New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 639495 link

Starred by 4 users
Status: Fixed
Owner:
davidben@chromium.org
Closed: Oct 2016
Cc:
lgar...@chromium.org
dgozman@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocked on:
issue 618035
issue boringssl:77
Blocking:
issue 630147



Sign in to add a comment

Update DevTools and Android connection tab for TLS 1.3 cipher negotiation

Project Member Reported by davidben@chromium.org, Aug 19 2016 
Once we implement the TLS 1.3 cipher negotiation, we'll need to make sure both DevTools, the Android connection tab, and other consumers of the cipher suite strings API all handle this properly.

The current plan for DevTools is to show "Key Exchange" and "Key Exchange Group" as separate fields and just one or the other may be missing.

The Android tab we'll have to figure something out. That's done as one string, so the optional fields may be tricky.

Comment 1 by davidben@chromium.org, Aug 19 2016 

Also once this happens, QUIC no longer needs to lie about the cipher and always say ECDHE_RSA even if it's an ECDSA certificate.

Comment 2 by tkonch...@chromium.org, Aug 22 2016

Components: Platform>DevTools

Comment 3 by lushnikov@chromium.org, Aug 26 2016

Owner: dgozman@chromium.org
Status: Assigned (was: Untriaged)

Comment 4 by davidben@chromium.org, Aug 26 2016

Cc: dgozman@chromium.org
Components: Internals>Network>SSL
Owner: davidben@chromium.org
This is currently blocking on some TLS 1.3 work in BoringSSL and a CL I have in flight. I suspect it'll want to be something that one of us TLS 1.3 folks do with you all reviewing.

On that note, this ought to have the SSL label.

Comment 5 by lgar...@chromium.org, Aug 26 2016

Cc: lgar...@chromium.org
Project Member

Comment 6 by bugdroid1@chromium.org, Oct 13 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0f3127d8ff177305fe9992e87b4f096598fb787a

commit 0f3127d8ff177305fe9992e87b4f096598fb787a
Author: davidben <davidben@chromium.org>
Date: Thu Oct 13 20:56:07 2016

Roll src/third_party/boringssl/src 0d81373f9..1991af690

https://boringssl.googlesource.com/boringssl/+log/0d81373f9169637ff935449227be924c08bf1ec5..1991af69006a8fe4faf9b80b2340688846e62514

This requires a change in WebCrypto. BoringSSL's
https://boringssl.googlesource.com/boringssl/+/97227dc52d9e6620c8b83eb1dd4d45edf51d9d7f
switches to aligning with upstream's APIs for AES key wrap.

This also teaches DevTools how to handle the new draft TLS 1.3 ciphers
and adds them to histograms.xml. See
https://tools.ietf.org/html/draft-ietf-tls-tls13-16#appendix-A.4

Finally, it adds the CECPQ1 experimental ciphers which we forgot to add
there earlier.

BUG= 639495 

Review-Url: https://codereview.chromium.org/2395323002
Cr-Commit-Position: refs/heads/master@{#425147}

[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/DEPS
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/chrome/browser/ssl/chrome_security_state_model_client.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/chrome/browser/ui/website_settings/website_settings.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/components/webcrypto/algorithms/aes_kw.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/content/child/web_url_loader_impl.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/net/quic/chromium/quic_chromium_client_session.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/net/socket/ssl_server_socket_unittest.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/net/ssl/ssl_cipher_suite_names.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/net/ssl/ssl_cipher_suite_names.h
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/net/ssl/ssl_cipher_suite_names_unittest.cc
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/WebKit/Source/core/inspector/browser_protocol.json
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/WebKit/Source/platform/network/ResourceResponse.h
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/WebKit/public/platform/WebURLResponse.h
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/BUILD.generated.gni
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/BUILD.gn
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/err_data.c
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/linux-x86_64/crypto/ec/p256-x86_64-asm.S
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/mac-x86_64/crypto/ec/p256-x86_64-asm.S
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/third_party/boringssl/win-x86_64/crypto/ec/p256-x86_64-asm.asm
[modify] https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a/tools/metrics/histograms/histograms.xml

Comment 7 by davidben@chromium.org, Oct 13 2016

Labels: M-56
Status: Fixed (was: Assigned)
Project Member

Comment 8 by bugdroid1@chromium.org, Oct 14 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c048c38b523c078d567996a8d3263163b710a04c

commit c048c38b523c078d567996a8d3263163b710a04c
Author: hans <hans@chromium.org>
Date: Fri Oct 14 11:30:09 2016

Revert "Roll src/third_party/boringssl/src 0d81373f9..1991af690" (https://codereview.chromium.org/2395323002)

It broke the Linux ASan build of boringssl_bytestring_test.

(Reverting manually; Rietveld complained about some file being too large.)

Original description:
> Roll src/third_party/boringssl/src 0d81373f9..1991af690
>
> https://boringssl.googlesource.com/boringssl/+log/0d81373f9169637ff935449227be924c08bf1ec5..1991af69006a8fe4faf9b80b2340688846e62514
>
> This requires a change in WebCrypto. BoringSSL's
> https://boringssl.googlesource.com/boringssl/+/97227dc52d9e6620c8b83eb1dd4d45edf51d9d7f
> switches to aligning with upstream's APIs for AES key wrap.
>
> This also teaches DevTools how to handle the new draft TLS 1.3 ciphers
> and adds them to histograms.xml. See
> https://tools.ietf.org/html/draft-ietf-tls-tls13-16#appendix-A.4
>
> Finally, it adds the CECPQ1 experimental ciphers which we forgot to add
> there earlier.
>
> BUG= 639495 
> Committed: https://crrev.com/0f3127d8ff177305fe9992e87b4f096598fb787a
> Cr-Commit-Position: refs/heads/master@{#425147}

BUG= 639495 ,  655938 
TBR=davidben

Review-Url: https://codereview.chromium.org/2418113002
Cr-Commit-Position: refs/heads/master@{#425294}

[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/DEPS
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/chrome/browser/ssl/chrome_security_state_model_client.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/chrome/browser/ui/website_settings/website_settings.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/components/webcrypto/algorithms/aes_kw.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/content/child/web_url_loader_impl.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/net/quic/chromium/quic_chromium_client_session.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/net/socket/ssl_server_socket_unittest.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/net/ssl/ssl_cipher_suite_names.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/net/ssl/ssl_cipher_suite_names.h
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/net/ssl/ssl_cipher_suite_names_unittest.cc
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/WebKit/Source/core/inspector/browser_protocol.json
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/WebKit/Source/platform/network/ResourceResponse.h
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/WebKit/public/platform/WebURLResponse.h
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/BUILD.generated.gni
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/BUILD.gn
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/err_data.c
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/linux-x86_64/crypto/ec/p256-x86_64-asm.S
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/mac-x86_64/crypto/ec/p256-x86_64-asm.S
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/third_party/boringssl/win-x86_64/crypto/ec/p256-x86_64-asm.asm
[modify] https://crrev.com/c048c38b523c078d567996a8d3263163b710a04c/tools/metrics/histograms/histograms.xml

Sign in to add a comment