summaryrefslogtreecommitdiffstats
path: root/security/manager/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager/ssl')
-rw-r--r--security/manager/ssl/nsISSLStatus.idl4
-rw-r--r--security/manager/ssl/nsNSSCallbacks.cpp96
-rw-r--r--security/manager/ssl/nsNSSIOLayer.cpp4
-rw-r--r--security/manager/ssl/nsSSLStatus.cpp42
-rw-r--r--security/manager/ssl/nsSSLStatus.h2
5 files changed, 147 insertions, 1 deletions
diff --git a/security/manager/ssl/nsISSLStatus.idl b/security/manager/ssl/nsISSLStatus.idl
index f5c56a8cf..52cb1df30 100644
--- a/security/manager/ssl/nsISSLStatus.idl
+++ b/security/manager/ssl/nsISSLStatus.idl
@@ -15,6 +15,10 @@ interface nsISSLStatus : nsISupports {
readonly attribute ACString cipherName;
readonly attribute unsigned long keyLength;
readonly attribute unsigned long secretKeyLength;
+ [must_use]
+ readonly attribute ACString keaGroupName;
+ [must_use]
+ readonly attribute ACString signatureSchemeName;
const short SSL_VERSION_3 = 0;
const short TLS_VERSION_1 = 1;
diff --git a/security/manager/ssl/nsNSSCallbacks.cpp b/security/manager/ssl/nsNSSCallbacks.cpp
index e28760d5f..941101265 100644
--- a/security/manager/ssl/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/nsNSSCallbacks.cpp
@@ -848,6 +848,99 @@ PK11PasswordPrompt(PK11SlotInfo* slot, PRBool /*retry*/, void* arg)
return runnable->mResult;
}
+static nsCString
+getKeaGroupName(uint32_t aKeaGroup)
+{
+ nsCString groupName;
+ switch (aKeaGroup) {
+ case ssl_grp_ec_secp256r1:
+ groupName = NS_LITERAL_CSTRING("P256");
+ break;
+ case ssl_grp_ec_secp384r1:
+ groupName = NS_LITERAL_CSTRING("P384");
+ break;
+ case ssl_grp_ec_secp521r1:
+ groupName = NS_LITERAL_CSTRING("P521");
+ break;
+ case ssl_grp_ec_curve25519:
+ groupName = NS_LITERAL_CSTRING("x25519");
+ break;
+ case ssl_grp_ffdhe_2048:
+ groupName = NS_LITERAL_CSTRING("FF 2048");
+ break;
+ case ssl_grp_ffdhe_3072:
+ groupName = NS_LITERAL_CSTRING("FF 3072");
+ break;
+ case ssl_grp_none:
+ groupName = NS_LITERAL_CSTRING("none");
+ break;
+ case ssl_grp_ffdhe_custom:
+ groupName = NS_LITERAL_CSTRING("custom");
+ break;
+ // All other groups are not enabled in Firefox. See namedGroups in
+ // nsNSSIOLayer.cpp.
+ default:
+ // This really shouldn't happen!
+ MOZ_ASSERT_UNREACHABLE("Invalid key exchange group.");
+ groupName = NS_LITERAL_CSTRING("unknown group");
+ }
+ return groupName;
+}
+
+static nsCString
+getSignatureName(uint32_t aSignatureScheme)
+{
+ nsCString signatureName;
+ switch (aSignatureScheme) {
+ case ssl_sig_none:
+ signatureName = NS_LITERAL_CSTRING("none");
+ break;
+ case ssl_sig_rsa_pkcs1_sha1:
+ signatureName = NS_LITERAL_CSTRING("RSA-PKCS1-SHA1");
+ break;
+ case ssl_sig_rsa_pkcs1_sha256:
+ signatureName = NS_LITERAL_CSTRING("RSA-PKCS1-SHA256");
+ break;
+ case ssl_sig_rsa_pkcs1_sha384:
+ signatureName = NS_LITERAL_CSTRING("RSA-PKCS1-SHA384");
+ break;
+ case ssl_sig_rsa_pkcs1_sha512:
+ signatureName = NS_LITERAL_CSTRING("RSA-PKCS1-SHA512");
+ break;
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ signatureName = NS_LITERAL_CSTRING("ECDSA-P256-SHA256");
+ break;
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ signatureName = NS_LITERAL_CSTRING("ECDSA-P384-SHA384");
+ break;
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ signatureName = NS_LITERAL_CSTRING("ECDSA-P521-SHA512");
+ break;
+ case ssl_sig_rsa_pss_sha256:
+ signatureName = NS_LITERAL_CSTRING("RSA-PSS-SHA256");
+ break;
+ case ssl_sig_rsa_pss_sha384:
+ signatureName = NS_LITERAL_CSTRING("RSA-PSS-SHA384");
+ break;
+ case ssl_sig_rsa_pss_sha512:
+ signatureName = NS_LITERAL_CSTRING("RSA-PSS-SHA512");
+ break;
+ case ssl_sig_ecdsa_sha1:
+ signatureName = NS_LITERAL_CSTRING("ECDSA-SHA1");
+ break;
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ signatureName = NS_LITERAL_CSTRING("RSA-PKCS1-SHA1MD5");
+ break;
+ // All other groups are not enabled in Firefox. See sEnabledSignatureSchemes
+ // in nsNSSIOLayer.cpp.
+ default:
+ // This really shouldn't happen!
