
|
||||
ASSERT_EQ(1U, client_records->count());
|
||||
EXPECT_EQ(kTlsHandshakeType, client_records->record(0).header.content_type());
|
||||
EXPECT_EQ(ssl_ct_handshake, client_records->record(0).header.content_type());
|
||||
|
||||
ASSERT_EQ(5U, server_records->count()); // SH, EE, CT, CV, Fin
|
||||
EXPECT_EQ(kTlsHandshakeType, server_records->record(0).header.content_type());
|
||||
EXPECT_EQ(ssl_ct_handshake, server_records->record(0).header.content_type());
|
||||
for (size_t i = 1; i < server_records->count(); ++i) {
|
||||
EXPECT_EQ(kTlsApplicationDataType,
|
||||
EXPECT_EQ(ssl_ct_application_data,
|
||||
server_records->record(i).header.content_type());
|
||||
}
|
||||
|
||||
|
||||
@ -158,7 +158,7 @@ TEST_P(TlsConnectGeneric, AlertBeforeServerHello) {
|
||||
static const uint8_t kWarningAlert[] = {kTlsAlertWarning,
|
||||
kTlsAlertUnrecognizedName};
|
||||
DataBuffer alert;
|
||||
TlsAgentTestBase::MakeRecord(variant_, kTlsAlertType,
|
||||
TlsAgentTestBase::MakeRecord(variant_, ssl_ct_alert,
|
||||
SSL_LIBRARY_VERSION_TLS_1_0, kWarningAlert,
|
||||
PR_ARRAY_SIZE(kWarningAlert), &alert);
|
||||
client_->adapter()->PacketReceived(alert);
|
||||
|
||||
@ -976,7 +976,7 @@ bool TlsAgent::SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec,
|
||||
LOGV("Encrypting " << buf.len() << " bytes");
|
||||
// Ensure that we are doing TLS 1.3.
|
||||
EXPECT_GE(expected_version_, SSL_LIBRARY_VERSION_TLS_1_3);
|
||||
TlsRecordHeader header(variant_, expected_version_, kTlsApplicationDataType,
|
||||
TlsRecordHeader header(variant_, expected_version_, ssl_ct_application_data,
|
||||
seq);
|
||||
DataBuffer padded = buf;
|
||||
padded.Write(padded.len(), ct, 1);
|
||||
@ -1105,7 +1105,7 @@ void TlsAgentTestBase::MakeRecord(SSLProtocolVariant variant, uint8_t type,
|
||||
if (variant == ssl_variant_stream) {
|
||||
index = out->Write(index, version, 2);
|
||||
} else if (version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
||||
type == kTlsApplicationDataType) {
|
||||
type == ssl_ct_application_data) {
|
||||
uint32_t epoch = (sequence_number >> 48) & 0x3;
|
||||
uint32_t seqno = sequence_number & ((1ULL << 30) - 1);
|
||||
index = out->Write(index, (epoch << 30) | seqno, 4);
|
||||
@ -1158,10 +1158,10 @@ void TlsAgentTestBase::MakeTrivialHandshakeRecord(uint8_t hs_type,
|
||||
size_t hs_len,
|
||||
DataBuffer* out) {
|
||||
size_t index = 0;
|
||||
index = out->Write(index, kTlsHandshakeType, 1); // Content Type
|
||||
index = out->Write(index, 3, 1); // Version high
|
||||
index = out->Write(index, 1, 1); // Version low
|
||||
index = out->Write(index, 4 + hs_len, 2); // Length
|
||||
index = out->Write(index, ssl_ct_handshake, 1); // Content Type
|
||||
index = out->Write(index, 3, 1); // Version high
|
||||
index = out->Write(index, 1, 1); // Version low
|
||||
index = out->Write(index, 4 + hs_len, 2); // Length
|
||||
|
||||
index = out->Write(index, hs_type, 1); // Handshake record type.
|
||||
index = out->Write(index, hs_len, 3); // Handshake length
|
||||
|
||||
@ -131,7 +131,7 @@ PacketFilter::Action TlsRecordFilter::Filter(const DataBuffer& input,
|
||||
// spec to another active cipher spec (KeyUpdate for instance) AND writes
|
||||
// are consolidated across that change, this code could use the wrong
|
||||
// sequence numbers when re-encrypting records with the old keys.
|
||||
if (header.content_type() == kTlsApplicationDataType) {
|
||||
if (header.content_type() == ssl_ct_application_data) {
|
||||
in_sequence_number_ =
|
||||
(std::max)(in_sequence_number_, header.sequence_number() + 1);
|
||||
}
|
||||
@ -194,7 +194,7 @@ PacketFilter::Action TlsRecordFilter::FilterRecord(
|
||||
|
||||
uint64_t seq_num;
|
||||
if (header.is_dtls() || !cipher_spec_ ||
|
||||
header.content_type() != kTlsApplicationDataType) {
|
||||
header.content_type() != ssl_ct_application_data) {
|
||||
seq_num = header.sequence_number();
|
||||
} else {
|
||||
seq_num = out_sequence_number_++;
|
||||
@ -277,7 +277,7 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
|
||||
|
||||
#ifndef UNSAFE_FUZZER_MODE
|
||||
// Deal with the 7 octet header.
|
||||
if (content_type_ == kTlsApplicationDataType) {
|
||||
if (content_type_ == ssl_ct_application_data) {
|
||||
uint32_t tmp;
|
||||
if (!parser->Read(&tmp, 4)) {
|
||||
return false;
|
||||
@ -298,7 +298,7 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
|
||||
}
|
||||
// Need to use the low 5 bits of the first octet too.
