diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-04-25 21:33:33 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-04-25 21:33:33 +0200 |
commit | fba28f19754f62b5227650143d5441fc86d4c7d7 (patch) | |
tree | 26629d73f83543ff92a060fd7b310bb748b13173 /security/nss/lib/ssl/tls13con.h | |
parent | b4154e043bfc0d2f301d88304efc896989d650bf (diff) | |
download | UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.gz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.lz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.tar.xz UXP-fba28f19754f62b5227650143d5441fc86d4c7d7.zip |
Revert "Update NSS to 3.35-RTM"
This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.
Diffstat (limited to 'security/nss/lib/ssl/tls13con.h')
-rw-r--r-- | security/nss/lib/ssl/tls13con.h | 71 |
1 files changed, 19 insertions, 52 deletions
diff --git a/security/nss/lib/ssl/tls13con.h b/security/nss/lib/ssl/tls13con.h index 1aaffb651..92eb545b0 100644 --- a/security/nss/lib/ssl/tls13con.h +++ b/security/nss/lib/ssl/tls13con.h @@ -9,25 +9,15 @@ #ifndef __tls13con_h_ #define __tls13con_h_ -#include "sslexp.h" -#include "sslspec.h" - -typedef enum { - tls13_extension_allowed, - tls13_extension_disallowed, - tls13_extension_unknown -} tls13ExtensionStatus; - typedef enum { - update_not_requested = 0, - update_requested = 1 -} tls13KeyUpdateRequest; + StaticSharedSecret, + EphemeralSharedSecret +} SharedSecretType; #define TLS13_MAX_FINISHED_SIZE 64 SECStatus tls13_UnprotectRecord( - sslSocket *ss, ssl3CipherSpec *spec, - SSL3Ciphertext *cText, sslBuffer *plaintext, + sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *plaintext, SSL3AlertDescription *alert); #if defined(WIN32) @@ -51,14 +41,6 @@ SSLHashType tls13_GetHash(const sslSocket *ss); unsigned int tls13_GetHashSizeForHash(SSLHashType hash); unsigned int tls13_GetHashSize(const sslSocket *ss); CK_MECHANISM_TYPE tls13_GetHkdfMechanism(sslSocket *ss); -SECStatus tls13_ComputeHash(sslSocket *ss, SSL3Hashes *hashes, - const PRUint8 *buf, unsigned int len); -SECStatus tls13_ComputeHandshakeHashes(sslSocket *ss, - SSL3Hashes *hashes); -SECStatus tls13_DeriveSecretNullHash(sslSocket *ss, PK11SymKey *key, - const char *label, - unsigned int labelLen, - PK11SymKey **dest); void tls13_FatalError(sslSocket *ss, PRErrorCode prError, SSL3AlertDescription desc); SECStatus tls13_SetupClientHello(sslSocket *ss); @@ -67,30 +49,27 @@ PRInt32 tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend PRBool tls13_AllowPskCipher(const sslSocket *ss, const ssl3CipherSuiteDef *cipher_def); PRBool tls13_PskSuiteEnabled(sslSocket *ss); -SECStatus tls13_WriteExtensionsWithBinder(sslSocket *ss, sslBuffer *extensions); +SECStatus tls13_ComputePskBinder(sslSocket *ss, PRBool sending, + unsigned int prefixLength, + PRUint8 *output, unsigned int *outputLen, + unsigned int maxOutputLen); SECStatus tls13_HandleClientHelloPart2(sslSocket *ss, const SECItem *suites, - sslSessionID *sid, - const PRUint8 *msg, - unsigned int len); + sslSessionID *sid); SECStatus tls13_HandleServerHelloPart2(sslSocket *ss); SECStatus tls13_HandlePostHelloHandshakeMessage(sslSocket *ss, PRUint8 *b, - PRUint32 length); -SECStatus tls13_ConstructHelloRetryRequest(sslSocket *ss, - ssl3CipherSuite cipherSuite, - const sslNamedGroupDef *selectedGroup, - PRUint8 *cookie, - unsigned int cookieLen, - sslBuffer *buffer); -SECStatus tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *b, + PRUint32 length, + SSL3Hashes *hashesPtr); +SECStatus tls13_HandleHelloRetryRequest(sslSocket *ss, PRUint8 *b, PRUint32 length); void tls13_DestroyKeyShareEntry(TLS13KeyShareEntry *entry); void tls13_DestroyKeyShares(PRCList *list); SECStatus tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef); void tls13_DestroyEarlyData(PRCList *list); -SECStatus tls13_SetAlertCipherSpec(sslSocket *ss); -tls13ExtensionStatus tls13_ExtensionStatus(PRUint16 extension, - SSLHandshakeType message); +void tls13_CipherSpecAddRef(ssl3CipherSpec *spec); +void tls13_CipherSpecRelease(ssl3CipherSpec *spec); +void tls13_DestroyCipherSpecs(PRCList *list); +PRBool tls13_ExtensionAllowed(PRUint16 extension, SSL3HandshakeType message); SECStatus tls13_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type, @@ -98,25 +77,13 @@ SECStatus tls13_ProtectRecord(sslSocket *ss, PRUint32 contentLen, sslBuffer *wrBuf); PRInt32 tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len); +SECStatus tls13_HandleEndOfEarlyData(sslSocket *ss); SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf); PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid); PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version); +PRUint16 tls13_DecodeDraftVersion(PRUint16 version); SECStatus tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supported_versions); - -PRBool tls13_IsReplay(const sslSocket *ss, const sslSessionID *sid); -void tls13_AntiReplayRollover(PRTime now); - -SECStatus SSLExp_SetupAntiReplay(PRTime window, unsigned int k, - unsigned int bits); - -SECStatus SSLExp_HelloRetryRequestCallback(PRFileDesc *fd, - SSLHelloRetryRequestCallback cb, - void *arg); -SECStatus tls13_SendKeyUpdate(sslSocket *ss, tls13KeyUpdateRequest request, - PRBool buffer); -SECStatus SSLExp_KeyUpdate(PRFileDesc *fd, PRBool requestUpdate); -PRBool tls13_MaybeTls13(sslSocket *ss); -void tls13_SetSpecRecordVersion(sslSocket *ss, ssl3CipherSpec *spec); +SECStatus tls13_SendNewSessionTicket(sslSocket *ss); #endif /* __tls13con_h_ */ |