diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -3673,24 +3673,22 @@ ssl3_ComputeMasterSecretInt(sslSocket *s
PRBool isDH = (PRBool) ((ss->ssl3.hs.kea_def->exchKeyType == kt_dh) ||
(ss->ssl3.hs.kea_def->exchKeyType == kt_ecdh));
CK_MECHANISM_TYPE master_derive;
CK_MECHANISM_TYPE key_derive;
SECItem params;
CK_FLAGS keyFlags;
CK_VERSION pms_version;
CK_VERSION *pms_version_ptr = NULL;
- /* master_params may be used as a CK_SSL3_MASTER_KEY_DERIVE_PARAMS */
- CK_TLS12_MASTER_KEY_DERIVE_PARAMS master_params;
- unsigned int master_params_len;
+ CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params;
if (isTLS12) {
- if(isDH) master_derive = CKM_TLS12_MASTER_KEY_DERIVE_DH;
- else master_derive = CKM_TLS12_MASTER_KEY_DERIVE;
- key_derive = CKM_TLS12_KEY_AND_MAC_DERIVE;
+ if(isDH) master_derive = CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256;
+ else master_derive = CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256;
+ key_derive = CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256;
keyFlags = CKF_SIGN | CKF_VERIFY;
} else if (isTLS) {
if(isDH) master_derive = CKM_TLS_MASTER_KEY_DERIVE_DH;
else master_derive = CKM_TLS_MASTER_KEY_DERIVE;
key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
keyFlags = CKF_SIGN | CKF_VERIFY;
} else {
if (isDH) master_derive = CKM_SSL3_MASTER_KEY_DERIVE_DH;
@@ -3703,26 +3701,19 @@ ssl3_ComputeMasterSecretInt(sslSocket *s
pms_version_ptr = &pms_version;
}
master_params.pVersion = pms_version_ptr;
master_params.RandomInfo.pClientRandom = cr;
master_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
master_params.RandomInfo.pServerRandom = sr;
master_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
- if (isTLS12) {
- master_params.prfHashMechanism = CKM_SHA256;
- master_params_len = sizeof(CK_TLS12_MASTER_KEY_DERIVE_PARAMS);
- } else {
- /* prfHashMechanism is not relevant with this PRF */
- master_params_len = sizeof(CK_SSL3_MASTER_KEY_DERIVE_PARAMS);
- }
params.data = (unsigned char *) &master_params;
- params.len = master_params_len;
+ params.len = sizeof master_params;
return ssl3_ComputeMasterSecretFinish(ss, master_derive, key_derive,
pms_version_ptr, ¶ms,
keyFlags, pms, msp);
}
/* Compute the draft-ietf-tls-session-hash master
** secret and return it in |*msp|.
@@ -3891,19 +3882,17 @@ ssl3_DeriveConnectionKeysPKCS11(sslSocke
PRBool isTLS12=
(PRBool)(isTLS && pwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
/* following variables used in PKCS11 path */
const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
PK11SlotInfo * slot = NULL;
PK11SymKey * symKey = NULL;
void * pwArg = ss->pkcs11PinArg;
int keySize;
- CK_TLS12_KEY_MAT_PARAMS key_material_params; /* may be used as a
- * CK_SSL3_KEY_MAT_PARAMS */
- unsigned int key_material_params_len;
+ CK_SSL3_KEY_MAT_PARAMS key_material_params;
CK_SSL3_KEY_MAT_OUT returnedKeys;
CK_MECHANISM_TYPE key_derive;
CK_MECHANISM_TYPE bulk_mechanism;
SSLCipherAlgorithm calg;
SECItem params;
PRBool skipKeysAndIVs = (PRBool)(cipher_def->calg == calg_null);
PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
@@ -3947,30 +3936,26 @@ ssl3_DeriveConnectionKeysPKCS11(sslSocke
returnedKeys.pIVClient = NULL;
returnedKeys.pIVServer = NULL;
}
calg = cipher_def->calg;
PORT_Assert( alg2Mech[calg].calg == calg);
bulk_mechanism = alg2Mech[calg].cmech;
+ params.data = (unsigned char *)&key_material_params;
+ params.len = sizeof(key_material_params);
+
if (isTLS12) {
- key_derive = CKM_TLS12_KEY_AND_MAC_DERIVE;
- key_material_params.prfHashMechanism = CKM_SHA256;
- key_material_params_len = sizeof(CK_TLS12_KEY_MAT_PARAMS);
+ key_derive = CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256;
} else if (isTLS) {
key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
- key_material_params_len = sizeof(CK_SSL3_KEY_MAT_PARAMS);
