summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwtc%google.com <devnull@localhost>2013-02-06 22:20:23 +0000
committerwtc%google.com <devnull@localhost>2013-02-06 22:20:23 +0000
commit7e59c6b59d75417c09122283348675eb57240266 (patch)
tree03d47db46b4e7ade4874e7f6a8937b4eca2c873c
parentfe4302ce9c8e29cf7eb618804c0267e99ce2017b (diff)
downloadnss-hg-7e59c6b59d75417c09122283348675eb57240266.tar.gz
Bug 822365: PKCS #11 naming convention and NSS coding style fixes for the
constant-time CBC decoding code. r=rrelyea. Modified Files: lib/freebl/hmacct.c lib/freebl/loader.c lib/freebl/md5.c lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/sftkhmac.c lib/ssl/ssl3con.c lib/util/pkcs11n.h
Diffstat
-rw-r--r--security/nss/lib/freebl/hmacct.c43
-rw-r--r--security/nss/lib/freebl/loader.c12
-rw-r--r--security/nss/lib/freebl/md5.c2
-rw-r--r--security/nss/lib/softoken/pkcs11.c2
-rw-r--r--security/nss/lib/softoken/pkcs11c.c14
-rw-r--r--security/nss/lib/softoken/sftkhmac.c78
-rw-r--r--security/nss/lib/ssl/ssl3con.c64
-rw-r--r--security/nss/lib/util/pkcs11n.h12
8 files changed, 134 insertions, 93 deletions
diff --git a/security/nss/lib/freebl/hmacct.c b/security/nss/lib/freebl/hmacct.c
index 3dcd5f2f3..52457dcda 100644
--- a/security/nss/lib/freebl/hmacct.c
+++ b/security/nss/lib/freebl/hmacct.c
@@ -30,19 +30,23 @@
/* constantTimeGE returns 0xff if a>=b and 0x00 otherwise, where a, b <
* MAX_UINT/2. */
-static unsigned char constantTimeGE(unsigned int a, unsigned int b) {
+static unsigned char
+constantTimeGE(unsigned int a, unsigned int b)
+{
a -= b;
return DUPLICATE_MSB_TO_ALL(~a);
}
/* constantTimeEQ8 returns 0xff if a==b and 0x00 otherwise. */
-static unsigned char constantTimeEQ8(unsigned char a, unsigned char b) {
+static unsigned char
+constantTimeEQ8(unsigned char a, unsigned char b)
+{
unsigned int c = a ^ b;
c--;
return DUPLICATE_MSB_TO_ALL_8(c);
}
-/* mac performs a constant time SSLv3/TLS MAC of |dataLen| bytes of |data|,
+/* MAC performs a constant time SSLv3/TLS MAC of |dataLen| bytes of |data|,
* where |dataLen| includes both the authenticated bytes and the MAC tag from
* the sender. |dataLen| must be >= the length of the MAC tag.
*
@@ -57,8 +61,8 @@ static unsigned char constantTimeEQ8(unsigned char a, unsigned char b) {
* |header| contains either the 13-byte TLS header (containing the sequence
* number, record type etc), or it contains the SSLv3 header with the SSLv3
* padding bytes etc. */
-static SECStatus mac(
- unsigned char *mdOut,
+static SECStatus
+MAC(unsigned char *mdOut,
unsigned int *mdOutLen,
unsigned int mdOutMax,
const SECHashObject *hashObj,
@@ -69,8 +73,8 @@ static SECStatus mac(
const unsigned char *data,
unsigned int dataLen,
unsigned int dataTotalLen,
- unsigned char isSSLv3) {
-
+ unsigned char isSSLv3)
+{
void *mdState = hashObj->create();
const unsigned int mdSize = hashObj->length;
const unsigned int mdBlockSize = hashObj->blocklength;
@@ -196,7 +200,8 @@ static SECStatus mac(
memcpy(firstBlock + overhang, data, mdBlockSize-overhang);
hashObj->update(mdState, firstBlock, mdBlockSize);
for (i = 1; i < k/mdBlockSize - 1; i++) {
- hashObj->update(mdState, data + mdBlockSize*i - overhang, mdBlockSize);
+ hashObj->update(mdState, data + mdBlockSize*i - overhang,
+ mdBlockSize);
}
} else {
/* k is a multiple of mdBlockSize. */
@@ -204,7 +209,8 @@ static SECStatus mac(
