Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-12-02 01:48:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out changeset 4ea43e2a1cfe (bug 1445731) for build bustages at /src/security/nss/lib/freebl/verified/Hacl_Poly1305_32 UPGRADE_NSS_RELEASE on a CLOSED TREE

Browse Source 
--HG--
extra : amend_source : e796e93d1564e3e2b027706bc1ceecb3ba522658
This commit is contained in:
Andreea Pavel 2018-03-14 23:40:59 +02:00
parent 1dff7556da
commit 6806e8f5fb
105 changed files with 2038 additions and 1611 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/nss/TAG-INFO
View File

@ -1 +1 @@
1053cc7b45a2
NSS_3_36_RTM

28
security/nss/automation/abi-check/expected-report-libssl3.so.txt
View File

@ -0,0 +1,28 @@
1 function with some indirect sub-type change:
[C]'function SECStatus SSL_GetChannelInfo(PRFileDesc*, SSLChannelInfo*, PRUintn)' at sslinfo.c:12:1 has some indirect sub-type changes:
parameter 2 of type 'SSLChannelInfo*' has sub-type changes:
in pointed to type 'typedef SSLChannelInfo' at sslt.h:318:1:
underlying type 'struct SSLChannelInfoStr' at sslt.h:259:1 changed:
type size hasn't changed
1 data member change:
type of 'SSLSignatureScheme SSLChannelInfoStr::signatureScheme' changed:
underlying type 'enum __anonymous_enum__' at sslt.h:115:1 changed:
type size hasn't changed
3 enumerator deletions:
'__anonymous_enum__::ssl_sig_rsa_pss_sha256' value '2052'
'__anonymous_enum__::ssl_sig_rsa_pss_sha384' value '2053'
'__anonymous_enum__::ssl_sig_rsa_pss_sha512' value '2054'
6 enumerator insertions:
'__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha256' value '2052'
'__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha384' value '2053'
'__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha512' value '2054'
'__anonymous_enum__::ssl_sig_rsa_pss_pss_sha256' value '2057'
'__anonymous_enum__::ssl_sig_rsa_pss_pss_sha384' value '2058'
'__anonymous_enum__::ssl_sig_rsa_pss_pss_sha512' value '2059'

2
security/nss/automation/abi-check/previous-nss-release
View File

@ -1 +1 @@
NSS_3_36_BRANCH
NSS_3_35_BRANCH

4
security/nss/automation/taskcluster/docker-hacl/Dockerfile
View File

@ -5,11 +5,11 @@ MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com>
# the original F* formula with Daniel Fabian
# Pinned versions of HACL* (F* and KreMLin are pinned as submodules)
ENV haclrepo https://github.com/mitls/hacl-star.git
ENV haclrepo https://github.com/franziskuskiefer/hacl-star.git
# Define versions of dependencies
ENV opamv 4.04.2
ENV haclversion 426abe1c4e55f3e569bd9815d52bffc4daac44e5
ENV haclversion 668d6cf274c33bbe2e951e3a84b73f2b6442a51f
# Install required packages and set versions
ADD setup.sh /tmp/setup.sh

3
security/nss/automation/taskcluster/scripts/run_hacl.sh
View File

@ -12,6 +12,9 @@ set -e -x -v
# The extracted C code from HACL* is already generated and the HACL* tests were
# successfully executed.
# Verify Poly1305 (doesn't work in docker image build)
make verify -C ~/hacl-star/code/poly1305 -j$(nproc)
# Add license header to specs
spec_files=($(find ~/hacl-star/specs -type f -name '*.fst'))
for f in "${spec_files[@]}"; do

6
security/nss/cmd/bltest/blapitest.c
View File

@ -3724,7 +3724,7 @@ main(int argc, char **argv)
/* test the RSA_PopulatePrivateKey function */
if (bltest.commands[cmd_RSAPopulate].activated) {
unsigned int keySize = 1024;
unsigned long keyExponent = 65537;
unsigned long exponent = 65537;
int rounds = 1;
int ret = -1;
@ -3735,12 +3735,12 @@ main(int argc, char **argv)
rounds = PORT_Atoi(bltest.options[opt_Rounds].arg);
}
if (bltest.options[opt_Exponent].activated) {
keyExponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
}
for (i = 0; i < rounds; i++) {
printf("Running RSA Populate test round %d\n", i);
ret = doRSAPopulateTest(keySize, keyExponent);
ret = doRSAPopulateTest(keySize, exponent);
if (ret != 0) {
break;
}

48
security/nss/cmd/certutil/certutil.c
View File

@ -782,17 +782,17 @@ ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
fprintf(stdout, "%s: certificate is valid\n", progName);
GEN_BREAK(SECSuccess)
} else {
char *nick;
char *name;
CERTVerifyLogNode *node;
node = log->head;
while (node) {
if (node->cert->nickname != NULL) {
nick = node->cert->nickname;
name = node->cert->nickname;
} else {
nick = node->cert->subjectName;
name = node->cert->subjectName;
}
fprintf(stderr, "%s : %s\n", nick,
fprintf(stderr, "%s : %s\n", name,
SECU_Strerror(node->error));
CERT_DestroyCertificate(node->cert);
node = node->next;
@ -845,7 +845,7 @@ SECItemToHex(const SECItem *item, char *dst)
}
static const char *const keyTypeName[] = {
"null", "rsa", "dsa", "fortezza", "dh", "kea", "ec", "rsaPss"
"null", "rsa", "dsa", "fortezza", "dh", "kea", "ec"
};
#define MAX_CKA_ID_BIN_LEN 20
@ -999,7 +999,7 @@ DeleteKey(char *nickname, secuPWData *pwdata)
slot = PK11_GetInternalKeySlot();
if (PK11_NeedLogin(slot)) {
rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
SECStatus rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
if (rv != SECSuccess) {
SECU_PrintError(progName, "could not authenticate to token %s.",
PK11_GetTokenName(slot));
@ -1066,7 +1066,7 @@ PrintBuildFlags()
}
static void
PrintSyntax()
PrintSyntax(char *progName)
{
#define FPS fprintf(stderr,
FPS "Type %s -H for more detailed descriptions\n", progName);
@ -1838,7 +1838,7 @@ luBuildFlags(enum usage_level ul, const char *command)
}
static void
LongUsage(enum usage_level ul, const char *command)
LongUsage(char *progName, enum usage_level ul, const char *command)
{
luA(ul, command);
luB(ul, command);
@ -1866,14 +1866,14 @@ LongUsage(enum usage_level ul, const char *command)
}
static void
Usage()
Usage(char *progName)
{
PR_fprintf(PR_STDERR,
"%s - Utility to manipulate NSS certificate databases\n\n"
"Usage: %s <command> -d <database-directory> <options>\n\n"
"Valid commands:\n",
progName, progName);
LongUsage(usage_selected, NULL);
LongUsage(progName, usage_selected, NULL);
PR_fprintf(PR_STDERR, "\n"
"%s -H <command> : Print available options for the given command\n"
"%s -H : Print complete help output of all commands and options\n"
@ -2269,10 +2269,10 @@ flagArray opFlagsArray[] =
{ NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER },
{ NAME_SIZE(wrap), CKF_WRAP },
{ NAME_SIZE(unwrap), CKF_UNWRAP },
{ NAME_SIZE(derive), CKF_DERIVE }
{ NAME_SIZE(derive), CKF_DERIVE },
};
int opFlagsCount = PR_ARRAY_SIZE(opFlagsArray);
int opFlagsCount = sizeof(opFlagsArray) / sizeof(flagArray);
flagArray attrFlagsArray[] =
{
@ -2286,13 +2286,14 @@ flagArray attrFlagsArray[] =
{ NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE },
{ NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE },
{ NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE }
};
int attrFlagsCount = PR_ARRAY_SIZE(attrFlagsArray);
int attrFlagsCount = sizeof(attrFlagsArray) / sizeof(flagArray);
#define MAX_STRING 30
CK_ULONG
GetFlags(char *flagsString, flagArray *flags, int count)
GetFlags(char *flagsString, flagArray *flagArray, int count)
{
CK_ULONG flagsValue = strtol(flagsString, NULL, 0);
int i;
@ -2302,10 +2303,10 @@ GetFlags(char *flagsString, flagArray *flags, int count)
}
while (*flagsString) {
for (i = 0; i < count; i++) {
if (strncmp(flagsString, flags[i].name, flags[i].nameSize) ==
if (strncmp(flagsString, flagArray[i].name, flagArray[i].nameSize) ==
0) {
flagsValue |= flags[i].value;
flagsString += flags[i].nameSize;
flagsValue |= flagArray[i].value;
flagsString += flagArray[i].nameSize;
if (*flagsString != 0) {
flagsString++;
}
@ -2690,13 +2691,14 @@ certutil_main(int argc, char **argv, PRBool initialize)
rv = SECU_ParseCommandLine(argc, argv, progName, &certutil);
if (rv != SECSuccess)
Usage();
Usage(progName);
if (certutil.commands[cmd_PrintSyntax].activated) {
PrintSyntax();
PrintSyntax(progName);
}
if (certutil.commands[cmd_PrintHelp].activated) {
int i;
char buf[2];
const char *command = NULL;
for (i = 0; i < max_cmd; i++) {
@ -2713,7 +2715,7 @@ certutil_main(int argc, char **argv, PRBool initialize)
break;
}
}
LongUsage((command ? usage_selected : usage_all), command);
LongUsage(progName, (command ? usage_selected : usage_all), command);
exit(1);
}
@ -2821,7 +2823,7 @@ certutil_main(int argc, char **argv, PRBool initialize)
if (certutil.options[opt_DBPrefix].arg) {
certPrefix = certutil.options[opt_DBPrefix].arg;
} else {
Usage();
Usage(progName);
}
}
@ -2830,7 +2832,7 @@ certutil_main(int argc, char **argv, PRBool initialize)
if (certutil.options[opt_SourcePrefix].arg) {
srcCertPrefix = certutil.options[opt_SourcePrefix].arg;
} else {
Usage();
Usage(progName);
}
}
@ -2914,7 +2916,7 @@ certutil_main(int argc, char **argv, PRBool initialize)
return 255;
}
if (commandsEntered == 0) {
Usage();
Usage(progName);
}
if (certutil.commands[cmd_ListCerts].activated ||

14
security/nss/cmd/crlutil/crlutil.c
View File

@ -770,7 +770,7 @@ loser:
}
static void
Usage()
Usage(char *progName)
{
fprintf(stderr,
"Usage: %s -L [-n nickname] [-d keydir] [-P dbprefix] [-t crlType]\n"
@ -908,7 +908,7 @@ main(int argc, char **argv)
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
Usage();
Usage(progName);
break;
case 'T':
@ -1038,17 +1038,17 @@ main(int argc, char **argv)
}
if (deleteCRL && !nickName)
Usage();
Usage(progName);
if (importCRL && !inFile)
Usage();
Usage(progName);
if (showFileCRL && !inFile)
Usage();
Usage(progName);
if ((generateCRL && !nickName) ||
(modifyCRL && !inFile && !nickName))
Usage();
Usage(progName);
if (!(listCRL || deleteCRL || importCRL || showFileCRL || generateCRL ||
modifyCRL || test || erase))
Usage();
Usage(progName);
if (listCRL || showFileCRL) {
readonly = PR_TRUE;

1
security/nss/cmd/crmftest/testcrmf.c
View File

@ -577,6 +577,7 @@ Decode(void)
printf("WARNING: The DER contained %d messages.\n", numMsgs);
}
for (i = 0; i < numMsgs; i++) {
SECStatus rv;
printf("crmftest: Processing cert request %d\n", i);
certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i);
if (certReqMsg == NULL) {

7
security/nss/cmd/dbtest/dbtest.c
View File

@ -58,7 +58,7 @@ getPassword(PK11SlotInfo *slot, PRBool retry, void *arg)
}
static void
Usage()
Usage(const char *progName)
{
printf("Usage: %s [-r] [-f] [-i] [-d dbdir ] \n",
progName);
@ -96,7 +96,7 @@ main(int argc, char **argv)
switch (optstate->option) {
case 'h':
default:
Usage();
Usage(progName);
break;
case 'r':
@ -122,7 +122,7 @@ main(int argc, char **argv)
}
PL_DestroyOptState(optstate);
if (optstatus == PL_OPT_BAD)
Usage();
Usage(progName);
if (dbDir) {
char *tmp = dbDir;
@ -181,6 +181,7 @@ main(int argc, char **argv)
ret = SUCCESS;
if (doInitTest) {
PK11SlotInfo *slot = PK11_GetInternalKeySlot();
SECStatus rv;
int passwordSuccess = 0;
int type = CKM_DES3_CBC;
SECItem keyid = { 0, NULL, 0 };

10
security/nss/cmd/httpserv/httpserv.c
View File

@ -682,7 +682,6 @@ handle_connection(
}
if (arena) {
PORT_FreeArena(arena, PR_FALSE);
arena = NULL;
}
if (!request || !request->tbsRequest ||
!request->tbsRequest->requestList ||
@ -754,11 +753,11 @@ handle_connection(
{
PRTime now = PR_Now();
PLArenaPool *arena = NULL;
CERTOCSPSingleResponse *sr;
CERTOCSPSingleResponse **singleResponses;
SECItem *ocspResponse;
PORT_Assert(!arena);
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (unknown) {
@ -788,8 +787,8 @@ handle_connection(
} else {
PR_Write(ssl_sock, outOcspHeader, strlen(outOcspHeader));
PR_Write(ssl_sock, ocspResponse->data, ocspResponse->len);
PORT_FreeArena(arena, PR_FALSE);
}
PORT_FreeArena(arena, PR_FALSE);
}
CERT_DestroyOCSPRequest(request);
break;
@ -1358,6 +1357,7 @@ main(int argc, char **argv)
caRevoIter = &caRevoInfos->link;
do {
PRFileDesc *inFile;
int rv = SECFailure;
SECItem crlDER;
crlDER.data = NULL;
@ -1413,9 +1413,11 @@ main(int argc, char **argv)
if (provideOcsp) {
if (caRevoInfos) {
PRCList *caRevoIter;
caRevoIter = &caRevoInfos->link;
do {
revoInfo = (caRevoInfo *)caRevoIter;
caRevoInfo *revoInfo = (caRevoInfo *)caRevoIter;
if (revoInfo->nickname)
PORT_Free(revoInfo->nickname);
if (revoInfo->crlFilename)

8
security/nss/cmd/lib/secutil.c
View File

@ -1528,9 +1528,9 @@ SECU_PrintDumpDerIssuerAndSerial(FILE *out, SECItem *der, char *m,
unsigned int i;
for (i = 0; i < c->serialNumber.len; ++i) {
unsigned char *chardata = (unsigned char *)(c->serialNumber.data);
unsigned char ch = *(chardata + i);
unsigned char c = *(chardata + i);
fprintf(out, "\\x%02x", ch);
fprintf(out, "\\x%02x", c);
}
fprintf(out, "\" }\n");
}
@ -3137,7 +3137,7 @@ typedef enum {
static int
secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m,
int level, SECU_PPFunc inner,
SignatureOptionType signatureOption)
SignatureOptionType withSignature)
{
PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
CERTSignedData *sd;
@ -3164,7 +3164,7 @@ secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m,
}
rv = (*inner)(out, &sd->data, "Data", level + 1);
if (signatureOption == withSignature) {
if (withSignature) {
SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm",
level + 1);
DER_ConvertBitString(&sd->signature);

2
security/nss/cmd/listsuites/listsuites.c
View File

@ -64,7 +64,9 @@ main(int argc, char **argv)
/* disable all the SSL3 cipher suites */
for (i = 0; i < SSL_NumImplementedCiphers; i++) {
PRUint16 suite = cipherSuites[i];
SECStatus rv;
PRBool enabled;
PRErrorCode err;
SSLCipherSuiteInfo info;
rv = SSL_CipherPrefGetDefault(suite, &enabled);

4
security/nss/cmd/lowhashtest/lowhashtest.c
View File

@ -390,7 +390,7 @@ testSHA512(NSSLOWInitContext *initCtx)
}
static void
Usage()
Usage(char *progName)
{
fprintf(stderr, "Usage: %s [algorithm]\n",
progName);
@ -436,7 +436,7 @@ main(int argc, char **argv)
rv += testSHA512(initCtx);
} else {
SECU_PrintError(progName, "Unsupported hash type %s\n", argv[0]);
Usage();
Usage(progName);
}
NSSLOW_Shutdown(initCtx);

10
security/nss/cmd/modutil/install-ds.c
View File

@ -88,11 +88,11 @@ static const char* errString[] = {
static char* PR_Strdup(const char* str);
#define PAD(x) \
{ \
int pad_i; \
for (pad_i = 0; pad_i < (x); pad_i++) \
printf(" "); \
#define PAD(x) \
{ \
int i; \
for (i = 0; i < x; i++) \
printf(" "); \
}
#define PADINC 4

14
security/nss/cmd/mpitests/mpi-test.c
View File

@ -375,14 +375,14 @@ void reason(char *fmt, ...);
char g_intbuf[4096]; /* buffer for integer comparison */
char a_intbuf[4096]; /* buffer for integer comparison */
int g_verbose = 1; /* print out reasons for failure? */
int res;
#define IFOK(x) \
{ \
int ifok_res = (x); \
if (MP_OKAY > ifok_res) { \
reason("test %s failed: error %d\n", #x, ifok_res); \
return 1; \
} \
#define IFOK(x) \
{ \
if (MP_OKAY > (res = (x))) { \
reason("test %s failed: error %d\n", #x, res); \
return 1; \
} \
}
int

24
security/nss/cmd/ocspclnt/ocspclnt.c
View File

@ -38,7 +38,7 @@
char *program_name;
static void
synopsis(char *progname)
synopsis(char *program_name)
{
PRFileDesc *pr_stderr;
@ -46,44 +46,44 @@ synopsis(char *progname)
PR_fprintf(pr_stderr, "Usage:");
PR_fprintf(pr_stderr,
"\t%s -p [-d <dir>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t%s -P [-d <dir>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t%s -r <name> [-a] [-L] [-s <name>] [-d <dir>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t%s -R <name> [-a] [-l <location>] [-s <name>] [-d <dir>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t%s -S <name> [-a] [-l <location> -t <name>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
PR_fprintf(pr_stderr,
"\t%s -V <name> [-a] -u <usage> [-l <location> -t <name>]\n",
progname);
program_name);
PR_fprintf(pr_stderr,
"\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
}
static void
short_usage(char *progname)
short_usage(char *program_name)
{
PR_fprintf(PR_STDERR,
"Type %s -H for more detailed descriptions\n",
progname);
synopsis(progname);
program_name);
synopsis(program_name);
}
static void
long_usage(char *progname)
long_usage(char *program_name)
{
PRFileDesc *pr_stderr;
pr_stderr = PR_STDERR;
synopsis(progname);
synopsis(program_name);
PR_fprintf(pr_stderr, "\nCommands (must specify exactly one):\n");
PR_fprintf(pr_stderr,
" %-13s Pretty-print a binary request read from stdin\n",

6
security/nss/cmd/ocspresp/ocspresp.c
View File

@ -194,8 +194,8 @@ main(int argc, char **argv)
&obtainedSignerCert, caCert));
#ifdef DEBUG
{
rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid,
obtainedSignerCert, now);
SECStatus rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid,
obtainedSignerCert, now);
PORT_Assert(rv == SECFailure);
PORT_Assert(PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE);
}
@ -211,7 +211,7 @@ main(int argc, char **argv)
decodedFail = CERT_DecodeOCSPResponse(encodedFail);
#ifdef DEBUG
{
rv = CERT_GetOCSPResponseStatus(decodedFail);
SECStatus rv = CERT_GetOCSPResponseStatus(decodedFail);
PORT_Assert(rv == SECFailure);
PORT_Assert(PORT_GetError() == SEC_ERROR_OCSP_TRY_SERVER_LATER);
}

12
security/nss/cmd/pk12util/pk12util.c
View File

@ -28,7 +28,7 @@ static PRBool pk12uForceUnicode;
PRIntn pk12uErrno = 0;
static void
Usage()
Usage(char *progName)
{
#define FPS PR_fprintf(PR_STDERR,
FPS "Usage: %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n",
@ -1020,26 +1020,26 @@ main(int argc, char **argv)
rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util);
if (rv != SECSuccess)
Usage();
Usage(progName);
pk12_debugging = pk12util.options[opt_Debug].activated;
if ((pk12util.options[opt_Import].activated +
pk12util.options[opt_Export].activated +
pk12util.options[opt_List].activated) != 1) {
Usage();
Usage(progName);
}
if (pk12util.options[opt_Export].activated &&
!pk12util.options[opt_Nickname].activated) {
Usage();
Usage(progName);
}
rv = NSS_OptionGet(__NSS_PKCS12_DECODE_FORCE_UNICODE, &forceUnicode);
if (rv != SECSuccess) {
SECU_PrintError(progName,
"Failed to get NSS_PKCS12_DECODE_FORCE_UNICODE option");
Usage();
Usage(progName);
}
pk12uForceUnicode = forceUnicode;
@ -1144,7 +1144,7 @@ main(int argc, char **argv)
P12U_ListPKCS12File(import_file, slot, &slotPw, &p12FilePw);
} else {
Usage();
Usage(progName);
pk12uErrno = PK12UERR_USAGE;
}

32
security/nss/cmd/rsaperf/rsaperf.c
View File

@ -313,7 +313,7 @@ main(int argc, char **argv)
char *slotname = NULL;
long keybits = 0;
RSAOp fn;
void *rsaKeyPtr = NULL;
void *rsaKey = NULL;
PLOptState *optstate;
PLOptStatus optstatus;
long iters = DEFAULT_ITERS;
@ -464,7 +464,7 @@ main(int argc, char **argv)
if (doPub) {
/* do public key ops */
fn = (RSAOp)PK11_PublicKeyOp;
rsaKeyPtr = (void *)pubHighKey;
rsaKey = (void *)pubHighKey;
kh = PK11_ImportPublicKey(cert->slot, pubHighKey, PR_FALSE);
if (CK_INVALID_HANDLE == kh) {
@ -489,7 +489,7 @@ main(int argc, char **argv)
fn = (RSAOp)PK11_PrivateKeyOp;
keys.privKey = privHighKey;
keys.pubKey = pubHighKey;
rsaKeyPtr = (void *)&keys;
rsaKey = (void *)&keys;
printf("Using PKCS#11 for RSA decryption with token %s.\n",
PK11_GetTokenName(privHighKey->pkcs11Slot));
}
@ -537,13 +537,13 @@ main(int argc, char **argv)
if (doPub) {
/* do public key operations */
fn = (RSAOp)PK11_PublicKeyOp;
rsaKeyPtr = (void *)pubHighKey;
rsaKey = (void *)pubHighKey;
} else {
/* do private key operations */
fn = (RSAOp)PK11_PrivateKeyOp;
keys.privKey = privHighKey;
keys.pubKey = pubHighKey;
rsaKeyPtr = (void *)&keys;
rsaKey = (void *)&keys;
}
} else
@ -574,7 +574,7 @@ main(int argc, char **argv)
pe.data = &pubEx[0];
pe.type = siBuffer;
rsaKeyPtr = RSA_NewKey(keybits, &pe);
rsaKey = RSA_NewKey(keybits, &pe);
fprintf(stderr, "Keygen completed.\n");
} else {
/* use a hardcoded key */
@ -589,31 +589,31 @@ main(int argc, char **argv)
if (doPub) {
/* do public key operations */
fn = (RSAOp)RSA_PublicKeyOp;
if (rsaKeyPtr) {
if (rsaKey) {
/* convert the RSAPrivateKey to RSAPublicKey */
pubKeyStr.arena = NULL;
pubKeyStr.modulus = ((RSAPrivateKey *)rsaKeyPtr)->modulus;
pubKeyStr.modulus = ((RSAPrivateKey *)rsaKey)->modulus;
pubKeyStr.publicExponent =
((RSAPrivateKey *)rsaKeyPtr)->publicExponent;
rsaKeyPtr = &pubKeyStr;
((RSAPrivateKey *)rsaKey)->publicExponent;
rsaKey = &pubKeyStr;
} else {
/* convert NSSLOWKeyPublicKey to RSAPublicKey */
rsaKeyPtr = (void *)(&pubKey->u.rsa);
rsaKey = (void *)(&pubKey->u.rsa);
}
PORT_Assert(rsaKeyPtr);
PORT_Assert(rsaKey);
} else {
/* do private key operations */
fn = (RSAOp)RSA_PrivateKeyOp;
if (privKey) {
/* convert NSSLOWKeyPrivateKey to RSAPrivateKey */
rsaKeyPtr = (void *)(&privKey->u.rsa);
rsaKey = (void *)(&privKey->u.rsa);
}
PORT_Assert(rsaKeyPtr);
PORT_Assert(rsaKey);
}
}
memset(buf, 1, sizeof buf);
rv = fn(rsaKeyPtr, buf2, buf);
rv = fn(rsaKey, buf2, buf);
if (rv != SECSuccess) {
PRErrorCode errNum;
const char *errStr = NULL;
@ -638,7 +638,7 @@ main(int argc, char **argv)
runDataArr[i]->fn = fn;
runDataArr[i]->buf = buf;
runDataArr[i]->doIters = &doIters;
runDataArr[i]->rsaKey = rsaKeyPtr;
runDataArr[i]->rsaKey = rsaKey;
runDataArr[i]->seconds = seconds;
runDataArr[i]->iters = iters;
threadsArr[i] =

