Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(670)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/softoken/tlsprf.c

Issue 13898013: Update NSS to NSS_3_15_BETA2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Update NSS versions and tag in README.chromium Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« nss/lib/pkcs7/p7decode.c ('K') | « nss/lib/softoken/softkver.h ('k') | nss/lib/ssl/sslerr.h » ('j') | nss/lib/util/secitem.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* tlsprf.c - TLS Pseudo Random Function (PRF) implementation 1 /* tlsprf.c - TLS Pseudo Random Function (PRF) implementation
2 * 2 *
3 * This Source Code Form is subject to the terms of the Mozilla Public 3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this 4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 /* $Id$ */ 6 /* $Id$ */
7 7
8 #include "pkcs11i.h" 8 #include "pkcs11i.h"
9 #include "blapi.h" 9 #include "blapi.h"
10 10
11 #define SFTK_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb))) 11 #define SFTK_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
12 12
13 static void sftk_TLSPRFNull(void *data, PRBool freeit) 13 static void sftk_TLSPRFNull(void *data, PRBool freeit)
14 { 14 {
15 return; 15 return;
16 } 16 }
17 17
18 typedef struct { 18 typedef struct {
19 PRUint32 cxSize; /* size of allocated block, in bytes. */ 19 PRUint32 cxSize; /* size of allocated block, in bytes. */
20 PRUint32 cxBufSize; /* sizeof buffer at cxBufPtr. */ 20 PRUint32 cxBufSize; /* sizeof buffer at cxBufPtr. */
21 unsigned char *cxBufPtr; /* points to real buffer, may be cxBuf. */ 21 unsigned char *cxBufPtr; /* points to real buffer, may be cxBuf. */
22 PRUint32 cxKeyLen; /* bytes of cxBufPtr containing key. */ 22 PRUint32 cxKeyLen; /* bytes of cxBufPtr containing key. */
23 PRUint32 cxDataLen; /* bytes of cxBufPtr containing data. */ 23 PRUint32 cxDataLen; /* bytes of cxBufPtr containing data. */
24 SECStatus cxRv; /* records failure of void functions. */ 24 SECStatus cxRv; /* records failure of void functions. */
25 PRBool cxIsFIPS; /* true if conforming to FIPS 198. */ 25 PRBool cxIsFIPS; /* true if conforming to FIPS 198. */
26 HASH_HashType cxHashAlg; /* hash algorithm to use for TLS 1.2+ */
26 unsigned char cxBuf[512]; /* actual size may be larger than 512. */ 27 unsigned char cxBuf[512]; /* actual size may be larger than 512. */
27 } TLSPRFContext; 28 } TLSPRFContext;
28 29
29 static void 30 static void
30 sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data, 31 sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
31 unsigned int data_len) 32 unsigned int data_len)
32 { 33 {
33 PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen; 34 PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen;
34 35
35 if (cx->cxRv != SECSuccess) /* function has previously failed. */ 36 if (cx->cxRv != SECSuccess) /* function has previously failed. */
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
82 83
83 secretItem.data = cx->cxBufPtr; 84 secretItem.data = cx->cxBufPtr;
84 secretItem.len = cx->cxKeyLen; 85 secretItem.len = cx->cxKeyLen;
85 86
86 seedItem.data = cx->cxBufPtr + cx->cxKeyLen; 87 seedItem.data = cx->cxBufPtr + cx->cxKeyLen;
87 seedItem.len = cx->cxDataLen; 88 seedItem.len = cx->cxDataLen;
88 89
89 sigItem.data = sig; 90 sigItem.data = sig;
90 sigItem.len = maxLen; 91 sigItem.len = maxLen;
91 92
92 rv = TLS_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS); 93 if (cx->cxHashAlg != HASH_AlgNULL) {
94 » rv = TLS_P_hash(cx->cxHashAlg, &secretItem, NULL, &seedItem, &sigItem,
95 » » » cx->cxIsFIPS);
96 } else {
97 » rv = TLS_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
98 }
93 if (rv == SECSuccess && sigLen != NULL) 99 if (rv == SECSuccess && sigLen != NULL)
94 *sigLen = sigItem.len; 100 *sigLen = sigItem.len;
95 return rv; 101 return rv;
96 102
97 } 103 }
98 104
99 static SECStatus 105 static SECStatus
100 sftk_TLSPRFVerify(TLSPRFContext *cx, 106 sftk_TLSPRFVerify(TLSPRFContext *cx,
