| Index: nss/mozilla/security/nss/lib/softoken/pkcs11c.c
|
| ===================================================================
|
| --- nss/mozilla/security/nss/lib/softoken/pkcs11c.c (revision 162724)
|
| +++ nss/mozilla/security/nss/lib/softoken/pkcs11c.c (working copy)
|
| @@ -425,17 +425,38 @@
|
| }
|
| context->type = ctype;
|
| context->multi = PR_TRUE;
|
| + context->rsa = PR_FALSE;
|
| context->cipherInfo = NULL;
|
| context->hashInfo = NULL;
|
| context->doPad = PR_FALSE;
|
| context->padDataLength = 0;
|
| context->key = key;
|
| context->blockSize = 0;
|
| + context->maxLen = 0;
|
|
|
| *contextPtr = context;
|
| return CKR_OK;
|
| }
|
|
|
| +static int
|
| +sftk_aes_mode(CK_MECHANISM_TYPE mechanism)
|
| +{
|
| + switch (mechanism) {
|
| + case CKM_AES_CBC_PAD:
|
| + case CKM_AES_CBC:
|
| + return NSS_AES_CBC;
|
| + case CKM_AES_ECB:
|
| + return NSS_AES;
|
| + case CKM_AES_CTS:
|
| + return NSS_AES_CTS;
|
| + case CKM_AES_CTR:
|
| + return NSS_AES_CTR;
|
| + case CKM_AES_GCM:
|
| + return NSS_AES_GCM;
|
| + }
|
| + return -1;
|
| +}
|
| +
|
| /** NSC_CryptInit initializes an encryption/Decryption operation.
|
| *
|
| * Always called by NSC_EncryptInit, NSC_DecryptInit, NSC_WrapKey,NSC_UnwrapKey.
|
| @@ -488,6 +509,7 @@
|
| break;
|
| }
|
| context->multi = PR_FALSE;
|
| + context->rsa = PR_TRUE;
|
| if (isEncrypt) {
|
| NSSLOWKEYPublicKey *pubKey = sftk_GetPubKey(key,CKK_RSA,&crv);
|
| if (pubKey == NULL) {
|
| @@ -750,6 +772,12 @@
|
| case CKM_AES_ECB:
|
| case CKM_AES_CBC:
|
| context->blockSize = 16;
|
| + case CKM_AES_CTS:
|
| + case CKM_AES_CTR:
|
| + case CKM_AES_GCM:
|
| + if (pMechanism->mechanism == CKM_AES_GCM) {
|
| + context->multi = PR_FALSE;
|
| + }
|
| if (key_type != CKK_AES) {
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| break;
|
| @@ -762,7 +790,7 @@
|
| context->cipherInfo = AES_CreateContext(
|
| (unsigned char*)att->attrib.pValue,
|
| (unsigned char*)pMechanism->pParameter,
|
| - pMechanism->mechanism == CKM_AES_ECB ? NSS_AES : NSS_AES_CBC,
|
| + sftk_aes_mode(pMechanism->mechanism),
|
| isEncrypt, att->attrib.ulValueLen, 16);
|
| sftk_FreeAttribute(att);
|
| if (context->cipherInfo == NULL) {
|
| @@ -980,8 +1008,8 @@
|
| if (crv != CKR_OK) return crv;
|
|
|
| if (!pEncryptedData) {
|
| - *pulEncryptedDataLen = context->multi ?
|
| - ulDataLen + 2 * context->blockSize : context->maxLen;
|
| + *pulEncryptedDataLen = context->rsa ? context->maxLen :
|
| + ulDataLen + 2 * context->blockSize;
|
| goto finish;
|
| }
|
|
|
| @@ -1993,6 +2021,7 @@
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| break;
|
| }
|
| + context->rsa = PR_TRUE;
|
| privKey = sftk_GetPrivKey(key,CKK_RSA,&crv);
|
| if (privKey == NULL) {
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| @@ -2017,6 +2046,7 @@
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| break;
|
| }
|
| + context->rsa = PR_TRUE;
|
| if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_PSS_PARAMS)) {
|
| crv = CKR_MECHANISM_PARAM_INVALID;
|
| break;
|
| @@ -2510,6 +2540,7 @@
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| break;
|
| }
|
| + context->rsa = PR_TRUE;
|
| pubKey = sftk_GetPubKey(key,CKK_RSA,&crv);
|
| if (pubKey == NULL) {
|
| if (info) PORT_Free(info);
|
| @@ -2530,6 +2561,7 @@
|
| crv = CKR_KEY_TYPE_INCONSISTENT;
|
| break;
|
| }
|
| + context->rsa = PR_TRUE;
|
| if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_PSS_PARAMS)) {
|
| crv = CKR_MECHANISM_PARAM_INVALID;
|
| break;
|
| @@ -2759,6 +2791,7 @@
|
| break;
|
| }
|
| context->multi = PR_FALSE;
|
| + context->rsa = PR_TRUE;
|
| pubKey = sftk_GetPubKey(key,CKK_RSA,&crv);
|
| if (pubKey == NULL) {
|
| break;
|
|
|
Chromium Code Reviews
Issue 11193042:
Update NSS to NSS 3.14 RC1. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/