mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
175 889 коммитов 615 Ветки 98 Теги 5,7 GiB
Граф коммитов

4160 Коммитов

Автор SHA1 Сообщение Дата
alexei.volkov.bugs%sun.com b2eede4173 Patch contributed by timeless@bemail.org 
[Bug 336992] crash [@ pk11_DoKeys] "arg" Pointer dereferenced before NULL check. r=nelson
 2006-05-13 00:46:51 +00:00
alexei.volkov.bugs%sun.com 39db992bd1 Patch contributed by timeless@bemail.org 
[Bug 336972] OOM crash [@ PK11_ImportDERPrivateKeyInfoAndReturnKey] "pki" Pointer allocated by PORT_NewArena dereferenced without NULL check. r=nelson
 2006-05-13 00:41:16 +00:00
alexei.volkov.bugs%sun.com 4176224c5b Patch contributed by timeless@bemail.org 
[Bug 336466] oom crash [@ CERT_DecodeAuthKeyID]. r=nelson
 2006-05-13 00:33:09 +00:00
alexei.volkov.bugs%sun.com 0d612a798a Patch contributed by jonsmirl@yahoo.com 
[Bug 336935] Coverity 172, dead code in mozilla/security/nss/lib/softoken/keydb.c. r=nelson, r=alexei.volkov.bugs
 2006-05-13 00:27:22 +00:00
julien.pierre.bugs%sun.com a172cbe397 Fix for bug 336477. Memory leak in CERT_UncacheCRL . r=nelson 2006-05-13 00:27:12 +00:00
alexei.volkov.bugs%sun.com d76295c913 Patch contributed by jonsmirl@yahoo.com 
[Bug 336932] Coverity 163, dead code in mozilla/security/nss/lib/ssl/ssl3con.c. r=nelson
 2006-05-13 00:15:43 +00:00
alexei.volkov.bugs%sun.com 73626f65a8 Patch contributed by timeless@bemail.org 
[Bug 336481] oom crash [@ crmf_copy_cert_req_msg]
 2006-05-13 00:03:12 +00:00
nelson%bolyard.com 28a533ac47 Bug 337093. Remove dead code at label loser in function dbs_readBlob 
Patch by Jon Smirl <jonsmirl@yahoo.com>, r=wtchang.  Coverity bug
 2006-05-12 23:37:58 +00:00
wtchang%redhat.com 2a00f3c4d2 Bugzilla Bug 336521: we should search the build tree (${DIST}/${OBJDIR}) 
before /bin and /usr/bin. r=slavomir.katuscak
 2006-05-12 20:50:53 +00:00
wtchang%redhat.com 68093029ef Bugzilla Bug 336934: removed ununsed variable ck_id. The patch is 
contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
 2006-05-12 20:42:13 +00:00
wtchang%redhat.com 4e43ea1d0a Bugzilla Bug 336937: removed a test that is guaranteed to be true. The 
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=nelsonb,wtc.
 2006-05-12 20:33:47 +00:00
wtchang%redhat.com cddae0bdc9 Bugzilla bug 336938: removed a test that is guaranteed to be false. The 
patch is contributed by Jon Smirl <jonsmirl@yahoo.com>. r=wtc.
 2006-05-12 16:49:07 +00:00
wtchang%redhat.com 321cb8386e Bugzilla Bug 298506: Do not log the token name (so the declaration of 
sftk_getDefTokName in pkcs11i.h and the previous change to sftk_SlotFromID
weren't necessary). Use Linux's audit subsystem if available. r=relyea.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
 2006-05-10 21:33:11 +00:00
wtchang%redhat.com 90e7d73574 Bugzilla Bug 298522: implemented ECDSA power-up self-test. The patch was 
written by Glen Beasley of Sun. r=wtc.
 2006-05-08 18:20:28 +00:00
wtchang%redhat.com 16146af129 Bugzilla Bug 333925: added a comment to paraphrase an obscure if statement. 2006-05-05 23:54:05 +00:00
wtchang%redhat.com 580b97817e Bugzilla Bug 333925: worked around AES test failures of code compiled by 
Forte 6 update 2 by using the old optimization flags used in NSS 3.10.
r=relyea.
 2006-05-05 23:39:29 +00:00
wtchang%redhat.com 836e0c0b9c Bugzilla Bug 334679: removed a duplicate line in ec_GF2m_validate_point. 
r=douglas.stebila.
 2006-05-05 23:08:50 +00:00
wtchang%redhat.com 798e8d1bc1 Added/removed blank lines to eliminate the diffs between the trunk and the 
NSS_3_11_BRANCH.
Modified files: pkcs11.c pkcs11c.c
 2006-05-05 20:31:30 +00:00
wtchang%redhat.com 01891a9574 Bugzilla Bug 298506: implemented FIPS 140-2 Security Level 2 audit 
requirements. r=glen.beasley.
Modified Files:
	fipstokn.c pkcs11.c pkcs11c.c pkcs11i.h softoken.h softoknt.h
 2006-05-05 20:02:47 +00:00
julien.pierre.bugs%sun.com ba58910b9e Fix for bug 336335 . Plug leak of a temporary bignum in modular exponentiation . r=wtchang 2006-05-05 01:22:59 +00:00
julien.pierre.bugs%sun.com 1964aace2e Fix for bug 336335 - memory leaks in ECC code. r=wtchang 2006-05-04 01:05:04 +00:00
julien.pierre.bugs%sun.com 7015af0983 Fix for bug 219932 . NISCC test script enhancements. Patch submitted by Jason Reid (jason.m.reid@sun.com) . r=slavomir.katuscak@sun.com,julien.pierre@sun.com 2006-05-01 22:52:32 +00:00
julien.pierre.bugs%sun.com d15ad02799 Fix for bug 335021. Add SEC_ASN1_CONSTRUCTED to S/MIME EKP template. r=relyea 2006-04-29 00:18:42 +00:00
rrelyea%redhat.com 5f24a2a77c Attachment #215739: Use SSE2 multiply instructions on intel processors. for bug #326482 
r=nelson r=wtc
 2006-04-28 17:06:22 +00:00
christophe.ravel.bugs%sun.com a8e64c65ca [Bug 334843] Add rpath for HP-UX on pa-risc 
r+ neil.williams.
 2006-04-27 23:36:20 +00:00
alexei.volkov.bugs%sun.com 143f21193c [Bug 334274] double free in CRMF_EncryptedKeyGetEncryptedValue. r=nelson 2006-04-27 22:09:28 +00:00
alexei.volkov.bugs%sun.com f5f5d893ff [Bug 334326] DecodeV4DBCertEntry: Variable "(entry)->nickname" tracked as NULL was passed to a function that dereferences it. r=rrelyea 2006-04-27 18:35:24 +00:00
alexei.volkov.bugs%sun.com 20919d892f [Bug 334454] Variable "(key)->pkcs11Slot" tracked as NULL was passed to a function that dereferences it. [@ SECKEY_CopyPrivateKey - SSL_ConfigSecureServer]. r=nelson 2006-04-26 19:40:56 +00:00
alexei.volkov.bugs%sun.com 49cb46e26c [Bug 333389] sftk_NewAttribute should not crash when so is NULL [@ sftk_NewAttribute]. r=nelson 2006-04-26 19:18:00 +00:00
alexei.volkov.bugs%sun.com c353bf9e7b [Bug 334522] pk12util crash in SEC_PKCS12DecoderValidateBags. r=nelson 2006-04-26 06:47:30 +00:00
nelson%bolyard.com b9c189458d Disable AMD64 assembly optimizations. Bug 334057. r=nelson 2006-04-25 05:51:23 +00:00
nelson%bolyard.com 249561bf3b Bug 294537: ssltap should display ASCII CA names from cert request message 
r=alexei.volkov
 2006-04-25 04:58:45 +00:00
nelson%bolyard.com f02321e973 Backout the last change, undoing the fix for bug 320336 and bug 333405. 2006-04-25 04:39:24 +00:00
alexei.volkov.bugs%sun.com 7fc553fcf8 [Bug 334277] double free in [@ sftk_FreeAttribute - sftk_DeleteAttributeType]. r=relyea 2006-04-25 02:33:58 +00:00
alexei.volkov.bugs%sun.com 97c78b7911 [Bug 334276] double free in [@ SECKEY_CopyPublicKey]. r=nelson 2006-04-25 02:23:52 +00:00
wtchang%redhat.com 085b36691e Bugzilla Bug 320336: SECITEM_AllocItem should return a NULL pointer if the 
allocation of its 'data' buffer fails. r=nelson.  This checkin fixed bug
333405 as a byproduct.
Modified files: secitem.c secitem.h
 2006-04-24 22:50:13 +00:00
nelson%bolyard.com dbe80e7489 Remove call to printf in ecl/ecp_224.c Bug 334448. r=wtchang 2006-04-24 21:27:38 +00:00
nelson%bolyard.com dafe77ce6c Display TLS hello extensions and alerts. Display ECC cipher suites. 
Bug 333600 and bug 334314. r=Alexei.Volkov
 2006-04-24 06:11:41 +00:00
nelson%bolyard.com 1930ea6074 Put nss.def file sections in numeric order, and alphabetical order 
within sections.
 2006-04-24 05:08:04 +00:00
nelson%bolyard.com 0c05899fa2 Bug 323350. sr=rrelyea. This patch makes 3 changes: 
1) it adds a new ifdef which enables SSL to limit itself to the 3 Suite B
   curves.
2) it corrects the creation and parsing of the Supported Curve extension to
   conform with the lastest definition, by using 2 bytes to encode the list
   length,
3) it changes the algorithm that picks the curve for ECDHE to choose a curve
   that is at least as strong as the "weakest link", is mutually supported
   by client and server, and is the fastest for its size.