memcpy(firstBlock+13, data, mdBlockSize-13);
hashObj->update(mdState, firstBlock, mdBlockSize);
for (i = 1; i < k/mdBlockSize; i++) {
- hashObj->update(mdState, data + mdBlockSize*i - 13, mdBlockSize);
+ hashObj->update(mdState, data + mdBlockSize*i - 13,
+ mdBlockSize);
}
}
}
@@ -247,7 +253,8 @@ static SECStatus mac(
/* The final bytes of one of the blocks contains the length. */
if (j >= mdBlockSize - mdLengthSize) {
/* If this is indexB, write a length byte. */
- b = (b&~isBlockB) | (isBlockB&lengthBytes[j-(mdBlockSize-mdLengthSize)]);
+ b = (b&~isBlockB) |
+ (isBlockB&lengthBytes[j-(mdBlockSize-mdLengthSize)]);
}
block[j] = b;
}
@@ -285,7 +292,8 @@ static SECStatus mac(
return SECSuccess;
}
-SECStatus HMAC_ConstantTime(
+SECStatus
+HMAC_ConstantTime(
unsigned char *result,
unsigned int *resultLen,
unsigned int maxResultLen,
@@ -296,15 +304,17 @@ SECStatus HMAC_ConstantTime(
unsigned int headerLen,
const unsigned char *body,
unsigned int bodyLen,
- unsigned int bodyTotalLen) {
+ unsigned int bodyTotalLen)
+{
if (hashObj->end_raw == NULL)
return SECFailure;
- return mac(result, resultLen, maxResultLen, hashObj, secret, secretLen,
+ return MAC(result, resultLen, maxResultLen, hashObj, secret, secretLen,
header, headerLen, body, bodyLen, bodyTotalLen,
0 /* not SSLv3 */);
}
-SECStatus SSLv3_MAC_ConstantTime(
+SECStatus
+SSLv3_MAC_ConstantTime(
unsigned char *result,
unsigned int *resultLen,
unsigned int maxResultLen,
@@ -315,10 +325,11 @@ SECStatus SSLv3_MAC_ConstantTime(
unsigned int headerLen,
const unsigned char *body,
unsigned int bodyLen,
- unsigned int bodyTotalLen) {
+ unsigned int bodyTotalLen)
+{
if (hashObj->end_raw == NULL)
return SECFailure;
- return mac(result, resultLen, maxResultLen, hashObj, secret, secretLen,
+ return MAC(result, resultLen, maxResultLen, hashObj, secret, secretLen,
header, headerLen, body, bodyLen, bodyTotalLen,
1 /* SSLv3 */);
}
diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c
index ae3025199..8180f7447 100644
--- a/security/nss/lib/freebl/loader.c
+++ b/security/nss/lib/freebl/loader.c
@@ -1859,7 +1859,8 @@ PRNGTEST_RunHealthTests(void)
return vector->p_PRNGTEST_RunHealthTests();
}
-SECStatus SSLv3_MAC_ConstantTime(
+SECStatus
+SSLv3_MAC_ConstantTime(
unsigned char *result,
unsigned int *resultLen,
unsigned int maxResultLen,
@@ -1870,7 +1871,8 @@ SECStatus SSLv3_MAC_ConstantTime(
unsigned int headerLen,
const unsigned char *body,
unsigned int bodyLen,
- unsigned int bodyTotalLen) {
+ unsigned int bodyTotalLen)
+{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_SSLv3_MAC_ConstantTime)(
@@ -1881,7 +1883,8 @@ SECStatus SSLv3_MAC_ConstantTime(
body, bodyLen, bodyTotalLen);
}
-SECStatus HMAC_ConstantTime(
+SECStatus
+HMAC_ConstantTime(
unsigned char *result,
unsigned int *resultLen,
unsigned int maxResultLen,
@@ -1892,7 +1895,8 @@ SECStatus HMAC_ConstantTime(
unsigned int headerLen,
const unsigned char *body,
unsigned int bodyLen,
- unsigned int bodyTotalLen) {
+ unsigned int bodyTotalLen)
+{
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_HMAC_ConstantTime)(
diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c
index 1bffbbecc..2929a633d 100644
--- a/security/nss/lib/freebl/md5.c
+++ b/security/nss/lib/freebl/md5.c
@@ -538,10 +538,10 @@ void
MD5_EndRaw(MD5Context *cx, unsigned char *digest,
