Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1083)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: nss/lib/util/pkcs11n.h

Issue 13898013: Update NSS to NSS_3_15_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« nss/lib/util/hasht.h ('K') | « nss/lib/util/nssutil.h ('k') | nss/lib/util/seccomon.h » ('j') | nss/lib/util/seccomon.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/util/pkcs11n.h
===================================================================
--- nss/lib/util/pkcs11n.h (revision 195639)
+++ nss/lib/util/pkcs11n.h (working copy)
@@ -195,9 +195,29 @@
#define CKM_NSS_JPAKE_FINAL_SHA384 (CKM_NSS + 17)
#define CKM_NSS_JPAKE_FINAL_SHA512 (CKM_NSS + 18)
+/* Constant-time MAC mechanisms:
+ *
+ * These operations verify a padded, MAC-then-encrypt block of data in
+ * constant-time. Because of the order of operations, the padding bytes are not
+ * protected by the MAC. However, disclosing the value of the padding bytes
+ * gives an attacker the ability to decrypt ciphertexts. Such disclosure can be
+ * as subtle as taking slightly less time to perform the MAC when the padding
+ * is one byte longer. See https://www.isg.rhul.ac.uk/tls/
+ *
+ * CKM_NSS_HMAC_CONSTANT_TIME: performs an HMAC authentication.
+ * CKM_NSS_SSL3_MAC_CONSTANT_TIME: performs an authentication with SSLv3 MAC.
+ *
+ * Parameter type: CK_NSS_MAC_CONSTANT_TIME_PARAMS
+ */
#define CKM_NSS_HMAC_CONSTANT_TIME (CKM_NSS + 19)
#define CKM_NSS_SSL3_MAC_CONSTANT_TIME (CKM_NSS + 20)
+/* TLS 1.2 mechanisms */
+#define CKM_NSS_TLS_PRF_GENERAL_SHA256 (CKM_NSS + 21)
+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256 (CKM_NSS + 22)
+#define CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256 (CKM_NSS + 23)
+#define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24)
+
/*
* HISTORICAL:
* Do not attempt to use these. They are only used by NETSCAPE's internal
@@ -243,7 +263,15 @@
CK_NSS_JPAKEPublicValue B; /* in */
} CK_NSS_JPAKEFinalParams;
-/* NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and
+/* macAlg: the MAC algorithm to use. This determines the hash function used in
+ * the HMAC/SSLv3 MAC calculations.
+ * ulBodyTotalLen: the total length of the data, including padding bytes and
+ * padding length.
+ * pHeader: points to a block of data that contains additional data to
+ * authenticate. For TLS this includes the sequence number etc. For SSLv3,
+ * this also includes the initial padding bytes.
+ *
+ * NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and
* CKM_NSS_SSL3_MAC_CONSTANT_TIME requires that the sum of ulBodyTotalLen
* and ulHeaderLen be much smaller than 2^32 / 8 bytes because it uses an
* unsigned int variable to represent the length in bits. This should not
« nss/lib/util/hasht.h ('K') | « nss/lib/util/nssutil.h ('k') | nss/lib/util/seccomon.h » ('j') | nss/lib/util/seccomon.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698