sslinfo.c revision d0247b1b59f9c528cb6df88b4f2b9afaf80d181e
15c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)/* This Source Code Form is subject to the terms of the Mozilla Public 25c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * License, v. 2.0. If a copy of the MPL was not distributed with this 3926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 45c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#include "ssl.h" 55c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#include "sslimpl.h" 65c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#include "sslproto.h" 75c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 85c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)static const char * 95c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)ssl_GetCompressionMethodName(SSLCompressionMethod compression) 105c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){ 115c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) switch (compression) { 125c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) case ssl_compression_null: 135c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return "NULL"; 145c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#ifdef NSS_ENABLE_ZLIB 155c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) case ssl_compression_deflate: 165c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return "DEFLATE"; 175c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#endif 185c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) default: 195c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return "???"; 205c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 215c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 225c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 235c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SECStatus 245c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len) 255c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){ 265c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) sslSocket * ss; 275c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) SSLChannelInfo inf; 2853e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) sslSessionID * sid; 2953e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) PRBool enoughFirstHsDone = PR_FALSE; 305d92fedcae5e801a8b224de090094f2d9df0b54aTorne (Richard Coles) 3153e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) if (!info || len < sizeof inf.length) { 3253e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) PORT_SetError(SEC_ERROR_INVALID_ARGS); 3353e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) return SECFailure; 34e1f1df5f01594c0e62e751e4b46e779b85c2faa5Torne (Richard Coles) } 3553e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) 3609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) ss = ssl_FindSocket(fd); 3753e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) if (!ss) { 38e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo", 395267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) SSL_GETPID(), fd)); 40bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) return SECFailure; 41d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) } 42d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) 4353e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) memset(&inf, 0, sizeof inf); 4453e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) inf.length = PR_MIN(sizeof inf, len); 4553e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) 4653e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) if (ss->firstHsDone) { 4753e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) enoughFirstHsDone = PR_TRUE; 4853e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 && 4953e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) ssl3_CanFalseStart(ss)) { 5053e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) enoughFirstHsDone = PR_TRUE; 5153e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) } 52591b958dee2cf159d33a0b931e6231072eaf38d5Ben Murdoch 535c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (ss->opt.useSecurity && enoughFirstHsDone) { 545c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) sid = ss->sec.ci.sid; 555c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) inf.protocolVersion = ss->version; 565c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) inf.authKeyBits = ss->sec.authKeyBits; 575c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) inf.keaKeyBits = ss->sec.keaKeyBits; 5809380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */ 59323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles) inf.cipherSuite = ss->sec.cipherType | 0xff00; 6009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) inf.compressionMethod = ssl_compression_null; 6109380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) inf.compressionMethodName = "N/A"; 62f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu } else if (ss->ssl3.initialized) { /* SSL3 and TLS */ 63926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) ssl_GetSpecReadLock(ss); 64f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu /* XXX The cipher suite should be in the specs and this 655c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * function should get it from cwSpec rather than from the "hs". 665c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * See bug 275744 comment 69 and bug 766137. 