summaryrefslogtreecommitdiff
path: root/security/nss
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2020-04-02 12:47:17 +0200
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-04-02 12:47:17 +0200
commit51e6c2cf481abb06ba66be9242bdc64b298d8af1 (patch)
tree5653f4627a356c7a14cec3b3468133d077027e72 /security/nss
parent83d42644967d490d79b4c4039a473fbc79f0a116 (diff)
downloaduxp-51e6c2cf481abb06ba66be9242bdc64b298d8af1.tar.gz
Issue #1462 - Part 3: Add Camellia-GCM capabilities to NSS
Diffstat (limited to 'security/nss')
-rw-r--r--security/nss/lib/pk11wrap/debug_module.c1
-rw-r--r--security/nss/lib/pk11wrap/pk11mech.c2
-rw-r--r--security/nss/lib/pk11wrap/pk11slot.c1
-rw-r--r--security/nss/lib/softoken/pkcs11.c1
-rw-r--r--security/nss/lib/ssl/ssl3con.c66
-rw-r--r--security/nss/lib/ssl/sslinfo.c1
-rw-r--r--security/nss/lib/ssl/sslspec.c4
-rw-r--r--security/nss/lib/ssl/sslspec.h2
8 files changed, 78 insertions, 0 deletions
diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c
index 6dddb24b4f..f1f33103d6 100644
--- a/security/nss/lib/pk11wrap/debug_module.c
+++ b/security/nss/lib/pk11wrap/debug_module.c
@@ -409,6 +409,7 @@ print_mechanism(CK_MECHANISM_PTR m)
CASE(CKM_CAMELLIA_KEY_GEN);
CASE(CKM_CAMELLIA_MAC);
CASE(CKM_CAMELLIA_MAC_GENERAL);
+ CASE(CKM_CAMELLIA_GCM);
CASE(CKM_CDMF_CBC);
CASE(CKM_CDMF_CBC_PAD);
CASE(CKM_CDMF_ECB);
diff --git a/security/nss/lib/pk11wrap/pk11mech.c b/security/nss/lib/pk11wrap/pk11mech.c
index cfbe45b220..531713a384 100644
--- a/security/nss/lib/pk11wrap/pk11mech.c
+++ b/security/nss/lib/pk11wrap/pk11mech.c
@@ -223,6 +223,7 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len)
case CKM_CAMELLIA_MAC_GENERAL:
case CKM_CAMELLIA_CBC_PAD:
case CKM_CAMELLIA_KEY_GEN:
+ case CKM_CAMELLIA_GCM:
return CKK_CAMELLIA;
case CKM_NSS_CHACHA20_POLY1305:
case CKM_NSS_CHACHA20_KEY_GEN:
@@ -443,6 +444,7 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size)
case CKM_CAMELLIA_MAC_GENERAL:
case CKM_CAMELLIA_CBC_PAD:
case CKM_CAMELLIA_KEY_GEN:
+ case CKM_CAMELLIA_GCM:
return CKM_CAMELLIA_KEY_GEN;
case CKM_NSS_CHACHA20_POLY1305:
case CKM_NSS_CHACHA20_CTR:
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
index c44ed9b49e..2b741ab271 100644
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ b/security/nss/lib/pk11wrap/pk11slot.c
@@ -879,6 +879,7 @@ PK11_GetSlotList(CK_MECHANISM_TYPE type)
return &pk11_seedSlotList;
case CKM_CAMELLIA_CBC:
case CKM_CAMELLIA_ECB:
+ case CKM_CAMELLIA_GCM:
return &pk11_camelliaSlotList;
case CKM_AES_CBC:
case CKM_AES_CCM:
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
index 6c535cf77e..10e564d028 100644
--- a/security/nss/lib/softoken/pkcs11.c
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -339,6 +339,7 @@ static const struct mechanismList mechanisms[] = {
{ CKM_CAMELLIA_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
{ CKM_CAMELLIA_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
{ CKM_CAMELLIA_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAMELLIA_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE},
/* ------------------------- SEED Operations --------------------------- */
{ CKM_SEED_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
{ CKM_SEED_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 73df7b6577..92ba47a01e 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -401,6 +401,7 @@ static const SSLCipher2Mech alg2Mech[] = {
{ ssl_calg_camellia, CKM_CAMELLIA_CBC },
{ ssl_calg_seed, CKM_SEED_CBC },
{ ssl_calg_aes_gcm, CKM_AES_GCM },
+ { ssl_calg_camellia_gcm , CKM_CAMELLIA_GCM },
{ ssl_calg_chacha20, CKM_NSS_CHACHA20_POLY1305 },
};
@@ -1816,6 +1817,68 @@ ssl3_AESGCM(const ssl3KeyMaterial *keys,
}
static SECStatus
+ssl3_CamelliaGCM(const ssl3KeyMaterial *keys,
+ PRBool doDecrypt,
+ unsigned char *out,
+ unsigned int *outlen,
