OLD | NEW |
1 diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c | 1 diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c |
2 index 8be517c..53c29f0 100644 | 2 index 8be517c..53c29f0 100644 |
3 --- a/nss/lib/ssl/ssl3con.c | 3 --- a/nss/lib/ssl/ssl3con.c |
4 +++ b/nss/lib/ssl/ssl3con.c | 4 +++ b/nss/lib/ssl/ssl3con.c |
5 @@ -40,6 +40,21 @@ | 5 @@ -40,6 +40,21 @@ |
6 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) | 6 #define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) |
7 #endif | 7 #endif |
8 | 8 |
9 +/* This is a bodge to allow this code to be compiled against older NSS | 9 +/* This is a bodge to allow this code to be compiled against older NSS |
10 + * headers. */ | 10 + * headers. */ |
11 +#ifndef CKM_NSS_CHACHA20_POLY1305 | 11 +#ifndef CKM_NSS_CHACHA20_POLY1305 |
12 +#define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 25) | 12 +#define CKM_NSS_CHACHA20_POLY1305 (CKM_NSS + 26) |
13 + | 13 + |
14 +typedef struct CK_AEAD_PARAMS { | 14 +typedef struct CK_NSS_AEAD_PARAMS { |
15 + CK_BYTE_PTR pIv; /* This is the nonce. */ | 15 + CK_BYTE_PTR pIv; /* This is the nonce. */ |
16 + CK_ULONG ulIvLen; | 16 + CK_ULONG ulIvLen; |
17 + CK_BYTE_PTR pAAD; | 17 + CK_BYTE_PTR pAAD; |
18 + CK_ULONG ulAADLen; | 18 + CK_ULONG ulAADLen; |
19 + CK_ULONG ulTagBits; | 19 + CK_ULONG ulTagLen; |
20 +} CK_AEAD_PARAMS; | 20 +} CK_NSS_AEAD_PARAMS; |
21 + | 21 + |
22 +#endif | 22 +#endif |
23 + | 23 + |
24 #include <stdio.h> | 24 #include <stdio.h> |
25 #ifdef NSS_ENABLE_ZLIB | 25 #ifdef NSS_ENABLE_ZLIB |
26 #include "zlib.h" | 26 #include "zlib.h" |
27 @@ -100,6 +115,8 @@ static SECStatus ssl3_AESGCMBypass(ssl3KeyMaterial *keys, PR
Bool doDecrypt, | 27 @@ -100,6 +115,8 @@ static SECStatus ssl3_AESGCMBypass(ssl3KeyMaterial *keys, PR
Bool doDecrypt, |
28 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { | 28 static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = { |
29 /* cipher_suite policy enabled is_present*
/ | 29 /* cipher_suite policy enabled is_present*
/ |
30 #ifdef NSS_ENABLE_ECC | 30 #ifdef NSS_ENABLE_ECC |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 + int *outlen, | 70 + int *outlen, |
71 + int maxout, | 71 + int maxout, |
72 + const unsigned char *in, | 72 + const unsigned char *in, |
73 + int inlen, | 73 + int inlen, |
74 + const unsigned char *additionalData, | 74 + const unsigned char *additionalData, |
75 + int additionalDataLen) | 75 + int additionalDataLen) |
76 +{ | 76 +{ |
77 + SECItem param; | 77 + SECItem param; |
78 + SECStatus rv = SECFailure; | 78 + SECStatus rv = SECFailure; |
79 + unsigned int uOutLen; | 79 + unsigned int uOutLen; |
80 + CK_AEAD_PARAMS aeadParams; | 80 + CK_NSS_AEAD_PARAMS aeadParams; |
81 + static const int tagSize = 16; | 81 + static const int tagSize = 16; |
82 + | 82 + |
83 + param.type = siBuffer; | 83 + param.type = siBuffer; |
84 + param.len = sizeof(aeadParams); | 84 + param.len = sizeof(aeadParams); |
85 + param.data = (unsigned char *) &aeadParams; | 85 + param.data = (unsigned char *) &aeadParams; |
86 + memset(&aeadParams, 0, sizeof(CK_AEAD_PARAMS)); | 86 + memset(&aeadParams, 0, sizeof(aeadParams)); |
87 + aeadParams.pIv = (unsigned char *) additionalData; | 87 + aeadParams.pIv = (unsigned char *) additionalData; |
88 + aeadParams.ulIvLen = 8; | 88 + aeadParams.ulIvLen = 8; |
89 + aeadParams.pAAD = (unsigned char *) additionalData; | 89 + aeadParams.pAAD = (unsigned char *) additionalData; |
90 + aeadParams.ulAADLen = additionalDataLen; | 90 + aeadParams.ulAADLen = additionalDataLen; |
91 + aeadParams.ulTagBits = tagSize * 8; | 91 + aeadParams.ulTagLen = tagSize; |
92 + | 92 + |
93 + if (doDecrypt) { | 93 + if (doDecrypt) { |
94 + rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | 94 + rv = pk11_decrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
95 + out, &uOutLen, maxout, in, inlen); | 95 + out, &uOutLen, maxout, in, inlen); |
96 + } else { | 96 + } else { |
97 + rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, | 97 + rv = pk11_encrypt(keys->write_key, CKM_NSS_CHACHA20_POLY1305, ¶m, |
98 + out, &uOutLen, maxout, in, inlen); | 98 + out, &uOutLen, maxout, in, inlen); |
99 + } | 99 + } |
100 + *outlen = (int) uOutLen; | 100 + *outlen = (int) uOutLen; |
101 + | 101 + |
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
271 @@ -94,7 +94,8 @@ typedef enum { | 271 @@ -94,7 +94,8 @@ typedef enum { |
272 ssl_calg_aes = 7, | 272 ssl_calg_aes = 7, |
273 ssl_calg_camellia = 8, | 273 ssl_calg_camellia = 8, |
274 ssl_calg_seed = 9, | 274 ssl_calg_seed = 9, |
275 - ssl_calg_aes_gcm = 10 | 275 - ssl_calg_aes_gcm = 10 |
276 + ssl_calg_aes_gcm = 10, | 276 + ssl_calg_aes_gcm = 10, |
277 + ssl_calg_chacha20 = 11 | 277 + ssl_calg_chacha20 = 11 |
278 } SSLCipherAlgorithm; | 278 } SSLCipherAlgorithm; |
279 | 279 |
280 typedef enum { | 280 typedef enum { |
OLD | NEW |