patches/nss-intel-aes-windows.patch - Issue 319593003: Update to NSS 3.16.2 Beta 3.

Side by Side Diff: patches/nss-intel-aes-windows.patch

Issue 319593003: Update to NSS 3.16.2 Beta 3. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/nss

Patch Set: Remove unused function SEC_NumberOrNameStringToOIDTag Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 diff --git a/nss/lib/freebl/ctr.c b/nss/lib/freebl/ctr.c

2 index 3a2f1a6..4d26daa 100644

3 --- a/nss/lib/freebl/ctr.c

4 +++ b/nss/lib/freebl/ctr.c

5 @@ -12,6 +12,11 @@

6 #include "pkcs11t.h"

7 #include "secerr.h"

8

9 +#ifdef USE_HW_AES

10 +#include "intel-aes.h"

11 +#include "rijndael.h"

12 +#endif

13 +

14 SECStatus

15 CTR_InitContext(CTRContext ctr, void context, freeblCipherFunc cipher,

16 const unsigned char *param, unsigned int blocksize)

17 @@ -165,3 +170,60 @@ CTR_Update(CTRContext ctr, unsigned char outbuf,

18 *outlen += inlen;

19 return SECSuccess;

20 }

21 +

22 +#if defined(USE_HW_AES) && defined(_MSC_VER)

23 +SECStatus

24 +CTR_Update_HW_AES(CTRContext ctr, unsigned char outbuf,

25 + unsigned int *outlen, unsigned int maxout,

26 + const unsigned char *inbuf, unsigned int inlen,

27 + unsigned int blocksize)

28 +{

29 + unsigned int fullblocks;

30 + unsigned int tmp;

31 + SECStatus rv;

32 +

33 + if (maxout < inlen) {

34 + *outlen = inlen;

35 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);

36 + return SECFailure;

37 + }

38 + *outlen = 0;

39 + if (ctr->bufPtr != blocksize) {

40 + unsigned int needed = PR_MIN(blocksize-ctr->bufPtr, inlen);

41 + ctr_xor(outbuf, inbuf, ctr->buffer+ctr->bufPtr, needed);

42 + ctr->bufPtr += needed;

43 + outbuf += needed;

44 + inbuf += needed;

45 + *outlen += needed;

46 + inlen -= needed;

47 + if (inlen == 0) {

48 + return SECSuccess;

49 + }

50 + PORT_Assert(ctr->bufPtr == blocksize);

51 + }

52 +

53 + intel_aes_ctr_worker(((AESContext*)(ctr->context))->Nr)(

54 + ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize);

55 + /* XXX intel_aes_ctr_worker should set outlen. /

56 + PORT_Assert(*outlen == 0);

57 + fullblocks = (inlen/blocksize)*blocksize;

58 + *outlen += fullblocks;

59 + outbuf += fullblocks;

60 + inbuf += fullblocks;

61 + inlen -= fullblocks;

62 +

63 + if (inlen == 0) {

64 + return SECSuccess;

65 + }

66 + rv = (*ctr->cipher)(ctr->context, ctr->buffer, &tmp, blocksize,

67 + ctr->counter, blocksize, blocksize);

68 + ctr_GetNextCtr(ctr->counter, ctr->counterBits, blocksize);

69 + if (rv != SECSuccess) {

70 + return SECFailure;

71 + }

72 + ctr_xor(outbuf, inbuf, ctr->buffer, inlen);

73 + ctr->bufPtr = inlen;

74 + *outlen += inlen;

75 + return SECSuccess;

76 +}

77 +#endif

78 diff --git a/nss/lib/freebl/ctr.h b/nss/lib/freebl/ctr.h

79 index 69ef150..e7645a2 100644

80 --- a/nss/lib/freebl/ctr.h

81 +++ b/nss/lib/freebl/ctr.h

82 @@ -41,4 +41,11 @@ SECStatus CTR_Update(CTRContext ctr, unsigned char outbuf,

83 const unsigned char *inbuf, unsigned int inlen,

84 unsigned int blocksize);

85

86 +#ifdef USE_HW_AES

87 +SECStatus CTR_Update_HW_AES(CTRContext ctr, unsigned char outbuf,

88 + unsigned int *outlen, unsigned int maxout,

89 + const unsigned char *inbuf, unsigned int inlen,

90 + unsigned int blocksize);

