summaryrefslogtreecommitdiffstats
path: root/security/nss/cpputil
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2020-01-02 21:06:40 +0100
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-01-02 21:06:40 +0100
commitf4a12fc67689a830e9da1c87fd11afe5bc09deb3 (patch)
tree211ae0cd022a6c11b0026ecc7761a550c584583c /security/nss/cpputil
parentf7d30133221896638f7bf4f66c504255c4b14f48 (diff)
downloadUXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.gz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.lz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.tar.xz
UXP-f4a12fc67689a830e9da1c87fd11afe5bc09deb3.zip
Issue #1338 - Part 2: Update NSS to 3.48-RTM
Diffstat (limited to 'security/nss/cpputil')
-rw-r--r--security/nss/cpputil/freebl_scoped_ptrs.h33
-rw-r--r--security/nss/cpputil/nss_scoped_ptrs.h40
-rw-r--r--security/nss/cpputil/scoped_ptrs_smime.h34
-rw-r--r--security/nss/cpputil/scoped_ptrs_ssl.h6
-rw-r--r--security/nss/cpputil/scoped_ptrs_util.h6
-rw-r--r--security/nss/cpputil/tls_parser.h29
6 files changed, 135 insertions, 13 deletions
diff --git a/security/nss/cpputil/freebl_scoped_ptrs.h b/security/nss/cpputil/freebl_scoped_ptrs.h
new file mode 100644
index 000000000..2f21ca903
--- /dev/null
+++ b/security/nss/cpputil/freebl_scoped_ptrs.h
@@ -0,0 +1,33 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef freebl_scoped_ptrs_h__
+#define freebl_scoped_ptrs_h__
+
+#include <memory>
+#include "blapi.h"
+
+struct ScopedDelete {
+ void operator()(CMACContext* ctx) { CMAC_Destroy(ctx, PR_TRUE); }
+};
+
+template <class T>
+struct ScopedMaybeDelete {
+ void operator()(T* ptr) {
+ if (ptr) {
+ ScopedDelete del;
+ del(ptr);
+ }
+ }
+};
+
+#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDelete<x> > Scoped##x
+
+SCOPED(CMACContext);
+
+#undef SCOPED
+
+#endif // freebl_scoped_ptrs_h__
diff --git a/security/nss/cpputil/nss_scoped_ptrs.h b/security/nss/cpputil/nss_scoped_ptrs.h
index 03979f2c5..501f9dfe8 100644
--- a/security/nss/cpputil/nss_scoped_ptrs.h
+++ b/security/nss/cpputil/nss_scoped_ptrs.h
@@ -11,21 +11,30 @@
#include "cert.h"
#include "keyhi.h"
#include "p12.h"
+#include "pk11pqg.h"
#include "pk11pub.h"
#include "pkcs11uri.h"
+#include "secmod.h"
struct ScopedDelete {
void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
void operator()(CERTCertificateList* list) {
CERT_DestroyCertificateList(list);
}
+ void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
void operator()(CERTName* name) { CERT_DestroyName(name); }
void operator()(CERTCertList* list) { CERT_DestroyCertList(list); }
void operator()(CERTSubjectPublicKeyInfo* spki) {
SECKEY_DestroySubjectPublicKeyInfo(spki);
}
+ void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
+ void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
void operator()(PK11SlotInfo* slot) { PK11_FreeSlot(slot); }
+ void operator()(PK11SlotList* slots) { PK11_FreeSlotList(slots); }
void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); }
+ void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
+ void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
