mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
351 440 коммитов 615 Ветки 98 Теги 5,9 GiB
Граф коммитов

527 Коммитов

Автор SHA1 Сообщение Дата
relyea%netscape.com 625993f336 Backing out previous checkin. This was a separate unreviewed patch. 2005-08-01 18:26:12 +00:00
relyea%netscape.com b62dc0bebc Bug 298906 crash when accepting new certificate permanently on taschenonkel.de 
r=wtc, sr=nelson
 2005-08-01 18:23:56 +00:00
wtchang%redhat.com 512a35d372 Bugzilla Bug 298514: Moved the FIPS 140-2 pairwise consistency check from 
pk11wrap to softoken because the softoken shared library is our new crypto
module boundary. r=relyea,nelsonb.
Modified files: pk11wrap/pk11akey.c softoken/fipstokn.c softoken/pkcs11c.c
 2005-07-22 22:11:22 +00:00
wtchang%redhat.com ee93d82c69 Bugzilla Bug 298516: fixed problems found by code inspection. r=relyea. 
Modified Files: pk11db.c pkcs11.c
 2005-07-22 00:47:18 +00:00
wtchang%redhat.com 252be2d441 Bugzilla Bug 288647: enable building NSS with an NSPR binary distribution. 
Introduced NSPR_INCLUDE_DIR and NSPR_LIB_DIR make variables. Portions of
the patch were contributed by Chris Seawood <cls@seawood.org>. r=relyea.
Modified Files:
	coreconf/OS2.mk coreconf/OpenVMS.mk coreconf/location.mk
	nss/cmd/platlibs.mk nss/cmd/shlibsign/Makefile
	nss/cmd/shlibsign/sign.cmd nss/cmd/shlibsign/sign.sh
	nss/lib/ckfw/builtins/Makefile
	nss/lib/fortcrypt/swfort/pkcs11/Makefile nss/lib/nss/config.mk
	nss/lib/smime/config.mk nss/lib/softoken/config.mk
	nss/lib/ssl/config.mk
 2005-07-21 23:48:30 +00:00
relyea%netscape.com 2b2395e4a9 Bugzilla Bug 287418: remove redundant memory allocation in DSA and ECDSA sign 
wtchang: review+
julien.pierre.bugs: superreview+
 2005-07-07 20:19:36 +00:00
julien.pierre.bugs%sun.com 0269e27f2d Fix for 297735 . C_Initialize should return CKR_CANT_LOCK . r=wtchang,rrelyea 2005-07-06 22:32:12 +00:00
wtchang%redhat.com 14794607bc Trivial comment fix. 2005-07-05 22:41:33 +00:00
wtchang%redhat.com de7814e763 Bugzilla Bug 298537: replaced hardcoded 3 and 8 with the NSS_VMAJOR and 
NSS_VMINOR macros defined in nss.h. r=relyea,nelsonb.
 2005-06-23 23:41:29 +00:00
relyea%netscape.com f0a85660c4 Arg! This change was supposed to go to a branch, not the tip. back it out now. 
bob
 2005-06-20 23:14:45 +00:00
relyea%netscape.com 6c951345b4 Test multiaccess Databases. This patch causes softoken to Always use the 
multiaccess Database for clients. This is not intended for the final release
 2005-06-20 23:11:25 +00:00
wtchang%redhat.com ecafacb917 Bugzilla Bug 291858: fixed incorrect definitions of the CKM_SHAxxx_HMAC, 
CKM_SHAxxx_HMAC_GENERAL, CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and
CKM_ECMQV_DERIVE macros. r=nelsonb,relyea.
 2005-04-28 16:53:19 +00:00
wtchang%redhat.com 3e92cbf95d Bugzilla Bug 288095: removed unnecessary #include "alghmac.h". alghmac.h 
and pkcs11i.h don't need to be exported to the outside of lib/softoken.
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11pbe.c pkcs12/p12d.c pkcs12/p12e.c
	pkcs12/p12local.c softoken/manifest.mn
 2005-04-15 16:38:46 +00:00
nelsonb%netscape.com e0a7c75322 Don't crash in NSC_CopyObject after failing to copy a token object. 
Bug 289529. r=relyea.
 2005-04-09 00:42:01 +00:00
julien.pierre.bugs%sun.com a2ec53c02b Fix gcc compiler warning 2005-04-05 00:55:55 +00:00
julien.pierre.bugs%sun.com 51bba31171 Fix for 287654 . Check input buffer length for C_Encrypt with RSA . r=nelson 2005-04-04 09:27:42 +00:00
nelsonb%netscape.com aed5390a2d Rename functions that are shared by pk11wrap and softoken from sftk_ to 
secmod_.  Bug 286685. r=relyea.
 2005-04-02 00:46:13 +00:00
nelsonb%netscape.com c03b9d33fe Rename all internal private softoken functions types and symbols from 
PK11 or pk11 prefixes to SFTK or sftk prefixes.  Bug 286685.
r=relyea,wtchang  Modified Files:
 cmd/bltest/blapitest.c lib/pk11wrap/pk11pars.c lib/softoken/dbinit.c
 lib/softoken/dbmshim.c lib/softoken/fipstest.c lib/softoken/fipstokn.c
 lib/softoken/pcertdb.c lib/softoken/pk11db.c lib/softoken/pk11pars.h
 lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h
 lib/softoken/pkcs11u.c lib/softoken/softoken.h lib/softoken/tlsprf.c
 2005-03-29 18:21:18 +00:00
wtchang%redhat.com bbd584b694 Bugzilla Bug 286439: Removed PKCS11_USE_THREADS and PK11_USE_THREADS. 
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11list.c pk11wrap/pk11pars.c pk11wrap/pk11skey.c
	pk11wrap/pk11slot.c pk11wrap/pk11util.c pk11wrap/secmod.h
	pk11wrap/secmodi.h pk11wrap/secmodt.h pk11wrap/secmodti.h
	softoken/pkcs11.c softoken/pkcs11i.h softoken/pkcs11u.c
 2005-03-28 20:45:37 +00:00
wtchang%redhat.com e112b06ae2 Bugzilla Bug 286318: performance optimization: save the result of 
PK11_SESSION_LOCK in a local variable and reuse the result. r=nelsonb.
Modified Files: pkcs11.c pkcs11u.c
 2005-03-16 19:24:45 +00:00
wtchang%redhat.com 733584cdd9 Bugzilla Bug 286298: comment formatting changes only. 
