Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(113)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: patches/nss-encrypt-with-sym-key.patch

Issue 12668022: Make CKM_AES_GCM usable. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« mozilla/security/nss/lib/pk11wrap/pk11obj.c ('K') | « patches/nss-aes-gcm.patch ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
(Empty)
1 Index: mozilla/security/nss/lib/pk11wrap/pk11obj.c
2 ===================================================================
3 --- mozilla/security/nss/lib/pk11wrap/pk11obj.c (revision 182578)
4 +++ mozilla/security/nss/lib/pk11wrap/pk11obj.c (working copy)
5 @@ -822,6 +822,93 @@
6 return SECSuccess;
7 }
8
9 +SECStatus
10 +PK11_EncryptWithSymKey(PK11SymKey *symKey,
11 + CK_MECHANISM_TYPE mechanism, SECItem *param,
12 + unsigned char *out, unsigned int *outLen,
13 + unsigned int maxLen,
14 + const unsigned char *data, unsigned dataLen)
15 +{
16 + PK11SlotInfo *slot = symKey->slot;
17 + CK_MECHANISM mech = {0, NULL, 0 };
18 + CK_ULONG len = maxLen;
19 + PRBool owner = PR_TRUE;
20 + CK_SESSION_HANDLE session;
21 + PRBool haslock = PR_FALSE;
22 + CK_RV crv;
23 +
24 + mech.mechanism = mechanism;
25 + if (param) {
26 + mech.pParameter = param->data;
27 + mech.ulParameterLen = param->len;
28 + }
29 +
30 + session = pk11_GetNewSession(slot, &owner);
31 + haslock = (!owner || !slot->isThreadSafe);
32 + if (haslock) PK11_EnterSlotMonitor(slot);
33 + crv = PK11_GETTAB(slot)->C_EncryptInit(session, &mech, symKey->objectID);
34 + if (crv != CKR_OK) {
35 + if (haslock) PK11_ExitSlotMonitor(slot);
36 + pk11_CloseSession(slot,session,owner);
37 + PORT_SetError( PK11_MapError(crv) );
38 + return SECFailure;
39 + }
40 + crv = PK11_GETTAB(slot)->C_Encrypt(session, (unsigned char *)data,
41 + dataLen, out, &len);
42 + if (haslock) PK11_ExitSlotMonitor(slot);
43 + pk11_CloseSession(slot,session,owner);
44 + *outLen = len;
45 + if (crv != CKR_OK) {
46 + PORT_SetError( PK11_MapError(crv) );
47 + return SECFailure;
48 + }
49 + return SECSuccess;
50 +}
51 +
52 +SECStatus
53 +PK11_DecryptWithSymKey(PK11SymKey *symKey,
54 + CK_MECHANISM_TYPE mechanism, SECItem *param,
55 + unsigned char *out, unsigned int *outLen,
56 + unsigned int maxLen,
57 + const unsigned char *enc, unsigned encLen)
58 +{
59 + PK11SlotInfo *slot = symKey->slot;
60 + CK_MECHANISM mech = {0, NULL, 0 };
61 + CK_ULONG len = maxLen;
62 + PRBool owner = PR_TRUE;
63 + CK_SESSION_HANDLE session;
64 + PRBool haslock = PR_FALSE;
65 + CK_RV crv;
66 +
67 + mech.mechanism = mechanism;
68 + if (param) {
69 + mech.pParameter = param->data;
70 + mech.ulParameterLen = param->len;
71 + }
72 +
73 + session = pk11_GetNewSession(slot, &owner);
74 + haslock = (!owner || !slot->isThreadSafe);
75 + if (haslock) PK11_EnterSlotMonitor(slot);
76 + crv = PK11_GETTAB(slot)->C_DecryptInit(session, &mech, symKey->objectID);
77 + if (crv != CKR_OK) {
78 + if (haslock) PK11_ExitSlotMonitor(slot);
79 + pk11_CloseSession(slot, session, owner);
80 + PORT_SetError( PK11_MapError(crv) );
81 + return SECFailure;
82 + }
83 +
84 + crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen,
85 + out, &len);
86 + if (haslock) PK11_ExitSlotMonitor(slot);
87 + pk11_CloseSession(slot, session, owner);
88 + *outLen = len;
89 + if (crv != CKR_OK) {
90 + PORT_SetError( PK11_MapError(crv) );
91 + return SECFailure;
92 + }
93 + return SECSuccess;
94 +}
95 +
96 /*
97 * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use
98 * RSA keys, or they'll fail. We do the checks up front. If anyone comes
99 Index: mozilla/security/nss/lib/pk11wrap/pk11pub.h
100 ===================================================================
101 --- mozilla/security/nss/lib/pk11wrap/pk11pub.h (revision 182578)
102 +++ mozilla/security/nss/lib/pk11wrap/pk11pub.h (working copy)
103 @@ -508,6 +508,17 @@
104 void *wincx);
105 int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key);
106
107 +SECStatus PK11_EncryptWithSymKey(PK11SymKey *symKey,
108 + CK_MECHANISM_TYPE mechanism, SECItem *param,
109 + unsigned char *out, unsigned int *outLen,
110 + unsigned int maxLen,
111 + const unsigned char *data, unsigned dataLen);
112 +SECStatus PK11_DecryptWithSymKey(PK11SymKey *symkey,
113 + CK_MECHANISM_TYPE mechanism, SECItem *param,
114 + unsigned char *out, unsigned int *outLen,
115 + unsigned int maxLen,
116 + const unsigned char *enc, unsigned encLen);
117 +
118 /* note: despite the name, this function takes a private key. */
119 SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
120 unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen);
OLDNEW
« mozilla/security/nss/lib/pk11wrap/pk11obj.c ('K') | « patches/nss-aes-gcm.patch ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698