Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(858)

Unified Diff: net/third_party/nss/ssl/sslimpl.h

Issue 21696002: Implement the AES GCM cipher suites for TLS. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Add a TODO to README.chromium to remove cbc.patch Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/third_party/nss/ssl/sslenum.c ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/nss/ssl/sslimpl.h
===================================================================
--- net/third_party/nss/ssl/sslimpl.h (revision 215189)
+++ net/third_party/nss/ssl/sslimpl.h (working copy)
@@ -64,6 +64,7 @@
#define calg_aes ssl_calg_aes
#define calg_camellia ssl_calg_camellia
#define calg_seed ssl_calg_seed
+#define calg_aes_gcm ssl_calg_aes_gcm
#define mac_null ssl_mac_null
#define mac_md5 ssl_mac_md5
@@ -290,9 +291,9 @@
} ssl3CipherSuiteCfg;
#ifdef NSS_ENABLE_ECC
-#define ssl_V3_SUITES_IMPLEMENTED 57
+#define ssl_V3_SUITES_IMPLEMENTED 61
#else
-#define ssl_V3_SUITES_IMPLEMENTED 35
+#define ssl_V3_SUITES_IMPLEMENTED 37
#endif /* NSS_ENABLE_ECC */
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
@@ -440,20 +441,6 @@
#define GS_DATA 3
#define GS_PAD 4
-typedef SECStatus (*SSLCipher)(void * context,
- unsigned char * out,
- int * outlen,
- int maxout,
- const unsigned char *in,
- int inlen);
-typedef SECStatus (*SSLCompressor)(void * context,
- unsigned char * out,
- int * outlen,
- int maxout,
- const unsigned char *in,
- int inlen);
-typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
-
#if defined(NSS_PLATFORM_CLIENT_AUTH) && defined(XP_WIN32)
typedef PCERT_KEY_CONTEXT PlatformKey;
#elif defined(NSS_PLATFORM_CLIENT_AUTH) && defined(XP_MACOSX)
@@ -485,11 +472,12 @@
cipher_camellia_128,
cipher_camellia_256,
cipher_seed,
+ cipher_aes_128_gcm,
cipher_missing /* reserved for no such supported cipher */
/* This enum must match ssl3_cipherName[] in ssl3con.c. */
} SSL3BulkCipher;
-typedef enum { type_stream, type_block } CipherType;
+typedef enum { type_stream, type_block, type_aead } CipherType;
#define MAX_IV_LENGTH 24
@@ -531,6 +519,31 @@
PRUint64 cipher_context[MAX_CIPHER_CONTEXT_LLONGS];
} ssl3KeyMaterial;
+typedef SECStatus (*SSLCipher)(void * context,
+ unsigned char * out,
+ int * outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen);
+typedef SECStatus (*SSLAEADCipher)(
+ ssl3KeyMaterial * keys,
+ PRBool doDecrypt,
+ unsigned char * out,
+ int * outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen,
+ SSL3ContentType type,
+ SSL3ProtocolVersion version,
+ SSL3SequenceNumber seqnum);
+typedef SECStatus (*SSLCompressor)(void * context,
+ unsigned char * out,
+ int * outlen,
+ int maxout,
+ const unsigned char *in,
+ int inlen);
+typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
+
/* The DTLS anti-replay window. Defined here because we need it in
* the cipher spec. Note that this is a ring buffer but left and
* right represent the true window, with modular arithmetic used to
@@ -557,6 +570,7 @@
int mac_size;
SSLCipher encode;
SSLCipher decode;
+ SSLAEADCipher aead;
SSLDestroy destroy;
void * encodeContext;
void * decodeContext;
@@ -706,8 +720,6 @@
PRBool tls_keygen;
} ssl3KEADef;
-typedef enum { kg_null, kg_strong, kg_export } SSL3KeyGenMode;
-
/*
** There are tables of these, all const.
*/
@@ -719,7 +731,8 @@
CipherType type;
int iv_size;
int block_size;
- SSL3KeyGenMode keygen_mode;
+ int tag_size; /* authentication tag size for AEAD ciphers. */
+ int explicit_nonce_size; /* for AEAD ciphers. */
};
/*
« no previous file with comments | « net/third_party/nss/ssl/sslenum.c ('k') | net/third_party/nss/ssl/sslinfo.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698