59
security/nss/cmd/selfserv/selfserv.c
View File

@ -57,7 +57,7 @@
int NumSidCacheEntries = 1024;
static int handle_connection(PRFileDesc *, PRFileDesc *);
static int handle_connection(PRFileDesc *, PRFileDesc *, int);
static const char envVarName[] = { SSL_ENV_VAR_NAME };
static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
@ -509,6 +509,7 @@ typedef struct jobStr {
PRCList link;
PRFileDesc *tcp_sock;
PRFileDesc *model_sock;
int requestCert;
} JOB;
static PZLock *qLock; /* this lock protects all data immediately below */
@ -540,7 +541,7 @@ setupJobs(int maxJobs)
return SECSuccess;
}
typedef int startFn(PRFileDesc *a, PRFileDesc *b);
typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c);
typedef enum { rs_idle = 0,
rs_running = 1,
@ -549,6 +550,7 @@ typedef enum { rs_idle = 0,
typedef struct perThreadStr {
PRFileDesc *a;
PRFileDesc *b;
int c;
int rv;
startFn *startFunc;
PRThread *prThread;
@ -562,7 +564,7 @@ thread_wrapper(void *arg)
{
perThread *slot = (perThread *)arg;
slot->rv = (*slot->startFunc)(slot->a, slot->b);
slot->rv = (*slot->startFunc)(slot->a, slot->b, slot->c);
/* notify the thread exit handler. */
PZ_Lock(qLock);
@ -573,7 +575,7 @@ thread_wrapper(void *arg)
}
int
jobLoop(PRFileDesc *a, PRFileDesc *b)
jobLoop(PRFileDesc *a, PRFileDesc *b, int c)
{
PRCList *myLink = 0;
JOB *myJob;
@ -593,7 +595,8 @@ jobLoop(PRFileDesc *a, PRFileDesc *b)
/* myJob will be null when stopping is true and jobQ is empty */
if (!myJob)
break;
handle_connection(myJob->tcp_sock, myJob->model_sock);
handle_connection(myJob->tcp_sock, myJob->model_sock,
myJob->requestCert);
PZ_Lock(qLock);
PR_APPEND_LINK(myLink, &freeJobs);
PZ_NotifyCondVar(freeListNotEmptyCv);
@ -606,6 +609,7 @@ launch_threads(
startFn *startFunc,
PRFileDesc *a,
PRFileDesc *b,
int c,
PRBool local)
{
int i;
@ -641,6 +645,7 @@ launch_threads(
slot->state = rs_running;
slot->a = a;
slot->b = b;
slot->c = c;
slot->startFunc = startFunc;
slot->prThread = PR_CreateThread(PR_USER_THREAD,
thread_wrapper, slot, PR_PRIORITY_NORMAL,
@ -888,7 +893,8 @@ int /* returns count */
int
do_writes(
PRFileDesc *ssl_sock,
PRFileDesc *model_sock)
PRFileDesc *model_sock,
int requestCert)
{
int sent = 0;
int count = 0;
@ -919,7 +925,8 @@ do_writes(
static int
handle_fdx_connection(
PRFileDesc *tcp_sock,
PRFileDesc *model_sock)
PRFileDesc *model_sock,
int requestCert)
{
PRFileDesc *ssl_sock = NULL;
SECStatus result;
@ -953,7 +960,8 @@ handle_fdx_connection(
lockedVars_AddToCount(&lv, 1);
/* Attempt to launch the writer thread. */
result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv);
result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv,
requestCert);
if (result == SECSuccess)
do {
@ -1085,7 +1093,7 @@ makeCorruptedOCSPResponse(PLArenaPool *arena)
}
SECItemArray *
makeSignedOCSPResponse(PLArenaPool *arena,
makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm,
CERTCertificate *cert, secuPWData *pwdata)
{
SECItemArray *result = NULL;
@ -1109,7 +1117,7 @@ makeSignedOCSPResponse(PLArenaPool *arena,
nextUpdate = now + (PRTime)60 * 60 * 24 * PR_USEC_PER_SEC; /* plus 1 day */
switch (ocspStaplingMode) {
switch (osm) {
case osm_good:
case osm_badsig:
sr = CERT_CreateOCSPSingleResponseGood(arena, cid, now,
@ -1142,7 +1150,7 @@ makeSignedOCSPResponse(PLArenaPool *arena,
singleResponses[1] = NULL;
ocspResponse = CERT_CreateEncodedOCSPSuccessResponse(arena,
(ocspStaplingMode == osm_badsig)
(osm == osm_badsig)
? NULL
: ca,
ocspResponderID_byName, now, singleResponses,
@ -1167,7 +1175,7 @@ makeSignedOCSPResponse(PLArenaPool *arena,
}
void
setupCertStatus(PLArenaPool *arena,
setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode,
CERTCertificate *cert, int index, secuPWData *pwdata)
{
if (ocspStaplingMode == osm_random) {
@ -1205,7 +1213,7 @@ setupCertStatus(PLArenaPool *arena,
case osm_unknown:
case osm_badsig:
multiOcspResponses =
makeSignedOCSPResponse(arena, cert,
makeSignedOCSPResponse(arena, ocspStaplingMode, cert,
pwdata);
break;
case osm_corrupted:
@ -1228,7 +1236,10 @@ setupCertStatus(PLArenaPool *arena,
}
int
handle_connection(PRFileDesc *tcp_sock, PRFileDesc *model_sock)
handle_connection(
PRFileDesc *tcp_sock,
PRFileDesc *model_sock,
int requestCert)
{
PRFileDesc *ssl_sock = NULL;
PRFileDesc *local_file_fd = NULL;
@ -1261,6 +1272,7 @@ handle_connection(PRFileDesc *tcp_sock, PRFileDesc *model_sock)
VLOG(("selfserv: handle_connection: starting\n"));
if (useModelSocket && model_sock) {
SECStatus rv;
ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
if (!ssl_sock) {
errWarn("SSL_ImportFD with model");
@ -1576,7 +1588,8 @@ sigusr1_handler(int sig)
SECStatus
do_accepts(
PRFileDesc *listen_sock,
PRFileDesc *model_sock)
PRFileDesc *model_sock,
int requestCert)
{
PRNetAddr addr;
PRErrorCode perr;
@ -1646,6 +1659,7 @@ do_accepts(
JOB *myJob = (JOB *)myLink;
myJob->tcp_sock = tcp_sock;
myJob->model_sock = model_sock;
myJob->requestCert = requestCert;
}
PR_APPEND_LINK(myLink, &jobQ);
@ -1804,6 +1818,7 @@ handshakeCallback(PRFileDesc *fd, void *client_data)
void
server_main(
PRFileDesc *listen_sock,
int requestCert,
SECKEYPrivateKey **privKey,
CERTCertificate **cert,
const char *expectedHostNameVal)
@ -2006,7 +2021,7 @@ server_main(
/* end of ssl configuration. */
/* Now, do the accepting, here in the main thread. */
rv = do_accepts(listen_sock, model_sock);
rv = do_accepts(listen_sock, model_sock, requestCert);
terminateWorkerThreads();
@ -2639,8 +2654,9 @@ main(int argc, char **argv)
}
}
if (cipher > 0) {
rv = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED);
if (rv != SECSuccess)
SECStatus status;
status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED);
if (status != SECSuccess)
SECU_PrintError(progName, "SSL_CipherPrefSet()");
} else {
fprintf(stderr,
@ -2668,7 +2684,7 @@ main(int argc, char **argv)
exit(11);
}
if (privKey[i]->keyType != ecKey)
setupCertStatus(certStatusArena, cert[i], i, &pwdata);
setupCertStatus(certStatusArena, ocspStaplingMode, cert[i], i, &pwdata);
}
if (configureWeakDHE > 0) {
@ -2681,7 +2697,7 @@ main(int argc, char **argv)
}
/* allocate the array of thread slots, and launch the worker threads. */
rv = launch_threads(&jobLoop, 0, 0, useLocalThreads);
rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads);
if (rv == SECSuccess && logStats) {
loggerThread = PR_CreateThread(PR_SYSTEM_THREAD,
@ -2696,7 +2712,7 @@ main(int argc, char **argv)
}
if (rv == SECSuccess) {
server_main(listen_sock, privKey, cert,
server_main(listen_sock, requestCert, privKey, cert,
expectedHostNameVal);
}
@ -2715,6 +2731,7 @@ cleanup:
}
{
int i;
for (i = 0; i < certNicknameIndex; i++) {
if (cert[i]) {
CERT_DestroyCertificate(cert[i]);

8
security/nss/cmd/signtool/javascript.c
View File

@ -1300,6 +1300,7 @@ extract_js(char *filename)
* Now we have a stream of tags and text. Go through and deal with each.
*/
for (curitem = head; curitem; curitem = curitem->next) {
TagItem *tagp = NULL;
AVPair *pairp = NULL;
char *src = NULL, *id = NULL, *codebase = NULL;
PRBool hasEventHandler = PR_FALSE;
@ -1668,14 +1669,11 @@ loser:
* Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise.
*/
static PRStatus
ensureExists(char *basepath, char *path)
ensureExists(char *base, char *path)
{
char fn[FNSIZE];
PRDir *dir;
int c = snprintf(fn, sizeof(fn), "%s/%s", basepath, path);
if (c >= sizeof(fn)) {
return PR_FAILURE;
}
sprintf(fn, "%s/%s", base, path);
/*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/

68
security/nss/cmd/signtool/sign.c
View File

@ -175,16 +175,16 @@ typedef struct {
*
*/
int
SignAllArc(char *jartree, char *keyName, int javascript, char *metafilename,
char *install_script, int optimize_level, PRBool recurse)
SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
char *install_script, int optimize, PRBool recurse)
{
SignArcInfo info;
info.keyName = keyName;
info.javascript = javascript;
info.metafile = metafilename;
info.metafile = metafile;
info.install_script = install_script;
info.optimize = optimize_level;
info.optimize = optimize;
return foreach (jartree, "", sign_all_arc_fn, recurse,
PR_TRUE /*include dirs*/, (void *)&info);
@ -194,7 +194,7 @@ static int
sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
void *arg)
{
char *zipfilename = NULL;
char *zipfile = NULL;
char *arc = NULL, *archive = NULL;
int retval = 0;
SignArcInfo *infop = (SignArcInfo *)arg;
@ -212,8 +212,8 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
}
archive = PR_smprintf("%s/%s", basedir, relpath);
zipfilename = PL_strdup(archive);
arc = PORT_Strrchr(zipfilename, '.');
zipfile = PL_strdup(archive);
arc = PORT_Strrchr(zipfile, '.');
if (arc == NULL) {
PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
@ -225,17 +225,17 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
PL_strcpy(arc, ".jar");
if (verbosity >= 0) {
PR_fprintf(outputFD, "\nsigning: %s\n", zipfilename);
PR_fprintf(outputFD, "\nsigning: %s\n", zipfile);
}
retval = SignArchive(archive, infop->keyName, zipfilename,
retval = SignArchive(archive, infop->keyName, zipfile,
infop->javascript, infop->metafile, infop->install_script,
infop->optimize, PR_TRUE /* recurse */);
}
finish:
if (archive)
PR_Free(archive);
if (zipfilename)
PR_Free(zipfilename);
if (zipfile)
PR_Free(zipfile);
return retval;
}
@ -707,8 +707,8 @@ SignFile(FILE *outFile, FILE *inFile, CERTCertificate *cert)
static int
generate_SF_file(char *manifile, char *who)
{
FILE *sfFile;
FILE *mfFile;
FILE *sf;
FILE *mf;
long r1, r2, r3;
char whofile[FNSIZE];
char *buf, *name = NULL;
@ -718,12 +718,12 @@ generate_SF_file(char *manifile, char *who)
strcpy(whofile, who);
if ((mfFile = fopen(manifile, "rb")) == NULL) {
if ((mf = fopen(manifile, "rb")) == NULL) {
perror(manifile);
exit(ERRX);
}
if ((sfFile = fopen(whofile, "wb")) == NULL) {
if ((sf = fopen(whofile, "wb")) == NULL) {
perror(who);
exit(ERRX);
}
@ -736,11 +736,11 @@ generate_SF_file(char *manifile, char *who)
if (buf == NULL || name == NULL)
out_of_memory();
fprintf(sfFile, "Signature-Version: 1.0\n");
fprintf(sfFile, "Created-By: %s\n", CREATOR);
fprintf(sfFile, "Comments: %s\n", BREAKAGE);
fprintf(sf, "Signature-Version: 1.0\n");
fprintf(sf, "Created-By: %s\n", CREATOR);
fprintf(sf, "Comments: %s\n", BREAKAGE);
if (fgets(buf, BUFSIZ, mfFile) == NULL) {
if (fgets(buf, BUFSIZ, mf) == NULL) {
PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME);
errorCount++;
exit(ERRX);
@ -752,15 +752,15 @@ generate_SF_file(char *manifile, char *who)
exit(ERRX);
}
fseek(mfFile, 0L, SEEK_SET);
fseek(mf, 0L, SEEK_SET);
/* Process blocks of headers, and calculate their hashen */
while (1) {
/* Beginning range */
r1 = ftell(mfFile);
r1 = ftell(mf);
if (fgets(name, BUFSIZ, mfFile) == NULL)
if (fgets(name, BUFSIZ, mf) == NULL)
break;
line++;
@ -774,46 +774,46 @@ generate_SF_file(char *manifile, char *who)
}
r2 = r1;
while (fgets(buf, BUFSIZ, mfFile)) {
while (fgets(buf, BUFSIZ, mf)) {
if (*buf == 0 || *buf == '\n' || *buf == '\r')
break;
line++;
/* Ending range for hashing */
r2 = ftell(mfFile);
r2 = ftell(mf);
}
r3 = ftell(mfFile);
r3 = ftell(mf);
if (r1) {
fprintf(sfFile, "\n");
fprintf(sfFile, "%s", name);
fprintf(sf, "\n");
fprintf(sf, "%s", name);
}
calculate_MD5_range(mfFile, r1, r2, &dig);
calculate_MD5_range(mf, r1, r2, &dig);
if (optimize == 0) {
fprintf(sfFile, "Digest-Algorithms: MD5 SHA1\n");
fprintf(sf, "Digest-Algorithms: MD5 SHA1\n");
md5 = BTOA_DataToAscii(dig.md5, MD5_LENGTH);
fprintf(sfFile, "MD5-Digest: %s\n", md5);
fprintf(sf, "MD5-Digest: %s\n", md5);
PORT_Free(md5);
}
sha1 = BTOA_DataToAscii(dig.sha1, SHA1_LENGTH);
fprintf(sfFile, "SHA1-Digest: %s\n", sha1);
fprintf(sf, "SHA1-Digest: %s\n", sha1);
PORT_Free(sha1);
/* restore normalcy after changing offset position */
fseek(mfFile, r3, SEEK_SET);
fseek(mf, r3, SEEK_SET);
}
PORT_Free(buf);
PORT_Free(name);
fclose(sfFile);
fclose(mfFile);
fclose(sf);
fclose(mf);
return 0;
}

4
security/nss/cmd/signtool/zip.c
View File

@ -129,7 +129,7 @@ handle_zerror(int err, char *msg)
* been opened with JzipOpen.
*/
int
JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int lvl)
JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
{
ZIPentry *entry;
PRFileDesc *readfp;
@ -319,7 +319,7 @@ JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int lvl)
* It causes zlib to leave out its headers and footers, which don't
* work in PKZIP files.
*/
err = deflateInit2(&zstream, lvl, Z_DEFLATED,
err = deflateInit2(&zstream, compression_level, Z_DEFLATED,
-MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY);
if (err != Z_OK) {
handle_zerror(err, zstream.msg);

37
security/nss/cmd/smimetools/cmsutil.c
View File

@ -68,7 +68,7 @@ DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input,
}
static void
Usage(void)
Usage(char *progName)
{
fprintf(stderr,
"Usage: %s [-C|-D|-E|-O|-S] [<options>] [-d dbdir] [-u certusage]\n"
@ -280,6 +280,7 @@ decode(FILE *out, SECItem *input, const struct decodeOptionsStr *decodeOptions)
** or might be an invalid message, such as a QA test message
** or a message from an attacker.
*/
SECStatus rv;
rv = NSS_CMSSignedData_VerifyCertsOnly(sigd,
decodeOptions->options->certHandle,
decodeOptions->options->certUsage);
@ -1126,7 +1127,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -G only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
signOptions.signingTime = PR_TRUE;
@ -1136,7 +1137,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -H only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
decodeOptions.suppressContent = PR_TRUE;
@ -1166,7 +1167,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -N only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
signOptions.nickname = PORT_Strdup(optstate->value);
@ -1179,7 +1180,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -P only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
signOptions.smimeProfile = PR_TRUE;
@ -1192,7 +1193,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -T only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
signOptions.detached = PR_TRUE;
@ -1202,7 +1203,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -Y only supported with option -S.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
signOptions.encryptionKeyPreferenceNick = strdup(optstate->value);
@ -1213,7 +1214,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -b only supported with option -D.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
batch = PR_TRUE;
@ -1224,7 +1225,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -c only supported with option -D.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
contentFile = PR_Open(optstate->value, PR_RDONLY, 006600);
@ -1260,7 +1261,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -h only supported with option -D.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
decodeOptions.headerLevel = atoi(optstate->value);
@ -1287,7 +1288,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -k only supported with option -D.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
decodeOptions.keepCerts = PR_TRUE;
@ -1298,7 +1299,7 @@ main(int argc, char **argv)
fprintf(stderr,
"%s: option -n only supported with option -D.\n",
progName);
Usage();
Usage(progName);
exit(1);
}
decodeOptions.suppressContent = PR_TRUE;
@ -1314,7 +1315,7 @@ main(int argc, char **argv)
case 'p':
if (!optstate->value) {
fprintf(stderr, "%s: option -p must have a value.\n", progName);
Usage();
Usage(progName);
exit(1);
}
@ -1324,7 +1325,7 @@ main(int argc, char **argv)
case 'f':
if (!optstate->value) {
fprintf(stderr, "%s: option -f must have a value.\n", progName);
Usage();
Usage(progName);
exit(1);
}
@ -1334,7 +1335,7 @@ main(int argc, char **argv)
case 'r':
if (!optstate->value) {
fprintf(stderr, "%s: option -r must have a value.\n", progName);
Usage();
Usage(progName);
exit(1);
}
envelopeOptions.recipients = ptrarray;
@ -1367,11 +1368,11 @@ main(int argc, char **argv)
}
}
if (status == PL_OPT_BAD)
Usage();
Usage(progName);
PL_DestroyOptState(optstate);
if (mode == UNKNOWN)
Usage();
Usage(progName);
if (mode != CERTSONLY && !batch) {
rv = SECU_FileToItem(&input, inFile);
@ -1528,7 +1529,7 @@ main(int argc, char **argv)
break;
default:
fprintf(stderr, "One of options -D, -S or -E must be set.\n");
Usage();
Usage(progName);
exitstatus = 1;
}

16
security/nss/cmd/strsclnt/strsclnt.c
View File

@ -137,7 +137,7 @@ SECItem bigBuf;
fprintf
static void
Usage(void)
Usage(const char *progName)
{
fprintf(stderr,
"Usage: %s [-n nickname] [-p port] [-d dbdir] [-c connections]\n"
@ -260,6 +260,7 @@ void
printSecurityInfo(PRFileDesc *fd)
{
CERTCertificate *cert = NULL;
SSL3Statistics *ssl3stats = SSL_GetStatistics();
SECStatus result;
SSLChannelInfo channel;
SSLCipherSuiteInfo suite;
@ -1094,6 +1095,7 @@ client_main(
while (0 != (ndx = *cipherString)) {
const char *startCipher = cipherString++;
int cipher = 0;
SECStatus rv;
if (ndx == ':') {
cipher = hexchar_to_int(*cipherString++);
@ -1351,7 +1353,7 @@ main(int argc, char **argv)
enabledVersions, &enabledVersions) !=
SECSuccess) {
fprintf(stderr, "Bad version specified.\n");
Usage();
Usage(progName);
}
break;
@ -1429,27 +1431,27 @@ main(int argc, char **argv)
case 0: /* positional parameter */
if (hostName) {
Usage();
Usage(progName);
}
hostName = PL_strdup(optstate->value);
break;
default:
case '?':
Usage();
Usage(progName);
break;
}
}
PL_DestroyOptState(optstate);
if (!hostName || status == PL_OPT_BAD)
Usage();
Usage(progName);
if (fullhs != NO_FULLHS_PERCENTAGE && (fullhs < 0 || fullhs > 100 || NoReuse))
Usage();
Usage(progName);
if (port == 0)
Usage();
Usage(progName);
if (fileName)
readBigFile(fileName);

5
security/nss/cmd/symkeyutil/symkeyutil.c
View File

@ -1034,10 +1034,10 @@ main(int argc, char **argv)
char *targetName = symKeyUtil.options[opt_TargetToken].arg;
PK11SymKey *newKey;
PK11SymKey *symKey = FindKey(slot, name, &keyID, &pwdata);
char *keyName;
char *keyName = PK11_GetSymKeyNickname(symKey);
if (!symKey) {
keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name);
char *keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name);
PR_fprintf(PR_STDERR, "%s: Couldn't find key %s on %s\n",
progName, keyName, PK11_GetTokenName(slot));
PORT_Free(keyName);
@ -1061,7 +1061,6 @@ main(int argc, char **argv)
PR_fprintf(PR_STDERR, "%s: Couldn't move the key \n", progName);
goto shutdown;
}
keyName = PK11_GetSymKeyNickname(symKey);
if (keyName) {
rv = PK11_SetSymKeyNickname(newKey, keyName);
if (rv != SECSuccess) {

55
security/nss/cmd/tstclnt/tstclnt.c
View File

@ -172,7 +172,7 @@ printSecurityInfo(PRFileDesc *fd)
}
static void
PrintUsageHeader()
PrintUsageHeader(const char *progName)
{
fprintf(stderr,
"Usage: %s -h host [-a 1st_hs_name ] [-a 2nd_hs_name ] [-p port]\n"
@ -186,7 +186,7 @@ PrintUsageHeader()
}
static void
PrintParameterUsage()
PrintParameterUsage(void)
{
fprintf(stderr, "%-20s Send different SNI name. 1st_hs_name - at first\n"
"%-20s handshake, 2nd_hs_name - at second handshake.\n"
@ -259,17 +259,17 @@ PrintParameterUsage()
}
static void
Usage()
Usage(const char *progName)
{
PrintUsageHeader();
PrintUsageHeader(progName);
PrintParameterUsage();
exit(1);
}
static void
PrintCipherUsage()
PrintCipherUsage(const char *progName)
{
PrintUsageHeader();
PrintUsageHeader(progName);
fprintf(stderr, "%-20s Letter(s) chosen from the following list\n",
"-c ciphers");
fprintf(stderr,
@ -303,7 +303,7 @@ milliPause(PRUint32 milli)
}
void
disableAllSSLCiphers()
disableAllSSLCiphers(void)
{
const PRUint16 *cipherSuites = SSL_GetImplementedCiphers();
int i = SSL_GetNumImplementedCiphers();
@ -844,7 +844,7 @@ separateReqHeader(const PRFileDesc *outFd, const char *buf, const int nb,
} else if (((c) >= 'A') && ((c) <= 'F')) { \
i = (c) - 'A' + 10; \
} else { \
Usage(); \
Usage(progName); \
}
static SECStatus
@ -1015,17 +1015,17 @@ handshakeCallback(PRFileDesc *fd, void *client_data)
#define REQUEST_WAITING (requestString && !requestSent)
static SECStatus
installServerCertificate(PRFileDesc *s, char *nick)
installServerCertificate(PRFileDesc *s, char *nickname)
{
CERTCertificate *cert;
SECKEYPrivateKey *privKey = NULL;
if (!nick) {
if (!nickname) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
cert = PK11_FindCertFromNickname(nick, &pwdata);
cert = PK11_FindCertFromNickname(nickname, &pwdata);
if (cert == NULL) {
return SECFailure;
}
@ -1129,7 +1129,7 @@ connectToServer(PRFileDesc *s, PRPollDesc *pollset)
}
static int
run()
run(void)
{
int headerSeparatorPtrnId = 0;
int error = 0;
@ -1225,18 +1225,19 @@ run()
cipherString++;
} else {
if (!isalpha(ndx))
Usage();
Usage(progName);
ndx = tolower(ndx) - 'a';
if (ndx < PR_ARRAY_SIZE(ssl3CipherSuites)) {
cipher = ssl3CipherSuites[ndx];
}
}
if (cipher > 0) {
rv = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED);
if (rv != SECSuccess)
SECStatus status;
status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED);
if (status != SECSuccess)
SECU_PrintError(progName, "SSL_CipherPrefSet()");
} else {
Usage();
Usage(progName);
}
}
PORT_Free(cstringSaved);
@ -1652,18 +1653,18 @@ main(int argc, char **argv)
switch (optstate->option) {
case '?':
default:
Usage();
Usage(progName);
break;
case '4':
allowIPv6 = PR_FALSE;
if (!allowIPv4)
Usage();
Usage(progName);
break;
case '6':
allowIPv4 = PR_FALSE;
if (!allowIPv6)
Usage();
Usage(progName);
break;
case 'A':
@ -1734,7 +1735,7 @@ main(int argc, char **argv)
actAsServer = 1;
} else {
if (strcmp(optstate->value, "client")) {
Usage();
Usage(progName);
}
}
break;
@ -1767,11 +1768,11 @@ main(int argc, char **argv)
if (!strcmp(optstate->value, "alt-server-hello")) {
enableAltServerHello = PR_TRUE;
} else {
Usage();
Usage(progName);
}
break;
case 'Y':
PrintCipherUsage();
PrintCipherUsage(progName);
exit(0);
break;
@ -1785,7 +1786,7 @@ main(int argc, char **argv)
} else if (!hs2SniHostName) {
hs2SniHostName = PORT_Strdup(optstate->value);
} else {
Usage();
Usage(progName);
}
break;
@ -1874,7 +1875,7 @@ main(int argc, char **argv)
if (rv != SECSuccess) {
PL_DestroyOptState(optstate);
fprintf(stderr, "Bad group specified.\n");
Usage();
Usage(progName);
}
break;
}
@ -1888,18 +1889,18 @@ main(int argc, char **argv)
enabledVersions, &enabledVersions) !=
SECSuccess) {
fprintf(stderr, "Bad version specified.\n");
Usage();
Usage(progName);
}
PORT_Free(versionString);
}
if (optstatus == PL_OPT_BAD) {
Usage();
Usage(progName);
}
if (!host || !portno) {
fprintf(stderr, "%s: parameters -h and -p are mandatory\n", progName);
Usage();
Usage(progName);
}
if (serverCertAuth.testFreshStatusFromSideChannel &&

6
security/nss/cmd/vfyserv/vfyserv.c
View File

@ -327,7 +327,9 @@ do_connects(void *a, int connection)
}
void
client_main(int connections)
client_main(unsigned short port,
int connections,
const char *hostName)
{
int i;
SECStatus secStatus;
@ -551,7 +553,7 @@ main(int argc, char **argv)
}
}
client_main(connections);
client_main(port, connections, hostName);
cleanup:
if (doOcspCheck) {

4
security/nss/cmd/vfyserv/vfyutil.c
View File

@ -310,13 +310,13 @@ myHandshakeCallback(PRFileDesc *socket, void *arg)
void
disableAllSSLCiphers(void)
{
const PRUint16 *allSuites = SSL_ImplementedCiphers;
const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
int i = SSL_NumImplementedCiphers;
SECStatus rv;
/* disable all the SSL3 cipher suites */
while (--i >= 0) {
PRUint16 suite = allSuites[i];
PRUint16 suite = cipherSuites[i];
rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
if (rv != SECSuccess) {
fprintf(stderr,

6
security/nss/coreconf/Werror.mk
View File

@ -48,11 +48,9 @@ ifndef WARNING_CFLAGS
else
# This tests to see if enabling the warning is possible before
# setting an option to disable it.
set_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -W$(2)$(1))
enable_warning = $(call set_warning,$(1),)
disable_warning = $(call set_warning,$(1),no-)
disable_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -Wno-$(1))
WARNING_CFLAGS = -Wall $(call enable_warning,shadow)
WARNING_CFLAGS = -Wall
ifdef CC_IS_CLANG
# -Qunused-arguments : clang objects to arguments that it doesn't understand
# and fixing this would require rearchitecture

1
security/nss/coreconf/coreconf.dep
View File

@ -10,3 +10,4 @@
*/
#error "Do not include this header file."

