Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(159)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/aesgcmchromium.patch

Issue 111853013: Update net/third_party/nss to NSS 3.15.4. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Update the comment in sslenum.c for the two CHACHA20 cipher suites Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/aesgcm.patch ('k') | net/third_party/nss/patches/alpn.patch » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 --- net/third_party/nss/ssl/ssl3con.c.orig» 2013-08-20 12:00:16.742760827 -0 700 1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
2 +++ net/third_party/nss/ssl/ssl3con.c» 2013-08-20 11:59:56.782463207 -0700 2 --- a/nss/lib/ssl/ssl3con.c» 2014-01-03 19:42:10.424660677 -0800
3 +++ b/nss/lib/ssl/ssl3con.c» 2014-01-03 19:42:18.324789858 -0800
3 @@ -44,6 +44,9 @@ 4 @@ -44,6 +44,9 @@
4 #ifdef NSS_ENABLE_ZLIB 5 #ifdef NSS_ENABLE_ZLIB
5 #include "zlib.h" 6 #include "zlib.h"
6 #endif 7 #endif
7 +#ifdef LINUX 8 +#ifdef LINUX
8 +#include <dlfcn.h> 9 +#include <dlfcn.h>
9 +#endif 10 +#endif
10 11
11 #ifndef PK11_SETATTRS 12 #ifndef PK11_SETATTRS
12 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ 13 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
13 @@ -1819,6 +1822,69 @@ ssl3_BuildRecordPseudoHeader(unsigned ch 14 @@ -1842,6 +1845,69 @@ ssl3_BuildRecordPseudoHeader(unsigned ch
14 return 13; 15 return 13;
15 } 16 }
16 17
17 +typedef SECStatus (*PK11CryptFcn)( 18 +typedef SECStatus (*PK11CryptFcn)(
18 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param, 19 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param,
19 + unsigned char *out, unsigned int *outLen, unsigned int maxLen, 20 + unsigned char *out, unsigned int *outLen, unsigned int maxLen,
20 + const unsigned char *in, unsigned int inLen); 21 + const unsigned char *in, unsigned int inLen);
21 + 22 +
22 +static PK11CryptFcn pk11_encrypt = NULL; 23 +static PK11CryptFcn pk11_encrypt = NULL;
23 +static PK11CryptFcn pk11_decrypt = NULL; 24 +static PK11CryptFcn pk11_decrypt = NULL;
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 + PR_FALSE); 74 + PR_FALSE);
74 + PORT_Assert(rv == SECSuccess); /* else is coding error */ 75 + PORT_Assert(rv == SECSuccess); /* else is coding error */
75 + } 76 + }
76 + } 77 + }
77 + return SECSuccess; 78 + return SECSuccess;
78 +} 79 +}
79 + 80 +
80 static SECStatus 81 static SECStatus
81 ssl3_AESGCM(ssl3KeyMaterial *keys, 82 ssl3_AESGCM(ssl3KeyMaterial *keys,
82 PRBool doDecrypt, 83 PRBool doDecrypt,
83 @@ -1870,10 +1936,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys, 84 @@ -1893,10 +1959,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys,
84 gcmParams.ulTagBits = tagSize * 8; 85 gcmParams.ulTagBits = tagSize * 8;
85 86
86 if (doDecrypt) { 87 if (doDecrypt) {
87 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 88 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
88 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 89 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
89 maxout, in, inlen); 90 maxout, in, inlen);
90 } else { 91 } else {
91 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 92 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
92 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 93 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
93 maxout, in, inlen); 94 maxout, in, inlen);
94 } 95 }
95 *outlen += (int) uOutLen; 96 *outlen += (int) uOutLen;
96 @@ -5023,6 +5089,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBo 97 @@ -5102,6 +5168,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBo
97 ssl3_DisableNonDTLSSuites(ss); 98 ssl3_DisableNonDTLSSuites(ss);
98 } 99 }
99 100
100 + if (!ssl3_HasGCMSupport()) { 101 + if (!ssl3_HasGCMSupport()) {
101 + ssl3_DisableGCMSuites(ss); 102 + ssl3_DisableGCMSuites(ss);
102 + } 103 + }
103 + 104 +
104 /* how many suites are permitted by policy and user preference? */ 105 /* how many suites are permitted by policy and user preference? */
105 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); 106 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);
106 if (!num_suites) 107 if (!num_suites) {
107 @@ -7728,6 +7798,10 @@ ssl3_HandleClientHello(sslSocket *ss, SS 108 @@ -8057,6 +8127,10 @@ ssl3_HandleClientHello(sslSocket *ss, SS
108 ssl3_DisableNonDTLSSuites(ss); 109 ssl3_DisableNonDTLSSuites(ss);
109 } 110 }
110 111
111 + if (!ssl3_HasGCMSupport()) { 112 + if (!ssl3_HasGCMSupport()) {
112 + ssl3_DisableGCMSuites(ss); 113 + ssl3_DisableGCMSuites(ss);
113 + } 114 + }
114 + 115 +
115 #ifdef PARANOID 116 #ifdef PARANOID
116 /* Look for a matching cipher suite. */ 117 /* Look for a matching cipher suite. */
117 j = ssl3_config_match_init(ss); 118 j = ssl3_config_match_init(ss);
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/aesgcm.patch ('k') | net/third_party/nss/patches/alpn.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698