Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/softoken/pkcs11c.c

Issue 27510015: Support ChaCha20+Poly1305 cipher suites. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Make ChaCha20Poly1305 function conform to freebl API, undo changes to chacha20.c, use generic code … Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« nss/lib/freebl/chacha20poly1305.c ('K') | « nss/lib/softoken/pkcs11.c ('k') | nss/lib/util/pkcs11n.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * This file implements PKCS 11 on top of our existing security modules 5 * This file implements PKCS 11 on top of our existing security modules
6 * 6 *
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
8 * This implementation has two slots: 8 * This implementation has two slots:
9 * slot 1 is our generic crypto support. It does not require login. 9 * slot 1 is our generic crypto support. It does not require login.
10 * It supports Public Key ops, and all they bulk ciphers and hashes. 10 * It supports Public Key ops, and all they bulk ciphers and hashes.
(...skipping 852 matching lines...) Expand 10 before | Expand all | Expand 10 after
863 isEncrypt, att->attrib.ulValueLen, 16); 863 isEncrypt, att->attrib.ulValueLen, 16);
864 sftk_FreeAttribute(att); 864 sftk_FreeAttribute(att);
865 if (context->cipherInfo == NULL) { 865 if (context->cipherInfo == NULL) {
866 crv = CKR_HOST_MEMORY; 866 crv = CKR_HOST_MEMORY;
867 break; 867 break;
868 } 868 }
869 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); 869 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt);
870 context->destroy = (SFTKDestroy) AES_DestroyContext; 870 context->destroy = (SFTKDestroy) AES_DestroyContext;
871 break; 871 break;
872 872
873 case CKM_NSS_CHACHA20_POLY1305: {
874 CK_NSS_AEAD_PARAMS *params;
875 if (pMechanism->ulParameterLen != sizeof(CK_NSS_AEAD_PARAMS)) {
876 crv = CKR_MECHANISM_PARAM_INVALID;
877 break;
878 }
879 params = (CK_NSS_AEAD_PARAMS*) pMechanism->pParameter;
880 context->multi = PR_FALSE;
881 if (key_type != CKK_NSS_CHACHA20) {
882 crv = CKR_KEY_TYPE_INCONSISTENT;
883 break;
884 }
885 att = sftk_FindAttribute(key,CKA_VALUE);
886 if (att == NULL) {
887 crv = CKR_KEY_HANDLE_INVALID;
888 break;
889 }
890 context->cipherInfo = ChaCha20Poly1305_CreateContext(
891 (unsigned char*) att->attrib.pValue, att->attrib.ulValueLen,
892 params->pIv, params->ulIvLen, params->pAAD, params->ulAADLen,
893 params->ulTagBits);
894 sftk_FreeAttribute(att);
895 if (context->cipherInfo == NULL) {
896 /* XXX map error code */
897 crv = CKR_HOST_MEMORY;
898 break;
899 }
900 context->update = (SFTKCipher) (isEncrypt ? ChaCha20Poly1305_Seal :
901 ChaCha20Poly1305_Open);
902 context->destroy = (SFTKDestroy) ChaCha20Poly1305_DestroyContext;
903 break;
904 }
905
873 case CKM_NETSCAPE_AES_KEY_WRAP_PAD: 906 case CKM_NETSCAPE_AES_KEY_WRAP_PAD:
874 context->doPad = PR_TRUE; 907 context->doPad = PR_TRUE;
875 /* fall thru */ 908 /* fall thru */
876 case CKM_NETSCAPE_AES_KEY_WRAP: 909 case CKM_NETSCAPE_AES_KEY_WRAP:
877 context->multi = PR_FALSE; 910 context->multi = PR_FALSE;
878 context->blockSize = 8; 911 context->blockSize = 8;
879 if (key_type != CKK_AES) { 912 if (key_type != CKK_AES) {