2
security/nss/coreconf/nsinstall/pathsub.c
View File

@ -212,7 +212,7 @@ reversepath(char *inpath, char *name, int len, char *outpath)
xchdir("..");
} else {
cp -= 3;
memcpy(cp, "../", 3);
strncpy(cp, "../", 3);
xchdir(buf);
}
}

2
security/nss/coreconf/werror.py
View File

@ -54,7 +54,7 @@ def main():
set_warning(w, 'no-')
print('-Qunused-arguments')
set_warning('shadow')
# set_warning('shadow') # Bug 1309068
if __name__ == '__main__':
main()

10
security/nss/cpputil/databuffer.cc
View File

@ -18,12 +18,12 @@
namespace nss_test {
void DataBuffer::Assign(const uint8_t* d, size_t l) {
if (d) {
Allocate(l);
memcpy(static_cast<void*>(data_), static_cast<const void*>(d), l);
void DataBuffer::Assign(const uint8_t* data, size_t len) {
if (data) {
Allocate(len);
memcpy(static_cast<void*>(data_), static_cast<const void*>(data), len);
} else {
assert(l == 0);
assert(len == 0);
data_ = nullptr;
len_ = 0;
}

14
security/nss/cpputil/databuffer.h
View File

@ -17,8 +17,8 @@ namespace nss_test {
class DataBuffer {
public:
DataBuffer() : data_(nullptr), len_(0) {}
DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) {
Assign(d, l);
DataBuffer(const uint8_t* data, size_t len) : data_(nullptr), len_(0) {
Assign(data, len);
}
DataBuffer(const DataBuffer& other) : data_(nullptr), len_(0) {
Assign(other);
@ -32,17 +32,17 @@ class DataBuffer {
return *this;
}
void Allocate(size_t l) {
void Allocate(size_t len) {
delete[] data_;
data_ = new uint8_t[l ? l : 1]; // Don't depend on new [0].
len_ = l;
data_ = new uint8_t[len ? len : 1]; // Don't depend on new [0].
len_ = len;
}
void Truncate(size_t l) { len_ = (std::min)(len_, l); }
void Truncate(size_t len) { len_ = (std::min)(len_, len); }
void Assign(const DataBuffer& other) { Assign(other.data(), other.len()); }
void Assign(const uint8_t* d, size_t l);
void Assign(const uint8_t* data, size_t len);
// Write will do a new allocation and expand the size of the buffer if needed.
// Returns the offset of the end of the write.

3
security/nss/fuzz/fuzz.gyp
View File

@ -44,9 +44,6 @@
# This is a static build of pk11wrap, softoken, and freebl.
'<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static',
],
'cflags_cc': [
'-Wno-error=shadow',
],
'conditions': [
['fuzz_oss==0', {
'sources': [

4
security/nss/gtests/freebl_gtest/blake2b_unittest.cc
View File

@ -50,7 +50,7 @@ TEST_P(Blake2BKATUnkeyed, Unkeyed) {
TEST_P(Blake2BKATKeyed, Keyed) {
std::vector<uint8_t> values(BLAKE2B512_LENGTH);
SECStatus rv = BLAKE2B_MAC_HashBuf(values.data(), kat_data.data(),
std::get<0>(GetParam()), kat_key.data(),
std::get<0>(GetParam()), key.data(),
BLAKE2B_KEY_SIZE);
ASSERT_EQ(SECSuccess, rv);
EXPECT_EQ(values, std::get<1>(GetParam()));
@ -139,7 +139,7 @@ TEST_F(Blake2BTests, NullTest) {
EXPECT_EQ(std::get<1>(TestcasesUnkeyed[0]), digest);
digest = std::vector<uint8_t>(BLAKE2B512_LENGTH);
rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, kat_key.data(),
rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, key.data(),
BLAKE2B_KEY_SIZE);
ASSERT_EQ(SECSuccess, rv);
EXPECT_EQ(std::get<1>(TestcasesKeyed[0]), digest);

2
security/nss/gtests/freebl_gtest/kat/blake2b_kat.h
View File

@ -7,7 +7,7 @@
#include <vector>
#include <stdint.h>
const std::vector<uint8_t> kat_key = {
const std::vector<uint8_t> key = {
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,

35
security/nss/gtests/nss_bogo_shim/config.cc
View File

@ -9,37 +9,26 @@
#include <queue>
#include <string>
bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args,
std::vector<int> &out) {
if (args.empty()) return false;
char *endptr;
out.push_back(strtol(args.front(), &endptr, 10));
args.pop();
return !*endptr;
}
bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args,
std::string &out) {
if (args.empty()) return false;
out = args.front();
args.pop();
bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args,
std::string *out) {
if (args->empty()) return false;
*out = args->front();
args->pop();
return true;
}
bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, int &out) {
if (args.empty()) return false;
bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, int *out) {
if (args->empty()) return false;
char *endptr;
out = strtol(args.front(), &endptr, 10);
args.pop();
*out = strtol(args->front(), &endptr, 10);
args->pop();
return !*endptr;
}
bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, bool &out) {
out = true;
bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, bool *out) {
*out = true;
return true;
}
@ -62,7 +51,7 @@ Config::Status Config::ParseArgs(int argc, char **argv) {
if (e == entries_.end()) {
return kUnknownFlag;
}
if (!e->second->Parse(args)) return kMalformedArgument;
if (!e->second->Parse(&args)) return kMalformedArgument;
}
return kOK;

17
security/nss/gtests/nss_bogo_shim/config.h
View File

@ -23,19 +23,18 @@
// Abstract base class for a given config flag.
class ConfigEntryBase {
public:
ConfigEntryBase(const std::string& nm, const std::string& typ)
: name_(nm), type_(typ) {}
ConfigEntryBase(const std::string& name, const std::string& type)
: name_(name), type_(type) {}
virtual ~ConfigEntryBase() {}
const std::string& type() const { return type_; }
virtual bool Parse(std::queue<const char*>& args) = 0;
virtual bool Parse(std::queue<const char*>* args) = 0;
protected:
bool ParseInternal(std::queue<const char*>& args, std::vector<int>& out);
bool ParseInternal(std::queue<const char*>& args, std::string& out);
bool ParseInternal(std::queue<const char*>& args, int& out);
bool ParseInternal(std::queue<const char*>& args, bool& out);
bool ParseInternal(std::queue<const char*>* args, std::string* out);
bool ParseInternal(std::queue<const char*>* args, int* out);
bool ParseInternal(std::queue<const char*>* args, bool* out);
const std::string name_;
const std::string type_;
@ -49,8 +48,8 @@ class ConfigEntry : public ConfigEntryBase {
: ConfigEntryBase(name, typeid(T).name()), value_(init) {}
T get() const { return value_; }
bool Parse(std::queue<const char*>& args) {
return ParseInternal(args, value_);
bool Parse(std::queue<const char*>* args) {
return ParseInternal(args, &value_);
}
private:

74
security/nss/gtests/nss_bogo_shim/config.json
View File

@ -1,16 +1,69 @@
{
"DisabledTests": {
"### These tests break whenever we rev versions, so just leave them here for easy uncommenting":"",
"ServerBogusVersion":"Check that SH.legacy_version=TLS12 when the server picks TLS 1.3 (Bug 1443761)",
"DummyPQPadding-Server*":"Boring is testing a dummy PQ padding extension",
"VerifyPreferences-Enforced":"NSS sends alerts in response to errors in protected handshake messages in the clear",
"Draft-Downgrade-Server":"Boring implements a draft downgrade sentinel used for measurements.",
"FilterExtraAlgorithms":"NSS doesn't allow sending unsupported signature algorithms",
"SendBogusAlertType":"Unexpected TLS alerts should abort connections (Bug 1438263)",
"VerifyPreferences-Ed25519":"Add Ed25519 support (Bug 1325335)",
"Ed25519DefaultDisable*":"Add Ed25519 support (Bug 1325335)",
"ServerCipherFilter*":"Add Ed25519 support (Bug 1325335)",
"GarbageCertificate*":"Send bad_certificate alert when certificate parsing fails (Bug 1441565)",
"SendWarningAlerts-Pass":"BoringSSL updated",
"SendBogusAlertType":"BoringSSL updated",
"SendEmptyRecords-Pass":"BoringSSL updated",
"ExtraCompressionMethods-TLS12":"BoringSSL updated",
"SendSNIWarningAlert":"BoringSSL updated",
"NoNullCompression-TLS12":"BoringSSL updated",
"InvalidCompressionMethod":"BoringSSL updated",
"SupportTicketsWithSessionID":"BoringSSL updated",
"NoSharedCipher":"BoringSSL updated",
"ServerHelloBogusCipher":"BoringSSL updated",
"ClientHelloVersionTooHigh":"BoringSSL updated",
"ServerAuth-SignatureType":"BoringSSL updated",
"ECDSACurveMismatch-Verify-TLS12":"BoringSSL updated",
"UnknownExtension-Client":"BoringSSL updated",
"UnofferedExtension-Client":"BoringSSL updated",
"SendClientVersion-RSA":"BoringSSL updated",
"SupportedCurves-ServerHello-TLS12":"BoringSSL updated",
"Basic-Client*Sync":"BoringSSL updated",
"Resume-Client-CipherMismatch":"BoringSSL updated",
"ClientAuth-SignatureType":"BoringSSL updated",
"Agree-Digest-Default":"BoringSSL updated",
"Basic-Server*Sync":"BoringSSL updated",
"ClientAuth-*-Sync":"BoringSSL updated",
"RSA-PSS-Default*":"BoringSSL updated",
"Renegotiate-Server-NoExt*":"BoringSSL updated",
"Downgrade-TLS12*":"BoringSSL updated",
"MaxCBCPadding":"BoringSSL updated",
"UnknownCipher":"BoringSSL updated",
"LargeMessage":"BoringSSL updated",
"NoCommonCurves":"BoringSSL updated",
"UnknownCurve":"BoringSSL updated",
"SessionTicketsDisabled*":"BoringSSL updated",
"BadFinished-*":"BoringSSL updated",
"ServerSkipCertificateVerify":"BoringSSL updated",
"*VersionTolerance":"BoringSSL updated",
"ConflictingVersionNegotiation*":"BoringSSL updated",
"Ed25519DefaultDisable*":"BoringSSL updated",
"*SHA1-Fallback*":"BoringSSL updated",
"ExtendedMasterSecret-NoToNo*":"BoringSSL updated",
"ServerNameExtensionClientMissing*":"BoringSSL updated",
"NoClientCertificate*":"BoringSSL updated",
"ServerCipherFilter*":"BoringSSL updated",
"*FallbackSCSV*":"BoringSSL updated",
"LooseInitialRecordVersion*":"BoringSSL updated",
"ALPNClient*":"BoringSSL updated",
"MinimumVersion*":"BoringSSL updated",
"VersionNegotiation*":"BoringSSL updated",
"*Client-ClientAuth*":"BoringSSL updated",
"*Server-ClientAuth*":"BoringSSL updated",
"NoExtendedMasterSecret*":"BoringSSL updated",
"PointFormat*":"BoringSSL updated",
"*Sync-SplitHandshakeRecords*":"BoringSSL updated",
"*Sync-PackHandshakeFlight*":"BoringSSL updated",
"TicketSessionIDLength*":"BoringSSL updated",
"*LargeRecord*":"BoringSSL updated",
"WrongMessageType-NewSessionTicket":"BoringSSL updated",
"WrongMessageType*Certificate*":"BoringSSL updated",
"WrongMessageType*Client*":"BoringSSL updated",
"WrongMessageType*Server*":"BoringSSL updated",
"WrongMessageType*DTLS":"BoringSSL updated",
"GarbageCertificate*":"BoringSSL updated",
"EmptyExtensions*":"BoringSSL updated",
"*OmitExtensions*":"BoringSSL updated",
"SupportedVersionSelection-TLS12":"Should maybe reject TLS 1.2 in SH.supported_versions (Bug 1438266)",
"*TLS13*":"(NSS=19, BoGo=18)",
"*HelloRetryRequest*":"(NSS=19, BoGo=18)",
@ -55,6 +108,7 @@
"WrongMessageType-TLS13-ServerCertificateVerify":"nss updated/broken",
"WrongMessageType-TLS13-ServerCertificate":"nss updated/broken",
"WrongMessageType-TLS13-ServerFinished":"nss updated/broken",
"EncryptedExtensionsWithKeyShare":"nss updated/broken",
"EmptyEncryptedExtensions":"nss updated/broken",
"TrailingMessageData-*": "Bug 1304575",
"DuplicateKeyShares":"Bug 1304578",

59
security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc
View File

@ -5,7 +5,6 @@
* You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "config.h"
#include <algorithm>
#include <cstdlib>
#include <iostream>
#include <memory>
@ -91,14 +90,9 @@ class TestAgent {
PRStatus prv;
PRNetAddr addr;
// Try IPv6 first.
prv = PR_StringToNetAddr("::1", &addr);
prv = PR_StringToNetAddr("127.0.0.1", &addr);
if (prv != PR_SUCCESS) {
// If that fails, try IPv4.
prv = PR_StringToNetAddr("127.0.0.1", &addr);
if (prv != PR_SUCCESS) {
return false;
}
return false;
}
addr.inet.port = PR_htons(cfg_.get<int>("port"));
@ -262,11 +256,7 @@ class TestAgent {
}
bool SetupOptions() {
SECStatus rv =
SSL_OptionSet(ssl_fd_, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE);
if (rv != SECSuccess) return false;
rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE);
SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE);
if (rv != SECSuccess) return false;
SSLVersionRange vrange;
@ -297,26 +287,6 @@ class TestAgent {
if (rv != SECSuccess) return false;
}
// Set supported signature schemes.
auto sign_prefs = cfg_.get<std::vector<int>>("signing-prefs");
auto verify_prefs = cfg_.get<std::vector<int>>("verify-prefs");
if (sign_prefs.empty()) {
sign_prefs = verify_prefs;
} else if (!verify_prefs.empty()) {
return false; // Both shouldn't be set.
}
if (!sign_prefs.empty()) {
std::vector<SSLSignatureScheme> sig_schemes;
std::transform(
sign_prefs.begin(), sign_prefs.end(), std::back_inserter(sig_schemes),
[](int scheme) { return static_cast<SSLSignatureScheme>(scheme); });
rv = SSL_SignatureSchemePrefSet(
ssl_fd_, sig_schemes.data(),
static_cast<unsigned int>(sig_schemes.size()));
if (rv != SECSuccess) return false;
}
if (cfg_.get<bool>("fallback-scsv")) {
rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_FALLBACK_SCSV, PR_TRUE);
if (rv != SECSuccess) return false;
@ -440,7 +410,7 @@ class TestAgent {
size_t left = sizeof(block);
while (left) {
rv = PR_Read(ssl_fd_, block, left);
int32_t rv = PR_Read(ssl_fd_, block, left);
if (rv < 0) {
std::cerr << "Failure reading\n";
return SECFailure;
@ -511,24 +481,6 @@ class TestAgent {
}
}
auto sig_alg = cfg_.get<int>("expect-peer-signature-algorithm");
if (sig_alg) {
SSLChannelInfo info;
rv = SSL_GetChannelInfo(ssl_fd_, &info, sizeof(info));
if (rv != SECSuccess) {
PRErrorCode err = PR_GetError();
std::cerr << "SSL_GetChannelInfo failed with error=" << FormatError(err)
<< std::endl;
return SECFailure;
}
auto expected = static_cast<SSLSignatureScheme>(sig_alg);
if (info.signatureScheme != expected) {
std::cerr << "Unexpected signature scheme" << std::endl;
return SECFailure;
}
}
return SECSuccess;
}
@ -561,9 +513,6 @@ std::unique_ptr<const Config> ReadConfig(int argc, char** argv) {
cfg->AddEntry<bool>("verify-peer", false);
cfg->AddEntry<std::string>("advertise-alpn", "");
cfg->AddEntry<std::string>("expect-alpn", "");
cfg->AddEntry<std::vector<int>>("signing-prefs", std::vector<int>());
cfg->AddEntry<std::vector<int>>("verify-prefs", std::vector<int>());
cfg->AddEntry<int>("expect-peer-signature-algorithm", 0);
auto rv = cfg->ParseArgs(argc, argv);
switch (rv) {

4
security/nss/gtests/pk11_gtest/pk11_signature_test.h
View File

@ -25,8 +25,8 @@ struct Pkcs11SignatureTestParams {
class Pk11SignatureTest : public ::testing::Test {
protected:
Pk11SignatureTest(CK_MECHANISM_TYPE mech, SECOidTag hash_oid)
: mechanism_(mech), hash_oid_(hash_oid) {}
Pk11SignatureTest(CK_MECHANISM_TYPE mechanism, SECOidTag hash_oid)
: mechanism_(mechanism), hash_oid_(hash_oid) {}
virtual const SECItem* parameters() const { return nullptr; }
CK_MECHANISM_TYPE mechanism() const { return mechanism_; }

4
security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc
View File

@ -155,8 +155,8 @@ TEST_P(TlsConnectTls12, ClientAuthBigRsaCheckSigAlg) {
class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter {
public:
TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& a)
: TlsHandshakeFilter(a, {kTlsHandshakeCertificateRequest}) {}
TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(agent, {kTlsHandshakeCertificateRequest}) {}
virtual PacketFilter::Action FilterHandshake(
const TlsHandshakeFilter::HandshakeHeader& header,
const DataBuffer& input, DataBuffer* output) {

34
security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc
View File

@ -103,8 +103,8 @@ TEST_P(TlsConnectGenericPre13, ConnectFfdheServer) {
class TlsDheServerKeyExchangeDamager : public TlsHandshakeFilter {
public:
TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& a)
: TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {}
TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {}
virtual PacketFilter::Action FilterHandshake(
const TlsHandshakeFilter::HandshakeHeader& header,
const DataBuffer& input, DataBuffer* output) {
@ -141,9 +141,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter {
kYZeroPad
};
TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type,
ChangeYTo change)
: TlsHandshakeFilter(a, {handshake_type}), change_Y_(change) {}
TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& agent,
uint8_t handshake_type, ChangeYTo change)
: TlsHandshakeFilter(agent, {handshake_type}), change_Y_(change) {}
protected:
void ChangeY(const DataBuffer& input, DataBuffer* output, size_t offset,
@ -208,9 +208,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter {
class TlsDheSkeChangeYServer : public TlsDheSkeChangeY {
public:
TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& a, ChangeYTo change,
bool modify)
: TlsDheSkeChangeY(a, kTlsHandshakeServerKeyExchange, change),
TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& agent,
ChangeYTo change, bool modify)
: TlsDheSkeChangeY(agent, kTlsHandshakeServerKeyExchange, change),
modify_(modify),
p_() {}
@ -247,9 +247,9 @@ class TlsDheSkeChangeYServer : public TlsDheSkeChangeY {
class TlsDheSkeChangeYClient : public TlsDheSkeChangeY {
public:
TlsDheSkeChangeYClient(
const std::shared_ptr<TlsAgent>& a, ChangeYTo change,
const std::shared_ptr<TlsAgent>& agent, ChangeYTo change,
std::shared_ptr<const TlsDheSkeChangeYServer> server_filter)
: TlsDheSkeChangeY(a, kTlsHandshakeClientKeyExchange, change),
: TlsDheSkeChangeY(agent, kTlsHandshakeClientKeyExchange, change),
server_filter_(server_filter) {}
protected:
@ -357,8 +357,8 @@ INSTANTIATE_TEST_CASE_P(
class TlsDheSkeMakePEven : public TlsHandshakeFilter {
public:
TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& a)
: TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {}
TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {}
virtual PacketFilter::Action FilterHandshake(
const TlsHandshakeFilter::HandshakeHeader& header,
@ -390,8 +390,8 @@ TEST_P(TlsConnectGenericPre13, MakeDhePEven) {
class TlsDheSkeZeroPadP : public TlsHandshakeFilter {
public:
TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& a)
: TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {}
TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {}
virtual PacketFilter::Action FilterHandshake(
const TlsHandshakeFilter::HandshakeHeader& header,
@ -546,9 +546,9 @@ TEST_P(TlsConnectTls13, ResumeFfdhe) {
class TlsDheSkeChangeSignature : public TlsHandshakeFilter {
public:
TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& a, uint16_t version,
const uint8_t* data, size_t len)
: TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}),
TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& agent,
uint16_t version, const uint8_t* data, size_t len)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}),
version_(version),
data_(data),
len_(len) {}

4
security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc
View File

@ -192,8 +192,8 @@ TEST_P(TlsConnectGenericPre13, P384PriorityFromModelSocket) {
class TlsKeyExchangeGroupCapture : public TlsHandshakeFilter {
public:
TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &a)
: TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}),
TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &agent)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}),
group_(ssl_grp_none) {}
SSLNamedGroup group() const { return group_; }

25
security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc
View File

@ -19,9 +19,9 @@ namespace nss_test {
class TlsExtensionTruncator : public TlsExtensionFilter {
public:
TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
size_t length)
: TlsExtensionFilter(a), extension_(extension), length_(length) {}
TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& agent,
uint16_t extension, size_t length)
: TlsExtensionFilter(agent), extension_(extension), length_(length) {}
virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer& input,
DataBuffer* output) {
@ -43,9 +43,9 @@ class TlsExtensionTruncator : public TlsExtensionFilter {
class TlsExtensionDamager : public TlsExtensionFilter {
public:
TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
size_t index)
: TlsExtensionFilter(a), extension_(extension), index_(index) {}
TlsExtensionDamager(const std::shared_ptr<TlsAgent>& agent,
uint16_t extension, size_t index)
: TlsExtensionFilter(agent), extension_(extension), index_(index) {}
virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer& input,
DataBuffer* output) {
@ -65,9 +65,11 @@ class TlsExtensionDamager : public TlsExtensionFilter {
class TlsExtensionAppender : public TlsHandshakeFilter {
public:
TlsExtensionAppender(const std::shared_ptr<TlsAgent>& a,
TlsExtensionAppender(const std::shared_ptr<TlsAgent>& agent,
uint8_t handshake_type, uint16_t ext, DataBuffer& data)
: TlsHandshakeFilter(a, {handshake_type}), extension_(ext), data_(data) {}
: TlsHandshakeFilter(agent, {handshake_type}),
extension_(ext),
data_(data) {}
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
@ -626,9 +628,12 @@ typedef std::function<void(TlsPreSharedKeyReplacer*)>
class TlsPreSharedKeyReplacer : public TlsExtensionFilter {
public:
TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& a,
TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& agent,
TlsPreSharedKeyReplacerFunc function)
: TlsExtensionFilter(a), identities_(), binders_(), function_(function) {}
: TlsExtensionFilter(agent),
identities_(),
binders_(),
function_(function) {}
static size_t CopyAndMaybeReplace(TlsParser* parser, size_t size,
const std::unique_ptr<DataBuffer>& replace,

4
security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc
View File

@ -27,8 +27,8 @@ class TlsFuzzTest : public ::testing::Test {};
// Record the application data stream.
class TlsApplicationDataRecorder : public TlsRecordFilter {
public:
TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a), buffer_() {}
TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent), buffer_() {}
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,

8
security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc
View File

@ -69,8 +69,8 @@ TEST_P(TlsConnectTls13, HelloRetryRequestAbortsZeroRtt) {
// handshake packets, this will break.
class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter {
public:
CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a) {}
CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent) {}
protected:
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
@ -151,8 +151,8 @@ TEST_P(TlsConnectTls13, SecondClientHelloRejectEarlyDataXtn) {
class KeyShareReplayer : public TlsExtensionFilter {
public:
KeyShareReplayer(const std::shared_ptr<TlsAgent>& a)
: TlsExtensionFilter(a) {}
KeyShareReplayer(const std::shared_ptr<TlsAgent>& agent)
: TlsExtensionFilter(agent) {}
virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer& input,

20
security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc
View File

@ -56,8 +56,8 @@ TEST_P(TlsConnectGeneric, CipherSuiteMismatch) {
class TlsAlertRecorder : public TlsRecordFilter {
public:
TlsAlertRecorder(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a), level_(255), description_(255) {}
TlsAlertRecorder(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent), level_(255), description_(255) {}
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,
@ -87,9 +87,9 @@ class TlsAlertRecorder : public TlsRecordFilter {
class HelloTruncator : public TlsHandshakeFilter {
public:
HelloTruncator(const std::shared_ptr<TlsAgent>& a)
HelloTruncator(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(
a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {}
agent, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {}
PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
DataBuffer* output) override {
@ -171,8 +171,8 @@ TEST_P(TlsConnectGeneric, ConnectSendReceive) {
class SaveTlsRecord : public TlsRecordFilter {
public:
SaveTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index)
: TlsRecordFilter(a), index_(index), count_(0), contents_() {}
SaveTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index)
: TlsRecordFilter(agent), index_(index), count_(0), contents_() {}
const DataBuffer& contents() const { return contents_; }
@ -227,8 +227,8 @@ TEST_F(TlsConnectStreamTls13, DecryptRecordServer) {
class DropTlsRecord : public TlsRecordFilter {
public:
DropTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index)
: TlsRecordFilter(a), index_(index), count_(0) {}
DropTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index)
: TlsRecordFilter(agent), index_(index), count_(0) {}
protected:
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
@ -373,8 +373,8 @@ TEST_P(TlsHolddownTest, TestDtlsHolddownExpiryResumption) {
class TlsPreCCSHeaderInjector : public TlsRecordFilter {
public:
TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a) {}
TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent) {}
virtual PacketFilter::Action FilterRecord(
const TlsRecordHeader& record_header, const DataBuffer& input,
size_t* offset, DataBuffer* output) override {

4
security/nss/gtests/ssl_gtest/ssl_record_unittest.cc
View File

@ -103,8 +103,8 @@ TEST_P(TlsPaddingTest, LastByteOfPadWrong) {
class RecordReplacer : public TlsRecordFilter {
public:
RecordReplacer(const std::shared_ptr<TlsAgent>& a, size_t size)
: TlsRecordFilter(a), enabled_(false), size_(size) {}
RecordReplacer(const std::shared_ptr<TlsAgent>& agent, size_t size)
: TlsRecordFilter(agent), enabled_(false), size_(size) {}
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& data,

6
security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc
View File

@ -484,8 +484,10 @@ TEST_P(TlsConnectStream, TestResumptionOverrideCipher) {
class SelectedVersionReplacer : public TlsHandshakeFilter {
public:
SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t version)
: TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), version_(version) {}
SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& agent,
uint16_t version)
: TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}),
version_(version) {}
protected:
PacketFilter::Action FilterHandshake(const HandshakeHeader& header,

6
security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc
View File

@ -22,9 +22,11 @@ namespace nss_test {
class TlsHandshakeSkipFilter : public TlsRecordFilter {
public:
// A TLS record filter that skips handshake messages of the identified type.
TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& a,
TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& agent,
uint8_t handshake_type)
: TlsRecordFilter(a), handshake_type_(handshake_type), skipped_(false) {}
: TlsRecordFilter(agent),
handshake_type_(handshake_type),
skipped_(false) {}
protected:
// Takes a record; if it is a handshake record, it removes the first handshake

12
security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc
View File

@ -50,12 +50,12 @@ inline std::ostream& operator<<(std::ostream& stream,
class VersionRangeWithLabel {
public:
VersionRangeWithLabel(const std::string& txt, const SSLVersionRange& vr)
: label_(txt), vr_(vr) {}
VersionRangeWithLabel(const std::string& txt, uint16_t start, uint16_t end)
: label_(txt) {
vr_.min = start;
vr_.max = end;
VersionRangeWithLabel(const std::string& label, const SSLVersionRange& vr)
: label_(label), vr_(vr) {}
VersionRangeWithLabel(const std::string& label, uint16_t min, uint16_t max)
: label_(label) {
vr_.min = min;
vr_.max = max;
}
VersionRangeWithLabel(const std::string& label) : label_(label) {
vr_.min = vr_.max = SSL_LIBRARY_VERSION_NONE;