|
||||
tmp |= (content_type_ & 0x1f) << 8;
|
||||
content_type_ = kTlsApplicationDataType;
|
||||
content_type_ = ssl_ct_application_data;
|
||||
sequence_number_ = ParseSequenceNumber(seqno, tmp, 12, 1);
|
||||
|
||||
if (!parser->ReadFromMark(&header_, parser->consumed() - mark, mark)) {
|
||||
@ -308,9 +308,9 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
|
||||
}
|
||||
|
||||
// The full 13 octet header can only be used for a few types.
|
||||
EXPECT_TRUE(content_type_ == kTlsAlertType ||
|
||||
content_type_ == kTlsHandshakeType ||
|
||||
content_type_ == kTlsAckType);
|
||||
EXPECT_TRUE(content_type_ == ssl_ct_alert ||
|
||||
content_type_ == ssl_ct_handshake ||
|
||||
content_type_ == ssl_ct_ack);
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -347,7 +347,7 @@ size_t TlsRecordHeader::WriteHeader(DataBuffer* buffer, size_t offset,
|
||||
size_t body_len) const {
|
||||
offset = buffer->Write(offset, content_type_, 1);
|
||||
if (is_dtls() && version_ >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
||||
content_type() == kTlsApplicationDataType) {
|
||||
content_type() == ssl_ct_application_data) {
|
||||
// application_data records in TLS 1.3 have a different header format.
|
||||
// Always use the long header here for simplicity.
|
||||
uint32_t e = (sequence_number_ >> 48) & 0x3;
|
||||
@ -377,7 +377,7 @@ bool TlsRecordFilter::Unprotect(const TlsRecordHeader& header,
|
||||
const DataBuffer& ciphertext,
|
||||
uint8_t* inner_content_type,
|
||||
DataBuffer* plaintext) {
|
||||
if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) {
|
||||
if (!cipher_spec_ || header.content_type() != ssl_ct_application_data) {
|
||||
*inner_content_type = header.content_type();
|
||||
*plaintext = ciphertext;
|
||||
return true;
|
||||
@ -411,7 +411,7 @@ bool TlsRecordFilter::Protect(const TlsRecordHeader& header,
|
||||
uint8_t inner_content_type,
|
||||
const DataBuffer& plaintext,
|
||||
DataBuffer* ciphertext, size_t padding) {
|
||||
if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) {
|
||||
if (!cipher_spec_ || header.content_type() != ssl_ct_application_data) {
|
||||
*ciphertext = plaintext;
|
||||
return true;
|
||||
}
|
||||
@ -453,8 +453,7 @@ PacketFilter::Action TlsHandshakeFilter::FilterRecord(
|
||||
const TlsRecordHeader& record_header, const DataBuffer& input,
|
||||
DataBuffer* output) {
|
||||
// Check that the first byte is as requested.
|
||||
if ((record_header.content_type() != kTlsHandshakeType) &&
|
||||
(record_header.content_type() != kTlsAltHandshakeType)) {
|
||||
if (record_header.content_type() != ssl_ct_handshake) {
|
||||
return KEEP;
|
||||
}
|
||||
|
||||
|
||||
@ -172,20 +172,19 @@ inline std::ostream& operator<<(std::ostream& stream,
|
||||
hdr.WriteStream(stream);
|
||||
stream << ' ';
|
||||
switch (hdr.content_type()) {
|
||||
case kTlsChangeCipherSpecType:
|
||||
case ssl_ct_change_cipher_spec:
|
||||
stream << "CCS";
|
||||
break;
|
||||
case kTlsAlertType:
|
||||
case ssl_ct_alert:
|
||||
stream << "Alert";
|
||||
break;
|
||||
case kTlsHandshakeType:
|
||||
case kTlsAltHandshakeType:
|
||||
case ssl_ct_handshake:
|
||||
stream << "Handshake";
|
||||
break;
|
||||
case kTlsApplicationDataType:
|
||||
case ssl_ct_application_data:
|
||||
stream << "Data";
|
||||
break;
|
||||
case kTlsAckType:
|
||||
case ssl_ct_ack:
|
||||
stream << "ACK";
|
||||
break;
|
||||
default:
|
||||
@ -301,7 +300,7 @@ class TlsRecordRecorder : public TlsRecordFilter {
|
||||
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a)
|
||||
: TlsRecordFilter(a),
|
||||
filter_(false),
|
||||
ct_(content_handshake), // dummy (<optional> is C++14)
|
||||
ct_(ssl_ct_handshake), // dummy (<optional> is C++14)
|
||||
records_() {}
|
||||
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
|
||||
const DataBuffer& input,
|
||||
|
||||
@ -32,7 +32,7 @@ dtls13_InsertCipherTextHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
return sslBuffer_AppendNumber(wrBuf, seq, 2);
|
||||
}
|
||||
|
||||
rv = sslBuffer_AppendNumber(wrBuf, content_application_data, 1);
|
||||
rv = sslBuffer_AppendNumber(wrBuf, ssl_ct_application_data, 1);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
@ -147,7 +147,7 @@ dtls13_SendAck(sslSocket *ss)
|
||||
}
|
||||
|
||||
ssl_GetXmitBufLock(ss);
|
||||
sent = ssl3_SendRecord(ss, NULL, content_ack,
|
||||
sent = ssl3_SendRecord(ss, NULL, ssl_ct_ack,
|
||||
buf.buf, buf.len, 0);
|
||||
ssl_ReleaseXmitBufLock(ss);
|
||||
if (sent != buf.len) {
|
||||
@ -343,7 +343,7 @@ dtls13_SetupAcks(sslSocket *ss)
|
||||
*/
|
||||
SECStatus
|
||||
dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
|
||||
SSL3ContentType rType,
|
||||
SSLContentType rType,
|
||||
sslBuffer *databuf)
|
||||
{
|
||||
SECStatus rv;
|
||||
@ -360,7 +360,7 @@ dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
|
||||
SSL_TRC(10, ("%d: DTLS13[%d]: handle out of epoch record: type=%d", SSL_GETPID(),
|
||||
ss->fd, rType));
|
||||
|
||||
if (rType == content_ack) {
|
||||
if (rType == ssl_ct_ack) {
|
||||
ssl_GetSSL3HandshakeLock(ss);
|
||||
rv = dtls13_HandleAck(ss, &buf);
|
||||
ssl_ReleaseSSL3HandshakeLock(ss);
|
||||
@ -380,7 +380,7 @@ dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
|
||||
* retransmitted Finished (e.g., because our ACK got lost.)
