wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1194135, Update Mozilla to NSS 3.20, r=mt

Browse Source
This commit is contained in:
Kai Engert 2015-08-13 11:31:23 +02:00
parent 313a754a77
commit e43d71303d
58 changed files with 1717 additions and 533 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/nss/TAG-INFO
View File

@ -1 +1 @@
NSS_3_19_3_RTM
NSS_3_20_RC0

138
security/nss/cmd/certutil/keystuff.c
View File

@ -133,64 +133,92 @@ UpdateRNG(void)
}
static const unsigned char P[] = { 0,
0x98, 0xef, 0x3a, 0xae, 0x70, 0x98, 0x9b, 0x44,
0xdb, 0x35, 0x86, 0xc1, 0xb6, 0xc2, 0x47, 0x7c,
0xb4, 0xff, 0x99, 0xe8, 0xae, 0x44, 0xf2, 0xeb,
0xc3, 0xbe, 0x23, 0x0f, 0x65, 0xd0, 0x4c, 0x04,
0x82, 0x90, 0xa7, 0x9d, 0x4a, 0xc8, 0x93, 0x7f,
0x41, 0xdf, 0xf8, 0x80, 0x6b, 0x0b, 0x68, 0x7f,
0xaf, 0xe4, 0xa8, 0xb5, 0xb2, 0x99, 0xc3, 0x69,
0xfb, 0x3f, 0xe7, 0x1b, 0xd0, 0x0f, 0xa9, 0x7a,
0x4a, 0x04, 0xbf, 0x50, 0x9e, 0x22, 0x33, 0xb8,
0x89, 0x53, 0x24, 0x10, 0xf9, 0x68, 0x77, 0xad,
0xaf, 0x10, 0x68, 0xb8, 0xd3, 0x68, 0x5d, 0xa3,
0xc3, 0xeb, 0x72, 0x3b, 0xa0, 0x0b, 0x73, 0x65,
0xc5, 0xd1, 0xfa, 0x8c, 0xc0, 0x7d, 0xaa, 0x52,
0x29, 0x34, 0x44, 0x01, 0xbf, 0x12, 0x25, 0xfe,
0x18, 0x0a, 0xc8, 0x3f, 0xc1, 0x60, 0x48, 0xdb,
0xad, 0x93, 0xb6, 0x61, 0x67, 0xd7, 0xa8, 0x2d };
0xc6, 0x2a, 0x47, 0x73, 0xea, 0x78, 0xfa, 0x65,
0x47, 0x69, 0x39, 0x10, 0x08, 0x55, 0x6a, 0xdd,
0xbf, 0x77, 0xe1, 0x9a, 0x69, 0x73, 0xba, 0x66,
0x37, 0x08, 0x93, 0x9e, 0xdb, 0x5d, 0x01, 0x08,
0xb8, 0x3a, 0x73, 0xe9, 0x85, 0x5f, 0xa7, 0x2b,
0x63, 0x7f, 0xd0, 0xc6, 0x4c, 0xdc, 0xfc, 0x8b,
0xa6, 0x03, 0xc9, 0x9c, 0x80, 0x5e, 0xec, 0xc6,
0x21, 0x23, 0xf7, 0x8e, 0xa4, 0x7b, 0x77, 0x83,
0x02, 0x44, 0xf8, 0x05, 0xd7, 0x36, 0x52, 0x13,
0x57, 0x78, 0x97, 0xf3, 0x7b, 0xcf, 0x1f, 0xc9,
0x2a, 0xa4, 0x71, 0x9d, 0xa8, 0xd8, 0x5d, 0xc5,
0x3b, 0x64, 0x3a, 0x72, 0x60, 0x62, 0xb0, 0xb8,
0xf3, 0xb1, 0xe7, 0xb9, 0x76, 0xdf, 0x74, 0xbe,
0x87, 0x6a, 0xd2, 0xf1, 0xa9, 0x44, 0x8b, 0x63,
0x76, 0x4f, 0x5d, 0x21, 0x63, 0xb5, 0x4f, 0x3c,
0x7b, 0x61, 0xb2, 0xf3, 0xea, 0xc5, 0xd8, 0xef,
0x30, 0x50, 0x59, 0x33, 0x61, 0xc0, 0xf3, 0x6e,
0x21, 0xcf, 0x15, 0x35, 0x4a, 0x87, 0x2b, 0xc3,
0xf6, 0x5a, 0x1f, 0x24, 0x22, 0xc5, 0xeb, 0x47,
0x34, 0x4a, 0x1b, 0xb5, 0x2e, 0x71, 0x52, 0x8f,
0x2d, 0x7d, 0xa9, 0x96, 0x8a, 0x7c, 0x61, 0xdb,
0xc0, 0xdc, 0xf1, 0xca, 0x28, 0x69, 0x1c, 0x97,
0xad, 0xea, 0x0d, 0x9e, 0x02, 0xe6, 0xe5, 0x7d,
0xad, 0xe0, 0x42, 0x91, 0x4d, 0xfa, 0xe2, 0x81,
0x16, 0x2b, 0xc2, 0x96, 0x3b, 0x32, 0x8c, 0x20,
0x69, 0x8b, 0x5b, 0x17, 0x3c, 0xf9, 0x13, 0x6c,
0x98, 0x27, 0x1c, 0xca, 0xcf, 0x33, 0xaa, 0x93,
0x21, 0xaf, 0x17, 0x6e, 0x5e, 0x00, 0x37, 0xd9,
0x34, 0x8a, 0x47, 0xd2, 0x1c, 0x67, 0x32, 0x60,
0xb6, 0xc7, 0xb0, 0xfd, 0x32, 0x90, 0x93, 0x32,
0xaa, 0x11, 0xba, 0x23, 0x19, 0x39, 0x6a, 0x42,
0x7c, 0x1f, 0xb7, 0x28, 0xdb, 0x64, 0xad, 0xd9 };
static const unsigned char Q[] = { 0,
0xb5, 0xb0, 0x84, 0x8b, 0x44, 0x29, 0xf6, 0x33,
0x59, 0xa1, 0x3c, 0xbe, 0xd2, 0x7f, 0x35, 0xa1,
0x76, 0x27, 0x03, 0x81 };
0xe6, 0xa3, 0xc9, 0xc6, 0x51, 0x92, 0x8b, 0xb3,
0x98, 0x8f, 0x97, 0xb8, 0x31, 0x0d, 0x4a, 0x03,
0x1e, 0xba, 0x4e, 0xe6, 0xc8, 0x90, 0x98, 0x1d,
0x3a, 0x95, 0xf4, 0xf1 };
static const unsigned char G[] = {
0x04, 0x0e, 0x83, 0x69, 0xf1, 0xcd, 0x7d, 0xe5,
0x0c, 0x78, 0x93, 0xd6, 0x49, 0x6f, 0x00, 0x04,
0x4e, 0x0e, 0x6c, 0x37, 0xaa, 0x38, 0x22, 0x47,
0xd2, 0x58, 0xec, 0x83, 0x12, 0x95, 0xf9, 0x9c,
0xf1, 0xf4, 0x27, 0xff, 0xd7, 0x99, 0x57, 0x35,
0xc6, 0x64, 0x4c, 0xc0, 0x47, 0x12, 0x31, 0x50,
0x82, 0x3c, 0x2a, 0x07, 0x03, 0x01, 0xef, 0x30,
0x09, 0x89, 0x82, 0x41, 0x76, 0x71, 0xda, 0x9e,
0x57, 0x8b, 0x76, 0x38, 0x37, 0x5f, 0xa5, 0xcd,
0x32, 0x84, 0x45, 0x8d, 0x4c, 0x17, 0x54, 0x2b,
0x5d, 0xc2, 0x6b, 0xba, 0x3e, 0xa0, 0x7b, 0x95,
0xd7, 0x00, 0x42, 0xf7, 0x08, 0xb8, 0x83, 0x87,
0x60, 0xe1, 0xe5, 0xf4, 0x1a, 0x54, 0xc2, 0x20,
0xda, 0x38, 0x3a, 0xd1, 0xb6, 0x10, 0xf4, 0xcb,
0x35, 0xda, 0x97, 0x92, 0x87, 0xd6, 0xa5, 0x37,
0x62, 0xb4, 0x93, 0x4a, 0x15, 0x21, 0xa5, 0x10 };
0x70, 0x32, 0x58, 0x5d, 0xb3, 0xbf, 0xc3, 0x62,
0x63, 0x0b, 0xf8, 0xa5, 0xe1, 0xed, 0xeb, 0x79,
0xac, 0x18, 0x41, 0x64, 0xb3, 0xda, 0x4c, 0xa7,
0x92, 0x63, 0xb1, 0x33, 0x7c, 0xcb, 0x43, 0xdc,
0x1f, 0x38, 0x63, 0x5e, 0x0e, 0x6d, 0x45, 0xd1,
0xc9, 0x67, 0xf3, 0xcf, 0x3d, 0x2d, 0x16, 0x4e,
0x92, 0x16, 0x06, 0x59, 0x29, 0x89, 0x6f, 0x54,
0xff, 0xc5, 0x71, 0xc8, 0x3a, 0x95, 0x84, 0xb6,
0x7e, 0x7b, 0x1e, 0x8b, 0x47, 0x9d, 0x7a, 0x3a,
0x36, 0x9b, 0x70, 0x2f, 0xd1, 0xbd, 0xef, 0xe8,
0x3a, 0x41, 0xd4, 0xf3, 0x1f, 0x81, 0xc7, 0x1f,
0x96, 0x7c, 0x30, 0xab, 0xf4, 0x7a, 0xac, 0x93,
0xed, 0x6f, 0x67, 0xb0, 0xc9, 0x5b, 0xf3, 0x83,
0x9d, 0xa0, 0xd7, 0xb9, 0x01, 0xed, 0x28, 0xae,
0x1c, 0x6e, 0x2e, 0x48, 0xac, 0x9f, 0x7d, 0xf3,
0x00, 0x48, 0xee, 0x0e, 0xfb, 0x7e, 0x5e, 0xcb,
0xf5, 0x39, 0xd8, 0x92, 0x90, 0x61, 0x2d, 0x1e,
0x3c, 0xd3, 0x55, 0x0d, 0x34, 0xd1, 0x81, 0xc4,
0x89, 0xea, 0x94, 0x2b, 0x56, 0x33, 0x73, 0x58,
0x48, 0xbf, 0x23, 0x72, 0x19, 0x5f, 0x19, 0xac,
0xff, 0x09, 0xc8, 0xcd, 0xab, 0x71, 0xef, 0x9e,
0x20, 0xfd, 0xe3, 0xb8, 0x27, 0x9e, 0x65, 0xb1,
0x85, 0xcd, 0x88, 0xfe, 0xd4, 0xd7, 0x64, 0x4d,
0xe1, 0xe8, 0xa6, 0xe5, 0x96, 0xc8, 0x5d, 0x9c,
0xc6, 0x70, 0x6b, 0xba, 0x77, 0x4e, 0x90, 0x4a,
0xb0, 0x96, 0xc5, 0xa0, 0x9e, 0x2c, 0x01, 0x03,
0xbe, 0xbd, 0x71, 0xba, 0x0a, 0x6f, 0x9f, 0xe5,
0xdb, 0x04, 0x08, 0xf2, 0x9e, 0x0f, 0x1b, 0xac,
0xcd, 0xbb, 0x65, 0x12, 0xcf, 0x77, 0xc9, 0x7d,
0xbe, 0x94, 0x4b, 0x9c, 0x5b, 0xde, 0x0d, 0xfa,
0x57, 0xdd, 0x77, 0x32, 0xf0, 0x5b, 0x34, 0xfd,
0x19, 0x95, 0x33, 0x60, 0x87, 0xe2, 0xa2, 0xf4 };
/* h:
* 4a:76:30:89:eb:e1:81:7c:99:0b:39:7f:95:4a:65:72:
* c6:b4:05:92:48:6c:3c:b2:7e:e7:39:f3:92:7d:c1:3f:
* bf:e1:fd:b3:4a:46:3e:ce:29:80:e3:d6:f4:59:c6:92:
* 16:2b:0e:d7:d6:bb:ef:94:36:31:c2:66:46:c5:4a:77:
* aa:95:84:ef:99:7e:e3:9c:d9:a0:32:42:09:b6:4e:d0:
* b3:c8:5e:06:df:a1:ac:4d:2d:f9:08:c2:cb:4b:a4:42:
* db:8a:5b:de:25:6e:2b:5b:ca:00:75:2c:57:00:18:aa:
* 68:59:a1:94:03:07:94:78:38:bc:f8:7c:1e:1c:a3:2e
* SEED:
* b5:44:66:c9:0f:f1:ca:1c:95:45:ce:90:74:89:14:f2:
* 13:3e:23:5a:b0:6a:bf:86:ad:cb:a0:7d:ce:3b:c8:16:
* 7f:2d:a2:1a:cb:33:7d:c1:e7:d7:07:aa:1b:a2:d7:89:
* f5:a4:db:f7:8b:50:00:cd:b4:7d:25:81:3f:f8:a8:dd:
* 6c:46:e5:77:b5:60:7e:75:79:b8:99:57:c1:c4:f3:f7:
* 17:ca:43:00:b8:33:b6:06:8f:4d:91:ed:23:a5:66:1b:
* ef:14:d7:bc:21:2b:82:d8:ab:fa:fd:a7:c3:4d:bf:52:
* af:8e:57:59:61:1a:4e:65:c6:90:d6:a6:ff:0b:15:b1
* g: 1024
* counter: 1003
/* P, Q, G have been generated using the NSS makepqg utility:
* makepqg -l 2048 -g 224 -r
* (see also: bug 1170322)
*
* h: 1 (0x1)
* SEED:
* d2:0b:c5:63:1b:af:dc:36:b7:7c:b9:3e:36:01:a0:8f:
* 0e:be:d0:38:e4:78:d5:3c:7c:9e:a9:9a:d2:0b:c5:63:
* 1b:af:dc:36:b7:7c:b9:3e:36:01:a0:8f:0e:be:d0:38:
* e4:78:d5:3c:7c:9e:c7:70:d2:0b:c5:63:1b:af:dc:36:
* b7:7c:b9:3e:36:01:a0:8f:0e:be:d0:38:e4:78:d5:3c:
* 7c:9e:aa:3e
* g: 672
* counter: 0
*/
static const SECKEYPQGParams default_pqg_params = {

2
security/nss/cmd/lib/basicutil.c
View File

@ -241,7 +241,7 @@ void
SECU_PrintAsHex(FILE *out, const SECItem *data, const char *m, int level)
{
unsigned i;
int column;
int column = 0;
PRBool isString = PR_TRUE;
PRBool isWhiteSpace = PR_TRUE;
PRBool printedHex = PR_FALSE;

