summaryrefslogtreecommitdiffstats
path: root/nss/lib/ssl/tls13con.c
diff options
context:
space:
mode:
Diffstat (limited to 'nss/lib/ssl/tls13con.c')
-rw-r--r--nss/lib/ssl/tls13con.c76
1 files changed, 40 insertions, 36 deletions
diff --git a/nss/lib/ssl/tls13con.c b/nss/lib/ssl/tls13con.c
index 2a3b899..d7dda94 100644
--- a/nss/lib/ssl/tls13con.c
+++ b/nss/lib/ssl/tls13con.c
@@ -3580,11 +3580,11 @@ static SECStatus
tls13_SendCompressedCertificate(sslSocket *ss, sslBuffer *bufferCertificate)
{
/* TLS Certificate Compression. RFC 8879 */
- /* As the encoding function takes as input a SECItem,
+ /* As the encoding function takes as input a SECItem,
* we convert bufferCertificate to certificateToEncode.
*
- * encodedCertificate is used to store the certificate
- * after encoding.
+ * encodedCertificate is used to store the certificate
+ * after encoding.
*/
SECItem encodedCertificate = { siBuffer, NULL, 0 };
SECItem certificateToEncode = { siBuffer, NULL, 0 };
@@ -3618,12 +3618,12 @@ tls13_SendCompressedCertificate(sslSocket *ss, sslBuffer *bufferCertificate)
}
/* The CompressedCertificate message is formed as follows:
- * struct {
- * CertificateCompressionAlgorithm algorithm;
- * uint24 uncompressed_length;
- * opaque compressed_certificate_message<1..2^24-1>;
- * } CompressedCertificate;
- */
+ * struct {
+ * CertificateCompressionAlgorithm algorithm;
+ * uint24 uncompressed_length;
+ * opaque compressed_certificate_message<1..2^24-1>;
+ * } CompressedCertificate;
+ */
if (encodedCertificate.len < 1) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
@@ -3764,7 +3764,7 @@ tls13_SendCertificate(sslSocket *ss)
}
}
- /* If no compression mechanism was established or
+ /* If no compression mechanism was established or
* the compression mechanism supports only decoding,
* we continue as before. */
if (ss->xtnData.compressionAlg == 0 || !tls13_FindCompressionAlgAndCheckIfSupportsEncoding(ss)) {
@@ -3921,7 +3921,8 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
}
PRBool compressionAlgorithmIsSupported = PR_FALSE;
- SECStatus (*certificateDecodingFunc)(const SECItem *, SECItem *, size_t) = NULL;
+ SECStatus (*certificateDecodingFunc)(const SECItem *,
+ unsigned char *output, size_t outputLen, size_t *usedLen) = NULL;
for (int i = 0; i < ss->ssl3.supportedCertCompressionAlgorithmsCount; i++) {
if (ss->ssl3.supportedCertCompressionAlgorithms[i].id == compressionAlg) {
compressionAlgorithmIsSupported = PR_TRUE;
@@ -3946,16 +3947,16 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
SSL_TRC(30, ("%d: TLS13[%d]: %s is decoding the certificate using the %s compression algorithm",
SSL_GETPID(), ss->fd, SSL_ROLE(ss),
ssl3_mapCertificateCompressionAlgorithmToName(ss, compressionAlg)));
- PRUint32 decodedCertificateLen = 0;
- rv = ssl3_ConsumeHandshakeNumber(ss, &decodedCertificateLen, 3, &b, &length);
+ PRUint32 decodedCertLen = 0;
+ rv = ssl3_ConsumeHandshakeNumber(ss, &decodedCertLen, 3, &b, &length);
if (rv != SECSuccess) {
return SECFailure; /* alert has been sent */
}
/* If the received CompressedCertificate message cannot be decompressed,
- * he connection MUST be terminated with the "bad_certificate" alert.
+ * he connection MUST be terminated with the "bad_certificate" alert.
