| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * alg2268.c - implementation of the algorithm in RFC 2268 | |
| 3 * | |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 7 | |
| 8 /* $Id: alg2268.c,v 1.10 2012/04/25 14:49:43 gerv%gerv.net Exp $ */ | |
| 9 | |
| 10 #ifdef FREEBL_NO_DEPEND | |
| 11 #include "stubs.h" | |
| 12 #endif | |
| 13 | |
| 14 #include "blapi.h" | |
| 15 #include "secerr.h" | |
| 16 #ifdef XP_UNIX_XXX | |
| 17 #include <stddef.h> /* for ptrdiff_t */ | |
| 18 #endif | |
| 19 | |
| 20 /* | |
| 21 ** RC2 symmetric block cypher | |
| 22 */ | |
| 23 | |
| 24 typedef SECStatus (rc2Func)(RC2Context *cx, unsigned char *output, | |
| 25 const unsigned char *input, unsigned int inputLen); | |
| 26 | |
| 27 /* forward declarations */ | |
| 28 static rc2Func rc2_EncryptECB; | |
| 29 static rc2Func rc2_DecryptECB; | |
| 30 static rc2Func rc2_EncryptCBC; | |
| 31 static rc2Func rc2_DecryptCBC; | |
| 32 | |
| 33 typedef union { | |
| 34 PRUint32 l[2]; | |
| 35 PRUint16 s[4]; | |
| 36 PRUint8 b[8]; | |
| 37 } RC2Block; | |
| 38 | |
| 39 struct RC2ContextStr { | |
| 40 union { | |
| 41 PRUint8 Kb[128]; | |
| 42 PRUint16 Kw[64]; | |
| 43 } u; | |
| 44 RC2Block iv; | |
| 45 rc2Func *enc; | |
| 46 rc2Func *dec; | |
| 47 }; | |
| 48 | |
| 49 #define B u.Kb | |
| 50 #define K u.Kw | |
| 51 #define BYTESWAP(x) ((x) << 8 | (x) >> 8) | |
| 52 #define SWAPK(i) cx->K[i] = (tmpS = cx->K[i], BYTESWAP(tmpS)) | |
| 53 #define RC2_BLOCK_SIZE 8 | |
| 54 | |
| 55 #define LOAD_HARD(R) \ | |
| 56 R[0] = (PRUint16)input[1] << 8 | input[0]; \ | |
| 57 R[1] = (PRUint16)input[3] << 8 | input[2]; \ | |
| 58 R[2] = (PRUint16)input[5] << 8 | input[4]; \ | |
| 59 R[3] = (PRUint16)input[7] << 8 | input[6]; | |
| 60 #define LOAD_EASY(R) \ | |
| 61 R[0] = ((PRUint16 *)input)[0]; \ | |
| 62 R[1] = ((PRUint16 *)input)[1]; \ | |
| 63 R[2] = ((PRUint16 *)input)[2]; \ | |
| 64 R[3] = ((PRUint16 *)input)[3]; | |
| 65 #define STORE_HARD(R) \ | |
| 66 output[0] = (PRUint8)(R[0]); output[1] = (PRUint8)(R[0] >> 8); \ | |
| 67 output[2] = (PRUint8)(R[1]); output[3] = (PRUint8)(R[1] >> 8); \ | |
| 68 output[4] = (PRUint8)(R[2]); output[5] = (PRUint8)(R[2] >> 8); \ | |
| 69 output[6] = (PRUint8)(R[3]); output[7] = (PRUint8)(R[3] >> 8); | |
| 70 #define STORE_EASY(R) \ | |
| 71 ((PRUint16 *)output)[0] = R[0]; \ | |
| 72 ((PRUint16 *)output)[1] = R[1]; \ | |
| 73 ((PRUint16 *)output)[2] = R[2]; \ | |
| 74 ((PRUint16 *)output)[3] = R[3]; | |
| 75 | |
| 76 #if defined (NSS_X86_OR_X64) | |
| 77 #define LOAD(R) LOAD_EASY(R) | |
| 78 #define STORE(R) STORE_EASY(R) | |
| 79 #elif !defined(IS_LITTLE_ENDIAN) | |
| 80 #define LOAD(R) LOAD_HARD(R) | |
| 81 #define STORE(R) STORE_HARD(R) | |
| 82 #else | |
| 83 #define LOAD(R) if ((ptrdiff_t)input & 1) { LOAD_HARD(R) } else { LOAD_EASY(R) } | |