108
security/nss/cmd/selfserv/selfserv.c
View File

@ -119,16 +119,16 @@ const int ssl3CipherSuites[] = {
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
TLS_RSA_WITH_RC4_128_SHA, /* n */
-1, /* TLS_DHE_DSS_WITH_RC4_128_SHA, * o */
-1, /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, * p */
-1, /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, * q */
-1, /* TLS_DHE_RSA_WITH_DES_CBC_SHA, * r */
-1, /* TLS_DHE_DSS_WITH_DES_CBC_SHA, * s */
-1, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA, * t */
-1, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA, * u */
TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
TLS_DHE_RSA_WITH_DES_CBC_SHA, /* r */
TLS_DHE_DSS_WITH_DES_CBC_SHA, /* s */
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
-1, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA, * w */
-1, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA, * x */
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
TLS_RSA_WITH_NULL_SHA, /* z */
0
@ -141,6 +141,9 @@ static PRBool noDelay;
static int requestCert;
static int verbose;
static SECItem bigBuf;
static int configureDHE = -1; /* -1: don't configure, 0 disable, >=1 enable*/
static int configureReuseECDHE = -1; /* -1: don't configure, 0 refresh, >=1 reuse*/
static int configureWeakDHE = -1; /* -1: don't configure, 0 disable, >=1 enable*/
static PRThread * acceptorThread;
@ -160,11 +163,12 @@ PrintUsageHeader(const char *progName)
" [-f password_file] [-L [seconds]] [-M maxProcs] [-P dbprefix]\n"
" [-V [min-version]:[max-version]] [-a sni_name]\n"
" [ T <good|revoked|unknown|badsig|corrupted|none|ocsp>] [-A ca]\n"
" [-C SSLCacheEntries] [-S dsa_nickname]"
#ifndef NSS_DISABLE_ECC
" [-C SSLCacheEntries] [-e ec_nickname]\n"
#else
" [-C SSLCacheEntries]\n"
" [-e ec_nickname]"
#endif /* NSS_DISABLE_ECC */
"\n"
" -U [0|1] -H [0|1] -W [0|1]\n"
,progName);
}
@ -216,6 +220,9 @@ PrintParameterUsage()
" good, revoked, unknown, failure, badsig, corrupted\n"
" ocsp: fetch from external OCSP server using AIA, or none\n"
"-A <ca> Nickname of a CA used to sign a stapled cert status\n"
"-U override default ECDHE ephemeral key reuse, 0: refresh, 1: reuse\n"
"-H override default DHE server support, 0: disable, 1: enable\n"
"-W override default DHE server weak parameters support, 0: disable, 1: enable\n"
"-c Restrict ciphers\n"
"-Y prints cipher values allowed for parameter -c and exits\n"
, stderr);
@ -252,7 +259,16 @@ PrintCipherUsage(const char *progName)
"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
"n SSL3 RSA WITH RC4 128 SHA\n"
"o TLS_DHE_DSS_WITH_RC4_128_SHA\n"
"p TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n"
"q TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\n"
"r TLS_DHE_RSA_WITH_DES_CBC_SHA\n"
"s TLS_DHE_DSS_WITH_DES_CBC_SHA\n"
"t TLS_DHE_DSS_WITH_AES_128_CBC_SHA\n"
"u TLS_DHE_RSA_WITH_AES_128_CBC_SHA\n"
"v SSL3 RSA WITH AES 128 CBC SHA\n"
"w TLS_DHE_DSS_WITH_AES_256_CBC_SHA\n"
"x TLS_DHE_RSA_WITH_AES_256_CBC_SHA\n"
"y SSL3 RSA WITH AES 256 CBC SHA\n"
"z SSL3 RSA WITH NULL SHA\n"
"\n"
@ -1905,6 +1921,27 @@ server_main(
}
}
if (configureDHE > -1) {
rv = SSL_OptionSet(model_sock, SSL_ENABLE_SERVER_DHE, (configureDHE > 0));
if (rv != SECSuccess) {
errExit("error configuring server side DHE support");
}
}
if (configureReuseECDHE > -1) {
rv = SSL_OptionSet(model_sock, SSL_REUSE_SERVER_ECDHE_KEY, (configureReuseECDHE > 0));
if (rv != SECSuccess) {
errExit("error configuring server side reuse of ECDHE key");
}
}
if (configureWeakDHE > -1) {
rv = SSL_EnableWeakDHEPrimeGroup(model_sock, (configureWeakDHE > 0));
if (rv != SECSuccess) {
errExit("error configuring weak DHE prime group");
}
}
for (kea = kt_rsa; kea < kt_kea_size; kea++) {
if (cert[kea] != NULL) {
secStatus = SSL_ConfigSecureServer(model_sock,
@ -2136,6 +2173,7 @@ main(int argc, char **argv)
#ifndef NSS_DISABLE_ECC
char * ecNickName = NULL;
#endif
char * dsaNickName = NULL;
const char * fileName = NULL;
char * cipherString= NULL;
const char * dir = ".";
@ -2180,7 +2218,7 @@ main(int argc, char **argv)
** numbers, then capital letters, then lower case, alphabetical.
*/
optstate = PL_CreateOptState(argc, argv,
"2:A:BC:DEL:M:NP:RT:V:Ya:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz");
"2:A:BC:DEH:L:M:NP:RS:T:U:V:W:Ya:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
++optionsFound;
switch(optstate->option) {
@ -2194,6 +2232,7 @@ main(int argc, char **argv)
case 'D': noDelay = PR_TRUE; break;
case 'E': disableStepDown = PR_TRUE; break;
case 'H': configureDHE = (PORT_Atoi(optstate->value) != 0); break;
case 'I': /* reserved for OCSP multi-stapling */ break;
@ -2217,6 +2256,8 @@ main(int argc, char **argv)
case 'R': disableRollBack = PR_TRUE; break;
case 'S': dsaNickName = PORT_Strdup(optstate->value); break;
case 'T':
if (enableOCSPStapling(optstate->value) != SECSuccess) {
fprintf(stderr, "Invalid OCSP stapling mode.\n");
@ -2225,6 +2266,8 @@ main(int argc, char **argv)
}
break;
case 'U': configureReuseECDHE = (PORT_Atoi(optstate->value) != 0); break;
case 'V': if (SECU_ParseSSLVersionRangeString(optstate->value,
enabledVersions, enableSSL2,
&enabledVersions, &enableSSL2) != SECSuccess) {
@ -2232,10 +2275,12 @@ main(int argc, char **argv)
}
break;
case 'W': configureWeakDHE = (PORT_Atoi(optstate->value) != 0); break;
case 'Y': PrintCipherUsage(progName); exit(0); break;
case 'a': if (virtServerNameIndex >= MAX_VIRT_SERVER_NAME_ARRAY_INDEX) {
Usage(progName);
Usage(progName); break;
}
virtServerNameArray[virtServerNameIndex++] =
PORT_Strdup(optstate->value); break;
@ -2362,6 +2407,7 @@ main(int argc, char **argv)
}
if ((nickName == NULL)
&& (dsaNickName == NULL)
#ifndef NSS_DISABLE_ECC
&& (ecNickName == NULL)
#endif
@ -2593,6 +2639,33 @@ main(int argc, char **argv)
setupCertStatus(certStatusArena, ocspStaplingMode, cert[kt_rsa], kt_rsa,
&pwdata);
}
if (dsaNickName) {
/* Investigate if ssl_kea_dh should be changed to ssl_auth_dsa.
* See bug 102794.*/
cert[ssl_kea_dh] = PK11_FindCertFromNickname(dsaNickName, &pwdata);
if (cert[ssl_kea_dh] == NULL) {
fprintf(stderr, "selfserv: Can't find certificate %s\n", dsaNickName);
exit(12);
}
privKey[ssl_kea_dh] = PK11_FindKeyByAnyCert(cert[ssl_kea_dh], &pwdata);
if (privKey[ssl_kea_dh] == NULL) {
fprintf(stderr, "selfserv: Can't find Private Key for cert %s\n",
dsaNickName);
exit(11);
}
if (testbypass) {
PRBool bypassOK;
if (SSL_CanBypass(cert[ssl_kea_dh], privKey[ssl_kea_dh], protos, cipherlist,
nciphers, &bypassOK, &pwdata) != SECSuccess) {
SECU_PrintError(progName, "Bypass test failed %s\n", nickName);
exit(14);
}
fprintf(stderr, "selfserv: %s can%s bypass\n", nickName,
bypassOK ? "" : "not");
}
setupCertStatus(certStatusArena, ocspStaplingMode, cert[ssl_kea_dh], ssl_kea_dh,
&pwdata);
}
#ifndef NSS_DISABLE_ECC
if (ecNickName) {
cert[kt_ecdh] = PK11_FindCertFromNickname(ecNickName, &pwdata);
@ -2625,6 +2698,13 @@ main(int argc, char **argv)
if (testbypass)
goto cleanup;
if (configureWeakDHE > 0) {
fprintf(stderr, "selfserv: Creating dynamic weak DH parameters\n");
rv = SSL_EnableWeakDHEPrimeGroup(NULL, PR_TRUE);
fprintf(stderr, "selfserv: Done creating dynamic weak DH parameters\n");
}
/* allocate the array of thread slots, and launch the worker threads. */
rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads);

1
security/nss/coreconf/coreconf.dep
View File

@ -10,3 +10,4 @@
*/
#error "Do not include this header file."

8
security/nss/external_tests/ssl_gtest/ssl_skip_unittest.cc
View File

@ -108,11 +108,17 @@ class TlsSkipTest
}
};
TEST_P(TlsSkipTest, SkipCertificate) {
TEST_P(TlsSkipTest, SkipCertificateRsa) {
DisableDheCiphers();
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
}
TEST_P(TlsSkipTest, SkipCertificateDhe) {
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
}
TEST_P(TlsSkipTest, SkipCertificateEcdhe) {
EnableSomeEcdheCiphers();
ServerSkipTest(new TlsHandshakeSkipFilter(kTlsHandshakeCertificate));

18
security/nss/external_tests/ssl_gtest/tls_agent.cc
View File

@ -93,6 +93,24 @@ void TlsAgent::EnableSomeEcdheCiphers() {
}
}
void TlsAgent::DisableDheCiphers() {
EXPECT_TRUE(EnsureTlsSetup());
for (size_t i=0; i < SSL_NumImplementedCiphers; ++i) {
SSLCipherSuiteInfo csinfo;
SECStatus rv = SSL_GetCipherSuiteInfo(SSL_ImplementedCiphers[i],
&csinfo, sizeof(csinfo));
ASSERT_EQ(SECSuccess, rv);
if (csinfo.keaType == ssl_kea_dh) {
rv = SSL_CipherPrefSet(ssl_fd_, SSL_ImplementedCiphers[i], PR_FALSE);
EXPECT_EQ(SECSuccess, rv);
}
}
}
void TlsAgent::SetSessionTicketsEnabled(bool en) {
EXPECT_TRUE(EnsureTlsSetup());

1
security/nss/external_tests/ssl_gtest/tls_agent.h
View File

@ -85,6 +85,7 @@ class TlsAgent : public PollTarget {
void Handshake();
void EnableSomeEcdheCiphers();
void DisableDheCiphers();
bool EnsureTlsSetup();
void ConfigureSessionCache(SessionResumptionMode mode);

4
security/nss/external_tests/ssl_gtest/tls_connect.cc
View File

@ -176,6 +176,10 @@ void TlsConnectTestBase::EnableSomeEcdheCiphers() {
server_->EnableSomeEcdheCiphers();
}
void TlsConnectTestBase::DisableDheCiphers() {
client_->DisableDheCiphers();
server_->DisableDheCiphers();
}
void TlsConnectTestBase::ConfigureSessionCache(SessionResumptionMode client,
SessionResumptionMode server) {

1
security/nss/external_tests/ssl_gtest/tls_connect.h
View File

@ -55,6 +55,7 @@ class TlsConnectTestBase : public ::testing::Test {
void ConnectExpectFail();
void EnableSomeEcdheCiphers();
void DisableDheCiphers();
void ConfigureSessionCache(SessionResumptionMode client,
SessionResumptionMode server);
void CheckResumption(SessionResumptionMode expected);

16
security/nss/lib/certdb/genname.c
View File

@ -684,7 +684,7 @@ loser:
return NULL;
}
CERTNameConstraint *
static CERTNameConstraint *
cert_DecodeNameConstraintSubTree(PLArenaPool *arena,
SECItem **subTree,
PRBool permited)
@ -701,15 +701,17 @@ cert_DecodeNameConstraintSubTree(PLArenaPool *arena,
if (current == NULL) {
goto loser;
}
if (last == NULL) {
first = last = current;
if (first == NULL) {
first = current;
} else {
current->l.prev = &(last->l);
last->l.next = &(current->l);
}
current->l.prev = &(last->l);
current->l.next = last->l.next;
last->l.next = &(current->l);
last = current;
i++;
}
first->l.prev = &(current->l);
first->l.prev = &(last->l);
last->l.next = &(first->l);
/* TODO: unmark arena */
return first;
loser:

5
security/nss/lib/ckfw/builtins/binst.c
View File

@ -65,11 +65,10 @@ builtins_mdInstance_GetLibraryVersion
NSSCKFWInstance *fwInstance
)
{
extern const char __nss_builtins_rcsid[];
extern const char __nss_builtins_sccsid[];
extern const char __nss_builtins_version[];
volatile char c; /* force a reference that won't get optimized away */
c = __nss_builtins_rcsid[0] + __nss_builtins_sccsid[0];
c = __nss_builtins_version[0];
return nss_builtins_LibraryVersion;
}

13
security/nss/lib/ckfw/builtins/ckbiver.c
View File

@ -13,14 +13,7 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_builtins_rcsid[] = "$Header: NSS Builtin Trusted Root CAs "
NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_builtins_sccsid[] = "@(#)NSS Builtin Trusted Root CAs "
NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_builtins_version[] = "Version: NSS Builtin Trusted Root CAs "
NSS_BUILTINS_LIBRARY_VERSION _DEBUG_STRING;

13
security/nss/lib/ckfw/capi/ckcapiver.c
View File

@ -12,14 +12,7 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_ckcapi_rcsid[] = "$Header: NSS Access to Microsoft Certificate Store "
NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_ckcapi_sccsid[] = "@(#)NSS Access to Microsoft Certificate Store "
NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_ckcapi_version[] = "Version: NSS Access to Microsoft Certificate Store "
NSS_CKCAPI_LIBRARY_VERSION _DEBUG_STRING;

13
security/nss/lib/ckfw/nssmkey/ckmkver.c
View File

@ -12,14 +12,7 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_ckmk_rcsid[] = "$Header: NSS Access to the MAC OS X Key Ring "
NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_ckmk_sccsid[] = "@(#)NSS Access to the MAC OS X Key Ring "
NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring "
NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING;

