mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
74 245 коммитов 615 Ветки 98 Теги 6 GiB
Граф коммитов

373 Коммитов

Автор SHA1 Сообщение Дата
nelsonb%netscape.com cbc85c762b Fix assertion. Comparison sense was inverted. 2000-07-25 00:12:57 +00:00
nelsonb%netscape.com f16cc60f1a Add -fullwarn to some build flags. Change dependencies for primegen. 2000-07-22 07:22:37 +00:00
nelsonb%netscape.com 175cab0f15 Implement sieving to accelerate elimination of composites. 
This sieve eliminates all but about 3500 numbers from each range of 64k.
 2000-07-22 05:54:21 +00:00
nelsonb%netscape.com 1f040d3f9f Use large prime table for faster prime gen. Make prime table "const". 
Change functions that use prime table to use const arguments.
 2000-07-22 05:36:45 +00:00
nelsonb%netscape.com 41121574a7 Change s_mp_norm to always use a power of two as the normalizing factor. 
This enhancement performance by turning the normalizing and denormalizing
operations into shifts.
 2000-07-21 21:06:08 +00:00
nelsonb%netscape.com 4b4e6bccd9 Implement mpl_get_bit, mpl_set_bit, mpl_significant_bits. 2000-07-21 21:04:14 +00:00
nelsonb%netscape.com 3b292e3f60 Fix symbol prefixes in some comments. 2000-07-21 20:50:31 +00:00
mcgreer%netscape.com 36c22a2a15 some compilers don't like the void* arithmetic 2000-07-20 16:58:32 +00:00
nelsonb%netscape.com 350eea5535 Use unsigned ints for length parameters to "octets" functions. 2000-07-20 04:47:24 +00:00
nelsonb%netscape.com 7f70f07983 Eliminate lots of warnings found by -fullwarn. 
Add sanity test to s_mp_div().
 2000-07-20 04:21:37 +00:00
nelsonb%netscape.com 04007f8bb5 Eliminate warnings found with -fullwarn. 2000-07-20 04:20:21 +00:00
mcgreer%netscape.com dbede1a951 Change the startup/shutdown procedure. Now a minimum amount of seed bytes, MIN_SEED_COUNT, are required before output bytes can be extracted. Also, it is possible to do a full restart by calling RNG_RNGInit() and RNG_RNGShutdown() in succession. This is noted in the blapi.h comments for those functions. 2000-07-19 23:54:43 +00:00
nelsonb%netscape.com 5a1cb37329 Build all mpi .c files with -DMP_API_COMPATIBLE 2000-07-19 23:23:24 +00:00
nelsonb%netscape.com 94e36d6f32 Implement 5 new functions for dealing with variable length integers 
represented as unsigned and signed octet strings.
mp_read_unsigned_octets(), mp_unsigned_octet_size(),
mp_to_unsigned_octets(), mp_to_signed_octets(), mp_to_fixlen_octets()
See mpi.h for more info.
 2000-07-19 23:22:43 +00:00
nelsonb%netscape.com 9ab0d70f0e All #defines now have MP_ prefix. To get old #defines, compile with 
-DMP_API_COMPATIBLE .  mpi.c is compiled that way.
 2000-07-19 23:18:08 +00:00
mcgreer%netscape.com adc97e5caf initial checkin of PRNG code 2000-07-19 17:01:31 +00:00
mcgreer%netscape.com 0b57de2866 initial checkin of ARCFour. 2000-07-18 00:56:09 +00:00
nelsonb%netscape.com 49bfd5fc00 Fix "random" modulus so it is odd and has msb of most significant digit 
set to 1, and "random" base to be less than modulus.
 2000-07-17 22:37:55 +00:00
nelsonb%netscape.com 8133fdd980 Fix script to run on certain unix platforms. 2000-07-17 22:34:30 +00:00
nelsonb%netscape.com 7dc037f3a3 Shorten this test so it completes in less time. 2000-07-17 22:33:46 +00:00
nelsonb%netscape.com bdf621e594 Fix mpp_pprime() so it doesn't stop after first succesful iteration. 2000-07-17 22:32:46 +00:00
nelsonb%netscape.com 88292a3a0d Add support for 32-bit digits (64-bit words) on platforms that can 
multiply two 32-bit values yielding a 64-bit product in hardware.
Fix bug in s_mp_div that computed a quotient digit q > DIGIT_MAX
when b > DIGIT_MAX/2 and b < a <= DIGIT_MAX.
