diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-10-12 17:07:02 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-10-12 17:07:02 +0000 |
commit | 28937508cbbae138900deff458a1cea1c2690706 (patch) | |
tree | 42fd1ebf06289084bc3f77168dc8a8027f18cdff /lib/nss | |
parent | 2a70b77de118976765793f9c109a6ee51cfd66d9 (diff) | |
download | nss-hg-28937508cbbae138900deff458a1cea1c2690706.tar.gz |
Bug 1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05). r=mt
This patch adds support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05).
Because the draft number (and the eventual RFC number) is an input to the key schedule, future updates will *not* be backwards compatible in terms of key material or encryption/decryption. For this reason, a default compilation will produce stubs that simply return an "Invalid Algorithm" error. To opt into using the HPKE functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once finalized, this flag will not be required to access the functions.
Lastly, the `DeriveKeyPair` API is not implemented as it adds complextiy around PKCS #11 and is unnecessary for ECH.
Differential Revision: https://phabricator.services.mozilla.com/D73947
Diffstat (limited to 'lib/nss')
-rw-r--r-- | lib/nss/nss.def | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/lib/nss/nss.def b/lib/nss/nss.def index 06c0d8d42..3e888f0a0 100644 --- a/lib/nss/nss.def +++ b/lib/nss/nss.def @@ -522,7 +522,7 @@ VFY_EndWithSignature; ;+NSS_3.3.1 { # NSS 3.3.1 release ;+ global: ;+# -;+# The following symbols are exported only to make libsmime3.so work. +;+# The following symbols are exported only to make libsmime3.so work. ;+# These are still private!!! ;+# PK11_CreatePBEParams; @@ -1189,6 +1189,17 @@ PK11_FindEncodedCertInSlot; ;+}; ;+NSS_3.58 { # NSS 3.58 release ;+ global: +PK11_HPKE_DestroyContext; +PK11_HPKE_Deserialize; +PK11_HPKE_ExportSecret; +PK11_HPKE_GetEncapPubKey; +PK11_HPKE_NewContext; +PK11_HPKE_Open; +PK11_HPKE_Seal; +PK11_HPKE_Serialize; +PK11_HPKE_SetupS; +PK11_HPKE_SetupR; +PK11_HPKE_ValidateParameters; PK11_ImportDataKey; ;+ local: ;+ *; |