4
security/nss/lib/dbm/config/config.mk
View File

@ -25,10 +25,6 @@ ifdef HAVE_SNPRINTF
DEFINES += -DHAVE_SNPRINTF
endif
ifeq (,$(filter-out IRIX Linux,$(OS_TARGET)))
DEFINES += -DHAVE_SYS_CDEFS_H
endif
ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET)))
DEFINES += -DHAVE_SYS_BYTEORDER_H
endif

126
security/nss/lib/dbm/include/cdefs.h
View File

@ -1,126 +0,0 @@
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/*
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Berkeley Software Design, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. ***REMOVED*** - see
* ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)cdefs.h 8.7 (Berkeley) 1/21/94
*/
#ifndef _CDEFS_H_
#define _CDEFS_H_
#if defined(__cplusplus)
#define __BEGIN_DECLS extern "C" {
#define __END_DECLS }
#else
#define __BEGIN_DECLS
#define __END_DECLS
#endif
/*
* The __CONCAT macro is used to concatenate parts of symbol names, e.g.
* with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
* The __CONCAT macro is a bit tricky -- make sure you don't put spaces
* in between its arguments. __CONCAT can also concatenate double-quoted
* strings produced by the __STRING macro, but this only works with ANSI C.
*/
#if defined(__STDC__) || defined(__cplusplus) || defined(_WINDOWS) || defined(XP_OS2)
#define __P(protos) protos /* full-blown ANSI C */
#define __CONCAT(x,y) x ## y
#define __STRING(x) #x
/* On HP-UX 11.00, <sys/stdsyms.h> defines __const. */
#ifndef __const
#define __const const /* define reserved names to standard */
#endif /* __const */
#define __signed signed
#define __volatile volatile
#ifndef _WINDOWS
#if defined(__cplusplus)
#define __inline inline /* convert to C++ keyword */
#else
#if !defined(__GNUC__) && !defined(__MWERKS__)
#define __inline /* delete GCC keyword */
#endif /* !__GNUC__ */
#endif /* !__cplusplus */
#endif /* !_WINDOWS */
#else /* !(__STDC__ || __cplusplus) */
#define __P(protos) () /* traditional C preprocessor */
#define __CONCAT(x,y) x/**/y
#define __STRING(x) "x"
#ifndef __GNUC__
#define __const /* delete pseudo-ANSI C keywords */
#define __inline
#define __signed
#define __volatile
/*
* In non-ANSI C environments, new programs will want ANSI-only C keywords
* deleted from the program and old programs will want them left alone.
* When using a compiler other than gcc, programs using the ANSI C keywords
* const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
* When using "gcc -traditional", we assume that this is the intent; if
* __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
*/
#ifndef NO_ANSI_KEYWORDS
#define const /* delete ANSI C keywords */
#define inline
#define signed
#define volatile
#endif
#endif /* !__GNUC__ */
#endif /* !(__STDC__ || __cplusplus) */
/*
* GCC1 and some versions of GCC2 declare dead (non-returning) and
* pure (no side effects) functions using "volatile" and "const";
* unfortunately, these then cause warnings under "-ansi -pedantic".
* GCC2 uses a new, peculiar __attribute__((attrs)) style. All of
* these work for GNU C++ (modulo a slight glitch in the C++ grammar
* in the distribution version of 2.5.5).
*/
#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */
#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
#define __dead __volatile
#define __pure __const
#endif
#endif
/* Delete pseudo-keywords wherever they are not available or needed. */
#ifndef __dead
#define __dead
#define __pure
#endif
#endif /* !_CDEFS_H_ */

4
security/nss/lib/dbm/include/manifest.mn
View File

@ -8,8 +8,7 @@ CORE_DEPTH = ../../..
MODULE = dbm
EXPORTS = cdefs.h \
mcom_db.h \
EXPORTS = mcom_db.h \
ncompat.h \
winfile.h \
$(NULL)
@ -19,7 +18,6 @@ PRIVATE_EXPORTS = hsearch.h \
extern.h \
queue.h \
hash.h \
mpool.h \
search.h \
$(NULL)

6
security/nss/lib/dbm/include/mcom_db.h
View File

@ -56,12 +56,6 @@ typedef PRUint32 uint32;
#ifdef __DBINTERFACE_PRIVATE
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#else
#include "cdefs.h"
#endif
#ifdef HAVE_SYS_BYTEORDER_H
#include <sys/byteorder.h>
#endif

97
security/nss/lib/dbm/include/mpool.h
View File

@ -1,97 +0,0 @@
/*-
* Copyright (c) 1991, 1993, 1994
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. ***REMOVED*** - see
* ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)mpool.h 8.2 (Berkeley) 7/14/94
*/
#include <sys/queue.h>
/*
* The memory pool scheme is a simple one. Each in-memory page is referenced
* by a bucket which is threaded in up to two of three ways. All active pages
* are threaded on a hash chain (hashed by page number) and an lru chain.
* Inactive pages are threaded on a free chain. Each reference to a memory
* pool is handed an opaque MPOOL cookie which stores all of this information.
*/
#define HASHSIZE 128
#define HASHKEY(pgno) ((pgno - 1) % HASHSIZE)
/* The BKT structures are the elements of the queues. */
typedef struct _bkt {
CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */
CIRCLEQ_ENTRY(_bkt) q; /* lru queue */
void *page; /* page */
pgno_t pgno; /* page number */
#define MPOOL_DIRTY 0x01 /* page needs to be written */
#define MPOOL_PINNED 0x02 /* page is pinned into memory */
uint8 flags; /* flags */
} BKT;
typedef struct MPOOL {
CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */
/* hash queue array */
CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
pgno_t curcache; /* current number of cached pages */
pgno_t maxcache; /* max number of cached pages */
pgno_t npages; /* number of pages in the file */
uint32 pagesize; /* file page size */
int fd; /* file descriptor */
/* page in conversion routine */
void (*pgin) (void *, pgno_t, void *);
/* page out conversion routine */
void (*pgout) (void *, pgno_t, void *);
void *pgcookie; /* cookie for page in/out routines */
#ifdef STATISTICS
uint32 cachehit;
uint32 cachemiss;
uint32 pagealloc;
uint32 pageflush;
uint32 pageget;
uint32 pagenew;
uint32 pageput;
uint32 pageread;
uint32 pagewrite;
#endif
} MPOOL;
__BEGIN_DECLS
MPOOL *mpool_open (void *, int, pgno_t, pgno_t);
void mpool_filter (MPOOL *, void (*)(void *, pgno_t, void *),
void (*)(void *, pgno_t, void *), void *);
void *mpool_new (MPOOL *, pgno_t *);
void *mpool_get (MPOOL *, pgno_t, uint);
int mpool_put (MPOOL *, void *, uint);
int mpool_sync (MPOOL *);
int mpool_close (MPOOL *);
#ifdef STATISTICS
void mpool_stat (MPOOL *);
#endif
__END_DECLS

4
security/nss/lib/dbm/src/h_bigkey.c
View File

@ -72,8 +72,8 @@ static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94";
#include "page.h"
/* #include "extern.h" */
static int collect_key __P((HTAB *, BUFHEAD *, int, DBT *, int));
static int collect_data __P((HTAB *, BUFHEAD *, int, int));
static int collect_key(HTAB *, BUFHEAD *, int, DBT *, int);
static int collect_data(HTAB *, BUFHEAD *, int, int);
/*
* Big_insert

10
security/nss/lib/dbm/src/h_func.c
View File

@ -45,14 +45,14 @@ static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94";
/* #include "extern.h" */
#if 0
static uint32 hash1 __P((const void *, size_t));
static uint32 hash2 __P((const void *, size_t));
static uint32 hash3 __P((const void *, size_t));
static uint32 hash1(const void *, size_t);
static uint32 hash2(const void *, size_t);
static uint32 hash3(const void *, size_t);
#endif
static uint32 hash4 __P((const void *, size_t));
static uint32 hash4(const void *, size_t);
/* Global default hash function */
uint32 (*__default_hash) __P((const void *, size_t)) = hash4;
uint32 (*__default_hash)(const void *, size_t) = hash4;
/*
* HASH FUNCTIONS

13
security/nss/lib/dbm/src/h_page.c
View File

@ -89,13 +89,12 @@ static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94";
extern int mkstempflags(char *path, int extraFlags);
static uint32 *fetch_bitmap __P((HTAB *, uint32));
static uint32 first_free __P((uint32));
static int open_temp __P((HTAB *));
static uint16 overflow_page __P((HTAB *));
static void squeeze_key __P((uint16 *, const DBT *, const DBT *));
static int ugly_split
__P((HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int));
static uint32 *fetch_bitmap(HTAB *, uint32);
static uint32 first_free(uint32);
static int open_temp(HTAB *);
static uint16 overflow_page(HTAB *);
static void squeeze_key(uint16 *, const DBT *, const DBT *);
static int ugly_split(HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int);
#define PAGE_INIT(P) { \
((uint16 *)(P))[0] = 0; \

32
security/nss/lib/dbm/src/hash.c
View File

@ -74,23 +74,23 @@ static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94";
/*
#include "extern.h"
*/
static int alloc_segs __P((HTAB *, int));
static int flush_meta __P((HTAB *));
static int hash_access __P((HTAB *, ACTION, DBT *, DBT *));
static int hash_close __P((DB *));
static int hash_delete __P((const DB *, const DBT *, uint));
static int hash_fd __P((const DB *));
static int hash_get __P((const DB *, const DBT *, DBT *, uint));
static int hash_put __P((const DB *, DBT *, const DBT *, uint));
static void *hash_realloc __P((SEGMENT **, size_t, size_t));
static int hash_seq __P((const DB *, DBT *, DBT *, uint));
static int hash_sync __P((const DB *, uint));
static int hdestroy __P((HTAB *));
static HTAB *init_hash __P((HTAB *, const char *, HASHINFO *));
static int init_htab __P((HTAB *, int));
static int alloc_segs(HTAB *, int);
static int flush_meta(HTAB *);
static int hash_access(HTAB *, ACTION, DBT *, DBT *);
static int hash_close(DB *);
static int hash_delete(const DB *, const DBT *, uint);
static int hash_fd(const DB *);
static int hash_get(const DB *, const DBT *, DBT *, uint);
static int hash_put(const DB *, DBT *, const DBT *, uint);
static void *hash_realloc(SEGMENT **, size_t, size_t);
static int hash_seq(const DB *, DBT *, DBT *, uint);
static int hash_sync(const DB *, uint);
static int hdestroy(HTAB *);
static HTAB *init_hash(HTAB *, const char *, HASHINFO *);
static int init_htab(HTAB *, int);
#if BYTE_ORDER == LITTLE_ENDIAN
static void swap_header __P((HTAB *));
static void swap_header_copy __P((HASHHDR *, HASHHDR *));
static void swap_header(HTAB *);
static void swap_header_copy(HASHHDR *, HASHHDR *);
#endif
/* Fast arithmetic, relying on powers of 2, */

2
security/nss/lib/dbm/src/hash_buf.c
View File

@ -70,7 +70,7 @@ static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94";
#include "page.h"
/* #include "extern.h" */
static BUFHEAD *newbuf __P((HTAB *, uint32, BUFHEAD *));
static BUFHEAD *newbuf(HTAB *, uint32, BUFHEAD *);
/* Unlink B from its place in the lru */
#define BUF_REMOVE(B) { \

5
security/nss/lib/dbm/src/memmove.c
View File

@ -37,11 +37,6 @@
static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#else
#include "cdefs.h"
#endif
#include <string.h>
/*

22
security/nss/lib/dbm/src/snprintf.c
View File

@ -4,32 +4,14 @@
#include <stddef.h>
#include <stdio.h>
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#else
#include "cdefs.h"
#endif
#include "prtypes.h"
#include <ncompat.h>
#ifdef __STDC__
#include <stdarg.h>
#else
#include <varargs.h>
#endif
int
#ifdef __STDC__
snprintf(char *str, size_t n, const char *fmt, ...)
#else
snprintf(str, n, fmt, va_alist)
char *str;
size_t n;
const char *fmt;
va_dcl
#endif
{
va_list ap;
#ifdef VSPRINTF_CHARSTAR
@ -37,11 +19,7 @@ snprintf(str, n, fmt, va_alist)
#else
int rval;
#endif
#ifdef __STDC__
va_start(ap, fmt);
#else
va_start(ap);
#endif
#ifdef VSPRINTF_CHARSTAR
rp = vsprintf(str, fmt, ap);
va_end(ap);

10
security/nss/lib/freebl/freeblver.c
View File

@ -13,12 +13,6 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_freebl_rcsid[] = "$Header: NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_freebl_sccsid[] = "@(#)NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_freebl_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;

5
security/nss/lib/freebl/ldvector.c
View File

@ -294,13 +294,12 @@ static const struct FREEBLVectorStr vector =
const FREEBLVector *
FREEBL_GetVector(void)
{
extern const char __nss_freebl_rcsid[];
extern const char __nss_freebl_sccsid[];
extern const char __nss_freebl_version[];
/* force a reference that won't get optimized away */
volatile char c;
c = __nss_freebl_rcsid[0] + __nss_freebl_sccsid[0];
c = __nss_freebl_version[0];
#ifdef FREEBL_NO_DEPEND
FREEBL_InitStubs();
#endif

6
security/nss/lib/nss/nss.h
View File

@ -33,10 +33,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define NSS_VERSION "3.19.3" _NSS_ECC_STRING _NSS_CUSTOMIZED
#define NSS_VERSION "3.20" _NSS_ECC_STRING _NSS_CUSTOMIZED
#define NSS_VMAJOR 3
#define NSS_VMINOR 19
#define NSS_VPATCH 3
#define NSS_VMINOR 20
#define NSS_VPATCH 0
#define NSS_VBUILD 0
#define NSS_BETA PR_FALSE

5
security/nss/lib/nss/nssinit.c
View File

@ -1230,8 +1230,7 @@ NSS_IsInitialized(void)
}
extern const char __nss_base_rcsid[];
extern const char __nss_base_sccsid[];
extern const char __nss_base_version[];
PRBool
NSS_VersionCheck(const char *importedVersion)
@ -1249,7 +1248,7 @@ NSS_VersionCheck(const char *importedVersion)
const char *ptr = importedVersion;
volatile char c; /* force a reference that won't get optimized away */
c = __nss_base_rcsid[0] + __nss_base_sccsid[0];
c = __nss_base_version[0];
while (isdigit(*ptr)) {
vmajor = 10 * vmajor + *ptr - '0';

10
security/nss/lib/nss/nssver.c
View File

@ -13,12 +13,6 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_base_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_base_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_base_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;