67926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) */ 68f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu inf.cipherSuite = ss->ssl3.hs.cipher_suite; 69926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) inf.compressionMethod = ss->ssl3.cwSpec->compression_method; 70f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu ssl_ReleaseSpecReadLock(ss); 71323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles) inf.compressionMethodName = 72926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) ssl_GetCompressionMethodName(inf.compressionMethod); 73926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } 7409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) if (sid) { 75926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) inf.creationTime = sid->creationTime; 7609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) inf.lastAccessTime = sid->lastAccessTime; 77f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu inf.expirationTime = sid->expirationTime; 78f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */ 79926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) inf.sessionIDLength = SSL2_SESSIONID_BYTES; 80f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu memcpy(inf.sessionID, sid->u.ssl2.sessionID, 81926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) SSL2_SESSIONID_BYTES); 82926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } else { 83323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles) unsigned int sidLen = sid->u.ssl3.sessionIDLength; 845c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) sidLen = PR_MIN(sidLen, sizeof inf.sessionID); 855c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) inf.sessionIDLength = sidLen; 865c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) memcpy(inf.sessionID, sid->u.ssl3.sessionID, sidLen); 875c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 88f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu } 89926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } 90323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles) 91926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) memcpy(info, &inf, inf.length); 925c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 935c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return SECSuccess; 94d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles)} 955c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 96926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) 97926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)#define CS(x) x, #x 98926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)#define CK(x) x | 0xff00, #x 99f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu 1005c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define S_DSA "DSA", ssl_auth_dsa 1015c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define S_RSA "RSA", ssl_auth_rsa 10209380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define S_KEA "KEA", ssl_auth_kea 10309380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define S_ECDSA "ECDSA", ssl_auth_ecdsa 10409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 10509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define K_DHE "DHE", kt_dh 10609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define K_RSA "RSA", kt_rsa 10709380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define K_KEA "KEA", kt_kea 10809380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define K_ECDH "ECDH", kt_ecdh 10909380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define K_ECDHE "ECDHE", kt_ecdh 11009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 11109380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_SEED "SEED", calg_seed 11209380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_CAMELLIA "CAMELLIA", calg_camellia 11309380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_AES "AES", calg_aes 11409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_RC4 "RC4", calg_rc4 11509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_RC2 "RC2", calg_rc2 11609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_DES "DES", calg_des 11709380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_3DES "3DES", calg_3des 11809380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_NULL "NULL", calg_null 11909380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define C_SJ "SKIPJACK", calg_sj 12023e46e0f045bc1935a09565578b448d36cfc5b8cBen Murdoch#define C_AESGCM "AES-GCM", calg_aes_gcm 12123e46e0f045bc1935a09565578b448d36cfc5b8cBen Murdoch#define C_CHACHA20 "CHACHA20POLY1305", calg_chacha20 12209380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 12323e46e0f045bc1935a09565578b448d36cfc5b8cBen Murdoch#define B_256 256, 256, 256 12423e46e0f045bc1935a09565578b448d36cfc5b8cBen Murdoch#define B_128 128, 128, 128 125323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles)#define B_3DES 192, 156, 112 1265c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define B_SJ 96, 80, 80 1275c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define B_DES 64, 56, 56 1285c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define B_56 128, 56, 56 1295c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define B_40 128, 40, 40 1305c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define B_0 0, 0, 0 1315c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 132323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles)#define M_AEAD_128 "AEAD", ssl_mac_aead, 128 1335c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define M_SHA256 "SHA256", ssl_hmac_sha256, 256 13409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)#define M_SHA "SHA1", ssl_mac_sha, 160 1355c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define M_MD5 "MD5", ssl_mac_md5, 128 1365c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#define M_NULL "NULL", ssl_mac_null, 0 13709380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 1385c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)static const SSLCipherSuiteInfo suiteInfo[] = { 139f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu/* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */ 14009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(TLS_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_RSA, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, }, 141926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) 142926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_256, M_SHA, 0, 0, 0, }, 143f91f5fa1608c2cdd9af1842fb5dadbe78275be2aBo Liu{0,CS(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_256, M_SHA, 0, 0, 0, }, 14409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_DHE, C_AES, B_256, M_SHA256, 