Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(250)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/patches/chacha20poly1305.patch

Issue 23619044: net: add ChaCha20+Poly1305 support to libssl. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/patches/applypatches.sh ('k') | net/third_party/nss/ssl/ssl3con.c » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
2 index 8be517c..74e9a56 100644
3 --- a/nss/lib/ssl/ssl3con.c
4 +++ b/nss/lib/ssl/ssl3con.c
5 @@ -40,6 +40,20 @@
6 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24)
7 #endif
8
9 +/* This is a bodge to allow this code to be compiled against older NSS
10 + * headers. */
11 +#ifndef CKM_NSS_CHACHA20_POLY1305
12 +#define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 25)
13 +
14 +typedef struct CK_AEAD_PARAMS {
15 + CK_BYTE_PTR pIv; /* This is the nonce. */
16 + CK_ULONG ulIvLen;
17 + CK_BYTE_PTR pAAD;
18 + CK_ULONG ulAADLen;
19 +} CK_AEAD_PARAMS;
20 +
21 +#endif
22 +
23 #include <stdio.h>
24 #ifdef NSS_ENABLE_ZLIB
25 #include "zlib.h"
26 @@ -100,6 +114,8 @@ static SECStatus ssl3_AESGCMBypass(ssl3KeyMaterial *keys, PR Bool doDecrypt,
27 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
28 /* cipher_suite policy enabled is_present* /
29 #ifdef NSS_ENABLE_ECC
30 + { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
31 + { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
32 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
33 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
34 #endif /* NSS_ENABLE_ECC */
35 @@ -273,6 +289,7 @@ static const ssl3BulkCipherDef bulk_cipher_defs[] = {
36 {cipher_camellia_256, calg_camellia, 32,32, type_block, 16,16, 0, 0},
37 {cipher_seed, calg_seed, 16,16, type_block, 16,16, 0, 0},
38 {cipher_aes_128_gcm, calg_aes_gcm, 16,16, type_aead, 4, 0,16, 8},
39 + {cipher_c20p1305, calg_c20p1305, 32,32, type_aead, 0, 0,16, 0},
40 {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, 0, 0},
41 };
42
43 @@ -399,6 +416,8 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
44 {TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_rsa},
45 {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea_e cdhe_rsa},
46 {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, mac_aead, kea _ecdhe_ecdsa},
47 + {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, cipher_c20p1305, mac_null, kea_ecd he_ecdsa},
48 + {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, cipher_c20p1305, mac_null, kea_ecdhe _rsa},
49
50 #ifdef NSS_ENABLE_ECC
51 {TLS_ECDH_ECDSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_ecdh_ecdsa} ,
52 @@ -464,6 +483,7 @@ static const SSLCipher2Mech alg2Mech[] = {
53 { calg_camellia , CKM_CAMELLIA_CBC },
54 { calg_seed , CKM_SEED_CBC },
55 { calg_aes_gcm , CKM_AES_GCM },
56 + { calg_c20p1305 , CKM_NSS_CHACHA20_POLY1305 },
57 /* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */
58 };
59
60 @@ -2020,6 +2040,45 @@ ssl3_AESGCMBypass(ssl3KeyMaterial *keys,
61 }
62 #endif
63
64 +static SECStatus
65 +ssl3_ChaCha20Poly1305(
66 + ssl3KeyMaterial *keys,
67 + PRBool doDecrypt,
68 + unsigned char *out,
69 + int *outlen,
70 + int maxout,
71 + const unsigned char *in,
72 + int inlen,
73 + const unsigned char *additionalData,
74 + int additionalDataLen)
75 +{
76 + SECItem param;
77 + SECStatus rv = SECFailure;
78 + static const int tagSize = 16;
79 + unsigned int uOutLen;
80 + CK_AEAD_PARAMS aeadParams;
81 +
82 + memset(&param, 0, sizeof(param));
83 + param.len = sizeof(CK_AEAD_PARAMS);
84 + param.data = (unsigned char *) &aeadParams;
85 + memset(&aeadParams, 0, sizeof(CK_AEAD_PARAMS));
86 + aeadParams.pIv = (unsigned char *) additionalData;
87 + aeadParams.ulIvLen = 8;
88 + aeadParams.pAAD = (unsigned char *) additionalData;
89 + aeadParams.ulAADLen = additionalDataLen;
90 +
91 + if (doDecrypt) {
92 + rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, &param,
93 + out, &uOutLen, maxout, in, inlen);
94 + } else {
95 + rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, &param,
96 + out, &uOutLen, maxout, in, inlen);
97 + }
98 + *outlen = (int) uOutLen;
99 +
100 + return rv;
101 +}
102 +
103 /* Initialize encryption and MAC contexts for pending spec.
