| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CRYPTO_AES_128_GCM_HELPERS_NSS_H_ |
| 6 #define CRYPTO_AES_128_GCM_HELPERS_NSS_H_ |
| 7 |
| 8 #include <pk11pub.h> |
| 9 #include <secerr.h> |
| 10 |
| 11 #include "crypto/crypto_export.h" |
| 12 |
| 13 namespace crypto { |
| 14 |
| 15 // When using the CKM_AES_GCM mechanism, one must consider that the mechanism |
| 16 // had a bug in NSS 3.14.x (https://bugzilla.mozilla.org/show_bug.cgi?id=853285) |
| 17 // which also lacks the PK11_Decrypt and PK11_Encrypt functions. |
| 18 // (https://bugzilla.mozilla.org/show_bug.cgi?id=854063) |
| 19 // |
| 20 // While both these bugs were resolved in NSS 3.15, certain builds of Chromium |
| 21 // may still be loading older versions of NSS as the system libraries. These |
| 22 // helper methods emulate support by using CKM_AES_CTR and the GaloisHash. |
| 23 |
| 24 // Helper function for using PK11_Decrypt. |mechanism| must be set to |
| 25 // CKM_AES_GCM for this method. |
| 26 CRYPTO_EXPORT SECStatus PK11DecryptHelper(PK11SymKey* key, |
| 27 CK_MECHANISM_TYPE mechanism, |
| 28 SECItem* param, |
| 29 unsigned char* out, |
| 30 unsigned int* out_len, |
| 31 unsigned int max_len, |
| 32 const unsigned char* data, |
| 33 unsigned int data_len); |
| 34 |
| 35 // Helper function for using PK11_Encrypt. |mechanism| must be set to |
| 36 // CKM_AES_GCM for this method. |
| 37 CRYPTO_EXPORT SECStatus PK11EncryptHelper(PK11SymKey* key, |
| 38 CK_MECHANISM_TYPE mechanism, |
| 39 SECItem* param, |
| 40 unsigned char* out, |
| 41 unsigned int* out_len, |
| 42 unsigned int max_len, |
| 43 const unsigned char* data, |
| 44 unsigned int data_len); |
| 45 |
| 46 } // namespace crypto |
| 47 |
| 48 #endif // CRYPTO_AES_128_GCM_HELPERS_NSS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