|
||||
* We just retransmit the previous Finished to let the client
|
||||
* complete. */
|
||||
if (rType == content_handshake) {
|
||||
if (rType == ssl_ct_handshake) {
|
||||
if ((ss->sec.isServer) &&
|
||||
(ss->ssl3.hs.ws == idle_handshake)) {
|
||||
PORT_Assert(dtls_TimerActive(ss, ss->ssl3.hs.hdTimer));
|
||||
|
||||
@ -21,7 +21,7 @@ PRBool dtls_NextUnackedRange(sslSocket *ss, PRUint16 msgSeq, PRUint32 offset,
|
||||
PRUint32 len, PRUint32 *startOut, PRUint32 *endOut);
|
||||
SECStatus dtls13_SetupAcks(sslSocket *ss);
|
||||
SECStatus dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
|
||||
SSL3ContentType rType,
|
||||
SSLContentType rType,
|
||||
sslBuffer *databuf);
|
||||
SECStatus dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf);
|
||||
|
||||
|
||||
@ -120,7 +120,7 @@ ssl3_DisableNonDTLSSuites(sslSocket *ss)
|
||||
* Called from dtls_QueueMessage()
|
||||
*/
|
||||
static DTLSQueuedMessage *
|
||||
dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSLContentType ct,
|
||||
const unsigned char *data, PRUint32 len)
|
||||
{
|
||||
DTLSQueuedMessage *msg;
|
||||
@ -138,7 +138,7 @@ dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
|
||||
msg->len = len;
|
||||
msg->cwSpec = cwSpec;
|
||||
msg->type = type;
|
||||
msg->type = ct;
|
||||
/* Safe if we are < 1.3, since the refct is
|
||||
* already very high. */
|
||||
ssl_CipherSpecAddRef(cwSpec);
|
||||
@ -517,7 +517,7 @@ loser:
|
||||
* ssl3_SendChangeCipherSpecs()
|
||||
*/
|
||||
SECStatus
|
||||
dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
|
||||
dtls_QueueMessage(sslSocket *ss, SSLContentType ct,
|
||||
const PRUint8 *pIn, PRInt32 nIn)
|
||||
{
|
||||
SECStatus rv = SECSuccess;
|
||||
@ -528,7 +528,7 @@ dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
|
||||
PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
|
||||
|
||||
spec = ss->ssl3.cwSpec;
|
||||
msg = dtls_AllocQueuedMessage(spec, type, pIn, nIn);
|
||||
msg = dtls_AllocQueuedMessage(spec, ct, pIn, nIn);
|
||||
|
||||
if (!msg) {
|
||||
PORT_SetError(SEC_ERROR_NO_MEMORY);
|
||||
@ -562,7 +562,7 @@ dtls_StageHandshakeMessage(sslSocket *ss)
|
||||
if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
|
||||
return rv;
|
||||
|
||||
rv = dtls_QueueMessage(ss, content_handshake,
|
||||
rv = dtls_QueueMessage(ss, ssl_ct_handshake,
|
||||
ss->sec.ci.sendBuf.buf, ss->sec.ci.sendBuf.len);
|
||||
|
||||
/* Whether we succeeded or failed, toss the old handshake data. */
|
||||
@ -696,7 +696,7 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg)
|
||||
PORT_Assert(msg->len >= DTLS_HS_HDR_LEN);
|
||||
|
||||
/* DTLS only supports fragmenting handshaking messages. */
|
||||
PORT_Assert(msg->type == content_handshake);
|
||||
PORT_Assert(msg->type == ssl_ct_handshake);
|
||||
|
||||
msgSeq = (msg->data[4] << 8) | msg->data[5];
|
||||
|
||||
@ -848,7 +848,7 @@ dtls_TransmitMessageFlight(sslSocket *ss)
|
||||
* be quite fragmented. Adding an extra flush here would push new
|
||||
* messages into new records and reduce fragmentation. */
|
||||
|
||||
if (msg->type == content_handshake) {
|
||||
if (msg->type == ssl_ct_handshake) {
|
||||
rv = dtls_FragmentHandshake(ss, msg);
|
||||
} else {
|
||||
PORT_Assert(!tls13_MaybeTls13(ss));
|
||||
@ -1327,9 +1327,9 @@ dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet)
|
||||
{
|
||||
#ifndef UNSAFE_FUZZER_MODE
|
||||
return version < SSL_LIBRARY_VERSION_TLS_1_3 ||
|
||||
firstOctet == content_handshake ||
|
||||
firstOctet == content_ack ||
|
||||
firstOctet == content_alert;
|
||||
firstOctet == ssl_ct_handshake ||
|
||||
firstOctet == ssl_ct_ack ||
|
||||
firstOctet == ssl_ct_alert;
|
||||
#else
|
||||
return PR_TRUE;
|
||||
#endif
|
||||
@ -1359,7 +1359,7 @@ dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr)
|
||||
}
|
||||
|
||||
/* dtls_GatherData should ensure that this works. */
|
||||
PORT_Assert(hdr[0] == content_application_data);
|
||||
PORT_Assert(hdr[0] == ssl_ct_application_data);
|
||||
|
||||
/* This uses the same method as is used to recover the sequence number in
|
||||
* dtls_ReadSequenceNumber, except that the maximum value is set to the
|
||||
|
||||
@ -23,7 +23,7 @@ extern SECStatus dtls_HandleHandshake(sslSocket *ss, DTLSEpoch epoch,
|
||||
extern SECStatus dtls_HandleHelloVerifyRequest(sslSocket *ss,
|
||||
PRUint8 *b, PRUint32 length);
|
||||
extern SECStatus dtls_StageHandshakeMessage(sslSocket *ss);
|
||||