8
security/nss/gtests/ssl_gtest/test_io.cc
View File

@ -99,8 +99,8 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) {
return -1;
}
auto dst = peer_.lock();
if (!dst) {
auto peer = peer_.lock();
if (!peer) {
PR_SetError(PR_IO_ERROR, 0);
return -1;
}
@ -116,14 +116,14 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) {
case PacketFilter::CHANGE:
LOG("Original packet: " << packet);
LOG("Filtered packet: " << filtered);
dst->PacketReceived(filtered);
peer->PacketReceived(filtered);
break;
case PacketFilter::DROP:
LOG("Droppped packet: " << packet);
break;
case PacketFilter::KEEP:
LOGV("Packet: " << packet);
dst->PacketReceived(packet);
peer->PacketReceived(packet);
break;
}
// libssl can't handle it if this reports something other than the length

6
security/nss/gtests/ssl_gtest/test_io.h
View File

@ -59,9 +59,9 @@ class PacketFilter {
class DummyPrSocket : public DummyIOLayerMethods {
public:
DummyPrSocket(const std::string& name, SSLProtocolVariant var)
DummyPrSocket(const std::string& name, SSLProtocolVariant variant)
: name_(name),
variant_(var),
variant_(variant),
peer_(),
input_(),
filter_(nullptr),
@ -73,7 +73,7 @@ class DummyPrSocket : public DummyIOLayerMethods {
ScopedPRFileDesc CreateFD();
std::weak_ptr<DummyPrSocket>& peer() { return peer_; }
void SetPeer(const std::shared_ptr<DummyPrSocket>& p) { peer_ = p; }
void SetPeer(const std::shared_ptr<DummyPrSocket>& peer) { peer_ = peer; }
void SetPacketFilter(const std::shared_ptr<PacketFilter>& filter) {
filter_ = filter;
}

62
security/nss/gtests/ssl_gtest/tls_agent.cc
View File

@ -44,12 +44,13 @@ const std::string TlsAgent::kServerEcdhRsa = "ecdh_rsa";
const std::string TlsAgent::kServerEcdhEcdsa = "ecdh_ecdsa";
const std::string TlsAgent::kServerDsa = "dsa";
TlsAgent::TlsAgent(const std::string& nm, Role rl, SSLProtocolVariant var)
: name_(nm),
variant_(var),
role_(rl),
TlsAgent::TlsAgent(const std::string& name, Role role,
SSLProtocolVariant variant)
: name_(name),
variant_(variant),
role_(role),
server_key_bits_(0),
adapter_(new DummyPrSocket(role_str(), var)),
adapter_(new DummyPrSocket(role_str(), variant)),
ssl_fd_(nullptr),
state_(STATE_INIT),
timer_handle_(nullptr),
@ -102,11 +103,11 @@ TlsAgent::~TlsAgent() {
}
}
void TlsAgent::SetState(State s) {
if (state_ == s) return;
void TlsAgent::SetState(State state) {
if (state_ == state) return;
LOG("Changing state from " << state_ << " to " << s);
state_ = s;
LOG("Changing state from " << state_ << " to " << state);
state_ = state;
}
/*static*/ bool TlsAgent::LoadCertificate(const std::string& name,
@ -123,11 +124,11 @@ void TlsAgent::SetState(State s) {
return true;
}
bool TlsAgent::ConfigServerCert(const std::string& id, bool updateKeyBits,
bool TlsAgent::ConfigServerCert(const std::string& name, bool updateKeyBits,
const SSLExtraServerCertData* serverCertData) {
ScopedCERTCertificate cert;
ScopedSECKEYPrivateKey priv;
if (!TlsAgent::LoadCertificate(id, &cert, &priv)) {
if (!TlsAgent::LoadCertificate(name, &cert, &priv)) {
return false;
}
@ -281,8 +282,8 @@ bool TlsAgent::GetPeerChainLength(size_t* count) {
return true;
}
void TlsAgent::CheckCipherSuite(uint16_t suite) {
EXPECT_EQ(csinfo_.cipherSuite, suite);
void TlsAgent::CheckCipherSuite(uint16_t cipher_suite) {
EXPECT_EQ(csinfo_.cipherSuite, cipher_suite);
}
void TlsAgent::RequestClientAuth(bool requireAuth) {
@ -441,7 +442,9 @@ void TlsAgent::GetVersionRange(uint16_t* minver, uint16_t* maxver) {
*maxver = vrange_.max;
}
void TlsAgent::SetExpectedVersion(uint16_t ver) { expected_version_ = ver; }
void TlsAgent::SetExpectedVersion(uint16_t version) {
expected_version_ = version;
}
void TlsAgent::SetServerKeyBits(uint16_t bits) { server_key_bits_ = bits; }
@ -488,10 +491,10 @@ void TlsAgent::SetSignatureSchemes(const SSLSignatureScheme* schemes,
EXPECT_EQ(i, configuredCount) << "schemes in use were all set";
}
void TlsAgent::CheckKEA(SSLKEAType kea, SSLNamedGroup kea_group,
void TlsAgent::CheckKEA(SSLKEAType kea_type, SSLNamedGroup kea_group,
size_t kea_size) const {
EXPECT_EQ(STATE_CONNECTED, state_);
EXPECT_EQ(kea, info_.keaType);
EXPECT_EQ(kea_type, info_.keaType);
if (kea_size == 0) {
switch (kea_group) {
case ssl_grp_ec_curve25519:
@ -512,7 +515,7 @@ void TlsAgent::CheckKEA(SSLKEAType kea, SSLNamedGroup kea_group,
case ssl_grp_ffdhe_custom:
break;
default:
if (kea == ssl_kea_rsa) {
if (kea_type == ssl_kea_rsa) {
kea_size = server_key_bits_;
} else {
EXPECT_TRUE(false) << "need to update group sizes";
@ -531,13 +534,13 @@ void TlsAgent::CheckOriginalKEA(SSLNamedGroup kea_group) const {
}
}
void TlsAgent::CheckAuthType(SSLAuthType auth,
void TlsAgent::CheckAuthType(SSLAuthType auth_type,
SSLSignatureScheme sig_scheme) const {
EXPECT_EQ(STATE_CONNECTED, state_);
EXPECT_EQ(auth, info_.authType);
EXPECT_EQ(auth_type, info_.authType);
EXPECT_EQ(server_key_bits_, info_.authKeyBits);
if (expected_version_ < SSL_LIBRARY_VERSION_TLS_1_2) {
switch (auth) {
switch (auth_type) {
case ssl_auth_rsa_sign:
sig_scheme = ssl_sig_rsa_pkcs1_sha1md5;
break;
@ -555,8 +558,9 @@ void TlsAgent::CheckAuthType(SSLAuthType auth,
}
// Check authAlgorithm, which is the old value for authType. This is a second
// switch statement because default label is different.
switch (auth) {
// switch
// statement because default label is different.
switch (auth_type) {
case ssl_auth_rsa_sign:
EXPECT_EQ(ssl_auth_rsa_decrypt, csinfo_.authAlgorithm)
<< "authAlgorithm for RSA is always decrypt";
@ -570,7 +574,7 @@ void TlsAgent::CheckAuthType(SSLAuthType auth,
<< "authAlgorithm for ECDH_ECDSA is ECDSA (i.e., wrong)";
break;
default:
EXPECT_EQ(auth, csinfo_.authAlgorithm)
EXPECT_EQ(auth_type, csinfo_.authAlgorithm)
<< "authAlgorithm is (usually) the same as authType";
break;
}
@ -596,15 +600,15 @@ void TlsAgent::EnableAlpn(const uint8_t* val, size_t len) {
void TlsAgent::CheckAlpn(SSLNextProtoState expected_state,
const std::string& expected) const {
SSLNextProtoState npn_state;
SSLNextProtoState state;
char chosen[10];
unsigned int chosen_len;
SECStatus rv = SSL_GetNextProto(ssl_fd(), &npn_state,
SECStatus rv = SSL_GetNextProto(ssl_fd(), &state,
reinterpret_cast<unsigned char*>(chosen),
&chosen_len, sizeof(chosen));
EXPECT_EQ(SECSuccess, rv);
EXPECT_EQ(expected_state, npn_state);
if (npn_state == SSL_NEXT_PROTO_NO_SUPPORT) {
EXPECT_EQ(expected_state, state);
if (state == SSL_NEXT_PROTO_NO_SUPPORT) {
EXPECT_EQ("", expected);
} else {
EXPECT_NE("", expected);
@ -836,10 +840,10 @@ void TlsAgent::CheckSecretsDestroyed() {
ASSERT_EQ(PR_TRUE, SSLInt_CheckSecretsDestroyed(ssl_fd()));
}
void TlsAgent::SetDowngradeCheckVersion(uint16_t ver) {
void TlsAgent::SetDowngradeCheckVersion(uint16_t version) {
ASSERT_TRUE(EnsureTlsSetup());
SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), ver);
SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), version);
ASSERT_EQ(SECSuccess, rv);
}

12
security/nss/gtests/ssl_gtest/tls_agent.h
View File

@ -209,10 +209,10 @@ class TlsAgent : public PollTarget {
return info_.protocolVersion;
}
bool cipher_suite(uint16_t* suite) const {
bool cipher_suite(uint16_t* cipher_suite) const {
if (state_ != STATE_CONNECTED) return false;
*suite = info_.cipherSuite;
*cipher_suite = info_.cipherSuite;
return true;
}
@ -227,17 +227,17 @@ class TlsAgent : public PollTarget {
info_.sessionID + info_.sessionIDLength);
}
bool auth_type(SSLAuthType* a) const {
bool auth_type(SSLAuthType* auth_type) const {
if (state_ != STATE_CONNECTED) return false;
*a = info_.authType;
*auth_type = info_.authType;
return true;
}
bool kea_type(SSLKEAType* k) const {
bool kea_type(SSLKEAType* kea_type) const {
if (state_ != STATE_CONNECTED) return false;
*k = info_.keaType;
*kea_type = info_.keaType;
return true;
}

20
security/nss/gtests/ssl_gtest/tls_filter.cc
View File

@ -179,20 +179,20 @@ PacketFilter::Action TlsRecordFilter::FilterRecord(
return CHANGE;
}
bool TlsRecordHeader::Parse(uint64_t seqno, TlsParser* parser,
bool TlsRecordHeader::Parse(uint64_t sequence_number, TlsParser* parser,
DataBuffer* body) {
if (!parser->Read(&content_type_)) {
return false;
}
uint32_t ver;
if (!parser->Read(&ver, 2)) {
uint32_t version;
if (!parser->Read(&version, 2)) {
return false;
}
version_ = ver;
version_ = version;
// If this is DTLS, overwrite the sequence number.
if (IsDtls(ver)) {
if (IsDtls(version)) {
uint32_t tmp;
if (!parser->Read(&tmp, 4)) {
return false;
@ -203,7 +203,7 @@ bool TlsRecordHeader::Parse(uint64_t seqno, TlsParser* parser,
}
sequence_number_ |= static_cast<uint64_t>(tmp);
} else {
sequence_number_ = seqno;
sequence_number_ = sequence_number;
}
return parser->ReadVariable(body, 2);
}
@ -487,10 +487,10 @@ PacketFilter::Action TlsConversationRecorder::FilterRecord(
return KEEP;
}
PacketFilter::Action TlsHeaderRecorder::FilterRecord(const TlsRecordHeader& hdr,
const DataBuffer& input,
DataBuffer* output) {
headers_.push_back(hdr);
PacketFilter::Action TlsHeaderRecorder::FilterRecord(
const TlsRecordHeader& header, const DataBuffer& input,
DataBuffer* output) {
headers_.push_back(header);
return KEEP;
}

99
security/nss/gtests/ssl_gtest/tls_filter.h
View File

@ -28,7 +28,7 @@ class TlsCipherSpec;
class TlsVersioned {
public:
TlsVersioned() : version_(0) {}
explicit TlsVersioned(uint16_t v) : version_(v) {}
explicit TlsVersioned(uint16_t version) : version_(version) {}
bool is_dtls() const { return IsDtls(version_); }
uint16_t version() const { return version_; }
@ -42,8 +42,11 @@ class TlsVersioned {
class TlsRecordHeader : public TlsVersioned {
public:
TlsRecordHeader() : TlsVersioned(), content_type_(0), sequence_number_(0) {}
TlsRecordHeader(uint16_t ver, uint8_t ct, uint64_t seqno)
: TlsVersioned(ver), content_type_(ct), sequence_number_(seqno) {}
TlsRecordHeader(uint16_t version, uint8_t content_type,
uint64_t sequence_number)
: TlsVersioned(version),
content_type_(content_type),
sequence_number_(sequence_number) {}
uint8_t content_type() const { return content_type_; }
uint64_t sequence_number() const { return sequence_number_; }
@ -80,8 +83,8 @@ inline std::shared_ptr<T> MakeTlsFilter(const std::shared_ptr<TlsAgent>& agent,
// Abstract filter that operates on entire (D)TLS records.
class TlsRecordFilter : public PacketFilter {
public:
TlsRecordFilter(const std::shared_ptr<TlsAgent>& a)
: agent_(a),
TlsRecordFilter(const std::shared_ptr<TlsAgent>& agent)
: agent_(agent),
count_(0),
cipher_spec_(),
dropped_record_(false),
@ -180,11 +183,13 @@ inline std::ostream& operator<<(std::ostream& stream,
// records and that they don't span records or anything crazy like that.
class TlsHandshakeFilter : public TlsRecordFilter {
public:
TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a), handshake_types_(), preceding_fragment_() {}
TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a,
TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent), handshake_types_(), preceding_fragment_() {}
TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent,
const std::set<uint8_t>& types)
: TlsRecordFilter(a), handshake_types_(types), preceding_fragment_() {}
: TlsRecordFilter(agent),
handshake_types_(types),
preceding_fragment_() {}
// This filter can be set to be selective based on handshake message type. If
// this function isn't used (or the set is empty), then all handshake messages
@ -238,12 +243,12 @@ class TlsHandshakeFilter : public TlsRecordFilter {
// Make a copy of the first instance of a handshake message.
class TlsHandshakeRecorder : public TlsHandshakeFilter {
public:
TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a,
TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent,
uint8_t handshake_type)
: TlsHandshakeFilter(a, {handshake_type}), buffer_() {}
TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a,
: TlsHandshakeFilter(agent, {handshake_type}), buffer_() {}
TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent,
const std::set<uint8_t>& handshake_types)
: TlsHandshakeFilter(a, handshake_types), buffer_() {}
: TlsHandshakeFilter(agent, handshake_types), buffer_() {}
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
@ -260,10 +265,10 @@ class TlsHandshakeRecorder : public TlsHandshakeFilter {
// Replace all instances of a handshake message.
class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter {
public:
TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& a,
TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& agent,
uint8_t handshake_type,
const DataBuffer& replacement)
: TlsHandshakeFilter(a, {handshake_type}), buffer_(replacement) {}
: TlsHandshakeFilter(agent, {handshake_type}), buffer_(replacement) {}
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
@ -276,10 +281,10 @@ class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter {
// Make a copy of each record of a given type.
class TlsRecordRecorder : public TlsRecordFilter {
public:
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a, uint8_t ct)
: TlsRecordFilter(a), filter_(true), ct_(ct), records_() {}
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a),
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent, uint8_t ct)
: TlsRecordFilter(agent), filter_(true), ct_(ct), records_() {}
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent),
filter_(false),
ct_(content_handshake), // dummy (<optional> is C++14)
records_() {}
@ -301,9 +306,9 @@ class TlsRecordRecorder : public TlsRecordFilter {
// Make a copy of the complete conversation.
class TlsConversationRecorder : public TlsRecordFilter {
public:
TlsConversationRecorder(const std::shared_ptr<TlsAgent>& a,
TlsConversationRecorder(const std::shared_ptr<TlsAgent>& agent,
DataBuffer& buffer)
: TlsRecordFilter(a), buffer_(buffer) {}
: TlsRecordFilter(agent), buffer_(buffer) {}
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,
@ -316,7 +321,8 @@ class TlsConversationRecorder : public TlsRecordFilter {
// Make a copy of the records
class TlsHeaderRecorder : public TlsRecordFilter {
public:
TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& a) : TlsRecordFilter(a) {}
TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& agent)
: TlsRecordFilter(agent) {}
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,
DataBuffer* output);
@ -353,15 +359,15 @@ typedef std::function<bool(TlsParser* parser, const TlsVersioned& header)>
class TlsExtensionFilter : public TlsHandshakeFilter {
public:
TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a)
: TlsHandshakeFilter(a,
TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent)
: TlsHandshakeFilter(agent,
{kTlsHandshakeClientHello, kTlsHandshakeServerHello,
kTlsHandshakeHelloRetryRequest,
kTlsHandshakeEncryptedExtensions}) {}
TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a,
TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent,
const std::set<uint8_t>& types)
: TlsHandshakeFilter(a, types) {}
: TlsHandshakeFilter(agent, types) {}
static bool FindExtensions(TlsParser* parser, const HandshakeHeader& header);
@ -382,9 +388,9 @@ class TlsExtensionFilter : public TlsHandshakeFilter {
class TlsExtensionCapture : public TlsExtensionFilter {
public:
TlsExtensionCapture(const std::shared_ptr<TlsAgent>& a, uint16_t ext,
TlsExtensionCapture(const std::shared_ptr<TlsAgent>& agent, uint16_t ext,
bool last = false)
: TlsExtensionFilter(a),
: TlsExtensionFilter(agent),
extension_(ext),
captured_(false),
last_(last),
@ -407,9 +413,9 @@ class TlsExtensionCapture : public TlsExtensionFilter {
class TlsExtensionReplacer : public TlsExtensionFilter {
public:
TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
const DataBuffer& data)
: TlsExtensionFilter(a), extension_(extension), data_(data) {}
TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& agent,
uint16_t extension, const DataBuffer& data)
: TlsExtensionFilter(agent), extension_(extension), data_(data) {}
PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer& input,
DataBuffer* output) override;
@ -421,8 +427,9 @@ class TlsExtensionReplacer : public TlsExtensionFilter {
class TlsExtensionDropper : public TlsExtensionFilter {
public:
TlsExtensionDropper(const std::shared_ptr<TlsAgent>& a, uint16_t extension)
: TlsExtensionFilter(a), extension_(extension) {}
TlsExtensionDropper(const std::shared_ptr<TlsAgent>& agent,
uint16_t extension)
: TlsExtensionFilter(agent), extension_(extension) {}
PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer&, DataBuffer*) override;
@ -432,9 +439,9 @@ class TlsExtensionDropper : public TlsExtensionFilter {
class TlsExtensionInjector : public TlsHandshakeFilter {
public:
TlsExtensionInjector(const std::shared_ptr<TlsAgent>& a, uint16_t ext,
TlsExtensionInjector(const std::shared_ptr<TlsAgent>& agent, uint16_t ext,
const DataBuffer& data)
: TlsHandshakeFilter(a), extension_(ext), data_(data) {}
: TlsHandshakeFilter(agent), extension_(ext), data_(data) {}
protected:
PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
@ -446,6 +453,7 @@ class TlsExtensionInjector : public TlsHandshakeFilter {
const DataBuffer data_;
};
class TlsAgent;
typedef std::function<void(void)> VoidFunction;
class AfterRecordN : public TlsRecordFilter {
@ -507,16 +515,16 @@ class SelectiveDropFilter : public PacketFilter {
// datagram, we just drop one.
class SelectiveRecordDropFilter : public TlsRecordFilter {
public:
SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a,
SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent,
uint32_t pattern, bool enabled = true)
: TlsRecordFilter(a), pattern_(pattern), counter_(0) {
: TlsRecordFilter(agent), pattern_(pattern), counter_(0) {
if (!enabled) {
Disable();
}
}
SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a,
SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent,
std::initializer_list<size_t> records)
: SelectiveRecordDropFilter(a, ToPattern(records), true) {}
: SelectiveRecordDropFilter(agent, ToPattern(records), true) {}
void Reset(uint32_t pattern) {
counter_ = 0;
@ -543,9 +551,10 @@ class SelectiveRecordDropFilter : public TlsRecordFilter {
// Set the version number in the ClientHello.
class TlsClientHelloVersionSetter : public TlsHandshakeFilter {
public:
TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& a,
TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& agent,
uint16_t version)
: TlsHandshakeFilter(a, {kTlsHandshakeClientHello}), version_(version) {}
: TlsHandshakeFilter(agent, {kTlsHandshakeClientHello}),
version_(version) {}
virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
const DataBuffer& input,
@ -558,8 +567,8 @@ class TlsClientHelloVersionSetter : public TlsHandshakeFilter {
// Damages the last byte of a handshake message.
class TlsLastByteDamager : public TlsHandshakeFilter {
public:
TlsLastByteDamager(const std::shared_ptr<TlsAgent>& a, uint8_t type)
: TlsHandshakeFilter(a), type_(type) {}
TlsLastByteDamager(const std::shared_ptr<TlsAgent>& agent, uint8_t type)
: TlsHandshakeFilter(agent), type_(type) {}
PacketFilter::Action FilterHandshake(
const TlsHandshakeFilter::HandshakeHeader& header,
const DataBuffer& input, DataBuffer* output) override {
@ -579,9 +588,9 @@ class TlsLastByteDamager : public TlsHandshakeFilter {
class SelectedCipherSuiteReplacer : public TlsHandshakeFilter {
public:
SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& a,
SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& agent,
uint16_t suite)
: TlsHandshakeFilter(a, {kTlsHandshakeServerHello}),
: TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}),
cipher_suite_(suite) {}
protected:

4
security/nss/gtests/ssl_gtest/tls_protect.cc
View File

@ -91,9 +91,9 @@ bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq,
in, inlen, out, outlen, maxlen);
}
bool TlsCipherSpec::Init(uint16_t epoc, SSLCipherAlgorithm cipher,
bool TlsCipherSpec::Init(uint16_t epoch, SSLCipherAlgorithm cipher,
PK11SymKey *key, const uint8_t *iv) {
epoch_ = epoc;
epoch_ = epoch;
switch (cipher) {
case ssl_calg_aes_gcm:
aead_.reset(new AeadCipherAesGcm());

8
security/nss/lib/certdb/crl.c
View File

@ -898,13 +898,13 @@ static PLHashAllocOps preAllocOps = { PreAllocTable, PreFreeTable,
/* destructor for PreAllocator object */
void
PreAllocator_Destroy(PreAllocator* allocator)
PreAllocator_Destroy(PreAllocator* PreAllocator)
{
if (!allocator) {
if (!PreAllocator) {
return;
}
if (allocator->arena) {
PORT_FreeArena(allocator->arena, PR_TRUE);
if (PreAllocator->arena) {
PORT_FreeArena(PreAllocator->arena, PR_TRUE);
}
}

3
security/nss/lib/ckfw/session.c
View File

@ -1419,8 +1419,9 @@ nssCKFWSession_CopyObject(
/* use create object */
NSSArena *tmpArena;
CK_ATTRIBUTE_PTR newTemplate;
CK_ULONG j, n, newLength, k;
CK_ULONG i, j, n, newLength, k;
CK_ATTRIBUTE_TYPE_PTR oldTypes;
NSSCKFWObject *rv;
n = nssCKFWObject_GetAttributeCount(fwObject, pError);
if ((0 == n) && (CKR_OK != *pError)) {

4
security/nss/lib/freebl/Makefile
View File

@ -517,13 +517,13 @@ ifndef NSS_DISABLE_CHACHAPOLY
ifdef HAVE_INT128_SUPPORT
EXTRA_SRCS += Hacl_Poly1305_64.c
else
EXTRA_SRCS += Hacl_Poly1305_32.c
EXTRA_SRCS += poly1305.c
endif
else
ifeq ($(CPU_ARCH),aarch64)
EXTRA_SRCS += Hacl_Poly1305_64.c
else
EXTRA_SRCS += Hacl_Poly1305_32.c
EXTRA_SRCS += poly1305.c
endif
endif # x86_64

30
security/nss/lib/freebl/blinit.c
View File

@ -91,37 +91,23 @@ CheckX86CPUSupport()
}
#endif /* NSS_X86_OR_X64 */
/* clang-format off */
#if (defined(__aarch64__) || defined(__arm__)) && !defined(__ANDROID__)
#ifndef __has_include
#define __has_include(x) 0
#endif
#if (__has_include(<sys/auxv.h>) || defined(__linux__)) && \
defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)
#if defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)
#include <sys/auxv.h>
extern unsigned long getauxval(unsigned long type) __attribute__((weak));
#else
static unsigned long (*getauxval)(unsigned long) = NULL;
#define AT_HWCAP2 0
#define AT_HWCAP 0
#define AT_HWCAP2
#define AT_HWCAP
#endif /* defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__)*/
#endif /* (defined(__aarch64__) || defined(__arm__)) && !defined(__ANDROID__) */
/* clang-format on */
#if defined(__aarch64__) && !defined(__ANDROID__)
// Defines from hwcap.h in Linux kernel - ARM64
#ifndef HWCAP_AES
#define HWCAP_AES (1 << 3)
#endif
#ifndef HWCAP_PMULL
#define HWCAP_PMULL (1 << 4)
#endif
#ifndef HWCAP_SHA1
#define HWCAP_SHA1 (1 << 5)
#endif
#ifndef HWCAP_SHA2
#define HWCAP_SHA2 (1 << 6)
#endif
void
CheckARMSupport()
@ -145,25 +131,15 @@ CheckARMSupport()
/*
* HWCAP flags - for elf_hwcap (in kernel) and AT_HWCAP
*/
#ifndef HWCAP_NEON
#define HWCAP_NEON (1 << 12)
#endif
/*
* HWCAP2 flags - for elf_hwcap2 (in kernel) and AT_HWCAP2
*/
#ifndef HWCAP2_AES
#define HWCAP2_AES (1 << 0)
#endif
#ifndef HWCAP2_PMULL
#define HWCAP2_PMULL (1 << 1)
#endif
#ifndef HWCAP2_SHA1
#define HWCAP2_SHA1 (1 << 2)
#endif
#ifndef HWCAP2_SHA2
#define HWCAP2_SHA2 (1 << 3)
#endif
void
CheckARMSupport()