 2006-04-23 00:17:18 +00:00
julien.pierre.bugs%sun.com ff004c3373 Fix for bug 335039. Declare nssCKFWCRyptoOperation_UpdateCombo. r=wtchang 2006-04-22 05:30:18 +00:00
julien.pierre.bugs%sun.com 0a709d0578 Fix red tree on Windows. 2006-04-22 05:18:20 +00:00
alexei.volkov.bugs%sun.com fc87dbb2fe [Bug 334183] Double free on error because CERT_FindCertIssuer unexpectedly calls CERT_DestroyCertificate. r=alexei 2006-04-22 02:09:09 +00:00
julien.pierre.bugs%sun.com 1d134e6b56 Fix for bug 331413 . replace signal with sigaction; fix logging. r=wtchang 2006-04-22 01:28:14 +00:00
alexei.volkov.bugs%sun.com 76a9749ba0 Patch contributed by timeless@bemail.org 
[Bug 334449] oom Crash in crmf_template_copy_secalg. r=nelson
 2006-04-22 01:25:57 +00:00
alexei.volkov.bugs%sun.com d4f39e6449 Patch contributed by timeless@bemail.org 
[Bug 334436] nsslowcert_UpdateSubjectEmailAddr doesn't consistently use emailAddrs as a guard of nemailAddrs guarding emailAddrs[0]. r=nelson
 2006-04-22 01:19:41 +00:00
alexei.volkov.bugs%sun.com aea5eb0f12 Patch contributed by timeless@bemail.org 
[Bug 334328] nsspkcs5_PKCS12PBE: Variable "A" tracked as NULL was dereferenced. r=nelson
 2006-04-22 01:13:15 +00:00
alexei.volkov.bugs%sun.com 86494ef39a [Bug 334275] double free in [@ PK11_ListPublicKeysInSlot]. r=nelson 2006-04-22 01:08:17 +00:00
alexei.volkov.bugs%sun.com 9c061b607a [Bug 334273] double free in SECKEY_DecodeDERSubjectPublicKeyInfo. r=nelson 2006-04-22 01:03:18 +00:00
alexei.volkov.bugs%sun.com 5f88dfbdaa [Bug 334240] double free in nsslowkey_ConvertToPublicKey if SECITEM_CopyItem or SECITEM_CopyItem fail. r=nelson 2006-04-22 00:59:13 +00:00
alexei.volkov.bugs%sun.com 8feb62dbd0 [Bug 334236] double free in PK11_ListPrivKeysInSlot if keys allocation fails. r=nelson 2006-04-22 00:55:29 +00:00
wtchang%redhat.com e8b0114d09 Bugzilla Bug 333932: fixed Solaris SPARC GCC build failures. 
r=christophe.ravel
 2006-04-22 00:13:29 +00:00
alexei.volkov.bugs%sun.com 5f22914b4a [Bug 334234] PK11_NewSlotInfo returns freed objects if lock allocations fail. r=nelson 2006-04-21 23:29:37 +00:00
wtchang%redhat.com 6f1bd4dc40 Bugzilla Bug 334533: in getPQseed we always set the most significant bit of 
SEED to 1 to make NIST CMVP's PQG parameter validation tool happy. In
PQG_ParamGenSeedLen we require the length of SEED be at least 20 bytes.
r=nelson.
 2006-04-21 17:48:30 +00:00
wtchang%redhat.com 37a7e6c417 Bugzilla Bug 298522: changed RSA modulus size to 1024 bits and added known 
answer tests for RSA SHA1, SHA256, SHA384, and SHA512 signatures.  The
patch is written by Glen Beasley. r=wtc.
 2006-04-21 17:13:50 +00:00
wtchang%redhat.com d0604ba735 Bugzilla Bug 236245: Use a stack buffer for ec_params.data in 
ssl3_SendECDHServerKeyExchange. r=nelson.
 2006-04-21 16:19:48 +00:00
wtchang%redhat.com 333657e660 Bugzilla Bug 334553: fixed the comments because mp_digit is actually 64-bit 
(unsigned long or unsigned long long). r=nelson.
 2006-04-21 16:13:02 +00:00
rrelyea%redhat.com 5cd56974be Performance tests for ec curves. Test's freebl and pkcs11 interfaces. 2006-04-21 01:40:48 +00:00
wtchang%redhat.com 432ccc0173 Bugzilla Bug 326754: checked the change back in. We failed the NIST DSA 
PQGGen test for some other reason (bug 334533).
 2006-04-20 21:55:24 +00:00
nelson%bolyard.com fe04651c77 Bug 80092: SSL write indicates all data sent when some is buffered. 
SSL now follows NSPR socket semantics and never returns a short write
count on a blocking socket.  On a blocking socket, it returns either
the full count or -1 (with an error code set).
For non-blocking sockets, SSL no longer returns a full write count
when some of the data remains buffered in the SSL record layer.
Instead it returns a number is that always at least 1 byte short of a
full write count, so that the caller will  keep retrying until it is done.
SSL makes sure that the first byte sent by the caller in the retry
matches the last byte previously buffered.  r=rrelyea.
Modified Files: ssl3con.c sslcon.c ssldef.c sslimpl.h sslsecur.c
 2006-04-20 08:46:34 +00:00
nelson%bolyard.com 43a7c5e950 Fix buffer overflow regression. Bug 236245. sr=wtchang 2006-04-20 06:57:54 +00:00
alexei.volkov.bugs%sun.com b67f75bc05 Patch contributed by timeless@bemail.org 
[Bug 334459] Variable "cipherName" tracked as NULL was passed to a
 function that dereferences it. [@ PORT_Strdup - SSL_SecurityStatus]. r=nelson
 2006-04-20 00:20:45 +00:00
alexei.volkov.bugs%sun.com 0f639ba66a Patch contributed by timeless@bemail.org 
[Bug 334446] oom Crash in nssCKFWFindObjects_Create. r=nelson
 2006-04-20 00:03:33 +00:00
alexei.volkov.bugs%sun.com 60674bc568 Patch contributed by timeless@bemail.org 
[Bug 334443] oom Crash in nssCKFWSession_Create. r=nelson
 2006-04-19 23:50:43 +00:00
alexei.volkov.bugs%sun.com 3a8f586a3c Patch contributed by timeless@bemail.org 
[Bug 334438] oom Crash in ReadDBCertEntry. r=nelson
 2006-04-19 23:43:10 +00:00
alexei.volkov.bugs%sun.com ff6fa1f51c Patch contributed by timeless@bemail.org 
[Bug 334442] Incorrect use of realloc oom Crash in secmod_ReadPermDB;r=nelson
 2006-04-19 22:53:45 +00:00
alexei.volkov.bugs%sun.com c501854878 Patch contributed by nelson@bolyard.com. 
[Bug 334327] pk11_CreateNewContextInSlot: Variable "(context)->key" tracked as NULL was passed to a function that dereferences it. r=alexei
 2006-04-19 22:32:30 +00:00
wtchang%redhat.com fcca57e69e Bugzilla bug 334553: use the ULL suffix with unsigned long long constants. 
r=douglas.stebila.
Modified files: ecl/ecp_256.c mpi/mp_gf2m.c
 2006-04-19 22:19:09 +00:00
wtchang%redhat.com 2c62bf1d13 Bugzilla bug 334683: removed extraneous semicolons. r=alexei.volkov. 
Modified files: cmd/certutil/certutil.c lib/pki/pkistore.h
 2006-04-19 19:04:23 +00:00
julien.pierre.bugs%sun.com b41066e368 Fix for bug 331413. Don't set SO_LINGER in the Win95 build to workaround NSPR bug 332348. r=wtchang 2006-04-18 22:56:44 +00:00
wtchang%redhat.com 0a3bf353d3 Bugzilla Bug 333917: the non-x86 code in at least the DES_CBCEn and 
DES_EDE3CBCEn functions violates ANSI C's aliasing rules.  So we compile
this file with strict aliasing rules turned off. r=nelsonb.
 2006-04-18 17:33:56 +00:00
nelson%bolyard.com fa09229848 Don't add 3 to the user-supplied number of validity months. Bug 333679. 
r=neil.williams
 2006-04-15 01:00:11 +00:00
julien.pierre.bugs%sun.com 8eb43e8ec2 Fix for bug 262375 . Add clobber_dbm and clobber_nspr targets, as well as nss_clean_all . r=nelson 2006-04-14 22:48:31 +00:00
nelson%bolyard.com b39425fcfa big cleanup of error codes returned by pkcs12 library. 
No longer returns SEC_ERROR_NO_MEMORY for every possible error code.
Bug 321584. r=neil.williams
 2006-04-14 18:34:44 +00:00
nelson%bolyard.com efdb126901 Fix broken optimized builds, caused by last checkin. Bug 236245. 2006-04-14 00:43:19 +00:00
nelson%bolyard.com c4fb4fa280 Implement TLS Hello extensions for ECC. Bug 236245. r=rrelyea. 
This patch has a known problem, choosing ephemeral ECDH curves
according to the wrong (suboptimal, non-FIPS) criteria.
Modified Files: ssl3con.c ssl3ecc.c sslimpl.h
 2006-04-13 23:08:18 +00:00
nelson%bolyard.com 1cfdf61890 Add and use new -2 option for strsclnt to disable SSL2 compatible client 
hellos, so we can stress test TLS hello extensions.  Bug 333559.
r=julien.pierre,rrelyea
 2006-04-13 22:43:31 +00:00
wtchang%redhat.com b95ecf558f Bugzilla Bug 330114: corrected the checks for the PKCS #1 v1.5 padding 
string and the length of the data (hash). r=nelsonb,relyea.