unsigned int *digestLen, unsigned int maxDigestLen)
{
- PRUint32 cv[4];
#ifndef IS_LITTLE_ENDIAN
PRUint32 tmp;
#endif
+ PRUint32 cv[4];
if (maxDigestLen < MD5_HASH_LEN) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
index d526b453c..f91d15a3d 100644
--- a/security/nss/lib/softoken/pkcs11.c
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -491,7 +491,7 @@ static const struct mechanismList mechanisms[] = {
{CKM_NSS_JPAKE_FINAL_SHA512, {0, 0, CKF_DERIVE}, PR_TRUE},
/* -------------------- Constant Time TLS MACs ----------------------- */
{CKM_NSS_HMAC_CONSTANT_TIME, {0, 0, CKF_DIGEST}, PR_TRUE},
- {CKM_NSS_SSLV3_MAC_CONSTANT_TIME, {0, 0, CKF_DIGEST}, PR_TRUE}
+ {CKM_NSS_SSL3_MAC_CONSTANT_TIME, {0, 0, CKF_DIGEST}, PR_TRUE}
};
static const CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
index 7ea6b0e5b..95ceb1f85 100644
--- a/security/nss/lib/softoken/pkcs11c.c
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -1529,12 +1529,14 @@ DOSUB(SHA256)
DOSUB(SHA384)
DOSUB(SHA512)
-SECStatus sftk_SignCopy(
+static SECStatus
+sftk_SignCopy(
CK_ULONG *copyLen,
void *out, unsigned int *outLength,
unsigned int maxLength,
const unsigned char *hashResult,
- unsigned int hashResultLength) {
+ unsigned int hashResultLength)
+{
unsigned int toCopy = *copyLen;
if (toCopy > maxLength) {
toCopy = maxLength;
@@ -2249,7 +2251,8 @@ finish_rsa:
break;
case CKM_NSS_HMAC_CONSTANT_TIME: {
- sftk_MACConstantTimeCtx *ctx = sftk_HMACConstantTime_New(pMechanism,key);
+ sftk_MACConstantTimeCtx *ctx =
+ sftk_HMACConstantTime_New(pMechanism,key);
CK_ULONG *intpointer;
if (ctx == NULL) {
@@ -2278,8 +2281,9 @@ finish_rsa:
break;
}
- case CKM_NSS_SSLV3_MAC_CONSTANT_TIME: {
- sftk_MACConstantTimeCtx *ctx = sftk_SSLv3MACConstantTime_New(pMechanism,key);
+ case CKM_NSS_SSL3_MAC_CONSTANT_TIME: {
+ sftk_MACConstantTimeCtx *ctx =
+ sftk_SSLv3MACConstantTime_New(pMechanism,key);
CK_ULONG *intpointer;
if (ctx == NULL) {
diff --git a/security/nss/lib/softoken/sftkhmac.c b/security/nss/lib/softoken/sftkhmac.c
index 04b325b4b..2946a9179 100644
--- a/security/nss/lib/softoken/sftkhmac.c
+++ b/security/nss/lib/softoken/sftkhmac.c
@@ -9,8 +9,11 @@
#include "softoken.h"
#include "hmacct.h"
-/* mechanismToHash converts a PKCS#11 hash mechanism into a freebl hash type. */
-static HASH_HashType mechanismToHash(CK_MECHANISM_TYPE mech) {
+/* mechanismToHash converts a PKCS#11 hash mechanism into a freebl hash
+ * type. */
+static HASH_HashType
+mechanismToHash(CK_MECHANISM_TYPE mech)
+{
switch (mech) {
case CKM_MD5:
case CKM_MD5_HMAC:
@@ -32,17 +35,18 @@ static HASH_HashType mechanismToHash(CK_MECHANISM_TYPE mech) {
return HASH_AlgNULL;
}
-static sftk_MACConstantTimeCtx* SetupMAC(CK_MECHANISM_PTR mech,
- SFTKObject *key) {
- CK_NSS_MACConstantTimeParams* params =
- (CK_NSS_MACConstantTimeParams*) mech->pParameter;
- sftk_MACConstantTimeCtx* ctx;
+static sftk_MACConstantTimeCtx *
+SetupMAC(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
+ sftk_MACConstantTimeCtx *ctx;
HASH_HashType alg;
SFTKAttribute *keyval;
unsigned char secret[sizeof(ctx->secret)];
unsigned int secretLength;
- if (mech->ulParameterLen != sizeof(CK_NSS_MACConstantTimeParams)) {
+ if (mech->ulParameterLen != sizeof(CK_NSS_MAC_CONSTANT_TIME_PARAMS)) {
return NULL;
}
@@ -71,18 +75,19 @@ static sftk_MACConstantTimeCtx* SetupMAC(CK_MECHANISM_PTR mech,
memcpy(ctx->secret, secret, secretLength);
