diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-02-27 02:39:11 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-02-27 02:39:11 +0000 |
commit | b0a0fdd8f4f847d0942e9a7f8464a7fb8ae94921 (patch) | |
tree | db74fa44036bbdbc682182bae76e1ede3251343c /lib/ssl/sslsock.c | |
parent | 820bb50cd59efe8dd9e8836b5019aeda3c113de0 (diff) | |
download | nss-hg-b0a0fdd8f4f847d0942e9a7f8464a7fb8ae94921.tar.gz |
Bug 1608892 - Update DTLS 1.3 to draft-34 r=mt
This patch updates the DTLS 1.3 implementation to draft-34. Notable changes:
1) Key separation via `ssl_protocol_variant`.
2) No longer apply sequence number masking when in `UNSAFE_FUZZER_MODE`. This allowed removal of workarounds for unpadded (<16B) ciphertexts being used as input to `SSL_CreateMask`.
3) Compile ssl_gtests in `UNSAFE_FUZZER_MODE` iff `--fuzz=tls` was specified. Currently all gtests are compiled this way if `--fuzz`, but lib/ssl only if `--fuzz=tls`. (See above, we can't have ssl_gtests in fuzzer mode, but not lib/ssl, since the masking mismatch will break filters).
4) Parameterize masking tests, as appropriate.
5) Reject non-empty legacy_cookie, and test.
6) Reject ciphertexts <16B in length in `dtls13_MaskSequenceNumber` (if not `UNSAFE_FUZZER_MODE`).
Differential Revision: https://phabricator.services.mozilla.com/D62488
Diffstat (limited to 'lib/ssl/sslsock.c')
-rw-r--r-- | lib/ssl/sslsock.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c index 581f0c467..cf77c187b 100644 --- a/lib/ssl/sslsock.c +++ b/lib/ssl/sslsock.c @@ -4222,6 +4222,7 @@ struct { EXP(CreateAntiReplayContext), EXP(CreateMask), EXP(CreateMaskingContext), + EXP(CreateVariantMaskingContext), EXP(DelegateCredential), EXP(DestroyAead), EXP(DestroyMaskingContext), @@ -4236,8 +4237,11 @@ struct { EXP(HkdfExtract), EXP(HkdfExpandLabel), EXP(HkdfExpandLabelWithMech), + EXP(HkdfVariantExpandLabel), + EXP(HkdfVariantExpandLabelWithMech), EXP(KeyUpdate), EXP(MakeAead), + EXP(MakeVariantAead), EXP(RecordLayerData), EXP(RecordLayerWriteCallback), EXP(ReleaseAntiReplayContext), |