+ void operator()(PQGParams* pqg) { PK11_PQG_DestroyParams(pqg); }
void operator()(PRFileDesc* fd) { PR_Close(fd); }
void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); }
void operator()(SECKEYEncryptedPrivateKeyInfo* e) {
@@ -37,14 +46,10 @@ struct ScopedDelete {
void operator()(SECKEYPrivateKeyList* list) {
SECKEY_DestroyPrivateKeyList(list);
}
- void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
- void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
- void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
- void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
+ void operator()(SECMODModule* module) { SECMOD_DestroyModule(module); }
void operator()(SEC_PKCS12DecoderContext* dcx) {
SEC_PKCS12DecoderFinish(dcx);
}
- void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
};
template <class T>
@@ -59,27 +64,36 @@ struct ScopedMaybeDelete {
#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDelete<x> > Scoped##x
+SCOPED(CERTCertList);
SCOPED(CERTCertificate);
SCOPED(CERTCertificateList);
-SCOPED(CERTCertList);
+SCOPED(CERTDistNames);
SCOPED(CERTName);
SCOPED(CERTSubjectPublicKeyInfo);
+SCOPED(PK11Context);
+SCOPED(PK11GenericObject);
SCOPED(PK11SlotInfo);
+SCOPED(PK11SlotList);
SCOPED(PK11SymKey);
+SCOPED(PK11URI);
+SCOPED(PLArenaPool);
+SCOPED(PQGParams);
SCOPED(PRFileDesc);
SCOPED(SECAlgorithmID);
-SCOPED(SECKEYEncryptedPrivateKeyInfo);
SCOPED(SECItem);
-SCOPED(SECKEYPublicKey);
+SCOPED(SECKEYEncryptedPrivateKeyInfo);
SCOPED(SECKEYPrivateKey);
SCOPED(SECKEYPrivateKeyList);
-SCOPED(PK11URI);
-SCOPED(PLArenaPool);
-SCOPED(PK11Context);
-SCOPED(PK11GenericObject);
+SCOPED(SECKEYPublicKey);
+SCOPED(SECMODModule);
SCOPED(SEC_PKCS12DecoderContext);
-SCOPED(CERTDistNames);
#undef SCOPED
+struct StackSECItem : public SECItem {
+ StackSECItem() : SECItem({siBuffer, nullptr, 0}) {}
+ ~StackSECItem() { Reset(); }
+ void Reset() { SECITEM_FreeItem(this, PR_FALSE); }
+};
+
#endif // nss_scoped_ptrs_h__
diff --git a/security/nss/cpputil/scoped_ptrs_smime.h b/security/nss/cpputil/scoped_ptrs_smime.h
new file mode 100644
index 000000000..fc235f7eb
--- /dev/null
+++ b/security/nss/cpputil/scoped_ptrs_smime.h
@@ -0,0 +1,34 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef scoped_ptrs_smime_h__
+#define scoped_ptrs_smime_h__
+
+#include <memory>
+#include "smime.h"
+
+struct ScopedDeleteSmime {
+ void operator()(NSSCMSMessage* id) { NSS_CMSMessage_Destroy(id); }
+};
+
+template <class T>
+struct ScopedMaybeDeleteSmime {
+ void operator()(T* ptr) {
+ if (ptr) {
+ ScopedDeleteSmime del;
+ del(ptr);
+ }
+ }
+};
+
+#define SCOPED(x) \
+ typedef std::unique_ptr<x, ScopedMaybeDeleteSmime<x> > Scoped##x
+
+SCOPED(NSSCMSMessage);
+
+#undef SCOPED
+
+#endif // scoped_ptrs_smime_h__
diff --git a/security/nss/cpputil/scoped_ptrs_ssl.h b/security/nss/cpputil/scoped_ptrs_ssl.h
index 7eeae8f8f..474187540 100644
--- a/security/nss/cpputil/scoped_ptrs_ssl.h
+++ b/security/nss/cpputil/scoped_ptrs_ssl.h
@@ -11,6 +11,10 @@
#include "sslexp.h"
struct ScopedDeleteSSL {
+ void operator()(SSLAeadContext* ctx) { SSL_DestroyAead(ctx); }