| 84 #define STORE(R) if ((ptrdiff_t)input & 1) { STORE_HARD(R) } else { STORE_EASY(R
) } | |
| 85 #endif | |
| 86 | |
| 87 static const PRUint8 S[256] = { | |
| 88 0331,0170,0371,0304,0031,0335,0265,0355,0050,0351,0375,0171,0112,0240,0330,0235, | |
| 89 0306,0176,0067,0203,0053,0166,0123,0216,0142,0114,0144,0210,0104,0213,0373,0242, | |
| 90 0027,0232,0131,0365,0207,0263,0117,0023,0141,0105,0155,0215,0011,0201,0175,0062, | |
| 91 0275,0217,0100,0353,0206,0267,0173,0013,0360,0225,0041,0042,0134,0153,0116,0202, | |
| 92 0124,0326,0145,0223,0316,0140,0262,0034,0163,0126,0300,0024,0247,0214,0361,0334, | |
| 93 0022,0165,0312,0037,0073,0276,0344,0321,0102,0075,0324,0060,0243,0074,0266,0046, | |
| 94 0157,0277,0016,0332,0106,0151,0007,0127,0047,0362,0035,0233,0274,0224,0103,0003, | |
| 95 0370,0021,0307,0366,0220,0357,0076,0347,0006,0303,0325,0057,0310,0146,0036,0327, | |
| 96 0010,0350,0352,0336,0200,0122,0356,0367,0204,0252,0162,0254,0065,0115,0152,0052, | |
| 97 0226,0032,0322,0161,0132,0025,0111,0164,0113,0237,0320,0136,0004,0030,0244,0354, | |
| 98 0302,0340,0101,0156,0017,0121,0313,0314,0044,0221,0257,0120,0241,0364,0160,0071, | |
| 99 0231,0174,0072,0205,0043,0270,0264,0172,0374,0002,0066,0133,0045,0125,0227,0061, | |
| 100 0055,0135,0372,0230,0343,0212,0222,0256,0005,0337,0051,0020,0147,0154,0272,0311, | |
| 101 0323,0000,0346,0317,0341,0236,0250,0054,0143,0026,0001,0077,0130,0342,0211,0251, | |
| 102 0015,0070,0064,0033,0253,0063,0377,0260,0273,0110,0014,0137,0271,0261,0315,0056, | |
| 103 0305,0363,0333,0107,0345,0245,0234,0167,0012,0246,0040,0150,0376,0177,0301,0255 | |
| 104 }; | |
| 105 | |
| 106 RC2Context * RC2_AllocateContext(void) | |
| 107 { | |
| 108 return PORT_ZNew(RC2Context); | |
| 109 } | |
| 110 SECStatus | |
| 111 RC2_InitContext(RC2Context *cx, const unsigned char *key, unsigned int len, | |
| 112 const unsigned char *input, int mode, unsigned int efLen8, | |
| 113 unsigned int unused) | |
| 114 { | |
| 115 PRUint8 *L,*L2; | |
| 116 int i; | |
| 117 #if !defined(IS_LITTLE_ENDIAN) | |
| 118 PRUint16 tmpS; | |
| 119 #endif | |
| 120 PRUint8 tmpB; | |
| 121 | |
| 122 if (!key || !cx || !len || len > (sizeof cx->B) || | |
| 123 efLen8 > (sizeof cx->B)) { | |
| 124 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 125 return SECFailure; | |
| 126 } | |
| 127 if (mode == NSS_RC2) { | |
| 128 /* groovy */ | |
| 129 } else if (mode == NSS_RC2_CBC) { | |
| 130 if (!input) { | |
| 131 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 132 return SECFailure; | |
| 133 } | |
| 134 } else { | |
| 135 PORT_SetError(SEC_ERROR_INVALID_ARGS); | |
| 136 return SECFailure; | |
| 137 } | |
| 138 | |
| 139 if (mode == NSS_RC2_CBC) { | |
| 140 cx->enc = & rc2_EncryptCBC; | |
