nelsonb%netscape.com
94e36d6f32
Implement 5 new functions for dealing with variable length integers
...
represented as unsigned and signed octet strings.
mp_read_unsigned_octets(), mp_unsigned_octet_size(),
mp_to_unsigned_octets(), mp_to_signed_octets(), mp_to_fixlen_octets()
See mpi.h for more info.
2000-07-19 23:22:43 +00:00
nelsonb%netscape.com
9ab0d70f0e
All #defines now have MP_ prefix. To get old #defines, compile with
...
-DMP_API_COMPATIBLE . mpi.c is compiled that way.
2000-07-19 23:18:08 +00:00
mcgreer%netscape.com
adc97e5caf
initial checkin of PRNG code
2000-07-19 17:01:31 +00:00
mcgreer%netscape.com
0b57de2866
initial checkin of ARCFour.
2000-07-18 00:56:09 +00:00
nelsonb%netscape.com
49bfd5fc00
Fix "random" modulus so it is odd and has msb of most significant digit
...
set to 1, and "random" base to be less than modulus.
2000-07-17 22:37:55 +00:00
nelsonb%netscape.com
8133fdd980
Fix script to run on certain unix platforms.
2000-07-17 22:34:30 +00:00
nelsonb%netscape.com
7dc037f3a3
Shorten this test so it completes in less time.
2000-07-17 22:33:46 +00:00
nelsonb%netscape.com
bdf621e594
Fix mpp_pprime() so it doesn't stop after first succesful iteration.
2000-07-17 22:32:46 +00:00
nelsonb%netscape.com
88292a3a0d
Add support for 32-bit digits (64-bit words) on platforms that can
...
multiply two 32-bit values yielding a 64-bit product in hardware.
Fix bug in s_mp_div that computed a quotient digit q > DIGIT_MAX
when b > DIGIT_MAX/2 and b < a <= DIGIT_MAX.
2000-07-17 22:31:18 +00:00
nelsonb%netscape.com
29b5ea6ec4
Elimintate type mismatch warning.
2000-07-17 22:23:23 +00:00
nelsonb%netscape.com
9ae84ceff8
Turn on MP_CRYPTO flag by default. Increase default size to 32 digits.
2000-07-17 22:22:28 +00:00
nelsonb%netscape.com
3e30ad8b50
Get file to work with SysV make on IRIX.
...
Add .i target (preprocessor output).
2000-07-17 22:21:42 +00:00
nelsonb%netscape.com
7ed5654089
MPI Arbitrary Precision Integer Arithmetic library.
...
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
2000-07-14 00:45:02 +00:00
mcgreer%netscape.com
11bcfbe3d6
fingerprint had to handled in certutil for now since SECU_PrintCertificate receives a decoded DER. see #45303
2000-07-12 22:42:57 +00:00
mcgreer%netscape.com
d42ada9be0
add fingerprints to info dumped with certificate
2000-07-12 20:48:47 +00:00
chrisk%netscape.com
49779ca3c4
Added -d option
...
-p option now also works for decoding
2000-07-07 00:57:39 +00:00
relyea%netscape.com
2c08b2ae6c
Fix memory leak when using hardware acceleraters.
2000-06-29 21:26:17 +00:00
relyea%netscape.com
1d084af74a
merge changes from NSS 3.0 branch to allow NT automated tests to work.
2000-06-29 21:25:41 +00:00
relyea%netscape.com
5fcb0862b3
merge 3.0_Branch changes to get NT to run back unto the tip.
2000-06-29 21:23:37 +00:00
mcgreer%netscape.com
0d70c5df17
add a > wordsize test for RC4
2000-06-29 18:38:30 +00:00
thayes%netscape.com
192078b3d8
Add tests for Secret Decoder Ring (SDR)
2000-06-24 01:06:26 +00:00
thayes%netscape.com
c960eeb856
Add SDR test command
2000-06-23 22:25:22 +00:00
chrisk%netscape.com
c2fdb05c18
Added and corrected some comments
...
Added $layercounter
Clarified $boundary generation (a boundary has leading AND trailing CRLFs!)
2000-06-23 18:37:33 +00:00
chrisk%netscape.com
d705ca0332
Preliminary checkin at a state where smime can parse messages generated
...
by itself.
2000-06-23 16:40:31 +00:00
chrisk%netscape.com
3902194f5b
Added some comments and asserts
2000-06-21 18:12:02 +00:00
chrisk%netscape.com
92a3672caa
Oops - fixed the fix. The prototype now correctly unpacks into a
...