extern SECStatus dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
|
||||
extern SECStatus dtls_QueueMessage(sslSocket *ss, SSLContentType type,
|
||||
const PRUint8 *pIn, PRInt32 nIn);
|
||||
extern SECStatus dtls_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags);
|
||||
SECStatus ssl3_DisableNonDTLSSuites(sslSocket *ss);
|
||||
|
||||
@ -501,19 +501,19 @@ ssl3_DecodeContentType(int msgType)
|
||||
static char line[40];
|
||||
|
||||
switch (msgType) {
|
||||
case content_change_cipher_spec:
|
||||
case ssl_ct_change_cipher_spec:
|
||||
rv = "change_cipher_spec (20)";
|
||||
break;
|
||||
case content_alert:
|
||||
case ssl_ct_alert:
|
||||
rv = "alert (21)";
|
||||
break;
|
||||
case content_handshake:
|
||||
case ssl_ct_handshake:
|
||||
rv = "handshake (22)";
|
||||
break;
|
||||
case content_application_data:
|
||||
case ssl_ct_application_data:
|
||||
rv = "application_data (23)";
|
||||
break;
|
||||
case content_ack:
|
||||
case ssl_ct_ack:
|
||||
rv = "ack (25)";
|
||||
break;
|
||||
default:
|
||||
@ -1512,7 +1512,7 @@ loser:
|
||||
static SECStatus
|
||||
ssl3_BuildRecordPseudoHeader(DTLSEpoch epoch,
|
||||
sslSequenceNumber seqNum,
|
||||
SSL3ContentType type,
|
||||
SSLContentType ct,
|
||||
PRBool includesVersion,
|
||||
SSL3ProtocolVersion version,
|
||||
PRBool isDTLS,
|
||||
@ -1532,7 +1532,7 @@ ssl3_BuildRecordPseudoHeader(DTLSEpoch epoch,
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
rv = sslBuffer_AppendNumber(buf, type, 1);
|
||||
rv = sslBuffer_AppendNumber(buf, ct, 1);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
@ -2000,7 +2000,7 @@ SECStatus
|
||||
ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
|
||||
PRBool isServer,
|
||||
PRBool isDTLS,
|
||||
SSL3ContentType type,
|
||||
SSLContentType ct,
|
||||
const PRUint8 *pIn,
|
||||
PRUint32 contentLen,
|
||||
sslBuffer *wrBuf)
|
||||
@ -2047,7 +2047,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
|
||||
}
|
||||
|
||||
rv = ssl3_BuildRecordPseudoHeader(
|
||||
cwSpec->epoch, cwSpec->nextSeqNum, type,
|
||||
cwSpec->epoch, cwSpec->nextSeqNum, ct,
|
||||
cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_0, cwSpec->recordVersion,
|
||||
isDTLS, contentLen, &pseudoHeader);
|
||||
PORT_Assert(rv == SECSuccess);
|
||||
@ -2169,7 +2169,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
|
||||
/* Note: though this can report failure, it shouldn't. */
|
||||
SECStatus
|
||||
ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
SSL3ContentType contentType, sslBuffer *wrBuf,
|
||||
SSLContentType contentType, sslBuffer *wrBuf,
|
||||
PRBool *needsLength)
|
||||
{
|
||||
SECStatus rv;
|
||||
@ -2181,7 +2181,7 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
return dtls13_InsertCipherTextHeader(ss, cwSpec, wrBuf,
|
||||
needsLength);
|
||||
}
|
||||
contentType = content_application_data;
|
||||
contentType = ssl_ct_application_data;
|
||||
}
|
||||
#endif
|
||||
rv = sslBuffer_AppendNumber(wrBuf, contentType, 1);
|
||||
@ -2208,7 +2208,7 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
}
|
||||
|
||||
SECStatus
|
||||
ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSLContentType ct,
|
||||
const PRUint8 *pIn, PRUint32 contentLen, sslBuffer *wrBuf)
|
||||
{
|
||||
PRBool needsLength;
|
||||
@ -2228,7 +2228,7 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
rv = ssl_InsertRecordHeader(ss, cwSpec, type, wrBuf, &needsLength);
|
||||
rv = ssl_InsertRecordHeader(ss, cwSpec, ct, wrBuf, &needsLength);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
@ -2252,9 +2252,9 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
}
|
||||
#else
|
||||
if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, wrBuf);
|
||||
rv = tls13_ProtectRecord(ss, cwSpec, ct, pIn, contentLen, wrBuf);
|
||||
} else {
|
||||
rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), type,
|
||||
rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), ct,
|
||||
pIn, contentLen, wrBuf);
|
||||
}
|
||||
#endif
|
||||
@ -2276,7 +2276,7 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
|
||||
}
|
||||
|
||||
SECStatus
|
||||
ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
|
||||
ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSLContentType ct,
|
||||
const PRUint8 *pIn, unsigned int nIn,
|
||||
unsigned int *written)
|
||||
{
|
||||
@ -2300,7 +2300,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
|
||||
}
|
||||
}
|
||||
|
||||
rv = ssl_ProtectRecord(ss, spec, type, pIn, contentLen, wrBuf);
