Bug 822365: Rename the hashAlg field of CK_NSS_MAC_CONSTANT_TIME_PARAMS to

macAlg because it is a PKCS #11 MAC mechanism. r=rrelyea.
Modified Files:
	lib/softoken/sftkhmac.c lib/ssl/ssl3con.c lib/util/pkcs11n.h

3 files changed, 23 insertions, 13 deletions

diff --git a/security/nss/lib/softoken/sftkhmac.c b/security/nss/lib/softoken/sftkhmac.c
index 2946a9179..3b55a0572 100644
--- a/security/nss/lib/softoken/sftkhmac.c
+++ b/security/nss/lib/softoken/sftkhmac.c
@@ -9,27 +9,25 @@
 #include "softoken.h"
 #include "hmacct.h"
 
-/* mechanismToHash converts a PKCS#11 hash mechanism into a freebl hash
+/* MACMechanismToHash converts a PKCS#11 MAC mechanism into a freebl hash
  * type. */
 static HASH_HashType
-mechanismToHash(CK_MECHANISM_TYPE mech)
+MACMechanismToHash(CK_MECHANISM_TYPE mech)
 {
     switch (mech) {
-	case CKM_MD5:
 	case CKM_MD5_HMAC:
 	case CKM_SSL3_MD5_MAC:
 	    return HASH_AlgMD5;
-	case CKM_SHA_1:
 	case CKM_SHA_1_HMAC:
 	case CKM_SSL3_SHA1_MAC:
 	    return HASH_AlgSHA1;
-	case CKM_SHA224:
+	case CKM_SHA224_HMAC:
 	    return HASH_AlgSHA224;
-	case CKM_SHA256:
+	case CKM_SHA256_HMAC:
 	    return HASH_AlgSHA256;
-	case CKM_SHA384:
+	case CKM_SHA384_HMAC:
 	    return HASH_AlgSHA384;
-	case CKM_SHA512:
+	case CKM_SHA512_HMAC:
 	    return HASH_AlgSHA512;
     }
     return HASH_AlgNULL;
@@ -50,7 +48,7 @@ SetupMAC(CK_MECHANISM_PTR mech, SFTKObject *key)
 	return NULL;
     }
 
-    alg = mechanismToHash(params->hashAlg);
+    alg = MACMechanismToHash(params->macAlg);
     if (alg == HASH_AlgNULL) {
 	return NULL;
     }
@@ -106,13 +104,18 @@ sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
     CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
 	(CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
     unsigned int padLength = 40, j;
+    sftk_MACConstantTimeCtx *ctx;
 
-    sftk_MACConstantTimeCtx *ctx = SetupMAC(mech, key);
+    if (params->macAlg != CKM_SSL3_MD5_MAC &&
+	params->macAlg != CKM_SSL3_SHA1_MAC) {
+	return NULL;
+    }
+    ctx = SetupMAC(mech, key);
     if (!ctx) {
 	return NULL;
     }
 
-    if (params->hashAlg == CKM_SSL3_MD5_MAC) {
+    if (params->macAlg == CKM_SSL3_MD5_MAC) {
 	padLength = 48;
     }
 
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 1adeb4ec2..931b7e493 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -2100,7 +2100,7 @@ ssl3_ComputeRecordMACConstantTime(
 	params.ulHeaderLen = 13;
     }
 
-    params.hashAlg = spec->mac_def->mmech;
+    params.macAlg = spec->mac_def->mmech;
     params.ulBodyTotalLen = originalLen;
     params.pHeader = header;
 
diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h
index 216159a8f..04ef48244 100644
--- a/security/nss/lib/util/pkcs11n.h
+++ b/security/nss/lib/util/pkcs11n.h
@@ -243,8 +243,15 @@ typedef struct CK_NSS_JPAKEFinalParams {
     CK_NSS_JPAKEPublicValue B; /* in */
 } CK_NSS_JPAKEFinalParams;
 
+/* NOTE: the softoken's implementation of CKM_NSS_HMAC_CONSTANT_TIME and
+ * CKM_NSS_SSL3_MAC_CONSTANT_TIME requires that the sum of ulBodyTotalLen
+ * and ulHeaderLen be much smaller than 2^32 / 8 bytes because it uses an
+ * unsigned int variable to represent the length in bits. This should not
+ * be a problem because the SSL/TLS protocol limits the size of an SSL
+ * record to something considerably less than 2^32 bytes.
+ */
 typedef struct CK_NSS_MAC_CONSTANT_TIME_PARAMS {
-    CK_MECHANISM_TYPE hashAlg;  /* in */
+    CK_MECHANISM_TYPE macAlg;   /* in */
     CK_ULONG ulBodyTotalLen;    /* in */
     CK_BYTE * pHeader;          /* in */
     CK_ULONG ulHeaderLen;       /* in */