5
security/nss/lib/smime/smimeutil.c
View File

@ -754,8 +754,7 @@ loser:
return cert;
}
extern const char __nss_smime_rcsid[];
extern const char __nss_smime_sccsid[];
extern const char __nss_smime_version[];
PRBool
NSSSMIME_VersionCheck(const char *importedVersion)
@ -771,7 +770,7 @@ NSSSMIME_VersionCheck(const char *importedVersion)
*/
volatile char c; /* force a reference that won't get optimized away */
c = __nss_smime_rcsid[0] + __nss_smime_sccsid[0];
c = __nss_smime_version[0];
return NSS_VersionCheck(importedVersion);
}

10
security/nss/lib/smime/smimever.c
View File

@ -13,12 +13,6 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_smime_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_smime_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_smime_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;

12
security/nss/lib/softoken/legacydb/lginit.c
View File

@ -22,15 +22,9 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_dbm_rcsid[] = "$Header: NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_dbm_sccsid[] = "@(#)NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_dbm_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;
typedef struct LGPrivateStr {
NSSLOWCERTCertDBHandle *certDB;
@ -595,7 +589,7 @@ legacy_Open(const char *configdir, const char *certPrefix,
PRBool readOnly = (flags == SDB_RDONLY)? PR_TRUE: PR_FALSE;
volatile char c; /* force a reference that won't get optimized away */
c = __nss_dbm_rcsid[0] + __nss_dbm_sccsid[0];
c = __nss_dbm_version[0];
rv = SECOID_Init();
if (SECSuccess != rv) {

5
security/nss/lib/softoken/pkcs11.c
View File

@ -3135,8 +3135,7 @@ CK_RV NSC_Finalize (CK_VOID_PTR pReserved)
return crv;
}
extern const char __nss_softokn_rcsid[];
extern const char __nss_softokn_sccsid[];
extern const char __nss_softokn_version[];
/* NSC_GetInfo returns general information about Cryptoki. */
CK_RV NSC_GetInfo(CK_INFO_PTR pInfo)
@ -3145,7 +3144,7 @@ CK_RV NSC_GetInfo(CK_INFO_PTR pInfo)
CHECK_FORK();
c = __nss_softokn_rcsid[0] + __nss_softokn_sccsid[0];
c = __nss_softokn_version[0];
pInfo->cryptokiVersion.major = 2;
pInfo->cryptokiVersion.minor = 20;
PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);

10
security/nss/lib/softoken/softkver.c
View File

@ -13,12 +13,6 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_softokn_rcsid[] = "$Header: NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_softokn_sccsid[] = "@(#)NSS " SOFTOKEN_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_softokn_version[] = "Version: NSS " SOFTOKEN_VERSION _DEBUG_STRING;

6
security/nss/lib/softoken/softkver.h
View File

@ -25,10 +25,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define SOFTOKEN_VERSION "3.19.3" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VERSION "3.20" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VMAJOR 3
#define SOFTOKEN_VMINOR 19
#define SOFTOKEN_VPATCH 3
#define SOFTOKEN_VMINOR 20
#define SOFTOKEN_VPATCH 0
#define SOFTOKEN_VBUILD 0
#define SOFTOKEN_BETA PR_FALSE

413
security/nss/lib/ssl/dhe-param.c Normal file
View File

@ -0,0 +1,413 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
static const unsigned char ff_dhe_g2[] = { 2 };
static const unsigned char ff_dhe_2048_p[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
static const ssl3DHParams ff_dhe_2048 = {
{ siBuffer, (unsigned char *)ff_dhe_2048_p, sizeof(ff_dhe_2048_p) },
{ siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
};
static const unsigned char ff_dhe_3072_p[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
static const ssl3DHParams ff_dhe_3072 = {
{ siBuffer, (unsigned char *)ff_dhe_3072_p, sizeof(ff_dhe_3072_p) },
{ siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
};
static const unsigned char ff_dhe_4096_p[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
static const ssl3DHParams ff_dhe_4096 = {
{ siBuffer, (unsigned char *)ff_dhe_4096_p, sizeof(ff_dhe_4096_p) },
{ siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
};
static const unsigned char ff_dhe_6144_p[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
static const ssl3DHParams ff_dhe_6144 = {
{ siBuffer, (unsigned char *)ff_dhe_6144_p, sizeof(ff_dhe_6144_p) },
{ siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
};
static const unsigned char ff_dhe_8192_p[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA,
0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38,
0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64,
0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43,
0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E,
0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF,
0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29,
0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65,
0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02,
0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4,
0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82,
0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C,
0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51,
0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22,
0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74,
0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE,
0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C,
0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC,
0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B,
0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9,
0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0,
0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31,
0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57,
0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8,
0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E,
0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30,
0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E,
0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE,
0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D,
0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D,
0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E,
0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C,
0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
};
static const ssl3DHParams ff_dhe_8192 = {
{ siBuffer, (unsigned char *)ff_dhe_8192_p, sizeof(ff_dhe_8192_p) },
{ siBuffer, (unsigned char *)ff_dhe_g2, sizeof(ff_dhe_g2) },
};

10
security/nss/lib/ssl/ssl.def
View File

@ -171,3 +171,13 @@ SSL_SetCanFalseStartCallback;
;+ local:
;+*;
;+};
;+NSS_3.20 { # NSS 3.20 release
;+ global:
;+# If the 3.20 release includes any additional functions
;+# besides SSL_DHEGroupPrefSet and SSL_EnableWeakDHEPrimeGroup
;+# they should be labeled as NSS_3.20a
SSL_DHEGroupPrefSet;
SSL_EnableWeakDHEPrimeGroup;
;+ local:
;+*;
;+};

45
security/nss/lib/ssl/ssl.h
View File

@ -185,12 +185,17 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
/* SSL_REUSE_SERVER_ECDHE_KEY controls whether the ECDHE server key is
* reused for multiple handshakes or generated each time.
* SSL_REUSE_SERVER_ECDHE_KEY is currently enabled by default.
* This socket option is for ECDHE, only. It is unrelated to DHE.
*/
#define SSL_REUSE_SERVER_ECDHE_KEY 27
#define SSL_ENABLE_FALLBACK_SCSV 28 /* Send fallback SCSV in
* handshakes. */
/* SSL_ENABLE_SERVER_DHE controls whether DHE is enabled for the server socket.
*/
#define SSL_ENABLE_SERVER_DHE 29
#ifdef SSL_DEPRECATED_FUNCTION
/* Old deprecated function names */
SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
@ -292,6 +297,46 @@ SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled);
SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
/* SSL_DHEGroupPrefSet is used to configure the set of allowed/enabled DHE group
** parameters that can be used by NSS for the given server socket.
** The first item in the array is used as the default group, if no other
** selection criteria can be used by NSS.
** The set is provided as an array of identifiers as defined by SSLDHEGroupType.
** If more than one group identifier is provided, NSS will select the one to use.
** For example, a TLS extension sent by the client might indicate a preference.
*/
SSL_IMPORT SECStatus SSL_DHEGroupPrefSet(PRFileDesc *fd,
SSLDHEGroupType *groups,
PRUint16 num_groups);
/* Enable the use of a DHE group that's smaller than the library default,
** for backwards compatibility reasons. The DH parameters will be created
** at the time this function is called, which might take a very long time.
** The function will block until generation is completed.
** The intention is to enforce that fresh and safe parameters are generated
** each time a process is started.
** At the time this API was initially implemented, the API will enable the
** use of 1024 bit DHE parameters. This value might get increased in future
** versions of NSS.
**
** It is allowed to call this API will a NULL value for parameter fd,
** which will prepare the global parameters that NSS will reuse for the remainder
** of the process lifetime. This can be used early after startup of a process,
** to avoid a delay when handling incoming client connections.
** This preparation with a NULL for parameter fd will NOT enable the weak group
** on sockets. The function needs to be called again for every socket that
** should use the weak group.
**
** It is allowed to use this API in combination with the SSL_DHEGroupPrefSet API.
** If both APIs have been called, the weakest group will be used,
** unless it is certain that the client supports larger group parameters.
** The weak group will be used as the default group, overriding the preference
** for the first group potentially set with a call to SSL_DHEGroupPrefSet
** (The first group set using SSL_DHEGroupPrefSet will still be enabled, but
** it's no longer the default group.)
*/
SSL_IMPORT SECStatus SSL_EnableWeakDHEPrimeGroup(PRFileDesc *fd, PRBool enabled);
/* SSL Version Range API
**
** This API should be used to control SSL 3.0 & TLS support instead of the