104 * Master Secret already is derived.
105 * Caller holds Spec write lock.
106 @@ -2053,13 +2112,17 @@ ssl3_InitPendingContextsPKCS11(sslSocket *ss)
107 pwSpec->client.write_mac_context = NULL;
108 pwSpec->server.write_mac_context = NULL;
109
110 - if (calg == calg_aes_gcm) {
111 + if (calg == calg_aes_gcm || calg == calg_c20p1305) {
112 pwSpec->encode = NULL;
113 pwSpec->decode = NULL;
114 pwSpec->destroy = NULL;
115 pwSpec->encodeContext = NULL;
116 pwSpec->decodeContext = NULL;
117 - pwSpec->aead = ssl3_AESGCM;
118 + if (calg == calg_aes_gcm) {
119 + pwSpec->aead = ssl3_AESGCM;
120 + } else {
121 + pwSpec->aead = ssl3_ChaCha20Poly1305;
122 + }
123 return SECSuccess;
124 }
125
126 diff --git a/nss/lib/ssl/ssl3ecc.c b/nss/lib/ssl/ssl3ecc.c
127 index a3638e7..21a5e05 100644
128 --- a/nss/lib/ssl/ssl3ecc.c
129 +++ b/nss/lib/ssl/ssl3ecc.c
130 @@ -913,6 +913,7 @@ static const ssl3CipherSuite ecdhe_ecdsa_suites[] = {
131 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
132 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
133 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
134 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
135 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
136 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
137 0 /* end of list marker */
138 @@ -924,6 +925,7 @@ static const ssl3CipherSuite ecdhe_rsa_suites[] = {
139 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
140 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
141 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
142 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
143 TLS_ECDHE_RSA_WITH_NULL_SHA,
144 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
145 0 /* end of list marker */
146 @@ -936,6 +938,7 @@ static const ssl3CipherSuite ecSuites[] = {
147 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
148 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
149 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
150 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
151 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
152 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
153 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
154 @@ -943,6 +946,7 @@ static const ssl3CipherSuite ecSuites[] = {
155 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
156 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
157 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
158 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
159 TLS_ECDHE_RSA_WITH_NULL_SHA,
160 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
161 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
162 diff --git a/nss/lib/ssl/sslenum.c b/nss/lib/ssl/sslenum.c
163 index 597ec07..fc6b854 100644
164 --- a/nss/lib/ssl/sslenum.c
165 +++ b/nss/lib/ssl/sslenum.c
166 @@ -31,6 +31,8 @@
167 const PRUint16 SSL_ImplementedCiphers[] = {
168 /* AES-GCM */
169 #ifdef NSS_ENABLE_ECC
170 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
171 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
172 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
173 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
174 #endif /* NSS_ENABLE_ECC */
175 diff --git a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
176 index 0fe12d0..855c38b 100644
177 --- a/nss/lib/ssl/sslimpl.h
178 +++ b/nss/lib/ssl/sslimpl.h
179 @@ -65,6 +65,7 @@ typedef SSLSignType SSL3SignType;
180 #define calg_camellia ssl_calg_camellia
181 #define calg_seed ssl_calg_seed
182 #define calg_aes_gcm ssl_calg_aes_gcm
183 +#define calg_c20p1305 ssl_calg_c20p1305
184
185 #define mac_null ssl_mac_null
186 #define mac_md5 ssl_mac_md5
