Closed Bug 1608892 Opened 4 years ago Closed 4 years ago

Update DTLS 1.3 to draft-34

Categories

(NSS :: Libraries, enhancement, P1)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kjacobs, Assigned: kjacobs)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1608892 - Update DTLS 1.3 to draft-34
47 bytes, text/x-phabricator-request
Details | Review

DTLS 1.3 implementation is at draft-30 as of https://hg.mozilla.org/projects/nss/rev/8b7f0180c5b05870c67fcc06338749e42863c74f

This bug tracks the next update to draft-34 (currently latest).

Priority: -- → P1

This patch updates the DTLS 1.3 implementation to draft-34. Notable changes:

  1. Key separation via ssl_protocol_variant.
  2. No longer apply sequence number masking when in UNSAFE_FUZZER_MODE. This allowed removal of workarounds for unpadded (<16B) ciphertexts being used as input to SSL_CreateMask.
  3. Compile ssl_gtests in UNSAFE_FUZZER_MODE iff --fuzz=tls was specified. Currently all gtests are compiled this way if --fuzz, but lib/ssl only if --fuzz=tls. (See above, we can't have ssl_gtests in fuzzer mode, but not lib/ssl, since the masking mismatch will break filters).
  4. Parameterize masking tests, as appropriate.
  5. Reject non-empty legacy_cookie, and test.
  6. Reject ciphertexts <16B in length in dtls13_MaskSequenceNumber (if not UNSAFE_FUZZER_MODE).

https://hg.mozilla.org/projects/nss/rev/52a75c5373ef6eaf51a38568bf9c9d2f9225813a

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.51
Blocks: dtls1.3-support
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: