41fd37565a
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-31 04:41:00 +00:00
2cef28020c
bug 309701 Softtoken C_CreateObject() should not require
...
CKA_NETSCAPE_DB attribute to be present
r=alexei
2006-03-31 00:38:48 +00:00
f6290f423b
From Bug 331279.
...
Free ECDHE Ephemeral key. Fixes server-side leak.
r=julien r=alexei
2006-03-30 21:07:22 +00:00
39ee00370d
Fix for 330068 . Be more verbose in strsclnt error cases
2006-03-29 22:35:44 +00:00
209577ded2
331515: selfserv Bus error on 3DES ciphersuites; r=julien, sr=nelson
2006-03-29 07:23:40 +00:00
b6762d713e
Remove comment in ssl.sh that messes execution. Part of fix for bug 331413.
2006-03-29 06:54:56 +00:00
01fe9ff1bf
Fix for bug 330068 . Increment counter variable atomically. Be more verbose. r=nelson
2006-03-29 05:05:09 +00:00
bd3cb7e1ef
Partial fix for bug 331413 . Allow selfserv to be tested for reference leaks. r=nelson
2006-03-29 05:03:10 +00:00
f63a763e94
Bug 301249 - Checkout and build mozilla/dbm as part of NSS instead of the mozilla client, and pull NSS by the release tag instead of by the NSS_CLIENT_TAG which is now deprecated! r=dougt (+nelsonb)
2006-03-27 16:21:55 +00:00
0224b3a860
318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea
2006-03-25 23:45:23 +00:00
c8e770c69d
Bug 321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas r=vipul
2006-03-24 22:55:51 +00:00
a9beb655f0
Backout changes for bug 321350
...
Implement optimized code for NIST Suite B elliptic curves
Those changes broke the build on Solaris. r=Sheriff Nelson
2006-03-24 09:08:24 +00:00
71d95480ca
Check argc. b=330900 r=kengert sr=jst
2006-03-24 06:51:24 +00:00
e72ce470d4
321350 Implement optimized code for NIST Suite B elliptic curves
...
r=douglas.
2006-03-23 19:55:37 +00:00
cef89c3f70
bugzilla #331369 - avoid calling fromRaw which calls into a non-ECC compliant NSS function
2006-03-22 21:53:52 +00:00
e13e6cc7f7
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson r=thomas.
patch in bug + white space changes suggested by nelson.
2006-03-22 19:18:30 +00:00
2bfdfe5969
Updated previous patch with douglas's input. (still bug 323817
...
Truncation of hashes for ECDSA should be done at bit level, not octet level).
r= vipul r=douglas
2006-03-22 19:02:06 +00:00
8451367511
Fix indexing botch. Patch from Mikolaj J. Habryn <dichro-mozilla@rcpt.to>. r=kengert sr=dbaron b=330897
2006-03-22 07:40:40 +00:00
01ef3de28a
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 19:36:53 +00:00
dd7e2a2cf6
Correct bug entry:
...
25683 EC param parsing error not propagated correctly
r=andreas.
2006-03-21 19:33:52 +00:00
6a7da6374e
Backing out previous changes that invalid or incorrect log entries for this
...
patch.
2006-03-21 19:30:10 +00:00
e182cdf8e2
*** empty log message ***
2006-03-21 19:23:30 +00:00
40486c9fe9
bug 284450, Only use SSL V2 compatible hello, if SSL V2 is enabled
...
r=jgmyers, r=nelson
2006-03-21 18:43:09 +00:00
c385e5088d
Bug 273637 3 locks in softoken have unsafe initialization
...
r=alexi r=julien
2006-03-21 02:28:48 +00:00
6c95b75b6a
Avoid stack overflow while generating primes. Bug 310145. r=wtchang
2006-03-19 05:09:30 +00:00
5f90fef71c
Bug 238051 Enable SSL session reuse for ECC cipher suites
...
r=nelson
2006-03-17 21:15:09 +00:00
14c38aa668
Bug 329072 client sometimes fails to authenticate despite having cert
...
r= nelson
2006-03-17 20:44:23 +00:00
9e18a1acf3
Bug 323817 Truncation of hashes for ECDSA should be done at bit level, not octet level
...
r=vipul.gupta@sun.com
2006-03-17 16:58:06 +00:00
11b860880e
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
Use SEC_GetSignatureAlgorithmOidTag() to map to the signature oid.
r=wtc
2006-03-15 21:46:24 +00:00
2b42f9feb9
Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails
...
patch makes SHA1 the default hashing for RSA rather than MD5.
patch by wtc r=rrelyea.