 2006-04-13 22:12:17 +00:00
julien.pierre.bugs%sun.com 6493a984f5 Fix for 333657 . Increase maximum RSA key size to 8192 bits in freebl. r=nelson 2006-04-12 05:37:52 +00:00
alexei.volkov.bugs%sun.com 258c59ba66 [Bug 332272] add core detection functionality to all.sh; r=nelson 2006-04-12 01:14:27 +00:00
wtchang%redhat.com 90d708c409 Bugzilla Bug 331413: assert that the worker threads empty the jobQ before 
they terminate.  Fix a socket leak when the SSL_ImportFD call in
handle_connection fails. r=nelson.bolyard.
 2006-04-11 21:12:28 +00:00
nelson%bolyard.com c65c61b8c5 Implement new API for registering and deregistering shutdown callback functions. 
Patch by Bob Relyea and Nelson Bolyard. r=rrelyea,nelson  Bug 326482.
 2006-04-08 05:11:55 +00:00
nelson%bolyard.com 424fabe58a Bug 333090: CKM_DH_PKCS_KEY_PAIR_GEN always fails. r=nelson, sr=rrelyea 
Patch contributed by Andreas.Sterbenz@sun.com
 2006-04-08 05:05:01 +00:00
nelson%bolyard.com bbd7fa2247 WORKAROUND: disable all the ECDH_RSA cipher suites tests, since all those 
tests require a cert with an EC public key and an RSA signature, and the
test scripts do not presently generate such a cert.
This workaround can be backed out when the real fix is available.
Bug 332222. r=neil.williams
 2006-04-08 04:28:32 +00:00
kaie%kuix.de 1c0c7bbeb8 bug 331648, signed/unsigned bug submitting CRMF cert requests 
r=rrelyea, sr=nelson
 2006-04-07 11:41:18 +00:00
nelson%bolyard.com 1f32c2cf8f Implement generic support for TLS Hello Extensions. Bug 226271. r=vipul 2006-04-07 06:24:07 +00:00
julien.pierre.bugs%sun.com 7ceb91038f Fix for bug 311164 . Initialize stan cert store object early to fix a race condition. r=nelson 2006-04-07 05:49:04 +00:00
julien.pierre.bugs%sun.com b532759c4f Fix for bug 315793 . Make shlibsign run in the OBJDIR rather than the source directory . r=nelson 2006-04-06 06:22:02 +00:00
julien.pierre.bugs%sun.com 7c86f12851 Fix for bug 315798 . run bltest and rsaperf from source directories in the QA . r=nelson 2006-04-06 06:19:41 +00:00
nelson%bolyard.com acfe04a6dd Don't negotiate an ECDH_RSA cipher suite when the server's only ECDH cert 
has an ECDSA signature.  bug 332350. r=vipul.gupta.
 2006-04-06 04:40:49 +00:00
julien.pierre.bugs%sun.com 51b246188b Partial fix for bug 332348 . Add PR_POLL_EXCEPT to a PR_Poll . Allows tstclnt to wake up if server goes away. r=wtchang 2006-04-06 01:49:03 +00:00
nelson%bolyard.com 53b9b7ff2f Fix shell script error that caused undetected QA failures. Bug 311931. 
r=nelson.bolyard,alexei.volkov
 2006-04-05 19:35:47 +00:00
nelson%bolyard.com 779a0beabf Add new -i (ignore errors) command line option to strsclnt. Strsclnt now 
stops soon after the first error unless the -i option is given.
Strsclnt and tstclnt now look for an environment variable named
NSS_DEBUG_TIMEOUT, and if present, its value is used as a timeout time
for all socket IO operations.  Bug 332348. r=julien.pierre.
 2006-04-04 07:31:46 +00:00
nelson%bolyard.com edbca07369 Eliminate duplicated header files in cmd/SSLsample. Bug 332633. 
r=julien.pierre
Modified Files: SSLsample/client.mn SSLsample/server.mn lib/manifest.mn
Removed Files:  SSLsample/NSPRerrs.h SSLsample/SECerrs.h SSLsample/SSLerrs.h
 2006-04-04 01:56:27 +00:00
glen.beasley%sun.com 482dc1a71e David Baron fix for valgrind report of UMR r=wtchang sr=Nelson 2006-04-04 01:01:51 +00:00
nelson%bolyard.com fecbcf26d6 Define alerts and error codes for TLS Hello extensions. Bug 226271. 
r=julien.pierre
 2006-04-04 00:32:27 +00:00
rrelyea%redhat.com c152a5f5fa Bug 332381 pk12util fails to import key/cert onto LunaSA HSM 
r=nelson
 2006-03-31 21:35:37 +00:00
gerv%gerv.net 41fd37565a Bug 236613: change to MPL/LGPL/GPL tri-license. 2006-03-31 04:41:00 +00:00
rrelyea%redhat.com 2cef28020c bug 309701 Softtoken C_CreateObject() should not require 
CKA_NETSCAPE_DB attribute to be present

r=alexei
 2006-03-31 00:38:48 +00:00
rrelyea%redhat.com f6290f423b From Bug 331279. 
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei
 2006-03-30 21:07:22 +00:00
julien.pierre.bugs%sun.com 39ee00370d Fix for 330068 . Be more verbose in strsclnt error cases 2006-03-29 22:35:44 +00:00
alexei.volkov.bugs%sun.com 209577ded2 331515: selfserv Bus error on 3DES ciphersuites; r=julien, sr=nelson 2006-03-29 07:23:40 +00:00
julien.pierre.bugs%sun.com b6762d713e Remove comment in ssl.sh that messes execution. Part of fix for bug 331413. 2006-03-29 06:54:56 +00:00
julien.pierre.bugs%sun.com 01fe9ff1bf Fix for bug 330068 . Increment counter variable atomically. Be more verbose. r=nelson 2006-03-29 05:05:09 +00:00
julien.pierre.bugs%sun.com bd3cb7e1ef Partial fix for bug 331413 . Allow selfserv to be tested for reference leaks. r=nelson 2006-03-29 05:03:10 +00:00
glen.beasley%sun.com 0224b3a860 318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea 2006-03-25 23:45:23 +00:00
rrelyea%redhat.com c8e770c69d Bug 321350 Implement optimized code for NIST Suite B elliptic curves 
r=douglas r=vipul
 2006-03-24 22:55:51 +00:00
nelson%bolyard.com a9beb655f0 Backout changes for bug 321350 
Implement optimized code for NIST Suite B elliptic curves
Those changes broke the build on Solaris.  r=Sheriff Nelson
 2006-03-24 09:08:24 +00:00
rrelyea%redhat.com e72ce470d4 321350 Implement optimized code for NIST Suite B elliptic curves 
r=douglas.
 2006-03-23 19:55:37 +00:00
rrelyea%redhat.com e13e6cc7f7 Bug 238051 Enable SSL session reuse for ECC cipher suites 
r=nelson r=thomas.

patch in bug + white space changes suggested by nelson.
 2006-03-22 19:18:30 +00:00
rrelyea%redhat.com 2bfdfe5969 Updated previous patch with douglas's input. (still bug 323817 
Truncation of hashes for ECDSA should be done at bit level, not octet level).
r= vipul r=douglas
 2006-03-22 19:02:06 +00:00
rrelyea%redhat.com 01ef3de28a Bug 273637 3 locks in softoken have unsafe initialization 
r=alexi r=julien
 2006-03-21 19:36:53 +00:00
rrelyea%redhat.com dd7e2a2cf6 Correct bug entry: 
25683 EC param parsing error not propagated correctly
r=andreas.
 2006-03-21 19:33:52 +00:00
rrelyea%redhat.com 6a7da6374e Backing out previous changes that invalid or incorrect log entries for this 
patch.
 2006-03-21 19:30:10 +00:00
rrelyea%redhat.com e182cdf8e2 *** empty log message *** 2006-03-21 19:23:30 +00:00
rrelyea%redhat.com c385e5088d Bug 273637 3 locks in softoken have unsafe initialization 
r=alexi r=julien
 2006-03-21 02:28:48 +00:00
nelson%bolyard.com 6c95b75b6a Avoid stack overflow while generating primes. Bug 310145. r=wtchang 2006-03-19 05:09:30 +00:00
rrelyea%redhat.com 5f90fef71c Bug 238051 Enable SSL session reuse for ECC cipher suites 
r=nelson
 2006-03-17 21:15:09 +00:00
rrelyea%redhat.com 14c38aa668 Bug 329072 client sometimes fails to authenticate despite having cert 
r= nelson
 2006-03-17 20:44:23 +00:00
rrelyea%redhat.com 9e18a1acf3 Bug 323817 Truncation of hashes for ECDSA should be done at bit level, not octet level 
r=vipul.gupta@sun.com
 2006-03-17 16:58:06 +00:00
rrelyea%redhat.com 11b860880e Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails 
Use SEC_GetSignatureAlgorithmOidTag() to map to the signature oid.
r=wtc
 2006-03-15 21:46:24 +00:00
rrelyea%redhat.com 2b42f9feb9 Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails 
patch makes SHA1 the default hashing for RSA rather than MD5.
patch by wtc r=rrelyea.
 2006-03-15 21:42:21 +00:00
rrelyea%redhat.com aab12ab3a8 bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined 
r=wtc
 2006-03-15 19:22:32 +00:00
rrelyea%redhat.com c783f88c97 bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined 
r=wtc
 2006-03-15 19:13:12 +00:00
nelson%bolyard.com 2996640c67 Bug 324448. Convert mpi_x86.asm to mpi_x86_asm.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
 2006-03-10 06:48:46 +00:00
nelson%bolyard.com d42549b7ac Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
 2006-03-09 23:50:43 +00:00
nelson%bolyard.com 41a9b174bd Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre  sr=nelson@bolyard.com
 2006-03-09 23:46:45 +00:00
nelson%bolyard.com 19a46702bf Bug 329002. fix cert reference leak. r=alexei.volkov,rrelyea 2006-03-09 23:38:57 +00:00
christophe.ravel.bugs%sun.com 3203ada5f3 Bugzilla 324887: merge ECC and non-ECC QA test scripts. 
