Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(170)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/aesgcmchromium.patch

Issue 1511123006: Uprev NSS (in libssl) to NSS 3.21 (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Updated deps Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/third_party/nss/README.chromium ('k') | net/third_party/nss/patches/applypatches.sh » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c 1 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
2 index 1167d6d..dabe333 100644 2 index c5cb1eb..299e414 100644
3 --- a/ssl/ssl3con.c 3 --- a/lib/ssl/ssl3con.c
4 +++ b/ssl/ssl3con.c 4 +++ b/lib/ssl/ssl3con.c
5 @@ -8,6 +8,7 @@ 5 @@ -8,6 +8,7 @@
6 6
7 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */ 7 /* TODO(ekr): Implement HelloVerifyRequest on server side. OK for now. */
8 8
9 +#define _GNU_SOURCE 1 9 +#define _GNU_SOURCE 1
10 #include "cert.h" 10 #include "cert.h"
11 #include "ssl.h" 11 #include "ssl.h"
12 #include "cryptohi.h" /* for DSAU_ stuff */ 12 #include "cryptohi.h" /* for DSAU_ stuff */
13 @@ -44,6 +45,9 @@ 13 @@ -46,6 +47,9 @@
14 #ifdef NSS_ENABLE_ZLIB 14 #ifdef NSS_ENABLE_ZLIB
15 #include "zlib.h" 15 #include "zlib.h"
16 #endif 16 #endif
17 +#ifdef LINUX 17 +#ifdef LINUX
18 +#include <dlfcn.h> 18 +#include <dlfcn.h>
19 +#endif 19 +#endif
20 20
21 #ifndef PK11_SETATTRS 21 #ifndef PK11_SETATTRS
22 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ 22 #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
23 @@ -1874,6 +1878,63 @@ ssl3_BuildRecordPseudoHeader(unsigned char *out, 23 @@ -1897,6 +1901,63 @@ ssl3_BuildRecordPseudoHeader(unsigned char *out,
24 return 13; 24 return 13;
25 } 25 }
26 26
27 +typedef SECStatus (*PK11CryptFcn)( 27 +typedef SECStatus (*PK11CryptFcn)(
28 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param, 28 + PK11SymKey *symKey, CK_MECHANISM_TYPE mechanism, SECItem *param,
29 + unsigned char *out, unsigned int *outLen, unsigned int maxLen, 29 + unsigned char *out, unsigned int *outLen, unsigned int maxLen,
30 + const unsigned char *in, unsigned int inLen); 30 + const unsigned char *in, unsigned int inLen);
31 + 31 +
32 +static PK11CryptFcn pk11_encrypt = NULL; 32 +static PK11CryptFcn pk11_encrypt = NULL;
33 +static PK11CryptFcn pk11_decrypt = NULL; 33 +static PK11CryptFcn pk11_decrypt = NULL;
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
77 + PR_FALSE); 77 + PR_FALSE);
78 + PORT_Assert(rv == SECSuccess); /* else is coding error */ 78 + PORT_Assert(rv == SECSuccess); /* else is coding error */
79 + } 79 + }
80 + } 80 + }
81 + return SECSuccess; 81 + return SECSuccess;
82 +} 82 +}
83 + 83 +
84 static SECStatus 84 static SECStatus
85 ssl3_AESGCM(ssl3KeyMaterial *keys, 85 ssl3_AESGCM(ssl3KeyMaterial *keys,
86 PRBool doDecrypt, 86 PRBool doDecrypt,
87 @@ -1925,10 +1986,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys, 87 @@ -1948,10 +2009,10 @@ ssl3_AESGCM(ssl3KeyMaterial *keys,
88 gcmParams.ulTagBits = tagSize * 8; 88 gcmParams.ulTagBits = tagSize * 8;
89 89
90 if (doDecrypt) { 90 if (doDecrypt) {
91 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 91 - rv = PK11_Decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
92 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 92 + rv = pk11_decrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
93 maxout, in, inlen); 93 maxout, in, inlen);
94 } else { 94 } else {
95 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 95 - rv = PK11_Encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
96 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen, 96 + rv = pk11_encrypt(keys->write_key, CKM_AES_GCM, &param, out, &uOutLen,
97 maxout, in, inlen); 97 maxout, in, inlen);
98 } 98 }
99 *outlen += (int) uOutLen; 99 *outlen += (int) uOutLen;
100 @@ -5162,6 +5223,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending) 100 @@ -5337,6 +5398,10 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
101 ssl3_DisableNonDTLSSuites(ss); 101 ssl3_DisableNonDTLSSuites(ss);
102 } 102 }
103 103
104 + if (!ssl3_HasGCMSupport()) { 104 + if (!ssl3_HasGCMSupport()) {
105 + ssl3_DisableGCMSuites(ss); 105 + ssl3_DisableGCMSuites(ss);
106 + } 106 + }
107 + 107 +
108 /* how many suites are permitted by policy and user preference? */ 108 /* how many suites are permitted by policy and user preference? */
109 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE); 109 num_suites = count_cipher_suites(ss, ss->ssl3.policy, PR_TRUE);
110 if (!num_suites) { 110 if (!num_suites) {
111 @@ -8172,6 +8237,10 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUi nt32 length) 111 @@ -8400,6 +8465,10 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUi nt32 length)
112 ssl3_DisableNonDTLSSuites(ss); 112 ssl3_DisableNonDTLSSuites(ss);
113 } 113 }
114 114
115 + if (!ssl3_HasGCMSupport()) { 115 + if (!ssl3_HasGCMSupport()) {
116 + ssl3_DisableGCMSuites(ss); 116 + ssl3_DisableGCMSuites(ss);
117 + } 117 + }
118 + 118 +
119 #ifdef PARANOID 119 #ifdef PARANOID
120 /* Look for a matching cipher suite. */ 120 /* Look for a matching cipher suite. */
121 j = ssl3_config_match_init(ss); 121 j = ssl3_config_match_init(ss);
OLDNEW
« no previous file with comments | « net/third_party/nss/README.chromium ('k') | net/third_party/nss/patches/applypatches.sh » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698