} else {
key_derive = CKM_SSL3_KEY_AND_MAC_DERIVE;
- key_material_params_len = sizeof(CK_SSL3_KEY_MAT_PARAMS);
- }
-
- params.data = (unsigned char *)&key_material_params;
- params.len = key_material_params_len;
+ }
/* CKM_SSL3_KEY_AND_MAC_DERIVE is defined to set ENCRYPT, DECRYPT, and
* DERIVE by DEFAULT */
symKey = PK11_Derive(pwSpec->master_secret, key_derive, ¶ms,
bulk_mechanism, CKA_ENCRYPT, keySize);
if (!symKey) {
ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
return SECFailure;
@@ -10841,52 +10826,26 @@ done:
}
static SECStatus
ssl3_ComputeTLSFinished(ssl3CipherSpec *spec,
PRBool isServer,
const SSL3Hashes * hashes,
TLSFinished * tlsFinished)
{
- SECStatus rv;
- CK_TLS_MAC_PARAMS tls_mac_params;
- SECItem param = {siBuffer, NULL, 0};
- PK11Context *prf_context;
- unsigned int retLen;
-
- if (!spec->master_secret || spec->bypassCiphers) {
- const char *label = isServer ? "server finished" : "client finished";
- unsigned int len = 15;
-
- return ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->u.raw,
- hashes->len, tlsFinished->verify_data,
- sizeof tlsFinished->verify_data);
- }
-
- if (spec->version < SSL_LIBRARY_VERSION_TLS_1_2) {
- tls_mac_params.prfMechanism = CKM_TLS_PRF;
- } else {
- tls_mac_params.prfMechanism = CKM_SHA256;
- }
- tls_mac_params.ulMacLength = 12;
- tls_mac_params.ulServerOrClient = isServer ? 1 : 2;
- param.data = (unsigned char *)&tls_mac_params;
- param.len = sizeof(tls_mac_params);
- prf_context = PK11_CreateContextBySymKey(CKM_TLS_MAC, CKA_SIGN,
- spec->master_secret, ¶m);
- if (!prf_context)
- return SECFailure;
-
- rv = PK11_DigestBegin(prf_context);
- rv |= PK11_DigestOp(prf_context, hashes->u.raw, hashes->len);
- rv |= PK11_DigestFinal(prf_context, tlsFinished->verify_data, &retLen,
- sizeof tlsFinished->verify_data);
- PORT_Assert(rv != SECSuccess || retLen == sizeof tlsFinished->verify_data);
-
- PK11_DestroyContext(prf_context, PR_TRUE);
+ const char * label;
+ unsigned int len;
+ SECStatus rv;
+
+ label = isServer ? "server finished" : "client finished";
+ len = 15;
+
+ rv = ssl3_TLSPRFWithMasterSecret(spec, label, len, hashes->u.raw,
+ hashes->len, tlsFinished->verify_data,
+ sizeof tlsFinished->verify_data);
return rv;
}
/* The calling function must acquire and release the appropriate
* lock (e.g., ssl_GetSpecReadLock / ssl_ReleaseSpecReadLock for
* ss->ssl3.crSpec).
*/
diff --git a/lib/ssl/ssl3ecc.c b/lib/ssl/ssl3ecc.c
--- a/lib/ssl/ssl3ecc.c
+++ b/lib/ssl/ssl3ecc.c
@@ -292,17 +292,17 @@ ssl3_SendECDHClientKeyExchange(sslSocket
rv = SECFailure;
goto loser;
}
PRINT_BUF(50, (ss, "ECDH public value:",
pubKey->u.ec.publicValue.data,
pubKey->u.ec.publicValue.len));
if (isTLS12) {
- target = CKM_TLS12_MASTER_KEY_DERIVE_DH;
+ target = CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256;
} else if (isTLS) {
target = CKM_TLS_MASTER_KEY_DERIVE_DH;
} else {
target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
}
/* Determine the PMS */
pms = PK11_PubDeriveWithKDF(privKey, svrPubKey, PR_FALSE, NULL, NULL,
@@ -383,17 +383,17 @@ ssl3_HandleECDHClientKeyExchange(sslSock
SEND_ALERT
return SECFailure; /* XXX Who sets the error code?? */
}
isTLS = (PRBool)(ss->ssl3.prSpec->version > SSL_LIBRARY_VERSION_3_0);
isTLS12 = (PRBool)(ss->ssl3.prSpec->version >= SSL_LIBRARY_VERSION_TLS_1_2);
if (isTLS12) {
- target = CKM_TLS12_MASTER_KEY_DERIVE_DH;
+ target = CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256;
} else if (isTLS) {
target = CKM_TLS_MASTER_KEY_DERIVE_DH;
} else {
target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
}
/* Determine the PMS */
pms = PK11_PubDeriveWithKDF(srvrPrivKey, &clntPubKey, PR_FALSE, NULL, NULL,
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
media
>
main-src
>
by-pkgid
>
80fa5e1138cb07f5b1e33462a61ed188
>
files
>
57