Add return code and error message for ssl_stress and ssl_cov.
r=vipul, sr=nelson.
 2006-03-08 00:47:28 +00:00
wtchang%redhat.com a0ed51d33e Bugzilla Bug 329575: ECPoint_mul should multiply a point by the group order 
faithfully because this operation is required by the public key validation
algorithm.  r=douglas.stebila,vipul.gupta.
 2006-03-08 00:19:34 +00:00
wtchang%redhat.com d679dc6d35 Bugzilla Bug 320578: added a new function ec_GenerateRandomPrivateKey to 
generate a random private key without bias using the algorithm of FIPS
186-2 Change Notice 1, and use it to generate EC private key d and ECDSA
ephemeral private key k.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca> and improved by me. r=douglas.stebila,vipul.gupta.
 2006-03-06 23:48:39 +00:00
wtchang%redhat.com 85a72075f3 Bugzilla Bug 324887: The previous checkin introduced a comment bug. A 
comment line must begin with exactly one '#' character followed by white
space.
 2006-03-03 22:10:30 +00:00
wtchang%redhat.com f1ca8f1fd1 Bugzilla Bug 324887: merged ECC and non-ECC QA test scripts and removed 
ECC QA test scripts.  The patch is written by Vipul Gupta and Christophe
Ravel of Sun. r=wtc,nelsonb,jpierre
Modified Files:
	cert/cert.sh smime/smime.sh ssl/ssl.sh ssl/sslauth.txt
	ssl/sslcov.txt ssl/sslstress.txt tools/tools.sh
Removed Files:
	fixtests.sh cert/eccert.sh smime/ecsmime.sh ssl/ecssl.sh
	ssl/ecsslauth.txt ssl/ecsslcov.txt ssl/ecsslstress.txt
	tools/ectools.sh
 2006-03-03 20:06:03 +00:00
wtchang%redhat.com de8be1e067 Bugzilla bug 326482: code cleanup: ssl3_NewKeyPair should not create a key 
pair with only one key. r=nelson.bolyard.
 2006-03-03 18:48:09 +00:00
wtchang%redhat.com aed20ed068 Bugzilla bug 326482: removed incorrect comments. r=nelson.bolyard. 2006-03-03 18:45:54 +00:00
nelson%bolyard.com ac042bff56 Fix standalone mpi Makefile to build on OS/X. Bug 327405. 
Patch contributed by Douglas Stebila <douglas@stebila.ca>
 2006-03-03 04:21:56 +00:00
nelson%bolyard.com 5e2ca73982 Bug 327677. Fix cert object reference leak. r=julien.pierre,nelson 
Patch contributed by Alexei Volkov <alexei.volkov.bugs@sun.com>
 2006-03-03 04:00:49 +00:00
wtchang%redhat.com 57a3c7aa21 Bug 236613: change to MPL/LGPL/GPL tri-license. 2006-03-02 22:48:55 +00:00
wtchang%redhat.com b69eb504ce Bugzilla Bug 320589: fixed PK11_SignatureLen to return the exact length of 
ECDSA signatures.  Backed out a temporary workaround in
ECDSA_SignDigestWithSeed.  Made other changes related to signature lengths.
r=relyea,nelson.bolyard.
Modified Files:
	cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secsign.c
	freebl/ec.c pk11wrap/pk11obj.c pk11wrap/pk11pub.h
	ssl/ssl3con.c
 2006-03-02 00:07:08 +00:00
wtchang%redhat.com 8696bd362e Bugzilla Bug 326403: use "Mozilla Foundation" as the manufacturer or 
producer of our shared libraries/DLLs.  Removed the optional copyright
notices from our DLLs. r=relyea,jpierre.
Modified Files:
	lib/ckfw/builtins/constants.c lib/ckfw/builtins/nssckbi.rc
	lib/ckfw/capi/nsscapi.rc lib/ckfw/dbm/instance.c
	lib/freebl/freebl.rc lib/nss/nss.rc lib/smime/smime.rc
	lib/softoken/pkcs11.c lib/softoken/softokn.rc lib/ssl/ssl.rc
 2006-03-01 19:44:36 +00:00
rrelyea%redhat.com f95ae18fe7 Remove mp_init/mp_clear calls (and potential mallocs,frees and zeros) 
in tight loops for bug #326482

r=nelson
 2006-03-01 17:09:17 +00:00
rrelyea%redhat.com 6a21aaef0e bug 326482 Implement the derive sensitive only for those derivation functions that require it. 
fixes a performance problem with ECDH.

r=wtchang, nelson.
 2006-03-01 16:12:22 +00:00
nelson%bolyard.com 340adcfbfa Bug 327405. Correct EC keypair Generation. r=vipul.gupta,nelson.bolyard 
Patch contributed by Douglas Stebila <douglas@stebila.ca>
 2006-03-01 07:06:24 +00:00
nelson%bolyard.com 56fc6fa166 Bug 328262. Increment ssl3 statistics counters atomicly. r=wtchang,julien.pierre 2006-03-01 05:45:45 +00:00
wtchang%redhat.com 7986d13c5b Bugzilla Bug 327978: removed obsolete files, superseded by the ecl 
directory.  r=douglas.stebila.
Removed files: GF2m_ecl.c GF2m_ecl.h GFp_ecl.c GFp_ecl.h
 2006-02-28 23:43:19 +00:00
nelson%bolyard.com a86941f281 Bug 326315. Warning Reduction. On TRUNK only. r=Julien.Pierre 2006-02-28 05:56:07 +00:00
nelson%bolyard.com 74a0a6eea2 Bug 325683. EC param parsing error not propagated correctly. 
Fix the cases that Andreas identified.  Patch by Andreas.Sterbenz@sun.com
r=Julien,wtchang,nelson
 2006-02-28 05:44:56 +00:00
nelson%bolyard.com 4b1a1b7cb3 Bug 326690. Enable modutil to configure default slots for the 
AES, SHA256 or SHA512 mechanisms.  r=rrelyea,julien.pierre
 2006-02-28 05:16:00 +00:00
nelson%bolyard.com 52395a4abb Bug 327105. Reintroduce an old bug that prevents _DHE_ cipher suites 
from being negotiated by NSS servers.  Necessary until the server side
of the _DHE_ cipher suites is fully implemented.  r=Julien,Wan-Teh,Vipul
 2006-02-28 04:20:23 +00:00
wtchang%redhat.com 7a0f0203c7 Bugzilla Bug 320038: checked in a better fix that allows us to write 
EC domain parameters as hex strings with leading 00's. r=douglas.stebila
sr=relyea.
Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
 2006-02-27 23:18:34 +00:00
wtchang%redhat.com 6c376850a1 Bugzilla Bug 328228: fixed the typo "secp169k1". The patch is contributed 
by jyri <jyri.virkki@sun.com>. r=wtc,vipul.gupta.
Modified files: bltest/blapitest.c certutil/certutil.c
 2006-02-22 22:15:57 +00:00
christophe.ravel.bugs%sun.com 178bda1252 Change NSS version to 3.12 Beta on the tip. 2006-02-22 21:22:54 +00:00
wtchang%redhat.com 8c8a6af5ea Bugzilla Bug 326754: the previous checkin made us fail the NIST DSA PQGGen 
test for [mod = 768] only.  Backed out the more likely culprit.
 2006-02-22 02:12:09 +00:00
wtchang%redhat.com c449f54be3 Bugzilla Bug 327529: unnamed arguments (third and after) for CERT_CreateRDN 
must have the correct CERTAVA * type because compilers can't do automatic
type conversions. r=nelsonb,jpierre.
Modified files: alg1485.c secname.c
 2006-02-20 23:06:55 +00:00
wtchang%redhat.com 97a5c30a94 Renamed DSA_TEST_SEED_BYTES to PQG_TEST_SEED_BYTES. 2006-02-18 02:39:12 +00:00
wtchang%redhat.com 0c104c2ece Bugzilla Bug 327384: fixed an off-by-one error in the size of the 'genenc' 
array.  The patch is contributed by Andreas Sterbenz
<Andreas.Sterbenz@sun.com>. r=wtc,nelsonb
 2006-02-16 22:33:13 +00:00
glen.beasley%sun.com 1dd17278e7 fix by wan-teh for RSA siggen tests r=glen 2006-02-16 01:50:55 +00:00
wtchang%redhat.com 6e65720ba6 Bugzilla Bug 318967: use 160-bit SEED when generating DSA domain parameters 
(PQG).  Removed unused keySizeIndex variables. Handle the return value and
result output parameter of PQG_VerifyParams separately. Pad H with leading
0's when printing. r=glen.beasley.
 2006-02-16 01:28:35 +00:00
julien.pierre.bugs%sun.com a4db2be2c9 Fix for bug 321765. Allow NSS to decode certs with unsupported critical extensions. r=wtchang,nelson,rrelyea. 2006-02-16 00:06:24 +00:00
alexei.volkov.bugs%sun.com e393d91fcb [Bug 326963] Interoperability test with apache/mod_ssl: tstclnt 
produces: assertion failure: secmod_PrivateModuleCount == 0; r=nelson, sr=julie
n
 2006-02-15 22:22:32 +00:00
wtchang%redhat.com ac55eec5a2 Bugzilla Bug 318962: fixed signed/unsigned comparison warnings by MSVC. 
r=glen.beasley.
