Bug 1624128 - Backed out changeset 3ed30e6b6de1 - Updating Fx76 to NSS 3.51.1 r=keeler
authorKevin Jacobs <kjacobs@mozilla.com>
Mon, 30 Mar 2020 21:12:45 +0000
changeset 521154 665137da70eeb973419dfb4f789e583b7b05f7e6
parent 521153 23ed28f260bd74c3ae6e4dcc7f2188040a3149fc
child 521155 f5c83beda81abaa97a03cb81025f10db17f6c203
push id37267
push userccoroiu@mozilla.com
push dateTue, 31 Mar 2020 04:31:43 +0000
treeherdermozilla-central@cb87343d4976 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1624128
milestone76.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1624128 - Backed out changeset 3ed30e6b6de1 - Updating Fx76 to NSS 3.51.1 r=keeler Revert setting CK_GCM_PARAMS ulIvBits, as this field won't exist until NSS 3.52. Depends on D68665 Differential Revision: https://phabricator.services.mozilla.com/D68602
dom/crypto/WebCryptoTask.cpp
netwerk/srtp/src/crypto/cipher/aes_gcm_nss.c
security/manager/ssl/OSKeyStore.cpp
third_party/prio/moz.build
--- a/dom/crypto/WebCryptoTask.cpp
+++ b/dom/crypto/WebCryptoTask.cpp
@@ -595,17 +595,16 @@ class AesTask : public ReturnArrayBuffer
         memcpy(&ctrParams.cb, mIv.Elements(), 16);
         param.type = siBuffer;
         param.data = (unsigned char*)&ctrParams;
         param.len = sizeof(ctrParams);
         break;
       case CKM_AES_GCM:
         gcmParams.pIv = mIv.Elements();
         gcmParams.ulIvLen = mIv.Length();
-        gcmParams.ulIvBits = gcmParams.ulIvLen * 8;
         gcmParams.pAAD = mAad.Elements();
         gcmParams.ulAADLen = mAad.Length();
         gcmParams.ulTagBits = mTagLength;
         param.type = siBuffer;
         param.data = (unsigned char*)&gcmParams;
         param.len = sizeof(gcmParams);
         break;
       default:
--- a/netwerk/srtp/src/crypto/cipher/aes_gcm_nss.c
+++ b/netwerk/srtp/src/crypto/cipher/aes_gcm_nss.c
@@ -266,17 +266,16 @@ static srtp_err_status_t srtp_aes_gcm_ns
                                                     int encrypt,
                                                     unsigned char *buf,
                                                     unsigned int *enc_len)
 {
     srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
 
     c->params.pIv = c->iv;
     c->params.ulIvLen = GCM_IV_LEN;
-    c->params.ulIvBits = GCM_IV_LEN * 8;
     c->params.pAAD = c->aad;
     c->params.ulAADLen = c->aad_size;
 
     // Reset AAD
     c->aad_size = 0;
 
     int rv;
     SECItem param = { siBuffer, (unsigned char *)&c->params,
--- a/security/manager/ssl/OSKeyStore.cpp
+++ b/security/manager/ssl/OSKeyStore.cpp
@@ -658,17 +658,16 @@ nsresult AbstractOSKeyStore::DoCipher(co
   } else {
     // An IV was passed in. Use the first mIVLength bytes from inBytes as IV.
     ivp = inBytes.data();
   }
 
   CK_GCM_PARAMS gcm_params;
   gcm_params.pIv = const_cast<unsigned char*>(ivp);
   gcm_params.ulIvLen = mIVLength;
-  gcm_params.ulIvBits = gcm_params.ulIvLen * 8;
   gcm_params.ulTagBits = 128;
   gcm_params.pAAD = nullptr;
   gcm_params.ulAADLen = 0;
 
   SECItem paramsItem = {siBuffer, reinterpret_cast<unsigned char*>(&gcm_params),
                         sizeof(CK_GCM_PARAMS)};
 
   size_t blockLength = 16;
--- a/third_party/prio/moz.build
+++ b/third_party/prio/moz.build
@@ -37,13 +37,8 @@ SOURCES += [
     'prio/prg.c',
     'prio/rand.c',
     'prio/serial.c',
     'prio/server.c',
     'prio/share.c',
 ]
 
 FINAL_LIBRARY = 'xul'
-
-# Use PKCS11 v2 struct definitions for now, otherwise NSS requires
-# CK_GCM_PARAMS.ulIvBits to be set. This workaround is only required
-# until NSS 3.52 RTM and upstream correctly initializes the field.
-DEFINES['NSS_PKCS11_2_0_COMPAT'] = True