1, 0, 0, }, 14509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, 1, 0, 0, }, 1465c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, 1, 0, 0, }, 1475c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M_SHA, 0, 0, 0, }, 1485c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_RSA, C_AES, B_256, M_SHA256, 1, 0, 0, }, 1495c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, 1, 0, 0, }, 1505c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 1515c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M_SHA, 0, 0, 0, }, 152926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M_SHA, 0, 0, 0, }, 153926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, 0, 0, 0, }, 154926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_DHE, C_AES, B_128, M_SHA256, 1, 0, 0, }, 1555c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_DHE, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, }, 1565c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA, 1, 0, 0, }, 157197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, 1, 0, 0, }, 15809380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(TLS_RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED,B_128, M_SHA, 1, 0, 0, }, 159197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M_SHA, 0, 0, 0, }, 16009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(SSL_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, 0, 0, 0, }, 161197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(SSL_RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, }, 16209380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(TLS_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_RSA, C_AES, B_128, M_SHA256, 1, 0, 0, }, 163197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(TLS_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA, 1, 0, 0, }, 16409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 16509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES,B_3DES,M_SHA, 1, 0, 0, }, 16609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES,B_3DES,M_SHA, 1, 0, 0, }, 1675c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 1, }, 1685c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 0, }, 169926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) 170197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, }, 171926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, }, 1725c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 0, 0, 1, }, 1735c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 0, 0, 0, }, 1745c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 1755c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_RSA_EXPORT1024_WITH_RC4_56_SHA), S_RSA, K_RSA, C_RC4, B_56, M_SHA, 0, 1, 0, }, 1765c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 0, 1, 0, }, 177926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(SSL_RSA_EXPORT_WITH_RC4_40_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, 1, 0, }, 178926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, 1, 0, }, 179926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_RSA_WITH_NULL_SHA256), S_RSA, K_RSA, C_NULL,B_0, M_SHA256, 0, 1, 0, }, 1805c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_WITH_NULL_SHA), S_RSA, K_RSA, C_NULL,B_0, M_SHA, 0, 1, 0, }, 1815c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(SSL_RSA_WITH_NULL_MD5), S_RSA, K_RSA, C_NULL,B_0, M_MD5, 0, 1, 0, }, 1825c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 1835c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#ifdef NSS_ENABLE_ECC 1845c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)/* ECC cipher suites */ 1855c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_ECDHE, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, }, 1861e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), S_ECDSA, K_ECDHE, C_AESGCM, B_128, M_AEAD_128, 1, 0, 0, }, 1875c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 1885c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_ECDSA_WITH_NULL_SHA), S_ECDSA, K_ECDH, C_NULL, B_0, M_SHA, 0, 0, 0, }, 1895c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_ECDSA_WITH_RC4_128_SHA), S_ECDSA, K_ECDH, C_RC4, B_128, M_SHA, 0, 0, 0, }, 1905c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA), S_ECDSA, K_ECDH, C_3DES, B_3DES, M_SHA, 1, 0, 0, }, 1915c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_128, M_SHA, 1, 0, 0, }, 1925c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDH, C_AES, B_256, M_SHA, 1, 0, 0, }, 1935c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 1945c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_NULL_SHA), S_ECDSA, K_ECDHE, C_NULL, B_0, M_SHA, 0, 0, 0, }, 1955c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA), S_ECDSA, K_ECDHE, C_RC4, B_128, M_SHA, 0, 0, 0, }, 1965c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA), S_ECDSA, K_ECDHE, C_3DES, B_3DES, M_SHA, 1, 0, 0, }, 1975c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA, 1, 0, 0, }, 1985c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256), S_ECDSA, K_ECDHE, C_AES, B_128, M_SHA256, 1, 0, 0, }, 19983750176c3ee2cea66c8a9751271026a5901be3aBen Murdoch{0,CS(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA), S_ECDSA, K_ECDHE, C_AES, B_256, M_SHA, 1, 0, 0, }, 2005c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305),S_ECDSA,K_ECDHE,C_CHACHA20,B_256,M_AEAD_128,0, 0, 0, }, 2015c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 202926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_ECDH_RSA_WITH_NULL_SHA), S_RSA, K_ECDH, C_NULL, B_0, M_SHA, 0, 0, 0, }, 203197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch{0,CS(TLS_ECDH_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDH, C_RC4, B_128, M_SHA, 0, 0, 0, }, 204926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_ECDH, C_3DES, B_3DES, M_SHA, 1, 0, 0, }, 2055c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDH, C_AES, B_128, M_SHA, 1, 0, 0, }, 2065c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_ECDH, C_AES, B_256, M_SHA, 1, 0, 0, }, 