2006-03-15 21:42:21 +00:00
aab12ab3a8
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:22:32 +00:00
c783f88c97
bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined
...
r=wtc
2006-03-15 19:13:12 +00:00
a789dec260
Bug 236933, Disable SSL2 and other weak ciphers by default
...
This patch (v3c) removes the UI to control SSL 2.
Firefox UI-review: beltzner
Firefox code review: mconnor
SeaMonkey UI-review: neil
Seamonkey+PSM code review: rrelyea
2006-03-14 21:29:13 +00:00
2996640c67
Bug 324448. Convert mpi_x86.asm to mpi_x86_asm.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-10 06:48:46 +00:00
d42549b7ac
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
2006-03-09 23:50:43 +00:00
41a9b174bd
Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC.
...
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
2006-03-09 23:46:45 +00:00
19a46702bf
Bug 329002. fix cert reference leak. r=alexei.volkov,rrelyea
2006-03-09 23:38:57 +00:00
3203ada5f3
Bugzilla 324887: merge ECC and non-ECC QA test scripts.
...
Add return code and error message for ssl_stress and ssl_cov.
r=vipul, sr=nelson.
2006-03-08 00:47:28 +00:00
a0ed51d33e
Bugzilla Bug 329575: ECPoint_mul should multiply a point by the group order
...
faithfully because this operation is required by the public key validation
algorithm. r=douglas.stebila,vipul.gupta.
2006-03-08 00:19:34 +00:00
d679dc6d35
Bugzilla Bug 320578: added a new function ec_GenerateRandomPrivateKey to
...
generate a random private key without bias using the algorithm of FIPS
186-2 Change Notice 1, and use it to generate EC private key d and ECDSA
ephemeral private key k. The patch is contributed by Douglas Stebila
<douglas@stebila.ca> and improved by me. r=douglas.stebila,vipul.gupta.
2006-03-06 23:48:39 +00:00
aa712694ba
fix bug 328771
...
r=rrelyea sr=dveditz
2006-03-04 12:22:22 +00:00
85a72075f3
Bugzilla Bug 324887: The previous checkin introduced a comment bug. A
...
comment line must begin with exactly one '#' character followed by white
space.
2006-03-03 22:10:30 +00:00
f1ca8f1fd1
Bugzilla Bug 324887: merged ECC and non-ECC QA test scripts and removed
...
ECC QA test scripts. The patch is written by Vipul Gupta and Christophe
Ravel of Sun. r=wtc,nelsonb,jpierre
Modified Files:
cert/cert.sh smime/smime.sh ssl/ssl.sh ssl/sslauth.txt
ssl/sslcov.txt ssl/sslstress.txt tools/tools.sh
Removed Files:
fixtests.sh cert/eccert.sh smime/ecsmime.sh ssl/ecssl.sh
ssl/ecsslauth.txt ssl/ecsslcov.txt ssl/ecsslstress.txt
tools/ectools.sh
2006-03-03 20:06:03 +00:00
de8be1e067
Bugzilla bug 326482: code cleanup: ssl3_NewKeyPair should not create a key
...
pair with only one key. r=nelson.bolyard.
2006-03-03 18:48:09 +00:00
aed20ed068
Bugzilla bug 326482: removed incorrect comments. r=nelson.bolyard.
2006-03-03 18:45:54 +00:00
ac042bff56
Fix standalone mpi Makefile to build on OS/X. Bug 327405.
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-03 04:21:56 +00:00
5e2ca73982
Bug 327677. Fix cert object reference leak. r=julien.pierre,nelson
...