|
||||
rv = ssl_ProtectRecord(ss, spec, ct, pIn, contentLen, wrBuf);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
@ -2334,7 +2334,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
|
||||
PRInt32
|
||||
ssl3_SendRecord(sslSocket *ss,
|
||||
ssl3CipherSpec *cwSpec, /* non-NULL for DTLS retransmits */
|
||||
SSL3ContentType type,
|
||||
SSLContentType ct,
|
||||
const PRUint8 *pIn, /* input buffer */
|
||||
PRInt32 nIn, /* bytes of input */
|
||||
PRInt32 flags)
|
||||
@ -2345,7 +2345,7 @@ ssl3_SendRecord(sslSocket *ss,
|
||||
PRInt32 totalSent = 0;
|
||||
|
||||
SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
|
||||
SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
|
||||
SSL_GETPID(), ss->fd, ssl3_DecodeContentType(ct),
|
||||
nIn));
|
||||
PRINT_BUF(50, (ss, "Send record (plain text)", pIn, nIn));
|
||||
|
||||
@ -2355,7 +2355,7 @@ ssl3_SendRecord(sslSocket *ss,
|
||||
if (ss->ssl3.fatalAlertSent) {
|
||||
SSL_TRC(3, ("%d: SSL3[%d] Suppress write, fatal alert already sent",
|
||||
SSL_GETPID(), ss->fd));
|
||||
if (type != content_alert) {
|
||||
if (ct != ssl_ct_alert) {
|
||||
/* If we are sending an alert, then we already have an
|
||||
* error, so don't overwrite. */
|
||||
PORT_SetError(SSL_ERROR_HANDSHAKE_FAILED);
|
||||
@ -2372,8 +2372,8 @@ ssl3_SendRecord(sslSocket *ss,
|
||||
if (cwSpec) {
|
||||
/* cwSpec can only be set for retransmissions of the DTLS handshake. */
|
||||
PORT_Assert(IS_DTLS(ss) &&
|
||||
(type == content_handshake ||
|
||||
type == content_change_cipher_spec));
|
||||
(ct == ssl_ct_handshake ||
|
||||
ct == ssl_ct_change_cipher_spec));
|
||||
spec = cwSpec;
|
||||
} else {
|
||||
spec = ss->ssl3.cwSpec;
|
||||
@ -2384,7 +2384,7 @@ ssl3_SendRecord(sslSocket *ss,
|
||||
PRInt32 sent;
|
||||
|
||||
ssl_GetSpecReadLock(ss);
|
||||
rv = ssl_ProtectNextRecord(ss, spec, type, pIn, nIn, &written);
|
||||
rv = ssl_ProtectNextRecord(ss, spec, ct, pIn, nIn, &written);
|
||||
ssl_ReleaseSpecReadLock(ss);
|
||||
if (rv != SECSuccess) {
|
||||
goto loser;
|
||||
@ -2392,7 +2392,7 @@ ssl3_SendRecord(sslSocket *ss,
|
||||
|
||||
PORT_Assert(written > 0);
|
||||
/* DTLS should not fragment non-application data here. */
|
||||
if (IS_DTLS(ss) && type != content_application_data) {
|
||||
if (IS_DTLS(ss) && ct != ssl_ct_application_data) {
|
||||
PORT_Assert(written == nIn);
|
||||
}
|
||||
|
||||
@ -2541,7 +2541,7 @@ ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
|
||||
* Note that the 0 epoch is OK because flags will never require
|
||||
* its use, as guaranteed by the PORT_Assert above.
|
||||
*/
|
||||
sent = ssl3_SendRecord(ss, NULL, content_application_data,
|
||||
sent = ssl3_SendRecord(ss, NULL, ssl_ct_application_data,
|
||||
in + totalSent, toSend, flags);
|
||||
if (sent < 0) {
|
||||
if (totalSent > 0 && PR_GetError() == PR_WOULD_BLOCK_ERROR) {
|
||||
@ -2624,7 +2624,7 @@ ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags)
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
count = ssl3_SendRecord(ss, NULL, content_handshake,
|
||||
count = ssl3_SendRecord(ss, NULL, ssl_ct_handshake,
|
||||
ss->sec.ci.sendBuf.buf,
|
||||
ss->sec.ci.sendBuf.len, flags);
|
||||
if (count < 0) {
|
||||
@ -2750,7 +2750,7 @@ SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
|
||||
rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
|
||||
if (rv == SECSuccess) {
|
||||
PRInt32 sent;
|
||||
sent = ssl3_SendRecord(ss, NULL, content_alert, bytes, 2,
|
||||
sent = ssl3_SendRecord(ss, NULL, ssl_ct_alert, bytes, 2,
|
||||
(desc == no_certificate) ? ssl_SEND_FLAG_FORCE_INTO_BUFFER : 0);
|
||||
rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
|
||||
}
|
||||
@ -3047,13 +3047,13 @@ ssl3_SendChangeCipherSpecsInt(sslSocket *ss)
|
||||
|
||||
if (!IS_DTLS(ss)) {
|
||||
PRInt32 sent;
|
||||
sent = ssl3_SendRecord(ss, NULL, content_change_cipher_spec,
|
||||
sent = ssl3_SendRecord(ss, NULL, ssl_ct_change_cipher_spec,
|
||||
&change, 1, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
|
||||
if (sent < 0) {
|
||||
return SECFailure; /* error code set by ssl3_SendRecord */
|
||||
}
|
||||
} else {
|
||||
rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1);
|
||||
rv = dtls_QueueMessage(ss, ssl_ct_change_cipher_spec, &change, 1);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
}
|
||||
@ -11454,7 +11454,7 @@ ssl3_FinishHandshake(sslSocket *ss)
|
||||
}
|
||||
|
||||
SECStatus
|
||||
ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
|
||||
ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType ct,
|
||||
PRUint32 dtlsSeq,
|
||||
const PRUint8 *b, PRUint32 length)
|
||||
{
|
||||
@ -11464,7 +11464,7 @@ ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
|
||||
|
||||
PRINT_BUF(50, (ss, "Hash handshake message:", b, length));
|
||||
|
||||
hdr[0] = (PRUint8)type;
|
||||
hdr[0] = (PRUint8)ct;
|
||||
hdr[1] = (PRUint8)(length >> 16);
|
||||
hdr[2] = (PRUint8)(length >> 8);
|
||||
hdr[3] = (PRUint8)(length);
|
||||
@ -11504,10 +11504,10 @@ ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
|
||||
}
|
||||
|
||||
SECStatus
|
||||
ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType type,
|
||||
ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType ct,
|
||||
const PRUint8 *b, PRUint32 length)
|
||||
{
|
||||
return ssl_HashHandshakeMessageInt(ss, type, ss->ssl3.hs.recvMessageSeq,
|
||||
return ssl_HashHandshakeMessageInt(ss, ct, ss->ssl3.hs.recvMessageSeq,
|
||||
b, length);
|
||||
}
|
||||
|
||||
@ -12087,7 +12087,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
|
||||
PRBool isTLS;
|
||||
unsigned int good;
|
||||
unsigned int ivLen = 0;
|
||||
SSL3ContentType rType;
|
||||
SSLContentType rType;
|
||||
SSL3ProtocolVersion rVersion;
|
||||
unsigned int minLength;
|
||||
unsigned int originalLen = 0;
|
||||
@ -12161,7 +12161,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
rType = (SSL3ContentType)cText->hdr[0];
|
||||
rType = (SSLContentType)cText->hdr[0];
|
||||
rVersion = ((SSL3ProtocolVersion)cText->hdr[1] << 8) |
|
||||
(SSL3ProtocolVersion)cText->hdr[2];
|
||||
if (cipher_def->type == type_aead) {
|
||||
@ -12273,7 +12273,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
|
||||
}
|
||||
|
||||
SECStatus
|
||||
ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
|
||||
ssl3_HandleNonApplicationData(sslSocket *ss, SSLContentType rType,
|
||||
DTLSEpoch epoch, sslSequenceNumber seqNum,
|
||||
sslBuffer *databuf)
|
||||
{
|
||||
@ -12291,20 +12291,20 @@ ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
|
||||
** they return SECFailure or SECWouldBlock.
|
||||
*/
|
||||
switch (rType) {
|
||||
case content_change_cipher_spec:
|
||||
case ssl_ct_change_cipher_spec:
|
||||
rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
|
||||
break;
|
||||
case content_alert:
|
||||
case ssl_ct_alert:
|
||||
rv = ssl3_HandleAlert(ss, databuf);
|
||||
break;
|
||||
case content_handshake:
|
||||
case ssl_ct_handshake:
|
||||
if (!IS_DTLS(ss)) {
|
||||
rv = ssl3_HandleHandshake(ss, databuf);
|
||||
} else {
|
||||
rv = dtls_HandleHandshake(ss, epoch, seqNum, databuf);
|
||||
}
|
||||
break;
|
||||
case content_ack:
|
||||
case ssl_ct_ack:
|
||||
if (IS_DTLS(ss) && tls13_MaybeTls13(ss)) {
|
||||
rv = dtls13_HandleAck(ss, databuf);
|
||||
break;
|
||||
@ -12392,7 +12392,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
|
||||
ssl3CipherSpec *spec = NULL;
|
||||
PRUint16 recordSizeLimit;
|
||||
PRBool outOfOrderSpec = PR_FALSE;
|
||||
SSL3ContentType rType;
|
||||
SSLContentType rType;
|
||||
sslBuffer *plaintext = &ss->gs.buf;
|
||||
SSL3AlertDescription alert = internal_error;
|
||||
PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
|
||||
@ -12410,7 +12410,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
|
||||
/* We're waiting for another ClientHello, which will appear unencrypted.
|
||||
* Use the content type to tell whether this should be discarded. */
|
||||
if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr &&
|
||||
cText->hdr[0] == content_application_data) {
|
||||
cText->hdr[0] == ssl_ct_application_data) {
|
||||
PORT_Assert(ss->ssl3.hs.ws == wait_client_hello);
|
||||
return SECSuccess;
|
||||
}
|
||||
@ -12471,7 +12471,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
|
||||
/* Encrypted application data records could arrive before the handshake
|
||||
* completes in DTLS 1.3. These can look like valid TLS 1.2 application_data
|
||||
* records in epoch 0, which is never valid. Pretend they didn't decrypt. */
|
||||
if (spec->epoch == 0 && rType == content_application_data) {
|
||||
if (spec->epoch == 0 && rType == ssl_ct_application_data) {
|
||||
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
|
||||
alert = unexpected_message;
|
||||
rv = SECFailure;
|
||||
@ -12506,7 +12506,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
|
||||
* 0-RTT session that is resumed from a session that did negotiate it.