2075c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305), S_RSA,K_ECDHE,C_CHACHA20,B_256,M_AEAD_128, 0, 0, 0, }, 2085c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 209926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_NULL_SHA), S_RSA, K_ECDHE, C_NULL, B_0, M_SHA, 0, 0, 0, }, 210926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_RC4_128_SHA), S_RSA, K_ECDHE, C_RC4, B_128, M_SHA, 0, 0, 0, }, 21183750176c3ee2cea66c8a9751271026a5901be3aBen Murdoch{0,CS(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_ECDHE, C_3DES, B_3DES, M_SHA, 1, 0, 0, }, 2125c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_ECDHE, C_AES, B_128, M_SHA, 1, 0, 0, }, 2135c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256), S_RSA, K_ECDHE, C_AES, B_128, M_SHA256, 1, 0, 0, }, 214926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CS(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_ECDHE, C_AES, B_256, M_SHA, 1, 0, 0, }, 2155c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)#endif /* NSS_ENABLE_ECC */ 2165c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 2175c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)/* SSL 2 table */ 2185c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CK(SSL_CK_RC4_128_WITH_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, }, 2195c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CK(SSL_CK_RC2_128_CBC_WITH_MD5), S_RSA, K_RSA, C_RC2, B_128, M_MD5, 0, 0, 0, }, 2205c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CK(SSL_CK_DES_192_EDE3_CBC_WITH_MD5), S_RSA, K_RSA, C_3DES,B_3DES,M_MD5, 0, 0, 0, }, 221926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CK(SSL_CK_DES_64_CBC_WITH_MD5), S_RSA, K_RSA, C_DES, B_DES, M_MD5, 0, 0, 0, }, 222926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){0,CK(SSL_CK_RC4_128_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, 1, 0, }, 2235c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){0,CK(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, 1, 0, } 22406f816c7c76bc45a15e452ade8a34e8af077693eTorne (Richard Coles)}; 22509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 226e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch#define NUM_SUITEINFOS ((sizeof suiteInfo) / (sizeof suiteInfo[0])) 227e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch 228926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) 229926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, 23009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) SSLCipherSuiteInfo *info, PRUintn len) 231926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){ 232d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) unsigned int i; 233926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) 234926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) len = PR_MIN(len, sizeof suiteInfo[0]); 23509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) if (!info || len < sizeof suiteInfo[0].length) { 236926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) PORT_SetError(SEC_ERROR_INVALID_ARGS); 237926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) return SECFailure; 23809380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) } 239926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) for (i = 0; i < NUM_SUITEINFOS; i++) { 24053e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) if (suiteInfo[i].cipherSuite == cipherSuite) { 241926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) memcpy(info, &suiteInfo[i], len); 242926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) info->length = len; 243926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) return SECSuccess; 24409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) } 245926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } 246197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch PORT_SetError(SEC_ERROR_INVALID_ARGS); 247926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) return SECFailure; 248926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)} 24909380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) 250926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)/* This function might be a candidate to be public. 251926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) * Disables all export ciphers in the default set of enabled ciphers. 252926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) */ 253926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)SECStatus 25409380295ba73501a205346becac22c6978e4671dTorne (Richard Coles)SSL_DisableDefaultExportCipherSuites(void) 25509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles){ 25609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) const SSLCipherSuiteInfo * pInfo = suiteInfo; 2571e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles) unsigned int i; 2581e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles) SECStatus rv; 2591e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles) 260e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch for (i = 0; i < NUM_SUITEINFOS; ++i, ++pInfo) { 261e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch if (pInfo->isExportable) { 262e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch rv = SSL_CipherPrefSetDefault(pInfo->cipherSuite, PR_FALSE); 263e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben Murdoch PORT_Assert(rv == SECSuccess); 264926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } 2655c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 2665c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return SECSuccess; 2675c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 2685c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 269926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)/* This function might be a candidate to be public, 270926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) * except that it takes an sslSocket pointer as an argument. 2715c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * A Public version would take a PRFileDesc pointer. 