+ unsigned int maxout,
+ const unsigned char *in,
+ unsigned int inlen,
+ const unsigned char *additionalData,
+ unsigned int additionalDataLen)
+{
+ SECItem param;
+ SECStatus rv = SECFailure;
+ unsigned char nonce[12];
+ unsigned int uOutLen;
+ CK_GCM_PARAMS gcmParams;
+
+ const int tagSize = 16;
+ const int explicitNonceLen = 8;
+
+ /* See https://tools.ietf.org/html/rfc5288#section-3 for details of how the
+ * nonce is formed. */
+ memcpy(nonce, keys->iv, 4);
+ if (doDecrypt) {
+ memcpy(nonce + 4, in, explicitNonceLen);
+ in += explicitNonceLen;
+ inlen -= explicitNonceLen;
+ *outlen = 0;
+ } else {
+ if (maxout < explicitNonceLen) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ return SECFailure;
+ }
+ /* Use the 64-bit sequence number as the explicit nonce. */
+ memcpy(nonce + 4, additionalData, explicitNonceLen);
+ memcpy(out, additionalData, explicitNonceLen);
+ out += explicitNonceLen;
+ maxout -= explicitNonceLen;
+ *outlen = explicitNonceLen;
+ }
+
+ param.type = siBuffer;
+ param.data = (unsigned char *)&gcmParams;
+ param.len = sizeof(gcmParams);
+ gcmParams.pIv = nonce;
+ gcmParams.ulIvLen = sizeof(nonce);
+ gcmParams.pAAD = (unsigned char *)additionalData; /* const cast */
+ gcmParams.ulAADLen = additionalDataLen;
+ gcmParams.ulTagBits = tagSize * 8;
+
+ if (doDecrypt) {
+ rv = PK11_Decrypt(keys->key, CKM_CAMELLIA_GCM, &param, out, &uOutLen,
+ maxout, in, inlen);
+ } else {
+ rv = PK11_Encrypt(keys->key, CKM_CAMELLIA_GCM, &param, out, &uOutLen,
+ maxout, in, inlen);
+ }
+ *outlen += (int)uOutLen;
+
+ return rv;
+}
+
+static SECStatus
ssl3_ChaCha20Poly1305(const ssl3KeyMaterial *keys, PRBool doDecrypt,
unsigned char *out, unsigned int *outlen, unsigned int maxout,
const unsigned char *in, unsigned int inlen,
@@ -1892,6 +1955,9 @@ ssl3_InitPendingContexts(sslSocket *ss, ssl3CipherSpec *spec)
case ssl_calg_aes_gcm:
spec->aead = ssl3_AESGCM;
break;
+ case ssl_calg_camellia_gcm:
+ spec->aead = ssl3_CamelliaGCM;
+ break;
case ssl_calg_chacha20:
spec->aead = ssl3_ChaCha20Poly1305;
break;
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
index 6d5a39cc81..56afde8324 100644
--- a/security/nss/lib/ssl/sslinfo.c
+++ b/security/nss/lib/ssl/sslinfo.c
@@ -210,6 +210,7 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
#define C_SJ "SKIPJACK", ssl_calg_sj
#define C_AESGCM "AES-GCM", ssl_calg_aes_gcm
#define C_CHACHA20 "CHACHA20POLY1305", ssl_calg_chacha20
+#define C_CAMELLIAGCM "CAMELLIA-GCM", ssl_calg_camellia_gcm
/* "block cipher" sizes */
#define B_256 256, 256, 256
diff --git a/security/nss/lib/ssl/sslspec.c b/security/nss/lib/ssl/sslspec.c
index def3c67505..c79f889865 100644
--- a/security/nss/lib/ssl/sslspec.c
+++ b/security/nss/lib/ssl/sslspec.c
@@ -56,6 +56,10 @@ static const ssl3BulkCipherDef ssl_bulk_cipher_defs[] = {
SEC_OID_AES_256_GCM, "AES-256-GCM", MR_128},
{cipher_chacha20, ssl_calg_chacha20, 32,32, type_aead, 12, 0,16, 0,
SEC_OID_CHACHA20_POLY1305, "ChaCha20-Poly1305", MR_MAX},
+ {cipher_camellia_128_gcm, ssl_calg_camellia_gcm, 16,16, type_aead, 4, 0,16, 8,
+ SEC_OID_CAMELLIA_128_GCM, "Camellia-128-GCM", MR_128},
+ {cipher_camellia_256_gcm, ssl_calg_camellia_gcm, 32,32, type_aead, 4, 0,16, 8,
+ SEC_OID_CAMELLIA_256_GCM, "Camellia-256-GCM", MR_128},
{cipher_missing, ssl_calg_null, 0, 0, type_stream, 0, 0, 0, 0,
SEC_OID_UNKNOWN, "missing", 0U},
};
diff --git a/security/nss/lib/ssl/sslspec.h b/security/nss/lib/ssl/sslspec.h
index ca9ef540fb..66774d8df8 100644
--- a/security/nss/lib/ssl/sslspec.h
+++ b/security/nss/lib/ssl/sslspec.h
@@ -43,6 +43,8 @@ typedef enum {
cipher_aes_128_gcm,
cipher_aes_256_gcm,
cipher_chacha20,
+ cipher_camellia_128_gcm,
+ cipher_camellia_256_gcm,
cipher_missing /* reserved for no such supported cipher */
/* This enum must match ssl3_cipherName[] in ssl3con.c. */
} SSL3BulkCipher;