DHPublicKey structure.
2000-06-21 00:04:38 +00:00
chrisk%netscape.com
a83d527722
Fix OID for DC AVAs - the root OID in RFC2247 is not different from
...
the root OID in RFC1274 - so the one we had was WRONG.
I don't know where it came from.
2000-06-20 16:31:31 +00:00
chrisk%netscape.com
390a6f1dec
Add code for generation of SMIMEProfile and SMIMEKeyEncryptionPreference
2000-06-20 16:28:59 +00:00
chrisk%netscape.com
23cd2f3659
First feeble attempt at fixing the problem that our definition of
...
Diffie-Hellman key parameters does not encompass all the optional
fields defined in RFC2459, section 7.3.2 (namely j and validationParams).
I added comments reminding us of the fact that PQGParams need to be
extended to hold these, and fixed the ASN1 prototype from its previous
totally broken status to one that decodes prime, subPrime and base
correctly, and skips the rest.
This avoids failure in public key extraction (which is part of verification)
with DH certs.
2000-06-20 16:22:36 +00:00
chrisk%netscape.com
3550ea9e23
Fix problem where DH certs were always rejected when verifying them
...
for EMail encryption.
A Diffie-Hellman key needs to be tested for KU_KEY_AGREEMENT, not
KU_KEY_ENCIPHERMENT.
2000-06-20 16:15:32 +00:00
chrisk%netscape.com
568524e3be
Fixed bug in sequence printing code: array counter was overshooting by one
2000-06-20 14:35:17 +00:00
chrisk%netscape.com
c8e8241728
Fix bug in decoder:
...
When encoding indefinitely & encountering an optional field at the end of
a sequence, right after an IMPLICIT or POINTER template, the decoder
was not propagating the optionalness and the end-of-contents condition
correctly as it hits the end-of-contents octets instead of the optional
field. This is because IMPLICIT and POINTER push TWO states to look
for the next tag, not just one.
(The first state is "afterImplicit" or "afterPointer", the second one
starts with "beforeIdentifier" as usual).
This finally makes decoding envelopedData messages in cmsutil work.
2000-06-20 13:24:01 +00:00
thayes%netscape.com
4cd82c9914
Fix double free of item value that is in an arena.
2000-06-16 23:26:16 +00:00
mcgreer%netscape.com
5c4d045072
attempt to add token support for listing certs & keys
2000-06-16 00:38:44 +00:00
mcgreer%netscape.com
1a4bf955be
more cleanup on cert listing
2000-06-16 00:36:43 +00:00
chrisk%netscape.com
9f56a873d3
Add generation of SMIMECapabilities
2000-06-14 23:17:52 +00:00
chrisk%netscape.com
fa197d9014
canonicalization step adds CRs to LFs only of there are no CRs present.
2000-06-14 23:15:06 +00:00
chrisk%netscape.com
9cbdb3d252
Make example 5.7 of ietf-smime-examples draft decode correctly
...
(we still cannot look up certs by SubjectKeyID, so it won't verify)
2000-06-14 23:12:48 +00:00
beard%netscape.com
32dc89c957
(not part of build) added mozilla/security/nss/lib/smime to access paths.
2000-06-14 03:16:41 +00:00
chrisk%netscape.com
f7113ab1b2
Merge smimetk_branch to tip...
2000-06-13 21:56:37 +00:00
relyea%netscape.com
d43393b11b
reuse old key structures on a given token rather than building it up and
...
tearing it down every time.
2000-06-13 21:37:28 +00:00
relyea%netscape.com
78671954d3
Reuse old Object structures rather than build and free them every time.
2000-06-13 21:34:52 +00:00
chrisk%netscape.com
67e0b44687
Fix DSA / BLAPI interface by creating stub functions that have the
...
correct signature for being called via context->update or context->verify.
2000-06-12 23:43:42 +00:00
mcgreer%netscape.com
dd3dd4e3e1
added roots.
2000-06-12 22:39:02 +00:00
chrisk%netscape.com
091d437eca
Sorted output for certutil -L
2000-06-12 22:25:40 +00:00
thayes%netscape.com
8d09de22cf
Fix cleanup code in Decrypt to check for NULL pointers
2000-06-12 20:19:39 +00:00
thayes%netscape.com
d562a12ca9
Add permanent (token) key for supporting Secret Decoder Ring (SDR)
...
Bug 26085
2000-06-10 19:00:45 +00:00
nelsonb%netscape.com
9d2744f5ce
Carry forward fix from NSS 2.8 for servers that don't do ssl2.
