diff options
| author | Thorsten Behrens <thorsten.behrens@allotropia.de> | 2023-12-22 22:44:15 +0100 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2024-01-10 11:41:00 +0100 |
| commit | 36bef70eaab0564cef7538dc492cf28d09507fa9 (patch) | |
| tree | 05185de18aee624dd4ff0ebd872dcb2f3d3a20b2 /xmlsecurity/source | |
| parent | 3e6fa4da057be191aac0973e5131d271de0d5e61 (diff) | |
xmlsecurity: fix AES-GCM code differently
With PCH, the earlier workaround with NSS_PKCS11_2_0_COMPAT breaks -
so lets fix this with conditionals, its only two places.
Follow-up commit to 9276d5338ef04209b007bbc705e4c023cf181456
Change-Id: I7d3292304d83d784ee9dce5cdc62b4a028ff333a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161204
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161840
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'xmlsecurity/source')
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/ciphercontext.cxx | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx index b053db901ccd..c3bbfdb0f2ef 100644 --- a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx +++ b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx @@ -24,12 +24,6 @@ #include <rtl/ref.hxx> #include <sal/log.hxx> -#if defined(__GNUC__) -#pragma GCC diagnostic ignored "-Wunused-macros" -#endif -// see TODO below -#define NSS_PKCS11_2_0_COMPAT 1 - #include "ciphercontext.hxx" #include <nss.h> // for NSS_VMINOR #include <pk11pub.h> @@ -63,12 +57,14 @@ uno::Reference< xml::crypto::XCipherContext > OCipherContext::Create( CK_MECHANI if (nNSSCipherID == CKM_AES_GCM) { - // TODO: when runtime requirements are raised to NSS 3.52, replace this - // according to https://fedoraproject.org/wiki/Changes/NssGCMParams + // TODO: when runtime requirements are raised to NSS 3.52, + // cleanup according to + // https://fedoraproject.org/wiki/Changes/NssGCMParams #if NSS_VMINOR >= 52 - static_assert(sizeof(CK_GCM_PARAMS) == sizeof(CK_NSS_GCM_PARAMS)); + xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr, sizeof(CK_NSS_GCM_PARAMS)); +#else + xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr, sizeof(CK_GCM_PARAMS)); #endif - xResult->m_pSecParam = SECITEM_AllocItem(nullptr, nullptr, sizeof(/*CK_NSS_GCM_PARAMS*/CK_GCM_PARAMS)); if (!xResult->m_pSecParam) { SAL_WARN("xmlsecurity.nss", "SECITEM_AllocItem failed"); @@ -76,7 +72,11 @@ uno::Reference< xml::crypto::XCipherContext > OCipherContext::Create( CK_MECHANI } assert(aInitializationVector.getLength() == nAESGCMIVSize); xResult->m_AESGCMIV = aInitializationVector; - auto *const pParams = reinterpret_cast</*CK_NSS_GCM_PARAMS*/CK_GCM_PARAMS*>(xResult->m_pSecParam->data); +#if NSS_VMINOR >= 52 + auto *const pParams = reinterpret_cast<CK_NSS_GCM_PARAMS*>(xResult->m_pSecParam->data); +#else + auto *const pParams = reinterpret_cast<CK_GCM_PARAMS*>(xResult->m_pSecParam->data); +#endif pParams->pIv = const_cast<unsigned char*>(reinterpret_cast<const unsigned char*>(xResult->m_AESGCMIV.getConstArray())); pParams->ulIvLen = sal::static_int_cast<unsigned>(xResult->m_AESGCMIV.getLength()); pParams->pAAD = nullptr; |