91 +#endif

92 +

93 #endif

94 diff --git a/nss/lib/freebl/intel-aes.h b/nss/lib/freebl/intel-aes.h

95 index 1e18007..3b71e5f 100644

96 --- a/nss/lib/freebl/intel-aes.h

97 +++ b/nss/lib/freebl/intel-aes.h

98 @@ -33,6 +33,12 @@ SECStatus intel_aes_decrypt_cbc_128(AESContext cx, unsigned char output,

99 const unsigned char *input,

100 unsigned int inputLen,

101 unsigned int blocksize);

102 +SECStatus intel_aes_encrypt_ctr_128(CTRContext cx, unsigned char output,

103 + unsigned int *outputLen,

104 + unsigned int maxOutputLen,

105 + const unsigned char *input,

106 + unsigned int inputLen,

107 + unsigned int blocksize);

108 SECStatus intel_aes_encrypt_ecb_192(AESContext cx, unsigned char output,

109 unsigned int *outputLen,

110 unsigned int maxOutputLen,

111 @@ -57,6 +63,12 @@ SECStatus intel_aes_decrypt_cbc_192(AESContext cx, unsigned char output,

112 const unsigned char *input,

113 unsigned int inputLen,

114 unsigned int blocksize);

115 +SECStatus intel_aes_encrypt_ctr_192(CTRContext cx, unsigned char output,

116 + unsigned int *outputLen,

117 + unsigned int maxOutputLen,

118 + const unsigned char *input,

119 + unsigned int inputLen,

120 + unsigned int blocksize);

121 SECStatus intel_aes_encrypt_ecb_256(AESContext cx, unsigned char output,

122 unsigned int *outputLen,

123 unsigned int maxOutputLen,

124 @@ -81,6 +93,12 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext cx, unsigned char output,

125 const unsigned char *input,

126 unsigned int inputLen,

127 unsigned int blocksize);

128 +SECStatus intel_aes_encrypt_ctr_256(CTRContext cx, unsigned char output,

129 + unsigned int *outputLen,

130 + unsigned int maxOutputLen,

131 + const unsigned char *input,

132 + unsigned int inputLen,

133 + unsigned int blocksize);

134

135

136 #define intel_aes_ecb_worker(encrypt, keysize) \

137 @@ -102,6 +120,11 @@ SECStatus intel_aes_decrypt_cbc_256(AESContext cx, unsigne d char output,

138 (keysize) == 24 ? intel_aes_decrypt_cbc_192 : \

139 intel_aes_decrypt_cbc_256))

140

141 +#define intel_aes_ctr_worker(nr) \

142 + ((nr) == 10 ? intel_aes_encrypt_ctr_128 : \

143 + (nr) == 12 ? intel_aes_encrypt_ctr_192 : \

144 + intel_aes_encrypt_ctr_256)

145 +

146

147 #define intel_aes_init(encrypt, keysize) \

148 do { \

149 diff --git a/nss/lib/freebl/intel-gcm-wrap.c b/nss/lib/freebl/intel-gcm-wrap.c

150 index b2f6f5e..afd3029 100644

151 --- a/nss/lib/freebl/intel-gcm-wrap.c

152 +++ b/nss/lib/freebl/intel-gcm-wrap.c

153 @@ -3,7 +3,7 @@

154 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

155 /* Copyright(c) 2013, Intel Corp. */

156

157 -/* Wrapper funcions for Intel optimized implementation of AES-GCM */

158 +/* Wrapper functions for Intel optimized implementation of AES-GCM */

159

160 #ifdef USE_HW_AES

161

162 @@ -24,12 +24,8 @@

163 #include "intel-gcm.h"

164 #include "rijndael.h"

165

166 -#if defined(__INTEL_COMPILER)

167 -#include <ia32intrin.h>

168 -#elif defined(__GNUC__)

169 #include <emmintrin.h>

170 #include <tmmintrin.h>

171 -#endif

172

173

174 struct intel_AES_GCMContextStr{

175 @@ -143,9 +139,9 @@ void intel_AES_GCM_DestroyContext(intel_AES_GCMContext *gcm, PRBool freeit)

176

177 SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm,

178 unsigned char *outbuf,

179 - unsigned int *outlen, unsigned int maxout,

180 - const unsigned char *inbuf, unsigned int inlen,

181 - unsigned int blocksize)