187 @@ -292,9 +293,9 @@ typedef struct {
188 } ssl3CipherSuiteCfg;
189
190 #ifdef NSS_ENABLE_ECC
191 -#define ssl_V3_SUITES_IMPLEMENTED 61
192 +#define ssl_V3_SUITES_IMPLEMENTED 63
193 #else
194 -#define ssl_V3_SUITES_IMPLEMENTED 37
195 +#define ssl_V3_SUITES_IMPLEMENTED 39
196 #endif /* NSS_ENABLE_ECC */
197
198 #define MAX_DTLS_SRTP_CIPHER_SUITES 4
199 @@ -474,6 +475,7 @@ typedef enum {
200 cipher_camellia_256,
201 cipher_seed,
202 cipher_aes_128_gcm,
203 + cipher_c20p1305,
204 cipher_missing /* reserved for no such supported cipher */
205 /* This enum must match ssl3_cipherName[] in ssl3con.c. */
206 } SSL3BulkCipher;
207 diff --git a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c
208 index 9597209..62a177f 100644
209 --- a/nss/lib/ssl/sslinfo.c
210 +++ b/nss/lib/ssl/sslinfo.c
211 @@ -118,6 +118,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRU intn len)
212 #define C_NULL "NULL", calg_null
213 #define C_SJ "SKIPJACK", calg_sj
214 #define C_AESGCM "AES-GCM", calg_aes_gcm
215 +#define C_C20P1305 "CHACHA20POLY1305", calg_c20p1305
216
217 #define B_256 256, 256, 256
218 #define B_128 128, 128, 128
219 @@ -136,6 +137,8 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRU intn len)
220
221 static const SSLCipherSuiteInfo suiteInfo[] = {
222 /* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */
223 +{0,CS(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305),S_ECDSA,K_ECDHE,C_C20P1305,B_256, M_AEAD_128,$0, 0, 0, },
224 +{0,CS(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305), S_RSA,K_ECDHE,C_C20P1305,B_256,M_ AEAD_128, 0, 0, 0, },
225 {0,CS(TLS_RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_RSA, C_AESGCM, B_128, M_ AEAD_128, 1, 0, 0, },
226
227 {0,CS(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_256, M_SHA, 0, 0, 0, },
228 diff --git a/nss/lib/ssl/sslproto.h b/nss/lib/ssl/sslproto.h
229 index 53bba01..ffecd2a 100644
230 --- a/nss/lib/ssl/sslproto.h
231 +++ b/nss/lib/ssl/sslproto.h
232 @@ -165,6 +165,8 @@
233 #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C
234 #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E
235 #define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2
236 +#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 0xCC13
237 +#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0xCC14
238
239 /* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client.
240 * Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending
241 diff --git a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
242 index c17c7a3..6408dd5 100644
243 --- a/nss/lib/ssl/sslsock.c
244 +++ b/nss/lib/ssl/sslsock.c
245 @@ -110,6 +110,8 @@ static cipherPolicy ssl_ciphers[] = { /* Export France */
246 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
247 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
248 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
249 + { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
250 + { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
251 #endif /* NSS_ENABLE_ECC */
252 { 0, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }
253 };
254 diff --git a/nss/lib/ssl/sslt.h b/nss/lib/ssl/sslt.h
255 index b03422e..0668f86 100644
256 --- a/nss/lib/ssl/sslt.h
257 +++ b/nss/lib/ssl/sslt.h
258 @@ -94,7 +94,8 @@ typedef enum {
259 ssl_calg_aes = 7,
260 ssl_calg_camellia = 8,
261 ssl_calg_seed = 9,
262 - ssl_calg_aes_gcm = 10
263 + ssl_calg_aes_gcm = 10,
264 + ssl_calg_c20p1305 = 11
265 } SSLCipherAlgorithm;
266
267 typedef enum {
OLDNEW
« no previous file with comments | « net/third_party/nss/patches/applypatches.sh ('k') | net/third_party/nss/ssl/ssl3con.c » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698