 2006-02-15 19:14:09 +00:00
wtchang%redhat.com 4b0281cf28 Bugzilla Bug 318968: more ECDSA test cleanup. Do not zeroize when freezing 
ECParams' arenas.  Use EC_CopyParams to copy ECParams to an EC public key
and allocate the public key's value from the same arena. r=glen.beasley.
 2006-02-15 19:06:51 +00:00
wtchang%redhat.com c0887f9e1d Bugzilla Bug 326754: fixed two minor bugs related to the h parameter in 
PQG parameter generation. r=nelsonb,glen.beasley.
 2006-02-14 03:04:57 +00:00
wtchang%redhat.com b19b5965a5 Bugzilla Bug 326144: need to zeroize a SECItem that contains a copy of the 
secret key. r=relyea,jpierre.
 2006-02-14 02:55:09 +00:00
wtchang%redhat.com cfe8a9f253 Bugzilla bug 326751: CKR_SIGNATURE_INVALID is a much better default error 
code for NSC_VerifyRecover than CKR_DEVICE_ERROR is. r=relyea.
 2006-02-11 02:03:25 +00:00
glen.beasley%sun.com 7f3ba76b70 318970 RSA sigver test fix r=wan-teh 2006-02-10 23:27:38 +00:00
rrelyea%redhat.com 1f4cae4de9 Bugzilla Bug 326482 NSS ECC performance problems. 
Patch by Nelson, r=relyea.

Save the public key when we create the keypair so we can use it later.
 2006-02-10 19:39:53 +00:00
rrelyea%redhat.com 57d9010865 Bugzilla Bug 326482 NSS ECC performance problems. 
r=nelsonb
Fix bug where ECC keys were not being copied on server startup
 2006-02-10 18:54:58 +00:00
neil.williams%sun.com fd25589676 Bug 325657, r=Nelson,Wan-Teh, Unset ECL_USE_FP INT Solaris SPARC freebl 2006-02-10 04:38:05 +00:00
rrelyea%redhat.com 2cf33676b0 Bug 320187 NSC_WrapKey called with null output returns short length 
r=nelsonb
 2006-02-09 19:54:22 +00:00
neil.williams%sun.com 8719a5f375 Bug #325682, Adds -Wl,-rpath to link step for Linux distributions 
r=Nelson, sr=Wan-Teh
 2006-02-09 00:12:17 +00:00
rrelyea%redhat.com 2c3bfd1312 Bug 320583 Support for SHA256/384/512 with ECC signing 2006-02-08 06:14:31 +00:00
julien.pierre.bugs%sun.com af4804d7ef Fix for bug 326144 . softoken leaks in nsc_pbe_key_gen. r=nelson, rrelyea 2006-02-07 00:43:31 +00:00
wtchang%redhat.com eb3a64e821 Bugzilla Bug 318967: fixed compiler warnings, most of which were char * 
and unsigned char * mismatches. r=glen.beasley.
 2006-02-04 06:39:44 +00:00
kaie%kuix.de 58262b951b Fix build bustage, change // comment to /* */ 2006-02-03 20:22:52 +00:00
kaie%kuix.de 3aa755acfa bug 152426, delegation of HTTP download for OCSP 
r=julien.pierre, r=rrelyea
 2006-02-03 18:14:49 +00:00
neil.williams%sun.com d55302f3a8 bug 245518 r=nelson, fix for p12 files encoded with null PWs 2006-02-02 20:26:03 +00:00
nelson%bolyard.com 564cb27d28 Work around bug 292285: don't encode x400 addresses, don't print CRL contents 
r=julien.pierre
 2006-02-02 07:56:19 +00:00
wtchang%redhat.com b8088299c2 Allow CKM_ECDSA_SHA1 to be multipart. Bug 325494. 
Patch contributed by Andreas Sterbenz <Andreas.Sterbenz@sun.com>
r=nelsonb,relyea,wtc.
 2006-02-02 07:21:56 +00:00
alexei.volkov.bugs%sun.com ff1923a307 [Bug 325307] infinite loop in SECU_FindCrlIssuer. r=julien 2006-02-02 02:45:02 +00:00
alexei.volkov.bugs%sun.com fa47026f19 [Bug 324878] crlutil -L outputs false CRL names. r=julien 2006-02-02 02:35:07 +00:00
alexei.volkov.bugs%sun.com 22c94ce3da 325305: minor memory leak in CERT_FindCertByNameString. r=wtc 2006-02-02 00:57:54 +00:00
wtchang%redhat.com db3d31ac92 Bugzilla Bug 318966: implemented the tests for the NIST RNG Validation 
System.  r=glen.beasley.
Modified file: fipstest.c
Added file: rng.sh
 2006-02-01 21:28:25 +00:00
wtchang%redhat.com c20388e588 Bugzilla Bug 318966: added two RNG functions FIPS186Change_GenerateX and 
FIPS186Change_ReduceModQForDSA to blapi.h for the NIST RNG Validation
System. r=relyea,nelsonb.
Modified files: blapi.h ldvector.c loader.c loader.h prng_fips1861.c
 2006-02-01 21:18:44 +00:00
rrelyea%redhat.com 3ebd845ca9 Bug 319619 "large" ECC private keys cannot be exported through PKCS #11 
1) Change the export encrypted private key function to ask the token the wrap
size rather than trying to figure it out ourselves.

2) Fix the soften to correctly return the size.


r=wtc, nelsonb
 2006-02-01 16:43:47 +00:00
glen.beasley%sun.com decb139ec2 318970 RSA FIPS tests r=wan-teh sr=bobRelyea 2006-01-31 00:49:40 +00:00
glen.beasley%sun.com 46b88044bc 318970 RSA FIPS tests r=wan-teh sr=bobRelyea 2006-01-31 00:49:02 +00:00
glen.beasley%sun.com b4358c2729 318970 RSA FIPS Alg Tests r=wan-teh, sr=bRelyea 2006-01-30 19:58:52 +00:00
nelsonb%netscape.com 2071d2bc7b Fix broken build, caused by c++ style comment in c code. 2006-01-28 02:38:07 +00:00
nelsonb%netscape.com ddca75b829 Set SSL2 and SSL3 timeout times properly for SSL server session cache. 
Bug 223242. r=jullien.pierre
 2006-01-28 02:21:31 +00:00
glen.beasley%sun.com bb11f0b846 328967 DSA FIPS tests r=Wan-Teh 2006-01-27 18:53:07 +00:00
wtchang%redhat.com b1f1c414d0 Removed a blank line that broke the ssl_stress function in ecssl.sh, which 
cannot handle blank lines.
 2006-01-27 18:44:13 +00:00
wtchang%redhat.com d2bce3f900 Bugzilla Bug 320589: temporary workaround for SEC_SignData ECDSA signature 
generation bug introduced by the previous checkin.
 2006-01-26 23:51:42 +00:00
wtchang%redhat.com 55e2995224 Removed an extraneous semicolon after the last parameter in a function 
declaration.
 2006-01-26 23:21:39 +00:00
nelsonb%netscape.com 6f9d05f035 Remove unnecessary ISALIST test from sparc versions of freebl DSOs. 
Bug 302658. r=jullien.pierre,wtchang
 2006-01-22 08:43:57 +00:00
nelsonb%netscape.com 6a41641124 Make dbck Debug mode work with Softoken. Bug 323570. r=rrelyea. 2006-01-22 06:54:34 +00:00
nelsonb%netscape.com 944db2b329 Don't use variables as structure initializers. Bug 274512. Fix build 
on HPUX.  r=julien.pierre,wtchang
 2006-01-22 06:42:14 +00:00
nelsonb%netscape.com 06c2abf1fa Detect certdb reference leaks at shutdown with assertions. Bug 324103. 
r=rrelyea.
 2006-01-22 06:36:36 +00:00
wtchang%redhat.com d6b2459e61 Bugzilla Bug 323977: use the "mapfile" (ld version script) on FreeBSD. 
Build the freebl shared libraries with the -Bsymbolic flag for GNU ld.
r=nelsonb.  Thanks to Glenn Randers-Pehrson <glennrp@imagemagick.org> for
reporting this bug and verifying these changes.
Modified files: coreconf/FreeBSD.mk nss/lib/freebl/Makefile
 2006-01-21 02:33:33 +00:00
nelsonb%netscape.com 9633334de2 Plug a cert DB reference leak in softoken, related to trust objects. 
Bug 324103, r=rrelyea
 2006-01-21 02:23:42 +00:00
wtchang%redhat.com f116200e1d Bugzilla Bug 320589: miscellaneous code cleanup: distinguish between the 
length of the field size and the length of the base point order.  Report
better error codes.  In ECDSA_VerifyDigest, removed unnecessary local
variables and be lenient in the signature lengths we accept.
r=relyea,nelsonb
 2006-01-21 02:14:46 +00:00
julien.pierre.bugs%sun.com 1477ed4b30 Fix for bug 317856 . uninitialized variable correction. r=wtchang 2006-01-20 22:55:15 +00:00
nelsonb%netscape.com 6f9e66cf05 Detect NULL server key pair pointer. Bug 321161. r=wtchang. 2006-01-20 17:40:21 +00:00
julien.pierre.bugs%sun.com 91408cf272 Fix for bug 317856 . compiler warnings in strsclnt 2006-01-20 00:43:23 +00:00
rrelyea%redhat.com 26731456ca Bugzilla Bug 95323. Conditionally compile nsscapi. 
r=julien
 2006-01-19 19:55:28 +00:00
nelsonb%netscape.com 58862edcbf change QA test order to be bottom-up. Bug 309412. r=jullien.pierre 2006-01-19 11:59:56 +00:00
nelsonb%netscape.com e521b0a741 Back out last change, which broke the build. 2006-01-19 02:34:12 +00:00
nelsonb%netscape.com a3089c6a9d Prevent crash when making new cert8.db from old cert5.db. 