2725c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * Disables all export ciphers in the default set of enabled ciphers. 2735c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) */ 2745c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SECStatus 275926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles)SSL_DisableExportCipherSuites(PRFileDesc * fd) 276926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles){ 2775c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) const SSLCipherSuiteInfo * pInfo = suiteInfo; 2785c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) unsigned int i; 2795c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) SECStatus rv; 2805c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 281926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) for (i = 0; i < NUM_SUITEINFOS; ++i, ++pInfo) { 282926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) if (pInfo->isExportable) { 283926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) rv = SSL_CipherPrefSet(fd, pInfo->cipherSuite, PR_FALSE); 284926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) PORT_Assert(rv == SECSuccess); 285926b001d589ce2f10facb93dd4b87578ea35a855Torne (Richard Coles) } 286197021e6b966cfb06891637935ef33fff06433d1Ben Murdoch } 287d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) return SECSuccess; 288d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles)} 289d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) 290d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles)/* Tells us if the named suite is exportable 2915c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) * returns false for unknown suites. 2925c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) */ 2935c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)PRBool 294e69819bd8e388ea4ad1636a19aa6b2eed4952191Ben MurdochSSL_IsExportCipherSuite(PRUint16 cipherSuite) 2955c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){ 2965c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) unsigned int i; 2975c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) for (i = 0; i < NUM_SUITEINFOS; i++) { 2985c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (suiteInfo[i].cipherSuite == cipherSuite) { 29909380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) return (PRBool)(suiteInfo[i].isExportable); 3005c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3015c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3025c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return PR_FALSE; 3035c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 3045c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 3055c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SECItem* 30653e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles)SSL_GetNegotiatedHostInfo(PRFileDesc *fd) 3075c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles){ 30853e740f4a82e17f3ae59772501622dc354e42336Torne (Richard Coles) SECItem *sniName = NULL; 3095c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) sslSocket *ss; 3105c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) char *name = NULL; 3115c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 3125c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) ss = ssl_FindSocket(fd); 3135c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (!ss) { 3145c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetNegotiatedHostInfo", 3155c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) SSL_GETPID(), fd)); 31609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) return NULL; 3175c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 318d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) 319d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) if (ss->sec.isServer) { 320d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) if (ss->version > SSL_LIBRARY_VERSION_3_0 && 321d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) ss->ssl3.initialized) { /* TLS */ 322d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) SECItem *crsName; 323d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) ssl_GetSpecReadLock(ss); /*********************************/ 324d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) crsName = &ss->ssl3.cwSpec->srvVirtName; 325d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) if (crsName->data) { 326d5428f32f5d1719f774f62e19147104ca245a3abTorne (Richard Coles) sniName = SECITEM_DupItem(crsName); 3275c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3285c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) ssl_ReleaseSpecReadLock(ss); /*----------------------------*/ 3295c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3305c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return sniName; 3315c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3325c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) name = SSL_RevealURL(fd); 3335c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (name) { 334a9984bf9ddc3cf73fdae3f29134a2bab379e7029Ben Murdoch sniName = PORT_ZNew(SECItem); 3355c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (!sniName) { 3365c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) PORT_Free(name); 337f79f16f17ddc4f842d7b7a38603e280e94be826aTorne (Richard Coles) return NULL; 3385c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3395c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) sniName->data = (void*)name; 340f79f16f17ddc4f842d7b7a38603e280e94be826aTorne (Richard Coles) sniName->len = PORT_Strlen(name); 341323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles) } 342f79f16f17ddc4f842d7b7a38603e280e94be826aTorne (Richard Coles) return sniName; 343323480423219ecd77329f8326dc5e0e3b50926d4Torne (Richard Coles)} 344f79f16f17ddc4f842d7b7a38603e280e94be826aTorne (Richard Coles) 3455c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SECStatus 3465c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)SSL_ExportKeyingMaterial(PRFileDesc *fd, 3475c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) const char *label, unsigned int labelLen, 