ctx->secretLength = secretLength;
ctx->hash = HASH_GetRawHashObject(alg);
- ctx->totalLength = params->ulBodyTotalLength;
+ ctx->totalLength = params->ulBodyTotalLen;
return ctx;
}
-sftk_MACConstantTimeCtx* sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech,
- SFTKObject *key) {
- CK_NSS_MACConstantTimeParams* params =
- (CK_NSS_MACConstantTimeParams*) mech->pParameter;
- sftk_MACConstantTimeCtx* ctx;
+sftk_MACConstantTimeCtx *
+sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
+ sftk_MACConstantTimeCtx *ctx;
- if (params->ulHeaderLength > sizeof(ctx->header)) {
+ if (params->ulHeaderLen > sizeof(ctx->header)) {
return NULL;
}
ctx = SetupMAC(mech, key);
@@ -90,18 +95,19 @@ sftk_MACConstantTimeCtx* sftk_HMACConstantTime_New(CK_MECHANISM_PTR mech,
return NULL;
}
- ctx->headerLength = params->ulHeaderLength;
- memcpy(ctx->header, params->pHeader, params->ulHeaderLength);
+ ctx->headerLength = params->ulHeaderLen;
+ memcpy(ctx->header, params->pHeader, params->ulHeaderLen);
return ctx;
}
-sftk_MACConstantTimeCtx* sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech,
- SFTKObject *key) {
- CK_NSS_MACConstantTimeParams* params =
- (CK_NSS_MACConstantTimeParams*) mech->pParameter;
+sftk_MACConstantTimeCtx *
+sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech, SFTKObject *key)
+{
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS *params =
+ (CK_NSS_MAC_CONSTANT_TIME_PARAMS *) mech->pParameter;
unsigned int padLength = 40, j;
- sftk_MACConstantTimeCtx* ctx = SetupMAC(mech, key);
+ sftk_MACConstantTimeCtx *ctx = SetupMAC(mech, key);
if (!ctx) {
return NULL;
}
@@ -113,7 +119,7 @@ sftk_MACConstantTimeCtx* sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech,
ctx->headerLength =
ctx->secretLength +
padLength +
- params->ulHeaderLength;
+ params->ulHeaderLen;
if (ctx->headerLength > sizeof(ctx->header)) {
goto loser;
@@ -124,7 +130,7 @@ sftk_MACConstantTimeCtx* sftk_SSLv3MACConstantTime_New(CK_MECHANISM_PTR mech,
j += ctx->secretLength;
memset(&ctx->header[j], 0x36, padLength);
j += padLength;
- memcpy(&ctx->header[j], params->pHeader, params->ulHeaderLength);
+ memcpy(&ctx->header[j], params->pHeader, params->ulHeaderLen);
return ctx;
@@ -133,8 +139,10 @@ loser:
return NULL;
}
-void sftk_HMACConstantTime_Update(void *pctx, void *data, unsigned int len) {
- sftk_MACConstantTimeCtx* ctx = (sftk_MACConstantTimeCtx*) pctx;
+void
+sftk_HMACConstantTime_Update(void *pctx, void *data, unsigned int len)
+{
+ sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
SECStatus rv = HMAC_ConstantTime(
ctx->mac, NULL, sizeof(ctx->mac),
ctx->hash,
@@ -145,8 +153,10 @@ void sftk_HMACConstantTime_Update(void *pctx, void *data, unsigned int len) {
PORT_Assert(rv == SECSuccess);
}
-void sftk_SSLv3MACConstantTime_Update(void *pctx, void *data, unsigned int len) {
- sftk_MACConstantTimeCtx* ctx = (sftk_MACConstantTimeCtx*) pctx;
+void
+sftk_SSLv3MACConstantTime_Update(void *pctx, void *data, unsigned int len)
+{
+ sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
SECStatus rv = SSLv3_MAC_ConstantTime(
ctx->mac, NULL, sizeof(ctx->mac),
ctx->hash,
@@ -157,9 +167,11 @@ void sftk_SSLv3MACConstantTime_Update(void *pctx, void *data, unsigned int len)
PORT_Assert(rv == SECSuccess);
}
-void sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength,