350
security/nss/lib/ssl/ssl3con.c
View File

@ -108,14 +108,17 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
#endif /* NSS_DISABLE_ECC */
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
@ -289,8 +292,8 @@ static const ssl3KEADef kea_defs[] =
/* kea exchKeyType signKeyType is_limited limit tls_keygen ephemeral */
{kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE, PR_FALSE},
{kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
{kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE, PR_TRUE},
{kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE, PR_TRUE},
{kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE, PR_FALSE},
{kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE, PR_FALSE},
{kea_dh_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
{kea_dh_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE, PR_FALSE},
{kea_dh_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE, PR_FALSE},
@ -408,6 +411,10 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_rsa},
{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_ecdhe_ecdsa},
{TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_dhe_dss},
{TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, cipher_aes_128, hmac_sha256, kea_dhe_dss},
{TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, cipher_aes_256, hmac_sha256, kea_dhe_dss},
#ifndef NSS_DISABLE_ECC
{TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa},
{TLS_ECDH_ECDSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_ecdh_ecdsa},
@ -644,12 +651,15 @@ ssl3_CipherSuiteAllowedForVersionRange(
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
case TLS_RSA_WITH_AES_128_CBC_SHA256:
case TLS_RSA_WITH_AES_128_GCM_SHA256:
case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
case TLS_RSA_WITH_NULL_SHA256:
return vrange->max == SSL_LIBRARY_VERSION_TLS_1_2;
case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2;
/* RFC 4492: ECC cipher suites need TLS extensions to negotiate curves and
@ -772,16 +782,11 @@ ssl3_config_match_init(sslSocket *ss)
* that the server uses an RSA cert for (EC)DHE-RSA.
*/
switch (cipher_def->key_exchange_alg) {
case kea_dhe_dss:
svrAuth = ss->serverCerts + ssl_kea_dh;
break;
case kea_ecdhe_rsa:
#if NSS_SERVER_DHE_IMPLEMENTED
/* XXX NSS does not yet implement the server side of _DHE_
* cipher suites. Correcting the computation for svrAuth,
* as the case below does, causes NSS SSL servers to begin to
* negotiate cipher suites they do not implement. So, until
* server side _DHE_ is implemented, keep this disabled.
*/
case kea_dhe_rsa:
#endif
svrAuth = ss->serverCerts + kt_rsa;
break;
case kea_ecdh_ecdsa:
@ -793,6 +798,8 @@ ssl3_config_match_init(sslSocket *ss)
* simultaneously. For now, both of them use
* whatever is in the certificate slot for kt_ecdh
*/
case kea_dhe_dss_export:
case kea_dhe_rsa_export:
default:
svrAuth = ss->serverCerts + exchKeyType;
break;
@ -829,11 +836,22 @@ ssl3_config_match_init(sslSocket *ss)
* cipher suite. */
static PRBool
config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled,
const SSLVersionRange *vrange)
const SSLVersionRange *vrange, const sslSocket *ss)
{
const ssl3CipherSuiteDef *cipher_def;
PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE);
if (policy == SSL_NOT_ALLOWED || !enabled)
return PR_FALSE;
return PR_FALSE;
cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
PORT_Assert(cipher_def != NULL);
PORT_Assert(ss != NULL);
if (ss->sec.isServer && !ss->opt.enableServerDhe &&
kea_defs[cipher_def->key_exchange_alg].exchKeyType == ssl_kea_dh)
return PR_FALSE;
return (PRBool)(suite->enabled &&
suite->isPresent &&
suite->policy != SSL_NOT_ALLOWED &&
@ -854,7 +872,7 @@ count_cipher_suites(sslSocket *ss, int policy, PRBool enabled)
return 0;
}
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
if (config_match(&ss->cipherSuites[i], policy, enabled, &ss->vrange))
if (config_match(&ss->cipherSuites[i], policy, enabled, &ss->vrange, ss))
count++;
}
if (count <= 0) {
@ -4131,6 +4149,12 @@ ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, PRInt32 lenSize)
PRUint8 b[4];
PRUint8 * p = b;
PORT_Assert(lenSize <= 4 && lenSize > 0);
if (lenSize < 4 && num >= (1L << (lenSize * 8))) {
PORT_SetError(SSL_ERROR_TX_RECORD_TOO_LONG);
return SECFailure;
}
switch (lenSize) {
case 4:
*p++ = (num >> 24) & 0xff;
@ -5279,7 +5303,7 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
}
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange)) {
if (config_match(suite, ss->ssl3.policy, PR_TRUE, &ss->vrange, ss)) {
actual_count++;
if (actual_count > num_suites) {
if (sid->u.ssl3.lock) { PR_RWLock_Unlock(sid->u.ssl3.lock); }
@ -6095,9 +6119,9 @@ ssl3_SendClientKeyExchange(sslSocket *ss)
isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
/* enforce limits on kea key sizes. */
if (ss->ssl3.hs.kea_def->is_limited) {
int keyLen = SECKEY_PublicKeyStrength(serverKey); /* bytes */
unsigned int keyLen = SECKEY_PublicKeyStrengthInBits(serverKey);
if (keyLen * BPB > ss->ssl3.hs.kea_def->key_size_limit) {
if (keyLen > ss->ssl3.hs.kea_def->key_size_limit) {
if (isTLS)
(void)SSL3_SendAlert(ss, alert_fatal, export_restriction);
else
@ -6338,7 +6362,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
if (temp == suite->cipher_suite) {
SSLVersionRange vrange = {ss->version, ss->version};
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange)) {
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange, ss)) {
/* config_match already checks whether the cipher suite is
* acceptable for the version, but the check is repeated here
* in order to give a more precise error code. */
@ -7609,6 +7633,22 @@ ssl3_SendServerHelloSequence(sslSocket *ss)
/* An empty TLS Renegotiation Info (RI) extension */
static const PRUint8 emptyRIext[5] = {0xff, 0x01, 0x00, 0x01, 0x00};
static PRBool
ssl3_KEAAllowsSessionTicket(SSL3KeyExchangeAlgorithm kea)
{
switch (kea) {
case kea_dhe_dss:
case kea_dhe_dss_export:
case kea_dh_dss_export:
case kea_dh_dss:
/* TODO: Fix session tickets for DSS. The server code rejects the
* session ticket received from the client. Bug 1174677 */
return PR_FALSE;
default:
return PR_TRUE;
};
}
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
* ssl3 Client Hello message.
* Caller must hold Handshake and RecvBuf locks.
@ -7631,6 +7671,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
SECItem comps = {siBuffer, NULL, 0};
PRBool haveSpecWriteLock = PR_FALSE;
PRBool haveXmitBufLock = PR_FALSE;
PRBool canOfferSessionTicket = PR_FALSE;
SSL_TRC(3, ("%d: SSL3[%d]: handle client_hello handshake",
SSL_GETPID(), ss->fd));
@ -7870,8 +7911,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
* resuming.)
*/
if (ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn) && sid == NULL) {
ssl3_RegisterServerHelloExtensionSender(ss,
ssl_session_ticket_xtn, ssl3_SendSessionTicketXtn);
canOfferSessionTicket = PR_TRUE;
}
if (sid != NULL) {
@ -7950,7 +7990,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
* The product policy won't change during the process lifetime.
* Implemented ("isPresent") shouldn't change for servers.
*/
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange))
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange, ss))
break;
#else
if (!suite->enabled)
@ -7999,7 +8039,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
SSLVersionRange vrange = {ss->version, ss->version};
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange)) {
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange, ss)) {
continue;
}
for (i = 0; i + 1 < suites.len; i += 2) {
@ -8016,6 +8056,15 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
goto alert_loser;
suite_found:
if (canOfferSessionTicket)
canOfferSessionTicket = ssl3_KEAAllowsSessionTicket(
ss->ssl3.hs.suite_def->key_exchange_alg);
if (canOfferSessionTicket) {
ssl3_RegisterServerHelloExtensionSender(ss,
ssl_session_ticket_xtn, ssl3_SendSessionTicketXtn);
}
/* Select a compression algorithm. */
for (i = 0; i < comps.len; i++) {
if (!compressionEnabled(ss, comps.data[i]))
@ -8533,7 +8582,7 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length)
for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
SSLVersionRange vrange = {ss->version, ss->version};
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange)) {
if (!config_match(suite, ss->ssl3.policy, PR_TRUE, &vrange, ss)) {
continue;
}
for (i = 0; i+2 < suite_length; i += 3) {
@ -8732,6 +8781,154 @@ ssl3_SendServerHello(sslSocket *ss)
return SECSuccess;
}
static SECStatus
ssl3_PickSignatureHashAlgorithm(sslSocket *ss,
SSL3SignatureAndHashAlgorithm* out);
static SECStatus
ssl3_SendDHServerKeyExchange(sslSocket *ss)
{
const ssl3KEADef * kea_def = ss->ssl3.hs.kea_def;
SECStatus rv = SECFailure;
int length;
PRBool isTLS;
SECItem signed_hash = {siBuffer, NULL, 0};
SSL3Hashes hashes;
SSL3SignatureAndHashAlgorithm sigAndHash;
SECKEYDHParams dhParam;
ssl3KeyPair *keyPair = NULL;
SECKEYPublicKey *pubKey = NULL; /* Ephemeral DH key */
SECKEYPrivateKey *privKey = NULL; /* Ephemeral DH key */
int certIndex = -1;
if (kea_def->kea != kea_dhe_dss && kea_def->kea != kea_dhe_rsa) {
/* TODO: Support DH_anon. It might be sufficient to drop the signature.
See bug 1170510. */
PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
return SECFailure;
}
dhParam.prime.data = ss->dheParams->prime.data;
dhParam.prime.len = ss->dheParams->prime.len;
dhParam.base.data = ss->dheParams->base.data;
dhParam.base.len = ss->dheParams->base.len;
PRINT_BUF(60, (NULL, "Server DH p", dhParam.prime.data,
dhParam.prime.len));
PRINT_BUF(60, (NULL, "Server DH g", dhParam.base.data,
dhParam.base.len));
/* Generate ephemeral DH keypair */
privKey = SECKEY_CreateDHPrivateKey(&dhParam, &pubKey, NULL);
if (!privKey || !pubKey) {
ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
rv = SECFailure;
goto loser;
}
keyPair = ssl3_NewKeyPair(privKey, pubKey);
if (!keyPair) {
ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
goto loser;
}
PRINT_BUF(50, (ss, "DH public value:",
pubKey->u.dh.publicValue.data,
pubKey->u.dh.publicValue.len));
if (ssl3_PickSignatureHashAlgorithm(ss, &sigAndHash) != SECSuccess) {
ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
goto loser;
}
rv = ssl3_ComputeDHKeyHash(sigAndHash.hashAlg,
pubKey->u.dh.prime,
pubKey->u.dh.base,
pubKey->u.dh.publicValue,
&ss->ssl3.hs.client_random,
&ss->ssl3.hs.server_random,
&hashes, ss->opt.bypassPKCS11);
if (rv != SECSuccess) {
ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
goto loser;
}
/* It has been suggested to test kea_def->signKeyType instead, and to use
* ssl_auth_* instead. Investigate what to do. See bug 102794. */
if (kea_def->kea == kea_dhe_rsa)
certIndex = ssl_kea_rsa;
else
certIndex = ssl_kea_dh;
isTLS = (PRBool)(ss->ssl3.pwSpec->version > SSL_LIBRARY_VERSION_3_0);
rv = ssl3_SignHashes(&hashes, ss->serverCerts[certIndex].SERVERKEY,
&signed_hash, isTLS);
if (rv != SECSuccess) {
goto loser; /* ssl3_SignHashes has set err. */
}
if (signed_hash.data == NULL) {
PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
goto loser;
}
length = 2 + pubKey->u.dh.prime.len +
2 + pubKey->u.dh.base.len +
2 + pubKey->u.dh.publicValue.len +
2 + signed_hash.len;
if (ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
length += 2;
}
rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.dh.prime.data,
pubKey->u.dh.prime.len, 2);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.dh.base.data,
pubKey->u.dh.base.len, 2);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
rv = ssl3_AppendHandshakeVariable(ss, pubKey->u.dh.publicValue.data,
pubKey->u.dh.publicValue.len, 2);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
if (ss->ssl3.pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
rv = ssl3_AppendSignatureAndHashAlgorithm(ss, &sigAndHash);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
}
rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
signed_hash.len, 2);
if (rv != SECSuccess) {
goto loser; /* err set by AppendHandshake. */
}
PORT_Free(signed_hash.data);
ss->dheKeyPair = keyPair;
return SECSuccess;
loser:
if (signed_hash.data)
PORT_Free(signed_hash.data);
if (privKey)
SECKEY_DestroyPrivateKey(privKey);
if (pubKey)
SECKEY_DestroyPublicKey(pubKey);
return SECFailure;
}
/* ssl3_PickSignatureHashAlgorithm selects a hash algorithm to use when signing
* elements of the handshake. (The negotiated cipher suite determines the
* signature algorithm.) Prior to TLS 1.2, the MD5/SHA1 combination is always
@ -8906,6 +9103,11 @@ ssl3_SendServerKeyExchange(sslSocket *ss)
PORT_Free(signed_hash.data);
return SECSuccess;
case ssl_kea_dh: {
rv = ssl3_SendDHServerKeyExchange(ss);
return rv;
}
#ifndef NSS_DISABLE_ECC
case kt_ecdh: {
rv = ssl3_SendECDHServerKeyExchange(ss, &sigAndHash);
@ -8913,7 +9115,6 @@ ssl3_SendServerKeyExchange(sslSocket *ss)
}
#endif /* NSS_DISABLE_ECC */
case kt_dh:
case kt_null:
default:
PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
@ -9322,6 +9523,59 @@ double_bypass:
return SECSuccess;
}
static SECStatus
ssl3_HandleDHClientKeyExchange(sslSocket *ss,
SSL3Opaque *b,
PRUint32 length,
SECKEYPublicKey *srvrPubKey,
SECKEYPrivateKey *serverKey)
{
PK11SymKey *pms;
SECStatus rv;
SECKEYPublicKey clntPubKey;
CK_MECHANISM_TYPE target;
PRBool isTLS;
PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
PORT_Assert( srvrPubKey );
clntPubKey.keyType = dhKey;
clntPubKey.u.dh.prime.len = srvrPubKey->u.dh.prime.len;
clntPubKey.u.dh.prime.data = srvrPubKey->u.dh.prime.data;
clntPubKey.u.dh.base.len = srvrPubKey->u.dh.base.len;
clntPubKey.u.dh.base.data = srvrPubKey->u.dh.base.data;
rv = ssl3_ConsumeHandshakeVariable(ss, &clntPubKey.u.dh.publicValue,
2, &b, &length);
if (rv != SECSuccess) {
goto loser;
}
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
/* Determine the PMS */
pms = PK11_PubDerive(serverKey, &clntPubKey, PR_FALSE, NULL, NULL,
CKM_DH_PKCS_DERIVE, target, CKA_DERIVE, 0, NULL);
if (pms == NULL) {
ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
goto loser;
}
rv = ssl3_InitPendingCipherSpec(ss, pms);
PK11_FreeSymKey(pms); pms = NULL;
loser:
if (ss->dheKeyPair) {
ssl3_FreeKeyPair(ss->dheKeyPair);
ss->dheKeyPair = NULL;
}
return rv;
}
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
* ssl3 ClientKeyExchange message from the remote client
@ -9334,9 +9588,7 @@ ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
SECStatus rv;
const ssl3KEADef *kea_def;
ssl3KeyPair *serverKeyPair = NULL;
#ifndef NSS_DISABLE_ECC
SECKEYPublicKey *serverPubKey = NULL;
#endif /* NSS_DISABLE_ECC */
SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake",
SSL_GETPID(), ss->fd));
@ -9366,6 +9618,16 @@ ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
ss->sec.keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB;
} else
skip:
if (kea_def->kea == kea_dhe_dss ||
kea_def->kea == kea_dhe_rsa) {
if (ss->dheKeyPair) {
serverKeyPair = ss->dheKeyPair;
if (serverKeyPair->pubKey) {
ss->sec.keaKeyBits =
SECKEY_PublicKeyStrengthInBits(serverKeyPair->pubKey);
}
}
} else
#ifndef NSS_DISABLE_ECC
/* XXX Using SSLKEAType to index server certifiates
* does not work for (EC)DHE ciphers. Until we have
@ -9411,6 +9673,21 @@ skip:
}
break;
case ssl_kea_dh:
if (ss->dheKeyPair && ss->dheKeyPair->pubKey) {
serverPubKey = ss->dheKeyPair->pubKey;
}
if (!serverPubKey) {
PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
return SECFailure;
}
rv = ssl3_HandleDHClientKeyExchange(ss, b, length,
serverPubKey, serverKey);
if (rv != SECSuccess) {
SSL3_SendAlert(ss, alert_fatal, handshake_failure);
return SECFailure; /* error code set */
}
break;
#ifndef NSS_DISABLE_ECC
case kt_ecdh:
@ -10071,7 +10348,13 @@ ssl3_AuthCertificate(sslSocket *ss)
pubKey = NULL;
}
if (ss->ssl3.hs.kea_def->ephemeral) {
/* Ephemeral suites require ServerKeyExchange. Export cipher suites
* with RSA key exchange also require ServerKeyExchange if the
* authentication key exceeds the key size limit. */
if (ss->ssl3.hs.kea_def->ephemeral ||
(ss->ssl3.hs.kea_def->is_limited &&
ss->ssl3.hs.kea_def->exchKeyType == ssl_kea_rsa &&
ss->sec.authKeyBits > ss->ssl3.hs.kea_def->key_size_limit)) {
ss->ssl3.hs.ws = wait_server_key; /* require server_key_exchange */
} else {
ss->ssl3.hs.ws = wait_cert_request; /* disallow server_key_exchange */
@ -10587,7 +10870,8 @@ ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
* ServerHello message.)
*/
if (isServer && !ss->ssl3.hs.isResuming &&
ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn)) {
ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn) &&
ssl3_KEAAllowsSessionTicket(ss->ssl3.hs.suite_def->key_exchange_alg)) {
/* RFC 5077 Section 3.3: "In the case of a full handshake, the
* server MUST verify the client's Finished message before sending
* the ticket." Presumably, this also means that the client's
@ -10635,7 +10919,8 @@ xmit_loser:
return rv;
}
if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {
if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa ||
ss->ssl3.hs.kea_def->kea == kea_dhe_rsa) {
effectiveExchKeyType = kt_rsa;
} else {
effectiveExchKeyType = ss->ssl3.hs.kea_def->exchKeyType;
@ -11853,8 +12138,6 @@ ssl3_FreeKeyPair(ssl3KeyPair * keyPair)
}
}
/*
* Creates the public and private RSA keys for SSL Step down.
* Called from SSL_ConfigSecureServer in sslsecur.c
@ -11886,7 +12169,6 @@ ssl3_CreateRSAStepDownKeys(sslSocket *ss)
return rv;
}
/* record the export policy for this cipher suite */
SECStatus
ssl3_SetPolicy(ssl3CipherSuite which, int policy)
@ -12019,7 +12301,7 @@ ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size)
/* ssl3_config_match_init was called by the caller of this function. */
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
if (config_match(suite, SSL_ALLOWED, PR_TRUE, &ss->vrange)) {
if (config_match(suite, SSL_ALLOWED, PR_TRUE, &ss->vrange, ss)) {
if (cs != NULL) {
*cs++ = 0x00;
*cs++ = (suite->cipher_suite >> 8) & 0xFF;
@ -12144,6 +12426,10 @@ ssl3_DestroySSL3Info(sslSocket *ss)
}
}
if (ss->ssl3.dheGroups) {
PORT_Free(ss->ssl3.dheGroups);
}
ss->ssl3.initialized = PR_FALSE;
SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);

3
security/nss/lib/ssl/ssl3ext.c
View File

@ -1125,7 +1125,8 @@ ssl3_SendNewSessionTicket(sslSocket *ss)
sslSessionID sid;
PORT_Memset(&sid, 0, sizeof(sslSessionID));
if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {
if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa ||
ss->ssl3.hs.kea_def->kea == kea_dhe_rsa) {
effectiveExchKeyType = kt_rsa;
} else {
effectiveExchKeyType = ss->ssl3.hs.kea_def->exchKeyType;

5
security/nss/lib/ssl/sslcon.c
View File

@ -3669,8 +3669,7 @@ loser:
*/
#include "nss.h"
extern const char __nss_ssl_rcsid[];
extern const char __nss_ssl_sccsid[];
extern const char __nss_ssl_version[];
PRBool
NSSSSL_VersionCheck(const char *importedVersion)
@ -3686,7 +3685,7 @@ NSSSSL_VersionCheck(const char *importedVersion)
*/
volatile char c; /* force a reference that won't get optimized away */
c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0];
c = __nss_ssl_version[0];
return NSS_VersionCheck(importedVersion);
}

