Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(634)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/aes_128_gcm_12_decrypter_nss.cc

Issue 1082123003: Rename USE_NSS to USE_NSS_CERTS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@use-nss-certs
Patch Set: rebase Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/aead_base_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_12_encrypter_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h" 5 #include "net/quic/crypto/aes_128_gcm_12_decrypter.h"
6 6
7 #include <pk11pub.h> 7 #include <pk11pub.h>
8 #include <secerr.h> 8 #include <secerr.h>
9 9
10 #include "base/lazy_instance.h" 10 #include "base/lazy_instance.h"
11 #include "crypto/ghash.h" 11 #include "crypto/ghash.h"
12 #include "crypto/scoped_nss_types.h" 12 #include "crypto/scoped_nss_types.h"
13 13
14 #if defined(USE_NSS) 14 #if defined(USE_NSS_CERTS)
15 #include <dlfcn.h> 15 #include <dlfcn.h>
16 #endif 16 #endif
17 17
18 using base::StringPiece; 18 using base::StringPiece;
19 19
20 namespace net { 20 namespace net {
21 21
22 namespace { 22 namespace {
23 23
24 const size_t kKeySize = 16; 24 const size_t kKeySize = 16;
25 const size_t kNoncePrefixSize = 4; 25 const size_t kNoncePrefixSize = 4;
26 26
27 // On Linux, dynamically link against the system version of libnss3.so. In 27 // On Linux, dynamically link against the system version of libnss3.so. In
28 // order to continue working on systems without up-to-date versions of NSS, 28 // order to continue working on systems without up-to-date versions of NSS,
29 // lookup PK11_Decrypt with dlsym. 29 // lookup PK11_Decrypt with dlsym.
30 30
31 // GcmSupportChecker is a singleton which caches the results of runtime symbol 31 // GcmSupportChecker is a singleton which caches the results of runtime symbol
32 // resolution of PK11_Decrypt. 32 // resolution of PK11_Decrypt.
33 class GcmSupportChecker { 33 class GcmSupportChecker {
34 public: 34 public:
35 static PK11_DecryptFunction pk11_decrypt_func() { 35 static PK11_DecryptFunction pk11_decrypt_func() {
36 return pk11_decrypt_func_; 36 return pk11_decrypt_func_;
37 } 37 }
38 38
39 private: 39 private:
40 friend struct base::DefaultLazyInstanceTraits<GcmSupportChecker>; 40 friend struct base::DefaultLazyInstanceTraits<GcmSupportChecker>;
41 41
42 GcmSupportChecker() { 42 GcmSupportChecker() {
43 #if !defined(USE_NSS) 43 #if !defined(USE_NSS_CERTS)
44 // Using a bundled version of NSS that is guaranteed to have this symbol. 44 // Using a bundled version of NSS that is guaranteed to have this symbol.
45 pk11_decrypt_func_ = PK11_Decrypt; 45 pk11_decrypt_func_ = PK11_Decrypt;
46 #else 46 #else
47 // Using system NSS libraries and PCKS #11 modules, which may not have the 47 // Using system NSS libraries and PCKS #11 modules, which may not have the
48 // necessary function (PK11_Decrypt) or mechanism support (CKM_AES_GCM). 48 // necessary function (PK11_Decrypt) or mechanism support (CKM_AES_GCM).
49 49
50 // If PK11_Decrypt() was successfully resolved, then NSS will support 50 // If PK11_Decrypt() was successfully resolved, then NSS will support
51 // AES-GCM directly. This was introduced in NSS 3.15. 51 // AES-GCM directly. This was introduced in NSS 3.15.
52 pk11_decrypt_func_ = (PK11_DecryptFunction)dlsym(RTLD_DEFAULT, 52 pk11_decrypt_func_ = (PK11_DecryptFunction)dlsym(RTLD_DEFAULT,
53 "PK11_Decrypt"); 53 "PK11_Decrypt");
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
227 gcm_params->pIv = 227 gcm_params->pIv =
228 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data())); 228 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data()));
229 gcm_params->ulIvLen = nonce.size(); 229 gcm_params->ulIvLen = nonce.size();
230 gcm_params->pAAD = 230 gcm_params->pAAD =
231 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data())); 231 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data()));
232 gcm_params->ulAADLen = associated_data.size(); 232 gcm_params->ulAADLen = associated_data.size();
233 gcm_params->ulTagBits = auth_tag_size * 8; 233 gcm_params->ulTagBits = auth_tag_size * 8;
234 } 234 }
235 235
236 } // namespace net 236 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/aead_base_encrypter.h ('k') | net/quic/crypto/aes_128_gcm_12_encrypter_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698