88
security/nss/lib/freebl/chacha20poly1305.c
View File

@ -24,60 +24,36 @@ extern void Hacl_Chacha20_Vec128_chacha20(uint8_t *output, uint8_t *plain,
extern void Hacl_Chacha20_chacha20(uint8_t *output, uint8_t *plain, uint32_t len,
uint8_t *k, uint8_t *n1, uint32_t ctr);
/* Poly1305Do writes the Poly1305 authenticator of the given additional data
* and ciphertext to |out|. */
#if defined(HAVE_INT128_SUPPORT) && (defined(NSS_X86_OR_X64) || defined(__aarch64__))
/* Use HACL* Poly1305 on 64-bit Intel and ARM */
#include "verified/Hacl_Poly1305_64.h"
#define NSS_POLY1305_64 1
#define Hacl_Poly1305_update Hacl_Poly1305_64_update
#define Hacl_Poly1305_mk_state Hacl_Poly1305_64_mk_state
#define Hacl_Poly1305_init Hacl_Poly1305_64_init
#define Hacl_Poly1305_finish Hacl_Poly1305_64_finish
typedef Hacl_Impl_Poly1305_64_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state;
#else
/* All other platforms get the 32-bit poly1305 HACL* implementation. */
#include "verified/Hacl_Poly1305_32.h"
#define NSS_POLY1305_32 1
#define Hacl_Poly1305_update Hacl_Poly1305_32_update
#define Hacl_Poly1305_mk_state Hacl_Poly1305_32_mk_state
#define Hacl_Poly1305_init Hacl_Poly1305_32_init
#define Hacl_Poly1305_finish Hacl_Poly1305_32_finish
typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state;
#endif /* HAVE_INT128_SUPPORT */
static void
Poly1305PadUpdate(Hacl_Impl_Poly1305_State_poly1305_state state,
Poly1305PadUpdate(Hacl_Impl_Poly1305_64_State_poly1305_state state,
unsigned char *block, const unsigned char *p,
const unsigned int pLen)
{
unsigned int pRemLen = pLen % 16;
Hacl_Poly1305_update(state, (uint8_t *)p, (pLen / 16));
Hacl_Poly1305_64_update(state, (uint8_t *)p, (pLen / 16));
if (pRemLen > 0) {
memcpy(block, p + (pLen - pRemLen), pRemLen);
Hacl_Poly1305_update(state, block, 1);
Hacl_Poly1305_64_update(state, block, 1);
}
}
/* Poly1305Do writes the Poly1305 authenticator of the given additional data
* and ciphertext to |out|. */
static void
Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen,
const unsigned char *ciphertext, unsigned int ciphertextLen,
const unsigned char key[32])
{
#ifdef NSS_POLY1305_64
uint64_t stateStack[6U] = { 0U };
size_t offset = 3;
#elif defined NSS_POLY1305_32
uint32_t stateStack[10U] = { 0U };
size_t offset = 5;
#else
#error "This can't happen."
#endif
Hacl_Impl_Poly1305_State_poly1305_state state =
Hacl_Poly1305_mk_state(stateStack, stateStack + offset);
uint64_t tmp1[6U] = { 0U };
Hacl_Impl_Poly1305_64_State_poly1305_state state =
Hacl_Poly1305_64_mk_state(tmp1, tmp1 + 3);
unsigned char block[16] = { 0 };
Hacl_Poly1305_init(state, (uint8_t *)key);
Hacl_Poly1305_64_init(state, (uint8_t *)key);
Poly1305PadUpdate(state, block, ad, adLen);
memset(block, 0, 16);
@ -92,11 +68,49 @@ Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen,
block[i] = j;
}
Hacl_Poly1305_update(state, block, 1);
Hacl_Poly1305_finish(state, out, (uint8_t *)(key + 16));
#undef NSS_POLY1305_64
#undef NSS_POLY1305_32
Hacl_Poly1305_64_update(state, block, 1);
Hacl_Poly1305_64_finish(state, out, (uint8_t *)(key + 16));
}
#else
/* All other platforms get the 32-bit poly1305 reference implementation. */
#include "poly1305.h"
static void
Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen,
const unsigned char *ciphertext, unsigned int ciphertextLen,
const unsigned char key[32])
{
poly1305_state state;
unsigned int j;
unsigned char lengthBytes[8];
static const unsigned char zeros[15];
unsigned int i;
Poly1305Init(&state, key);
Poly1305Update(&state, ad, adLen);
if (adLen % 16 > 0) {
Poly1305Update(&state, zeros, 16 - adLen % 16);
}
Poly1305Update(&state, ciphertext, ciphertextLen);
if (ciphertextLen % 16 > 0) {
Poly1305Update(&state, zeros, 16 - ciphertextLen % 16);
}
j = adLen;
for (i = 0; i < sizeof(lengthBytes); i++) {
lengthBytes[i] = j;
j >>= 8;
}
Poly1305Update(&state, lengthBytes, sizeof(lengthBytes));
j = ciphertextLen;
for (i = 0; i < sizeof(lengthBytes); i++) {
lengthBytes[i] = j;
j >>= 8;
}
Poly1305Update(&state, lengthBytes, sizeof(lengthBytes));
Poly1305Finish(&state, out);
}
#endif /* HAVE_INT128_SUPPORT */
#endif /* NSS_DISABLE_CHACHAPOLY */
SECStatus

4
security/nss/lib/freebl/freebl_base.gypi
View File

@ -167,7 +167,7 @@
}, {
# !Windows & !x64 & !arm64 & !aarch64
'sources': [
'verified/Hacl_Poly1305_32.c',
'poly1305.c',
],
}],
],
@ -176,7 +176,7 @@
}, {
# Windows
'sources': [
'verified/Hacl_Poly1305_32.c',
'poly1305.c',
],
}],
],

4
security/nss/lib/freebl/loader.c
View File

@ -2164,12 +2164,12 @@ BLAKE2B_NewContext(void)
}
void
BLAKE2B_DestroyContext(BLAKE2BContext *ctx, PRBool freeit)
BLAKE2B_DestroyContext(BLAKE2BContext *BLAKE2BContext, PRBool freeit)
{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) {
return;
}
(vector->p_BLAKE2B_DestroyContext)(ctx, freeit);
(vector->p_BLAKE2B_DestroyContext)(BLAKE2BContext, freeit);
}
SECStatus

13
security/nss/lib/freebl/mpi/mpi.c
View File

@ -2657,10 +2657,10 @@ mp_toradix(mp_int *mp, char *str, int radix)
/* Reverse the digits and sign indicator */
ix = 0;
while (ix < pos) {
char tmpc = str[ix];
char tmp = str[ix];
str[ix] = str[pos];
str[pos] = tmpc;
str[pos] = tmp;
++ix;
--pos;
}
@ -3313,14 +3313,13 @@ s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r)
/* could check for power of 2 here, but mp_div_d does that. */
if (MP_USED(mp) == 1) {
mp_digit n = MP_DIGIT(mp, 0);
mp_digit remdig;
mp_digit rem;
q = n / d;
remdig = n % d;
rem = n % d;
MP_DIGIT(mp, 0) = q;
if (r) {
*r = remdig;
}
if (r)
*r = rem;
return MP_OKAY;
}

881
security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c Normal file
View File

@ -0,0 +1,881 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* This implementation of poly1305 is by Andrew Moon
* (https://github.com/floodyberry/poly1305-donna) and released as public
* domain. It implements SIMD vectorization based on the algorithm described in
* http://cr.yp.to/papers.html#neoncrypto. Unrolled to 2 powers, i.e. 64 byte
* block size. */
#include <emmintrin.h>
#include <stdint.h>
#include "poly1305.h"
#include "blapii.h"
#define ALIGN(x) __attribute__((aligned(x)))
#define INLINE inline
#define U8TO64_LE(m) (*(uint64_t *)(m))
#define U8TO32_LE(m) (*(uint32_t *)(m))
#define U64TO8_LE(m, v) (*(uint64_t *)(m)) = v
typedef __m128i xmmi;
typedef unsigned __int128 uint128_t;
static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0 };
static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = { 5, 0, 5, 0 };
static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = { (1 << 24), 0, (1 << 24), 0 };
static uint128_t INLINE
add128(uint128_t a, uint128_t b)
{
return a + b;
}
static uint128_t INLINE
add128_64(uint128_t a, uint64_t b)
{
return a + b;
}
static uint128_t INLINE
mul64x64_128(uint64_t a, uint64_t b)
{
return (uint128_t)a * b;
}
static uint64_t INLINE
lo128(uint128_t a)
{
return (uint64_t)a;
}
static uint64_t INLINE
shr128(uint128_t v, const int shift)
{
return (uint64_t)(v >> shift);
}
static uint64_t INLINE
shr128_pair(uint64_t hi, uint64_t lo, const int shift)
{
return (uint64_t)((((uint128_t)hi << 64) | lo) >> shift);
}
typedef struct poly1305_power_t {
union {
xmmi v;
uint64_t u[2];
uint32_t d[4];
} R20, R21, R22, R23, R24, S21, S22, S23, S24;
} poly1305_power;
typedef struct poly1305_state_internal_t {
poly1305_power P[2]; /* 288 bytes, top 32 bit halves unused = 144 bytes of free storage */
union {
xmmi H[5]; /* 80 bytes */
uint64_t HH[10];
};
/* uint64_t r0,r1,r2; [24 bytes] */
/* uint64_t pad0,pad1; [16 bytes] */
uint64_t started; /* 8 bytes */
uint64_t leftover; /* 8 bytes */
uint8_t buffer[64]; /* 64 bytes */
} poly1305_state_internal; /* 448 bytes total + 63 bytes for alignment = 511 bytes raw */
static poly1305_state_internal INLINE
*
poly1305_aligned_state(poly1305_state *state)
{
return (poly1305_state_internal *)(((uint64_t)state + 63) & ~63);
}
/* copy 0-63 bytes */
static void INLINE NO_SANITIZE_ALIGNMENT
poly1305_block_copy(uint8_t *dst, const uint8_t *src, size_t bytes)
{
size_t offset = src - dst;
if (bytes & 32) {
_mm_storeu_si128((xmmi *)(dst + 0), _mm_loadu_si128((xmmi *)(dst + offset + 0)));
_mm_storeu_si128((xmmi *)(dst + 16), _mm_loadu_si128((xmmi *)(dst + offset + 16)));
dst += 32;
}
if (bytes & 16) {
_mm_storeu_si128((xmmi *)dst, _mm_loadu_si128((xmmi *)(dst + offset)));
dst += 16;
}
if (bytes & 8) {
*(uint64_t *)dst = *(uint64_t *)(dst + offset);
dst += 8;
}
if (bytes & 4) {
*(uint32_t *)dst = *(uint32_t *)(dst + offset);
dst += 4;
}
if (bytes & 2) {
*(uint16_t *)dst = *(uint16_t *)(dst + offset);
dst += 2;
}
if (bytes & 1) {
*(uint8_t *)dst = *(uint8_t *)(dst + offset);
}
}
/* zero 0-15 bytes */
static void INLINE
poly1305_block_zero(uint8_t *dst, size_t bytes)
{
if (bytes & 8) {
*(uint64_t *)dst = 0;
dst += 8;
}
if (bytes & 4) {
*(uint32_t *)dst = 0;
dst += 4;
}
if (bytes & 2) {
*(uint16_t *)dst = 0;
dst += 2;
}
if (bytes & 1) {
*(uint8_t *)dst = 0;
}
}
static size_t INLINE
poly1305_min(size_t a, size_t b)
{
return (a < b) ? a : b;
}
void
Poly1305Init(poly1305_state *state, const unsigned char key[32])
{
poly1305_state_internal *st = poly1305_aligned_state(state);
poly1305_power *p;
uint64_t r0, r1, r2;
uint64_t t0, t1;
/* clamp key */
t0 = U8TO64_LE(key + 0);
t1 = U8TO64_LE(key + 8);
r0 = t0 & 0xffc0fffffff;
t0 >>= 44;
t0 |= t1 << 20;
r1 = t0 & 0xfffffc0ffff;
t1 >>= 24;
r2 = t1 & 0x00ffffffc0f;
/* store r in un-used space of st->P[1] */
p = &st->P[1];
p->R20.d[1] = (uint32_t)(r0);
p->R20.d[3] = (uint32_t)(r0 >> 32);
p->R21.d[1] = (uint32_t)(r1);
p->R21.d[3] = (uint32_t)(r1 >> 32);
p->R22.d[1] = (uint32_t)(r2);
p->R22.d[3] = (uint32_t)(r2 >> 32);
/* store pad */
p->R23.d[1] = U8TO32_LE(key + 16);
p->R23.d[3] = U8TO32_LE(key + 20);
p->R24.d[1] = U8TO32_LE(key + 24);
p->R24.d[3] = U8TO32_LE(key + 28);
/* H = 0 */
st->H[0] = _mm_setzero_si128();
st->H[1] = _mm_setzero_si128();
st->H[2] = _mm_setzero_si128();
st->H[3] = _mm_setzero_si128();
st->H[4] = _mm_setzero_si128();
st->started = 0;
st->leftover = 0;
}
static void
poly1305_first_block(poly1305_state_internal *st, const uint8_t *m)
{
const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
xmmi T5, T6;
poly1305_power *p;
uint128_t d[3];
uint64_t r0, r1, r2;
uint64_t r20, r21, r22, s22;
uint64_t pad0, pad1;
uint64_t c;
uint64_t i;
/* pull out stored info */
p = &st->P[1];
r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
pad0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1];
pad1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1];
/* compute powers r^2,r^4 */
r20 = r0;
r21 = r1;
r22 = r2;
for (i = 0; i < 2; i++) {
s22 = r22 * (5 << 2);
d[0] = add128(mul64x64_128(r20, r20), mul64x64_128(r21 * 2, s22));
d[1] = add128(mul64x64_128(r22, s22), mul64x64_128(r20 * 2, r21));
d[2] = add128(mul64x64_128(r21, r21), mul64x64_128(r22 * 2, r20));
r20 = lo128(d[0]) & 0xfffffffffff;
c = shr128(d[0], 44);
d[1] = add128_64(d[1], c);
r21 = lo128(d[1]) & 0xfffffffffff;
c = shr128(d[1], 44);
d[2] = add128_64(d[2], c);
r22 = lo128(d[2]) & 0x3ffffffffff;
c = shr128(d[2], 42);
r20 += c * 5;
c = (r20 >> 44);
r20 = r20 & 0xfffffffffff;
r21 += c;
p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
p->R21.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
p->R22.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 8)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
p->R23.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 34) | (r22 << 10)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0));
p->R24.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r22 >> 16))), _MM_SHUFFLE(1, 0, 1, 0));
p->S21.v = _mm_mul_epu32(p->R21.v, FIVE);
p->S22.v = _mm_mul_epu32(p->R22.v, FIVE);
p->S23.v = _mm_mul_epu32(p->R23.v, FIVE);
p->S24.v = _mm_mul_epu32(p->R24.v, FIVE);
p--;
}
/* put saved info back */
p = &st->P[1];
p->R20.d[1] = (uint32_t)(r0);
p->R20.d[3] = (uint32_t)(r0 >> 32);
p->R21.d[1] = (uint32_t)(r1);
p->R21.d[3] = (uint32_t)(r1 >> 32);
p->R22.d[1] = (uint32_t)(r2);
p->R22.d[3] = (uint32_t)(r2 >> 32);
p->R23.d[1] = (uint32_t)(pad0);
p->R23.d[3] = (uint32_t)(pad0 >> 32);
p->R24.d[1] = (uint32_t)(pad1);
p->R24.d[3] = (uint32_t)(pad1 >> 32);
/* H = [Mx,My] */
T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
st->H[0] = _mm_and_si128(MMASK, T5);
st->H[1] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
st->H[2] = _mm_and_si128(MMASK, T5);
st->H[3] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
st->H[4] = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
}
static void
poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, size_t bytes)
{
const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
poly1305_power *p;
xmmi H0, H1, H2, H3, H4;
xmmi T0, T1, T2, T3, T4, T5, T6;
xmmi M0, M1, M2, M3, M4;
xmmi C1, C2;
H0 = st->H[0];
H1 = st->H[1];
H2 = st->H[2];
H3 = st->H[3];
H4 = st->H[4];
while (bytes >= 64) {
/* H *= [r^4,r^4] */
p = &st->P[0];
T0 = _mm_mul_epu32(H0, p->R20.v);
T1 = _mm_mul_epu32(H0, p->R21.v);
T2 = _mm_mul_epu32(H0, p->R22.v);
T3 = _mm_mul_epu32(H0, p->R23.v);
T4 = _mm_mul_epu32(H0, p->R24.v);
T5 = _mm_mul_epu32(H1, p->S24.v);
T6 = _mm_mul_epu32(H1, p->R20.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H2, p->S23.v);
T6 = _mm_mul_epu32(H2, p->S24.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H3, p->S22.v);
T6 = _mm_mul_epu32(H3, p->S23.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H4, p->S21.v);
T6 = _mm_mul_epu32(H4, p->S22.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H1, p->R21.v);
T6 = _mm_mul_epu32(H1, p->R22.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H2, p->R20.v);
T6 = _mm_mul_epu32(H2, p->R21.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H3, p->S24.v);
T6 = _mm_mul_epu32(H3, p->R20.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H4, p->S23.v);
T6 = _mm_mul_epu32(H4, p->S24.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H1, p->R23.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H2, p->R22.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H3, p->R21.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H4, p->R20.v);
T4 = _mm_add_epi64(T4, T5);
/* H += [Mx,My]*[r^2,r^2] */
T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
M0 = _mm_and_si128(MMASK, T5);
M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
M2 = _mm_and_si128(MMASK, T5);
M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
p = &st->P[1];
T5 = _mm_mul_epu32(M0, p->R20.v);
T6 = _mm_mul_epu32(M0, p->R21.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(M1, p->S24.v);
T6 = _mm_mul_epu32(M1, p->R20.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(M2, p->S23.v);
T6 = _mm_mul_epu32(M2, p->S24.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(M3, p->S22.v);
T6 = _mm_mul_epu32(M3, p->S23.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(M4, p->S21.v);
T6 = _mm_mul_epu32(M4, p->S22.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(M0, p->R22.v);
T6 = _mm_mul_epu32(M0, p->R23.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(M1, p->R21.v);
T6 = _mm_mul_epu32(M1, p->R22.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(M2, p->R20.v);
T6 = _mm_mul_epu32(M2, p->R21.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(M3, p->S24.v);
T6 = _mm_mul_epu32(M3, p->R20.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(M4, p->S23.v);
T6 = _mm_mul_epu32(M4, p->S24.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(M0, p->R24.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(M1, p->R23.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(M2, p->R22.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(M3, p->R21.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(M4, p->R20.v);
T4 = _mm_add_epi64(T4, T5);
/* H += [Mx,My] */
T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 32)), _mm_loadl_epi64((xmmi *)(m + 48)));
T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 40)), _mm_loadl_epi64((xmmi *)(m + 56)));
M0 = _mm_and_si128(MMASK, T5);
M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
M2 = _mm_and_si128(MMASK, T5);
M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
T0 = _mm_add_epi64(T0, M0);
T1 = _mm_add_epi64(T1, M1);
T2 = _mm_add_epi64(T2, M2);
T3 = _mm_add_epi64(T3, M3);
T4 = _mm_add_epi64(T4, M4);
/* reduce */
C1 = _mm_srli_epi64(T0, 26);
C2 = _mm_srli_epi64(T3, 26);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_and_si128(T3, MMASK);
T1 = _mm_add_epi64(T1, C1);
T4 = _mm_add_epi64(T4, C2);
C1 = _mm_srli_epi64(T1, 26);
C2 = _mm_srli_epi64(T4, 26);
T1 = _mm_and_si128(T1, MMASK);
T4 = _mm_and_si128(T4, MMASK);
T2 = _mm_add_epi64(T2, C1);
T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
C1 = _mm_srli_epi64(T2, 26);
C2 = _mm_srli_epi64(T0, 26);
T2 = _mm_and_si128(T2, MMASK);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_add_epi64(T3, C1);
T1 = _mm_add_epi64(T1, C2);
C1 = _mm_srli_epi64(T3, 26);
T3 = _mm_and_si128(T3, MMASK);
T4 = _mm_add_epi64(T4, C1);
/* H = (H*[r^4,r^4] + [Mx,My]*[r^2,r^2] + [Mx,My]) */
H0 = T0;
H1 = T1;
H2 = T2;
H3 = T3;
H4 = T4;
m += 64;
bytes -= 64;
}
st->H[0] = H0;
st->H[1] = H1;
st->H[2] = H2;
st->H[3] = H3;
st->H[4] = H4;
}
static size_t
poly1305_combine(poly1305_state_internal *st, const uint8_t *m, size_t bytes)
{
const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask);
const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128);
const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5);
poly1305_power *p;
xmmi H0, H1, H2, H3, H4;
xmmi M0, M1, M2, M3, M4;
xmmi T0, T1, T2, T3, T4, T5, T6;
xmmi C1, C2;
uint64_t r0, r1, r2;
uint64_t t0, t1, t2, t3, t4;
uint64_t c;
size_t consumed = 0;
H0 = st->H[0];
H1 = st->H[1];
H2 = st->H[2];
H3 = st->H[3];
H4 = st->H[4];
/* p = [r^2,r^2] */
p = &st->P[1];
if (bytes >= 32) {
/* H *= [r^2,r^2] */
T0 = _mm_mul_epu32(H0, p->R20.v);
T1 = _mm_mul_epu32(H0, p->R21.v);
T2 = _mm_mul_epu32(H0, p->R22.v);
T3 = _mm_mul_epu32(H0, p->R23.v);
T4 = _mm_mul_epu32(H0, p->R24.v);
T5 = _mm_mul_epu32(H1, p->S24.v);
T6 = _mm_mul_epu32(H1, p->R20.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H2, p->S23.v);
T6 = _mm_mul_epu32(H2, p->S24.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H3, p->S22.v);
T6 = _mm_mul_epu32(H3, p->S23.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H4, p->S21.v);
T6 = _mm_mul_epu32(H4, p->S22.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H1, p->R21.v);
T6 = _mm_mul_epu32(H1, p->R22.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H2, p->R20.v);
T6 = _mm_mul_epu32(H2, p->R21.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H3, p->S24.v);
T6 = _mm_mul_epu32(H3, p->R20.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H4, p->S23.v);
T6 = _mm_mul_epu32(H4, p->S24.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H1, p->R23.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H2, p->R22.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H3, p->R21.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H4, p->R20.v);
T4 = _mm_add_epi64(T4, T5);
/* H += [Mx,My] */
T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16)));
T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24)));
M0 = _mm_and_si128(MMASK, T5);
M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12));
M2 = _mm_and_si128(MMASK, T5);
M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26));
M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT);
T0 = _mm_add_epi64(T0, M0);
T1 = _mm_add_epi64(T1, M1);
T2 = _mm_add_epi64(T2, M2);
T3 = _mm_add_epi64(T3, M3);
T4 = _mm_add_epi64(T4, M4);
/* reduce */
C1 = _mm_srli_epi64(T0, 26);
C2 = _mm_srli_epi64(T3, 26);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_and_si128(T3, MMASK);
T1 = _mm_add_epi64(T1, C1);
T4 = _mm_add_epi64(T4, C2);
C1 = _mm_srli_epi64(T1, 26);
C2 = _mm_srli_epi64(T4, 26);
T1 = _mm_and_si128(T1, MMASK);
T4 = _mm_and_si128(T4, MMASK);
T2 = _mm_add_epi64(T2, C1);
T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
C1 = _mm_srli_epi64(T2, 26);
C2 = _mm_srli_epi64(T0, 26);
T2 = _mm_and_si128(T2, MMASK);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_add_epi64(T3, C1);
T1 = _mm_add_epi64(T1, C2);
C1 = _mm_srli_epi64(T3, 26);
T3 = _mm_and_si128(T3, MMASK);
T4 = _mm_add_epi64(T4, C1);
/* H = (H*[r^2,r^2] + [Mx,My]) */
H0 = T0;
H1 = T1;
H2 = T2;
H3 = T3;
H4 = T4;
consumed = 32;
}
/* finalize, H *= [r^2,r] */
r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
p->R20.d[2] = (uint32_t)(r0)&0x3ffffff;
p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff;
p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff;
p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff;
p->R24.d[2] = (uint32_t)((r2 >> 16));
p->S21.d[2] = p->R21.d[2] * 5;
p->S22.d[2] = p->R22.d[2] * 5;
p->S23.d[2] = p->R23.d[2] * 5;
p->S24.d[2] = p->R24.d[2] * 5;
/* H *= [r^2,r] */
T0 = _mm_mul_epu32(H0, p->R20.v);
T1 = _mm_mul_epu32(H0, p->R21.v);
T2 = _mm_mul_epu32(H0, p->R22.v);
T3 = _mm_mul_epu32(H0, p->R23.v);
T4 = _mm_mul_epu32(H0, p->R24.v);
T5 = _mm_mul_epu32(H1, p->S24.v);
T6 = _mm_mul_epu32(H1, p->R20.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H2, p->S23.v);
T6 = _mm_mul_epu32(H2, p->S24.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H3, p->S22.v);
T6 = _mm_mul_epu32(H3, p->S23.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H4, p->S21.v);
T6 = _mm_mul_epu32(H4, p->S22.v);
T0 = _mm_add_epi64(T0, T5);
T1 = _mm_add_epi64(T1, T6);
T5 = _mm_mul_epu32(H1, p->R21.v);
T6 = _mm_mul_epu32(H1, p->R22.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H2, p->R20.v);
T6 = _mm_mul_epu32(H2, p->R21.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H3, p->S24.v);
T6 = _mm_mul_epu32(H3, p->R20.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H4, p->S23.v);
T6 = _mm_mul_epu32(H4, p->S24.v);
T2 = _mm_add_epi64(T2, T5);
T3 = _mm_add_epi64(T3, T6);
T5 = _mm_mul_epu32(H1, p->R23.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H2, p->R22.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H3, p->R21.v);
T4 = _mm_add_epi64(T4, T5);
T5 = _mm_mul_epu32(H4, p->R20.v);
T4 = _mm_add_epi64(T4, T5);
C1 = _mm_srli_epi64(T0, 26);
C2 = _mm_srli_epi64(T3, 26);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_and_si128(T3, MMASK);
T1 = _mm_add_epi64(T1, C1);
T4 = _mm_add_epi64(T4, C2);
C1 = _mm_srli_epi64(T1, 26);
C2 = _mm_srli_epi64(T4, 26);
T1 = _mm_and_si128(T1, MMASK);
T4 = _mm_and_si128(T4, MMASK);
T2 = _mm_add_epi64(T2, C1);
T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE));
C1 = _mm_srli_epi64(T2, 26);
C2 = _mm_srli_epi64(T0, 26);
T2 = _mm_and_si128(T2, MMASK);
T0 = _mm_and_si128(T0, MMASK);
T3 = _mm_add_epi64(T3, C1);
T1 = _mm_add_epi64(T1, C2);
C1 = _mm_srli_epi64(T3, 26);
T3 = _mm_and_si128(T3, MMASK);
T4 = _mm_add_epi64(T4, C1);
/* H = H[0]+H[1] */
H0 = _mm_add_epi64(T0, _mm_srli_si128(T0, 8));
H1 = _mm_add_epi64(T1, _mm_srli_si128(T1, 8));
H2 = _mm_add_epi64(T2, _mm_srli_si128(T2, 8));
H3 = _mm_add_epi64(T3, _mm_srli_si128(T3, 8));
H4 = _mm_add_epi64(T4, _mm_srli_si128(T4, 8));
t0 = _mm_cvtsi128_si32(H0);
c = (t0 >> 26);
t0 &= 0x3ffffff;
t1 = _mm_cvtsi128_si32(H1) + c;
c = (t1 >> 26);
t1 &= 0x3ffffff;
t2 = _mm_cvtsi128_si32(H2) + c;
c = (t2 >> 26);
t2 &= 0x3ffffff;
t3 = _mm_cvtsi128_si32(H3) + c;
c = (t3 >> 26);
t3 &= 0x3ffffff;
t4 = _mm_cvtsi128_si32(H4) + c;
c = (t4 >> 26);
t4 &= 0x3ffffff;
t0 = t0 + (c * 5);
c = (t0 >> 26);
t0 &= 0x3ffffff;
t1 = t1 + c;
st->HH[0] = ((t0) | (t1 << 26)) & 0xfffffffffffull;
st->HH[1] = ((t1 >> 18) | (t2 << 8) | (t3 << 34)) & 0xfffffffffffull;
st->HH[2] = ((t3 >> 10) | (t4 << 16)) & 0x3ffffffffffull;
return consumed;
}
void
Poly1305Update(poly1305_state *state, const unsigned char *m, size_t bytes)
{
poly1305_state_internal *st = poly1305_aligned_state(state);
size_t want;
/* need at least 32 initial bytes to start the accelerated branch */
if (!st->started) {
if ((st->leftover == 0) && (bytes > 32)) {
poly1305_first_block(st, m);
m += 32;
bytes -= 32;
} else {
want = poly1305_min(32 - st->leftover, bytes);
poly1305_block_copy(st->buffer + st->leftover, m, want);
bytes -= want;
m += want;
st->leftover += want;
if ((st->leftover < 32) || (bytes == 0))
return;
poly1305_first_block(st, st->buffer);
st->leftover = 0;
}
st->started = 1;
}
/* handle leftover */
if (st->leftover) {
want = poly1305_min(64 - st->leftover, bytes);
poly1305_block_copy(st->buffer + st->leftover, m, want);
bytes -= want;
m += want;
st->leftover += want;
if (st->leftover < 64)
return;
poly1305_blocks(st, st->buffer, 64);
st->leftover = 0;
}
/* process 64 byte blocks */
if (bytes >= 64) {
want = (bytes & ~63);
poly1305_blocks(st, m, want);
m += want;
bytes -= want;
}
if (bytes) {
poly1305_block_copy(st->buffer + st->leftover, m, bytes);
st->leftover += bytes;
}
}
void
Poly1305Finish(poly1305_state *state, unsigned char mac[16])
{
poly1305_state_internal *st = poly1305_aligned_state(state);
size_t leftover = st->leftover;
uint8_t *m = st->buffer;
uint128_t d[3];
uint64_t h0, h1, h2;
uint64_t t0, t1;
uint64_t g0, g1, g2, c, nc;
uint64_t r0, r1, r2, s1, s2;
poly1305_power *p;
if (st->started) {
size_t consumed = poly1305_combine(st, m, leftover);
leftover -= consumed;
m += consumed;
}
/* st->HH will either be 0 or have the combined result */
h0 = st->HH[0];
h1 = st->HH[1];
h2 = st->HH[2];
p = &st->P[1];
r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1];
r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1];
r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1];
s1 = r1 * (5 << 2);
s2 = r2 * (5 << 2);
if (leftover < 16)
goto poly1305_donna_atmost15bytes;
poly1305_donna_atleast16bytes:
t0 = U8TO64_LE(m + 0);
t1 = U8TO64_LE(m + 8);
h0 += t0 & 0xfffffffffff;
t0 = shr128_pair(t1, t0, 44);
h1 += t0 & 0xfffffffffff;
h2 += (t1 >> 24) | ((uint64_t)1 << 40);
poly1305_donna_mul:
d[0] = add128(add128(mul64x64_128(h0, r0), mul64x64_128(h1, s2)), mul64x64_128(h2, s1));
d[1] = add128(add128(mul64x64_128(h0, r1), mul64x64_128(h1, r0)), mul64x64_128(h2, s2));
d[2] = add128(add128(mul64x64_128(h0, r2), mul64x64_128(h1, r1)), mul64x64_128(h2, r0));
h0 = lo128(d[0]) & 0xfffffffffff;
c = shr128(d[0], 44);
d[1] = add128_64(d[1], c);
h1 = lo128(d[1]) & 0xfffffffffff;
c = shr128(d[1], 44);
d[2] = add128_64(d[2], c);
h2 = lo128(d[2]) & 0x3ffffffffff;
c = shr128(d[2], 42);
h0 += c * 5;
m += 16;
leftover -= 16;
if (leftover >= 16)
goto poly1305_donna_atleast16bytes;
/* final bytes */
poly1305_donna_atmost15bytes:
if (!leftover)
goto poly1305_donna_finish;
m[leftover++] = 1;
poly1305_block_zero(m + leftover, 16 - leftover);
leftover = 16;
t0 = U8TO64_LE(m + 0);
t1 = U8TO64_LE(m + 8);
h0 += t0 & 0xfffffffffff;
t0 = shr128_pair(t1, t0, 44);
h1 += t0 & 0xfffffffffff;
h2 += (t1 >> 24);
goto poly1305_donna_mul;
poly1305_donna_finish:
c = (h0 >> 44);
h0 &= 0xfffffffffff;
h1 += c;
c = (h1 >> 44);
h1 &= 0xfffffffffff;
h2 += c;
c = (h2 >> 42);
h2 &= 0x3ffffffffff;
h0 += c * 5;
g0 = h0 + 5;
c = (g0 >> 44);
g0 &= 0xfffffffffff;
g1 = h1 + c;
c = (g1 >> 44);
g1 &= 0xfffffffffff;
g2 = h2 + c - ((uint64_t)1 << 42);
c = (g2 >> 63) - 1;
nc = ~c;
h0 = (h0 & nc) | (g0 & c);
h1 = (h1 & nc) | (g1 & c);
h2 = (h2 & nc) | (g2 & c);
/* pad */
t0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1];
t1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1];
h0 += (t0 & 0xfffffffffff);
c = (h0 >> 44);
h0 &= 0xfffffffffff;
t0 = shr128_pair(t1, t0, 44);
h1 += (t0 & 0xfffffffffff) + c;
c = (h1 >> 44);
h1 &= 0xfffffffffff;
t1 = (t1 >> 24);
h2 += (t1) + c;
U64TO8_LE(mac + 0, ((h0) | (h1 << 44)));
U64TO8_LE(mac + 8, ((h1 >> 20) | (h2 << 24)));
}