+ void operator()(SSLAntiReplayContext* ctx) {
+ SSL_ReleaseAntiReplayContext(ctx);
+ }
void operator()(SSLResumptionTokenInfo* token) {
SSL_DestroyResumptionTokenInfo(token);
}
@@ -28,6 +32,8 @@ struct ScopedMaybeDeleteSSL {
#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDeleteSSL<x> > Scoped##x
+SCOPED(SSLAeadContext);
+SCOPED(SSLAntiReplayContext);
SCOPED(SSLResumptionTokenInfo);
#undef SCOPED
diff --git a/security/nss/cpputil/scoped_ptrs_util.h b/security/nss/cpputil/scoped_ptrs_util.h
index 2dbf34e1d..d0a42ee0b 100644
--- a/security/nss/cpputil/scoped_ptrs_util.h
+++ b/security/nss/cpputil/scoped_ptrs_util.h
@@ -33,7 +33,13 @@ struct ScopedMaybeDelete {
SCOPED(SECAlgorithmID);
SCOPED(SECItem);
SCOPED(PK11URI);
+SCOPED(PLArenaPool);
#undef SCOPED
+struct StackSECItem : public SECItem {
+ StackSECItem() : SECItem({siBuffer, nullptr, 0}) {}
+ ~StackSECItem() { SECITEM_FreeItem(this, PR_FALSE); }
+};
+
#endif // scoped_ptrs_util_h__
diff --git a/security/nss/cpputil/tls_parser.h b/security/nss/cpputil/tls_parser.h
index cd9e28fc3..05dd99fc8 100644
--- a/security/nss/cpputil/tls_parser.h
+++ b/security/nss/cpputil/tls_parser.h
@@ -31,6 +31,7 @@ const uint8_t kTlsHandshakeCertificateRequest = 13;
const uint8_t kTlsHandshakeCertificateVerify = 15;
const uint8_t kTlsHandshakeClientKeyExchange = 16;
const uint8_t kTlsHandshakeFinished = 20;
+const uint8_t kTlsHandshakeKeyUpdate = 24;
const uint8_t kTlsAlertWarning = 1;
const uint8_t kTlsAlertFatal = 2;
@@ -47,11 +48,13 @@ const uint8_t kTlsAlertIllegalParameter = 47;
const uint8_t kTlsAlertDecodeError = 50;
const uint8_t kTlsAlertDecryptError = 51;
const uint8_t kTlsAlertProtocolVersion = 70;
+const uint8_t kTlsAlertInsufficientSecurity = 71;
const uint8_t kTlsAlertInternalError = 80;
const uint8_t kTlsAlertInappropriateFallback = 86;
const uint8_t kTlsAlertMissingExtension = 109;
const uint8_t kTlsAlertUnsupportedExtension = 110;
const uint8_t kTlsAlertUnrecognizedName = 112;
+const uint8_t kTlsAlertCertificateRequired = 116;
const uint8_t kTlsAlertNoApplicationProtocol = 120;
const uint8_t kTlsFakeChangeCipherSpec[] = {
@@ -80,6 +83,32 @@ inline std::ostream& operator<<(std::ostream& os, SSLProtocolVariant v) {
return os << ((v == ssl_variant_stream) ? "TLS" : "DTLS");
}
+inline std::ostream& operator<<(std::ostream& os, SSLContentType v) {
+ switch (v) {
+ case ssl_ct_change_cipher_spec:
+ return os << "CCS";
+ case ssl_ct_alert:
+ return os << "alert";
+ case ssl_ct_handshake:
+ return os << "handshake";
+ case ssl_ct_application_data:
+ return os << "application data";
+ case ssl_ct_ack:
+ return os << "ack";
+ }
+ return os << "UNKNOWN content type " << static_cast<int>(v);
+}
+
+inline std::ostream& operator<<(std::ostream& os, SSLSecretDirection v) {
+ switch (v) {
+ case ssl_secret_read:
+ return os << "read";
+ case ssl_secret_write:
+ return os << "write";
+ }
+ return os << "UNKNOWN secret direction " << static_cast<int>(v);
+}
+
inline bool IsDtls(uint16_t version) { return (version & 0x8000) == 0x8000; }
inline uint16_t NormalizeTlsVersion(uint16_t version) {