3
security/nss/lib/ssl/sslenum.c
View File

@ -66,14 +66,17 @@ const PRUint16 SSL_ImplementedCiphers[] = {
#endif /* NSS_DISABLE_ECC */
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,

23
security/nss/lib/ssl/sslimpl.h
View File

@ -179,6 +179,7 @@ typedef struct ssl3CertNodeStr ssl3CertNode;
typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef;
typedef struct ssl3MACDefStr ssl3MACDef;
typedef struct ssl3KeyPairStr ssl3KeyPair;
typedef struct ssl3DHParamsStr ssl3DHParams;
struct ssl3CertNodeStr {
struct ssl3CertNodeStr *next;
@ -298,9 +299,9 @@ typedef struct {
} ssl3CipherSuiteCfg;
#ifndef NSS_DISABLE_ECC
#define ssl_V3_SUITES_IMPLEMENTED 61
#define ssl_V3_SUITES_IMPLEMENTED 64
#else
#define ssl_V3_SUITES_IMPLEMENTED 37
#define ssl_V3_SUITES_IMPLEMENTED 40
#endif /* NSS_DISABLE_ECC */
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
@ -337,6 +338,7 @@ typedef struct sslOptionsStr {
unsigned int enableALPN : 1; /* 27 */
unsigned int reuseServerECDHEKey : 1; /* 28 */
unsigned int enableFallbackSCSV : 1; /* 29 */
unsigned int enableServerDhe : 1; /* 30 */
} sslOptions;
typedef enum { sslHandshakingUndetermined = 0,
@ -740,8 +742,8 @@ typedef struct {
PRBool is_limited;
int key_size_limit;
PRBool tls_keygen;
/* True if the key exchange for the suite can be ephemeral. Or to be more
* precise: true if the ServerKeyExchange message is required. */
/* True if the key exchange for the suite is ephemeral. Or to be more
* precise: true if the ServerKeyExchange message is always required. */
PRBool ephemeral;
} ssl3KEADef;
@ -997,6 +999,9 @@ struct ssl3StateStr {
PRUint16 dtlsSRTPCipherCount;
PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */
PRBool fatalAlertSent;
PRUint16 numDHEGroups; /* used by server */
SSLDHEGroupType * dheGroups; /* used by server */
PRBool dheWeakGroupEnabled; /* used by server */
};
#define DTLS_MAX_MTU 1500 /* Ethernet MTU but without subtracting the
@ -1016,6 +1021,11 @@ struct ssl3KeyPairStr {
PRInt32 refCount; /* use PR_Atomic calls for this. */
};
struct ssl3DHParamsStr {
SECItem prime; /* p */
SECItem base; /* g */
};
typedef struct SSLWrappedSymWrappingKeyStr {
SSL3Opaque wrappedSymmetricWrappingkey[512];
CK_MECHANISM_TYPE symWrapMechanism;
@ -1224,6 +1234,9 @@ const unsigned char * preferredCipher;
ssl3KeyPair * stepDownKeyPair; /* RSA step down keys */
const ssl3DHParams *dheParams; /* DHE param */
ssl3KeyPair * dheKeyPair; /* DHE keys */
/* Callbacks */
SSLAuthCertificate authCertificate;
void *authCertificateArg;
@ -1616,6 +1629,8 @@ int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
*/
extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss);
extern SECStatus ssl3_SelectDHParams(sslSocket *ss);
#ifndef NSS_DISABLE_ECC
extern void ssl3_FilterECCipherSuitesByServerCerts(sslSocket *ss);
extern PRBool ssl3_IsECCEnabled(sslSocket *ss);

3
security/nss/lib/ssl/sslinfo.c
View File

@ -135,6 +135,7 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
{0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_DHE, C_AES, B_256, M_SHA256, 1, 0, 0, },
{0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, 1, 0, 0, },
{0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, 1, 0, 0, },
{0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256), S_DSA, K_DHE, C_AES, B_256, M_SHA256, 1, 0, 0, },
{0,CS(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M_SHA, 0, 0, 0, },
{0,CS(TLS_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_RSA, C_AES, B_256, M_SHA256, 1, 0, 0, },
{0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, 1, 0, 0, },
@ -145,7 +146,9 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
{0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_DHE, C_AES, B_128, M_SHA256, 1, 0, 0, },
{0,CS(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_DHE, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, },
{0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA, 1, 0, 0, },
{0,CS(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256), S_DSA, K_DHE, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, },
{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, 1, 0, 0, },
{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256), S_DSA, K_DHE, C_AES, B_128, M_SHA256, 1, 0, 0, },
{0,CS(TLS_RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED,B_128, M_SHA, 1, 0, 0, },
{0,CS(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M_SHA, 0, 0, 0, },
{0,CS(TLS_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, 0, 0, 0, },

2
security/nss/lib/ssl/sslproto.h
View File

@ -177,6 +177,7 @@
#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C
#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D
#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041
#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042
#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043
@ -191,6 +192,7 @@
#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065
#define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067
#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084

6
security/nss/lib/ssl/sslsecur.c
View File

@ -693,6 +693,7 @@ NSS_FindCertKEAType(CERTCertificate * cert)
case SEC_OID_PKCS1_RSA_ENCRYPTION:
keaType = kt_rsa;
break;
case SEC_OID_ANSIX9_DSA_SIGNATURE: /* hah, signature, not a key? */
case SEC_OID_X942_DIFFIE_HELMAN_KEY:
keaType = kt_dh;
break;
@ -789,6 +790,11 @@ ssl_ConfigSecureServer(sslSocket *ss, CERTCertificate *cert,
goto loser;
}
}
if (kea == ssl_kea_dh || kea == ssl_kea_rsa) {
if (ssl3_SelectDHParams(ss) != SECSuccess) {
goto loser;
}
}
return SECSuccess;
loser:

239
security/nss/lib/ssl/sslsock.c
View File

@ -18,6 +18,7 @@
#include "blapi.h"
#endif
#include "nss.h"
#include "pk11pqg.h"
#define SET_ERROR_CODE /* reminder */
@ -82,7 +83,8 @@ static sslOptions ssl_defaults = {
PR_TRUE, /* enableNPN */
PR_FALSE, /* enableALPN */
PR_TRUE, /* reuseServerECDHEKey */
PR_FALSE /* enableFallbackSCSV */
PR_FALSE, /* enableFallbackSCSV */
PR_TRUE, /* enableServerDhe */
};
/*
@ -225,6 +227,20 @@ ssl_DupSocket(sslSocket *os)
sizeof(PRUint16) * os->ssl3.dtlsSRTPCipherCount);
ss->ssl3.dtlsSRTPCipherCount = os->ssl3.dtlsSRTPCipherCount;
ss->ssl3.dheWeakGroupEnabled = os->ssl3.dheWeakGroupEnabled;
ss->ssl3.numDHEGroups = os->ssl3.numDHEGroups;
if (os->ssl3.dheGroups) {
ss->ssl3.dheGroups = PORT_NewArray(SSLDHEGroupType,
os->ssl3.numDHEGroups);
if (!ss->ssl3.dheGroups) {
goto loser;
}
PORT_Memcpy(ss->ssl3.dheGroups, os->ssl3.dheGroups,
sizeof(SSLDHEGroupType) * os->ssl3.numDHEGroups);
} else {
ss->ssl3.dheGroups = NULL;
}
if (os->cipherSpecs) {
ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
if (ss->cipherSpecs)
@ -267,6 +283,10 @@ ssl_DupSocket(sslSocket *os)
ssl3_GetKeyPairRef(os->stepDownKeyPair);
ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL :
ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair);
ss->dheKeyPair = !os->dheKeyPair ? NULL :
ssl3_GetKeyPairRef(os->dheKeyPair);
ss->dheParams = os->dheParams;
/*
* XXX the preceding CERT_ and SECKEY_ functions can fail and return NULL.
* XXX We should detect this, and not just march on with NULL pointers.
@ -384,6 +404,10 @@ ssl_DestroySocketContents(sslSocket *ss)
ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
ss->ephemeralECDHKeyPair = NULL;
}
if (ss->dheKeyPair) {
ssl3_FreeKeyPair(ss->dheKeyPair);
ss->dheKeyPair = NULL;
}
SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE);
PORT_Assert(!ss->xtnData.sniNameArr);
if (ss->xtnData.sniNameArr) {
@ -794,6 +818,10 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
ss->opt.enableFallbackSCSV = on;
break;
case SSL_ENABLE_SERVER_DHE:
ss->opt.enableServerDhe = on;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
@ -869,6 +897,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
case SSL_REUSE_SERVER_ECDHE_KEY:
on = ss->opt.reuseServerECDHEKey; break;
case SSL_ENABLE_FALLBACK_SCSV: on = ss->opt.enableFallbackSCSV; break;
case SSL_ENABLE_SERVER_DHE: on = ss->opt.enableServerDhe; break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
@ -938,6 +967,9 @@ SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
case SSL_ENABLE_FALLBACK_SCSV:
on = ssl_defaults.enableFallbackSCSV;
break;
case SSL_ENABLE_SERVER_DHE:
on = ssl_defaults.enableServerDhe;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
@ -1121,6 +1153,10 @@ SSL_OptionSetDefault(PRInt32 which, PRBool on)
ssl_defaults.enableFallbackSCSV = on;
break;
case SSL_ENABLE_SERVER_DHE:
ssl_defaults.enableServerDhe = on;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
@ -1339,7 +1375,204 @@ NSS_SetFrancePolicy(void)
return NSS_SetDomesticPolicy();
}
SECStatus
SSL_DHEGroupPrefSet(PRFileDesc *fd,
SSLDHEGroupType *groups,
PRUint16 num_groups)
{
sslSocket *ss;
if ((num_groups && !groups) || (!num_groups && groups)) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(), fd));
return SECFailure;
}
if (ss->ssl3.dheGroups) {
PORT_Free(ss->ssl3.dheGroups);
ss->ssl3.dheGroups = NULL;
ss->ssl3.numDHEGroups = 0;
}
if (groups) {
ss->ssl3.dheGroups = PORT_NewArray(SSLDHEGroupType, num_groups);
if (!ss->ssl3.dheGroups) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return SECFailure;
}
PORT_Memcpy(ss->ssl3.dheGroups, groups,
sizeof(SSLDHEGroupType) * num_groups);
}
return SECSuccess;
}
PRCallOnceType gWeakDHParamsRegisterOnce;
int gWeakDHParamsRegisterError;
PRCallOnceType gWeakDHParamsOnce;
int gWeakDHParamsError;
/* As our code allocates type PQGParams, we'll keep it around,
* even though we only make use of it's parameters through gWeakDHParam. */
static PQGParams *gWeakParamsPQG;
static ssl3DHParams *gWeakDHParams;
static PRStatus
ssl3_CreateWeakDHParams()
{
PQGVerify *vfy;
SECStatus rv, passed;
PORT_Assert(!gWeakDHParams && !gWeakParamsPQG);
rv = PK11_PQG_ParamGenV2(1024, 160, 64 /*maximum seed that will work*/,
&gWeakParamsPQG, &vfy);
if (rv != SECSuccess) {
gWeakDHParamsError = PORT_GetError();
return PR_FAILURE;
}
rv = PK11_PQG_VerifyParams(gWeakParamsPQG, vfy, &passed);
if (rv != SECSuccess || passed != SECSuccess) {
SSL_DBG(("%d: PK11_PQG_VerifyParams failed in ssl3_CreateWeakDHParams",
SSL_GETPID()));
gWeakDHParamsError = PORT_GetError();
return PR_FAILURE;
}
gWeakDHParams = PORT_ArenaNew(gWeakParamsPQG->arena, ssl3DHParams);
if (!gWeakDHParams) {
gWeakDHParamsError = PORT_GetError();
return PR_FAILURE;
}
gWeakDHParams->prime.data = gWeakParamsPQG->prime.data;
gWeakDHParams->prime.len = gWeakParamsPQG->prime.len;
gWeakDHParams->base.data = gWeakParamsPQG->base.data;
gWeakDHParams->base.len = gWeakParamsPQG->base.len;
PK11_PQG_DestroyVerify(vfy);
return PR_SUCCESS;
}
static SECStatus
ssl3_WeakDHParamsShutdown(void *appData, void *nssData)
{
if (gWeakParamsPQG) {
PK11_PQG_DestroyParams(gWeakParamsPQG);
gWeakParamsPQG = NULL;
gWeakDHParams = NULL;
}
return SECSuccess;
}
static PRStatus
ssl3_WeakDHParamsRegisterShutdown(void)
{
SECStatus rv;
rv = NSS_RegisterShutdown(ssl3_WeakDHParamsShutdown, NULL);
if (rv != SECSuccess) {
gWeakDHParamsRegisterError = PORT_GetError();
}
return (PRStatus)rv;
}
/* global init strategy inspired by ssl3_CreateECDHEphemeralKeys */
SECStatus
SSL_EnableWeakDHEPrimeGroup(PRFileDesc *fd, PRBool enabled)
{
sslSocket *ss;
PRStatus status;
if (enabled) {
status = PR_CallOnce(&gWeakDHParamsRegisterOnce,
ssl3_WeakDHParamsRegisterShutdown);
if (status != PR_SUCCESS) {
PORT_SetError(gWeakDHParamsRegisterError);
return SECFailure;
}
status = PR_CallOnce(&gWeakDHParamsOnce, ssl3_CreateWeakDHParams);
if (status != PR_SUCCESS) {
PORT_SetError(gWeakDHParamsError);
return SECFailure;
}
}
if (!fd)
return SECSuccess;
ss = ssl_FindSocket(fd);
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_DHEGroupPrefSet", SSL_GETPID(), fd));
return SECFailure;
}
ss->ssl3.dheWeakGroupEnabled = enabled;
return SECSuccess;
}
#include "dhe-param.c"
static const SSLDHEGroupType ssl_default_dhe_groups[] = {
ssl_ff_dhe_2048_group
};
/* Keep this array synchronized with the index definitions in SSLDHEGroupType */
static const ssl3DHParams *all_ssl3DHParams[] = {
NULL, /* ssl_dhe_group_none */
&ff_dhe_2048,
&ff_dhe_3072,
&ff_dhe_4096,
&ff_dhe_6144,
&ff_dhe_8192,
};
static SSLDHEGroupType
selectDHEGroup(sslSocket *ss, const SSLDHEGroupType *groups, PRUint16 num_groups)
{
if (!groups || !num_groups)
return ssl_dhe_group_none;
/* We don't have automatic group parameter selection yet
* (potentially) based on socket parameters, e.g. key sizes.
* For now, we return the first available group from the allowed list. */
return groups[0];
}
/* Ensure DH parameters have been selected */
SECStatus
ssl3_SelectDHParams(sslSocket *ss)
{
SSLDHEGroupType selectedGroup = ssl_dhe_group_none;
if (ss->ssl3.dheWeakGroupEnabled) {
ss->dheParams = gWeakDHParams;
} else {
if (ss->ssl3.dheGroups) {
selectedGroup = selectDHEGroup(ss, ss->ssl3.dheGroups,
ss->ssl3.numDHEGroups);
} else {
size_t number_of_default_groups = PR_ARRAY_SIZE(ssl_default_dhe_groups);
selectedGroup = selectDHEGroup(ss, ssl_default_dhe_groups,
number_of_default_groups);
}
if (selectedGroup == ssl_dhe_group_none ||
selectedGroup >= ssl_dhe_group_max) {
return SECFailure;
}
ss->dheParams = all_ssl3DHParams[selectedGroup];
}
return SECSuccess;
}
/* LOCKS ??? XXX */
static PRFileDesc *
@ -2966,6 +3199,10 @@ ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protocolVariant)
ss->certStatusArray[i] = NULL;
}
ss->stepDownKeyPair = NULL;
ss->dheParams = NULL;
ss->dheKeyPair = NULL;
ss->dbHandle = CERT_GetDefaultCertDB();
/* Provide default implementation of hooks */