 2000-07-17 22:31:18 +00:00
nelsonb%netscape.com 29b5ea6ec4 Elimintate type mismatch warning. 2000-07-17 22:23:23 +00:00
nelsonb%netscape.com 9ae84ceff8 Turn on MP_CRYPTO flag by default. Increase default size to 32 digits. 2000-07-17 22:22:28 +00:00
nelsonb%netscape.com 3e30ad8b50 Get file to work with SysV make on IRIX. 
Add .i target (preprocessor output).
 2000-07-17 22:21:42 +00:00
nelsonb%netscape.com 7ed5654089 MPI Arbitrary Precision Integer Arithmetic library. 
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
 2000-07-14 00:45:02 +00:00
relyea%netscape.com 2c08b2ae6c Fix memory leak when using hardware acceleraters. 2000-06-29 21:26:17 +00:00
chrisk%netscape.com 3902194f5b Added some comments and asserts 2000-06-21 18:12:02 +00:00
chrisk%netscape.com 92a3672caa Oops - fixed the fix. The prototype now correctly unpacks into a 
DHPublicKey structure.
 2000-06-21 00:04:38 +00:00
chrisk%netscape.com a83d527722 Fix OID for DC AVAs - the root OID in RFC2247 is not different from 
the root OID in RFC1274 - so the one we had was WRONG.
I don't know where it came from.
 2000-06-20 16:31:31 +00:00
chrisk%netscape.com 390a6f1dec Add code for generation of SMIMEProfile and SMIMEKeyEncryptionPreference 2000-06-20 16:28:59 +00:00
chrisk%netscape.com 23cd2f3659 First feeble attempt at fixing the problem that our definition of 
Diffie-Hellman key parameters does not encompass all the optional
fields defined in RFC2459, section 7.3.2 (namely j and validationParams).

I added comments reminding us of the fact that PQGParams need to be
extended to hold these, and fixed the ASN1 prototype from its previous
totally broken status to one that decodes prime, subPrime and base
correctly, and skips the rest.

This avoids failure in public key extraction (which is part of verification)
with DH certs.
 2000-06-20 16:22:36 +00:00
chrisk%netscape.com 3550ea9e23 Fix problem where DH certs were always rejected when verifying them 
for EMail encryption.
A Diffie-Hellman key needs to be tested for KU_KEY_AGREEMENT, not
KU_KEY_ENCIPHERMENT.
 2000-06-20 16:15:32 +00:00
chrisk%netscape.com c8e8241728 Fix bug in decoder: 
When encoding indefinitely & encountering an optional field at the end of
a sequence, right after an IMPLICIT or POINTER template, the decoder
was not propagating the optionalness and the end-of-contents condition
correctly as it hits the end-of-contents octets instead of the optional
field. This is because IMPLICIT and POINTER push TWO states to look
for the next tag, not just one.
(The first state is "afterImplicit" or "afterPointer", the second one
starts with "beforeIdentifier" as usual).
This finally makes decoding envelopedData messages in cmsutil work.
 2000-06-20 13:24:01 +00:00
thayes%netscape.com 4cd82c9914 Fix double free of item value that is in an arena. 2000-06-16 23:26:16 +00:00
chrisk%netscape.com 9f56a873d3 Add generation of SMIMECapabilities 2000-06-14 23:17:52 +00:00
chrisk%netscape.com 9cbdb3d252 Make example 5.7 of ietf-smime-examples draft decode correctly 
(we still cannot look up certs by SubjectKeyID, so it won't verify)
 2000-06-14 23:12:48 +00:00
chrisk%netscape.com f7113ab1b2 Merge smimetk_branch to tip... 2000-06-13 21:56:37 +00:00
relyea%netscape.com d43393b11b reuse old key structures on a given token rather than building it up and 
tearing it down every time.
 2000-06-13 21:37:28 +00:00
relyea%netscape.com 78671954d3 Reuse old Object structures rather than build and free them every time. 2000-06-13 21:34:52 +00:00
chrisk%netscape.com 67e0b44687 Fix DSA / BLAPI interface by creating stub functions that have the 
correct signature for being called via context->update or context->verify.
 2000-06-12 23:43:42 +00:00
mcgreer%netscape.com dd3dd4e3e1 added roots. 2000-06-12 22:39:02 +00:00
thayes%netscape.com 8d09de22cf Fix cleanup code in Decrypt to check for NULL pointers 2000-06-12 20:19:39 +00:00
thayes%netscape.com d562a12ca9 Add permanent (token) key for supporting Secret Decoder Ring (SDR) 
Bug 26085
 2000-06-10 19:00:45 +00:00
nelsonb%netscape.com 9d2744f5ce Carry forward fix from NSS 2.8 for servers that don't do ssl2. 2000-06-06 20:32:18 +00:00
mcgreer%netscape.com 8afb3c69cf fork content version between ns-branded builds and mozilla builds. 2000-06-02 22:35:29 +00:00
mcgreer%netscape.com 0307d81230 Allow for building with internal roots. 2000-06-02 18:37:53 +00:00
mcgreer%netscape.com 883e025f3d Allow for building with internal root certs. 2000-06-02 18:37:14 +00:00
thayes%netscape.com b2aa68c6fe Use PK11 fixed key lookup to locate the key value. Fix ENCRYPT/DECRYPT bug in 
SDR_Decrypt.