182 + unsigned int *outlen, unsigned int maxout,

183 + const unsigned char *inbuf, unsigned int inlen,

184 + unsigned int blocksize)

185 {

186 unsigned int tagBytes;

187 unsigned char T[AES_BLOCK_SIZE];

188 @@ -189,9 +185,9 @@ SECStatus intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext * gcm,

189

190 SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm,

191 unsigned char *outbuf,

192 - unsigned int *outlen, unsigned int maxout,

193 - const unsigned char *inbuf, unsigned int inlen,

194 - unsigned int blocksize)

195 + unsigned int *outlen, unsigned int maxout,

196 + const unsigned char *inbuf, unsigned int inlen,

197 + unsigned int blocksize)

198 {

199 unsigned int tagBytes;

200 unsigned char T[AES_BLOCK_SIZE];

201 @@ -201,13 +197,19 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm,

202

203 /* get the authentication block */

204 if (inlen < tagBytes) {

205 - PORT_SetError(SEC_ERROR_INVALID_ARGS);

206 + PORT_SetError(SEC_ERROR_INPUT_LEN);

207 return SECFailure;

208 }

209

210 inlen -= tagBytes;

211 intag = inbuf + inlen;

212

213 + if (maxout < inlen) {

214 + *outlen = inlen;

215 + PORT_SetError(SEC_ERROR_OUTPUT_LEN);

216 + return SECFailure;

217 + }

218 +

219 intel_aes_gcmDEC(

220 inbuf,

221 outbuf,

222 @@ -224,6 +226,8 @@ SECStatus intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext * gcm,

223 T);

224

225 if (NSS_SecureMemcmp(T, intag, tagBytes) != 0) {

226 + memset(outbuf, 0, inlen);

227 + *outlen = 0;

228 /* force a CKR_ENCRYPTED_DATA_INVALID error at in softoken */

229 PORT_SetError(SEC_ERROR_BAD_DATA);

230 return SECFailure;

231 diff --git a/nss/lib/freebl/rijndael.c b/nss/lib/freebl/rijndael.c

232 index 8bb8905..9703867 100644

233 --- a/nss/lib/freebl/rijndael.c

234 +++ b/nss/lib/freebl/rijndael.c

235 @@ -1063,8 +1063,10 @@ aes_InitContext(AESContext cx, const unsigned char key, unsigned int keysize,

236 intel_aes_cbc_worker(encrypt, keysize);

237 } else

238 #endif

239 + {

240 cx->worker = (freeblCipherFunc) (encrypt

241 ? &rijndael_encryptCBC : &rijndael_decryptCBC);

242 + }

243 } else {

244 #if USE_HW_AES

245 if (use_hw_aes) {

246 @@ -1072,8 +1074,10 @@ aes_InitContext(AESContext cx, const unsigned char key, unsigned int keysize,

247 intel_aes_ecb_worker(encrypt, keysize);

248 } else

249 #endif

250 + {

251 cx->worker = (freeblCipherFunc) (encrypt

252 ? &rijndael_encryptECB : &rijndael_decryptECB);

253 + }

254 }

255 PORT_Assert((cx->Nb * (cx->Nr + 1)) <= RIJNDAEL_MAX_EXP_KEY_SIZE);

256 if ((cx->Nb * (cx->Nr + 1)) > RIJNDAEL_MAX_EXP_KEY_SIZE) {

257 @@ -1171,7 +1175,14 @@ AES_InitContext(AESContext cx, const unsigned char key, unsigned int keysize,

258 break;

259 case NSS_AES_CTR:

260 cx->worker_cx = CTR_CreateContext(cx, cx->worker, iv, blocksize);

261 - cx->worker = (freeblCipherFunc) CTR_Update ;

262 +#if defined(USE_HW_AES) && defined(_MSC_VER)

263 + if (use_hw_aes) {

264 + cx->worker = (freeblCipherFunc) CTR_Update_HW_AES;

265 + } else

266 +#endif

267 + {

268 + cx->worker = (freeblCipherFunc) CTR_Update;

269 + }

270 cx->destroy = (freeblDestroyFunc) CTR_DestroyContext;

271 cx->isBlock = PR_FALSE;

272 break;

OLD	NEW

« nss/lib/softoken/pkcs11.c ('K') | « patches/nss-export-private-key-info.patch ('k') | patches/nss-rsa-oaep.patch » ('j') | no next file with comments »