Modified Files: pkcs11i.h pkcs11u.c
 2005-03-16 19:02:04 +00:00
wtchang%redhat.com 08af568746 Bugzilla Bug 286298: removed the PKCS11_STATIC_ATTRIBUTES and 
PKCS11_REF_COUNT_ATTRIBUTES macros, supporting only one of the three
attribute allocation strategies (static allocation). r=jpierre.
Modified Files: pkcs11i.h pkcs11u.c
 2005-03-16 18:48:34 +00:00
julien.pierre.bugs%sun.com c62079e031 Fix for bug 270689 . minor issues remaining with list cleanup and on-the-fly lock creation 2005-03-08 05:52:33 +00:00
wtchang%redhat.com cf7f00183c Bug 236613: fixed the fallout from the change to MPL/LGPL/GPL tri-license. 
Our script for processing the *.def on the Mac cannot handle blank lines.
Modified Files: nssckbi.def nss.def smime.def softokn.def ssl.def
 2005-02-23 19:25:39 +00:00
gerv%gerv.net f45b5900c8 Bug 236613: change to MPL/LGPL/GPL tri-license. 2005-02-02 22:28:27 +00:00
wtchang%redhat.com 4c5ddcd96b Wrap long lines. 2005-01-27 21:33:59 +00:00
wtchang%redhat.com 82b1183c84 Bugzilla Bug 267158: removed the $Name$ RCS keyword from our source files. 
This keyword adds noise to the output of "ident libnss3.so | grep NSS"
on our debug build, and appears to cause spurious CVS conflicts. r=nelsonb.
 2005-01-20 02:25:51 +00:00
wtchang%redhat.com d0724fcd94 Bugzilla Bug 278381: fixed double frees and mismatch of format specifers 
and arguments. The patch is contributed by Tim Ruehsen
<tim.ruehsen@gmx.de>. r=wtc,relyea.
 2005-01-14 18:59:20 +00:00
wtchang%redhat.com ddbea8b6fc Bugzilla bug 273624: fixed the regression (from NSS 3.3.x) that 
NSS_Initialize didn't report the SEC_ERROR_BAD_DATABASE error if
the NSS databases haven't been created.  r=nelsonb,relyea.
Modified Files: pk11wrap/pk11err.c pk11wrap/pk11load.c
                softoken/dbinit.c softoken/pkcs11n.h
 2005-01-04 18:20:00 +00:00
julien.pierre.bugs%sun.com 5ab2c1cd4b Fix for bug 270689 - race condition in softoken list lock creation . r=nelson 2004-12-08 01:13:54 +00:00
julien.pierre.bugs%sun.com 781aca838b Fix for bug 262192 . assert and check attribute ptr 2004-10-24 18:31:27 +00:00
wchang0222%aol.com 8cb927d373 Bugzilla bug 233320: pk11_OpenKeyDB should not return SECFailure (not a 
CK_RV value).  Removed two unnecessary assignment statements.  r=relyea.
 2004-06-11 22:25:13 +00:00
jpierre%netscape.com 909489401d Fix for 178895 - QuickDER optimizations. r=relyea 2004-06-05 00:50:32 +00:00
jpierre%netscape.com 3c9a7eb176 Fix for 244095 - link NSS libraries with -R $ORIGIN on Solaris 2004-05-25 00:13:12 +00:00
ian.mcgreer%sun.com be72ca16c5 bug 180268, reimplement ssl step-up for builtins 2004-05-17 20:08:38 +00:00
wchang0222%aol.com 59319a778c Bugzilla bug 238914: declare namesRunningOffset as unsigned long to avoid 
overflow. Fixed a regression introduced by the previous checkin ('nss' is
allowed to be NULL).  Set slotStrings[i] to NULL after freeing to avoid
double-free. r=relyea,nelsonb.
 2004-04-30 23:41:44 +00:00
gerv%gerv.net 9bd361a285 Bug 236613: change to MPL/LGPL/GPL tri-license. Restore Id: lines. 2004-04-27 23:04:40 +00:00
gerv%gerv.net 3634d4d94b Bug 236613: change to MPL/LGPL/GPL tri-license. 2004-04-25 15:03:26 +00:00
wchang0222%aol.com 76e3cc1538 Bugzilla bug 90906: removed unused variable 'size'. The patch is from 
Serge GAUTHERIE <gautheri@noos.fr>. r=wtc.
 2004-04-21 18:57:51 +00:00
relyea%netscape.com e4ab49876e Fix missing indexes when fetching lengths (get tinderbox working again). 2004-04-07 19:00:08 +00:00
relyea%netscape.com 77bd494c63 Bug 238914. r=wchang sr=misterSSL 
Agressive checks on database data before we actually reference it. This
should prevent crashes because of invalid databases.
 2004-04-07 00:58:58 +00:00
wchang0222%aol.com 91ad07e7f5 Bugzilla bug 123693: improved the fix for this bug. Maintain the 
consistency between the slot hash table and slot list when the
creation of a slot fails. r=relyea,nelsonb.
 2004-02-06 02:04:48 +00:00
nelsonb%netscape.com 3dcf7f696e When an attempt to initialize a slot fails, free up the resources 
right away, rather than waiting until NSS_Shutdown.  Bug 123693.
Second try.  r=relyea.
 2004-01-30 04:15:47 +00:00
nelsonb%netscape.com df07bc6cf4 Back out rev 1.90. It breaks shlibsign. 2004-01-29 23:34:21 +00:00
nelsonb%netscape.com ee55e2e256 Plug leaks. Bug 123693. r=wtc,relyea 2004-01-29 21:18:24 +00:00
relyea%netscape.com 78ce53de23 bug 231698: fix regression in reading SDR data in databases written on 64-bit platforms. 
r=MisterSSL
 2004-01-27 18:31:29 +00:00
wchang0222%aol.com ab1b1d58f9 Bugzilla bug 229289: fixed an unused variable warning. r=relyea. 2004-01-13 01:59:41 +00:00
jpierre%netscape.com 70f0bbf00d Rename CERT_DecodeTimeChoice/CERT_EncodeTimeChoice to DER_DecodeTimeChoice/DER_EncodeTimeChoice 2004-01-07 23:07:24 +00:00
wchang0222%aol.com 11c67b98af Removed unused variable 'attribute'. 2003-12-23 21:21:39 +00:00
wchang0222%aol.com 60cf880826 Include "nsslocks.h" for nss_InitLock. 2003-12-23 02:09:55 +00:00
relyea%netscape.com 6e767fb4eb Make database access to the key db thread safe. 2003-12-19 23:24:48 +00:00
nelsonb%netscape.com 87f5c7ded0 NSC_Finalize will now destroy 3 softoken free lists and one more 
global pointer.  Plugs some memory leaks.  Bugscape bug 54301. r=wtc
 2003-12-06 06:41:51 +00:00
nelsonb%netscape.com d3382c6ffe Remove an overreaching constraing on modulus length. Bug 226285. 
r=relyea  sr=wchang0222
 2003-11-21 22:09:27 +00:00
wchang0222%aol.com 9bc7ce19bb Removed an extraneous character (`) after #endif. 2003-11-15 16:16:33 +00:00
nelsonb%netscape.com b904b47318 Detect empty emailAddr strings in CERTCertificates. Bugzilla bug 211540. 