3485c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) PRBool hasContext, 3495d92fedcae5e801a8b224de090094f2d9df0b54aTorne (Richard Coles) const unsigned char *context, unsigned int contextLen, 3505c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) unsigned char *out, unsigned int outLen) 351f79f16f17ddc4f842d7b7a38603e280e94be826aTorne (Richard Coles){ 352f6b7aed3f7ce69aca0d7a032d144cbd088b04393Torne (Richard Coles) sslSocket *ss; 353f6b7aed3f7ce69aca0d7a032d144cbd088b04393Torne (Richard Coles) unsigned char *val = NULL; 354f6b7aed3f7ce69aca0d7a032d144cbd088b04393Torne (Richard Coles) unsigned int valLen, i; 355f6b7aed3f7ce69aca0d7a032d144cbd088b04393Torne (Richard Coles) SECStatus rv = SECFailure; 3565c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 3575c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) ss = ssl_FindSocket(fd); 3585c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (!ss) { 3595c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) SSL_DBG(("%d: SSL[%d]: bad socket in ExportKeyingMaterial", 36051b2906e11752df6c18351cf520e30522d3b53a1Torne (Richard Coles) SSL_GETPID(), fd)); 3615c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) return SECFailure; 36209380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) } 3638abfc5808a4e34d6e03867af8bc440dee641886fTorne (Richard Coles) 3648abfc5808a4e34d6e03867af8bc440dee641886fTorne (Richard Coles) ssl_GetRecvBufLock(ss); 3655d92fedcae5e801a8b224de090094f2d9df0b54aTorne (Richard Coles) ssl_GetSSL3HandshakeLock(ss); 3667757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch 3675c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (ss->version < SSL_LIBRARY_VERSION_3_1_TLS) { 3681e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles) PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION); 369bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) ssl_ReleaseSSL3HandshakeLock(ss); 370bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) ssl_ReleaseRecvBufLock(ss); 371bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) return SECFailure; 372bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) } 3737757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch 3747757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch /* construct PRF arguments */ 3757757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch valLen = SSL3_RANDOM_LENGTH * 2; 3767757ec2eadfa2dd8ac2aeed0a4399e9b07ec38cbBen Murdoch if (hasContext) { 377bfe3590b1806e3ff18f46ee3af5d4b83078f305aTorne (Richard Coles) valLen += 2 /* PRUint16 length */ + contextLen; 3785c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 3795c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) val = PORT_Alloc(valLen); 3805c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (!val) { 3815c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) ssl_ReleaseSSL3HandshakeLock(ss); 3825c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) ssl_ReleaseRecvBufLock(ss); 3838abfc5808a4e34d6e03867af8bc440dee641886fTorne (Richard Coles) return SECFailure; 3845267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) } 3851e202183a5dc46166763171984b285173f8585e5Torne (Richard Coles) i = 0; 3865267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) 3875267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) PORT_Memcpy(val + i, &ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); 3885267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) i += SSL3_RANDOM_LENGTH; 3895267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) PORT_Memcpy(val + i, &ss->ssl3.hs.server_random.rand, SSL3_RANDOM_LENGTH); 3905267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) i += SSL3_RANDOM_LENGTH; 3915267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) 3925267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) if (hasContext) { 3938abfc5808a4e34d6e03867af8bc440dee641886fTorne (Richard Coles) val[i++] = contextLen >> 8; 3945267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) val[i++] = contextLen; 3955267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) PORT_Memcpy(val + i, context, contextLen); 3965267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) i += contextLen; 3975267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) } 3985267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) PORT_Assert(i == valLen); 3995267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) 4005267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) /* Allow TLS keying material to be exported sooner, when the master 4015267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) * secret is available and we have sent ChangeCipherSpec. 4025267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) */ 4035267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) ssl_GetSpecReadLock(ss); 4045267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) if (!ss->ssl3.cwSpec->master_secret && !ss->ssl3.cwSpec->msItem.len) { 40509380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); 40609380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) rv = SECFailure; 4075267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) } else { 4085267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) rv = ssl3_TLSPRFWithMasterSecret(ss->ssl3.cwSpec, label, labelLen, val, 4095267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) valLen, out, outLen); 41009380295ba73501a205346becac22c6978e4671dTorne (Richard Coles) } 4115267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) ssl_ReleaseSpecReadLock(ss); 4125267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) ssl_ReleaseSSL3HandshakeLock(ss); 4135267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) ssl_ReleaseRecvBufLock(ss); 4145267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) 4155267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) PORT_ZFree(val, valLen); 4165267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles) return rv; 4175267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles)} 4185267f701546148b83dfbe1d151cb184385bb5c22Torne (Richard Coles)