- unsigned int maxLength) {
- const sftk_MACConstantTimeCtx* ctx = (sftk_MACConstantTimeCtx*) pctx;
+void
+sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength,
+ unsigned int maxLength)
+{
+ const sftk_MACConstantTimeCtx *ctx = (sftk_MACConstantTimeCtx *) pctx;
unsigned int toCopy = ctx->hash->length;
if (toCopy > maxLength) {
toCopy = maxLength;
@@ -170,6 +182,8 @@ void sftk_MACConstantTime_EndHash(void *pctx, void *out, unsigned int *outLength
}
}
-void sftk_MACConstantTime_DestroyContext(void *pctx, PRBool free) {
+void
+sftk_MACConstantTime_DestroyContext(void *pctx, PRBool free)
+{
PORT_Free(pctx);
}
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 1388a454a..1adeb4ec2 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -2046,8 +2046,7 @@ ssl3_ComputeRecordMACConstantTime(
unsigned int * outLen)
{
CK_MECHANISM_TYPE macType;
- CK_NSS_MACConstantTimeParams params;
- PK11Context * mac_context;
+ CK_NSS_MAC_CONSTANT_TIME_PARAMS params;
SECItem param, inputItem, outputItem;
SECStatus rv;
unsigned char header[13];
@@ -2081,10 +2080,10 @@ ssl3_ComputeRecordMACConstantTime(
macType = CKM_NSS_HMAC_CONSTANT_TIME;
recordLength = inputLen - spec->mac_size;
if (spec->version <= SSL_LIBRARY_VERSION_3_0) {
- macType = CKM_NSS_SSLV3_MAC_CONSTANT_TIME;
+ macType = CKM_NSS_SSL3_MAC_CONSTANT_TIME;
header[9] = recordLength >> 8;
header[10] = recordLength;
- params.ulHeaderLength = 11;
+ params.ulHeaderLen = 11;
} else {
if (isDTLS) {
SSL3ProtocolVersion dtls_version;
@@ -2098,11 +2097,11 @@ ssl3_ComputeRecordMACConstantTime(
}
header[11] = recordLength >> 8;
header[12] = recordLength;
- params.ulHeaderLength = 13;
+ params.ulHeaderLen = 13;
}
params.hashAlg = spec->mac_def->mmech;
- params.ulBodyTotalLength = originalLen;
+ params.ulBodyTotalLen = originalLen;
params.pHeader = header;
param.data = (unsigned char*) &params;
@@ -9663,36 +9662,41 @@ ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
#define DUPLICATE_MSB_TO_ALL(x) ( (unsigned)( (int)(x) >> (sizeof(int)*8-1) ) )
#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x)))
-/* SECStatusToMask returns, in constant time, a mask value of all ones if rv ==
- * SECSuccess. Otherwise it returns zero. */
-static unsigned SECStatusToMask(SECStatus rv)
+/* SECStatusToMask returns, in constant time, a mask value of all ones if
+ * rv == SECSuccess. Otherwise it returns zero. */
+static unsigned int
+SECStatusToMask(SECStatus rv)
{
unsigned int good;
- /* rv ^ SECSuccess is zero iff rv == SECSuccess. Subtracting one results in
- * the MSB being set to one iff it was zero before. */
+ /* rv ^ SECSuccess is zero iff rv == SECSuccess. Subtracting one results
+ * in the MSB being set to one iff it was zero before. */
good = rv ^ SECSuccess;
good--;
return DUPLICATE_MSB_TO_ALL(good);
}
/* ssl_ConstantTimeGE returns 0xff if a>=b and 0x00 otherwise. */
-static unsigned char ssl_ConstantTimeGE(unsigned a, unsigned b)
+static unsigned char
+ssl_ConstantTimeGE(unsigned int a, unsigned int b)
{
a -= b;
return DUPLICATE_MSB_TO_ALL(~a);
}
/* ssl_ConstantTimeEQ8 returns 0xff if a==b and 0x00 otherwise. */
-static unsigned char ssl_ConstantTimeEQ8(unsigned char a, unsigned char b)
+static unsigned char
+ssl_ConstantTimeEQ8(unsigned char a, unsigned char b)
{
- unsigned c = a ^ b;
+ unsigned int c = a ^ b;
c--;
return DUPLICATE_MSB_TO_ALL_8(c);
}