10
security/nss/lib/ssl/sslt.h
View File

@ -197,4 +197,14 @@ typedef enum {
#define SSL_MAX_EXTENSIONS 11 /* doesn't include ssl_padding_xtn. */
typedef enum {
ssl_dhe_group_none = 0,
ssl_ff_dhe_2048_group = 1,
ssl_ff_dhe_3072_group = 2,
ssl_ff_dhe_4096_group = 3,
ssl_ff_dhe_6144_group = 4,
ssl_ff_dhe_8192_group = 5,
ssl_dhe_group_max
} SSLDHEGroupType;
#endif /* __sslt_h_ */

10
security/nss/lib/ssl/sslver.c
View File

@ -13,12 +13,6 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_ssl_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_ssl_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_ssl_version[] = "Version: NSS " NSS_VERSION _DEBUG_STRING;

6
security/nss/lib/util/nssutil.h
View File

@ -19,10 +19,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
#define NSSUTIL_VERSION "3.19.3"
#define NSSUTIL_VERSION "3.20"
#define NSSUTIL_VMAJOR 3
#define NSSUTIL_VMINOR 19
#define NSSUTIL_VPATCH 3
#define NSSUTIL_VMINOR 20
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 0
#define NSSUTIL_BETA PR_FALSE

12
security/nss/lib/util/secoid.c
View File

@ -20,15 +20,9 @@
#endif
/*
* Version information for the 'ident' and 'what commands
*
* NOTE: the first component of the concatenated rcsid string
* must not end in a '$' to prevent rcs keyword substitution.
* Version information
*/
const char __nss_util_rcsid[] = "$Header: NSS " NSSUTIL_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__ " $";
const char __nss_util_sccsid[] = "@(#)NSS " NSSUTIL_VERSION _DEBUG_STRING
" " __DATE__ " " __TIME__;
const char __nss_util_version[] = "Version: NSS " NSSUTIL_VERSION _DEBUG_STRING;
/* MISSI Mosaic Object ID space */
/* USGov algorithm OID space: { 2 16 840 1 101 } */
@ -1921,7 +1915,7 @@ SECOID_Init(void)
char * envVal;
volatile char c; /* force a reference that won't get optimized away */
c = __nss_util_rcsid[0] + __nss_util_sccsid[0];
c = __nss_util_version[0];
if (oidhash) {
return SECSuccess; /* already initialized */

305
security/nss/tests/cert/cert.sh
View File

@ -292,6 +292,14 @@ cert_create_cert()
return $RET
fi
CU_ACTION="Import DSA Root CA for $CERTNAME"
certu -A -n "TestCA-dsa" -t "TC,TC,TC" -f "${R_PWFILE}" \
-d "${PROFILEDIR}" -i "${R_CADIR}/TestCA-dsa.ca.cert" 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
if [ -z "$NSS_DISABLE_ECC" ] ; then
CU_ACTION="Import EC Root CA for $CERTNAME"
certu -A -n "TestCA-ec" -t "TC,TC,TC" -f "${R_PWFILE}" \
@ -337,6 +345,60 @@ cert_add_cert()
cert_log "SUCCESS: $CERTNAME's Cert Created"
#
# Generate and add DSA cert
#
CU_ACTION="Generate DSA Cert Request for $CERTNAME"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsa@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -k dsa -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
CU_ACTION="Sign ${CERTNAME}'s DSA Request"
certu -C -c "TestCA-dsa" -m "$CERTSERIAL" -v 60 -d "${P_R_CADIR}" \
-i req -o "${CERTNAME}-dsa.cert" -f "${R_PWFILE}" "$1" 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
CU_ACTION="Import $CERTNAME's DSA Cert"
certu -A -n "${CERTNAME}-dsa" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsa.cert" 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
cert_log "SUCCESS: $CERTNAME's DSA Cert Created"
# Generate DSA certificate signed with RSA
CU_ACTION="Generate mixed DSA Cert Request for $CERTNAME"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsamixed@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -k dsa -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
CU_ACTION="Sign ${CERTNAME}'s DSA Request with RSA"
# Avoid conflicting serial numbers with TestCA issuer by keeping
# this set far away. A smaller number risks colliding with the
# extended ssl user certificates.
NEWSERIAL=`expr ${CERTSERIAL} + 20000`
certu -C -c "TestCA" -m "$NEWSERIAL" -v 60 -d "${P_R_CADIR}" \
-i req -o "${CERTNAME}-dsamixed.cert" -f "${R_PWFILE}" "$1" 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
CU_ACTION="Import $CERTNAME's mixed DSA Cert"
certu -A -n "${CERTNAME}-dsamixed" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsamixed.cert" 2>&1
if [ "$RET" -ne 0 ]; then
return $RET
fi
cert_log "SUCCESS: $CERTNAME's mixed DSA Cert Created"
#
# Generate and add EC cert
#
@ -430,6 +492,34 @@ cert_all_CA()
# root.cert in $CLIENT_CADIR and in $SERVER_CADIR is one of the last
# in the chain
#
# Create DSA version of TestCA
ALL_CU_SUBJECT="CN=NSS Test CA (DSA), O=BOGUS NSS, L=Mountain View, ST=California, C=US"
cert_dsa_CA $CADIR TestCA-dsa -x "CTu,CTu,CTu" ${D_CA} "1"
#
# Create DSA versions of the intermediate CA certs
ALL_CU_SUBJECT="CN=NSS Server Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $SERVER_CADIR serverCA-dsa -x "Cu,Cu,Cu" ${D_SERVER_CA} "2"
ALL_CU_SUBJECT="CN=NSS Chain1 Server Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $SERVER_CADIR chain-1-serverCA-dsa "-c serverCA-dsa" "u,u,u" ${D_SERVER_CA} "3"
ALL_CU_SUBJECT="CN=NSS Chain2 Server Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $SERVER_CADIR chain-2-serverCA-dsa "-c chain-1-serverCA-dsa" "u,u,u" ${D_SERVER_CA} "4"
ALL_CU_SUBJECT="CN=NSS Client Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $CLIENT_CADIR clientCA-dsa -x "Tu,Cu,Cu" ${D_CLIENT_CA} "5"
ALL_CU_SUBJECT="CN=NSS Chain1 Client Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $CLIENT_CADIR chain-1-clientCA-dsa "-c clientCA-dsa" "u,u,u" ${D_CLIENT_CA} "6"
ALL_CU_SUBJECT="CN=NSS Chain2 Client Test CA (DSA), O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
cert_dsa_CA $CLIENT_CADIR chain-2-clientCA-dsa "-c chain-1-clientCA-dsa" "u,u,u" ${D_CLIENT_CA} "7"
rm $CLIENT_CADIR/dsaroot.cert $SERVER_CADIR/dsaroot.cert
# dsaroot.cert in $CLIENT_CADIR and in $SERVER_CADIR is one of the last
# in the chain
if [ -z "$NSS_DISABLE_ECC" ] ; then
#
# Create EC version of TestCA
@ -540,6 +630,76 @@ CERTSCRIPT
cp root.cert ${NICKNAME}.ca.cert
}
################################ cert_dsa_CA #############################
# local shell function to build the Temp. Certificate Authority (CA)
# used for testing purposes, creating a CA Certificate and a root cert
# This is the ECC version of cert_CA.
##########################################################################
cert_dsa_CA()
{
CUR_CADIR=$1
NICKNAME=$2
SIGNER=$3
TRUSTARG=$4
DOMAIN=$5
CERTSERIAL=$6
echo "$SCRIPTNAME: Creating an DSA CA Certificate $NICKNAME =========================="
if [ ! -d "${CUR_CADIR}" ]; then
mkdir -p "${CUR_CADIR}"
fi
cd ${CUR_CADIR}
pwd
LPROFILE=.
if [ -n "${MULTIACCESS_DBM}" ]; then
LPROFILE="multiaccess:${DOMAIN}"
fi
################# Creating an DSA CA Cert ###############################
#
CU_ACTION="Creating DSA CA Cert $NICKNAME "
CU_SUBJECT=$ALL_CU_SUBJECT
certu -S -n $NICKNAME -k dsa -t $TRUSTARG -v 600 $SIGNER \
-d ${LPROFILE} -1 -2 -5 -f ${R_PWFILE} -z ${R_NOISE_FILE} \
-m $CERTSERIAL 2>&1 <<CERTSCRIPT
5
6
9
n
y
-1
n
5
6
7
9
n
CERTSCRIPT
if [ "$RET" -ne 0 ]; then
echo "return value is $RET"
Exit 6 "Fatal - failed to create DSA CA cert"
fi
################# Exporting DSA Root Cert ###############################
#
CU_ACTION="Exporting DSA Root Cert"
certu -L -n $NICKNAME -r -d ${LPROFILE} -o dsaroot.cert
if [ "$RET" -ne 0 ]; then
Exit 7 "Fatal - failed to export dsa root cert"
fi
cp dsaroot.cert ${NICKNAME}.ca.cert
}
################################ cert_ec_CA ##############################
# local shell function to build the Temp. Certificate Authority (CA)
# used for testing purposes, creating a CA Certificate and a root cert
@ -742,6 +902,50 @@ cert_extended_ssl()
certu -A -n "clientCA" -t "T,," -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-i "${CLIENT_CADIR}/clientCA.ca.cert" 2>&1
#
# Repeat the above for DSA certs
#
CU_ACTION="Generate DSA Cert Request for $CERTNAME (ext)"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsa@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -d "${PROFILEDIR}" -k dsa -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
CU_ACTION="Sign ${CERTNAME}'s DSA Request (ext)"
cp ${CERTDIR}/req ${SERVER_CADIR}
certu -C -c "chain-2-serverCA-dsa" -m 200 -v 60 -d "${P_SERVER_CADIR}" \
-i req -o "${CERTNAME}-dsa.cert" -f "${R_PWFILE}" 2>&1
CU_ACTION="Import $CERTNAME's DSA Cert -t u,u,u (ext)"
certu -A -n "${CERTNAME}-dsa" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsa.cert" 2>&1
CU_ACTION="Import Client DSA Root CA -t T,, for $CERTNAME (ext.)"
certu -A -n "clientCA-dsa" -t "T,," -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-i "${CLIENT_CADIR}/clientCA-dsa.ca.cert" 2>&1
#
# done with DSA certs
#
# Repeat again for mixed DSA certs
#
CU_ACTION="Generate mixed DSA Cert Request for $CERTNAME (ext)"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsamixed@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -d "${PROFILEDIR}" -k dsa -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
CU_ACTION="Sign ${CERTNAME}'s mixed DSA Request (ext)"
cp ${CERTDIR}/req ${SERVER_CADIR}
certu -C -c "chain-2-serverCA" -m 202 -v 60 -d "${P_SERVER_CADIR}" \
-i req -o "${CERTNAME}-dsamixed.cert" -f "${R_PWFILE}" 2>&1
CU_ACTION="Import $CERTNAME's mixed DSA Cert -t u,u,u (ext)"
certu -A -n "${CERTNAME}-dsamixed" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsamixed.cert" 2>&1
# CU_ACTION="Import Client mixed DSA Root CA -t T,, for $CERTNAME (ext.)"
# certu -A -n "clientCA-dsamixed" -t "T,," -f "${R_PWFILE}" \
# -d "${PROFILEDIR}" -i "${CLIENT_CADIR}/clientCA-dsamixed.ca.cert" \
# 2>&1
if [ -z "$NSS_DISABLE_ECC" ] ; then
#
# Repeat the above for EC certs
@ -794,7 +998,7 @@ cert_extended_ssl()
for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ;
do
N=`basename $CA | sed -e "s/.ca.cert//"`
if [ $N = "serverCA" -o $N = "serverCA-ec" ] ; then
if [ $N = "serverCA" -o $N = "serverCA-ec" -o $N = "serverCA-dsa" ] ; then
T="-t C,C,C"
else
T="-t u,u,u"
@ -830,6 +1034,53 @@ cert_extended_ssl()
certu -A -n "serverCA" -t "C,C,C" -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-i "${SERVER_CADIR}/serverCA.ca.cert" 2>&1
#
# Repeat the above for DSA certs
#
CU_ACTION="Generate DSA Cert Request for $CERTNAME (ext)"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsa@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -d "${PROFILEDIR}" -k dsa -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
CU_ACTION="Sign ${CERTNAME}'s DSA Request (ext)"
cp ${CERTDIR}/req ${CLIENT_CADIR}
certu -C -c "chain-2-clientCA-dsa" -m 300 -v 60 -d "${P_CLIENT_CADIR}" \
-i req -o "${CERTNAME}-dsa.cert" -f "${R_PWFILE}" 2>&1
CU_ACTION="Import $CERTNAME's DSA Cert -t u,u,u (ext)"
certu -A -n "${CERTNAME}-dsa" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsa.cert" 2>&1
CU_ACTION="Import Server DSA Root CA -t C,C,C for $CERTNAME (ext.)"
certu -A -n "serverCA-dsa" -t "C,C,C" -f "${R_PWFILE}" \
-d "${PROFILEDIR}" -i "${SERVER_CADIR}/serverCA-dsa.ca.cert" 2>&1
#
# done with DSA certs
#
#
# Repeat the above for mixed DSA certs
#
CU_ACTION="Generate mixed DSA Cert Request for $CERTNAME (ext)"
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-dsamixed@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
certu -R -d "${PROFILEDIR}" -k dsa -f "${R_PWFILE}" \
-z "${R_NOISE_FILE}" -o req 2>&1
CU_ACTION="Sign ${CERTNAME}'s mixed DSA Request (ext)"
cp ${CERTDIR}/req ${CLIENT_CADIR}
certu -C -c "chain-2-clientCA" -m 302 -v 60 -d "${P_CLIENT_CADIR}" \
-i req -o "${CERTNAME}-dsamixed.cert" -f "${R_PWFILE}" 2>&1
CU_ACTION="Import $CERTNAME's mixed DSA Cert -t u,u,u (ext)"
certu -A -n "${CERTNAME}-dsamixed" -t "u,u,u" -d "${PROFILEDIR}" \
-f "${R_PWFILE}" -i "${CERTNAME}-dsamixed.cert" 2>&1
# CU_ACTION="Import Server DSA Root CA -t C,C,C for $CERTNAME (ext.)"
# certu -A -n "serverCA-dsa" -t "C,C,C" -f "${R_PWFILE}" \
# -d "${PROFILEDIR}" -i "${SERVER_CADIR}/serverCA-dsa.ca.cert" 2>&1
#
# done with mixed DSA certs
#
if [ -z "$NSS_DISABLE_ECC" ] ; then
#
# Repeat the above for EC certs
@ -883,7 +1134,7 @@ cert_extended_ssl()
for CA in `find ${CLIENT_CADIR} -name "?*.ca.cert"` ;
do
N=`basename $CA | sed -e "s/.ca.cert//"`
if [ $N = "clientCA" -o $N = "clientCA-ec" ] ; then
if [ $N = "clientCA" -o $N = "clientCA-ec" -o $N = "clientCA-dsa" ] ; then
T="-t T,C,C"
else
T="-t u,u,u"
@ -920,6 +1171,10 @@ cert_ssl()
cert_add_cert
CU_ACTION="Modify trust attributes of Root CA -t TC,TC,TC"
certu -M -n "TestCA" -t "TC,TC,TC" -d ${PROFILEDIR} -f "${R_PWFILE}"
CU_ACTION="Modify trust attributes of DSA Root CA -t TC,TC,TC"
certu -M -n "TestCA-dsa" -t "TC,TC,TC" -d ${PROFILEDIR} -f "${R_PWFILE}"
if [ -z "$NSS_DISABLE_ECC" ] ; then
CU_ACTION="Modify trust attributes of EC Root CA -t TC,TC,TC"
certu -M -n "TestCA-ec" -t "TC,TC,TC" -d ${PROFILEDIR} -f "${R_PWFILE}"
@ -1467,6 +1722,24 @@ EOF_CRLINI
CRL_GEN_RES=`expr $? + $CRL_GEN_RES`
chmod 600 ${CRL_FILE_GRP_1}_or
CU_ACTION="Generating CRL (DSA) for range ${CRL_GRP_1_BEGIN}-${CRL_GRP_END} TestCA-dsa authority"
# Until Bug 292285 is resolved, do not encode x400 Addresses. After
# the bug is resolved, reintroduce "x400Address:x400Address" within
# addext issuerAltNames ...
crlu -q -d $CADIR -G -n "TestCA-dsa" -f ${R_PWFILE} \
-o ${CRL_FILE_GRP_1}_or-dsa <<EOF_CRLINI
update=$CRLUPDATE
addcert ${CRL_GRP_1_BEGIN}-${CRL_GRP_END_} $CRL_GRP_DATE
addext reasonCode 0 4
addext issuerAltNames 0 "rfc822Name:ca-dsaemail@ca.com|dnsName:ca-dsa.com|directoryName:CN=NSS Test CA (DSA),O=BOGUS NSS,L=Mountain View,ST=California,C=US|URI:http://ca-dsa.com|ipAddress:192.168.0.1|registerID=reg CA (DSA)"
EOF_CRLINI
CRL_GEN_RES=`expr $? + $CRL_GEN_RES`
chmod 600 ${CRL_FILE_GRP_1}_or-dsa
if [ -z "$NSS_DISABLE_ECC" ] ; then
CU_ACTION="Generating CRL (ECC) for range ${CRL_GRP_1_BEGIN}-${CRL_GRP_END} TestCA-ec authority"
@ -1500,6 +1773,19 @@ EOF_CRLINI
CRL_GEN_RES=`expr $? + $CRL_GEN_RES`
chmod 600 ${CRL_FILE_GRP_1}_or1
TEMPFILES="$TEMPFILES ${CRL_FILE_GRP_1}_or"
CU_ACTION="Modify CRL (DSA) by adding one more cert"
crlu -d $CADIR -M -n "TestCA-dsa" -f ${R_PWFILE} -o ${CRL_FILE_GRP_1}_or1-dsa \
-i ${CRL_FILE_GRP_1}_or-dsa <<EOF_CRLINI
update=$CRLUPDATE
addcert ${CRL_GRP_END} $CRL_GRP_DATE
EOF_CRLINI
CRL_GEN_RES=`expr $? + $CRL_GEN_RES`
chmod 600 ${CRL_FILE_GRP_1}_or1-dsa
TEMPFILES="$TEMPFILES ${CRL_FILE_GRP_1}_or-dsa"
if [ -z "$NSS_DISABLE_ECC" ] ; then
CU_ACTION="Modify CRL (ECC) by adding one more cert"
crlu -d $CADIR -M -n "TestCA-ec" -f ${R_PWFILE} \
@ -1524,6 +1810,21 @@ rmcert ${UNREVOKED_CERT_GRP_1}
EOF_CRLINI
chmod 600 ${CRL_FILE_GRP_1}
TEMPFILES="$TEMPFILES ${CRL_FILE_GRP_1}_or1"
CU_ACTION="Modify CRL (DSA) by removing one cert"
sleep 2
CRLUPDATE=`date -u "+%Y%m%d%H%M%SZ"`
crlu -d $CADIR -M -n "TestCA-dsa" -f ${R_PWFILE} -o ${CRL_FILE_GRP_1} \
-i ${CRL_FILE_GRP_1}_or1 <<EOF_CRLINI
update=$CRLUPDATE
rmcert ${UNREVOKED_CERT_GRP_1}
EOF_CRLINI
chmod 600 ${CRL_FILE_GRP_1}
TEMPFILES="$TEMPFILES ${CRL_FILE_GRP_1}_or1-dsa"
if [ -z "$NSS_DISABLE_ECC" ] ; then
CU_ACTION="Modify CRL (ECC) by removing one cert"
crlu -d $CADIR -M -n "TestCA-ec" -f ${R_PWFILE} -o ${CRL_FILE_GRP_1}-ec \

