xmlsecurity/source/xmlsec/nss/ciphercontext.cxx | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
New commits:
commit 4a532e651b9fd4c9b24b017d2e1d099ee76ceed8
Author: Thorsten Behrens <thorsten.behr...@allotropia.de>
AuthorDate: Fri Dec 22 22:44:15 2023 +0100
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Sun Dec 24 00:29:34 2023 +0100
xmlsecurity: fix AES-GCM code differently
With PCH, the earlier workaround with NSS_PKCS11_2_0_COMPAT breaks -
so lets fix this with conditionals, its only two places.
Follow-up commit to 9276d5338ef04209b007bbc705e4c023cf181456
Change-Id: I7d3292304d83d784ee9dce5cdc62b4a028ff333a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161204
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
index b053db901ccd..c3bbfdb0f2ef 100644
--- a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
+++ b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
@@ -24,12 +24,6 @@
#include <rtl/ref.hxx>
#include <sal/log.hxx>
-#if defined(__GNUC__)
-#pragma GCC diagnostic ignored "-Wunused-macros"
-#endif
-// see TODO below
-#define NSS_PKCS11_2_0_COMPAT 1
-
#include "ciphercontext.hxx"
#include <nss.h> // for NSS_VMINOR
#include <pk11pub.h>
@@ -63,12 +57,14 @@ uno::Reference< xml::crypto::XCipherContext >
OCipherContext::Create( CK_MECHANI
if (nNSSCipherID == CKM_AES_GCM)
{
- // TODO: when runtime requirements are raised to NSS 3.52, replace this
- // according to https://fedoraproject.org/wiki/Changes/NssGCMParams
+ // TODO: when runtime requirements are raised to NSS 3.52,
+ // cleanup according to
+ // https://fedoraproject.org/wiki/Changes/NssGCMParams
#if NSS_VMINOR >= 52
- static_assert(sizeof(CK_GCM_PARAMS) == sizeof(CK_NSS_GCM_PARAMS));
+ xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr,
sizeof(CK_NSS_GCM_PARAMS));
+#else
+ xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr,
sizeof(CK_GCM_PARAMS));
#endif
- xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr,
sizeof(/*CK_NSS_GCM_PARAMS*/CK_GCM_PARAMS));
if (!xResult->m_pSecParam)
{
SAL_WARN("xmlsecurity.nss", "SECITEM_AllocItem failed");
@@ -76,7 +72,11 @@ uno::Reference< xml::crypto::XCipherContext >
OCipherContext::Create( CK_MECHANI
}
assert(aInitializationVector.getLength() == nAESGCMIVSize);
xResult->m_AESGCMIV = aInitializationVector;
- auto *const pParams =
reinterpret_cast</*CK_NSS_GCM_PARAMS*/CK_GCM_PARAMS*>(xResult->m_pSecParam->data);
+#if NSS_VMINOR >= 52
+ auto *const pParams =
reinterpret_cast<CK_NSS_GCM_PARAMS*>(xResult->m_pSecParam->data);
+#else
+ auto *const pParams =
reinterpret_cast<CK_GCM_PARAMS*>(xResult->m_pSecParam->data);
+#endif
pParams->pIv = const_cast<unsigned char*>(reinterpret_cast<const
unsigned char*>(xResult->m_AESGCMIV.getConstArray()));
pParams->ulIvLen =
sal::static_int_cast<unsigned>(xResult->m_AESGCMIV.getLength());
pParams->pAAD = nullptr;