Modified Files:
    cmd/dbck/dbck.c cmd/signtool/util.c lib/certdb/certdb.c
    lib/certdb/stanpcertdb.c lib/pkcs7/p7decode.c lib/pki/certificate.c
    lib/pki/pki3hack.c lib/smime/cmssiginfo.c lib/softoken/pkcs11u.c
 2003-11-15 00:10:01 +00:00
relyea%netscape.com 12bf9a0f9f Changes for symkey support. 2003-11-14 03:25:52 +00:00
relyea%netscape.com 14c8c093a3 Repair error case for DH code in previous patch. 2003-11-07 16:21:40 +00:00
relyea%netscape.com 8cac9b6d61 Verify Parameters from the user before passing it on to freebl. r=nelson 2003-11-07 03:38:59 +00:00
nelsonb%netscape.com 1ce0f542ee Require DES, DES2 and DES3 keys to have correct length in all cases. 
Expand DES2 keys to be DES3 keys when used with DES3 mechanisms.
Bug 201521.
 2003-10-25 00:12:34 +00:00
relyea%netscape.com e07da99055 221067 NSS needs to be able to create token symkeys from unwrap and derive. 2003-10-18 00:38:04 +00:00
ian.mcgreer%sun.com 5c2c5888f9 ECC code landing. 
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
 2003-10-17 13:45:42 +00:00
nelsonb%netscape.com 886718db18 Correctly handle a NULL moduleSpecList. Bug 220217. 2003-10-11 01:49:24 +00:00
relyea%netscape.com 40c2250bfc Bug 191467 
Multipart signing and verifying broken for several mechanisms in softoken
Reporter:   	Andreas.Sterbenz@sun.com (Andreas Sterbenz)
sr=nelsonb
 2003-10-10 15:32:26 +00:00
jpierre%netscape.com 7d744437c3 Fix for bug 143334 : add support for GeneralizedTime in certificates and CRLs. r=wtc,nelsonb 2003-09-19 04:08:51 +00:00
bishakhabanerjee%netscape.com 670906f939 Bug 213903: removing unused variables 'delold', 'save', 'entry' 2003-07-28 22:55:16 +00:00
wtc%netscape.com ce11300ca6 Bug 206926: 1. Undo the changes to secrng.h, pqgutil.h, swfutl.c, 
unix_rand.c, and win_rand.c. 2. Make secrng.h and pqgutil.h private.
3. Public header pk11pqg.h can't include private header pqgutil.h.
4. Many files don't need to include secrng.h.  A few don't need to include
pqgutil.h.  5. Remove duplicate declarations of PQG_DestroyParams and
PQG_DestroyVerify from blapi.h.
 2003-05-30 23:31:32 +00:00
nelsonb%netscape.com 5cdbf1a929 Remove MOZILLA_BSAFE_BUILD. Bug 193090. 2003-05-16 20:21:20 +00:00
ian.mcgreer%sun.com ddad39cba1 bug 202838, move operations outside of slot->objectLock 
r=relyea
 2003-05-14 22:09:03 +00:00
ian.mcgreer%sun.com 8720e22f4e bug 203049, move some operations outside of slot->slotLock 
r=relyea
 2003-05-12 21:32:38 +00:00
ian.mcgreer%sun.com d5aeef1f3f bug 201081, better spreading of session id hash 
r=relyea
 2003-04-24 18:30:12 +00:00
wtc%netscape.com 213a402f9d Bug 134113: make NSS build on Win32 using GCC (MinGW). The patch 
(attachment 121068) is contributed by Chris Seawood (cls@seawood.org).
 2003-04-20 04:23:37 +00:00
ian.mcgreer%sun.com e04a964222 bug 198452, zero-byte memcpys 
r=relyea
 2003-04-17 17:05:09 +00:00
jpierre%netscape.com 277eb23aae Fix for bug 200394 - update softoken version to 3.8 . r=wtc 2003-04-03 02:14:59 +00:00
nelsonb%netscape.com 3f52ba47c1 Changes to enable ECC over characteristic 2^m fields. 
Contribution from Vipul Gupta <Vipul.Gupta@Sun.COM>
Modified Files:
 nss/cmd/strsclnt/strsclnt.c nss/lib/cryptohi/seckey.c
 nss/lib/freebl/blapit.h nss/lib/freebl/ec.c
 nss/lib/freebl/manifest.mn nss/lib/freebl/mpi/Makefile
 nss/lib/softoken/ecdecode.c nss/lib/softoken/pkcs11.c
 nss/lib/ssl/ssl3con.c nss/lib/util/secoid.c
 nss/lib/util/secoidt.h
 2003-03-29 00:18:30 +00:00
relyea%netscape.com 3db543d86d Bug 185245. including wtc's comments. 
Don't reference memory beyond the end the the data element when decoding a
SubjectEntry. Prevents crashes from corrupted Subject Entries.
 2003-03-05 01:02:03 +00:00
relyea%netscape.com c62f62ef69 Fix memory leaks. (roll fixes from 3.7 BRANCH). 2003-03-05 00:59:36 +00:00
relyea%netscape.com b47c2269f6 bug 162976: make crl update atomic. Set up new Crl with a new Object ID which is different from the old one. 2003-03-04 22:36:27 +00:00
ian.mcgreer%sun.com 4a82c09e70 bug 191757, InitOIDHash() not threadsafe 
r=relyea
 2003-02-28 21:13:20 +00:00
nelsonb%netscape.com f87129ad87 Add support for Elliptic Curve Cryptography. Bug 195135. 
Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c
 2003-02-27 01:31:38 +00:00
wtc%netscape.com b485d030fd Bug 188856: it is not necessary to declare 'crv' in these blocks because it 
is already declared in the outer scope.
