Bug 1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05). r=mt

This patch adds support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05).

Because the draft number (and the eventual RFC number) is an input to the key schedule, future updates will *not* be backwards compatible in terms of key material or encryption/decryption. For this reason, a default compilation will produce stubs that simply return an "Invalid Algorithm" error. To opt into using the HPKE functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once finalized, this flag will not be required to access the functions.

Lastly, the `DeriveKeyPair` API is not implemented as it adds complextiy around PKCS #11 and is unnecessary for ECH.

Differential Revision: https://phabricator.services.mozilla.com/D73947

3 files changed, 14 insertions, 3 deletions

diff --git a/automation/abi-check/expected-report-libnss3.so.txt b/automation/abi-check/expected-report-libnss3.so.txt
index 8028bf753..17ee6232c 100644
--- a/automation/abi-check/expected-report-libnss3.so.txt
+++ b/automation/abi-check/expected-report-libnss3.so.txt
@@ -1,4 +1,15 @@
 
-1 Added function:
+12 Added functions:
 
+  [A] 'function SECStatus PK11_HPKE_Deserialize(const HpkeContext*, const PRUint8*, unsigned int, SECKEYPublicKey**)'    {PK11_HPKE_Deserialize@@NSS_3.58}
+  [A] 'function void PK11_HPKE_DestroyContext(HpkeContext*, PRBool)'    {PK11_HPKE_DestroyContext@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_ExportSecret(const HpkeContext*, const SECItem*, unsigned int, PK11SymKey**)'    {PK11_HPKE_ExportSecret@@NSS_3.58}
+  [A] 'function const SECItem* PK11_HPKE_GetEncapPubKey(const HpkeContext*)'    {PK11_HPKE_GetEncapPubKey@@NSS_3.58}
+  [A] 'function HpkeContext* PK11_HPKE_NewContext(HpkeKemId, HpkeKdfId, HpkeAeadId, PK11SymKey*, const SECItem*)'    {PK11_HPKE_NewContext@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_Open(HpkeContext*, const SECItem*, const SECItem*, SECItem**)'    {PK11_HPKE_Open@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_Seal(HpkeContext*, const SECItem*, const SECItem*, SECItem**)'    {PK11_HPKE_Seal@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_Serialize(const SECKEYPublicKey*, PRUint8*, unsigned int*, unsigned int)'    {PK11_HPKE_Serialize@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_SetupR(HpkeContext*, const SECKEYPublicKey*, SECKEYPrivateKey*, const SECItem*, const SECItem*)'    {PK11_HPKE_SetupR@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_SetupS(HpkeContext*, const SECKEYPublicKey*, SECKEYPrivateKey*, SECKEYPublicKey*, const SECItem*)'    {PK11_HPKE_SetupS@@NSS_3.58}
+  [A] 'function SECStatus PK11_HPKE_ValidateParameters(HpkeKemId, HpkeKdfId, HpkeAeadId)'    {PK11_HPKE_ValidateParameters@@NSS_3.58}
   [A] 'function PK11SymKey* PK11_ImportDataKey(PK11SlotInfo*, CK_MECHANISM_TYPE, PK11Origin, CK_ATTRIBUTE_TYPE, SECItem*, void*)'    {PK11_ImportDataKey@@NSS_3.58}
diff --git a/automation/taskcluster/scripts/build_gyp.sh b/automation/taskcluster/scripts/build_gyp.sh
index e19a6362f..2cb0deb01 100755
--- a/automation/taskcluster/scripts/build_gyp.sh
+++ b/automation/taskcluster/scripts/build_gyp.sh
@@ -12,7 +12,7 @@ if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then
 fi
 
 # Build.
-nss/build.sh -g -v --enable-libpkix "$@"
+nss/build.sh -g -v --enable-libpkix -Denable_draft_hpke=1 "$@"
 
 # Package.
 if [[ $(uname) = "Darwin" ]]; then
diff --git a/automation/taskcluster/windows/build_gyp.sh b/automation/taskcluster/windows/build_gyp.sh
index 1621c2571..d7072ebbf 100644
--- a/automation/taskcluster/windows/build_gyp.sh
+++ b/automation/taskcluster/windows/build_gyp.sh
@@ -38,7 +38,7 @@ if [[ -f nss/nspr.patch && "$ALLOW_NSPR_PATCH" == "1" ]]; then
 fi
 
 # Build with gyp.
-./nss/build.sh -g -v --enable-libpkix "$@"
+./nss/build.sh -g -v --enable-libpkix -Denable_draft_hpke=1 "$@"
 
 # Package.
 7z a public/build/dist.7z dist