+ MOZ_ASSERT_UNREACHABLE("Invalid signature scheme.");
+ signatureName = NS_LITERAL_CSTRING("unknown signature");
+ }
+ return signatureName;
+}
+
// call with shutdown prevention lock held
static void
PreliminaryHandshakeDone(PRFileDesc* fd)
@@ -874,6 +967,9 @@ PreliminaryHandshakeDone(PRFileDesc* fd)
status->mHaveCipherSuiteAndProtocol = true;
status->mCipherSuite = channelInfo.cipherSuite;
status->mProtocolVersion = channelInfo.protocolVersion & 0xFF;
+ status->mKeaGroup.Assign(getKeaGroupName(channelInfo.keaGroup));
+ status->mSignatureSchemeName.Assign(
+ getSignatureName(channelInfo.signatureScheme));
infoObject->SetKEAUsed(channelInfo.keaType);
infoObject->SetKEAKeyBits(channelInfo.keaKeyBits);
infoObject->SetMACAlgorithmUsed(cipherInfo.macAlgorithm);
diff --git a/security/manager/ssl/nsNSSIOLayer.cpp b/security/manager/ssl/nsNSSIOLayer.cpp
index 8be215308..2d49540fb 100644
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -2492,6 +2492,8 @@ loser:
return nullptr;
}
+// Please change getSignatureName in nsNSSCallbacks.cpp when changing the list
+// here.
static const SSLSignatureScheme sEnabledSignatureSchemes[] = {
ssl_sig_ecdsa_secp256r1_sha256,
ssl_sig_ecdsa_secp384r1_sha384,
@@ -2569,6 +2571,8 @@ nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
}
// Include a modest set of named groups.
+ // Please change getKeaGroupName in nsNSSCallbacks.cpp when changing the list
+ // here.
const SSLNamedGroup namedGroups[] = {
ssl_grp_ec_curve25519, ssl_grp_ec_secp256r1, ssl_grp_ec_secp384r1,
ssl_grp_ec_secp521r1, ssl_grp_ffdhe_2048, ssl_grp_ffdhe_3072
diff --git a/security/manager/ssl/nsSSLStatus.cpp b/security/manager/ssl/nsSSLStatus.cpp
index 1538b2aa7..7f9915cb2 100644
--- a/security/manager/ssl/nsSSLStatus.cpp
+++ b/security/manager/ssl/nsSSLStatus.cpp
@@ -77,6 +77,28 @@ nsSSLStatus::GetCipherName(nsACString& aCipherName)
}
NS_IMETHODIMP
+nsSSLStatus::GetKeaGroupName(nsACString& aKeaGroup)
+{
+ if (!mHaveCipherSuiteAndProtocol) {
+ return NS_ERROR_NOT_AVAILABLE;
+ }
+
+ aKeaGroup.Assign(mKeaGroup);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsSSLStatus::GetSignatureSchemeName(nsACString& aSignatureScheme)
+{
+ if (!mHaveCipherSuiteAndProtocol) {
+ return NS_ERROR_NOT_AVAILABLE;
+ }
+
+ aSignatureScheme.Assign(mSignatureSchemeName);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
nsSSLStatus::GetProtocolVersion(uint16_t* aProtocolVersion)
{
NS_ENSURE_ARG_POINTER(aProtocolVersion);
@@ -194,6 +216,15 @@ nsSSLStatus::Read(nsIObjectInputStream* aStream)
NS_ENSURE_SUCCESS(rv, rv);
}
+ // Added in version 2 (see bug 1304923).
+ if (streamFormatVersion >= 2) {
+ rv = aStream->ReadCString(mKeaGroup);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = aStream->ReadCString(mSignatureSchemeName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+
return NS_OK;
}
@@ -201,7 +232,7 @@ NS_IMETHODIMP
nsSSLStatus::Write(nsIObjectOutputStream* aStream)
{
// The current version of the binary stream format.
- const uint8_t STREAM_FORMAT_VERSION = 1;
+ const uint8_t STREAM_FORMAT_VERSION = 2;
nsresult rv = aStream->WriteCompoundObject(mServerCert,
NS_GET_IID(nsIX509Cert),
@@ -237,6 +268,13 @@ nsSSLStatus::Write(nsIObjectOutputStream* aStream)
rv = aStream->Write16(mCertificateTransparencyStatus);
NS_ENSURE_SUCCESS(rv, rv);
+ // Added in version 2.
+ rv = aStream->WriteStringZ(mKeaGroup.get());
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = aStream->WriteStringZ(mSignatureSchemeName.get());
+ NS_ENSURE_SUCCESS(rv, rv);
+
return NS_OK;
}
@@ -300,6 +338,8 @@ nsSSLStatus::nsSSLStatus()
, mProtocolVersion(0)
, mCertificateTransparencyStatus(nsISSLStatus::
CERTIFICATE_TRANSPARENCY_NOT_APPLICABLE)
+, mKeaGroup()
+, mSignatureSchemeName()
, mIsDomainMismatch(false)
, mIsNotValidAtThisTime(false)
, mIsUntrusted(false)
diff --git a/security/manager/ssl/nsSSLStatus.h b/security/manager/ssl/nsSSLStatus.h
index 2a8343407..74f9d0f01 100644
--- a/security/manager/ssl/nsSSLStatus.h
+++ b/security/manager/ssl/nsSSLStatus.h
@@ -50,6 +50,8 @@ public:
uint16_t mCipherSuite;
uint16_t mProtocolVersion;
uint16_t mCertificateTransparencyStatus;
+ nsCString mKeaGroup;
+ nsCString mSignatureSchemeName;
bool mIsDomainMismatch;
bool mIsNotValidAtThisTime;