 2000-05-31 23:06:02 +00:00
relyea%netscape.com d6dd1b2540 Return to using the thread safe version. The non-thread safe version can double free memory 2000-05-31 22:37:17 +00:00
relyea%netscape.com 2900921f0d Fix bug which would have bypassed mac checking in TLS 2000-05-31 22:36:02 +00:00
mcgreer%netscape.com e771f6a310 fix static array (found with solaris 2.7 build) 2000-05-31 22:17:47 +00:00
thayes%netscape.com bbed546e6b Initial version of header for SDR wrappers 2000-05-27 03:31:51 +00:00
nelsonb%netscape.com 51de4ce7a6 Fix build on NT. Correct link order in PKCS11 directory. 2000-05-27 01:30:29 +00:00
nelsonb%netscape.com 211a572ab0 Add new implementation of the algorithm from RFC 2268. Fix some comments. 2000-05-27 01:29:35 +00:00
thayes%netscape.com 27d1adc752 Initial version of the PK11 wrappers for SDR. This version uses a fixed key id (0) 
and and 3DES key value.
 2000-05-26 22:24:01 +00:00
nelsonb%netscape.com 34ae72b37f Simplify and speed up client cache expiration detection. 2000-05-24 19:28:27 +00:00
nelsonb%netscape.com 0ea2ec3f99 Fix the logic in client and server to detect version roll-back attack, 
rolling back from TLS (SSL 3.1) to SSL 3.0.  Provide a new SSL socket
option to disable roll-back detection in servers, since certain TLS
clients are doing it incorrectly.
 2000-05-24 03:35:23 +00:00
nelsonb%netscape.com d14a82cbb8 Changes in support of corrected TLS rollback detection. 2000-05-24 03:31:44 +00:00
nelsonb%netscape.com a113e9ad8a Fix a transcription error that caused a crash. 2000-05-24 02:22:18 +00:00
mcgreer%netscape.com 1f8008ee85 Added calls for BSAFE 5.0 2000-05-23 22:15:25 +00:00
chrisk%netscape.com cc9a75cd14 Added RFC2630 OID values: 
SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = id-alg-ESDH
SEC_OID_CMS_3DES_KEY_WRAP                   = id-alg-CMS3DESwrap
SEC_OID_CMS_RC2_KEY_WRAP                    = id-alg-CMSRC2wrap
 2000-05-22 15:28:22 +00:00
chrisk%netscape.com 8a40c748ac Added SEC_ASN1DecodeInteger function 2000-05-22 15:24:20 +00:00
nelsonb%netscape.com 7e2567dffc Performance enhancement. Takes only 70% as long as previous version. 2000-05-19 22:14:38 +00:00
nelsonb%netscape.com b486d9d3d5 Fix sha_fast for 64-bit solaris and 64-bit Alpha. 2000-05-19 02:10:33 +00:00
mcgreer%netscape.com 5ca43c9e50 Changing MIN's and MAX's to PR_MIN, PR_MAX 2000-05-18 15:32:18 +00:00
mcgreer%netscape.com 1d3f68dd7e Changing all MIN's and MAX's to PR_MIN, PR_MAX 2000-05-18 15:30:12 +00:00
mcgreer%netscape.com aba66a5214 changing all MIN's and MAX's to PR_MIN, PR_MAX (MIN and MAX were defined in dbm). 2000-05-18 15:28:43 +00:00
nelsonb%netscape.com db1c7e8b35 Changes to ssl_EmulateSendFile suggested by Wan-Teh. 
See http://bugzilla.mozilla.org/show_bug.cgi?id=39011
 2000-05-18 01:32:53 +00:00
nelsonb%netscape.com 401cd644f6 In ssl3_GenerateSessionKeys() ensure params secitem always points to valid 
CK_SSL3_MASTER_KEY_DERIVE_PARAMS structure.  Bugzilla bug 39682.
 2000-05-18 00:41:38 +00:00
roeber%netscape.com 4c7240ff19 Detect at runtime when we're running with NSPR 1 and switch the thread-private-data calls accordingly. This lets our pkcs#11 modules be loaded into Communicator. 2000-05-17 20:19:24 +00:00
roeber%netscape.com bbe222523a If a database has not been given a label, return the filename so Communicator has *something* to show 2000-05-17 18:28:13 +00:00
mcgreer%netscape.com 40616e7038 fix some compiler warnings 2000-05-17 17:31:20 +00:00
mcgreer%netscape.com 1d9865e6d7 including md2 and md5 implementations in MOZILLA_SECURITY_BUILD 2000-05-16 23:05:47 +00:00
mcgreer%netscape.com 978cc868ef Performance enhancements for md5 implementation. 
+ unroll a loop in md5_compress
+ remove a superfluous variable
 2000-05-16 18:18:39 +00:00
relyea%netscape.com 984310dddf Change the attribute allocation scheme to a fixed array in the object. 2000-05-16 17:40:22 +00:00
relyea%netscape.com 0430e9e67e Add SSL and TLS to the slotlist search functions 2000-05-16 17:37:10 +00:00
relyea%netscape.com a46662c0d0 1) performance changes. 
a) do C_Decrypt in the handUnwrap case on it's own session so we don't
 single thread through the code.
	b) reuse the session created for the symKey when importing the key from data.

2) robustness changes.
	a) try different ways of getting the signature length if non-complient
 tokens don't present the modulus to us.
	b) Recover from state buffers changing sizes on us in the middle of
GetOperationState().
 2000-05-16 17:36:24 +00:00
relyea%netscape.com 9da670d592 Only output caching if we turn tracing on. 2000-05-16 17:28:31 +00:00
roeber%netscape.com 3cb835685f sync the database after writes 2000-05-16 01:55:20 +00:00
roeber%netscape.com 4c6e020a10 Properly deregister shadow objects of session objects 2000-05-16 01:54:46 +00:00
roeber%netscape.com 4b1bc871db Store object contents in network byte order, for database portability 2000-05-15 20:59:11 +00:00
roeber%netscape.com 84d6e244cd Use the public (cap-NSS) mutex calls, not the private ones 2000-05-15 20:58:19 +00:00
mcgreer%netscape.com 6342624688 Changed DestroyContext functions so that freeit means free everything or free nothing, not just the context pointer. 2000-05-15 20:54:35 +00:00
roeber%netscape.com d46ea0e2c3 First checkin of database module 2000-05-15 20:39:58 +00:00
mcgreer%netscape.com 50cdc7829c Add condition for BSAFE build. 2000-05-12 23:37:36 +00:00
mcgreer%netscape.com 0d6b5ee3a6 Initial checkin of implementations of MD2 and MD5. An empty definition of Diffie-Hellman to allow for building, more later. Changes to Makefile for building with BSAFE. 2000-05-12 23:35:06 +00:00
dougt%netscape.com 7dc028cf1e Minor changes to fix mac build bustages. 2000-05-12 18:43:28 +00:00
roeber%netscape.com 6416a1bd38 Adding CK_USHORT back in, for pedantic tests' sake 2000-05-09 18:57:58 +00:00
roeber%netscape.com 21d2b28567 Backing out accidental (recursive) commit 2000-05-09 18:35:24 +00:00
roeber%netscape.com 28dc429127 Added ckmd.h to private exports list 2000-05-09 18:31:16 +00:00
nelsonb%netscape.com e65d9f2223 Small optimization for RSA Server Key exchange message. Uses fewer PK11_ 
calls to do the job. Also, plug one mem leak in Fortezza code.
 2000-05-08 23:55:05 +00:00
mcgreer%netscape.com 48ae0ebe61 change to comment text 2000-05-05 00:50:38 +00:00
mcgreer%netscape.com 3e2a298606 Code to provide hooks to RSA's BSAFE licensed code. 2000-05-04 21:58:18 +00:00
roeber%netscape.com 739f76548f Getting session objects working. 2000-04-20 03:14:47 +00:00
roeber%netscape.com 93897a83fe Wait a minute, I was right the first time: I don't need to worry about 
endianness, that's a display problem.
 2000-04-19 22:07:09 +00:00
roeber%netscape.com db07e9f9cf Multiple changes to get the cryptoki framework and builtin-object 
module working:  1) C_GetFunctionList is always present; 2) fwObject
and fwSession now remember their handles on behalf of the fwInstance;
3) fwSessions are created before mdSessions, so the mdSession can
use the fwSession's arena; 4) finished implementing findObjects;
5) builtin constants are in network byte order; 6) libnssckbi.so
knows about and can pull in its dependencies (e.g. libnssckfw.so,
libnssb.so, and NSPR).