 2003-02-18 02:47:04 +00:00
nelsonb%netscape.com a39cc492bc Fix bug 190527. Properly extend buffer when data exceeds 512 bytes. 2003-02-07 23:09:35 +00:00
nelsonb%netscape.com 140acf91e3 Move the implementation of the TLS Pseudo Random Function (PRF) from 
pkcs11c.c into a new file: tlsprf.c.
 2003-02-07 06:42:20 +00:00
nelsonb%netscape.com 63cbaffd59 Remove unreferenced local variables from functions. 2003-02-07 05:08:01 +00:00
wtc%netscape.com 5cc66223d8 Backed out the previous checkin because it doesn't work on Windows. 2003-02-06 05:33:33 +00:00
wtc%netscape.com 025206b16f Bug 177387: include the *.chk files in the mdbinary.jar files generated by 
the release makefile target.
Modified Files: lib/freebl/manifest.mn lib/softoken/manifest.mn
 2003-02-06 03:52:37 +00:00
relyea%netscape.com 90be81e5ad The NSPR get shared lib interface requires the library name only, 
not a partial path to the library. This affects AIX.
 2003-02-06 00:49:09 +00:00
relyea%netscape.com 447f0c56f9 Check bug 188856 into the tip. 
1)return proper error code in more cases. 2) Fix bug in DH KeyPair Generation.

the essential part of this fix in pkcs11c.c where we add the CKA_NETSCAPE_DB
attribute on Diffie-Hellman key gen. I don't know why the code would have even
thought of working without this (unless we were testing with pregenerated
keys).

The rest of the fix is to surface more of the PKCS #11 error back up. There is
a separate bug to continue tracking the issue of lost PKCS #11 errors.
 2003-01-31 23:39:34 +00:00
relyea%netscape.com e7212afe42 FIPS library verifier. 2003-01-30 23:38:07 +00:00
relyea%netscape.com 17117c5e23 Write changes back to the database when we correct incorrect user bit settings. 2003-01-23 19:38:53 +00:00
relyea%netscape.com 61a6011027 Fix bug 180824 Version 3.4 string hard coded in default token name. 2003-01-23 17:16:50 +00:00
nelsonb%netscape.com 65a0422f22 Implement new AES Key Wrap mechanisms. Bug 167818. 2003-01-22 03:13:04 +00:00
nelsonb%netscape.com b39068212e When wrapping secret keys with an unpadded block cipher, null padd the keys 
as necessary, per the PKCS 11 spec.  Also, implement padding and unpadding
for single-part only ciphers.
 2003-01-17 05:50:08 +00:00
wtc%netscape.com 3cfd1da0cc Bug 145029: fixed compiler warnings (mostly "xxx might be used 
uninitialized").
 2003-01-17 02:49:11 +00:00
jpierre%netscape.com bd1c6e2d6f Fix incorrect usage of QuickDER . See bug 160805 comment 16 2003-01-16 00:56:10 +00:00
nelsonb%netscape.com 191e2830e1 Switch from the old vendor-defined mechanism numbers to the new official 
PKCS 11 mechanism numbers.  These numbers will appear in v2.20.
 2003-01-16 00:43:58 +00:00
nelsonb%netscape.com 48e7307212 Enforce that softoken's mechanisms are used only with the PKCS 11 
functions that they're defined to work with.
 2003-01-16 00:28:05 +00:00
nelsonb%netscape.com f8ffa9b2df Remove the implementation of CKM_KEY_WRAP_LYNKS from softoken. 2003-01-16 00:14:07 +00:00
relyea%netscape.com e99b341301 backport NSS 3.7 fixes to the tip. 2003-01-09 18:15:11 +00:00
relyea%netscape.com 04963b62bb Bug 186058 2002-12-18 23:55:53 +00:00
relyea%netscape.com 3e6d515d45 Increment the tmpbuf pointer to the correct index point 2002-12-13 19:02:13 +00:00
nelsonb%netscape.com a4ffefd8be Support SHA256, SHA384, and SHA512 hashes in NSS. 2002-12-12 06:05:45 +00:00
relyea%netscape.com 603a1de75c Fix padding value. 2002-12-06 19:11:57 +00:00
wtc%netscape.com 89bb676522 Fixed the build breakage of const unsigned char[] and unsigned char * 
mismatch on the Mac (compiler warnings on other platforms) by adding
(unsigned char *) typecasts.  r=relyea.  (Bug 183350)
 2002-12-04 00:28:56 +00:00
wtc%netscape.com 0def6ffdbe Bug 181878: fixed two more bugs in the new code to support multiple email 
addresses per certificate.  r=nelsonb.
 2002-11-27 01:28:03 +00:00
relyea%netscape.com c40360b6a9 More review changes, 
Fix incorrect return in pcertdb.c
 2002-11-26 22:14:56 +00:00
relyea%netscape.com c296a3a69f Incorporate Terry's and Nelson's reviews. 2002-11-26 18:27:25 +00:00
nelsonb%netscape.com 4bdff07d6f Back out my last change. 2002-11-26 07:07:20 +00:00
nelsonb%netscape.com c4ae2fc1f4 Eliminate bug due to uninitialized variable index. Eliminate leak. 
Remove lots of warnings about signed/unsigned and assigning int to uchar.
 2002-11-26 05:58:51 +00:00
relyea%netscape.com 58543311f7 Bug 181878 allow multiple email addresses to point to a single subject record. 2002-11-26 00:13:54 +00:00
nelsonb%netscape.com d2a0920045 Correct softoken routines to work with new larger SHAxxx hashes. 2002-11-16 03:32:39 +00:00
nelsonb%netscape.com 5556b4b77f Correct HMAC code to work with new larger SHAxxx hashes. 2002-11-16 03:30:37 +00:00
nelsonb%netscape.com dd4c5651b8 Add new SHAxxx hash algorithms to tables of SECHashObjects. 2002-11-16 03:29:32 +00:00
nelsonb%netscape.com 0575c4bc91 Declare new vendor-defined mechanisms for SHA256, SHA384 and SHA512. 2002-11-16 03:25:01 +00:00
nelsonb%netscape.com 9ee53c1fde Add "const" modifier to all fixed arrays used for keys or known text. 2002-11-16 01:00:44 +00:00
relyea%netscape.com c89a0a7444 Multi-access database race condition patches. These changes are already checked 
into NSS 3.6.1.
 2002-11-11 22:00:03 +00:00
relyea%netscape.com 9452f46ac8 db8 code part 1: 
1) Create new dbs with 32 k buffers.
   2) New dbs never store a single entry greater than 30 k (those are stored
using the blob code).