101 unsigned char *sig, /* input, for comparison. */ 107 unsigned char *sig, /* input, for comparison. */
102 unsigned int sigLen, /* length of sig. */ 108 unsigned int sigLen, /* length of sig. */
(...skipping 26 matching lines...) Expand all
129 if (freeit) { 135 if (freeit) {
130 if (cx->cxBufPtr != cx->cxBuf) 136 if (cx->cxBufPtr != cx->cxBuf)
131 PORT_ZFree(cx->cxBufPtr, cx->cxBufSize); 137 PORT_ZFree(cx->cxBufPtr, cx->cxBufSize);
132 PORT_ZFree(cx, cx->cxSize); 138 PORT_ZFree(cx, cx->cxSize);
133 } 139 }
134 } 140 }
135 141
136 CK_RV 142 CK_RV
137 sftk_TLSPRFInit(SFTKSessionContext *context, 143 sftk_TLSPRFInit(SFTKSessionContext *context,
138 SFTKObject * key, 144 SFTKObject * key,
139 » » CK_KEY_TYPE key_type) 145 » » CK_KEY_TYPE key_type,
146 » » HASH_HashType hash_alg)
140 { 147 {
141 SFTKAttribute * keyVal; 148 SFTKAttribute * keyVal;
142 TLSPRFContext * prf_cx; 149 TLSPRFContext * prf_cx;
143 CK_RV crv = CKR_HOST_MEMORY; 150 CK_RV crv = CKR_HOST_MEMORY;
144 PRUint32 keySize; 151 PRUint32 keySize;
145 PRUint32 blockSize; 152 PRUint32 blockSize;
146 153
147 if (key_type != CKK_GENERIC_SECRET) 154 if (key_type != CKK_GENERIC_SECRET)
148 return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */ 155 return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */
149 156
150 context->multi = PR_TRUE; 157 context->multi = PR_TRUE;
151 158
152 keyVal = sftk_FindAttribute(key, CKA_VALUE); 159 keyVal = sftk_FindAttribute(key, CKA_VALUE);
153 keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen; 160 keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
154 blockSize = keySize + sizeof(TLSPRFContext); 161 blockSize = keySize + sizeof(TLSPRFContext);
155 prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize); 162 prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
156 if (!prf_cx) 163 if (!prf_cx)
157 goto done; 164 goto done;
158 prf_cx->cxSize = blockSize; 165 prf_cx->cxSize = blockSize;
159 prf_cx->cxKeyLen = keySize; 166 prf_cx->cxKeyLen = keySize;
160 prf_cx->cxDataLen = 0; 167 prf_cx->cxDataLen = 0;
161 prf_cx->cxBufSize = blockSize - SFTK_OFFSETOF(TLSPRFContext, cxBuf); 168 prf_cx->cxBufSize = blockSize - SFTK_OFFSETOF(TLSPRFContext, cxBuf);
162 prf_cx->cxRv = SECSuccess; 169 prf_cx->cxRv = SECSuccess;
163 prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID); 170 prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID);
164 prf_cx->cxBufPtr = prf_cx->cxBuf; 171 prf_cx->cxBufPtr = prf_cx->cxBuf;
172 prf_cx->cxHashAlg = hash_alg;
165 if (keySize) 173 if (keySize)
166 PORT_Memcpy(prf_cx->cxBufPtr, keyVal->attrib.pValue, keySize); 174 PORT_Memcpy(prf_cx->cxBufPtr, keyVal->attrib.pValue, keySize);
167 175
168 context->hashInfo = (void *) prf_cx; 176 context->hashInfo = (void *) prf_cx;
169 context->cipherInfo = (void *) prf_cx; 177 context->cipherInfo = (void *) prf_cx;
170 context->hashUpdate = (SFTKHash) sftk_TLSPRFHashUpdate; 178 context->hashUpdate = (SFTKHash) sftk_TLSPRFHashUpdate;
171 context->end = (SFTKEnd) sftk_TLSPRFEnd; 179 context->end = (SFTKEnd) sftk_TLSPRFEnd;
172 context->update = (SFTKCipher) sftk_TLSPRFUpdate; 180 context->update = (SFTKCipher) sftk_TLSPRFUpdate;
173 context->verify = (SFTKVerify) sftk_TLSPRFVerify; 181 context->verify = (SFTKVerify) sftk_TLSPRFVerify;
174 context->destroy = (SFTKDestroy) sftk_TLSPRFNull; 182 context->destroy = (SFTKDestroy) sftk_TLSPRFNull;
175 context->hashdestroy = (SFTKDestroy) sftk_TLSPRFHashDestroy; 183 context->hashdestroy = (SFTKDestroy) sftk_TLSPRFHashDestroy;
176 crv = CKR_OK; 184 crv = CKR_OK;
177 185
178 done: 186 done:
179 if (keyVal) 187 if (keyVal)
180 sftk_FreeAttribute(keyVal); 188 sftk_FreeAttribute(keyVal);
181 return crv; 189 return crv;
182 } 190 }
183 191
OLDNEW
« nss/lib/pkcs7/p7decode.c ('K') | « nss/lib/softoken/softkver.h ('k') | nss/lib/ssl/sslerr.h » ('j') | nss/lib/util/secitem.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698