| 141 cx->dec = & rc2_DecryptCBC; | |
| 142 LOAD(cx->iv.s); | |
| 143 } else { | |
| 144 cx->enc = & rc2_EncryptECB; | |
| 145 cx->dec = & rc2_DecryptECB; | |
| 146 } | |
| 147 | |
| 148 /* Step 0. Copy key into table. */ | |
| 149 memcpy(cx->B, key, len); | |
| 150 | |
| 151 /* Step 1. Compute all values to the right of the key. */ | |
| 152 L2 = cx->B; | |
| 153 L = L2 + len; | |
| 154 tmpB = L[-1]; | |
| 155 for (i = (sizeof cx->B) - len; i > 0; --i) { | |
| 156 *L++ = tmpB = S[ (PRUint8)(tmpB + *L2++) ]; | |
| 157 } | |
| 158 | |
| 159 /* step 2. Adjust left most byte of effective key. */ | |
| 160 i = (sizeof cx->B) - efLen8; | |
| 161 L = cx->B + i; | |
| 162 *L = tmpB = S[*L]; /* mask is always 0xff */ | |
| 163 | |
| 164 /* step 3. Recompute all values to the left of effective key. */ | |
| 165 L2 = --L + efLen8; | |
| 166 while(L >= cx->B) { | |
| 167 *L-- = tmpB = S[ tmpB ^ *L2-- ]; | |
| 168 } | |
| 169 | |
| 170 #if !defined(IS_LITTLE_ENDIAN) | |
| 171 for (i = 63; i >= 0; --i) { | |
| 172 SWAPK(i); /* candidate for unrolling */ | |
| 173 } | |
| 174 #endif | |
| 175 return SECSuccess; | |
| 176 } | |
| 177 | |
| 178 /* | |
| 179 ** Create a new RC2 context suitable for RC2 encryption/decryption. | |
| 180 ** "key" raw key data | |
| 181 ** "len" the number of bytes of key data | |
| 182 ** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC) | |
| 183 ** "mode" one of NSS_RC2 or NSS_RC2_CBC | |
| 184 ** "effectiveKeyLen" in bytes, not bits. | |
| 185 ** | |
| 186 ** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block | |
| 187 ** chaining" mode. | |
| 188 */ | |
| 189 RC2Context * | |
| 190 RC2_CreateContext(const unsigned char *key, unsigned int len, | |
| 191 const unsigned char *iv, int mode, unsigned efLen8) | |
| 192 { | |
| 193 RC2Context *cx = PORT_ZNew(RC2Context); | |
| 194 if (cx) { | |
| 195 SECStatus rv = RC2_InitContext(cx, key, len, iv, mode, efLen8, 0); | |
| 196 if (rv != SECSuccess) { | |
| 197 RC2_DestroyContext(cx, PR_TRUE); | |
| 198 cx = NULL; | |
| 199 } | |
| 200 } | |
| 201 return cx; | |
| 202 } | |
| 203 | |
| 204 /* | |
| 205 ** Destroy an RC2 encryption/decryption context. | |
| 206 ** "cx" the context | |
| 207 ** "freeit" if PR_TRUE then free the object as well as its sub-objects | |
| 208 */ | |
| 209 void | |
| 210 RC2_DestroyContext(RC2Context *cx, PRBool freeit) | |
| 211 { | |
| 212 if (cx) { | |
| 213 memset(cx, 0, sizeof *cx); | |
| 214 if (freeit) { | |
| 215 PORT_Free(cx); | |
| 216 } | |
| 217 } | |
| 218 } | |
| 219 | |
| 220 #define ROL(x,k) (x << k | x >> (16-k)) | |
| 221 #define MIX(j) \ | |
| 222 R0 = R0 + cx->K[ 4*j+0] + (R3 & R2) + (~R3 & R1); R0 = ROL(R0,1);\ | |
| 223 R1 = R1 + cx->K[ 4*j+1] + (R0 & R3) + (~R0 & R2); R1 = ROL(R1,2);\ | |