   3) NSS can run with either new or old dbs read only.
   4) If possible a new db is upgraded from and old db.
 2002-11-04 19:31:59 +00:00
relyea%netscape.com e352244c4b Unix and Mac platforms need to load librdb.* not rdb.*. 2002-10-10 20:11:09 +00:00
relyea%netscape.com 006424c6d4 Fix minor memory leak on init. 2002-10-10 20:09:30 +00:00
jpierre%netscape.com fa9b7e0590 Bump softoken version to 3.7 on tip 2002-10-08 04:07:22 +00:00
jpierre%netscape.com 2495acd6a6 Fix for 172732. r=relyea 2002-10-08 01:23:09 +00:00
wtc%netscape.com 886e30e17b Bug 154689: removed the "with Shared Database" string. NSS is always built 
that way now.
 2002-09-30 21:00:43 +00:00
wtc%netscape.com 2e33cb369f Bug 153258: fixed a misspelling in pk11_getDefTokName. 2002-09-28 14:14:18 +00:00
relyea%netscape.com 20b909f88a bug 130966: fix problems in searching and storing fixed keys. 
bug 170423: Turn on block symetric and Mac'ing functions in the DB token so we can use the fixed keys there without moving them around.

Fix memory leak on shutdown (leaking the sessions).
 2002-09-27 17:46:36 +00:00
jpierre%netscape.com 7150fbd4e4 Fix for 167615 - don't crash if the CRL isn't found due to a database error 2002-09-26 01:37:41 +00:00
wtc%netscape.com 9690a2abd2 Bug 169581: the last two arguments to pk11_mkSlotString should have the 
type PRBool, not unsigned char.  As a byproduct this change works around
what seems to be a gnupro gcc compiler optimization bug.  r=relyea.
Modified Files: pk11db.c pk11pars.h
 2002-09-19 03:23:26 +00:00
wtc%netscape.com 089cef75ad The blob db shim code (bug 162023) introduced a crash (bug 167615) so 
disable it for NSS 3.6 Beta1.
 2002-09-12 23:17:35 +00:00
wtc%netscape.com faf23b0d36 Bug 123753: removed the vestige of the "for Clients" string in softoken's 
sccs and rcs version id strings.
 2002-09-07 05:45:40 +00:00
wtc%netscape.com 8b8c57650a Bug 123753: the softoken is now compiled the same way for servers and 
clients, so removed the "for Clients" string in the version info.
Modified files: config.mk softokn.rc
 2002-09-07 05:35:46 +00:00
jpierre%netscape.com e2b8be5319 Fix compiler warnings 2002-09-07 01:24:27 +00:00
relyea%netscape.com 3ca346f840 Believe both entry types (old and new) when looking for the key. 2002-09-06 23:16:42 +00:00
wtc%netscape.com 6d4ccd8d26 Bug 166933: fixed build breakage on the Mac. 
Modified files: certdb/crl.c certhigh/certhigh.c softoken/dbmshim.c
 2002-09-06 20:17:42 +00:00
nicolson%netscape.com e179fe8904 Fix 164126: makefile build error. 
Change the NSS module name from "security" to "nss".
 2002-09-06 16:38:56 +00:00
wtc%netscape.com a897ae16a9 Bugs 166734 and 166785: fixed compiler warnings reported by gcc on Linux. 
The patch for this checkin is attached to bug 166785.
 2002-09-06 00:27:52 +00:00
relyea%netscape.com a017e8a053 Remove key.db from the using the blob db code. The blob db code uses the cert7.db record format to 
record blobs in the database, which is incompatible with the key3.db format. (key3 does not have
any record types).
 2002-09-06 00:18:24 +00:00
jpierre%netscape.com c285793b55 Fix for 166719 - crash in large object file mapping emulation code . r=wtc 2002-09-05 00:25:29 +00:00
jpierre%netscape.com 5e5a705cb7 Fix for 160805 . Make a copy of items into the arena before calling SEC_QuickDERDecodeItem where needed 2002-08-31 00:37:52 +00:00
relyea%netscape.com 3d603dad91 handle dbm blobs withouth stressing libdbm. 2002-08-28 21:51:10 +00:00
relyea%netscape.com 7a5ee3f753 Remove warning for unreferenced variable. 2002-08-26 21:39:49 +00:00
relyea%netscape.com 5d6a14c82b Fix URL check. we should check crl->url for null, not the uninitialized variable url. 2002-08-26 16:27:49 +00:00
jpierre%netscape.com 463500a5ab Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea 2002-08-24 00:52:47 +00:00
relyea%netscape.com 4116e5ba07 Fix mixing different free calls. PR_smprintf requires PR_smprintf_free() 2002-08-23 02:12:05 +00:00
relyea%netscape.com a1ac38f4be handle attribute types more intellegently. Don't fetch the object for invalid attributes if we don't have to. 2002-08-23 02:11:03 +00:00
relyea%netscape.com 943dd39f49 1) fix crl memory. 
2) remove several memory copies in the crl.
 2002-08-21 00:09:23 +00:00
wtc%netscape.com f0a85f101a Bug 148220: removed the unused field 'isFIPS'. 2002-08-08 22:52:14 +00:00
relyea%netscape.com 667aff1517 Bug 607834. save the correct name on so we can reset the database. 2002-08-08 18:02:34 +00:00
wtc%netscape.com dd0afb2cee Bug 148220: implements FIPS 198 conformance. r=relyea. 
Modified Files: alghmac.c alghmac.h lowpbe.c pkcs11c.c
 2002-08-07 23:27:58 +00:00
relyea%netscape.com 1b5946f3a0 Turn on reset functionality for multiaccessdb clients. 2002-08-02 21:41:01 +00:00
wtc%netscape.com 2bd38c9821 Bug 148220: FIPS 198's key size requirement broke the NSS QA. Backing it 
out.
 2002-07-31 00:55:35 +00:00
wtc%netscape.com 9590c529f0 Bug 148220: the previous checkin missed the inclusion of secerr.h. 2002-07-30 23:19:44 +00:00
wtc%netscape.com e29a299bc0 Bug 148220: enforce FIPS 198's requirement on the secret key's length. 
Added an assertion.  Set the error code on error return.