This is not the final solution, but it works.
Bug 320029. r=rrelyea,sr=julien.pierre.  On TRUNK.
 2006-01-19 02:16:30 +00:00
nelsonb%netscape.com f32a4d3f27 Add new function nsslowcert_DecodeAnyDBEntry. Correct the union 
certDBEntry by adding the missing members. Bug 323570. r=rrelyea.
 2006-01-19 02:09:37 +00:00
nelsonb%netscape.com 446a084b09 Softoken will no longer generate excessive key material for some SSL3 
cipher suites.  Bug 274512. r=rrelyea.
 2006-01-19 01:12:53 +00:00
wtchang%redhat.com d27a2d48d9 Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and 
PR_EmulateSendFile added in NSPR 4.1.  r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c
 2006-01-18 23:06:57 +00:00
julien.pierre.bugs%sun.com 0e9451eaef Fix for bug 319495 . Clean up Makefiles for command-line tools. r=nelson 2006-01-18 22:44:39 +00:00
wtchang%redhat.com ce5e5d7682 Bugzilla Bug 323379: need to set ADDON_PATH for libsoftokn3.so to load 
libfreebl3.so as an add-on on BeOS.  Thanks to Doug Shelton
<doug@sheltonfamily.org>for reporting the bug and verifying the fix.
r=christophe.ravel.
 2006-01-18 20:56:28 +00:00
rrelyea%redhat.com f822c8f7d0 NSS ECDSA can only sign SHA-1 bug 320583 
r=nelson patch ammended to change SHA-1 to HASH per wtc comment.
 2006-01-17 00:38:59 +00:00
wtchang%redhat.com 143f08953f Bugzilla Bug 320497: indicate that we don't need an executable stack. 
r=wolfgang.rosenauer,jpierre.
Modified files: arcfour-amd64-gas.s mpi/mpi_amd64_gas.s
 2006-01-13 17:33:10 +00:00
alexei.volkov.bugs%sun.com 909bcd2da3 HP and AIX cert extension tests failure fix. 2006-01-13 07:59:31 +00:00
wtchang%redhat.com cdf90d5eb6 Bugzilla Bug 323079: when libsoftoken and libssl load the freebl library, 
first try without resolving symlinks.  If we fail to load the library and
the pathname is a symbolic link, resolve the symbolic link and try again.
r=jpierre. sr=relyea.
 2006-01-12 23:46:31 +00:00
alexei.volkov.bugs%sun.com d5a3092f79 cert extension test for 53229: certutil should not use gets(). julien:review+ 2006-01-12 01:09:03 +00:00
wtchang%redhat.com 0d90a194f0 Bugzilla Bug 318968: fixed the build error with NSS_ENABLE_ECC unset. 
Modified files: Makefile fipstest.c
 2006-01-05 21:49:05 +00:00
julien.pierre.bugs%sun.com fb899e04af Fix the build busted by checkin for bug 318968 2005-12-23 03:14:36 +00:00
wtchang%redhat.com d8c1021594 Bugzilla Bug 318968: added FIPS ECDSA algorithm test. r=glen.beasley. 
Modified file: fipstest.c
Added file: ecdsa.sh
 2005-12-22 22:22:17 +00:00
wtchang%redhat.com e681f06b4a Bugzilla Bug 318962: combined a PORT_Realloc and a memset call into an 
equivalent PORT_ZAlloc call.  r=glen.beasley.
 2005-12-22 22:19:03 +00:00
wtchang%redhat.com cb01eaf34d Bugzilla bug 318962: it is legal for PORT_Realloc(oldptr, 0) to return 
NULL, so that shouldn't be treated as a memory allocation failure.
 2005-12-22 01:39:17 +00:00
glen.beasley%sun.com 784abb2c93 318958 fixing c++/java comment to C 2005-12-21 00:29:44 +00:00
glen.beasley%sun.com 03bbc006b5 318958 fixing Monte Carlo test r=Wan-Teh 2005-12-21 00:13:52 +00:00
glen.beasley%sun.com 3ce12eeea4 318962 buffer fix for SHA Monte Carlo tests r=wan-teh 2005-12-20 18:20:50 +00:00
wtchang%redhat.com 3b577f224d Bugzilla Bug 317052: removed the obsolete file lib/base/whatnspr.c from 
CVS.  r=relyea.
Modified Files:
	base.h error.c manifest.mn
Removed Files:
	whatnspr.c
 2005-12-19 17:53:28 +00:00
wtchang%redhat.com 165d7b9185 Bugzilla Bug 272484: code cleanup. keythi.h: remove the unused type 
definition of SEC_PKCS5KeyAndPassword.  p12d.c: We only need to set
p12dcx->currentASafeP7Dcx to NULL if it isn't NULL.  r=relyea.
Modified Files: cryptohi/keythi.h pkcs12/p12d.c
 2005-12-19 17:46:30 +00:00
nelsonb%netscape.com 8888626b36 Fix build. Remove c++ style declaration of loop control variables. 2005-12-17 01:03:12 +00:00
glen.beasley%sun.com f39056f8e1 318964 implement HMAC algorithm tests for FIPS 140-2 validation r=Wan-teh 2005-12-16 16:57:49 +00:00
rrelyea%redhat.com 4961f4ed28 Mac fixes to ckfw. 2005-12-16 01:57:41 +00:00
rrelyea%redhat.com ec7b991d91 Add support for the cryptoki crypto functions. This support is necessary for 
capi and mackey. r=kaie
 2005-12-16 00:48:02 +00:00
glen.beasley%sun.com db00345d74 318962 Added FIPS 140-2 SHA tests and removed FIPS 140-1 SHA tests r=wan-teh 2005-12-15 18:50:52 +00:00
glen.beasley%sun.com e14803c6ab 318962 Added FIPS 140-2 SHA tests and removed FIPS 140-1 SHA tests r=wan-teh 2005-12-15 18:47:20 +00:00
wtchang%redhat.com cfdbc102fe Bugzilla Bug 320047: mp_to_unsigned/signed/fixlen_octets copies nothing to 
the buffer if the mp_int is zero. r=nelsonb.
 2005-12-14 02:18:35 +00:00
wtchang%redhat.com fff23fc797 Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12 
plus upcoming revisions.  The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
	lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
	lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
	tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
	tests/ssl/ssl.sh
 2005-12-14 01:49:40 +00:00
glen.beasley%sun.com ae4c8fde88 318958 removal of DES and Triple DES 140-1 code r=wan-teh 2005-12-14 01:19:11 +00:00
wtchang%redhat.com d1a203a963 Bugzilla Bug 320038: ecl/ecl-curve.h: removed unnecessary leading zero byte 
in the base point orders of curves K-233 and K-409.  ec.c: pad the private
key with leading zeros to the length of the base point order.
r=douglas.steblia.
 2005-12-13 22:31:34 +00:00
glen.beasley%sun.com b6c6d7d561 318958 TDEA algorithm tests for FIPS 140-2 2005-12-09 16:55:53 +00:00
relyea%netscape.com 4092a7d72e Initialize mpi data using mpi macros, not static data bug 319252 
r=douglas
 2005-12-08 23:22:26 +00:00
alexei.volkov.bugs%sun.com 8939047c97 305028: make pretty print utility print hex data in case when data type was not recognized; rw+nelson 2005-12-05 23:09:38 +00:00
relyea%netscape.com 77cb1d9d48 Bug 316925 
Key export does not work on tokens with non-sensitive keys that can't wrap.
r=kaie
 2005-11-24 00:40:14 +00:00
relyea%netscape.com 38154c250e Bug 129303 
NSS needs to expose interfaces to deal with multiple token sources of certs.

r=kaie
 2005-11-23 23:56:38 +00:00
relyea%netscape.com 4b7f9f6804 Bug 129303 NSS needs to expose interfaces to deal with multiple token sources of certs 
r=kaie
 2005-11-23 23:54:15 +00:00
relyea%netscape.com cdcebb8e7e PKCS #11 module to supply Access to the Mac OS X Keychain. 2005-11-23 23:04:08 +00:00
nelsonb%netscape.com b64584ad16 Fix bug in MP_ALIGN macro that always truncated pointers to 32-bits, 
even on 64-bin platforms.  Bug 298630. r=rrelyea.
 2005-11-23 01:12:34 +00:00
relyea%netscape.com 2537abf9f5 Weave patch: bug 298630 r=nelson 2005-11-22 07:16:43 +00:00
nelsonb%netscape.com ac287b2f5a Begin building mpcpucache.c. On Sun Studio platforms, build from two 
new .s files.  Bug 298630. r=rrelyea.
 2005-11-22 07:13:32 +00:00
christophe.ravel.bugs%sun.com 0750e1e7ef Turn NSS_BETA off for NSS 3.11 RC2. 
r+ Julien Pierre.
 2005-11-22 01:58:35 +00:00
christophe.ravel.bugs%sun.com dc5fae9e7c Back to BETA flag on the trunk. 
r+ Julien Pierre
 2005-11-21 18:46:12 +00:00
christophe.ravel.bugs%sun.com 46f08a0c89 Turn NSS_BETA to FALSE for NSS 3.11 RC. 
r+: Julien Pierre.
 2005-11-21 04:08:44 +00:00
alexei.volkov.bugs%sun.com 1f95dbe302 53229: certutil should not use gets(); 
julien rv+; wan-teh sr+
 2005-11-20 01:46:59 +00:00
christophe.ravel.bugs%sun.com 9e6573e0d5 238319: Sun packages changes. 