314
security/nss/lib/freebl/poly1305.c Normal file
View File

@ -0,0 +1,314 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* This implementation of poly1305 is by Andrew Moon
* (https://github.com/floodyberry/poly1305-donna) and released as public
* domain. */
#include <string.h>
#include "poly1305.h"
#if defined(_MSC_VER) && _MSC_VER < 1600
#include "prtypes.h"
typedef PRUint32 uint32_t;
typedef PRUint64 uint64_t;
#else
#include <stdint.h>
#endif
#if defined(NSS_X86) || defined(NSS_X64)
/* We can assume little-endian. */
static uint32_t
U8TO32_LE(const unsigned char *m)
{
uint32_t r;
memcpy(&r, m, sizeof(r));
return r;
}
static void
U32TO8_LE(unsigned char *m, uint32_t v)
{
memcpy(m, &v, sizeof(v));
}
#else
static uint32_t
U8TO32_LE(const unsigned char *m)
{
return (uint32_t)m[0] |
(uint32_t)m[1] << 8 |
(uint32_t)m[2] << 16 |
(uint32_t)m[3] << 24;
}
static void
U32TO8_LE(unsigned char *m, uint32_t v)
{
m[0] = v;
m[1] = v >> 8;
m[2] = v >> 16;
m[3] = v >> 24;
}
#endif
static uint64_t
mul32x32_64(uint32_t a, uint32_t b)
{
return (uint64_t)a * b;
}
struct poly1305_state_st {
uint32_t r0, r1, r2, r3, r4;
uint32_t s1, s2, s3, s4;
uint32_t h0, h1, h2, h3, h4;
unsigned char buf[16];
unsigned int buf_used;
unsigned char key[16];
};
/* update updates |state| given some amount of input data. This function may
* only be called with a |len| that is not a multiple of 16 at the end of the
* data. Otherwise the input must be buffered into 16 byte blocks. */
static void
update(struct poly1305_state_st *state, const unsigned char *in,
size_t len)
{
uint32_t t0, t1, t2, t3;
uint64_t t[5];
uint32_t b;
uint64_t c;
size_t j;
unsigned char mp[16];
if (len < 16)
goto poly1305_donna_atmost15bytes;
poly1305_donna_16bytes:
t0 = U8TO32_LE(in);
t1 = U8TO32_LE(in + 4);
t2 = U8TO32_LE(in + 8);
t3 = U8TO32_LE(in + 12);
in += 16;
len -= 16;
state->h0 += t0 & 0x3ffffff;
state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff;
state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff;
state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff;
state->h4 += (t3 >> 8) | (1 << 24);
poly1305_donna_mul:
t[0] = mul32x32_64(state->h0, state->r0) +
mul32x32_64(state->h1, state->s4) +
mul32x32_64(state->h2, state->s3) +
mul32x32_64(state->h3, state->s2) +
mul32x32_64(state->h4, state->s1);
t[1] = mul32x32_64(state->h0, state->r1) +
mul32x32_64(state->h1, state->r0) +
mul32x32_64(state->h2, state->s4) +
mul32x32_64(state->h3, state->s3) +
mul32x32_64(state->h4, state->s2);
t[2] = mul32x32_64(state->h0, state->r2) +
mul32x32_64(state->h1, state->r1) +
mul32x32_64(state->h2, state->r0) +
mul32x32_64(state->h3, state->s4) +
mul32x32_64(state->h4, state->s3);
t[3] = mul32x32_64(state->h0, state->r3) +
mul32x32_64(state->h1, state->r2) +
mul32x32_64(state->h2, state->r1) +
mul32x32_64(state->h3, state->r0) +
mul32x32_64(state->h4, state->s4);
t[4] = mul32x32_64(state->h0, state->r4) +
mul32x32_64(state->h1, state->r3) +
mul32x32_64(state->h2, state->r2) +
mul32x32_64(state->h3, state->r1) +
mul32x32_64(state->h4, state->r0);
state->h0 = (uint32_t)t[0] & 0x3ffffff;
c = (t[0] >> 26);
t[1] += c;
state->h1 = (uint32_t)t[1] & 0x3ffffff;
b = (uint32_t)(t[1] >> 26);
t[2] += b;
state->h2 = (uint32_t)t[2] & 0x3ffffff;
b = (uint32_t)(t[2] >> 26);
t[3] += b;
state->h3 = (uint32_t)t[3] & 0x3ffffff;
b = (uint32_t)(t[3] >> 26);
t[4] += b;
state->h4 = (uint32_t)t[4] & 0x3ffffff;
b = (uint32_t)(t[4] >> 26);
state->h0 += b * 5;
if (len >= 16)
goto poly1305_donna_16bytes;
/* final bytes */
poly1305_donna_atmost15bytes:
if (!len)
return;
for (j = 0; j < len; j++)
mp[j] = in[j];
mp[j++] = 1;
for (; j < 16; j++)
mp[j] = 0;
len = 0;
t0 = U8TO32_LE(mp + 0);
t1 = U8TO32_LE(mp + 4);
t2 = U8TO32_LE(mp + 8);
t3 = U8TO32_LE(mp + 12);
state->h0 += t0 & 0x3ffffff;
state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff;
state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff;
state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff;
state->h4 += (t3 >> 8);
goto poly1305_donna_mul;
}
void
Poly1305Init(poly1305_state *statep, const unsigned char key[32])
{
struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
uint32_t t0, t1, t2, t3;
t0 = U8TO32_LE(key + 0);
t1 = U8TO32_LE(key + 4);
t2 = U8TO32_LE(key + 8);
t3 = U8TO32_LE(key + 12);
/* precompute multipliers */
state->r0 = t0 & 0x3ffffff;
t0 >>= 26;
t0 |= t1 << 6;
state->r1 = t0 & 0x3ffff03;
t1 >>= 20;
t1 |= t2 << 12;
state->r2 = t1 & 0x3ffc0ff;
t2 >>= 14;
t2 |= t3 << 18;
state->r3 = t2 & 0x3f03fff;
t3 >>= 8;
state->r4 = t3 & 0x00fffff;
state->s1 = state->r1 * 5;
state->s2 = state->r2 * 5;
state->s3 = state->r3 * 5;
state->s4 = state->r4 * 5;
/* init state */
state->h0 = 0;
state->h1 = 0;
state->h2 = 0;
state->h3 = 0;
state->h4 = 0;
state->buf_used = 0;
memcpy(state->key, key + 16, sizeof(state->key));
}
void
Poly1305Update(poly1305_state *statep, const unsigned char *in,
size_t in_len)
{
unsigned int i;
struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
if (state->buf_used) {
unsigned int todo = 16 - state->buf_used;
if (todo > in_len)
todo = in_len;
for (i = 0; i < todo; i++)
state->buf[state->buf_used + i] = in[i];
state->buf_used += todo;
in_len -= todo;
in += todo;
if (state->buf_used == 16) {
update(state, state->buf, 16);
state->buf_used = 0;
}
}
if (in_len >= 16) {
size_t todo = in_len & ~0xf;
update(state, in, todo);
in += todo;
in_len &= 0xf;
}
if (in_len) {
for (i = 0; i < in_len; i++)
state->buf[i] = in[i];
state->buf_used = in_len;
}
}
void
Poly1305Finish(poly1305_state *statep, unsigned char mac[16])
{
struct poly1305_state_st *state = (struct poly1305_state_st *)statep;
uint64_t f0, f1, f2, f3;
uint32_t g0, g1, g2, g3, g4;
uint32_t b, nb;
if (state->buf_used)
update(state, state->buf, state->buf_used);
b = state->h0 >> 26;
state->h0 = state->h0 & 0x3ffffff;
state->h1 += b;
b = state->h1 >> 26;
state->h1 = state->h1 & 0x3ffffff;
state->h2 += b;
b = state->h2 >> 26;
state->h2 = state->h2 & 0x3ffffff;
state->h3 += b;
b = state->h3 >> 26;
state->h3 = state->h3 & 0x3ffffff;
state->h4 += b;
b = state->h4 >> 26;
state->h4 = state->h4 & 0x3ffffff;
state->h0 += b * 5;
g0 = state->h0 + 5;
b = g0 >> 26;
g0 &= 0x3ffffff;
g1 = state->h1 + b;
b = g1 >> 26;
g1 &= 0x3ffffff;
g2 = state->h2 + b;
b = g2 >> 26;
g2 &= 0x3ffffff;
g3 = state->h3 + b;
b = g3 >> 26;
g3 &= 0x3ffffff;
g4 = state->h4 + b - (1 << 26);
b = (g4 >> 31) - 1;
nb = ~b;
state->h0 = (state->h0 & nb) | (g0 & b);
state->h1 = (state->h1 & nb) | (g1 & b);
state->h2 = (state->h2 & nb) | (g2 & b);
state->h3 = (state->h3 & nb) | (g3 & b);
state->h4 = (state->h4 & nb) | (g4 & b);
f0 = ((state->h0) | (state->h1 << 26)) + (uint64_t)U8TO32_LE(&state->key[0]);
f1 = ((state->h1 >> 6) | (state->h2 << 20)) + (uint64_t)U8TO32_LE(&state->key[4]);
f2 = ((state->h2 >> 12) | (state->h3 << 14)) + (uint64_t)U8TO32_LE(&state->key[8]);
f3 = ((state->h3 >> 18) | (state->h4 << 8)) + (uint64_t)U8TO32_LE(&state->key[12]);
U32TO8_LE(&mac[0], (uint32_t)f0);
f1 += (f0 >> 32);
U32TO8_LE(&mac[4], (uint32_t)f1);
f2 += (f1 >> 32);
U32TO8_LE(&mac[8], (uint32_t)f2);
f3 += (f2 >> 32);
U32TO8_LE(&mac[12], (uint32_t)f3);
}

30
security/nss/lib/freebl/poly1305.h Normal file
View File

@ -0,0 +1,30 @@
/*
* poly1305.h - header file for Poly1305 implementation.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef FREEBL_POLY1305_H_
#define FREEBL_POLY1305_H_
#include "stddef.h"
typedef unsigned char poly1305_state[512];
/* Poly1305Init sets up |state| so that it can be used to calculate an
* authentication tag with the one-time key |key|. Note that |key| is a
* one-time key and therefore there is no `reset' method because that would
* enable several messages to be authenticated with the same key. */
extern void Poly1305Init(poly1305_state* state, const unsigned char key[32]);
/* Poly1305Update processes |in_len| bytes from |in|. It can be called zero or
* more times after poly1305_init. */
extern void Poly1305Update(poly1305_state* state, const unsigned char* in,
size_t inLen);
/* Poly1305Finish completes the poly1305 calculation and writes a 16 byte
* authentication tag to |mac|. */
extern void Poly1305Finish(poly1305_state* state, unsigned char mac[16]);
#endif /* FREEBL_POLY1305_H_ */

576
security/nss/lib/freebl/verified/Hacl_Poly1305_32.c
View File

@ -1,576 +0,0 @@
/* Copyright 2016-2017 INRIA and Microsoft Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "Hacl_Poly1305_32.h"
inline static void
Hacl_Bignum_Modulo_reduce(uint32_t *b)
{
uint32_t b0 = b[0U];
b[0U] = (b0 << (uint32_t)2U) + b0;
}
inline static void
Hacl_Bignum_Modulo_carry_top(uint32_t *b)
{
uint32_t b4 = b[4U];
uint32_t b0 = b[0U];
uint32_t b4_26 = b4 >> (uint32_t)26U;
b[4U] = b4 & (uint32_t)0x3ffffffU;
b[0U] = (b4_26 << (uint32_t)2U) + b4_26 + b0;
}
inline static void
Hacl_Bignum_Modulo_carry_top_wide(uint64_t *b)
{
uint64_t b4 = b[4U];
uint64_t b0 = b[0U];
uint64_t b4_ = b4 & (uint64_t)(uint32_t)0x3ffffffU;
uint32_t b4_26 = (uint32_t)(b4 >> (uint32_t)26U);
uint64_t b0_ = b0 + (uint64_t)((b4_26 << (uint32_t)2U) + b4_26);
b[4U] = b4_;
b[0U] = b0_;
}
inline static void
Hacl_Bignum_Fproduct_copy_from_wide_(uint32_t *output, uint64_t *input)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) {
uint64_t xi = input[i];
output[i] = (uint32_t)xi;
}
}
inline static void
Hacl_Bignum_Fproduct_sum_scalar_multiplication_(uint64_t *output, uint32_t *input, uint32_t s)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) {
uint64_t xi = output[i];
uint32_t yi = input[i];
output[i] = xi + (uint64_t)yi * (uint64_t)s;
}
}
inline static void
Hacl_Bignum_Fproduct_carry_wide_(uint64_t *tmp)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) {
uint32_t ctr = i;
uint64_t tctr = tmp[ctr];
uint64_t tctrp1 = tmp[ctr + (uint32_t)1U];
uint32_t r0 = (uint32_t)tctr & (uint32_t)0x3ffffffU;
uint64_t c = tctr >> (uint32_t)26U;
tmp[ctr] = (uint64_t)r0;
tmp[ctr + (uint32_t)1U] = tctrp1 + c;
}
}
inline static void
Hacl_Bignum_Fproduct_carry_limb_(uint32_t *tmp)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) {
uint32_t ctr = i;
uint32_t tctr = tmp[ctr];
uint32_t tctrp1 = tmp[ctr + (uint32_t)1U];
uint32_t r0 = tctr & (uint32_t)0x3ffffffU;
uint32_t c = tctr >> (uint32_t)26U;
tmp[ctr] = r0;
tmp[ctr + (uint32_t)1U] = tctrp1 + c;
}
}
inline static void
Hacl_Bignum_Fmul_shift_reduce(uint32_t *output)
{
uint32_t tmp = output[4U];
for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) {
uint32_t ctr = (uint32_t)5U - i - (uint32_t)1U;
uint32_t z = output[ctr - (uint32_t)1U];
output[ctr] = z;
}
output[0U] = tmp;
Hacl_Bignum_Modulo_reduce(output);
}
static void
Hacl_Bignum_Fmul_mul_shift_reduce_(uint64_t *output, uint32_t *input, uint32_t *input2)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) {
uint32_t input2i = input2[i];
Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i);
Hacl_Bignum_Fmul_shift_reduce(input);
}
uint32_t i = (uint32_t)4U;
uint32_t input2i = input2[i];
Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i);
}
inline static void
Hacl_Bignum_Fmul_fmul(uint32_t *output, uint32_t *input, uint32_t *input2)
{
uint32_t tmp[5U] = { 0U };
memcpy(tmp, input, (uint32_t)5U * sizeof input[0U]);
uint64_t t[5U] = { 0U };
Hacl_Bignum_Fmul_mul_shift_reduce_(t, tmp, input2);
Hacl_Bignum_Fproduct_carry_wide_(t);
Hacl_Bignum_Modulo_carry_top_wide(t);
Hacl_Bignum_Fproduct_copy_from_wide_(output, t);
uint32_t i0 = output[0U];
uint32_t i1 = output[1U];
uint32_t i0_ = i0 & (uint32_t)0x3ffffffU;
uint32_t i1_ = i1 + (i0 >> (uint32_t)26U);
output[0U] = i0_;
output[1U] = i1_;
}
inline static void
Hacl_Bignum_AddAndMultiply_add_and_multiply(uint32_t *acc, uint32_t *block, uint32_t *r)
{
for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) {
uint32_t xi = acc[i];
uint32_t yi = block[i];
acc[i] = xi + yi;
}
Hacl_Bignum_Fmul_fmul(acc, acc, r);
}
inline static void
Hacl_Impl_Poly1305_32_poly1305_update(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m)
{
Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st;
uint32_t *h = scrut0.h;
uint32_t *acc = h;
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *r = scrut.r;
uint32_t *r5 = r;
uint32_t tmp[5U] = { 0U };
uint8_t *s0 = m;
uint8_t *s1 = m + (uint32_t)3U;
uint8_t *s2 = m + (uint32_t)6U;
uint8_t *s3 = m + (uint32_t)9U;
uint8_t *s4 = m + (uint32_t)12U;
uint32_t i0 = load32_le(s0);
uint32_t i1 = load32_le(s1);
uint32_t i2 = load32_le(s2);
uint32_t i3 = load32_le(s3);
uint32_t i4 = load32_le(s4);
uint32_t r0 = i0 & (uint32_t)0x3ffffffU;
uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU;
uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU;
uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU;
uint32_t r4 = i4 >> (uint32_t)8U;
tmp[0U] = r0;
tmp[1U] = r1;
tmp[2U] = r2;
tmp[3U] = r3;
tmp[4U] = r4;
uint32_t b4 = tmp[4U];
uint32_t b4_ = (uint32_t)0x1000000U | b4;
tmp[4U] = b4_;
Hacl_Bignum_AddAndMultiply_add_and_multiply(acc, tmp, r5);
}
inline static void
Hacl_Impl_Poly1305_32_poly1305_process_last_block_(
uint8_t *block,
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint64_t rem_)
{
uint32_t tmp[5U] = { 0U };
uint8_t *s0 = block;
uint8_t *s1 = block + (uint32_t)3U;
uint8_t *s2 = block + (uint32_t)6U;
uint8_t *s3 = block + (uint32_t)9U;
uint8_t *s4 = block + (uint32_t)12U;
uint32_t i0 = load32_le(s0);
uint32_t i1 = load32_le(s1);
uint32_t i2 = load32_le(s2);
uint32_t i3 = load32_le(s3);
uint32_t i4 = load32_le(s4);
uint32_t r0 = i0 & (uint32_t)0x3ffffffU;
uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU;
uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU;
uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU;
uint32_t r4 = i4 >> (uint32_t)8U;
tmp[0U] = r0;
tmp[1U] = r1;
tmp[2U] = r2;
tmp[3U] = r3;
tmp[4U] = r4;
Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st;
uint32_t *h = scrut0.h;
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *r = scrut.r;
Hacl_Bignum_AddAndMultiply_add_and_multiply(h, tmp, r);
}
inline static void
Hacl_Impl_Poly1305_32_poly1305_process_last_block(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint64_t rem_)
{
uint8_t zero1 = (uint8_t)0U;
KRML_CHECK_SIZE(zero1, (uint32_t)16U);
uint8_t block[16U];
for (uint32_t _i = 0U; _i < (uint32_t)16U; ++_i)
block[_i] = zero1;
uint32_t i0 = (uint32_t)rem_;
uint32_t i = (uint32_t)rem_;
memcpy(block, m, i * sizeof m[0U]);
block[i0] = (uint8_t)1U;
Hacl_Impl_Poly1305_32_poly1305_process_last_block_(block, st, m, rem_);
}
static void
Hacl_Impl_Poly1305_32_poly1305_last_pass(uint32_t *acc)
{
Hacl_Bignum_Fproduct_carry_limb_(acc);
Hacl_Bignum_Modulo_carry_top(acc);
uint32_t t0 = acc[0U];
uint32_t t10 = acc[1U];
uint32_t t20 = acc[2U];
uint32_t t30 = acc[3U];
uint32_t t40 = acc[4U];
uint32_t t1_ = t10 + (t0 >> (uint32_t)26U);
uint32_t mask_261 = (uint32_t)0x3ffffffU;
uint32_t t0_ = t0 & mask_261;
uint32_t t2_ = t20 + (t1_ >> (uint32_t)26U);
uint32_t t1__ = t1_ & mask_261;
uint32_t t3_ = t30 + (t2_ >> (uint32_t)26U);
uint32_t t2__ = t2_ & mask_261;
uint32_t t4_ = t40 + (t3_ >> (uint32_t)26U);
uint32_t t3__ = t3_ & mask_261;
acc[0U] = t0_;
acc[1U] = t1__;
acc[2U] = t2__;
acc[3U] = t3__;
acc[4U] = t4_;
Hacl_Bignum_Modulo_carry_top(acc);
uint32_t t00 = acc[0U];
uint32_t t1 = acc[1U];
uint32_t t2 = acc[2U];
uint32_t t3 = acc[3U];
uint32_t t4 = acc[4U];
uint32_t t1_0 = t1 + (t00 >> (uint32_t)26U);
uint32_t t0_0 = t00 & (uint32_t)0x3ffffffU;
uint32_t t2_0 = t2 + (t1_0 >> (uint32_t)26U);
uint32_t t1__0 = t1_0 & (uint32_t)0x3ffffffU;
uint32_t t3_0 = t3 + (t2_0 >> (uint32_t)26U);
uint32_t t2__0 = t2_0 & (uint32_t)0x3ffffffU;
uint32_t t4_0 = t4 + (t3_0 >> (uint32_t)26U);
uint32_t t3__0 = t3_0 & (uint32_t)0x3ffffffU;
acc[0U] = t0_0;
acc[1U] = t1__0;
acc[2U] = t2__0;
acc[3U] = t3__0;
acc[4U] = t4_0;
Hacl_Bignum_Modulo_carry_top(acc);
uint32_t i0 = acc[0U];
uint32_t i1 = acc[1U];
uint32_t i0_ = i0 & (uint32_t)0x3ffffffU;
uint32_t i1_ = i1 + (i0 >> (uint32_t)26U);
acc[0U] = i0_;
acc[1U] = i1_;
uint32_t a0 = acc[0U];
uint32_t a1 = acc[1U];
uint32_t a2 = acc[2U];
uint32_t a3 = acc[3U];
uint32_t a4 = acc[4U];
uint32_t mask0 = FStar_UInt32_gte_mask(a0, (uint32_t)0x3fffffbU);
uint32_t mask1 = FStar_UInt32_eq_mask(a1, (uint32_t)0x3ffffffU);
uint32_t mask2 = FStar_UInt32_eq_mask(a2, (uint32_t)0x3ffffffU);
uint32_t mask3 = FStar_UInt32_eq_mask(a3, (uint32_t)0x3ffffffU);
uint32_t mask4 = FStar_UInt32_eq_mask(a4, (uint32_t)0x3ffffffU);
uint32_t mask = (((mask0 & mask1) & mask2) & mask3) & mask4;
uint32_t a0_ = a0 - ((uint32_t)0x3fffffbU & mask);
uint32_t a1_ = a1 - ((uint32_t)0x3ffffffU & mask);
uint32_t a2_ = a2 - ((uint32_t)0x3ffffffU & mask);
uint32_t a3_ = a3 - ((uint32_t)0x3ffffffU & mask);
uint32_t a4_ = a4 - ((uint32_t)0x3ffffffU & mask);
acc[0U] = a0_;
acc[1U] = a1_;
acc[2U] = a2_;
acc[3U] = a3_;
acc[4U] = a4_;
}
static Hacl_Impl_Poly1305_32_State_poly1305_state
Hacl_Impl_Poly1305_32_mk_state(uint32_t *r, uint32_t *h)
{
return ((Hacl_Impl_Poly1305_32_State_poly1305_state){.r = r, .h = h });
}
static void
Hacl_Standalone_Poly1305_32_poly1305_blocks(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint64_t len1)
{
if (!(len1 == (uint64_t)0U)) {
uint8_t *block = m;
uint8_t *tail1 = m + (uint32_t)16U;
Hacl_Impl_Poly1305_32_poly1305_update(st, block);
uint64_t len2 = len1 - (uint64_t)1U;
Hacl_Standalone_Poly1305_32_poly1305_blocks(st, tail1, len2);
}
}
static void
Hacl_Standalone_Poly1305_32_poly1305_partial(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *input,
uint64_t len1,
uint8_t *kr)
{
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *r = scrut.r;
uint32_t *x0 = r;
FStar_UInt128_t k1 = load128_le(kr);
FStar_UInt128_t
k_clamped =
FStar_UInt128_logand(k1,
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU),
(uint32_t)64U),
FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU)));
uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU;
uint32_t
r1 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU;
uint32_t
r2 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU;
uint32_t
r3 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU;
uint32_t
r4 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU;
x0[0U] = r0;
x0[1U] = r1;
x0[2U] = r2;
x0[3U] = r3;
x0[4U] = r4;
Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st;
uint32_t *h = scrut0.h;
uint32_t *x00 = h;
x00[0U] = (uint32_t)0U;
x00[1U] = (uint32_t)0U;
x00[2U] = (uint32_t)0U;
x00[3U] = (uint32_t)0U;
x00[4U] = (uint32_t)0U;
Hacl_Standalone_Poly1305_32_poly1305_blocks(st, input, len1);
}
static void
Hacl_Standalone_Poly1305_32_poly1305_complete(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint64_t len1,
uint8_t *k1)
{
uint8_t *kr = k1;
uint64_t len16 = len1 >> (uint32_t)4U;
uint64_t rem16 = len1 & (uint64_t)0xfU;
uint8_t *part_input = m;
uint8_t *last_block = m + (uint32_t)((uint64_t)16U * len16);
Hacl_Standalone_Poly1305_32_poly1305_partial(st, part_input, len16, kr);
if (!(rem16 == (uint64_t)0U))
Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, last_block, rem16);
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *h = scrut.h;
uint32_t *acc = h;
Hacl_Impl_Poly1305_32_poly1305_last_pass(acc);
}
static void
Hacl_Standalone_Poly1305_32_crypto_onetimeauth_(
uint8_t *output,
uint8_t *input,
uint64_t len1,
uint8_t *k1)
{
uint32_t buf[10U] = { 0U };
uint32_t *r = buf;
uint32_t *h = buf + (uint32_t)5U;
Hacl_Impl_Poly1305_32_State_poly1305_state st = Hacl_Impl_Poly1305_32_mk_state(r, h);
uint8_t *key_s = k1 + (uint32_t)16U;
Hacl_Standalone_Poly1305_32_poly1305_complete(st, input, len1, k1);
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *h5 = scrut.h;
uint32_t *acc = h5;
FStar_UInt128_t k_ = load128_le(key_s);
uint32_t h0 = acc[0U];
uint32_t h1 = acc[1U];
uint32_t h2 = acc[2U];
uint32_t h3 = acc[3U];
uint32_t h4 = acc[4U];
FStar_UInt128_t
acc_ =
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4),
(uint32_t)104U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3),
(uint32_t)78U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2),
(uint32_t)52U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1),
(uint32_t)26U),
FStar_UInt128_uint64_to_uint128((uint64_t)h0)))));
FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_);
store128_le(output, mac_);
}
static void
Hacl_Standalone_Poly1305_32_crypto_onetimeauth(
uint8_t *output,
uint8_t *input,
uint64_t len1,
uint8_t *k1)
{
Hacl_Standalone_Poly1305_32_crypto_onetimeauth_(output, input, len1, k1);
}
void *
Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b)
{
return (void *)(uint8_t)0U;
}
Hacl_Impl_Poly1305_32_State_poly1305_state
Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc)
{
return Hacl_Impl_Poly1305_32_mk_state(r, acc);
}
void
Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1)
{
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *r = scrut.r;
uint32_t *x0 = r;
FStar_UInt128_t k10 = load128_le(k1);
FStar_UInt128_t
k_clamped =
FStar_UInt128_logand(k10,
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU),
(uint32_t)64U),
FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU)));
uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU;
uint32_t
r1 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU;
uint32_t
r2 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU;
uint32_t
r3 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU;
uint32_t
r4 =
(uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU;
x0[0U] = r0;
x0[1U] = r1;
x0[2U] = r2;
x0[3U] = r3;
x0[4U] = r4;
Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st;
uint32_t *h = scrut0.h;
uint32_t *x00 = h;
x00[0U] = (uint32_t)0U;
x00[1U] = (uint32_t)0U;
x00[2U] = (uint32_t)0U;
x00[3U] = (uint32_t)0U;
x00[4U] = (uint32_t)0U;
}
void *Hacl_Poly1305_32_empty_log = (void *)(uint8_t)0U;
void
Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m)
{
Hacl_Impl_Poly1305_32_poly1305_update(st, m);
}
void
Hacl_Poly1305_32_update(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint32_t len1)
{
if (!(len1 == (uint32_t)0U)) {
uint8_t *block = m;
uint8_t *m_ = m + (uint32_t)16U;
uint32_t len2 = len1 - (uint32_t)1U;
Hacl_Poly1305_32_update_block(st, block);
Hacl_Poly1305_32_update(st, m_, len2);
}
}
void
Hacl_Poly1305_32_update_last(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint32_t len1)
{
if (!((uint64_t)len1 == (uint64_t)0U))
Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, m, (uint64_t)len1);
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *h = scrut.h;
uint32_t *acc = h;
Hacl_Impl_Poly1305_32_poly1305_last_pass(acc);
}
void
Hacl_Poly1305_32_finish(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *mac,
uint8_t *k1)
{
Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st;
uint32_t *h = scrut.h;
uint32_t *acc = h;
FStar_UInt128_t k_ = load128_le(k1);
uint32_t h0 = acc[0U];
uint32_t h1 = acc[1U];
uint32_t h2 = acc[2U];
uint32_t h3 = acc[3U];
uint32_t h4 = acc[4U];
FStar_UInt128_t
acc_ =
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4),
(uint32_t)104U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3),
(uint32_t)78U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2),
(uint32_t)52U),
FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1),
(uint32_t)26U),
FStar_UInt128_uint64_to_uint128((uint64_t)h0)))));
FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_);
store128_le(mac, mac_);
}
void
Hacl_Poly1305_32_crypto_onetimeauth(
uint8_t *output,
uint8_t *input,
uint64_t len1,
uint8_t *k1)
{
Hacl_Standalone_Poly1305_32_crypto_onetimeauth(output, input, len1, k1);
}

