diff options
Diffstat (limited to 'lib/ssl/sslprimitive.c')
-rw-r--r-- | lib/ssl/sslprimitive.c | 70 |
1 files changed, 57 insertions, 13 deletions
diff --git a/lib/ssl/sslprimitive.c b/lib/ssl/sslprimitive.c index 5522f96fd..7cff599ad 100644 --- a/lib/ssl/sslprimitive.c +++ b/lib/ssl/sslprimitive.c @@ -25,9 +25,9 @@ struct SSLAeadContextStr { }; SECStatus -SSLExp_MakeAead(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *secret, - const char *labelPrefix, unsigned int labelPrefixLen, - SSLAeadContext **ctx) +SSLExp_MakeVariantAead(PRUint16 version, PRUint16 cipherSuite, SSLProtocolVariant variant, + PK11SymKey *secret, const char *labelPrefix, + unsigned int labelPrefixLen, SSLAeadContext **ctx) { SSLAeadContext *out = NULL; char label[255]; // Maximum length label. @@ -62,7 +62,7 @@ SSLExp_MakeAead(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *secret, unsigned int ivLen = cipher->iv_size + cipher->explicit_nonce_size; rv = tls13_HkdfExpandLabelRaw(secret, hash, NULL, 0, // Handshake hash. - label, labelLen, + label, labelLen, variant, out->keys.iv, ivLen); if (rv != SECSuccess) { goto loser; @@ -72,8 +72,8 @@ SSLExp_MakeAead(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *secret, labelLen = labelPrefixLen + strlen(keySuffix); rv = tls13_HkdfExpandLabel(secret, hash, NULL, 0, // Handshake hash. - label, labelLen, - out->mech, cipher->key_size, &out->keys.key); + label, labelLen, out->mech, cipher->key_size, + variant, &out->keys.key); if (rv != SECSuccess) { goto loser; } @@ -87,6 +87,14 @@ loser: } SECStatus +SSLExp_MakeAead(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *secret, + const char *labelPrefix, unsigned int labelPrefixLen, SSLAeadContext **ctx) +{ + return SSLExp_MakeVariantAead(version, cipherSuite, ssl_variant_stream, secret, + labelPrefix, labelPrefixLen, ctx); +} + +SECStatus SSLExp_DestroyAead(SSLAeadContext *ctx) { if (!ctx) { @@ -202,8 +210,17 @@ SSLExp_HkdfExtract(PRUint16 version, PRUint16 cipherSuite, SECStatus SSLExp_HkdfExpandLabel(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *prk, const PRUint8 *hsHash, unsigned int hsHashLen, - const char *label, unsigned int labelLen, - PK11SymKey **keyp) + const char *label, unsigned int labelLen, PK11SymKey **keyp) +{ + return SSLExp_HkdfVariantExpandLabel(version, cipherSuite, prk, hsHash, hsHashLen, + label, labelLen, ssl_variant_stream, keyp); +} + +SECStatus +SSLExp_HkdfVariantExpandLabel(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *prk, + const PRUint8 *hsHash, unsigned int hsHashLen, + const char *label, unsigned int labelLen, + SSLProtocolVariant variant, PK11SymKey **keyp) { if (prk == NULL || keyp == NULL || label == NULL || labelLen == 0) { @@ -219,7 +236,7 @@ SSLExp_HkdfExpandLabel(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *prk, } return tls13_HkdfExpandLabel(prk, hash, hsHash, hsHashLen, label, labelLen, tls13_GetHkdfMechanismForHash(hash), - tls13_GetHashSizeForHash(hash), keyp); + tls13_GetHashSizeForHash(hash), variant, keyp); } SECStatus @@ -229,6 +246,18 @@ SSLExp_HkdfExpandLabelWithMech(PRUint16 version, PRUint16 cipherSuite, PK11SymKe CK_MECHANISM_TYPE mech, unsigned int keySize, PK11SymKey **keyp) { + return SSLExp_HkdfVariantExpandLabelWithMech(version, cipherSuite, prk, hsHash, hsHashLen, + label, labelLen, mech, keySize, + ssl_variant_stream, keyp); +} + +SECStatus +SSLExp_HkdfVariantExpandLabelWithMech(PRUint16 version, PRUint16 cipherSuite, PK11SymKey *prk, + const PRUint8 *hsHash, unsigned int hsHashLen, + const char *label, unsigned int labelLen, + CK_MECHANISM_TYPE mech, unsigned int keySize, + SSLProtocolVariant variant, PK11SymKey **keyp) +{ if (prk == NULL || keyp == NULL || label == NULL || labelLen == 0 || mech == CKM_INVALID_MECHANISM || keySize == 0) { @@ -243,11 +272,12 @@ SSLExp_HkdfExpandLabelWithMech(PRUint16 version, PRUint16 cipherSuite, PK11SymKe return SECFailure; /* Code already set. */ } return tls13_HkdfExpandLabel(prk, hash, hsHash, hsHashLen, label, labelLen, - mech, keySize, keyp); + mech, keySize, variant, keyp); } SECStatus ssl_CreateMaskingContextInner(PRUint16 version, PRUint16 cipherSuite, + SSLProtocolVariant variant, PK11SymKey *secret, const char *label, unsigned int labelLen, @@ -283,7 +313,8 @@ ssl_CreateMaskingContextInner(PRUint16 version, PRUint16 cipherSuite, NULL, 0, // Handshake hash. label, labelLen, out->mech, - cipher->key_size, &out->secret); + cipher->key_size, variant, + &out->secret); if (rv != SECSuccess) { goto loser; } @@ -356,7 +387,7 @@ ssl_CreateMaskInner(SSLMaskingContext *ctx, const PRUint8 *sample, unsigned char zeros[128] = { 0 }; if (maskLen > sizeof(zeros)) { - PORT_SetError(SEC_ERROR_INVALID_ARGS); + PORT_SetError(SEC_ERROR_OUTPUT_LEN); return SECFailure; } @@ -413,7 +444,20 @@ SSLExp_CreateMaskingContext(PRUint16 version, PRUint16 cipherSuite, unsigned int labelLen, SSLMaskingContext **ctx) { - return ssl_CreateMaskingContextInner(version, cipherSuite, secret, label, labelLen, ctx); + return ssl_CreateMaskingContextInner(version, cipherSuite, ssl_variant_stream, secret, + label, labelLen, ctx); +} + +SECStatus +SSLExp_CreateVariantMaskingContext(PRUint16 version, PRUint16 cipherSuite, + SSLProtocolVariant variant, + PK11SymKey *secret, + const char *label, + unsigned int labelLen, + SSLMaskingContext **ctx) +{ + return ssl_CreateMaskingContextInner(version, cipherSuite, variant, secret, + label, labelLen, ctx); } SECStatus |