Bug 1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05). r=mt

This patch adds support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05).

Because the draft number (and the eventual RFC number) is an input to the key schedule, future updates will *not* be backwards compatible in terms of key material or encryption/decryption. For this reason, a default compilation will produce stubs that simply return an "Invalid Algorithm" error. To opt into using the HPKE functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once finalized, this flag will not be required to access the functions.

Lastly, the `DeriveKeyPair` API is not implemented as it adds complextiy around PKCS #11 and is unnecessary for ECH.

Differential Revision: https://phabricator.services.mozilla.com/D73947

2 files changed, 10 insertions, 0 deletions

diff --git a/coreconf/config.gypi b/coreconf/config.gypi
index 8cae4c48d..760b51a26 100644
--- a/coreconf/config.gypi
+++ b/coreconf/config.gypi
@@ -132,6 +132,7 @@
     'mozpkix_only%': 0,
     'coverage%': 0,
     'softfp_cflags%': '',
+    'enable_draft_hpke%': 0,
   },
   'target_defaults': {
     # Settings specific to targets should go here.
@@ -568,6 +569,11 @@
               'NSS_DISABLE_DBM',
             ],
           }],
+          [ 'enable_draft_hpke==1', {
+            'defines': [
+              'NSS_ENABLE_DRAFT_HPKE',
+            ],
+          }],
           [ 'disable_libpkix==1', {
             'defines': [
               'NSS_DISABLE_LIBPKIX',
diff --git a/coreconf/config.mk b/coreconf/config.mk
index e0556af14..2f7b63896 100644
--- a/coreconf/config.mk
+++ b/coreconf/config.mk
@@ -195,6 +195,10 @@ ifdef NSS_PKIX_NO_LDAP
 DEFINES += -DNSS_PKIX_NO_LDAP
 endif
 
+ifdef NSS_ENABLE_DRAFT_HPKE
+DEFINES += -DNSS_ENABLE_DRAFT_HPKE
+endif
+
 # FIPS support requires startup tests to be executed at load time of shared modules.
 # For performance reasons, these tests are disabled by default.
 # When compiling binaries that must support FIPS mode,