 2002-07-30 22:59:13 +00:00
bishakhabanerjee%netscape.com 4225da3758 Checking in riceman+bmo@mail.rit.edu's patch for bug 133702 2002-07-30 21:25:56 +00:00
bishakhabanerjee%netscape.com 65f7eca2f9 Checking in riceman+bmo@mail.rit.edu's patch for bug 133702 2002-07-30 20:57:44 +00:00
wtc%netscape.com 869ca6f82b Fixed the comment. The length of the secret may be larger than 64 bytes. 2002-07-26 18:20:59 +00:00
wtc%netscape.com 80aae405d5 Removed unused ASN.1 templates and unnecessary declarations. 
Modified Files: lowcert.c pcertt.h
 2002-07-25 03:59:38 +00:00
wtc%netscape.com bb5752e0f0 Bug 158339: we should not call secmod_freeParams if RNG_RNGInit fails. 2002-07-19 18:31:30 +00:00
relyea%netscape.com ccf95e381c Automatically recover from database corruptions when importing new certs. 2002-07-16 16:44:22 +00:00
relyea%netscape.com f181c1c7a2 Fix solaris signed/unsigned warnings. 
On updating nicknames, create a nickname record if one doesn't exist (that is
somehow the database got corrupted).
 2002-07-13 02:45:04 +00:00
relyea%netscape.com 08f068a1b9 Update the CERTDB_USER bits when our key gets imported through pkcs #12. 2002-07-12 03:27:44 +00:00
relyea%netscape.com e42ef90c97 Don't delete the nickname entry until we go to delete the subject entry as well. 2002-07-10 01:04:10 +00:00
relyea%netscape.com 4f9e4c1700 Handle the case where we don't get the Token object from NewToken (It gets converted from a session object in handleobjects). 2002-07-02 19:58:49 +00:00
relyea%netscape.com 6880c87a8d More performance improvements in listing certs: 
1) reduce more short term memory allocate/frees.
	2) remove sha1 hash calculations from critical paths.
	3) when listing user certs, skip decoding of non-user certs.
 2002-07-02 15:11:29 +00:00
relyea%netscape.com af924e2843 Initialize type fields to supress purify uninitialized reference warnings. 2002-06-28 03:00:10 +00:00
wtc%netscape.com c81143956b Bugzilla bug 154656: changed "softoken" to "softokn" to match the file 
name.
 2002-06-27 18:34:17 +00:00
relyea%netscape.com 43480112f3 Initialize type field to clear off purify warnings. 2002-06-25 23:00:59 +00:00
relyea%netscape.com 7cc9843630 More performance improvements for PK11ListCerts/ CERT_GetUserCertByUsage(). 2002-06-24 21:54:41 +00:00
relyea%netscape.com 3c89da1564 Need to preserve non-modifiable trustbits. 2002-06-21 22:28:03 +00:00
relyea%netscape.com aa8dddaacb zero structure before we fill it in, not after 2002-06-21 20:25:49 +00:00
relyea%netscape.com eb95452896 Patches to reduce the cost of getting attributes on certs or finding certs in lists. 2002-06-20 18:46:47 +00:00
ian.mcgreer%sun.com 0992642b67 bug 150704, PK11_Finalize can crash because softoken does not implement C_XXXFinal correctly 2002-06-19 14:59:24 +00:00
relyea%netscape.com 6f356a0f36 1) Map flags both coming and going. 
2) Finish transaction of the target database not the source database.
 2002-06-18 16:41:41 +00:00
relyea%netscape.com 27153b6afb Standardize the open flags as 'enums' when using multiaccess databases, no matter 
if we are using PR_ versions of the flags or O_ versions of the flags.
 2002-06-17 18:46:27 +00:00
relyea%netscape.com e2f5a0ac1f check version of the existing DB, not the updatedb. 2002-06-14 17:29:56 +00:00
relyea%netscape.com d31340924d Add transactions to the database update portion of the code. 2002-06-13 23:25:37 +00:00
relyea%netscape.com bb528345ff Return public and private keys in the order specified by the PKCS #11 spec. 2002-06-10 20:33:31 +00:00
wtc%netscape.com c99a93829c Backed out the previous checkin, which is not being used and triggers 
a bug in gmake 3.76.1 with MKS shell on Windows.
 2002-06-01 04:31:44 +00:00
wtc%netscape.com a1598af613 Use $(DLL_SUFFIX) instead of ${DLL_SUFFIX}. 2002-06-01 04:25:38 +00:00
rangansen%netscape.com b355617820 Fix to ensure change password on db is commited - using rv == SECSuccess would actually abort it. 
r = wtc
 2002-06-01 00:37:00 +00:00
relyea%netscape.com dccf0f20f4 Close our peer database handles because some platforms (Mac) do bad things 
if you hold two berkelydb handles open to the same database in the same process.
(actually a lot of platforms could cause problems, the Mac version of dbm (1.85)
just does the bad things right away).
 2002-05-22 21:47:23 +00:00
relyea%netscape.com 91abc91169 Missing component when deleting should not be fatal 2002-05-21 21:26:14 +00:00
wtc%netscape.com c8518d87b7 Bugzilla bug 145128: fixed a typo error in sec_pkcs5_rc4(). Also simplfied 
two other similar constructs.  r=relyea.
 2002-05-17 21:29:27 +00:00
relyea%netscape.com 7828ad6ad0 Make a single softoken which works for both servers and clients depending on configuration. 
Add the _PAD functions to the internal database token.
 2002-05-16 22:04:12 +00:00
relyea%netscape.com 81db56051e Argh. I thought I had compiled this! fixe compile errors. 2002-05-16 20:48:27 +00:00
relyea%netscape.com ad57ee44a1 Add Transactions (still need to add transactions on database upgrade). 
Make trust objects their own objects to reduce a couple of unnecessary cert decodes.
 2002-05-16 20:39:04 +00:00
relyea%netscape.com 0d88474fba Allow both FIPS and non-FIPS tokens to be initialized and active at the same time. 2002-05-10 18:11:37 +00:00
relyea%netscape.com 56f8e3b5e8 Automatically create a NULL email profile for certs with email addresses which 
are imported into the internal token.
 2002-05-07 20:38:59 +00:00
relyea%netscape.com 600cb240a3 Add code to update nickname and 'CKA_ID' from set attribute calls. This allows 
us to add a nickname to a cert after we import it from pkcs #12.