880 crv = CKR_KEY_TYPE_INCONSISTENT; 913 crv = CKR_KEY_TYPE_INCONSISTENT;
881 break; 914 break;
882 } 915 }
(...skipping 2382 matching lines...) Expand 10 before | Expand all | Expand 10 after
3265 *key_length = 16; 3298 *key_length = 16;
3266 break; 3299 break;
3267 case CKM_CAMELLIA_KEY_GEN: 3300 case CKM_CAMELLIA_KEY_GEN:
3268 *key_type = CKK_CAMELLIA; 3301 *key_type = CKK_CAMELLIA;
3269 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; 3302 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
3270 break; 3303 break;
3271 case CKM_AES_KEY_GEN: 3304 case CKM_AES_KEY_GEN:
3272 *key_type = CKK_AES; 3305 *key_type = CKK_AES;
3273 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; 3306 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
3274 break; 3307 break;
3308 case CKM_NSS_CHACHA20_KEY_GEN:
3309 *key_type = CKK_NSS_CHACHA20;
3310 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
3311 break;
3275 default: 3312 default:
3276 PORT_Assert(0); 3313 PORT_Assert(0);
3277 crv = CKR_MECHANISM_INVALID; 3314 crv = CKR_MECHANISM_INVALID;
3278 break; 3315 break;
3279 } 3316 }
3280 3317
3281 return crv; 3318 return crv;
3282 } 3319 }
3283 3320
3284 CK_RV 3321 CK_RV
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after
3509 case CKM_DES_KEY_GEN: 3546 case CKM_DES_KEY_GEN:
3510 case CKM_DES2_KEY_GEN: 3547 case CKM_DES2_KEY_GEN:
3511 case CKM_DES3_KEY_GEN: 3548 case CKM_DES3_KEY_GEN:
3512 checkWeak = PR_TRUE; 3549 checkWeak = PR_TRUE;
3513 case CKM_RC2_KEY_GEN: 3550 case CKM_RC2_KEY_GEN:
3514 case CKM_RC4_KEY_GEN: 3551 case CKM_RC4_KEY_GEN:
3515 case CKM_GENERIC_SECRET_KEY_GEN: 3552 case CKM_GENERIC_SECRET_KEY_GEN:
3516 case CKM_SEED_KEY_GEN: 3553 case CKM_SEED_KEY_GEN:
3517 case CKM_CAMELLIA_KEY_GEN: 3554 case CKM_CAMELLIA_KEY_GEN:
3518 case CKM_AES_KEY_GEN: 3555 case CKM_AES_KEY_GEN:
3556 case CKM_NSS_CHACHA20_KEY_GEN:
3519 #if NSS_SOFTOKEN_DOES_RC5 3557 #if NSS_SOFTOKEN_DOES_RC5
3520 case CKM_RC5_KEY_GEN: 3558 case CKM_RC5_KEY_GEN:
3521 #endif 3559 #endif
3522 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length); 3560 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length);
3523 break; 3561 break;
3524 case CKM_SSL3_PRE_MASTER_KEY_GEN: 3562 case CKM_SSL3_PRE_MASTER_KEY_GEN:
3525 key_type = CKK_GENERIC_SECRET; 3563 key_type = CKK_GENERIC_SECRET;
3526 key_length = 48; 3564 key_length = 48;
3527 key_gen_type = nsc_ssl; 3565 key_gen_type = nsc_ssl;
3528 break; 3566 break;
(...skipping 3418 matching lines...) Expand 10 before | Expand all | Expand 10 after
6947 att = sftk_FindAttribute(key,CKA_VALUE); 6985 att = sftk_FindAttribute(key,CKA_VALUE);
6948 sftk_FreeObject(key); 6986 sftk_FreeObject(key);
6949 if (!att) { 6987 if (!att) {
6950 return CKR_KEY_HANDLE_INVALID; 6988 return CKR_KEY_HANDLE_INVALID;
6951 } 6989 }
6952 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue, 6990 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue,
6953 att->attrib.ulValueLen); 6991 att->attrib.ulValueLen);
6954 sftk_FreeAttribute(att); 6992 sftk_FreeAttribute(att);
6955 return crv; 6993 return crv;
6956 } 6994 }
OLDNEW
« nss/lib/freebl/chacha20poly1305.c ('K') | « nss/lib/softoken/pkcs11.c ('k') | nss/lib/util/pkcs11n.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698