Patch contributed by Alexei Volkov <alexei.volkov.bugs@sun.com>
2006-03-03 04:00:49 +00:00
57a3c7aa21
Bug 236613: change to MPL/LGPL/GPL tri-license.
2006-03-02 22:48:55 +00:00
b69eb504ce
Bugzilla Bug 320589: fixed PK11_SignatureLen to return the exact length of
...
ECDSA signatures. Backed out a temporary workaround in
ECDSA_SignDigestWithSeed. Made other changes related to signature lengths.
r=relyea,nelson.bolyard.
Modified Files:
cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secsign.c
freebl/ec.c pk11wrap/pk11obj.c pk11wrap/pk11pub.h
ssl/ssl3con.c
2006-03-02 00:07:08 +00:00
c3311666d5
bug 168629, Mozilla incorrectly prompts about submitting to an insecure location from a secure one with base
...
href="https://..."
r=rrelyea, sr=bzbarsky
2006-03-01 23:38:30 +00:00
8696bd362e
Bugzilla Bug 326403: use "Mozilla Foundation" as the manufacturer or
...
producer of our shared libraries/DLLs. Removed the optional copyright
notices from our DLLs. r=relyea,jpierre.
Modified Files:
lib/ckfw/builtins/constants.c lib/ckfw/builtins/nssckbi.rc
lib/ckfw/capi/nsscapi.rc lib/ckfw/dbm/instance.c
lib/freebl/freebl.rc lib/nss/nss.rc lib/smime/smime.rc
lib/softoken/pkcs11.c lib/softoken/softokn.rc lib/ssl/ssl.rc
2006-03-01 19:44:36 +00:00
f95ae18fe7
Remove mp_init/mp_clear calls (and potential mallocs,frees and zeros)
...
in tight loops for bug #326482
r=nelson
2006-03-01 17:09:17 +00:00
6a21aaef0e
bug 326482 Implement the derive sensitive only for those derivation functions that require it.
...
fixes a performance problem with ECDH.
r=wtchang, nelson.
2006-03-01 16:12:22 +00:00
340adcfbfa
Bug 327405. Correct EC keypair Generation. r=vipul.gupta,nelson.bolyard
...
Patch contributed by Douglas Stebila <douglas@stebila.ca>
2006-03-01 07:06:24 +00:00
56fc6fa166
Bug 328262. Increment ssl3 statistics counters atomicly. r=wtchang,julien.pierre
2006-03-01 05:45:45 +00:00
7986d13c5b
Bugzilla Bug 327978: removed obsolete files, superseded by the ecl
...
directory. r=douglas.stebila.
Removed files: GF2m_ecl.c GF2m_ecl.h GFp_ecl.c GFp_ecl.h
2006-02-28 23:43:19 +00:00
30c02d8244
Bugzilla bug 327855: OS2 GCC build should define XP_OS2_EMX for NSPR
...
headers. Removed a duplicate XP_OS2 definition. r=Peter Weilbacher and
Julien Pierre.
2006-02-28 21:34:29 +00:00
7962d03260
bug 328302, Cert Viewer: Prefix "raw bytes" display with size information
...
r=rrelyea
2006-02-28 18:30:01 +00:00
a86941f281
Bug 326315. Warning Reduction. On TRUNK only. r=Julien.Pierre
2006-02-28 05:56:07 +00:00
74a0a6eea2
Bug 325683. EC param parsing error not propagated correctly.
...
Fix the cases that Andreas identified. Patch by Andreas.Sterbenz@sun.com
r=Julien,wtchang,nelson
2006-02-28 05:44:56 +00:00
4b1a1b7cb3
Bug 326690. Enable modutil to configure default slots for the
...
AES, SHA256 or SHA512 mechanisms. r=rrelyea,julien.pierre
2006-02-28 05:16:00 +00:00
52395a4abb
Bug 327105. Reintroduce an old bug that prevents _DHE_ cipher suites
...
from being negotiated by NSS servers. Necessary until the server side
of the _DHE_ cipher suites is fully implemented. r=Julien,Wan-Teh,Vipul
2006-02-28 04:20:23 +00:00
7a0f0203c7
Bugzilla Bug 320038: checked in a better fix that allows us to write
...