 2002-04-26 01:44:33 +00:00
relyea%netscape.com fbb0134208 Write the nickname entry as well when adding a nickname to a bug. 2002-04-26 01:09:21 +00:00
ian.mcgreer%sun.com 36e1d960b7 * make sure the token cache returns failure in overflow case 
* change internal module trust order again, builtins uses 100, and internal module must come first
 2002-04-19 19:30:12 +00:00
ian.mcgreer%sun.com 3a62ba7fdd try again, the default is 50 so the internal module must be higher 2002-04-19 19:19:33 +00:00
ian.mcgreer%sun.com 7061750a28 make sure the internal module defaults to trust order > 50 2002-04-19 19:01:45 +00:00
jpierre%netscape.com 2d21c59ccc Fix for 138084 - free slot list if NSC_Initialize fails 2002-04-18 20:54:22 +00:00
relyea%netscape.com 117c6b4800 Don't free the temp secmod.db name until we are through using it. 2002-04-16 00:24:34 +00:00
relyea%netscape.com 7aa8e229f4 Bug 133584: Fix reference leaks which prevent shutdown in NSS and in the tests. 
Debug builds can verify correct operation by setting NSS_STRICT_SHUTDOWN, which
will cause an assert if shutdown is called but not all the modules are freed (which
means a slot, key, or cert reference has been leaked).
 2002-04-12 19:05:21 +00:00
relyea%netscape.com 9b84261e2a Update the version field in the handle when doing the automatic update. 2002-04-12 03:43:34 +00:00
relyea%netscape.com f0c6675537 bug 128586 (and other) importing non-NSS pkcs#12 files. 
We need to decode the privatekeyinfo attributes if they exist.
 2002-04-11 00:59:43 +00:00
wtc%netscape.com 0d4ecebd48 Bugzilla bug 136625: prevent pk11_cert_collect from storing NULL in the 
certData.certs array so that pk11_searchCertsAndTrust won't deference a
NULL pointer.  r=relyea.
 2002-04-10 17:56:52 +00:00
relyea%netscape.com 710d547b27 Add database update capabilities to NSS softoken for multi-access database. 2002-04-08 23:37:49 +00:00
relyea%netscape.com 1e4fbdcfa4 Multi-access database changes. 2002-04-05 09:17:51 +00:00
nelsonb%netscape.com 130c1e83db On WinCE, DBM's dbopen uses NSPR file open flags rather than libc's 
file open flags (which are not defined on WinCE).
 2002-04-05 03:33:42 +00:00
relyea%netscape.com 3b55947b03 Make sure we aren't confusing secret keys with private and public keys 2002-04-04 18:08:30 +00:00
wtc%netscape.com 9318a2b270 Bugzilla bug 131427: add "for Clients" to the version id strings in the 
softoken shared library if MOZ_CLIENT is defined.  r=relyea.
 2002-03-20 21:17:30 +00:00
wtc%netscape.com c1adf4b062 Bugzilla bug 131430: changed "softoken" to "softokn" to match the file 
name.  r=relyea.
 2002-03-20 04:43:41 +00:00
wtc%netscape.com 64cc8d0455 Bugzilla bug 131427: added sccs and rcs version id strings to the softoken 
shared library.  r=relyea.
Modified files: manifest.mn pkcs11.c
Added file: softkver.c
 2002-03-20 04:38:09 +00:00
wtc%netscape.com 8db34d758e Bugzilla bug 130158: fixed a crash in NSC_CopyObject if pk11_CopyObject 
fails.
 2002-03-14 03:34:11 +00:00
wtc%netscape.com 1ced872252 Bugzilla bug 129408: final adjustments of the NSS 3.4 *.def files. List 
the symbols in alphabetical order.  In softokn.def, changed "Sofoken 3.4
release" to "NSS 3.4 release, which is what we use in other *.def files.
Added seven new PKCS7 exports to smime.def.  r=relyea
Modified files: nss.def smime.def softokn.def ssl.def
 2002-03-07 21:18:49 +00:00
wtc%netscape.com 1d74ff3063 Bugzilla bug 128599: link libnss3.so with -R $ORIGIN on Solaris to help it 
find libsoftokn3.so.  Fixed an outdated comment in softoken/config.mk.
 2002-03-03 02:34:32 +00:00
relyea%netscape.com 0a88feb486 Implement PKCS #11 2.11 DSA PQG Parameter generation. 2002-03-02 00:52:05 +00:00
relyea%netscape.com 089b31a446 Fix PSM name problem. 
Fix crash when trying to access/delete an non-existant object.
 2002-02-28 21:30:13 +00:00
relyea%netscape.com cebd4b1a6f The KRL reserved handled should be different from the primordial CRL handle 
so that CRL matching code will work correctly.
 2002-02-27 16:57:45 +00:00
relyea%netscape.com bd56c1e043 When using global params, noCertDB implies noKeyDB as well bug 127312 2002-02-26 02:28:21 +00:00
relyea%netscape.com 82ac932cf2 Bug 125728 truncate utf8 correctly in the pkcs11 string. 2002-02-26 00:33:42 +00:00
ian.mcgreer%sun.com bc5808a5ed bug 125359, by default the ASN.1 en/decoder should treat all numbers as signed. But many source/target items desire unsigned integers (specifically, bignums in the crypto stuff), so implement an siUnsignedInteger type which notifies the en/decoder to handle the conversion. 
r=nelsonb
 2002-02-21 22:41:44 +00:00
wtc%netscape.com 4f99429abb Fixed misspelling. 2002-02-21 00:06:14 +00:00
wtc%netscape.com 667ed9e4c8 Bugzilla bug 125149: prevent the session ID count component of the session 
ID from overflowing and corrupting the slot index component.  Do a lookup
in the session hash table to make sure the session id is not in use before
adding it to the table.  r=relyea.
Modified files: pkcs11.c pkcs11i.h
 2002-02-20 23:59:35 +00:00
wtc%netscape.com ba5d3c7107 nscSlotHashTable is not protected by a lock, so we need to use 
PL_HashTableLookupConst to do the lookups.  r=mcgreer.  This bug is
discussed in bug 125149 but is not the main topic of that bug.
 2002-02-20 23:53:45 +00:00
kirk.erickson%sun.com 0e2122791d Added tokenIDCount, and tokenHashTable to comments about objectLock. 2002-02-20 18:05:52 +00:00
nelsonb%netscape.com e023b4422a Change most coreconf and NSS makefiles to use OS_TARGET (which can 
be overridden via an environment variable) rather than OS_ARCH.
This is a precursor to more flexibility in cross-platform builds.
Bug 104541.
 2002-02-15 22:54:08 +00:00
relyea%netscape.com 87e1407f2c Fix UMR in the session info structure. 2002-02-14 01:12:51 +00:00
kirk.erickson%sun.com abbde77e08 Commented SlotStr with information what what locks protect what. 2002-02-11 20:14:05 +00:00
nelsonb%netscape.com 42fdae57e1 Make NSS 3.4 build as part of mozilla on OS/2. Bug 114748. 
