diff options
| author | Stephen Farrell <stephen.farrell@cs.tcd.ie> | 2021-02-23 11:07:23 +1100 |
|---|---|---|
| committer | Stephen Farrell <stephen.farrell@cs.tcd.ie> | 2021-02-23 11:07:23 +1100 |
| commit | 4ee17e5dea231a3b3148560f8229edde3b4a5b89 (patch) | |
| tree | f4d69613105ab34886e708a88e154dd8ce6eb2c8 | |
| parent | fbd4c6c38563384010229190b57a485ef670eaee (diff) | |
| download | nss-hg-4ee17e5dea231a3b3148560f8229edde3b4a5b89.tar.gz | |
Bug 1694291 - Tracing fixes for ECH, r=mt
| -rw-r--r-- | lib/ssl/tls13ech.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/ssl/tls13ech.c b/lib/ssl/tls13ech.c index 7b6c2f0a4..f1ffffb2f 100644 --- a/lib/ssl/tls13ech.c +++ b/lib/ssl/tls13ech.c @@ -788,6 +788,8 @@ tls13_ClientSetupEch(sslSocket *ss, sslClientHelloType type) PORT_Memset(&hpkeInfo.data[strlen(kHpkeInfoEch)], 0, 1); PORT_Memcpy(&hpkeInfo.data[strlen(kHpkeInfoEch) + 1], cfg->raw.data, cfg->raw.len); + PRINT_BUF(50, (ss, "Info", hpkeInfo.data, hpkeInfo.len)); + /* Setup with an ephemeral sender keypair. */ rv = PK11_HPKE_SetupS(cx, NULL, NULL, pkR, &hpkeInfo); if (rv != SECSuccess) { @@ -852,6 +854,8 @@ tls13_EncryptClientHello(sslSocket *ss, sslBuffer *outerAAD, sslBuffer *chInner) SSL_TRC(50, ("%d: TLS13[%d]: Encrypting Client Hello Inner", SSL_GETPID(), ss->fd)); + PRINT_BUF(50, (ss, "aad", outerAAD->buf, outerAAD->len)); + PRINT_BUF(50, (ss, "inner", chInner->buf, chInner->len)); hpkeEnc = PK11_HPKE_GetEncapPubKey(ss->ssl3.hs.echHpkeCtx); if (!hpkeEnc) { @@ -864,6 +868,7 @@ tls13_EncryptClientHello(sslSocket *ss, sslBuffer *outerAAD, sslBuffer *chInner) if (rv != SECSuccess) { goto loser; } + PRINT_BUF(50, (ss, "cipher", chCt->data, chCt->len)); #else /* Fake a tag. */ SECITEM_AllocItem(NULL, chCt, chPt.len + 16); @@ -1206,7 +1211,7 @@ tls13_ConstructInnerExtensionsFromOuter(sslSocket *ss, sslBuffer *chOuterXtnsBuf unsigned int tmpLen; unsigned int srcXtnBase; /* To truncate CHOuter and remove the PSK extension. */ SSL_TRC(50, ("%d: TLS13[%d]: Constructing ECH inner extensions %s compression", - SSL_GETPID(), compress ? "with" : "without")); + SSL_GETPID(), ss->fd, compress ? "with" : "without")); /* When offering the "encrypted_client_hello" extension in its * ClientHelloOuter, the client MUST also offer an empty @@ -1435,7 +1440,8 @@ tls13_ConstructClientHelloWithEch(sslSocket *ss, const sslSessionID *sid, PRBool unsigned int preambleLen; const SECItem *hpkeEnc = NULL; unsigned int savedOffset; - SSL_TRC(50, ("%d: TLS13[%d]: Constructing ECH inner", SSL_GETPID())); + + SSL_TRC(50, ("%d: TLS13[%d]: Constructing ECH inner", SSL_GETPID(), ss->fd)); /* Create the full (uncompressed) inner extensions and steal any PSK extension. * NB: Neither chOuterXtnsBuf nor chInnerXtns are length-prefixed. */ |