| 224 R2 = R2 + cx->K[ 4*j+2] + (R1 & R0) + (~R1 & R3); R2 = ROL(R2,3);\ | |
| 225 R3 = R3 + cx->K[ 4*j+3] + (R2 & R1) + (~R2 & R0); R3 = ROL(R3,5) | |
| 226 #define MASH \ | |
| 227 R0 = R0 + cx->K[R3 & 63];\ | |
| 228 R1 = R1 + cx->K[R0 & 63];\ | |
| 229 R2 = R2 + cx->K[R1 & 63];\ | |
| 230 R3 = R3 + cx->K[R2 & 63] | |
| 231 | |
| 232 /* Encrypt one block */ | |
| 233 static void | |
| 234 rc2_Encrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input) | |
| 235 { | |
| 236 register PRUint16 R0, R1, R2, R3; | |
| 237 | |
| 238 /* step 1. Initialize input. */ | |
| 239 R0 = input->s[0]; | |
| 240 R1 = input->s[1]; | |
| 241 R2 = input->s[2]; | |
| 242 R3 = input->s[3]; | |
| 243 | |
| 244 /* step 2. Expand Key (already done, in context) */ | |
| 245 /* step 3. j = 0 */ | |
| 246 /* step 4. Perform 5 mixing rounds. */ | |
| 247 | |
| 248 MIX(0); | |
| 249 MIX(1); | |
| 250 MIX(2); | |
| 251 MIX(3); | |
| 252 MIX(4); | |
| 253 | |
| 254 /* step 5. Perform 1 mashing round. */ | |
| 255 MASH; | |
| 256 | |
| 257 /* step 6. Perform 6 mixing rounds. */ | |
| 258 | |
| 259 MIX(5); | |
| 260 MIX(6); | |
| 261 MIX(7); | |
| 262 MIX(8); | |
| 263 MIX(9); | |
| 264 MIX(10); | |
| 265 | |
| 266 /* step 7. Perform 1 mashing round. */ | |
| 267 MASH; | |
| 268 | |
| 269 /* step 8. Perform 5 mixing rounds. */ | |
| 270 | |
| 271 MIX(11); | |
| 272 MIX(12); | |
| 273 MIX(13); | |
| 274 MIX(14); | |
| 275 MIX(15); | |
| 276 | |
| 277 /* output results */ | |
| 278 output->s[0] = R0; | |
| 279 output->s[1] = R1; | |
| 280 output->s[2] = R2; | |
| 281 output->s[3] = R3; | |
| 282 } | |
| 283 | |
| 284 #define ROR(x,k) (x >> k | x << (16-k)) | |
| 285 #define R_MIX(j) \ | |
| 286 R3 = ROR(R3,5); R3 = R3 - cx->K[ 4*j+3] - (R2 & R1) - (~R2 & R0); \ | |
| 287 R2 = ROR(R2,3); R2 = R2 - cx->K[ 4*j+2] - (R1 & R0) - (~R1 & R3); \ | |
| 288 R1 = ROR(R1,2); R1 = R1 - cx->K[ 4*j+1] - (R0 & R3) - (~R0 & R2); \ | |
| 289 R0 = ROR(R0,1); R0 = R0 - cx->K[ 4*j+0] - (R3 & R2) - (~R3 & R1) | |
| 290 #define R_MASH \ | |
| 291 R3 = R3 - cx->K[R2 & 63];\ | |
| 292 R2 = R2 - cx->K[R1 & 63];\ | |
| 293 R1 = R1 - cx->K[R0 & 63];\ | |
| 294 R0 = R0 - cx->K[R3 & 63] | |
| 295 | |
| 296 /* Encrypt one block */ | |
| 297 static void | |
| 298 rc2_Decrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input) | |
| 299 { | |
| 300 register PRUint16 R0, R1, R2, R3; | |
| 301 | |
| 302 /* step 1. Initialize input. */ | |
| 303 R0 = input->s[0]; | |
| 304 R1 = input->s[1]; | |
| 305 R2 = input->s[2]; | |
| 306 R3 = input->s[3]; | |
| 307 | |
| 308 /* step 2. Expand Key (already done, in context) */ | |
| 309 /* step 3. j = 63 */ | |
| 310 /* step 4. Perform 5 r_mixing rounds. */ | |
| 311 R_MIX(15); | |
| 312 R_MIX(14); | |
| 313 R_MIX(13); | |
| 314 R_MIX(12); | |
| 315 R_MIX(11); | |
| 316 | |