2000-06-06 20:32:18 +00:00
mcgreer%netscape.com
12b3563350
iterate context creation for all ciphers when doing performance tests.
2000-06-02 23:09:13 +00:00
mcgreer%netscape.com
8afb3c69cf
fork content version between ns-branded builds and mozilla builds.
2000-06-02 22:35:29 +00:00
mcgreer%netscape.com
0307d81230
Allow for building with internal roots.
2000-06-02 18:37:53 +00:00
mcgreer%netscape.com
883e025f3d
Allow for building with internal root certs.
2000-06-02 18:37:14 +00:00
mcgreer%netscape.com
10d32a14b9
more performance testing
...
* timing of context creation for ciphers
* provide system information
2000-06-02 01:40:29 +00:00
thayes%netscape.com
b2aa68c6fe
Use PK11 fixed key lookup to locate the key value. Fix ENCRYPT/DECRYPT bug in
...
SDR_Decrypt.
2000-05-31 23:06:02 +00:00
relyea%netscape.com
d6dd1b2540
Return to using the thread safe version. The non-thread safe version can double free memory
2000-05-31 22:37:17 +00:00
relyea%netscape.com
2900921f0d
Fix bug which would have bypassed mac checking in TLS
2000-05-31 22:36:02 +00:00
relyea%netscape.com
30767104df
Set up code that allows you to run only some of the SSL tests in a single run.
2000-05-31 22:35:00 +00:00
relyea%netscape.com
5243fc1acd
Fix Environment variable overrides.
2000-05-31 22:34:07 +00:00
mcgreer%netscape.com
e771f6a310
fix static array (found with solaris 2.7 build)
2000-05-31 22:17:47 +00:00
thayes%netscape.com
bbed546e6b
Initial version of header for SDR wrappers
2000-05-27 03:31:51 +00:00
nelsonb%netscape.com
51de4ce7a6
Fix build on NT. Correct link order in PKCS11 directory.
2000-05-27 01:30:29 +00:00
nelsonb%netscape.com
211a572ab0
Add new implementation of the algorithm from RFC 2268. Fix some comments.
2000-05-27 01:29:35 +00:00
mcgreer%netscape.com
23966b8923
fix up file handling.
2000-05-26 23:19:17 +00:00
mcgreer%netscape.com
308ca1e370
break off mode list when next option is reached
2000-05-26 23:09:09 +00:00
mcgreer%netscape.com
9fdfa1ad70
fix dsa self-test
2000-05-26 23:05:05 +00:00
mcgreer%netscape.com
746aedde1f
* allow a directory for tests to be specified
...
* separate pqg generation for dsa test
* fix dsa self-test
2000-05-26 23:04:47 +00:00
thayes%netscape.com
27d1adc752
Initial version of the PK11 wrappers for SDR. This version uses a fixed key id (0)
...
and and 3DES key value.
2000-05-26 22:24:01 +00:00
mcgreer%netscape.com
d5c80d5666
self-test
2000-05-26 07:53:38 +00:00
mcgreer%netscape.com
0b167f4b76
self-test
2000-05-26 07:48:19 +00:00
mcgreer%netscape.com
8fef6c639b
Fix up the hashes to only use one mode. Add self-test capability to bltest (test each of the BLAPI functions). DSA self-test not working at this time.
2000-05-26 07:41:22 +00:00
mcgreer%netscape.com
6a074fdf4a
Allow any build to use moz_import rule. mozilla dbm uses different lib name, so copy it over.
2000-05-25 23:10:35 +00:00
nelsonb%netscape.com
bdcd27c9cb
Use the -g keysize value, instead of DES_KEY_LENGTH, for all crypto
...
algorithms except DES and 3DES.
2000-05-25 22:42:23 +00:00
nelsonb%netscape.com
34ae72b37f
Simplify and speed up client cache expiration detection.
2000-05-24 19:28:27 +00:00
nelsonb%netscape.com
a57f63746a
Correct the implementation of the options for disabling SSL2, SSL3 and TLS.
...
Add a new -R option to selfserv, which disables detection of rollback from
TLS to SSL3.0. This is necessary for testing with broken TLS clients.
2000-05-24 03:44:50 +00:00
nelsonb%netscape.com
0ea2ec3f99
Fix the logic in client and server to detect version roll-back attack,
...
rolling back from TLS (SSL 3.1) to SSL 3.0. Provide a new SSL socket
option to disable roll-back detection in servers, since certain TLS
clients are doing it incorrectly.
