diff options
author | Robert Relyea <rrelyea@redhat.com> | 2015-10-02 15:40:30 -0700 |
---|---|---|
committer | Robert Relyea <rrelyea@redhat.com> | 2015-10-02 15:40:30 -0700 |
commit | d3e3053de9c5061bab2f74b5b640663206e97dd1 (patch) | |
tree | 942a903b4d7662925141be31fea4f4aa8233029f | |
parent | e9565e0bb8232e65e5cb6127071f59f69d6cba69 (diff) | |
download | nss-hg-NSS_3_21_Beta1.tar.gz |
Backed out changeset 47f3d13ffb7fNSS_3_21_Beta1
Hmm still causing build failures. Shouldn't be we are releasing on monday and I only have another hour to track this down. Back out so others can keep going.
Bug 1009429 - enhancement: Make the algorithm selection in NSS more flexible
This is patches 1 and 2 (patches 3,4,5,&6 are already in, 7 is waiting on these 2).
-rw-r--r-- | lib/ssl/ssl3con.c | 43 | ||||
-rw-r--r-- | lib/ssl/ssl3ecc.c | 99 | ||||
-rw-r--r-- | lib/util/secoid.c | 6 | ||||
-rw-r--r-- | lib/util/secoidt.h | 3 |
4 files changed, 42 insertions, 109 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c index 0f2cf936c..b79891bbd 100644 --- a/lib/ssl/ssl3con.c +++ b/lib/ssl/ssl3con.c @@ -9175,7 +9175,6 @@ ssl3_PickSignatureHashAlgorithm(sslSocket *ss, SSLSignatureAndHashAlg* out) { SSLSignType sigAlg; - PRUint32 policy; unsigned int i, j; switch (ss->ssl3.hs.kea_def->kea) { @@ -9227,18 +9226,9 @@ ssl3_PickSignatureHashAlgorithm(sslSocket *ss, for (i = 0; i < ss->ssl3.signatureAlgorithmCount; ++i) { const SSLSignatureAndHashAlg *serverPref = &ss->ssl3.signatureAlgorithms[i]; - SECOidTag hashOid; - if (serverPref->sigAlg != sigAlg) { continue; } - hashOid = ssl3_TLSHashAlgorithmToOID(serverPref->hashAlg); - if (NSS_GetAlgorithmPolicy(hashOid, &policy) == SECSuccess && - !(policy & NSS_USE_ALG_IN_SSL_KX)) { - /* We ignore hashes we don't support */ - continue; - } - for (j = 0; j < ss->ssl3.hs.numClientSigAndHash; j++) { const SSLSignatureAndHashAlg *clientPref = &ss->ssl3.hs.clientSigAndHash[j]; @@ -12696,7 +12686,6 @@ SSL_SignaturePrefSet(PRFileDesc *fd, const SSLSignatureAndHashAlg *algorithms, { sslSocket *ss; unsigned int i; - PRUint32 policy; ss = ssl_FindSocket(fd); if (!ss) { @@ -12720,14 +12709,6 @@ SSL_SignaturePrefSet(PRFileDesc *fd, const SSLSignatureAndHashAlg *algorithms, continue; } - if (NSS_GetAlgorithmPolicy(SEC_OID_SHA384, &policy) == SECSuccess && - (policy & NSS_USE_ALG_IN_SSL_KX)) { - SSL_DBG(("%d: SSL[%d]: disabled signature algorithm set %d/%d", - SSL_GETPID(), fd, algorithms[i].sigAlg, - algorithms[i].hashAlg)); - continue; - } - ss->ssl3.signatureAlgorithms[ss->ssl3.signatureAlgorithmCount++] = algorithms[i]; } @@ -12776,28 +12757,10 @@ SSL_SignatureMaxCount() { void ssl3_InitSocketPolicy(sslSocket *ss) { - PRUint32 policy; - unsigned pos = 0; - unsigned int defaultSize = PR_ARRAY_SIZE(defaultSignatureAlgorithms); - int i; - PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites); - - /* Only send the algorithms that are allowed by policy */ - for (i=0; i < defaultSize; i++) { - SECOidTag hashOid = ssl3_TLSHashAlgorithmToOID( - defaultSignatureAlgorithms[i].hashAlg); - /* This sets the default signature algorithms. - * If NSS_GetAlgorithmPolicy fails, add the algorithms anyway, - * to keep compatibility with previous NSS versions */ - if (NSS_GetAlgorithmPolicy(hashOid, &policy) != SECSuccess || - (policy & NSS_USE_ALG_IN_SSL_KX)) { - ss->ssl3.signatureAlgorithms[pos] = defaultSignatureAlgorithms[i]; - pos++; - } - /* future