11
security/nss/tests/ssl/ssl.sh
View File

@ -88,8 +88,8 @@ ssl_init()
ECC_STRING=""
fi
CSHORT="-c ABCDEF:003B:003C:003D:0041:0084:009Ccdefgijklmnvyz"
CLONG="-c ABCDEF:C001:C002:C003:C004:C005:C006:C007:C008:C009:C00A:C00B:C00C:C00D:C00E:C00F:C010:C011:C012:C013:C014:C023:C027:C02B:C02F:003B:003C:003D:0041:0084:009Ccdefgijklmnvyz"
CSHORT="-c ABCDEF:0016:0032:0033:0038:0039:003B:003C:003D:0040:0041:0067:006A:006B:0084:009C:009E:00A2cdefgijklmnvyz"
CLONG="-c ABCDEF:C001:C002:C003:C004:C005:C006:C007:C008:C009:C00A:C00B:C00C:C00D:C00E:C00F:C010:C011:C012:C013:C014:C023:C027:C02B:C02F:0016:0032:0033:0038:0039:003B:003C:003D:0040:0041:0067:006A:006B:0084:009C:009E:00A2cdefgijklmnvyz"
if [ "${OS_ARCH}" != "WINNT" ]; then
ulimit -n 1000 # make sure we have enough file descriptors
@ -213,15 +213,16 @@ start_selfserv()
fi
echo "selfserv starting at `date`"
echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \\"
echo " ${ECC_OPTIONS} -w nss ${sparam} -i ${R_SERVERPID} $verbose &"
echo " ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID}\\"
echo " $verbose -H 1 &"
if [ ${fileout} -eq 1 ]; then
${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \
${ECC_OPTIONS} -w nss ${sparam} -i ${R_SERVERPID} $verbose \
${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID} $verbose -H 1 \
> ${SERVEROUTFILE} 2>&1 &
RET=$?
else
${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \
${ECC_OPTIONS} -w nss ${sparam} -i ${R_SERVERPID} $verbose &
${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID} $verbose -H 1 &
RET=$?
fi

11
security/nss/tests/ssl/sslcov.txt
View File

@ -86,10 +86,21 @@
noECC TLS12 v TLS12_RSA_WITH_AES_128_CBC_SHA
noECC TLS12 y TLS12_RSA_WITH_AES_256_CBC_SHA
noECC TLS12 z TLS12_RSA_WITH_NULL_SHA
noECC TLS12 :0016 TLS12_DHE_RSA_WITH_3DES_EDE_CBC_SHA
noECC TLS12 :0032 TLS12_DHE_DSS_WITH_AES_128_CBC_SHA
noECC TLS12 :0033 TLS12_DHE_RSA_WITH_AES_128_CBC_SHA
noECC TLS12 :0038 TLS12_DHE_DSS_WITH_AES_256_CBC_SHA
noECC TLS12 :0039 TLS12_DHE_RSA_WITH_AES_256_CBC_SHA
noECC TLS12 :003B TLS12_RSA_WITH_NULL_SHA256
noECC TLS12 :003C TLS12_RSA_WITH_AES_128_CBC_SHA256
noECC TLS12 :003D TLS12_RSA_WITH_AES_256_CBC_SHA256
noECC TLS12 :0040 TLS12_DHE_DSS_WITH_AES_128_CBC_SHA256
noECC TLS12 :0067 TLS12_DHE_RSA_WITH_AES_128_CBC_SHA256
noECC TLS12 :006A TLS12_DHE_DSS_WITH_AES_256_CBC_SHA256
noECC TLS12 :006B TLS12_DHE_RSA_WITH_AES_256_CBC_SHA256
noECC TLS12 :009C TLS12_RSA_WITH_AES_128_GCM_SHA256
noECC TLS12 :009E TLS12_DHE_RSA_WITH_AES_128_GCM_SHA256
noECC TLS12 :00A2 TLS12_DHE_DSS_WITH_AES_128_GCM_SHA256
#
# ECC ciphers (TLS)
#

31
security/nss/tests/ssl/sslstress.txt
View File

@ -44,6 +44,7 @@
ECC 0 -c_:C027 -V_ssl3:_-c_1000_-C_:C027 Stress TLS ECDHE-RSA AES 128 CBC with SHA256
ECC 0 -c_:C02F -V_ssl3:_-c_1000_-C_:C02F Stress TLS ECDHE-RSA AES 128 GCM
ECC 0 -c_:C004_-u -V_ssl3:_-c_1000_-C_:C004_-u Stress TLS ECDH-ECDSA AES 128 CBC with SHA (session ticket)
ECC 0 -c_:C009_-u -V_ssl3:_-c_100_-C_:C009_-u Stress TLS ECDHE-ECDSA AES 128 CBC with SHA (session ticket)
#
# add client auth versions here...
#
@ -53,3 +54,33 @@
ECC 0 -r_-r_-c_:C00E -V_ssl3:_-c_10_-C_:C00E_-N_-n_TestUser-ecmixed Stress TLS ECDH-RSA AES 128 CBC with SHA (no reuse, client auth)
ECC 0 -r_-r_-c_:C013 -V_ssl3:_-c_100_-C_:C013_-n_TestUser-ec Stress TLS ECDHE-RSA AES 128 CBC with SHA(client auth)
ECC 0 -r_-r_-c_:C013_-u -V_ssl3:_-c_100_-C_:C013_-n_TestUser-ec_-u Stress TLS ECDHE-RSA AES 128 CBC with SHA(session ticket, client auth)
#
# ############################ DHE ciphers ############################
#
noECC 0 -c_:0016 -V_ssl3:_-c_100_-C_:0016_-N Stress TLS DHE_RSA_WITH_3DES_EDE_CBC_SHA (no reuse)
noECC 0 -c_:0033 -V_ssl3:_-c_1000_-C_:0033 Stress TLS DHE_RSA_WITH_AES_128_CBC_SHA
noECC 0 -c_:0039 -V_ssl3:_-c_100_-C_:0039_-N Stress TLS DHE_RSA_WITH_AES_256_CBC_SHA (no reuse)
noECC 0 -c_:0040 -V_ssl3:_-c_100_-C_:0040_-N Stress TLS DHE_DSS_WITH_AES_128_CBC_SHA256 (no reuse)
# noECC 0 -c_:0038_-u -V_ssl3:_-c_1000_-C_:0038_-u Stress TLS DHE_DSS_WITH_AES_256_CBC_SHA (session ticket)
# use the above session ticket test, once session tickets with DHE_DSS are working
noECC 0 -c_:0038 -V_ssl3:_-c_1000_-C_:0038_-N Stress TLS DHE_DSS_WITH_AES_256_CBC_SHA (no reuse)
# noECC 0 -c_:006A -V_ssl3:_-c_1000_-C_:006A Stress TLS DHE_DSS_WITH_AES_256_CBC_SHA256
# use the above reuse test, once the session cache with DHE_DSS is working
noECC 0 -c_:006A -V_ssl3:_-c_1000_-C_:006A_-N Stress TLS DHE_DSS_WITH_AES_256_CBC_SHA256 (no reuse
noECC 0 -c_:006B -V_ssl3:_-c_100_-C_:006B_-N Stress TLS DHE_RSA_WITH_AES_256_CBC_SHA256 (no reuse)
noECC 0 -c_:009E -V_ssl3:_-c_100_-C_:009E_-N Stress TLS DHE_RSA_WITH_AES_128_GCM_SHA256 (no reuse)
#
# add client auth versions here...
#
noECC 0 -r_-r_-c_:0032 -V_ssl3:_-c_100_-C_:0032_-N_-n_TestUser-dsa Stress TLS DHE_DSS_WITH_AES_128_CBC_SHA (no reuse, client auth)
noECC 0 -r_-r_-c_:0067 -V_ssl3:_-c_1000_-C_:0067_-n_TestUser-dsamixed Stress TLS DHE_RSA_WITH_AES_128_CBC_SHA256 (client auth)
# noECC 0 -r_-r_-c_:00A2_-u -V_ssl3:_-c_1000_-C_:00A2_-n_TestUser-dsa_-u Stress TLS DHE_DSS_WITH_AES_128_GCM_SHA256 (session ticket, client auth)
# use the above session ticket test, once session tickets with DHE_DSS are working
noECC 0 -r_-r_-c_:00A2_-u -V_ssl3:_-c_1000_-C_:00A2_-N_-n_TestUser-dsa Stress TLS DHE_DSS_WITH_AES_128_GCM_SHA256 (no reuse, client auth)