diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-10-12 17:07:02 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-10-12 17:07:02 +0000 |
commit | 28937508cbbae138900deff458a1cea1c2690706 (patch) | |
tree | 42fd1ebf06289084bc3f77168dc8a8027f18cdff /lib/pk11wrap/pk11hpke.h | |
parent | 2a70b77de118976765793f9c109a6ee51cfd66d9 (diff) | |
download | nss-hg-28937508cbbae138900deff458a1cea1c2690706.tar.gz |
Bug 1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05). r=mt
This patch adds support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke-05).
Because the draft number (and the eventual RFC number) is an input to the key schedule, future updates will *not* be backwards compatible in terms of key material or encryption/decryption. For this reason, a default compilation will produce stubs that simply return an "Invalid Algorithm" error. To opt into using the HPKE functionality , compile with `NSS_ENABLE_DRAFT_HPKE` defined. Once finalized, this flag will not be required to access the functions.
Lastly, the `DeriveKeyPair` API is not implemented as it adds complextiy around PKCS #11 and is unnecessary for ECH.
Differential Revision: https://phabricator.services.mozilla.com/D73947
Diffstat (limited to 'lib/pk11wrap/pk11hpke.h')
-rw-r--r-- | lib/pk11wrap/pk11hpke.h | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/lib/pk11wrap/pk11hpke.h b/lib/pk11wrap/pk11hpke.h new file mode 100644 index 000000000..95a55fd33 --- /dev/null +++ b/lib/pk11wrap/pk11hpke.h @@ -0,0 +1,84 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef _PK11_HPKE_H_ +#define _PK11_HPKE_H_ 1 + +#include "blapit.h" +#include "seccomon.h" + +#ifdef NSS_ENABLE_DRAFT_HPKE +#define HPKE_DRAFT_VERSION 5 + +#define CLEANUP \ + PORT_Assert(rv == SECSuccess); \ + cleanup + +/* Error code must already be set. */ +#define CHECK_RV(rv) \ + if ((rv) != SECSuccess) { \ + goto cleanup; \ + } + +/* Error code must already be set. */ +#define CHECK_FAIL(cond) \ + if ((cond)) { \ + rv = SECFailure; \ + goto cleanup; \ + } + +#define CHECK_FAIL_ERR(cond, err) \ + if ((cond)) { \ + PORT_SetError((err)); \ + rv = SECFailure; \ + goto cleanup; \ + } + +#endif /* NSS_ENABLE_DRAFT_HPKE */ + +typedef enum { + HpkeModeBase = 0, + HpkeModePsk = 1, +} HpkeModeId; + +/* https://tools.ietf.org/html/draft-irtf-cfrg-hpke-05#section-7.1 */ +typedef enum { + HpkeDhKemX25519Sha256 = 0x20, +} HpkeKemId; + +typedef enum { + HpkeKdfHkdfSha256 = 1, +} HpkeKdfId; + +typedef enum { + HpkeAeadAes128Gcm = 1, + HpkeAeadChaCha20Poly1305 = 3, +} HpkeAeadId; + +typedef struct hpkeKemParamsStr { + HpkeKemId id; + unsigned int Nsk; + unsigned int Nsecret; + unsigned int Npk; + SECOidTag oidTag; + CK_MECHANISM_TYPE hashMech; +} hpkeKemParams; + +typedef struct hpkeKdfParamsStr { + HpkeKdfId id; + unsigned int Nh; + CK_MECHANISM_TYPE mech; +} hpkeKdfParams; + +typedef struct hpkeAeadParamsStr { + HpkeAeadId id; + unsigned int Nk; + unsigned int Nn; + unsigned int tagLen; + CK_MECHANISM_TYPE mech; +} hpkeAeadParams; + +typedef struct HpkeContextStr HpkeContext; + +#endif /* _PK11_HPKE_H_ */ |