Bug 1287711 - Remove RSA premaster secret from keylog file, r=mt
authorMartin Thomson <martin.thomson@gmail.com>
Tue, 03 Oct 2017 14:49:25 -0700
changeset 13621 965b5533bf61ecf85e71203fa26ab33e60bb7125
parent 13620 68da790a91ea7e1a38190b4763796419b33a4d81
child 13622 c1866d7d7f15b3ea9de3659fbd2fdaaf4f2ae273
push id2401
push usermartin.thomson@gmail.com
push dateTue, 03 Oct 2017 21:51:18 +0000
reviewersmt
bugs1287711
Bug 1287711 - Remove RSA premaster secret from keylog file, r=mt Since the master secret is logged via "CLIENT_RANDOM", there is little reason to log the RSA premaster secret. Differential Revision: https://phabricator.services.mozilla.com/D85
lib/ssl/ssl3con.c
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -6049,45 +6049,24 @@ ssl3_SendRSAClientKeyExchange(sslSocket 
 
     /* wrap pre-master secret in server's public key. */
     rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
     if (rv != SECSuccess) {
         ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
         goto loser;
     }
 
-#ifdef NSS_ALLOW_SSLKEYLOGFILE
-    if (ssl_keylog_iob) {
+#ifdef TRACE
+    if (ssl_trace >= 100) {
         SECStatus extractRV = PK11_ExtractKeyValue(pms);
         if (extractRV == SECSuccess) {
             SECItem *keyData = PK11_GetKeyData(pms);
             if (keyData && keyData->data && keyData->len) {
-#ifdef TRACE
-                if (ssl_trace >= 100) {
-                    ssl_PrintBuf(ss, "Pre-Master Secret",
-                                 keyData->data, keyData->len);
-                }
-#endif
-                if (ssl_keylog_iob && enc_pms.len >= 8 && keyData->len == 48) {
-                    /* https://developer.mozilla.org/en/NSS_Key_Log_Format */
-
-                    /* There could be multiple, concurrent writers to the
-                     * keylog, so we have to do everything in a single call to
-                     * fwrite. */
-                    char buf[4 + 8 * 2 + 1 + 48 * 2 + 1];
-
-                    strcpy(buf, "RSA ");
-                    hexEncode(buf + 4, enc_pms.data, 8);
-                    buf[20] = ' ';
-                    hexEncode(buf + 21, keyData->data, 48);
-                    buf[sizeof(buf) - 1] = '\n';
-
-                    fwrite(buf, sizeof(buf), 1, ssl_keylog_iob);
-                    fflush(ssl_keylog_iob);
-                }
+                ssl_PrintBuf(ss, "Pre-Master Secret",
+                             keyData->data, keyData->len);
             }
         }
     }
 #endif
 
     rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
                                     isTLS ? enc_pms.len + 2
                                           : enc_pms.len);