diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-04-02 12:47:17 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-04-02 12:47:17 +0200 |
| commit | 51e6c2cf481abb06ba66be9242bdc64b298d8af1 (patch) | |
| tree | 5653f4627a356c7a14cec3b3468133d077027e72 | |
| parent | 83d42644967d490d79b4c4039a473fbc79f0a116 (diff) | |
| download | uxp-51e6c2cf481abb06ba66be9242bdc64b298d8af1.tar.gz | |
Issue #1462 - Part 3: Add Camellia-GCM capabilities to NSS
| -rw-r--r-- | security/nss/lib/pk11wrap/debug_module.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/pk11wrap/pk11mech.c | 2 | ||||
| -rw-r--r-- | security/nss/lib/pk11wrap/pk11slot.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/softoken/pkcs11.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 66 | ||||
| -rw-r--r-- | security/nss/lib/ssl/sslinfo.c | 1 | ||||
| -rw-r--r-- | security/nss/lib/ssl/sslspec.c | 4 | ||||
| -rw-r--r-- | security/nss/lib/ssl/sslspec.h | 2 |
8 files changed, 78 insertions, 0 deletions
diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c index 6dddb24b4f..f1f33103d6 100644 --- a/security/nss/lib/pk11wrap/debug_module.c +++ b/security/nss/lib/pk11wrap/debug_module.c @@ -409,6 +409,7 @@ print_mechanism(CK_MECHANISM_PTR m) CASE(CKM_CAMELLIA_KEY_GEN); CASE(CKM_CAMELLIA_MAC); CASE(CKM_CAMELLIA_MAC_GENERAL); + CASE(CKM_CAMELLIA_GCM); CASE(CKM_CDMF_CBC); CASE(CKM_CDMF_CBC_PAD); CASE(CKM_CDMF_ECB); diff --git a/security/nss/lib/pk11wrap/pk11mech.c b/security/nss/lib/pk11wrap/pk11mech.c index cfbe45b220..531713a384 100644 --- a/security/nss/lib/pk11wrap/pk11mech.c +++ b/security/nss/lib/pk11wrap/pk11mech.c @@ -223,6 +223,7 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) case CKM_CAMELLIA_MAC_GENERAL: case CKM_CAMELLIA_CBC_PAD: case CKM_CAMELLIA_KEY_GEN: + case CKM_CAMELLIA_GCM: return CKK_CAMELLIA; case CKM_NSS_CHACHA20_POLY1305: case CKM_NSS_CHACHA20_KEY_GEN: @@ -443,6 +444,7 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size) case CKM_CAMELLIA_MAC_GENERAL: case CKM_CAMELLIA_CBC_PAD: case CKM_CAMELLIA_KEY_GEN: + case CKM_CAMELLIA_GCM: return CKM_CAMELLIA_KEY_GEN; case CKM_NSS_CHACHA20_POLY1305: case CKM_NSS_CHACHA20_CTR: diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c index c44ed9b49e..2b741ab271 100644 --- a/security/nss/lib/pk11wrap/pk11slot.c +++ b/security/nss/lib/pk11wrap/pk11slot.c @@ -879,6 +879,7 @@ PK11_GetSlotList(CK_MECHANISM_TYPE type) return &pk11_seedSlotList; case CKM_CAMELLIA_CBC: case CKM_CAMELLIA_ECB: + case CKM_CAMELLIA_GCM: return &pk11_camelliaSlotList; case CKM_AES_CBC: case CKM_AES_CCM: diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index 6c535cf77e..10e564d028 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -339,6 +339,7 @@ static const struct mechanismList mechanisms[] = { { CKM_CAMELLIA_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE }, { CKM_CAMELLIA_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE }, { CKM_CAMELLIA_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE }, + { CKM_CAMELLIA_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE}, /* ------------------------- SEED Operations --------------------------- */ { CKM_SEED_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE }, { CKM_SEED_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE }, diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 73df7b6577..92ba47a01e 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -401,6 +401,7 @@ static const SSLCipher2Mech alg2Mech[] = { { ssl_calg_camellia, CKM_CAMELLIA_CBC }, { ssl_calg_seed, CKM_SEED_CBC }, { ssl_calg_aes_gcm, CKM_AES_GCM }, + { ssl_calg_camellia_gcm , CKM_CAMELLIA_GCM }, { ssl_calg_chacha20, CKM_NSS_CHACHA20_POLY1305 }, }; @@ -1816,6 +1817,68 @@ ssl3_AESGCM(const ssl3KeyMaterial *keys, } static SECStatus +ssl3_CamelliaGCM(const ssl3KeyMaterial *keys, + PRBool