EC domain parameters as hex strings with leading 00's. r=douglas.stebila
sr=relyea.
Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
2006-02-27 23:18:34 +00:00
1e7792e844
Bugzilla Bug 322871: moved the three new EC-related JNI function symbols to
...
a new JSS_4.2.3 section. r=sandeep.konchady.
2006-02-24 23:56:41 +00:00
168ad01945
integrated patch 'build fix' from bugzilla #328246
2006-02-24 19:40:34 +00:00
701ae3b6eb
Bugzilla bug: 328233 Fix for using SunJCE for all platformas that do not
...
use IBM JDK. sr=Alexei.Volkov
2006-02-23 16:47:17 +00:00
564626af0d
Bugzilla Bug 322871: Checked in Bob Relyea's patch again.
...
Add multi-hash ECC to jss (based on the 1.4 JCE).
2006-02-23 01:21:52 +00:00
36adc6cfb7
Bug 322578: backed out the previous checkin. We avoided it by changing NSS.
...
r=mark.mentovai.
2006-02-22 22:40:03 +00:00
38794ac310
Bugzilla bug 322578: support ppc<->x86 cross builds for Mac OS X. The
...
patch is contributed by Mark Mentovai <mark@moxienet.com>. r=wtc.
2006-02-22 22:26:34 +00:00
6c376850a1
Bugzilla Bug 328228: fixed the typo "secp169k1". The patch is contributed
...
by jyri <jyri.virkki@sun.com>. r=wtc,vipul.gupta.
Modified files: bltest/blapitest.c certutil/certutil.c
2006-02-22 22:15:57 +00:00
178bda1252
Change NSS version to 3.12 Beta on the tip.
2006-02-22 21:22:54 +00:00
01c86dfa09
bug 321598, Double memory free in nsIX509::getRawDER
...
r=rrelyea
2006-02-22 20:36:53 +00:00
8c8a6af5ea
Bugzilla Bug 326754: the previous checkin made us fail the NIST DSA PQGGen
...
test for [mod = 768] only. Backed out the more likely culprit.
2006-02-22 02:12:09 +00:00
9df872f66f
Bugzilla bug: 310368 Missed a file.
...
sr=Glen r=Alexei
2006-02-21 23:38:58 +00:00
7353b4807c
Bugzilla bug: 326699 Added check for libjss4.$platform_lib_extension
...
sr=Alexei.Volkov r=Christophe.Ravel
2006-02-21 23:27:49 +00:00
509a25cea2
Bugzilla bug: 310368 Modified JSSE_SSLServer and JSS_SSLClient for proper
...
cipher preference and communication. sr=Glen.Beasley r=Alexei.Volkov
2006-02-21 23:25:25 +00:00
2fa829a716
Bugzilla bug: 322998 Fix for SSLServerSocket.accept() consuming exception
...
cause. sr=Wan-Teh r=Alexei.Volkov
2006-02-21 22:43:27 +00:00
0fcfd6405d
322578 Support ppc<->x86 cross builds for Mac OS X. Core cross-compile support. r=bsmedberg r=cls sr=bryner
2006-02-21 00:21:55 +00:00
c449f54be3
Bugzilla Bug 327529: unnamed arguments (third and after) for CERT_CreateRDN
...
must have the correct CERTAVA * type because compilers can't do automatic
type conversions. r=nelsonb,jpierre.
Modified files: alg1485.c secname.c
2006-02-20 23:06:55 +00:00
a0b2d16750
bug=325366, Certificates: Large MS CA version causes decoding failure
...
Patch contributed by Martin v. Loewis
r=kengert
2006-02-20 13:20:47 +00:00
97a5c30a94
Renamed DSA_TEST_SEED_BYTES to PQG_TEST_SEED_BYTES.
2006-02-18 02:39:12 +00:00
0c104c2ece
Bugzilla Bug 327384: fixed an off-by-one error in the size of the 'genenc'
...
array. The patch is contributed by Andreas Sterbenz
<Andreas.Sterbenz@sun.com>. r=wtc,nelsonb
2006-02-16 22:33:13 +00:00
2c88207a24
Bugzilla bug: 317479. Added IBMJCE for tests to work with IBM JDK.
