Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(31)

Side by Side Diff: net/quic/crypto/aes_128_gcm_12_encrypter_nss.cc

Issue 1082123003: Rename USE_NSS to USE_NSS_CERTS. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@use-nss-certs
Patch Set: rebase Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" 5 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
6 6
7 #include <pk11pub.h> 7 #include <pk11pub.h>
8 #include <secerr.h> 8 #include <secerr.h>
9 9
10 #include "base/lazy_instance.h" 10 #include "base/lazy_instance.h"
11 #include "crypto/ghash.h" 11 #include "crypto/ghash.h"
12 #include "crypto/scoped_nss_types.h" 12 #include "crypto/scoped_nss_types.h"
13 13
14 #if defined(USE_NSS) 14 #if defined(USE_NSS_CERTS)
15 #include <dlfcn.h> 15 #include <dlfcn.h>
16 #endif 16 #endif
17 17
18 using base::StringPiece; 18 using base::StringPiece;
19 19
20 namespace net { 20 namespace net {
21 21
22 namespace { 22 namespace {
23 23
24 const size_t kKeySize = 16; 24 const size_t kKeySize = 16;
25 const size_t kNoncePrefixSize = 4; 25 const size_t kNoncePrefixSize = 4;
26 26
27 // On Linux, dynamically link against the system version of libnss3.so. In 27 // On Linux, dynamically link against the system version of libnss3.so. In
28 // order to continue working on systems without up-to-date versions of NSS, 28 // order to continue working on systems without up-to-date versions of NSS,
29 // lookup PK11_Encrypt with dlsym. 29 // lookup PK11_Encrypt with dlsym.
30 30
31 // GcmSupportChecker is a singleton which caches the results of runtime symbol 31 // GcmSupportChecker is a singleton which caches the results of runtime symbol
32 // resolution of PK11_Encrypt. 32 // resolution of PK11_Encrypt.
33 class GcmSupportChecker { 33 class GcmSupportChecker {
34 public: 34 public:
35 static PK11_EncryptFunction pk11_encrypt_func() { 35 static PK11_EncryptFunction pk11_encrypt_func() {
36 return pk11_encrypt_func_; 36 return pk11_encrypt_func_;
37 } 37 }
38 38
39 private: 39 private:
40 friend struct base::DefaultLazyInstanceTraits<GcmSupportChecker>; 40 friend struct base::DefaultLazyInstanceTraits<GcmSupportChecker>;
41 41
42 GcmSupportChecker() { 42 GcmSupportChecker() {
43 #if !defined(USE_NSS) 43 #if !defined(USE_NSS_CERTS)
44 // Using a bundled version of NSS that is guaranteed to have this symbol. 44 // Using a bundled version of NSS that is guaranteed to have this symbol.
45 pk11_encrypt_func_ = PK11_Encrypt; 45 pk11_encrypt_func_ = PK11_Encrypt;
46 #else 46 #else
47 // Using system NSS libraries and PCKS #11 modules, which may not have the 47 // Using system NSS libraries and PCKS #11 modules, which may not have the
48 // necessary function (PK11_Encrypt) or mechanism support (CKM_AES_GCM). 48 // necessary function (PK11_Encrypt) or mechanism support (CKM_AES_GCM).
49 49
50 // If PK11_Encrypt() was successfully resolved, then NSS will support 50 // If PK11_Encrypt() was successfully resolved, then NSS will support
51 // AES-GCM directly. This was introduced in NSS 3.15. 51 // AES-GCM directly. This was introduced in NSS 3.15.
52 pk11_encrypt_func_ = (PK11_EncryptFunction)dlsym(RTLD_DEFAULT, 52 pk11_encrypt_func_ = (PK11_EncryptFunction)dlsym(RTLD_DEFAULT,
53 "PK11_Encrypt"); 53 "PK11_Encrypt");
(...skipping 172 matching lines...) Expand 10 before | Expand all | Expand 10 after
226 gcm_params->pIv = 226 gcm_params->pIv =
227 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data())); 227 reinterpret_cast<CK_BYTE*>(const_cast<char*>(nonce.data()));
228 gcm_params->ulIvLen = nonce.size(); 228 gcm_params->ulIvLen = nonce.size();
229 gcm_params->pAAD = 229 gcm_params->pAAD =
230 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data())); 230 reinterpret_cast<CK_BYTE*>(const_cast<char*>(associated_data.data()));
231 gcm_params->ulAADLen = associated_data.size(); 231 gcm_params->ulAADLen = associated_data.size();
232 gcm_params->ulTagBits = auth_tag_size * 8; 232 gcm_params->ulTagBits = auth_tag_size * 8;
233 } 233 }
234 234
235 } // namespace net 235 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/aes_128_gcm_12_decrypter_nss.cc ('k') | net/quic/crypto/chacha20_poly1305_decrypter_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698