RPM_RELEASE can be set from the command line.
 2005-11-18 21:52:41 +00:00
nelsonb%netscape.com 94fdf98965 Initialize slot pointer in ssl3_HandleServerHello. Bug 311590. r=wtchang 2005-11-18 01:25:20 +00:00
nelsonb%netscape.com 719073fb14 Restore binary compatilibity for old Fortezza cipher suites. 
Bug 316640. r-glen.beasley
 2005-11-18 01:21:22 +00:00
wtchang%redhat.com c0f9d272c7 Bugzilla Bug 292427: on Windows, search in $(DIST)/lib before $(DIST)/bin 
because in a Mozilla build $(DIST)/bin may contain old copies of the NSS
DLLs. r=relyea,jpierre.
 2005-11-16 02:17:36 +00:00
relyea%netscape.com a8e0c27896 Handle nicknames on certificates. 
Fix bug where we weren't allocating enough space for wchar (wide, utf16, etc).
strings in ckcapi_UTF8ToWide().
 2005-11-16 01:17:25 +00:00
neil.williams%sun.com 15d70374a3 Bug 315135, pk12util -w <non-existent pwfile> causes seg fault. 
r=nelson
 2005-11-16 00:59:18 +00:00
nelsonb%netscape.com f3033246a0 Eliminate leak and heap buffer overrun. Bug 315994. r=julien, sr=rrelyea 2005-11-15 23:40:18 +00:00
julien.pierre.bugs%sun.com 77223c1981 fix for bug 316446 . -z defs option was included twice in linker line . r=nelson 2005-11-15 19:01:18 +00:00
wtchang%redhat.com 32d9fe89fe Bugzilla Bug 312202: use the _32 tag in 32-bit HP-UX IPF builds. Use the 
$ORIGIN linker keyword when building shared libraries and executable
programs on HP-UX IPF. r=nelsonb.
Modified Files: coreconf/HP-UX.mk nss/cmd/platlibs.mk
 2005-11-15 18:19:18 +00:00
relyea%netscape.com 89daf52413 New pk11util scripts. 2005-11-15 01:53:44 +00:00
relyea%netscape.com 868598f26a Add loops, conditionals and simple math. 2005-11-15 01:49:01 +00:00
julien.pierre.bugs%sun.com 59d85a9b9a Fix for bug 232604. don't open DBs in user's directory in shlibsign. r=nelson 2005-11-15 00:34:39 +00:00
relyea%netscape.com af1573d374 Add r/w support. The Capi token can now: 
Import certs and keys.
  Delete certs and keys.
 2005-11-15 00:13:58 +00:00
julien.pierre.bugs%sun.com ef1384c27b Fix for bug 316250. crmftest doesn't build on OS/2. Add LIB_PREFIX . 2005-11-14 00:17:21 +00:00
julien.pierre.bugs%sun.com f82a46ec10 Fix for bug 316219. Don't build an import library on OS/2. r=wtchang 2005-11-14 00:13:41 +00:00
julien.pierre.bugs%sun.com 4f35393d59 Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson 2005-11-12 00:14:25 +00:00
julien.pierre.bugs%sun.com c5d6929c9f Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson 2005-11-11 23:36:33 +00:00
julien.pierre.bugs%sun.com 7c97b65b2b Fix for bug 315033 . Remove dead command-line tool sources. r=nelson 2005-11-11 04:02:16 +00:00
julien.pierre.bugs%sun.com f0de63d8ed Fix for 292156. Prevent crash in SSL session cache init if invalid arguments are passed. r=nelson 2005-11-11 02:45:59 +00:00
julien.pierre.bugs%sun.com e5fca3df1d Fix for bug 292156. Add -C SSLCacheEntries option to selfserv. r=nelson 2005-11-11 02:44:56 +00:00
julien.pierre.bugs%sun.com 15a23c7092 Fix for 166727 . certutil should not call CERT_GetDBContentVersion. r=nelson 2005-11-10 21:18:26 +00:00
julien.pierre.bugs%sun.com f98d49a913 Remove dead config.mk files for modutil and ssltap. Fix for 294720. r=nelson 2005-11-10 03:00:05 +00:00
julien.pierre.bugs%sun.com 7e9a679a65 Resolve symlinks when loader freebl shared libs, and limit iterations to 20. r=wtchang 2005-11-10 02:18:22 +00:00
wtchang%redhat.com 560f560f03 Bugzilla Bug 311432: renamed USE_FP_CODE as ECL_USE_FP. Do not set 
ECL_USE_FP to 1 on Linux x86 to work around the bug.  Moved a dependency
rule to the appropriate section of the makefile. r=nelsonb.
 2005-11-08 22:03:17 +00:00
wtchang%redhat.com 4c003bfe53 Improved a comment. Suggested by Nelson Bolyard of Sun. r=wtc. 2005-11-08 22:00:46 +00:00
alexei.volkov.bugs%sun.com 71d67849a3 fix for 313680: add missing TLS cipher types to SSLTAP. r=nelson 2005-11-07 23:54:33 +00:00
christophe.ravel.bugs%sun.com e748b37142 238319: Sun packages changes 
Set rpm release to 2 for NSS 3.11
 2005-11-07 20:20:10 +00:00
wtchang%redhat.com ff785bd766 Bugzilla Bug 298522: added power-up self tests for HMAC SHA-384 and HMAC 
SHA-512.  The patch was written by Glen Beasley of Sun. r=wtc.
 2005-11-07 19:05:45 +00:00
wtchang%redhat.com 4029572119 Bugzilla bug 313196: include the minimal headers. 2005-11-07 19:00:58 +00:00
wtchang%redhat.com 126f513f21 Bugzilla Bug 313196: checked in a header inclusion change that I missed in 
the previous checkin.
 2005-11-07 18:48:39 +00:00
wtchang%redhat.com 1714be323f Bugzilla Bug 313196: HMAC code should not use a fixed hash input block size 
of 64 bytes, which is wrong for SHA-384 and SHA-512.  This requires adding
the hash input block size to the SECHashObject structure. r=relyea,nelsonb
Modified Files:
	cryptohi/hasht.h cryptohi/sechash.c freebl/alghmac.c
	freebl/blapit.h freebl/rawhash.c
 2005-11-07 18:44:21 +00:00
wtchang%redhat.com d576bf2833 Replaced the magic constant 20 by SHA1_LENGTH. Use sizeof(buffer) to 
be more robust. r=nelsonb
 2005-11-05 01:00:14 +00:00
relyea%netscape.com ce75b22933 replace missing header files. 2005-11-04 23:44:19 +00:00
wtchang%redhat.com 1ce181b01e Bugzilla Bug 311958: Update the nssckbi versions for NSS 3.11. r=relyea. 2005-11-04 22:51:55 +00:00
julien.pierre.bugs%sun.com 799adefa45 Move ret_cr16.s from util to freebl. r=nelsonb 2005-11-04 04:11:04 +00:00
relyea%netscape.com 3597080dab Initial CAPI PKCS #11 Module. 
Needs the updated ckfw.
 2005-11-04 02:05:04 +00:00
wtchang%redhat.com 898c89fc45 Bugzilla Bug 298512: Ensure the seed and seed key input for RNG do not have 
same value for FIPS 140-2. r=nelsonb.
 2005-11-04 01:07:30 +00:00
julien.pierre.bugs%sun.com bd999cb1b2 Remove nmake Makefiles and references to them. r=nelson 2005-11-04 01:01:37 +00:00
julien.pierre.bugs%sun.com 4fb160cf44 Remove dead files. r=wtchang 2005-11-04 00:48:41 +00:00
julien.pierre.bugs%sun.com da619f8dec Fix for 314115 . Comments about QuickDER and classic ASN.1 decoders relating to SECItem.type field 2005-10-31 18:52:20 +00:00
julien.pierre.bugs%sun.com 3e221bfb46 Fix for 314115 - QuickDER modifies SECItem.type while decoding. r=wtchang 2005-10-31 18:34:42 +00:00
wtchang%redhat.com 8732358f93 Bugzilla bug 239960: cvs removed cmd/swfort. r=relyea. 2005-10-27 22:49:22 +00:00
wtchang%redhat.com 8e70cf6f2e Bugzilla bug 298522: added power-up self tests for HMAC SHA-1 and HMAC 
SHA-256.  The patch is contributed by Glen Beasley of Sun. r=wtc.
 2005-10-20 21:46:51 +00:00
wtchang%redhat.com 5d658b3517 Build fipstest. 2005-10-19 01:14:20 +00:00
julien.pierre.bugs%sun.com c3b3a7e2c1 Add dependency on freebl so ssl will rebuild if freebl has changed. 2005-10-19 01:04:16 +00:00
julien.pierre.bugs%sun.com 4c37a26617 Add dependency on freebl so softoken will rebuild if freebl has changed. 2005-10-19 01:03:31 +00:00
wtchang%redhat.com cc8b26183b Added a shell script for running the NIST AES Algorithm Validation Suite. 2005-10-19 00:55:20 +00:00
wtchang%redhat.com d2dee7d603 Bugzilla Bug 312395: Added FIPS AES Known Answer Test, Multi-block Message 
Test, and Monte Carlo Test in ECB and CBC modes.  Also changed the types
of some variables from int to unsigned int to fix compiler warnings about
signed/unsigned comparisons.
 2005-10-14 20:04:39 +00:00
wtchang%redhat.com e58492ea00 Bugzilla bug 311440: ssl3_ConsumeHandshakeVariable now longer returns a 
SECItem pointing to memory allocated with PORT_Alloc, so we don't need to
use PORT_Free to free the SECItem's buffer.  r=nelsonb.
