Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(908)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/aesgcmchromium.patch

Issue 1053903002: Update libssl to NSS 3.18 RTM (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix typo Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/third_party/nss/README.chromium ('k') | net/third_party/nss/patches/alpnserver.patch » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c 1 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c
2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-17 18:04:43.127747463 -0800 2 index da0abfb..375ed6a 100644
3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-17 18:06:21.919386088 -0800 3 --- a/ssl/ssl3con.c
4 +++ b/ssl/ssl3con.c
4 @@ -8,6 +8,7 @@ 5 @@ -8,6 +8,7 @@
5 6
6 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ 7 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
7 8
8 +#define _GNU_SOURCE 1 9 +#define _GNU_SOURCE 1
9 #include "cert.h" 10 #include "cert.h"
10 #include "ssl.h" 11 #include "ssl.h"
11 #include "cryptohi.h" /* for DSAU_ stuff */ 12 #include "cryptohi.h" /* for DSAU_ stuff */
12 @@ -44,6 +45,9 @@ 13 @@ -44,6 +45,9 @@
13 #ifdef NSS_ENABLE_ZLIB 14 #ifdef NSS_ENABLE_ZLIB
14 #include "zlib.h" 15 #include "zlib.h"
15 #endif 16 #endif
16 +#ifdef LINUX 17 +#ifdef LINUX
17 +#include <dlfcn.h> 18 +#include <dlfcn.h>
18 +#endif 19 +#endif
19 20
20 #ifndef PK11_SETATTRS 21 #ifndef PK11_SETATTRS
21 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ 22 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
22 @@ -1842,6 +1846,63 @@ ssl3_BuildRecordPseudoHeader(unsigned ch 23 @@ -1874,6 +1878,63 @@ ssl3_BuildRecordPseudoHeader(unsigned char *out,
23 return 13; 24 return 13;
24 } 25 }
25 26
26 +typedef SECStatus (*PK11CryptFcn)( 27 +typedef SECStatus (*PK11CryptFcn)(
27 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param, 28 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param,
28 + unsigned char *out, unsigned int *outLen, unsigned int maxLen, 29 + unsigned char *out, unsigned int *outLen, unsigned int maxLen,
29 + const unsigned char *in, unsigned int inLen); 30 + const unsigned char *in, unsigned int inLen);
30 + 31 +
31 +static PK11CryptFcn pk11_encrypt = NULL; 32 +static PK11CryptFcn pk11_encrypt = NULL;
32 +static PK11CryptFcn pk11_decrypt = NULL; 33 +static PK11CryptFcn pk11_decrypt = NULL;
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
76 + PR_FALSE); 77 + PR_FALSE);
77 + PORT_Assert(rv == SECSuccess); /* else is coding error */ 78 + PORT_Assert(rv == SECSuccess); /* else is coding error */
78 + } 79 + }
79 + } 80 + }
80 + return SECSuccess; 81 + return SECSuccess;
81 +} 82 +}
82 + 83 +
83 static SECStatus 84 static SECStatus
84 ssl3_AESGCM(ssl3KeyMaterial *keys, 85 ssl3_AESGCM(ssl3KeyMaterial *keys,
85 PRBool doDecrypt, 86 PRBool doDecrypt,
86 @@ -1893,10 +1960,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys, 87 @@ -1925,10 +1986,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys,
87 gcmParams.ulTagBits = tagSize * 8; 88 gcmParams.ulTagBits = tagSize * 8;
88 89
89 if (doDecrypt) { 90 if (doDecrypt) {
90 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 91 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
91 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 92 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
92 maxout, in, inlen); 93 maxout, in, inlen);
93 } else { 94 } else {
94 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 95 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
95 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 96 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
96 maxout, in, inlen); 97 maxout, in, inlen);
97 } 98 }
98 *outlen += (int) uOutLen; 99 *outlen += (int) uOutLen;
99 @@ -5103,6 +5170,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBo 100 @@ -5147,6 +5208,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
100 ssl3_DisableNonDTLSSuites(ss); 101 ssl3_DisableNonDTLSSuites(ss);
101 } 102 }
102 103
103 + if (!ssl3_HasGCMSupport()) { 104 + if (!ssl3_HasGCMSupport()) {
104 + ssl3_DisableGCMSuites(ss); 105 + ssl3_DisableGCMSuites(ss);
105 + } 106 + }
106 + 107 +
107 /* how many suites are permitted by policy and user preference? */ 108 /* how many suites are permitted by policy and user preference? */
108 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); 109 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);
109 if (!num_suites) { 110 if (!num_suites) {
110 @@ -8080,6 +8151,10 @@ ssl3_HandleClientHello(sslSocket *ss, SS 111 @@ -8159,6 +8224,10 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUi nt32 length)
111 ssl3_DisableNonDTLSSuites(ss); 112 ssl3_DisableNonDTLSSuites(ss);
112 } 113 }
113 114
114 + if (!ssl3_HasGCMSupport()) { 115 + if (!ssl3_HasGCMSupport()) {
115 + ssl3_DisableGCMSuites(ss); 116 + ssl3_DisableGCMSuites(ss);
116 + } 117 + }
117 + 118 +
118 #ifdef PARANOID 119 #ifdef PARANOID
119 /* Look for a matching cipher suite. */ 120 /* Look for a matching cipher suite. */
120 j = ssl3_config_match_init(ss); 121 j = ssl3_config_match_init(ss);
OLDNEW
« no previous file with comments | « net/third_party/nss/README.chromium ('k') | net/third_party/nss/patches/alpnserver.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698