| 317 /* step 5. Perform 1 r_mashing round. */ | |
| 318 R_MASH; | |
| 319 | |
| 320 /* step 6. Perform 6 r_mixing rounds. */ | |
| 321 R_MIX(10); | |
| 322 R_MIX(9); | |
| 323 R_MIX(8); | |
| 324 R_MIX(7); | |
| 325 R_MIX(6); | |
| 326 R_MIX(5); | |
| 327 | |
| 328 /* step 7. Perform 1 r_mashing round. */ | |
| 329 R_MASH; | |
| 330 | |
| 331 /* step 8. Perform 5 r_mixing rounds. */ | |
| 332 R_MIX(4); | |
| 333 R_MIX(3); | |
| 334 R_MIX(2); | |
| 335 R_MIX(1); | |
| 336 R_MIX(0); | |
| 337 | |
| 338 /* output results */ | |
| 339 output->s[0] = R0; | |
| 340 output->s[1] = R1; | |
| 341 output->s[2] = R2; | |
| 342 output->s[3] = R3; | |
| 343 } | |
| 344 | |
| 345 static SECStatus | |
| 346 rc2_EncryptECB(RC2Context *cx, unsigned char *output, | |
| 347 const unsigned char *input, unsigned int inputLen) | |
| 348 { | |
| 349 RC2Block iBlock; | |
| 350 | |
| 351 while (inputLen > 0) { | |
| 352 LOAD(iBlock.s) | |
| 353 rc2_Encrypt1Block(cx, &iBlock, &iBlock); | |
| 354 STORE(iBlock.s) | |
| 355 output += RC2_BLOCK_SIZE; | |
| 356 input += RC2_BLOCK_SIZE; | |
| 357 inputLen -= RC2_BLOCK_SIZE; | |
| 358 } | |
| 359 return SECSuccess; | |
| 360 } | |
| 361 | |
| 362 static SECStatus | |
| 363 rc2_DecryptECB(RC2Context *cx, unsigned char *output, | |
| 364 const unsigned char *input, unsigned int inputLen) | |
| 365 { | |
| 366 RC2Block iBlock; | |
| 367 | |
| 368 while (inputLen > 0) { | |
| 369 LOAD(iBlock.s) | |
| 370 rc2_Decrypt1Block(cx, &iBlock, &iBlock); | |
| 371 STORE(iBlock.s) | |
| 372 output += RC2_BLOCK_SIZE; | |
| 373 input += RC2_BLOCK_SIZE; | |
| 374 inputLen -= RC2_BLOCK_SIZE; | |
| 375 } | |
| 376 return SECSuccess; | |
| 377 } | |
| 378 | |
| 379 static SECStatus | |
| 380 rc2_EncryptCBC(RC2Context *cx, unsigned char *output, | |
| 381 const unsigned char *input, unsigned int inputLen) | |
| 382 { | |
| 383 RC2Block iBlock; | |
| 384 | |
| 385 while (inputLen > 0) { | |
| 386 | |
| 387 LOAD(iBlock.s) | |
| 388 iBlock.l[0] ^= cx->iv.l[0]; | |
| 389 iBlock.l[1] ^= cx->iv.l[1]; | |
| 390 rc2_Encrypt1Block(cx, &iBlock, &iBlock); | |
| 391 cx->iv = iBlock; | |
| 392 STORE(iBlock.s) | |
| 393 output += RC2_BLOCK_SIZE; | |
| 394 input += RC2_BLOCK_SIZE; | |
| 395 inputLen -= RC2_BLOCK_SIZE; | |
| 396 } | |
| 397 return SECSuccess; | |
| 398 } | |
| 399 | |
| 400 static SECStatus | |
| 401 rc2_DecryptCBC(RC2Context *cx, unsigned char *output, | |
| 402 const unsigned char *input, unsigned int inputLen) | |
| 403 { | |
| 404 RC2Block iBlock; | |
| 405 RC2Block oBlock; | |
| 406 | |
| 407 while (inputLen > 0) { | |
| 408 LOAD(iBlock.s) | |
| 409 rc2_Decrypt1Block(cx, &oBlock, &iBlock); | |
| 410 oBlock.l[0] ^= cx->iv.l[0]; | |
| 411 oBlock.l[1] ^= cx->iv.l[1]; | |
| 412 cx->iv = iBlock; | |
| 413 STORE(oBlock.s) | |