|
||||
* We don't care about that corner case right now. */
|
||||
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
||||
cText->hdr[0] == content_change_cipher_spec &&
|
||||
cText->hdr[0] == ssl_ct_change_cipher_spec &&
|
||||
ss->ssl3.hs.ws != idle_handshake &&
|
||||
cText->buf->len == 1 &&
|
||||
cText->buf->buf[0] == change_cipher_spec_choice) {
|
||||
@ -12566,7 +12566,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
|
||||
/* Application data records are processed by the caller of this
|
||||
** function, not by this function.
|
||||
*/
|
||||
if (rType == content_application_data) {
|
||||
if (rType == ssl_ct_application_data) {
|
||||
if (ss->firstHsDone)
|
||||
return SECSuccess;
|
||||
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
||||
|
||||
@ -60,8 +60,8 @@ ssl3_isLikelyV3Hello(const unsigned char *buf)
|
||||
}
|
||||
|
||||
/* Check for a typical V3 record header. */
|
||||
return (PRBool)(buf[0] >= content_change_cipher_spec &&
|
||||
buf[0] <= content_application_data &&
|
||||
return (PRBool)(buf[0] >= ssl_ct_change_cipher_spec &&
|
||||
buf[0] <= ssl_ct_application_data &&
|
||||
buf[1] == MSB(SSL_LIBRARY_VERSION_3_0));
|
||||
}
|
||||
|
||||
@ -314,7 +314,7 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
|
||||
contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset];
|
||||
if (dtls_IsLongHeader(ss->version, contentType)) {
|
||||
headerLen = 13;
|
||||
} else if (contentType == content_application_data) {
|
||||
} else if (contentType == ssl_ct_application_data) {
|
||||
headerLen = 7;
|
||||
} else if ((contentType & 0xe0) == 0x20) {
|
||||
headerLen = 2;
|
||||
@ -463,7 +463,7 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
|
||||
SSL_DBG(("%d: SSL3[%d]: resuming handshake",
|
||||
SSL_GETPID(), ss->fd));
|
||||
PORT_Assert(!IS_DTLS(ss));
|
||||
rv = ssl3_HandleNonApplicationData(ss, content_handshake,
|
||||
rv = ssl3_HandleNonApplicationData(ss, ssl_ct_handshake,
|
||||
0, 0, &ss->gs.buf);
|
||||
} else {
|
||||
/* State for SSLv2 client hello support. */
|
||||
|
||||
@ -35,15 +35,6 @@ typedef PRUint16 ssl3CipherSuite;
|
||||
|
||||
#define MAX_FRAGMENT_LENGTH 16384
|
||||
|
||||
typedef enum {
|
||||
content_change_cipher_spec = 20,
|
||||
content_alert = 21,
|
||||
content_handshake = 22,
|
||||
content_application_data = 23,
|
||||
content_alt_handshake = 24,
|
||||
content_ack = 25
|
||||
} SSL3ContentType;
|
||||
|
||||
typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
|
||||
|
||||
typedef enum { alert_warning = 1,
|
||||
|
||||
@ -552,7 +552,7 @@ typedef SECStatus (*sslRestartTarget)(sslSocket *);
|
||||
typedef struct DTLSQueuedMessageStr {
|
||||
PRCList link; /* The linked list link */
|
||||
ssl3CipherSpec *cwSpec; /* The cipher spec to use, null for none */
|
||||
SSL3ContentType type; /* The message type */
|
||||
SSLContentType type; /* The message type */
|
||||
unsigned char *data; /* The data */
|
||||
PRUint16 len; /* The data length */
|
||||
} DTLSQueuedMessage;
|
||||
@ -1215,7 +1215,7 @@ SECStatus ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType type,
|
||||
extern PRBool ssl3_WaitingForServerSecondRound(sslSocket *ss);
|
||||
|
||||
extern PRInt32 ssl3_SendRecord(sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
SSL3ContentType type,
|
||||
SSLContentType type,
|
||||
const PRUint8 *pIn, PRInt32 nIn,
|
||||
PRInt32 flags);
|
||||
|
||||
@ -1387,7 +1387,7 @@ SECStatus ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type);
|
||||
* input into the SSL3 machinery from the actualy network reading code
|
||||
*/
|
||||
SECStatus ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cipher);
|
||||
SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
|
||||
SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSLContentType rType,
|
||||
DTLSEpoch epoch,
|
||||
sslSequenceNumber seqNum,
|
||||
sslBuffer *databuf);
|
||||
@ -1652,7 +1652,7 @@ SSLAuthType ssl_SignatureSchemeToAuthType(SSLSignatureScheme scheme);
|
||||
|
||||
SECStatus ssl3_SetupCipherSuite(sslSocket *ss, PRBool initHashes);
|
||||
SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
|
||||
SSL3ContentType contentType, sslBuffer *wrBuf,
|
||||
SSLContentType contentType, sslBuffer *wrBuf,
|
||||
PRBool *needsLength);
|
||||
|
||||
/* Pull in DTLS functions */
|
||||
|
||||
@ -971,7 +971,7 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
|
||||
* 1-RTT later.
