Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(548)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/pk11wrap/pk11obj.c

Issue 12207073: Update to NSS 3.14.3 Beta 1 for the TLS CBC constant-time (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Remove unrelated WIN64 changes from nss.gyp Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/nss/nss.h ('k') | mozilla/security/nss/lib/pk11wrap/pk11pub.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * This file manages object type indepentent functions. 5 * This file manages object type indepentent functions.
6 */ 6 */
7 #include "seccomon.h" 7 #include "seccomon.h"
8 #include "secmod.h" 8 #include "secmod.h"
9 #include "secmodi.h" 9 #include "secmodi.h"
10 #include "secmodti.h" 10 #include "secmodti.h"
(...skipping 760 matching lines...) Expand 10 before | Expand all | Expand 10 after
771 pk11_CloseSession(slot,session,owner); 771 pk11_CloseSession(slot,session,owner);
772 sig->len = len; 772 sig->len = len;
773 if (crv != CKR_OK) { 773 if (crv != CKR_OK) {
774 PORT_SetError( PK11_MapError(crv) ); 774 PORT_SetError( PK11_MapError(crv) );
775 return SECFailure; 775 return SECFailure;
776 } 776 }
777 return SECSuccess; 777 return SECSuccess;
778 } 778 }
779 779
780 /* 780 /*
781 * sign data with a MAC key.
782 */
783 SECStatus
784 PK11_SignWithSymKey(PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism,
785 SECItem *param, SECItem *sig, const SECItem *data)
786 {
787 PK11SlotInfo *slot = symKey->slot;
788 CK_MECHANISM mech = {0, NULL, 0 };
789 PRBool owner = PR_TRUE;
790 CK_SESSION_HANDLE session;
791 PRBool haslock = PR_FALSE;
792 CK_ULONG len;
793 CK_RV crv;
794
795 mech.mechanism = mechanism;
796 if (param) {
797 mech.pParameter = param->data;
798 mech.ulParameterLen = param->len;
799 }
800
801 session = pk11_GetNewSession(slot,&owner);
802 haslock = (!owner || !(slot->isThreadSafe));
803 if (haslock) PK11_EnterSlotMonitor(slot);
804 crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,symKey->objectID);
805 if (crv != CKR_OK) {
806 if (haslock) PK11_ExitSlotMonitor(slot);
807 pk11_CloseSession(slot,session,owner);
808 PORT_SetError( PK11_MapError(crv) );
809 return SECFailure;
810 }
811
812 len = sig->len;
813 crv = PK11_GETTAB(slot)->C_Sign(session,data->data,
814 data->len, sig->data, &len);
815 if (haslock) PK11_ExitSlotMonitor(slot);
816 pk11_CloseSession(slot,session,owner);
817 sig->len = len;
818 if (crv != CKR_OK) {
819 PORT_SetError( PK11_MapError(crv) );
820 return SECFailure;
821 }
822 return SECSuccess;
823 }
824
825 /*
781 * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use 826 * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use
782 * RSA keys, or they'll fail. We do the checks up front. If anyone comes 827 * RSA keys, or they'll fail. We do the checks up front. If anyone comes
783 * up with a meaning for rawdecrypt for any other public key operation, 828 * up with a meaning for rawdecrypt for any other public key operation,
784 * then we need to move this check into some of PK11_PubDecrypt callers, 829 * then we need to move this check into some of PK11_PubDecrypt callers,
785 * (namely SSL 2.0). 830 * (namely SSL 2.0).
786 */ 831 */
787 static SECStatus 832 static SECStatus
788 pk11_PrivDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, 833 pk11_PrivDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
789 unsigned *outLen, unsigned int maxLen, unsigned char *enc, 834 unsigned *outLen, unsigned int maxLen, unsigned char *enc,
790 unsigned encLen, CK_MECHANISM_PTR mech) 835 unsigned encLen, CK_MECHANISM_PTR mech)
(...skipping 1044 matching lines...) Expand 10 before | Expand all | Expand 10 after
1835 PORT_SetError( PK11_MapError(crv) ); 1880 PORT_SetError( PK11_MapError(crv) );
1836 return NULL; 1881 return NULL;
1837 } 1882 }
1838 1883
1839 item->data = (unsigned char*) theTemplate[0].pValue; 1884 item->data = (unsigned char*) theTemplate[0].pValue;
1840 item->len =theTemplate[0].ulValueLen; 1885 item->len =theTemplate[0].ulValueLen;
1841 1886
1842 return item; 1887 return item;
1843 } 1888 }
1844 1889
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/nss/nss.h ('k') | mozilla/security/nss/lib/pk11wrap/pk11pub.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698