| 414 output += RC2_BLOCK_SIZE; | |
| 415 input += RC2_BLOCK_SIZE; | |
| 416 inputLen -= RC2_BLOCK_SIZE; | |
| 417 } | |
| 418 return SECSuccess; | |
| 419 } | |
| 420 | |
| 421 | |
| 422 /* | |
| 423 ** Perform RC2 encryption. | |
| 424 ** "cx" the context | |
| 425 ** "output" the output buffer to store the encrypted data. | |
| 426 ** "outputLen" how much data is stored in "output". Set by the routine | |
| 427 ** after some data is stored in output. | |
| 428 ** "maxOutputLen" the maximum amount of data that can ever be | |
| 429 ** stored in "output" | |
| 430 ** "input" the input data | |
| 431 ** "inputLen" the amount of input data | |
| 432 */ | |
| 433 SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output, | |
| 434 unsigned int *outputLen, unsigned int maxOutputLen, | |
| 435 const unsigned char *input, unsigned int inputLen) | |
| 436 { | |
| 437 SECStatus rv = SECSuccess; | |
| 438 if (inputLen) { | |
| 439 if (inputLen % RC2_BLOCK_SIZE) { | |
| 440 PORT_SetError(SEC_ERROR_INPUT_LEN); | |
| 441 return SECFailure; | |
| 442 } | |
| 443 if (maxOutputLen < inputLen) { | |
| 444 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 445 return SECFailure; | |
| 446 } | |
| 447 rv = (*cx->enc)(cx, output, input, inputLen); | |
| 448 } | |
| 449 if (rv == SECSuccess) { | |
| 450 *outputLen = inputLen; | |
| 451 } | |
| 452 return rv; | |
| 453 } | |
| 454 | |
| 455 /* | |
| 456 ** Perform RC2 decryption. | |
| 457 ** "cx" the context | |
| 458 ** "output" the output buffer to store the decrypted data. | |
| 459 ** "outputLen" how much data is stored in "output". Set by the routine | |
| 460 ** after some data is stored in output. | |
| 461 ** "maxOutputLen" the maximum amount of data that can ever be | |
| 462 ** stored in "output" | |
| 463 ** "input" the input data | |
| 464 ** "inputLen" the amount of input data | |
| 465 */ | |
| 466 SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output, | |
| 467 unsigned int *outputLen, unsigned int maxOutputLen, | |
| 468 const unsigned char *input, unsigned int inputLen) | |
| 469 { | |
| 470 SECStatus rv = SECSuccess; | |
| 471 if (inputLen) { | |
| 472 if (inputLen % RC2_BLOCK_SIZE) { | |
| 473 PORT_SetError(SEC_ERROR_INPUT_LEN); | |
| 474 return SECFailure; | |
| 475 } | |
| 476 if (maxOutputLen < inputLen) { | |
| 477 PORT_SetError(SEC_ERROR_OUTPUT_LEN); | |
| 478 return SECFailure; | |
| 479 } | |
| 480 rv = (*cx->dec)(cx, output, input, inputLen); | |
| 481 } | |
| 482 if (rv == SECSuccess) { | |
| 483 *outputLen = inputLen; | |
| 484 } | |
| 485 return rv; | |
| 486 } | |
| 487 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14249009:
Change the NSS and NSPR source tree to the new directory structure to be (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/