...
sr=glen.beasley r=alexei.volkov
2006-02-16 19:54:08 +00:00
bbb5617f66
bug 327126 prevent missing JSContext during generateCRMFRequest() r=mrbkap, r=kengert, sr=dbaron
2006-02-16 05:38:52 +00:00
1dd17278e7
fix by wan-teh for RSA siggen tests r=glen
2006-02-16 01:50:55 +00:00
6e65720ba6
Bugzilla Bug 318967: use 160-bit SEED when generating DSA domain parameters
...
(PQG). Removed unused keySizeIndex variables. Handle the return value and
result output parameter of PQG_VerifyParams separately. Pad H with leading
0's when printing. r=glen.beasley.
2006-02-16 01:28:35 +00:00
a4db2be2c9
Fix for bug 321765. Allow NSS to decode certs with unsupported critical extensions. r=wtchang,nelson,rrelyea.
2006-02-16 00:06:24 +00:00
e393d91fcb
[Bug 326963] Interoperability test with apache/mod_ssl: tstclnt
...
produces: assertion failure: secmod_PrivateModuleCount == 0; r=nelson, sr=julie
n
2006-02-15 22:22:32 +00:00
ac55eec5a2
Bugzilla Bug 318962: fixed signed/unsigned comparison warnings by MSVC.
...
r=glen.beasley.
2006-02-15 19:14:09 +00:00
4b0281cf28
Bugzilla Bug 318968: more ECDSA test cleanup. Do not zeroize when freezing
...
ECParams' arenas. Use EC_CopyParams to copy ECParams to an EC public key
and allocate the public key's value from the same arena. r=glen.beasley.
2006-02-15 19:06:51 +00:00
4cc50bbc40
322871: JSS needs to handle ECC keys and certs`
...
Back out changes by rrelyea (2006-02-10) and glen.beasley (2006-02-14).
r+: wtc
2006-02-14 23:53:05 +00:00
569463eb3e
temp build fix
2006-02-14 20:16:45 +00:00
c0887f9e1d
Bugzilla Bug 326754: fixed two minor bugs related to the h parameter in
...
PQG parameter generation. r=nelsonb,glen.beasley.
2006-02-14 03:04:57 +00:00
b19b5965a5
Bugzilla Bug 326144: need to zeroize a SECItem that contains a copy of the
...
secret key. r=relyea,jpierre.
2006-02-14 02:55:09 +00:00
cfe8a9f253
Bugzilla bug 326751: CKR_SIGNATURE_INVALID is a much better default error
...
code for NSC_VerifyRecover than CKR_DEVICE_ERROR is. r=relyea.
2006-02-11 02:03:25 +00:00
7f3ba76b70
318970 RSA sigver test fix r=wan-teh
2006-02-10 23:27:38 +00:00
2b4f5e5d00
Add multi-hash ECC to jss (based on the 1.4 JCE).
2006-02-10 22:06:22 +00:00
1f4cae4de9
Bugzilla Bug 326482 NSS ECC performance problems.
...
Patch by Nelson, r=relyea.
Save the public key when we create the keypair so we can use it later.
2006-02-10 19:39:53 +00:00
57d9010865
Bugzilla Bug 326482 NSS ECC performance problems.
...
r=nelsonb
Fix bug where ECC keys were not being copied on server startup
2006-02-10 18:54:58 +00:00
fd25589676
Bug 325657, r=Nelson,Wan-Teh, Unset ECL_USE_FP INT Solaris SPARC freebl
2006-02-10 04:38:05 +00:00
gerv%gerv.net
rrelyea%redhat.com
julien.pierre.bugs%sun.com
alexei.volkov.bugs%sun.com
benjamin%smedbergs.us
glen.beasley%sun.com
nelson%bolyard.com
dbaron%dbaron.org
nkwan%redhat.com
kaie%kuix.de
christophe.ravel.bugs%sun.com
wtchang%redhat.com
sandeep.konchady%sun.com
mark%moxienet.com
dveditz%cruzio.com
neil.williams%sun.com