-static SECStatus ssl_RemoveSSLv3CBCPadding(sslBuffer *plaintext,
- unsigned blockSize,
- unsigned macSize) {
+static SECStatus
+ssl_RemoveSSLv3CBCPadding(sslBuffer *plaintext,
+ unsigned int blockSize,
+ unsigned int macSize)
+{
unsigned int paddingLength, good, t;
const unsigned int overhead = 1 /* padding length byte */ + macSize;
@@ -9715,9 +9719,9 @@ static SECStatus ssl_RemoveSSLv3CBCPadding(sslBuffer *plaintext,
return (good & SECSuccess) | (~good & SECFailure);
}
-
-static SECStatus ssl_RemoveTLSCBCPadding(sslBuffer *plaintext,
- unsigned macSize) {
+static SECStatus
+ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize)
+{
unsigned int paddingLength, good, t, toCheck, i;
const unsigned int overhead = 1 /* padding length byte */ + macSize;
@@ -9777,12 +9781,15 @@ static SECStatus ssl_RemoveTLSCBCPadding(sslBuffer *plaintext,
* macSize <= MAX_MAC_LENGTH
* plaintext->len >= macSize
*/
-static void ssl_CBCExtractMAC(sslBuffer *plaintext,
- unsigned int originalLength,
- SSL3Opaque* out,
- unsigned int macSize) {
+static void
+ssl_CBCExtractMAC(sslBuffer *plaintext,
+ unsigned int originalLength,
+ SSL3Opaque* out,
+ unsigned int macSize)
+{
unsigned char rotatedMac[MAX_MAC_LENGTH];
- /* macEnd is the index of |plaintext->buf| just after the end of the MAC. */
+ /* macEnd is the index of |plaintext->buf| just after the end of the
+ * MAC. */
unsigned macEnd = plaintext->len;
unsigned macStart = macEnd - macSize;
/* scanStart contains the number of bytes that we can ignore because
@@ -9816,11 +9823,12 @@ static void ssl_CBCExtractMAC(sslBuffer *plaintext,
}
}
- /* Now rotate the MAC. If we knew that the MAC fit into a CPU cache line we
- * could line-align |rotatedMac| and rotate in place. */
+ /* Now rotate the MAC. If we knew that the MAC fit into a CPU cache line
+ * we could line-align |rotatedMac| and rotate in place. */
memset(out, 0, macSize);
for (i = 0; i < macSize; i++) {
- unsigned char offset = (divSpoiler + macSize - rotateOffset + i) % macSize;
+ unsigned char offset =
+ (divSpoiler + macSize - rotateOffset + i) % macSize;
for (j = 0; j < macSize; j++) {
out[j] |= rotatedMac[i] & ssl_ConstantTimeEQ8(j, offset);
}
diff --git a/security/nss/lib/util/pkcs11n.h b/security/nss/lib/util/pkcs11n.h
index a6fceec1e..216159a8f 100644
--- a/security/nss/lib/util/pkcs11n.h
+++ b/security/nss/lib/util/pkcs11n.h
@@ -195,8 +195,8 @@ static const char CKT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$";
#define CKM_NSS_JPAKE_FINAL_SHA384 (CKM_NSS + 17)
#define CKM_NSS_JPAKE_FINAL_SHA512 (CKM_NSS + 18)
-#define CKM_NSS_HMAC_CONSTANT_TIME (CKM_NSS + 19)
-#define CKM_NSS_SSLV3_MAC_CONSTANT_TIME (CKM_NSS + 20)
+#define CKM_NSS_HMAC_CONSTANT_TIME (CKM_NSS + 19)
+#define CKM_NSS_SSL3_MAC_CONSTANT_TIME (CKM_NSS + 20)
/*
* HISTORICAL:
@@ -243,12 +243,12 @@ typedef struct CK_NSS_JPAKEFinalParams {
CK_NSS_JPAKEPublicValue B; /* in */
} CK_NSS_JPAKEFinalParams;
-typedef struct CK_NSS_MACConstantTimeParams {
+typedef struct CK_NSS_MAC_CONSTANT_TIME_PARAMS {
CK_MECHANISM_TYPE hashAlg; /* in */
- CK_ULONG ulBodyTotalLength; /* in */
+ CK_ULONG ulBodyTotalLen; /* in */
CK_BYTE * pHeader; /* in */
- CK_ULONG ulHeaderLength; /* in */
-} CK_NSS_MACConstantTimeParams;
+ CK_ULONG ulHeaderLen; /* in */
+} CK_NSS_MAC_CONSTANT_TIME_PARAMS;
/*
* NSS-defined return values
View Lorry Controller Status