2000-05-24 03:35:23 +00:00
nelsonb%netscape.com
d14a82cbb8
Changes in support of corrected TLS rollback detection.
2000-05-24 03:31:44 +00:00
nelsonb%netscape.com
a113e9ad8a
Fix a transcription error that caused a crash.
2000-05-24 02:22:18 +00:00
mcgreer%netscape.com
1f8008ee85
Added calls for BSAFE 5.0
2000-05-23 22:15:25 +00:00
mcgreer%netscape.com
5d1cd52439
break a long rsa message into key-sized blocks for testing.
2000-05-23 20:01:31 +00:00
chrisk%netscape.com
cc9a75cd14
Added RFC2630 OID values:
...
SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = id-alg-ESDH
SEC_OID_CMS_3DES_KEY_WRAP = id-alg-CMS3DESwrap
SEC_OID_CMS_RC2_KEY_WRAP = id-alg-CMSRC2wrap
2000-05-22 15:28:22 +00:00
chrisk%netscape.com
8a40c748ac
Added SEC_ASN1DecodeInteger function
2000-05-22 15:24:20 +00:00
mcgreer%netscape.com
ebf9115175
hash performance functions now look the same as the other ciphers. add a zerobuffer option to avoid creating random buffers when performance testing.
2000-05-19 22:50:48 +00:00
nelsonb%netscape.com
7e2567dffc
Performance enhancement. Takes only 70% as long as previous version.
2000-05-19 22:14:38 +00:00
mcgreer%netscape.com
be99cf056a
fix up the mode arrays.
2000-05-19 21:02:05 +00:00
mcgreer%netscape.com
2e902ef580
work on making test program more usable.
...
* added usage
* chaining modes and stream ciphers reset contexts when doing multiple iterations for performance testing
2000-05-19 20:34:05 +00:00
nelsonb%netscape.com
5875fc4cc5
Add support for sha1. Add repetition count argument to -p.
2000-05-19 18:35:53 +00:00
nelsonb%netscape.com
b486d9d3d5
Fix sha_fast for 64-bit solaris and 64-bit Alpha.
2000-05-19 02:10:33 +00:00
mcgreer%netscape.com
bd476fcdc8
very rudimentary test code for regression tests of BLAPI.
2000-05-18 22:59:42 +00:00
mcgreer%netscape.com
5ca43c9e50
Changing MIN's and MAX's to PR_MIN, PR_MAX
2000-05-18 15:32:18 +00:00
mcgreer%netscape.com
1d3f68dd7e
Changing all MIN's and MAX's to PR_MIN, PR_MAX
2000-05-18 15:30:12 +00:00
mcgreer%netscape.com
aba66a5214
changing all MIN's and MAX's to PR_MIN, PR_MAX (MIN and MAX were defined in dbm).
2000-05-18 15:28:43 +00:00
nelsonb%netscape.com
db1c7e8b35
Changes to ssl_EmulateSendFile suggested by Wan-Teh.
...
See http://bugzilla.mozilla.org/show_bug.cgi?id=39011
2000-05-18 01:32:53 +00:00
roeber%netscape.com
7f2818aa4e
Applying ancient patch to dump out extended key usage extensions
2000-05-18 01:02:40 +00:00
nelsonb%netscape.com
401cd644f6
In ssl3_GenerateSessionKeys() ensure params secitem always points to valid
...
CK_SSL3_MASTER_KEY_DERIVE_PARAMS structure. Bugzilla bug 39682.
2000-05-18 00:41:38 +00:00
mcgreer%netscape.com
b5b10b72a8
allow import of NSPR and DBM from mozilla when building with BSAFE.
2000-05-17 23:19:18 +00:00
dougt%netscape.com
d50bfdd577
Mac tweeks.
2000-05-17 22:59:40 +00:00
roeber%netscape.com
4c7240ff19
Detect at runtime when we're running with NSPR 1 and switch the thread-private-data calls accordingly. This lets our pkcs#11 modules be loaded into Communicator.
2000-05-17 20:19:24 +00:00
roeber%netscape.com
bbe222523a
If a database has not been given a label, return the filename so Communicator has *something* to show
2000-05-17 18:28:13 +00:00
mcgreer%netscape.com
40616e7038
fix some compiler warnings
2000-05-17 17:31:20 +00:00
mcgreer%netscape.com
1d9865e6d7
including md2 and md5 implementations in MOZILLA_SECURITY_BUILD
2000-05-16 23:05:47 +00:00