Patch supplied by Javier Pedemonte.
 2002-02-11 05:48:37 +00:00
wtc%netscape.com 7d12a23186 Bugzilla bug 121523: checked in Kirk Erickson's session lock fix. 
Modified Files:
	lib/pk11wrap/pk11slot.c lib/softoken/pkcs11.c
	lib/softoken/pkcs11i.h lib/softoken/pkcs11u.c
 2002-02-05 23:41:36 +00:00
relyea%netscape.com 622f360f9e Fix searching code so it can find CRL's 2002-01-31 00:16:29 +00:00
ian.mcgreer%sun.com abec66154f changes related to bug 115660 
* fipstoken will only force authentication for object-related functions when the object is a private or secret key
* certutil does not authenticate to token when in FIPS and only doing cert-related operations
* QA does not provide password to certutil when doing cert-related operations in FIPS tests
 2002-01-29 17:30:22 +00:00
relyea%netscape.com 6b96fe3f81 (sigh) not only do we need to find the objects, we need to be able to read 
them as well.
 2002-01-28 23:28:29 +00:00
relyea%netscape.com 0f9ca80078 Fix 2 memory leaks and a UMR. 
(keyhand needs to be initialized before we start xor hashing)
Free item and time elements which are transparently allocated for us.
 2002-01-26 00:16:03 +00:00
relyea%netscape.com cfab32ea30 Change Sha1_hash to a simple XOR hash for building key handles for token 
objects.
 2002-01-25 19:09:34 +00:00
relyea%netscape.com a7723c632d Fix bug 115660. Note that fixing the bugs necessitates fixing the test 
cases as well. The test case was depending on the failure to read certs to
detect the failure to read keys. Now certutil returns a failure if no keys
are found. This also means that the FIPS test after the key and cert
has been deleted should expect a failure to list any keys.
 2002-01-25 19:03:17 +00:00
relyea%netscape.com 0117ba048e Too agressive on fixing leaks;). This one isn't a leak. 
bob
 2002-01-24 21:33:51 +00:00
relyea%netscape.com b482961799 Fix memory leaks. 2002-01-24 00:26:29 +00:00
relyea%netscape.com c7d82085a1 Fix memory like in readSMimeEntry 2002-01-23 01:44:22 +00:00
relyea%netscape.com eec61db7e1 Labels don't have NULL's by default. 2002-01-23 00:53:53 +00:00
ian.mcgreer%sun.com 30e782be09 PSM bug 119359, NSS 3.4 also needs to recognize valid CA trust in order for cert download to work correctly 2002-01-23 00:49:23 +00:00
ian.mcgreer%sun.com 775f92f7ff more backwards compatibility fixes 
* always send DER of serial number to PKCS#11 queries
* in softoken, construct key for certificate using decoded serial number with (possibly) a leading zero, for compatibility with version 7 db
* in softoken, decode serial number *without* removing leading zero for searches
 2002-01-17 00:20:53 +00:00
ian.mcgreer%sun.com 9c7bf8e3b7 fix build bustage 2002-01-16 21:36:33 +00:00
ian.mcgreer%sun.com 4c3e077743 fix for bug 115360, failure in pkcs12 backwards compatibility tests 2002-01-16 21:22:30 +00:00
ian.mcgreer%sun.com b2373e435c unfortunately, the SDR key keeps the value of CK_KEY_TYPE in the coefficient field of an RSA key. This means some format is lost through the ASN.1 encoder/decoer. Trying again to account for that without affecting normal key type attributes. 2002-01-16 16:02:51 +00:00
ian.mcgreer%sun.com a4a2117751 fix up problems in last change 2002-01-16 00:04:16 +00:00
ian.mcgreer%sun.com 37ccf29e2d revert last change, and move conversion of attribute value to host long up to where the long variable actually appears. 2002-01-15 21:45:38 +00:00
ian.mcgreer%sun.com 2dbd9ade93 fix SDR on big-endian platforms. The leading zeros in the RSA coefficient have been stripped, but PKCS#11 needs them back in order to form a CK_ULONG correctly. 2002-01-15 19:20:34 +00:00
ian.mcgreer%sun.com 02437e979a Fix for serial numbers which are negative when intrepreted as signed integers. Since the ASN.1 encoder now add/strips leading zeros to INTEGERs, the hand decoder written here will incorrectly decode serial numbers passed to it that have leading zeros. 2002-01-15 15:43:35 +00:00
ian.mcgreer%sun.com a29542b7fa fix for bug 115360, ASN.1 encoder/decoder should handle conversion of unsigned integers used in NSS to ASN.1 INTEGERs, and vice versa. 2002-01-14 23:20:43 +00:00
ian.mcgreer%sun.com aaba769038 *sigh* 
fixed backward compatibity tests, but broke current version.  will have to rework.
 2002-01-11 23:37:37 +00:00
ian.mcgreer%sun.com dd22838792 temporary fix for bug 115360 2002-01-11 22:24:31 +00:00
relyea%netscape.com cf63c1e6fb Set up default trust order correctly. 
Default trustorder is
   0 for the internal token
   100 for the builtins
   50 for everyone else

Default Cipher order is
   100 for the internal token
   0 for everyone else
 2002-01-10 00:59:26 +00:00
ian.mcgreer%sun.com 9a16931339 bug 118612, implement valid peer trust in softoken 2002-01-08 22:01:17 +00:00
ian.mcgreer%sun.com 8b98f0af90 memory leak fixes 2002-01-08 15:37:42 +00:00
relyea%netscape.com 996c78f1b0 Startup problems on new profiles: 1) Windows does not initially open the DB R/W 
on startup. 2) All platforms do not see the built-ins token if you startup with
a new profile.

Fix: 1) Escape the initialization parameters.
     2) Rebuild the Token iterator when new tokens are added to the trust domain.
 2002-01-05 03:00:10 +00:00
relyea%netscape.com 7ab6e5488e Fix Bug 115657. 
1) advance the pointers in the initialization setup for p12 pbes (at the same
time fix the code to be much easier to read and understand).
2) Copy out the returned IV in pkcs11c.c.
 2001-12-19 18:06:29 +00:00
ian.mcgreer%sun.com 5f437eeb8c needed for traversal of keys 2001-12-17 13:43:34 +00:00
ian.mcgreer%sun.com a8022ab91f dbhandle needs to be set for subject list certs to work 2001-12-17 13:43:10 +00:00