*/
- if (decodedCertificateLen == 0) {
+ if (decodedCertLen == 0) {
SSL_TRC(50, ("%d: TLS13[%d]: %s decoded certificate length is incorrect",
SSL_GETPID(), ss->fd, SSL_ROLE(ss),
ssl3_mapCertificateCompressionAlgorithmToName(ss, compressionAlg)));
@@ -3964,25 +3965,28 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
}
/* opaque compressed_certificate_message<1..2^24-1>; */
- PRUint32 compressedCertificateMessageLen = 0;
- rv = ssl3_ConsumeHandshakeNumber(ss, &compressedCertificateMessageLen, 3, &b, &length);
+ PRUint32 compressedCertLen = 0;
+ rv = ssl3_ConsumeHandshakeNumber(ss, &compressedCertLen, 3, &b, &length);
if (rv != SECSuccess) {
return SECFailure; /* alert has been sent */
}
- if (compressedCertificateMessageLen == 0 || compressedCertificateMessageLen != length) {
+ if (compressedCertLen == 0 || compressedCertLen != length) {
FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERTIFICATE, bad_certificate);
return SECFailure;
}
/* Decoding received certificate. */
- SECItem decodedCertificate = { siBuffer, NULL, 0 };
+ PRUint8 *decodedCert = PORT_ZAlloc(decodedCertLen);
+ if (!decodedCert) {
+ return SECFailure;
+ }
- SECItem encodedCertAsSecItem;
- SECITEM_MakeItem(NULL, &encodedCertAsSecItem, b, compressedCertificateMessageLen);
+ size_t actualCertLen = 0;
- rv = certificateDecodingFunc(&encodedCertAsSecItem, &decodedCertificate, decodedCertificateLen);
- SECITEM_FreeItem(&encodedCertAsSecItem, PR_FALSE);
+ SECItem encodedCertAsSecItem = { siBuffer, b, compressedCertLen };
+ rv = certificateDecodingFunc(&encodedCertAsSecItem,
+ decodedCert, decodedCertLen, &actualCertLen);
if (rv != SECSuccess) {
SSL_TRC(50, ("%d: TLS13[%d]: %s decoding of the certificate has failed",
@@ -3991,15 +3995,15 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERTIFICATE, bad_certificate);
goto loser;
}
- PRINT_BUF(60, (ss, "consume bytes:", b, compressedCertificateMessageLen));
- *b += compressedCertificateMessageLen;
- length -= compressedCertificateMessageLen;
+ PRINT_BUF(60, (ss, "consume bytes:", b, compressedCertLen));
+ *b += compressedCertLen;
+ length -= compressedCertLen;
- /* If, after decompression, the specified length does not match the actual length,
- * the party receiving the invalid message MUST abort the connection
- * with the "bad_certificate" alert.
+ /* If, after decompression, the specified length does not match the actual length,
+ * the party receiving the invalid message MUST abort the connection
+ * with the "bad_certificate" alert.
*/
- if (decodedCertificateLen != decodedCertificate.len) {
+ if (actualCertLen != decodedCertLen) {
SSL_TRC(50, ("%d: TLS13[%d]: %s certificate length does not correspond to extension length",
SSL_GETPID(), ss->fd, SSL_ROLE(ss),
ssl3_mapCertificateCompressionAlgorithmToName(ss, compressionAlg)));
@@ -4008,7 +4012,7 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
}
PRINT_BUF(50, (NULL, "Decoded certificate",
- decodedCertificate.data, decodedCertificate.len));
+ decodedCert, decodedCertLen));
/* compressed_certificate_message: The result of applying the indicated
* compression algorithm to the encoded Certificate message that
@@ -4019,19 +4023,19 @@ tls13_HandleCertificateDecode(sslSocket *ss, PRUint8 *b, PRUint32 length)
* the verification have the same security properties as they would have
* in TLS normally.
*/
- rv = tls13_HandleCertificate(ss, decodedCertificate.data, decodedCertificate.len, PR_TRUE);
+ rv = tls13_HandleCertificate(ss, decodedCert, decodedCertLen, PR_TRUE);
if (rv != SECSuccess) {
goto loser;
}
- /* We allow only one compressed certificate to be handled after each
- certificate compression advertisement.
+ /* We allow only one compressed certificate to be handled after each
+ certificate compression advertisement.
See test CertificateCompression_TwoEncodedCertificateRequests. */
ss->xtnData.certificateCompressionAdvertised = PR_FALSE;
- SECITEM_FreeItem(&decodedCertificate, PR_FALSE);
+ PORT_Free(decodedCert);
return SECSuccess;
loser:
- SECITEM_FreeItem(&decodedCertificate, PR_FALSE);
+ PORT_Free(decodedCert);
return SECFailure;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-17 12:23:39 +0000