On 03/14/2011 01:48 PM, Gil Bahat wrote:
> Hi,
>
> I'm hacking around NSS code and i'm encountering a roadblock which i
> cannot pass.
>
> here's the gist of my code:
>
> ssl_GetSpecReadLock(ss);
>
> /* M2: send the key_block from the pending cipher spec */
>
> sent = ssl3_SendRecord(ss, content_key_share, ss->ssl3.pwSpec-
>> client.write_key_item.data, ss->ssl3.pwSpec-
>> client.write_key_item.len,
> ssl_SEND_FLAG_FORCE_INTO_BUFFER);
1. My first question is 'why are you sending raw key data over an SSL
connection?'
Access to raw key data is restricted. You won't find it in the pwSpec
structure. In some cases it's not even in your process address space.
2. Why are you sending this key in particular?
If your SSL connection is successful, the client should already have
access to this key.
> if (sent < 0) {
> return (SECStatus)sent; /* error code set by ssl3_SendRecord */
> }
>
> ssl_ReleaseSpecReadLock(ss); // M2: release spec read lock
>
> /* M2: this used to be before dealing with pwSpec/cwSpec */
> sent = ssl3_SendRecord(ss, content_change_cipher_spec, &change, 1,
> ssl_SEND_FLAG_FORCE_INTO_BUFFER);
> if (sent < 0) {
> return (SECStatus)sent; /* error code set by ssl3_SendRecord */
> }
>
> /* M2: warning - once this is set, encryption starts... */
> /* swap the pending and current write specs. */
> ssl_GetSpecWriteLock(ss); /**************************************/
>
> pwSpec = ss->ssl3.pwSpec;
> pwSpec->write_seq_num.high = 0;
> pwSpec->write_seq_num.low = 0;
>
> ss->ssl3.pwSpec = ss->ssl3.cwSpec;
> ss->ssl3.cwSpec = pwSpec;
> (...)
>
> which goes into SendChangeCipherSpecs.
>
> at this stage of the SSL state machine, pwSpec has been populated long
> ago as ssl3_DeriveConnectionKeysPKCS11 has already been called from
> SendClientKeyExchange. it's also evident from the following lines that
> pwSpec is already 'primed' and ready to be exchanged with cwSpec. in
> particular if i dare place my code after the exchange, sendRecord will
> send an encrypted record.
>
> and yet... when accessing pwSpec contents - I get nothing. even with
> the speclock. What am i missing?
You are missing the key data. We don't let the application 'just have
it'. Even the SSL engine never sees that actual key data.
> Any help would be appreciated.
Trying to understand what you really want to do would help us in helping
you.
bob
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