doDecrypt, + unsigned char *out, + unsigned int *outlen, + unsigned int maxout, + const unsigned char *in, + unsigned int inlen, + const unsigned char *additionalData, + unsigned int additionalDataLen) +{ + SECItem param; + SECStatus rv = SECFailure; + unsigned char nonce[12]; + unsigned int uOutLen; + CK_GCM_PARAMS gcmParams; + + const int tagSize = 16; + const int explicitNonceLen = 8; + + /* See https://tools.ietf.org/html/rfc5288#section-3 for details of how the + * nonce is formed. */ + memcpy(nonce, keys->iv, 4); + if (doDecrypt) { + memcpy(nonce + 4, in, explicitNonceLen); + in += explicitNonceLen; + inlen -= explicitNonceLen; + *outlen = 0; + } else { + if (maxout < explicitNonceLen) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + /* Use the 64-bit sequence number as the explicit nonce. */ + memcpy(nonce + 4, additionalData, explicitNonceLen); + memcpy(out, additionalData, explicitNonceLen); + out += explicitNonceLen; + maxout -= explicitNonceLen; + *outlen = explicitNonceLen; + } + + param.type = siBuffer; + param.data = (unsigned char *)&gcmParams; + param.len = sizeof(gcmParams); + gcmParams.pIv = nonce; + gcmParams.ulIvLen = sizeof(nonce); + gcmParams.pAAD = (unsigned char *)additionalData; /* const cast */ + gcmParams.ulAADLen = additionalDataLen; + gcmParams.ulTagBits = tagSize * 8; + + if (doDecrypt) { + rv = PK11_Decrypt(keys->key, CKM_CAMELLIA_GCM, ¶m, out, &uOutLen, + maxout, in, inlen); + } else { + rv = PK11_Encrypt(keys->key, CKM_CAMELLIA_GCM, ¶m, out, &uOutLen, + maxout, in, inlen); + } + *outlen += (int)uOutLen; + + return rv; +} + +static SECStatus ssl3_ChaCha20Poly1305(const ssl3KeyMaterial *keys, PRBool doDecrypt, unsigned char *out, unsigned int *outlen, unsigned int maxout, const unsigned char *in, unsigned int inlen, @@ -1892,6 +1955,9 @@ ssl3_InitPendingContexts(sslSocket *ss, ssl3CipherSpec *spec) case ssl_calg_aes_gcm: spec->aead = ssl3_AESGCM; break; + case ssl_calg_camellia_gcm: + spec->aead = ssl3_CamelliaGCM; + break; case ssl_calg_chacha20: spec->aead = ssl3_ChaCha20Poly1305; break; diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c index 6d5a39cc81..56afde8324 100644 --- a/security/nss/lib/ssl/sslinfo.c +++ b/security/nss/lib/ssl/sslinfo.c @@ -210,6 +210,7 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd, #define C_SJ "SKIPJACK", ssl_calg_sj #define C_AESGCM "AES-GCM", ssl_calg_aes_gcm #define C_CHACHA20 "CHACHA20POLY1305", ssl_calg_chacha20 +#define C_CAMELLIAGCM "CAMELLIA-GCM", ssl_calg_camellia_gcm /* "block cipher" sizes */ #define B_256 256, 256, 256 diff --git a/security/nss/lib/ssl/sslspec.c b/security/nss/lib/ssl/sslspec.c index def3c67505..c79f889865 100644 --- a/security/nss/lib/ssl/sslspec.c +++ b/security/nss/lib/ssl/sslspec.c @@ -56,6 +56,10 @@ static const ssl3BulkCipherDef ssl_bulk_cipher_defs[] = { SEC_OID_AES_256_GCM, "AES-256-GCM", MR_128}, {cipher_chacha20, ssl_calg_chacha20, 32,32, type_aead, 12, 0,16, 0, SEC_OID_CHACHA20_POLY1305, "ChaCha20-Poly1305", MR_MAX}, + {cipher_camellia_128_gcm, ssl_calg_camellia_gcm, 16,16, type_aead, 4, 0,16, 8, + SEC_OID_CAMELLIA_128_GCM, "Camellia-128-GCM", MR_128}, + {cipher_camellia_256_gcm, ssl_calg_camellia_gcm, 32,32, type_aead, 4, 0,16, 8, + SEC_OID_CAMELLIA_256_GCM, "Camellia-256-GCM", MR_128}, {cipher_missing, ssl_calg_null, 0, 0, type_stream, 0, 0, 0, 0, SEC_OID_UNKNOWN, "missing", 0U}, }; diff --git a/security/nss/lib/ssl/sslspec.h b/security/nss/lib/ssl/sslspec.h index ca9ef540fb..66774d8df8 100644 --- a/security/nss/lib/ssl/sslspec.h +++ b/security/nss/lib/ssl/sslspec.h @@ -43,6 +43,8 @@ typedef enum { cipher_aes_128_gcm, cipher_aes_256_gcm, cipher_chacha20, + cipher_camellia_128_gcm, + cipher_camellia_256_gcm, cipher_missing /* reserved for no such supported cipher */ /* This enum must match ssl3_cipherName[] in ssl3con.c. */ } SSL3BulkCipher; |