check the signAlg by policy as well */ - } - ss->ssl3.signatureAlgorithmCount = pos; + PORT_Memcpy(ss->ssl3.signatureAlgorithms, defaultSignatureAlgorithms, + sizeof(defaultSignatureAlgorithms)); + ss->ssl3.signatureAlgorithmCount = PR_ARRAY_SIZE(defaultSignatureAlgorithms); } /* ssl3_config_match_init must have already been called by diff --git a/lib/ssl/ssl3ecc.c b/lib/ssl/ssl3ecc.c index f3c30efde..94008a012 100644 --- a/lib/ssl/ssl3ecc.c +++ b/lib/ssl/ssl3ecc.c @@ -162,7 +162,6 @@ SECStatus ssl3_ECName2Params(PLArenaPool * arena, ECName curve, SECKEYECParams * params) { SECOidData *oidData = NULL; - PRUint32 policyFlags = 0; if ((curve <= ec_noName) || (curve >= ec_pastLastName) || ((oidData = SECOID_FindOIDByTag(ecName2OIDTag[curve])) == NULL)) { @@ -170,12 +169,6 @@ ssl3_ECName2Params(PLArenaPool * arena, ECName curve, SECKEYECParams * params) return SECFailure; } - if (NSS_GetAlgorithmPolicy(ecName2OIDTag[curve], &policyFlags) == SECFailure || - !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) { - PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); - return SECFailure; - } - SECITEM_AllocItem(arena, params, (2 + oidData->oid.len)); /* * params->data needs to contain the ASN encoding of an object ID (OID) @@ -194,7 +187,6 @@ params2ecName(SECKEYECParams * params) { SECItem oid = { siBuffer, NULL, 0}; SECOidData *oidData = NULL; - PRUint32 policyFlags = 0; ECName i; /* @@ -207,12 +199,8 @@ params2ecName(SECKEYECParams * params) oid.data = params->data + 2; if ((oidData = SECOID_FindOID(&oid)) == NULL) return ec_noName; for (i = ec_noName + 1; i < ec_pastLastName; i++) { - if (ecName2OIDTag[i] == oidData->offset) { - if (NSS_GetAlgorithmPolicy(oidData->offset, &policyFlags) == SECSuccess && - (policyFlags & NSS_USE_ALG_IN_SSL_KX)) { - return i; - } - } + if (ecName2OIDTag[i] == oidData->offset) + return i; } return ec_noName; @@ -1066,6 +1054,29 @@ ssl3_IsECCEnabled(sslSocket * ss) #define BE(n) 0, n +/* Prefabricated TLS client hello extension, Elliptic Curves List, + * offers only 3 curves, the Suite B curves, 23-25 + */ +static const PRUint8 suiteBECList[12] = { + BE(10), /* Extension type */ + BE( 8), /* octets that follow ( 3 pairs + 1 length pair) */ + BE( 6), /* octets that follow ( 3 pairs) */ + BE(23), BE(24), BE(25) +}; + +/* Prefabricated TLS client hello extension, Elliptic Curves List, + * offers curves 1-25. + */ +static const PRUint8 tlsECList[56] = { + BE(10), /* Extension type */ + BE(52), /* octets that follow (25 pairs + 1 length pair) */ + BE(50), /* octets that follow (25 pairs) */ + BE( 1), BE( 2), BE( 3), BE( 4), BE( 5), BE( 6), BE( 7), + BE( 8), BE( 9), BE(10), BE(11), BE(12), BE(13), BE(14), BE(15), + BE(16), BE(17), BE(18), BE(19), BE(20), BE(21), BE(22), BE(23), + BE(24), BE(25) +}; + static const PRUint8 ecPtFmt[6] = { BE(11), /* Extension type */ BE( 2), /* octets that follow */ @@ -1097,13 +1108,6 @@ ssl3_SuiteBOnly(sslSocket *ss) return PR_FALSE; } -#define APPEND_CURVE(curve_id) \ - if ((ecListSize < sizeof(ecList)-2) && (NSS_GetAlgorithmPolicy(ecName2OIDTag[curve_id], &policy) == SECFailure || \ - (policy & NSS_USE_ALG_IN_SSL_KX))) { \ - ecList[ecListSize++] = 0; \ - ecList[ecListSize++] = curve_id; \ - } - /* Send our "canned" (precompiled) Supported Elliptic Curves extension, * which says that we support all TLS-defined named curves. */ @@ -1113,45 +1117,25 @@ ssl3_SendSupportedCurvesXtn( PRBool