103
security/nss/lib/freebl/verified/Hacl_Poly1305_32.h
View File

@ -1,103 +0,0 @@
/* Copyright 2016-2017 INRIA and Microsoft Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "kremlib.h"
#ifndef __Hacl_Poly1305_32_H
#define __Hacl_Poly1305_32_H
typedef uint32_t Hacl_Bignum_Constants_limb;
typedef uint64_t Hacl_Bignum_Constants_wide;
typedef uint64_t Hacl_Bignum_Wide_t;
typedef uint32_t Hacl_Bignum_Limb_t;
typedef void *Hacl_Impl_Poly1305_32_State_log_t;
typedef uint8_t *Hacl_Impl_Poly1305_32_State_uint8_p;
typedef uint32_t *Hacl_Impl_Poly1305_32_State_bigint;
typedef void *Hacl_Impl_Poly1305_32_State_seqelem;
typedef uint32_t *Hacl_Impl_Poly1305_32_State_elemB;
typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB;
typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB_16;
typedef struct
{
uint32_t *r;
uint32_t *h;
} Hacl_Impl_Poly1305_32_State_poly1305_state;
typedef void *Hacl_Impl_Poly1305_32_log_t;
typedef uint32_t *Hacl_Impl_Poly1305_32_bigint;
typedef uint8_t *Hacl_Impl_Poly1305_32_uint8_p;
typedef uint32_t *Hacl_Impl_Poly1305_32_elemB;
typedef uint8_t *Hacl_Impl_Poly1305_32_wordB;
typedef uint8_t *Hacl_Impl_Poly1305_32_wordB_16;
typedef uint8_t *Hacl_Poly1305_32_uint8_p;
typedef uint64_t Hacl_Poly1305_32_uint64_t;
void *Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b);
typedef uint8_t *Hacl_Poly1305_32_key;
typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Poly1305_32_state;
Hacl_Impl_Poly1305_32_State_poly1305_state
Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc);
void Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1);
extern void *Hacl_Poly1305_32_empty_log;
void Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m);
void
Hacl_Poly1305_32_update(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint32_t len1);
void
Hacl_Poly1305_32_update_last(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *m,
uint32_t len1);
void
Hacl_Poly1305_32_finish(
Hacl_Impl_Poly1305_32_State_poly1305_state st,
uint8_t *mac,
uint8_t *k1);
void
Hacl_Poly1305_32_crypto_onetimeauth(
uint8_t *output,
uint8_t *input,
uint64_t len1,
uint8_t *k1);
#endif

130
security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c
View File

@ -70,7 +70,7 @@ static const PKIX_UInt32 httpprotocolLen = 5; /* strlen(httpprotocol) */
* The address at which the Boolean state machine flag is stored to
* indicate whether processing can continue without further input.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -85,7 +85,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete(
PKIX_PL_HttpDefaultClient *client,
PKIX_UInt32 bytesRead,
PKIX_Boolean *pKeepGoing,
void *plCtx)
void *plContext)
{
PKIX_UInt32 alreadyScanned = 0;
PKIX_UInt32 comp = 0;
@ -142,7 +142,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete(
headerLength = (eoh - client->rcvBuf);
/* allocate space to copy header (and for the NULL terminator) */
PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)&copy, plCtx),
PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)&copy, plContext),
PKIX_MALLOCFAILED);
/* copy header data before we corrupt it (by storing NULLs) */
@ -301,7 +301,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete(
if (contentLength > 0) {
/* allocate a buffer of size contentLength for the content */
PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plCtx),
PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plContext),
PKIX_MALLOCFAILED);
/* copy any remaining bytes in current buffer into new buffer */
@ -311,7 +311,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete(
}
}
PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plCtx),
PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plContext),
PKIX_FREEFAILED);
client->rcvBuf = body;
@ -340,7 +340,7 @@ cleanup:
* "pClient"
* The address at which the created HttpDefaultClient is to be stored.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -355,7 +355,7 @@ pkix_pl_HttpDefaultClient_Create(
const char *host,
PRUint16 portnum,
PKIX_PL_HttpDefaultClient **pClient,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
@ -367,7 +367,7 @@ pkix_pl_HttpDefaultClient_Create(
(PKIX_HTTPDEFAULTCLIENT_TYPE,
sizeof (PKIX_PL_HttpDefaultClient),
(PKIX_PL_Object **)&client,
plCtx),
plContext),
PKIX_COULDNOTCREATEHTTPDEFAULTCLIENTOBJECT);
/* Client timeout is overwritten in HttpDefaultClient_RequestCreate
@ -408,10 +408,10 @@ pkix_pl_HttpDefaultClient_Create(
client->socket = NULL;
/*
* The HttpClient API does not include a plCtx argument in its
* The HttpClient API does not include a plContext argument in its
* function calls. Save it here.
*/
client->plContext = plCtx;
client->plContext = plContext;
*pClient = client;
@ -430,7 +430,7 @@ cleanup:
static PKIX_Error *
pkix_pl_HttpDefaultClient_Destroy(
PKIX_PL_Object *object,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
@ -438,13 +438,13 @@ pkix_pl_HttpDefaultClient_Destroy(
PKIX_NULLCHECK_ONE(object);
PKIX_CHECK(pkix_CheckType
(object, PKIX_HTTPDEFAULTCLIENT_TYPE, plCtx),
(object, PKIX_HTTPDEFAULTCLIENT_TYPE, plContext),
PKIX_OBJECTNOTANHTTPDEFAULTCLIENT);
client = (PKIX_PL_HttpDefaultClient *)object;
if (client->rcvHeaders) {
PKIX_PL_Free(client->rcvHeaders, plCtx);
PKIX_PL_Free(client->rcvHeaders, plContext);
client->rcvHeaders = NULL;
}
if (client->rcvContentType) {
@ -456,11 +456,11 @@ pkix_pl_HttpDefaultClient_Destroy(
client->GETBuf = NULL;
}
if (client->POSTBuf != NULL) {
PKIX_PL_Free(client->POSTBuf, plCtx);
PKIX_PL_Free(client->POSTBuf, plContext);
client->POSTBuf = NULL;
}
if (client->rcvBuf != NULL) {
PKIX_PL_Free(client->rcvBuf, plCtx);
PKIX_PL_Free(client->rcvBuf, plContext);
client->rcvBuf = NULL;
}
if (client->host) {
@ -493,7 +493,7 @@ cleanup:
* thread-safe.
*/
PKIX_Error *
pkix_pl_HttpDefaultClient_RegisterSelf(void *plCtx)
pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext)
{
extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
pkix_ClassTable_Entry *entry =
@ -529,7 +529,7 @@ pkix_pl_HttpDefaultClient_RegisterSelf(void *plCtx)
* The address at which the Boolean state machine flag is stored to
* indicate whether processing can continue without further input.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -543,7 +543,7 @@ static PKIX_Error *
pkix_pl_HttpDefaultClient_ConnectContinue(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
void *plCtx)
void *plContext)
{
PRErrorCode status;
PKIX_Boolean keepGoing = PKIX_FALSE;
@ -557,7 +557,7 @@ pkix_pl_HttpDefaultClient_ConnectContinue(
callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
PKIX_CHECK(callbackList->connectcontinueCallback
(client->socket, &status, plCtx),
(client->socket, &status, plContext),
PKIX_SOCKETCONNECTCONTINUEFAILED);
if (status == 0) {
@ -595,7 +595,7 @@ cleanup:
* "pBytesTransferred"
* The address at which the number of bytes sent is stored. Must be
* non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -610,7 +610,7 @@ pkix_pl_HttpDefaultClient_Send(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
PKIX_UInt32 *pBytesTransferred,
void *plCtx)
void *plContext)
{
PKIX_Int32 bytesWritten = 0;
PKIX_Int32 lenToWrite = 0;
@ -640,7 +640,7 @@ pkix_pl_HttpDefaultClient_Send(
dataToWrite,
lenToWrite,
&bytesWritten,
plCtx),
plContext),
PKIX_SOCKETSENDFAILED);
client->rcvBuf = NULL;
@ -690,7 +690,7 @@ cleanup:
* "pBytesTransferred"
* The address at which the number of bytes sent is stored. Must be
* non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -705,7 +705,7 @@ pkix_pl_HttpDefaultClient_SendContinue(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
PKIX_UInt32 *pBytesTransferred,
void *plCtx)
void *plContext)
{
PKIX_Int32 bytesWritten = 0;
PKIX_PL_Socket_Callback *callbackList = NULL;
@ -718,7 +718,7 @@ pkix_pl_HttpDefaultClient_SendContinue(
callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
PKIX_CHECK(callbackList->pollCallback
(client->socket, &bytesWritten, NULL, plCtx),
(client->socket, &bytesWritten, NULL, plContext),
PKIX_SOCKETPOLLFAILED);
/*
@ -752,7 +752,7 @@ cleanup:
* The address at which the Boolean state machine flag is stored to
* indicate whether processing can continue without further input.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -766,7 +766,7 @@ static PKIX_Error *
pkix_pl_HttpDefaultClient_RecvHdr(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
void *plCtx)
void *plContext)
{
PKIX_UInt32 bytesToRead = 0;
PKIX_Int32 bytesRead = 0;
@ -787,7 +787,7 @@ pkix_pl_HttpDefaultClient_RecvHdr(
(client->rcvBuf,
client->capacity,
(void **)&(client->rcvBuf),
plCtx),
plContext),
PKIX_REALLOCFAILED);
bytesToRead = client->capacity - client->filledupBytes;
@ -799,7 +799,7 @@ pkix_pl_HttpDefaultClient_RecvHdr(
(void *)&(client->rcvBuf[client->filledupBytes]),
bytesToRead,
&bytesRead,
plCtx),
plContext),
PKIX_SOCKETRECVFAILED);
if (bytesRead > 0) {
@ -808,7 +808,7 @@ pkix_pl_HttpDefaultClient_RecvHdr(
PKIX_CHECK(
pkix_pl_HttpDefaultClient_HdrCheckComplete(client, bytesRead,
pKeepGoing,
plCtx),
plContext),
PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED);
} else {
client->connectStatus = HTTP_RECV_HDR_PENDING;
@ -834,7 +834,7 @@ cleanup:
* The address at which the Boolean state machine flag is stored to
* indicate whether processing can continue without further input.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -848,7 +848,7 @@ static PKIX_Error *
pkix_pl_HttpDefaultClient_RecvHdrContinue(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
void *plCtx)
void *plContext)
{
PKIX_Int32 bytesRead = 0;
PKIX_PL_Socket_Callback *callbackList = NULL;
@ -861,14 +861,14 @@ pkix_pl_HttpDefaultClient_RecvHdrContinue(
callbackList = (PKIX_PL_Socket_Callback *)client->callbackList;
PKIX_CHECK(callbackList->pollCallback
(client->socket, NULL, &bytesRead, plCtx),
(client->socket, NULL, &bytesRead, plContext),
PKIX_SOCKETPOLLFAILED);
if (bytesRead > 0) {
client->filledupBytes += bytesRead;
PKIX_CHECK(pkix_pl_HttpDefaultClient_HdrCheckComplete
(client, bytesRead, pKeepGoing, plCtx),
(client, bytesRead, pKeepGoing, plContext),
PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED);
} else {
@ -897,7 +897,7 @@ cleanup:
* The address at which the Boolean state machine flag is stored to
* indicate whether processing can continue without further input.
* Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -911,7 +911,7 @@ static PKIX_Error *
pkix_pl_HttpDefaultClient_RecvBody(
PKIX_PL_HttpDefaultClient *client,
PKIX_Boolean *pKeepGoing,
void *plCtx)
void *plContext)
{
PKIX_Int32 bytesRead = 0;
PKIX_Int32 bytesToRead = 0;
@ -952,7 +952,7 @@ pkix_pl_HttpDefaultClient_RecvBody(
client->capacity = newLength;
PKIX_CHECK(
PKIX_PL_Realloc(client->rcvBuf, newLength,
(void**)&client->rcvBuf, plCtx),
(void**)&client->rcvBuf, plContext),
PKIX_REALLOCFAILED);
freeBuffSize = client->capacity -
client->filledupBytes;
@ -964,7 +964,7 @@ pkix_pl_HttpDefaultClient_RecvBody(
/* Use poll callback if waiting on non-blocking IO */
if (client->connectStatus == HTTP_RECV_BODY_PENDING) {
PKIX_CHECK(callbackList->pollCallback
(client->socket, NULL, &bytesRead, plCtx),
(client->socket, NULL, &bytesRead, plContext),
PKIX_SOCKETPOLLFAILED);
} else {
PKIX_CHECK(callbackList->recvCallback
@ -972,7 +972,7 @@ pkix_pl_HttpDefaultClient_RecvBody(
(void *)&(client->rcvBuf[client->filledupBytes]),
bytesToRead,
&bytesRead,
plCtx),
plContext),
PKIX_SOCKETRECVFAILED);
}
@ -1026,7 +1026,7 @@ cleanup:
* PARAMETERS:
* "client"
* The address of the HttpDefaultClient object. Must be non-NULL.
* "plCtx"
* "plContext"
* Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
@ -1039,7 +1039,7 @@ cleanup:
static PKIX_Error *
pkix_pl_HttpDefaultClient_Dispatch(
PKIX_PL_HttpDefaultClient *client,
void *plCtx)
void *plContext)
{
PKIX_UInt32 bytesTransferred = 0;
PKIX_Boolean keepGoing = PKIX_TRUE;
@ -1051,33 +1051,33 @@ pkix_pl_HttpDefaultClient_Dispatch(
switch (client->connectStatus) {
case HTTP_CONNECT_PENDING:
PKIX_CHECK(pkix_pl_HttpDefaultClient_ConnectContinue
(client, &keepGoing, plCtx),
(client, &keepGoing, plContext),
PKIX_HTTPDEFAULTCLIENTCONNECTCONTINUEFAILED);
break;
case HTTP_CONNECTED:
PKIX_CHECK(pkix_pl_HttpDefaultClient_Send
(client, &keepGoing, &bytesTransferred, plCtx),
(client, &keepGoing, &bytesTransferred, plContext),
PKIX_HTTPDEFAULTCLIENTSENDFAILED);
break;
case HTTP_SEND_PENDING:
PKIX_CHECK(pkix_pl_HttpDefaultClient_SendContinue
(client, &keepGoing, &bytesTransferred, plCtx),
(client, &keepGoing, &bytesTransferred, plContext),
PKIX_HTTPDEFAULTCLIENTSENDCONTINUEFAILED);
break;
case HTTP_RECV_HDR:
PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdr
(client, &keepGoing, plCtx),
(client, &keepGoing, plContext),
PKIX_HTTPDEFAULTCLIENTRECVHDRFAILED);
break;
case HTTP_RECV_HDR_PENDING:
PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdrContinue
(client, &keepGoing, plCtx),
(client, &keepGoing, plContext),
PKIX_HTTPDEFAULTCLIENTRECVHDRCONTINUEFAILED);
break;
case HTTP_RECV_BODY:
case HTTP_RECV_BODY_PENDING:
PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvBody
(client, &keepGoing, plCtx),
(client, &keepGoing, plContext),
PKIX_HTTPDEFAULTCLIENTRECVBODYFAILED);
break;
case HTTP_ERROR:
@ -1106,7 +1106,7 @@ pkix_pl_HttpDefaultClient_CreateSession(
const char *host,
PRUint16 portnum,
SEC_HTTP_SERVER_SESSION *pSession,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
@ -1115,7 +1115,7 @@ pkix_pl_HttpDefaultClient_CreateSession(
PKIX_NULLCHECK_TWO(host, pSession);
PKIX_CHECK(pkix_pl_HttpDefaultClient_Create
(host, portnum, &client, plCtx),
(host, portnum, &client, plContext),
PKIX_HTTPDEFAULTCLIENTCREATEFAILED);
*pSession = (SEC_HTTP_SERVER_SESSION)client;
@ -1130,7 +1130,7 @@ PKIX_Error *
pkix_pl_HttpDefaultClient_KeepAliveSession(
SEC_HTTP_SERVER_SESSION session,
PRPollDesc **pPollDesc,
void *plCtx)
void *plContext)
{
PKIX_ENTER
(HTTPDEFAULTCLIENT,
@ -1140,7 +1140,7 @@ pkix_pl_HttpDefaultClient_KeepAliveSession(
PKIX_CHECK(pkix_CheckType
((PKIX_PL_Object *)session,
PKIX_HTTPDEFAULTCLIENT_TYPE,
plCtx),
plContext),
PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
/* XXX Not implemented */
@ -1159,7 +1159,7 @@ pkix_pl_HttpDefaultClient_RequestCreate(
const char *http_request_method,
const PRIntervalTime timeout,
SEC_HTTP_REQUEST_SESSION *pRequest,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
PKIX_PL_Socket *socket = NULL;
@ -1174,7 +1174,7 @@ pkix_pl_HttpDefaultClient_RequestCreate(
PKIX_CHECK(pkix_CheckType
((PKIX_PL_Object *)session,
PKIX_HTTPDEFAULTCLIENT_TYPE,
plCtx),
plContext),
PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
client = (PKIX_PL_HttpDefaultClient *)session;
@ -1212,7 +1212,7 @@ pkix_pl_HttpDefaultClient_RequestCreate(
2001, /* client->portnum, */
&status,
&socket,
plCtx),
plContext),
PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED);
#else
PKIX_CHECK(pkix_HttpCertStore_FindSocketConnection
@ -1221,20 +1221,20 @@ pkix_pl_HttpDefaultClient_RequestCreate(
client->portnum,
&status,
&socket,
plCtx),
plContext),
PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED);
#endif
client->socket = socket;
PKIX_CHECK(pkix_pl_Socket_GetCallbackList
(socket, &callbackList, plCtx),
(socket, &callbackList, plContext),
PKIX_SOCKETGETCALLBACKLISTFAILED);
client->callbackList = (void *)callbackList;
PKIX_CHECK(pkix_pl_Socket_GetPRFileDesc
(socket, &fileDesc, plCtx),
(socket, &fileDesc, plContext),
PKIX_SOCKETGETPRFILEDESCFAILED);
client->pollDesc.fd = fileDesc;
@ -1264,7 +1264,7 @@ pkix_pl_HttpDefaultClient_SetPostData(
const char *http_data,
const PRUint32 http_data_len,
const char *http_content_type,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
@ -1276,7 +1276,7 @@ pkix_pl_HttpDefaultClient_SetPostData(
PKIX_CHECK(pkix_CheckType
((PKIX_PL_Object *)request,
PKIX_HTTPDEFAULTCLIENT_TYPE,
plCtx),
plContext),
PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
client = (PKIX_PL_HttpDefaultClient *)request;
@ -1307,7 +1307,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive(
PRUint32 *http_response_data_len,
PRPollDesc **pPollDesc,
SECStatus *pSECReturn,
void *plCtx)
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
PKIX_UInt32 postLen = 0;
@ -1324,7 +1324,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive(
PKIX_CHECK(pkix_CheckType
((PKIX_PL_Object *)request,
PKIX_HTTPDEFAULTCLIENT_TYPE,
plCtx),
plContext),
PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
client = (PKIX_PL_HttpDefaultClient *)request;
@ -1380,7 +1380,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive(
PKIX_CHECK(PKIX_PL_Malloc
(client->POSTLen,
(void **)&(client->POSTBuf),
plCtx),
plContext),
PKIX_MALLOCFAILED);
/* copy header into postBuffer */
@ -1407,7 +1407,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive(
}
/* continue according to state */
PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plCtx),
PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plContext),
PKIX_HTTPDEFAULTCLIENTDISPATCHFAILED);
switch (client->connectStatus) {
@ -1478,7 +1478,7 @@ cleanup:
PKIX_Error *
pkix_pl_HttpDefaultClient_Cancel(
SEC_HTTP_REQUEST_SESSION request,
void *plCtx)
void *plContext)
{
PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Cancel");
PKIX_NULLCHECK_ONE(request);
@ -1486,7 +1486,7 @@ pkix_pl_HttpDefaultClient_Cancel(
PKIX_CHECK(pkix_CheckType
((PKIX_PL_Object *)request,
PKIX_HTTPDEFAULTCLIENT_TYPE,
plCtx),
plContext),
PKIX_REQUESTNOTANHTTPDEFAULTCLIENT);
/* XXX Not implemented */