|
||||
*/
|
||||
ssl_GetSpecReadLock(ss);
|
||||
len = tls13_LimitEarlyData(ss, content_application_data, len);
|
||||
len = tls13_LimitEarlyData(ss, ssl_ct_application_data, len);
|
||||
ssl_ReleaseSpecReadLock(ss);
|
||||
}
|
||||
|
||||
|
||||
@ -35,6 +35,14 @@ typedef enum {
|
||||
ssl_hs_message_hash = 254, /* Not a real message. */
|
||||
} SSLHandshakeType;
|
||||
|
||||
typedef enum {
|
||||
ssl_ct_change_cipher_spec = 20,
|
||||
ssl_ct_alert = 21,
|
||||
ssl_ct_handshake = 22,
|
||||
ssl_ct_application_data = 23,
|
||||
ssl_ct_ack = 25
|
||||
} SSLContentType;
|
||||
|
||||
typedef struct SSL3StatisticsStr {
|
||||
/* statistics from ssl3_SendClientHello (sch) */
|
||||
long sch_sid_cache_hits;
|
||||
|
||||
@ -4812,11 +4812,11 @@ tls13_FormatAdditionalData(
|
||||
}
|
||||
|
||||
PRInt32
|
||||
tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend)
|
||||
tls13_LimitEarlyData(sslSocket *ss, SSLContentType type, PRInt32 toSend)
|
||||
{
|
||||
PRInt32 reduced;
|
||||
|
||||
PORT_Assert(type == content_application_data);
|
||||
PORT_Assert(type == ssl_ct_application_data);
|
||||
PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
|
||||
PORT_Assert(!ss->firstHsDone);
|
||||
if (ss->ssl3.cwSpec->epoch != TrafficKeyEarlyApplicationData) {
|
||||
@ -4836,7 +4836,7 @@ tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend)
|
||||
SECStatus
|
||||
tls13_ProtectRecord(sslSocket *ss,
|
||||
ssl3CipherSpec *cwSpec,
|
||||
SSL3ContentType type,
|
||||
SSLContentType type,
|
||||
const PRUint8 *pIn,
|
||||
PRUint32 contentLen,
|
||||
sslBuffer *wrBuf)
|
||||
@ -4877,7 +4877,7 @@ tls13_ProtectRecord(sslSocket *ss,
|
||||
*(SSL_BUFFER_NEXT(wrBuf) + contentLen) = type;
|
||||
|
||||
/* Create the header (ugly that we have to do it twice). */
|
||||
rv = ssl_InsertRecordHeader(ss, cwSpec, content_application_data,
|
||||
rv = ssl_InsertRecordHeader(ss, cwSpec, ssl_ct_application_data,
|
||||
&buf, &needsLength);
|
||||
if (rv != SECSuccess) {
|
||||
return SECFailure;
|
||||
@ -4929,7 +4929,7 @@ tls13_UnprotectRecord(sslSocket *ss,
|
||||
ssl3CipherSpec *spec,
|
||||
SSL3Ciphertext *cText,
|
||||
sslBuffer *plaintext,
|
||||
SSL3ContentType *innerType,
|
||||
SSLContentType *innerType,
|
||||
SSL3AlertDescription *alert)
|
||||
{
|
||||
const ssl3BulkCipherDef *cipher_def = spec->cipherDef;
|
||||
@ -4956,7 +4956,7 @@ tls13_UnprotectRecord(sslSocket *ss,
|
||||
|
||||
/* Verify that the content type is right, even though we overwrite it.
|
||||
* Also allow the DTLS short header in TLS 1.3. */
|
||||
if (!(cText->hdr[0] == content_application_data ||
|
||||
if (!(cText->hdr[0] == ssl_ct_application_data ||
|
||||
(IS_DTLS(ss) &&
|
||||
ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
|
||||
(cText->hdr[0] & 0xe0) == 0x20))) {
|
||||
@ -5032,12 +5032,12 @@ tls13_UnprotectRecord(sslSocket *ss,
|
||||
}
|
||||
|
||||
/* Record the type. */
|
||||
*innerType = (SSL3ContentType)plaintext->buf[plaintext->len - 1];
|
||||
*innerType = (SSLContentType)plaintext->buf[plaintext->len - 1];
|
||||
--plaintext->len;
|
||||
|
||||
/* Check that we haven't received too much 0-RTT data. */
|
||||
if (spec->epoch == TrafficKeyEarlyApplicationData &&
|
||||
*innerType == content_application_data) {
|
||||
*innerType == ssl_ct_application_data) {
|
||||
if (plaintext->len > spec->earlyDataRemaining) {
|
||||
*alert = unexpected_message;
|
||||
PORT_SetError(SSL_ERROR_TOO_MUCH_EARLY_DATA);
|
||||
|
||||
@ -28,7 +28,7 @@ typedef enum {
|
||||
SECStatus tls13_UnprotectRecord(
|
||||
sslSocket *ss, ssl3CipherSpec *spec,
|
||||
SSL3Ciphertext *cText, sslBuffer *plaintext,
|
||||
SSL3ContentType *innerType,
|
||||
SSLContentType *innerType,
|
||||
SSL3AlertDescription *alert);
|
||||
|
||||
#if defined(WIN32)
|
||||
@ -64,7 +64,7 @@ void tls13_FatalError(sslSocket *ss, PRErrorCode prError,
|
||||
SSL3AlertDescription desc);
|
||||
SECStatus tls13_SetupClientHello(sslSocket *ss);
|
||||
SECStatus tls13_MaybeDo0RTTHandshake(sslSocket *ss);
|
||||
PRInt32 tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend);
|
||||
PRInt32 tls13_LimitEarlyData(sslSocket *ss, SSLContentType type, PRInt32 toSend);
|
||||
PRBool tls13_AllowPskCipher(const sslSocket *ss,
|
||||
const ssl3CipherSuiteDef *cipher_def);
|
||||
PRBool tls13_PskSuiteEnabled(sslSocket *ss);
|
||||
@ -94,7 +94,7 @@ tls13ExtensionStatus tls13_ExtensionStatus(PRUint16 extension,
|
||||
SSLHandshakeType message);
|
||||
SECStatus tls13_ProtectRecord(sslSocket *ss,
|
||||
ssl3CipherSpec *cwSpec,
|
||||
SSL3ContentType type,
|
||||
SSLContentType type,
|
||||
const PRUint8 *pIn,
|
||||
PRUint32 contentLen,
|
||||
sslBuffer *wrBuf);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user