append, PRUint32 maxBytes) { - PRUint8 ecList[64]; PRInt32 ecListSize = 0; - PRUint32 policy; - PRInt32 extLength; - unsigned i; + const PRUint8 *ecList = NULL; if (!ss || !ssl3_IsECCEnabled(ss)) return 0; if (ssl3_SuiteBOnly(ss)) { - APPEND_CURVE(23); - APPEND_CURVE(24); - APPEND_CURVE(25); + ecListSize = sizeof suiteBECList; + ecList = suiteBECList; } else { - for (i=1;i<=25;i++) { - APPEND_CURVE(i); - } + ecListSize = sizeof tlsECList; + ecList = tlsECList; } - extLength = 2 /* extension type */ + - 2 /* extension length */ + - 2 /* elliptic curves length */ + - ecListSize; - - if (maxBytes < extLength) { + if (maxBytes < (PRUint32)ecListSize) { return 0; } - if (append) { - SECStatus rv; - rv = ssl3_AppendHandshakeNumber(ss, ssl_elliptic_curves_xtn, 2); - if (rv != SECSuccess) - return -1; - - rv = ssl3_AppendHandshakeNumber(ss, extLength - 4, 2); - if (rv != SECSuccess) - return -1; - - rv = ssl3_AppendHandshakeVariable(ss, ecList, ecListSize, 2); + SECStatus rv = ssl3_AppendHandshake(ss, ecList, ecListSize); if (rv != SECSuccess) return -1; if (!ss->sec.isServer) { @@ -1160,29 +1144,16 @@ ssl3_SendSupportedCurvesXtn( ssl_elliptic_curves_xtn; } } - return extLength; + return ecListSize; } PRUint32 ssl3_GetSupportedECCurveMask(sslSocket *ss) { - unsigned i; - PRUint32 curves = 0; - PRUint32 policyFlags = 0; - - PORT_Assert(ec_pastLastName <= 31); - for (i = ec_noName + 1; i < ec_pastLastName; i++) { - if (NSS_GetAlgorithmPolicy(ecName2OIDTag[i], &policyFlags) == SECFailure || - !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) { - continue; - } - curves |= (1U << i); - } - if (ssl3_SuiteBOnly(ss)) { - return (curves & SSL3_SUITE_B_SUPPORTED_CURVES_MASK); + return SSL3_SUITE_B_SUPPORTED_CURVES_MASK; } - return curves; + return SSL3_ALL_SUPPORTED_CURVES_MASK; } /* Send our "canned" (precompiled) Supported Point Formats extension, diff --git a/lib/util/secoid.c b/lib/util/secoid.c index 1f0a5f653..0414c47e4 100644 --- a/lib/util/secoid.c +++ b/lib/util/secoid.c @@ -1887,14 +1887,14 @@ handleHashAlgSupport(char * envVal) *nextArg++ = '\0'; } } - notEnable = (*arg == '-') ? (NSS_USE_ALG_IN_CERT_SIGNATURE|NSS_USE_ALG_IN_SSL_KX) : 0; - if ((*arg == '+' || *arg == '-') && *++arg) { + notEnable = (*arg == '-') ? NSS_USE_ALG_IN_CERT_SIGNATURE : 0; + if ((*arg == '+' || *arg == '-') && *++arg) { int i; for (i = 1; i < SEC_OID_TOTAL; i++) { if (oids[i].desc && strstr(arg, oids[i].desc)) { xOids[i].notPolicyFlags = notEnable | - (xOids[i].notPolicyFlags & ~(NSS_USE_ALG_IN_CERT_SIGNATURE|NSS_USE_ALG_IN_SSL_KX)); + (xOids[i].notPolicyFlags & ~NSS_USE_ALG_IN_CERT_SIGNATURE); } } } diff --git a/lib/util/secoidt.h b/lib/util/secoidt.h index cc847f1a1..ff0f52765 100644 --- a/lib/util/secoidt.h +++ b/lib/util/secoidt.h @@ -470,13 +470,12 @@ struct SECOidDataStr { extensions that we don't even support */ }; -/* New Opaque extended OID table API. +/* New Opaque extended OID table API. * These are algorithm policy Flags, used with functions * NSS_SetAlgorithmPolicy & NSS_GetAlgorithmPolicy. */ #define NSS_USE_ALG_IN_CERT_SIGNATURE 0x00000001 /* CRLs and OCSP, too */ #define NSS_USE_ALG_IN_CMS_SIGNATURE 0x00000002 /* used in S/MIME */ -#define NSS_USE_ALG_IN_SSL_KX 0x00000004 /* used in SSL key exchange */ #define NSS_USE_ALG_RESERVED 0xfffffffc /* may be used in future */ /* Code MUST NOT SET or CLEAR reserved bits, and must NOT depend on them |