20
security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c
View File

@ -23,8 +23,8 @@
* PARAMETERS
* "method"
* The UInt32 value to be stored as the method field of the InfoAccess.
* "gName"
* The GeneralName to be stored as the gName field of the InfoAccess.
* "generalName"
* The GeneralName to be stored as the generalName field of the InfoAccess.
* Must be non-NULL.
* "pInfoAccess"
* Address where the result is stored. Must be non-NULL.
@ -39,7 +39,7 @@
static PKIX_Error *
pkix_pl_InfoAccess_Create(
PKIX_UInt32 method,
PKIX_PL_GeneralName *gName,
PKIX_PL_GeneralName *generalName,
PKIX_PL_InfoAccess **pInfoAccess,
void *plContext)
{
@ -47,7 +47,7 @@ pkix_pl_InfoAccess_Create(
PKIX_PL_InfoAccess *infoAccess = NULL;
PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Create");
PKIX_NULLCHECK_TWO(gName, pInfoAccess);
PKIX_NULLCHECK_TWO(generalName, pInfoAccess);
PKIX_CHECK(PKIX_PL_Object_Alloc
(PKIX_INFOACCESS_TYPE,
@ -58,8 +58,8 @@ pkix_pl_InfoAccess_Create(
infoAccess->method = method;
PKIX_INCREF(gName);
infoAccess->location = gName;
PKIX_INCREF(generalName);
infoAccess->location = generalName;
*pInfoAccess = infoAccess;
infoAccess = NULL;
@ -678,7 +678,7 @@ pkix_pl_UnescapeURL(
* [binary|<other-type>]]*
*
* PARAMETERS
* "gName"
* "generalName"
* Address of the GeneralName whose LDAPLocation is to be parsed. Must be
* non-NULL.
* "arena"
@ -700,7 +700,7 @@ pkix_pl_UnescapeURL(
*/
PKIX_Error *
pkix_pl_InfoAccess_ParseLocation(
PKIX_PL_GeneralName *gName,
PKIX_PL_GeneralName *generalName,
PLArenaPool *arena,
LDAPRequestParams *request,
char **pDomainName,
@ -722,9 +722,9 @@ pkix_pl_InfoAccess_ParseLocation(
LDAPNameComponent *nameComponent = NULL;
PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ParseLocation");
PKIX_NULLCHECK_FOUR(gName, arena, request, pDomainName);
PKIX_NULLCHECK_FOUR(generalName, arena, request, pDomainName);
PKIX_TOSTRING(gName, &locationString, plContext,
PKIX_TOSTRING(generalName, &locationString, plContext,
PKIX_GENERALNAMETOSTRINGFAILED);
PKIX_CHECK(PKIX_PL_String_GetEncoded

6
security/nss/lib/nss/nss.h
View File

@ -22,12 +22,12 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define NSS_VERSION "3.37" _NSS_CUSTOMIZED " Beta"
#define NSS_VERSION "3.36" _NSS_CUSTOMIZED
#define NSS_VMAJOR 3
#define NSS_VMINOR 37
#define NSS_VMINOR 36
#define NSS_VPATCH 0
#define NSS_VBUILD 0
#define NSS_BETA PR_TRUE
#define NSS_BETA PR_FALSE
#ifndef RC_INVOKED

18
security/nss/lib/pk11wrap/pk11akey.c
View File

@ -804,30 +804,12 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
/* don't know? look it up */
if (keyType == nullKey) {
CK_KEY_TYPE pk11Type = CKK_RSA;
SECItem info;
pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE);
isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE);
switch (pk11Type) {
case CKK_RSA:
keyType = rsaKey;
/* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */
rv = PK11_ReadAttribute(slot, privID, CKA_PUBLIC_KEY_INFO, NULL, &info);
if (rv == SECSuccess) {
CERTSubjectPublicKeyInfo *spki;
spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&info);
if (spki) {
SECOidTag tag;
tag = SECOID_GetAlgorithmTag(&spki->algorithm);
if (tag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE)
keyType = rsaPssKey;
SECKEY_DestroySubjectPublicKeyInfo(spki);
}
SECITEM_FreeItem(&info, PR_FALSE);
}
break;
case CKK_DSA:
keyType = dsaKey;

8
security/nss/lib/pk11wrap/pk11pars.c
View File

@ -547,16 +547,16 @@ secmod_applyCryptoPolicy(const char *policyString,
for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) {
const oidValDef *algOpt = &algOptList[i];
unsigned name_size = algOpt->name_size;
PRBool newOption = PR_FALSE;
PRBool newValue = PR_FALSE;
if ((length >= name_size) && (cipher[name_size] == '/')) {
newOption = PR_TRUE;
newValue = PR_TRUE;
}
if ((newOption || algOpt->name_size == length) &&
if ((newValue || algOpt->name_size == length) &&
PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) {
PRUint32 value = algOpt->val;
PRUint32 enable, disable;
if (newOption) {
if (newValue) {
value = secmod_parsePolicyValue(&cipher[name_size] + 1,
length - name_size - 1);
}

1
security/nss/lib/pkcs7/p7decode.c
View File

@ -1590,6 +1590,7 @@ sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
} else {
SECItem *sig;
SECItem holder;
SECStatus rv;
/*
* No authenticated attributes.

4
security/nss/lib/pki/pki3hack.c
View File

@ -1143,8 +1143,8 @@ STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust)
(PRBool)(trust->sslFlags & CERTDB_GOVT_APPROVED_CA);
if (c->object.cryptoContext != NULL) {
/* The cert is in a context, set the trust there */
NSSCryptoContext *cctx = c->object.cryptoContext;
nssrv = nssCryptoContext_ImportTrust(cctx, nssTrust);
NSSCryptoContext *cc = c->object.cryptoContext;
nssrv = nssCryptoContext_ImportTrust(cc, nssTrust);
if (nssrv != PR_SUCCESS) {
goto done;
}

2
security/nss/lib/smime/cmsrecinfo.c
View File

@ -82,7 +82,7 @@ nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg,
if (DERinput) {
/* decode everything from DER */
SECItem newinput;
rv = SECITEM_CopyItem(poolp, &newinput, DERinput);
SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput);
if (SECSuccess != rv)
goto loser;
rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput);

24
security/nss/lib/softoken/lowkey.c
View File

@ -45,23 +45,6 @@ const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
{ 0 }
};
const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYSubjectPublicKeyInfo) },
{ SEC_ASN1_INLINE | SEC_ASN1_XTRN,
offsetof(NSSLOWKEYSubjectPublicKeyInfo, algorithm),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
{ SEC_ASN1_BIT_STRING,
offsetof(NSSLOWKEYSubjectPublicKeyInfo, subjectPublicKey) },
{ 0 }
};
const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
{ SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.modulus) },
{ SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.publicExponent) },
{ 0 }
};
const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
{ SEC_ASN1_INTEGER, offsetof(PQGParams, prime) },
@ -151,13 +134,6 @@ prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
key->u.rsa.coefficient.type = siUnsignedInteger;
}
void
prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key)
{
key->u.rsa.modulus.type = siUnsignedInteger;
key->u.rsa.publicExponent.type = siUnsignedInteger;
}
void
prepare_low_pqg_params_for_asn1(PQGParams *params)
{

1
security/nss/lib/softoken/lowkeyi.h
View File

@ -27,7 +27,6 @@ extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
extern void prepare_low_ecparams_for_asn1(ECParams *params);
extern void prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key);
/*
** Destroy a private key object.

9
security/nss/lib/softoken/lowkeyti.h
View File

@ -25,8 +25,6 @@ extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[];
extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
extern const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[];
extern const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[];
/*
* PKCS #8 attributes
@ -50,13 +48,6 @@ struct NSSLOWKEYPrivateKeyInfoStr {
typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */
struct NSSLOWKEYSubjectPublicKeyInfoStr {
PLArenaPool *arena;
SECAlgorithmID algorithm;
SECItem subjectPublicKey;
};
typedef struct NSSLOWKEYSubjectPublicKeyInfoStr NSSLOWKEYSubjectPublicKeyInfo;
typedef enum {
NSSLOWKEYNullKey = 0,
NSSLOWKEYRSAKey = 1,

10
security/nss/lib/softoken/lowpbe.c
View File

@ -1073,15 +1073,15 @@ sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy,
}
if (encrypt != PR_FALSE) {
void *v;
void *dummy;
v = CBC_PadBuffer(NULL, dup_src->data,
dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */);
if (v == NULL) {
dummy = CBC_PadBuffer(NULL, dup_src->data,
dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */);
if (dummy == NULL) {
SECITEM_FreeItem(dup_src, PR_TRUE);
return NULL;
}
dup_src->data = (unsigned char *)v;
dup_src->data = (unsigned char *)dummy;
}
dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));

72
security/nss/lib/softoken/pkcs11.c
View File

@ -1343,6 +1343,7 @@ sftk_handleSecretKeyObject(SFTKSession *session, SFTKObject *object,
if (sftk_isTrue(object, CKA_TOKEN)) {
SFTKSlot *slot = session->slot;
SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
CK_RV crv;
if (keyHandle == NULL) {
return CKR_TOKEN_WRITE_PROTECTED;
@ -3806,12 +3807,12 @@ NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
PZ_Unlock(slot->slotLock);
/* Reset login flags. */
if (ulNewLen == 0) {
PRBool tokenRemoved = PR_FALSE;
PZ_Lock(slot->slotLock);
slot->isLoggedIn = PR_FALSE;
slot->ssoLoggedIn = PR_FALSE;
PZ_Unlock(slot->slotLock);
tokenRemoved = PR_FALSE;
rv = sftkdb_CheckPassword(handle, "", &tokenRemoved);
if (tokenRemoved) {
sftk_CloseAllSessions(slot, PR_FALSE);
@ -4421,44 +4422,6 @@ NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
return CKR_OK;
}
static CK_RV
nsc_GetTokenAttributeValue(SFTKSession *session, CK_OBJECT_HANDLE hObject,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
{
SFTKSlot *slot = sftk_SlotFromSession(session);
SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject);
SFTKDBHandle *keydb = NULL;
CK_RV crv;
if (dbHandle == NULL) {
return CKR_OBJECT_HANDLE_INVALID;
}
crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount);
/* make sure we don't export any sensitive information */
keydb = sftk_getKeyDB(slot);
if (dbHandle == keydb) {
CK_ULONG i;
for (i = 0; i < ulCount; i++) {
if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) {
crv = CKR_ATTRIBUTE_SENSITIVE;
if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) {
PORT_Memset(pTemplate[i].pValue, 0,
pTemplate[i].ulValueLen);
}
pTemplate[i].ulValueLen = -1;
}
}
}
sftk_freeDB(dbHandle);
if (keydb) {
sftk_freeDB(keydb);
}
return crv;
}
/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
CK_RV
NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
@ -4487,8 +4450,37 @@ NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
/* short circuit everything for token objects */
if (sftk_isToken(hObject)) {
crv = nsc_GetTokenAttributeValue(session, hObject, pTemplate, ulCount);
SFTKSlot *slot = sftk_SlotFromSession(session);
SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject);
SFTKDBHandle *keydb = NULL;
if (dbHandle == NULL) {
sftk_FreeSession(session);
return CKR_OBJECT_HANDLE_INVALID;
}
crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount);
/* make sure we don't export any sensitive information */
keydb = sftk_getKeyDB(slot);
if (dbHandle == keydb) {
for (i = 0; i < (int)ulCount; i++) {
if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) {
crv = CKR_ATTRIBUTE_SENSITIVE;
if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) {
PORT_Memset(pTemplate[i].pValue, 0,
pTemplate[i].ulValueLen);
}
pTemplate[i].ulValueLen = -1;
}
}
}
sftk_FreeSession(session);
sftk_freeDB(dbHandle);
if (keydb) {
sftk_freeDB(keydb);
}
return crv;
}

116
security/nss/lib/softoken/pkcs11c.c
View File

@ -5324,52 +5324,7 @@ sftk_PackagePrivateKey(SFTKObject *key, CK_RV *crvp)
prepare_low_rsa_priv_key_for_asn1(lk);
dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
nsslowkey_RSAPrivateKeyTemplate);
/* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */
attribute = sftk_FindAttribute(key, CKA_PUBLIC_KEY_INFO);
if (attribute) {
NSSLOWKEYSubjectPublicKeyInfo *publicKeyInfo;
SECItem spki;
spki.data = attribute->attrib.pValue;
spki.len = attribute->attrib.ulValueLen;
publicKeyInfo = PORT_ArenaZAlloc(arena,
sizeof(NSSLOWKEYSubjectPublicKeyInfo));
if (!publicKeyInfo) {
sftk_FreeAttribute(attribute);
*crvp = CKR_HOST_MEMORY;
rv = SECFailure;
goto loser;
}
rv = SEC_QuickDERDecodeItem(arena, publicKeyInfo,
nsslowkey_SubjectPublicKeyInfoTemplate,
&spki);
if (rv != SECSuccess) {
sftk_FreeAttribute(attribute);
*crvp = CKR_KEY_TYPE_INCONSISTENT;
goto loser;
}
algorithm = SECOID_GetAlgorithmTag(&publicKeyInfo->algorithm);
if (algorithm != SEC_OID_PKCS1_RSA_ENCRYPTION &&
algorithm != SEC_OID_PKCS1_RSA_PSS_SIGNATURE) {
sftk_FreeAttribute(attribute);
rv = SECFailure;
*crvp = CKR_KEY_TYPE_INCONSISTENT;
goto loser;
}
param = SECITEM_DupItem(&publicKeyInfo->algorithm.parameters);
if (!param) {
sftk_FreeAttribute(attribute);
rv = SECFailure;
*crvp = CKR_HOST_MEMORY;
goto loser;
}
sftk_FreeAttribute(attribute);
} else {
/* default to PKCS #1 */
algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
}
algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
break;
case NSSLOWKEYDSAKey:
prepare_low_dsa_priv_key_export_for_asn1(lk);
@ -5848,53 +5803,6 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki)
break;
}
if (crv != CKR_OK) {
goto loser;
}
/* For RSA-PSS, record the original algorithm parameters so
* they can be encrypted altoghether when wrapping */
if (SECOID_GetAlgorithmTag(&pki->algorithm) == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) {
NSSLOWKEYSubjectPublicKeyInfo spki;
NSSLOWKEYPublicKey pubk;
SECItem *publicKeyInfo;
memset(&spki, 0, sizeof(NSSLOWKEYSubjectPublicKeyInfo));
rv = SECOID_CopyAlgorithmID(arena, &spki.algorithm, &pki->algorithm);
if (rv != SECSuccess) {
crv = CKR_HOST_MEMORY;
goto loser;
}
prepare_low_rsa_pub_key_for_asn1(&pubk);
rv = SECITEM_CopyItem(arena, &pubk.u.rsa.modulus, &lpk->u.rsa.modulus);
if (rv != SECSuccess) {
crv = CKR_HOST_MEMORY;
goto loser;
}
rv = SECITEM_CopyItem(arena, &pubk.u.rsa.publicExponent, &lpk->u.rsa.publicExponent);
if (rv != SECSuccess) {
crv = CKR_HOST_MEMORY;
goto loser;
}
if (SEC_ASN1EncodeItem(arena, &spki.subjectPublicKey,
&pubk, nsslowkey_RSAPublicKeyTemplate) == NULL) {
crv = CKR_HOST_MEMORY;
goto loser;
}
publicKeyInfo = SEC_ASN1EncodeItem(arena, NULL,
&spki, nsslowkey_SubjectPublicKeyInfoTemplate);
if (!publicKeyInfo) {
crv = CKR_HOST_MEMORY;
goto loser;
}
crv = sftk_AddAttributeType(key, CKA_PUBLIC_KEY_INFO,
sftk_item_expand(publicKeyInfo));
}
loser:
if (lpk) {
nsslowkey_DestroyPrivateKey(lpk);
@ -7667,13 +7575,13 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession,
(const CK_NSS_HKDFParams *)pMechanism->pParameter;
const SECHashObject *rawHash;
unsigned hashLen;
CK_BYTE hashbuf[HASH_LENGTH_MAX];
CK_BYTE buf[HASH_LENGTH_MAX];
CK_BYTE *prk; /* psuedo-random key */
CK_ULONG prkLen;
CK_BYTE *okm; /* output keying material */
rawHash = HASH_GetRawHashObject(hashType);
if (rawHash == NULL || rawHash->length > sizeof(hashbuf)) {
if (rawHash == NULL || rawHash->length > sizeof buf) {
crv = CKR_FUNCTION_FAILED;
break;
}
@ -7707,7 +7615,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession,
saltLen = params->ulSaltLen;
if (salt == NULL) {
saltLen = hashLen;
salt = hashbuf;
salt = buf;
memset(salt, 0, saltLen);
}
hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS);
@ -7718,10 +7626,10 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession,
HMAC_Begin(hmac);
HMAC_Update(hmac, (const unsigned char *)att->attrib.pValue,
att->attrib.ulValueLen);
HMAC_Finish(hmac, hashbuf, &bufLen, sizeof(hashbuf));
HMAC_Finish(hmac, buf, &bufLen, sizeof(buf));
HMAC_Destroy(hmac, PR_TRUE);
PORT_Assert(bufLen == rawHash->length);
prk = hashbuf;
prk = buf;
prkLen = bufLen;
} else {
/* PRK = base key value */
@ -7738,24 +7646,24 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession,
* key material = T(1) | ... | T(n)
*/
HMACContext *hmac;
CK_BYTE bi;
CK_BYTE i;
unsigned iterations = PR_ROUNDUP(keySize, hashLen) / hashLen;
hmac = HMAC_Create(rawHash, prk, prkLen, isFIPS);
if (hmac == NULL) {
crv = CKR_HOST_MEMORY;
break;
}
for (bi = 1; bi <= iterations; ++bi) {
for (i = 1; i <= iterations; ++i) {
unsigned len;
HMAC_Begin(hmac);
if (bi > 1) {
HMAC_Update(hmac, key_block + ((bi - 2) * hashLen), hashLen);
if (i > 1) {
HMAC_Update(hmac, key_block + ((i - 2) * hashLen), hashLen);
}
if (params->ulInfoLen != 0) {
HMAC_Update(hmac, params->pInfo, params->ulInfoLen);
}
HMAC_Update(hmac, &bi, 1);
HMAC_Finish(hmac, key_block + ((bi - 1) * hashLen), &len,
HMAC_Update(hmac, &i, 1);
HMAC_Finish(hmac, key_block + ((i - 1) * hashLen), &len,
hashLen);
PORT_Assert(len == hashLen);
}

4
security/nss/lib/softoken/pkcs11u.c
View File

@ -1193,7 +1193,7 @@ sftk_DeleteObject(SFTKSession *session, SFTKObject *object)
/* Handle Token case */
if (so && so->session) {
session = so->session;
SFTKSession *session = so->session;
PZ_Lock(session->objectLock);
sftkqueue_delete(&so->sessionList, 0, session->objects, 0);
PZ_Unlock(session->objectLock);
@ -1269,7 +1269,7 @@ static const CK_ULONG ecPubKeyAttrsCount =
static const CK_ATTRIBUTE_TYPE commonPrivKeyAttrs[] = {
CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER, CKA_UNWRAP, CKA_SUBJECT,
CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB, CKA_PUBLIC_KEY_INFO
CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB
};
static const CK_ULONG commonPrivKeyAttrsCount =
sizeof(commonPrivKeyAttrs) / sizeof(commonPrivKeyAttrs[0]);

3
security/nss/lib/softoken/sdb.c
View File

@ -154,8 +154,7 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = {
CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM,
CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING,
CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH,
CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS,
CKA_PUBLIC_KEY_INFO
CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS
};
static int known_attributes_size = sizeof(known_attributes) /

3
security/nss/lib/softoken/sftkdb.c
View File

@ -1591,8 +1591,7 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = {
CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM,
CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING,
CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH,
CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS,
CKA_PUBLIC_KEY_INFO
CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS
};
static unsigned int known_attributes_size = sizeof(known_attributes) /

34
security/nss/lib/softoken/sftkpars.c
View File

@ -162,7 +162,7 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
}
if (parsed->tokens == NULL) {
int count = isFIPS ? 1 : 2;
int i = count - 1;
int index = count - 1;
sftk_token_parameters *tokens = NULL;
tokens = (sftk_token_parameters *)
@ -172,30 +172,30 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
}
parsed->tokens = tokens;
parsed->token_count = count;
tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
tokens[i].certPrefix = certPrefix;
tokens[i].keyPrefix = keyPrefix;
tokens[i].minPW = minPW ? atoi(minPW) : 0;
tokens[i].readOnly = parsed->readOnly;
tokens[i].noCertDB = parsed->noCertDB;
tokens[i].noKeyDB = parsed->noCertDB;
tokens[i].forceOpen = parsed->forceOpen;
tokens[i].pwRequired = parsed->pwRequired;
tokens[i].optimizeSpace = parsed->optimizeSpace;
tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
tokens[index].certPrefix = certPrefix;
tokens[index].keyPrefix = keyPrefix;
tokens[index].minPW = minPW ? atoi(minPW) : 0;
tokens[index].readOnly = parsed->readOnly;
tokens[index].noCertDB = parsed->noCertDB;
tokens[index].noKeyDB = parsed->noCertDB;
tokens[index].forceOpen = parsed->forceOpen;
tokens[index].pwRequired = parsed->pwRequired;
tokens[index].optimizeSpace = parsed->optimizeSpace;
tokens[0].optimizeSpace = parsed->optimizeSpace;
certPrefix = NULL;
keyPrefix = NULL;
if (isFIPS) {
tokens[i].tokdes = ftokdes;
tokens[i].updtokdes = pupdtokdes;
tokens[i].slotdes = fslotdes;
tokens[index].tokdes = ftokdes;
tokens[index].updtokdes = pupdtokdes;
tokens[index].slotdes = fslotdes;
fslotdes = NULL;
ftokdes = NULL;
pupdtokdes = NULL;
} else {
tokens[i].tokdes = ptokdes;
tokens[i].updtokdes = pupdtokdes;
tokens[i].slotdes = pslotdes;
tokens[index].tokdes = ptokdes;
tokens[index].updtokdes = pupdtokdes;
tokens[index].slotdes = pslotdes;
tokens[0].slotID = NETSCAPE_SLOT_ID;
tokens[0].tokdes = tokdes;
tokens[0].slotdes = slotdes;

6
security/nss/lib/softoken/softkver.h
View File

@ -17,11 +17,11 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define SOFTOKEN_VERSION "3.37" SOFTOKEN_ECC_STRING " Beta"
#define SOFTOKEN_VERSION "3.36" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VMAJOR 3
#define SOFTOKEN_VMINOR 37
#define SOFTOKEN_VMINOR 36
#define SOFTOKEN_VPATCH 0
#define SOFTOKEN_VBUILD 0
#define SOFTOKEN_BETA PR_TRUE
#define SOFTOKEN_BETA PR_FALSE
#endif /* _SOFTKVER_H_ */

3
security/nss/lib/ssl/ssl3con.c
View File

@ -3034,6 +3034,7 @@ ssl3_SendChangeCipherSpecsInt(sslSocket *ss)
return SECFailure; /* error code set by ssl3_SendRecord */
}
} else {
SECStatus rv;
rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1);
if (rv != SECSuccess) {
return SECFailure;
@ -11707,7 +11708,7 @@ ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize)
}
for (i = 0; i < toCheck; i++) {
t = paddingLength - i;
unsigned int t = paddingLength - i;
/* If i <= paddingLength then the MSB of t is zero and mask is
* 0xff. Otherwise, mask is 0. */
unsigned char mask = DUPLICATE_MSB_TO_ALL(~t);

4
security/nss/lib/ssl/ssl3ecc.c
View File

@ -548,12 +548,12 @@ ssl3_HandleECDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length)
if (ss->ssl3.prSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) {
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
if (rv != SECSuccess) {
goto alert_loser; /* malformed or unsupported. */
goto loser; /* malformed or unsupported. */
}
rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
ss->sec.peerCert);
if (rv != SECSuccess) {
goto alert_loser;
goto loser;
}
hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
} else {

6
security/nss/lib/util/nssutil.h
View File

@ -19,12 +19,12 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
#define NSSUTIL_VERSION "3.37 Beta"
#define NSSUTIL_VERSION "3.36"
#define NSSUTIL_VMAJOR 3
#define NSSUTIL_VMINOR 37
#define NSSUTIL_VMINOR 36
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 0
#define NSSUTIL_BETA PR_TRUE
#define NSSUTIL_BETA PR_FALSE
SEC_BEGIN_PROTOS

2
security/nss/lib/util/pkcs11t.h
View File

@ -466,8 +466,6 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE;
#define CKA_EXPONENT_1 0x00000126
#define CKA_EXPONENT_2 0x00000127
#define CKA_COEFFICIENT 0x00000128
/* CKA_PUBLIC_KEY_INFO is new for v2.40 */
#define CKA_PUBLIC_KEY_INFO 0x00000129
#define CKA_PRIME 0x00000130
#define CKA_SUBPRIME 0x00000131
#define CKA_BASE 0x00000132

1
security/nss/nss-tool/enc/enctool.cc
View File

@ -271,6 +271,7 @@ bool EncTool::DoCipher(std::string file_name, std::string out_file,
if (file_name.empty()) {
std::vector<uint8_t> data = ReadInputData("");
std::vector<uint8_t> out(data.size() + 16);
SECStatus rv;
if (encrypt) {
rv = PK11_Encrypt(symKey.get(), cipher_mech_, params.get(), out.data(),
&outLen, data.size() + 16, data.data(), data.size());

2
security/nss/tests/all.sh
View File

@ -309,7 +309,7 @@ TESTS=${NSS_TESTS:-$tests}
ALL_TESTS=${TESTS}
nss_ssl_tests="crl iopr policy normal_normal"
nss_ssl_tests="crl iopr policy"
if [ $NO_INIT_SUPPORT -eq 0 ]; then
nss_ssl_tests="$nss_ssl_tests fips_normal normal_fips"
fi

Some files were not shown because too many files have changed in this diff Show More