 2005-10-14 16:48:58 +00:00
wtchang%redhat.com b957c8d0a7 Bugzilla Bug 312202: checked in HP-UX IPF (Itanium) porting changes 
contributed by Grace Lu of HP.  Use the .so suffix for shared libraries
on HP-UX IPF.  Support building on HP-UX B.11.23. r=wtc.
Modified Files:
	coreconf/HP-UX.mk nss/lib/nss/nssinit.c
Added Files:
	coreconf/HP-UXB.11.23.mk
 2005-10-12 19:04:13 +00:00
wtchang%redhat.com 2193d926c7 Bugzilla Bug 302998: disallow x=0,1 and k=0. r=nelsonb. 2005-10-12 00:48:25 +00:00
neil.williams%sun.com 8657972540 CBug 290263, patch CERT_CreateCertificateRequest for doing extensions 
r=bob
`VS: ----------------------------------------------------------------------
 2005-10-12 00:10:17 +00:00
relyea%netscape.com f8422acc69 Attempt to fix HPUX test failures. 
Bug 311279 crmftest core dumps on HP-UX
(verbal) r=wtc
 2005-10-08 00:57:31 +00:00
wtchang%redhat.com 491b4ef092 Bugzilla Bug 304360: generate ECC key with private key value less than the 
group order using a combination of ANSI X9.62 A.4.1 and FIPS 186-2 Change
Notice 1.  Also changed structure of EC key generation functions to match
the scheme used in dsa.c.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca> of Sun Labs. r=wtc.
 2005-10-06 23:16:20 +00:00
wtchang%redhat.com 81299cbc68 Bugzilla Bug 257693: set the correct error code in EC_ValidatePublicKey. 
Documented the return values of ECPoint_validate.  Have the tests compare
the return value of ECPoint_validate with MP_NO for negative test cases.
r=doublas.stebila.
Modified Files:
	ec.c ecl/ecl.h ecl/tests/ec2_test.c ecl/tests/ecp_test.c
 2005-10-06 21:42:55 +00:00
wtchang%redhat.com d420dda744 Bugzilla bug 259135: fixed build breakage. In C, declarations must precede 
code.
 2005-10-05 22:03:14 +00:00
wtchang%redhat.com 002c9cc505 Bugzilla bug 259135: minor comment fix. 2005-10-05 17:58:01 +00:00
glen.beasley%sun.com 814a61d561 259135 added SHA 256,384,512 and AES powerupself tests sr=Wan-Teh 2005-10-05 16:31:01 +00:00
relyea%netscape.com b0d1e52691 Back out non-reviewed strictly white space change in pk11sdr.c 2005-10-04 01:11:01 +00:00
wtchang%redhat.com 1a02e7736f Made the test compile and link without errors. 2005-10-04 00:46:50 +00:00
wtchang%redhat.com 775508c3c2 Fixed test file line endings. This file must be considered part of the 
NSS module because it needs the private NSS header blapi.h.
 2005-10-04 00:35:51 +00:00
wtchang%redhat.com 3fad97d84a Fixed test file line endings. 2005-10-04 00:28:55 +00:00
wtchang%redhat.com 058312eaa6 Bugzilla bug 310518: map CKR_PIN_INVALID and CKR_PIN_LEN_RANGE to 
SEC_ERROR_INVALID_PASSWORD instead of SEC_ERROR_BAD_PASSWORD. r=relyea.
 2005-10-03 22:41:45 +00:00
relyea%netscape.com 2fcee3f720 remove depricated mechanisms so pk11table continues to build. 2005-10-03 22:19:43 +00:00
relyea%netscape.com 5c3685a18e Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 3 of 3]
 2005-10-03 22:01:57 +00:00
relyea%netscape.com 0cefb4acd8 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 2 of 3]
 2005-10-03 22:00:22 +00:00
relyea%netscape.com 0223a07982 This change was not part of bug 272484 and has not been reviewed. 
Back it out.
 2005-10-03 21:58:24 +00:00
relyea%netscape.com 53f4189369 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)

This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.

r=wtc
 2005-10-03 21:55:29 +00:00
wtchang%redhat.com 5d52123474 Bugzilla Bug 294106: removed an assertion that's no longer necessary. 
Added buffer length error checking to back up an assertion. r=nelsonb.
 2005-09-30 22:01:46 +00:00
relyea%netscape.com bb7e1cb9f9 Bugzilla Bug 244922 ASN.1 encoder outputs trash for optional may-stream subtemplate 
r=nelson (original patch by nelson, modifications by me).
 2005-09-30 19:22:48 +00:00
relyea%netscape.com b354997d97 Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
wtc's review r=wtc
 2005-09-29 23:44:39 +00:00
wtchang%redhat.com 5c38b2d572 Bugzilla Bug 294106: dsa.c: use const in the function prototype of 
DSA_GenerateGlobalRandomBytes.  prng_fips1861.c: implemented Algorithm 1
of FIPS 186-2 Change Notice 1 and increased the size (b) of the RNG's
seed-key from 160 bits to 256 bits. r=relyea,nelsonb.
 2005-09-29 23:22:53 +00:00
relyea%netscape.com 952e8e8f45 Tests won't pass if we don't build crmftest 2005-09-29 22:01:52 +00:00
relyea%netscape.com f07ca5cfef Bug 308887 CRMF request generation problem when using latest firefox 
Add crmf tests to the test suite.
 2005-09-29 21:36:42 +00:00
relyea%netscape.com 9c9cecb9d7 Bugzilla Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
r=nelson

This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
 2005-09-29 21:00:58 +00:00
wtchang%redhat.com fc511c7607 Bug 271317, remove the old fortezza code 2005-09-29 18:09:11 +00:00
relyea%netscape.com 93e1f22027 Bugzilla Bug 298630 freebl needs a memory cache invariant RSA implementation. 
r=nelson
 2005-09-29 17:17:09 +00:00
relyea%netscape.com b8917d3493 Add better tests for detached signatures. Actually test the other sha 
variants rather than just say we do. done in the context of bug 30887
r=nelson
 2005-09-29 17:14:19 +00:00
relyea%netscape.com 665d2accd1 Bug 271317, remove the old fortezza code 2005-09-29 00:36:53 +00:00
relyea%netscape.com 8d4f93463a Internal NSS defines shared between softoken and the rest of NSS, but not 
exported.

added as part of bug 305697.
 2005-09-28 23:52:59 +00:00
relyea%netscape.com c4abacd281 Bug 305697 Softoken needs to give on the fly access to additional databases. Part 2, User interface 
r=julien
 2005-09-28 17:17:49 +00:00
relyea%netscape.com e35607b9c4 bug 305697: open additional database on the fly in softoken. part1: softoken changes. 
r=julien
 2005-09-28 17:12:17 +00:00
nelsonb%netscape.com ac626ee74e Avoid NULL ptr deref. Bug 310260. patch by Glen.Beasley. r=nelson. 2005-09-28 07:55:37 +00:00
neil.williams%sun.com 7b415783ba Bug 303508, committing attachment 196965. r=nelson,saul 2005-09-23 02:15:03 +00:00
nelsonb%netscape.com abc6a22d68 Eliminate environment variable SSLNOLOCKS, add environment variable 
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.
 2005-09-23 01:04:32 +00:00
nelsonb%netscape.com facd708671 Don't crash when printing an ASN.1 NULL primitive with a NULL prefix 
string.  Bug 309651. r=wtchang.
 2005-09-22 22:45:32 +00:00
nelsonb%netscape.com d05886f50d Add version info to freebl shared libs for Windows and Unix. bub 303508. 
Modified Files:  config.mk ldvector.c manifest.mn
Added Files:     freebl.rc freeblver.c                 r=wtc.
 2005-09-21 03:01:49 +00:00
nelsonb%netscape.com f12a0e5a63 Replace "fast" and "slow" with fpu and int in loader.c. Also add a 
comment explaining ISA lists.  r=wtc. bug 303508.
 2005-09-21 02:53:25 +00:00
wtchang%redhat.com 73f597f990 Bug 299197: added the comment for PK11_TokenKeyGen back. r=relyea. 2005-09-21 01:32:11 +00:00
wtchang%redhat.com ecdf90d92d Bug 299197: fixed comments. r=relyea. 2005-09-21 01:31:37 +00:00
relyea%netscape.com aa8a2c0490 Only call C_WaitForSlotEvent if the module is PKCS #11 v2.01 or later. 
bug 196811 r=wtc sr=julien
 2005-09-20 20:56:07 +00:00
julien.pierre.bugs%sun.com b8d9f0ef9a Fix for 293686. Check status from SECU_ParseCommandLine. r=nelson 2005-09-20 05:13:01 +00:00
julien.pierre.bugs%sun.com 48b2d654bd Fix for 292390. NSS tools with missing command-line operands cause crash. r=nelson 2005-09-19 20:59:46 +00:00
julien.pierre.bugs%sun.com 7e8884e00e Fix for 293686 . signver has command-line options with optional arguments. r=nelsonb 2005-09-19 20:52:11 +00:00
christophe.ravel.bugs%sun.com 41da874bf6 238319: Sun packages changes. 
Change libfreebl name on Solaris x86 (following changes from Bugzilla 303508).
 2005-09-19 19:12:24 +00:00
wtchang%redhat.com 13f41d4840 Bugzilla bug 303508: a more elegant way to decide when we need to prefix 
LIBRARY_VERSION with '_'. r=nelsonb.
 2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com d42e92ad88 Fix hoarked build from previous checkin. Doh. 2005-09-16 21:28:20 +00:00
wtchang%redhat.com b427dc6efe Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and 
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute.  r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
 2005-09-16 20:37:58 +00:00