 2000-04-19 21:32:38 +00:00
roeber%netscape.com c71276e88d I missed a couple usages of nssUTF8_Size when its signature changed. 
Also made a pedantic check #ifdef PEDANTIC.
 2000-04-19 21:24:57 +00:00
roeber%netscape.com c7ce07669f Free from the beginning of the real block pointer, not the user's pointer. 2000-04-19 21:23:13 +00:00
nelsonb%netscape.com 967ed46e9f This file was not the source authorized by Paul Kocher of Cryptography 
Research Inc for release on Mozilla.  It has been replaced by sha_fast.c.
 2000-04-07 02:24:57 +00:00
nelsonb%netscape.com 81f283c678 Switch freebl to use the sha1 sources authorized by Paul Kocher of 
Cryptography Research Inc.
 2000-04-07 02:22:47 +00:00
nelsonb%netscape.com 2554f98616 Make additional performance improvements, especially for big endian CPUs. 2000-04-07 01:14:06 +00:00
repka%netscape.com 6f4b665973 Build new base64 encoder implementation. 2000-04-06 22:41:21 +00:00
repka%netscape.com 80689ecb46 Removed BTOA_ConvertItemToAscii (now defined in nssb64e.c, using new 
base64 encoder implementation).
 2000-04-06 22:38:27 +00:00
nelsonb%netscape.com 082f19af2f Convert to BLAPI interface. Make very minor optimizations. 2000-04-06 06:07:37 +00:00
nelsonb%netscape.com 6ad931fad9 Check in original SHA implementation sources on behalf of Paul Kocher Cryptography Research, Inc. paul@cryptography.com 2000-04-06 02:48:30 +00:00
repka%netscape.com 355556a555 Fixed some typos and inconsistencies. 2000-04-06 00:42:49 +00:00
repka%netscape.com 97cb8bcf38 First cut at replacement for base64 encoder. 2000-04-06 00:39:49 +00:00
repka%netscape.com 73b70ac5a7 - Added an error check and comment complementary to thayes's previous change 
(same as I had already made in my version, but he beat me to checking it in).
- Some miscellaneous clean-up (typos, really).
 2000-04-06 00:38:12 +00:00
thayes%netscape.com 48f0c9789e Initialize SECItem values in ATOB_ routines to avoid PR_Assert for previously 
allocated data buffers in the NSS versions of these routines.
 2000-04-06 00:26:24 +00:00
thayes%netscape.com 915877263f Change handling of hash table for OSCP hashes to delete both hash key and 
associated value in the hashtable "free entry" routine.  Fixes a memory leak.
(Re Netscape bug: 390117)
 2000-04-06 00:24:43 +00:00
nelsonb%netscape.com 8499f9c677 Change definition of $FILES. Don't include contents of CVS subdirectory. 2000-04-05 01:11:53 +00:00
relyea%netscape.com a3332a7b7f Make the stub sytem work for WIN NT as well as other unix platforms: 
1) fix compile issue in the stub maci.c file (change dllimports to dllexports).
	2) build a dll with matching lib to make the symbols all work.
 2000-04-04 23:49:50 +00:00
roeber%netscape.com ce5fd5acf0 Added a comment to the PORT character-conversion routines about 
network byte order.
 2000-04-04 18:27:34 +00:00
roeber%netscape.com 0f208ea997 Make the conversion routines handle network byte order, not host byte order. 2000-04-04 02:36:46 +00:00
relyea%netscape.com 0633919690 Use NSINSTALL instead of symbolic links so crypto works on NT builds as well. 2000-04-03 22:28:49 +00:00
roeber%netscape.com f59f634fdf typo I missed from last may 2000-04-03 21:58:53 +00:00
roeber%netscape.com 78c1cb10f0 the license boilerplate whompage induced a compile-blocking typo 2000-04-03 21:58:34 +00:00
relyea%netscape.com 5ff98f3f5a Adjust jzlib.h acquired for zlib.h to it builds in the .jar file. 
Add define in manistet to make it work.
 2000-03-31 20:56:10 +00:00
relyea%netscape.com 477a06c7b1 Create the Security link correctly. 2000-03-31 20:48:55 +00:00
relyea%netscape.com 9fd7059a19 Initial NSS Open Source checkin 2000-03-31 20:13:40 +00:00
relyea%netscape.com 8c4b7edd1d Initial NSS Open Source Checkin 2000-03-31 19:16:26 +00:00
relyea%netscape.com 3302748a42 Initial NSS Open source checkin 2000-03-31 19:14:40 +00:00