зеркало из https://github.com/mozilla/gecko-dev.git
696043affe
2019-11-13 J.C. Jones <jjones@mozilla.com> * lib/softoken/pkcs11c.c: Bug 1591363 - Fixup double-free of params in nsc_SetupPBEKeyGen r=keeler Caused in commit 7ef8d2604494. [87f35ba4c82f] [tip] 2019-11-07 Makoto Kato <m_kato@ga2.so-net.ne.jp> * lib/freebl/ctr.c: Bug 1592869 - Use NEON for ctr_xor. r=kjacobs Using NEON for ctr_xor, aes_ctr can improve 30%-40%i decode/encode time on Cortex-A72. [d244c7287908] 2019-11-12 Marcus Burghardt <mburghardt@mozilla.com> * gtests/pk11_gtest/pk11_pbkdf2_unittest.cc, lib/pk11wrap/pk11pbe.c, lib/pk11wrap/pk11skey.c, lib/softoken/pkcs11c.c: Bug 1591363 - PBKDF2 memory leaks in NSC_GenerateKey. r=jcj A memory leak was reported and confirmed in this bug. However, during the "manual" analysis of the flow, another possible leak was found. I created a patch for both leaks, added gtests for unexpected keySizes and adjusted the general syntax of the gtest file. [7ef8d2604494] 2019-11-11 Tom Prince <mozilla@hocat.ca> * automation/taskcluster/graph/src/extend.js, automation/taskcluster/windows/setup.sh: Bug 1594891 - Use tc-proxy for nss tooltool; r=dustin,jcj [c33b214b2ec8] 2019-11-08 Daiki Ueno <dueno@redhat.com> * gtests/ssl_gtest/ssl_dhe_unittest.cc, gtests/ssl_gtest/ssl_ecdh_unittest.cc, gtests/ssl_gtest/tls_connect.h, lib/ssl/ssl3con.c: Bug 1566131, check policy against hash algorithms used for ServerKeyExchange, r=mt Summary: This adds necessary policy checks in `ssl3_ComputeCommonKeyHash()`, right before calculating hashes. Note that it currently doesn't check MD5 as it still needs to be allowed in TLS 1.1 or earlier and many tests fail if we change that. Reviewers: mt Reviewed By: mt Bug #: 1566131 [c08947c6af57] 2019-11-08 Kai Engert <kaie@kuix.de> * coreconf/coreconf.dep: Dummy change, trigger a build to test latest NSPR commits. [e766899c72a5] * automation/taskcluster/graph/src/extend.js: Bug 1579836 - Execute NSPR tests as part of NSS continuous integration. r=jcj [46bfbabf7e75] 2019-11-08 Dustin J. Mitchell <dustin@mozilla.com> * automation/taskcluster/graph/npm-shrinkwrap.json, automation/taskcluster/graph/package.json, automation/taskcluster/graph/src/image_builder.js, automation/taskcluster/graph/src/queue.js, automation/taskcluster/scripts/tools.sh, automation/taskcluster/windows/gen_certs.sh, automation/taskcluster/windows/run_tests.sh: Bug 1594891 - Updates to run correctly on the new TC deployment r=jcj * Update the Taskcluster client used in the decision task to one that understands Taskcluster rootUrls. * Update scripts that fetch content to use the TASKCLUSTER_ROOT_URL * the absence of this variale signals an "old" worker so we use an "old" URL [67d630e7cb7c] 2019-11-07 Tom Prince <mozilla@hocat.ca> * .taskcluster.yml, automation/taskcluster/graph/src/extend.js, automation/taskcluster/graph/src/queue.js: Bug 1591275: Switch workers to use AWS Provder; r=kjacobs [a2bebaad41dd] 2019-11-06 Daiki Ueno <dueno@redhat.com> * gtests/pk11_gtest/pk11_module_unittest.cc: Bug 1577803, clang-format, a=bustage [c9014b2892d5] * gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/pkcs11testmodule.cpp, lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/secmodti.h, lib/util/pkcs11t.h: Bug 1577803, pk11wrap: set friendly flag if token implements CKP_PUBLIC_CERTIFICATES_TOKEN, r=rrelyea Summary: This makes NSS look for CKO_PROFILE object at token initialization time to check if it implements the [[ https://docs .oasis-open.org/pkcs11/pkcs11-profiles/v3.0/pkcs11-profiles-v3.0.pdf | Public Certificates Token profile ]] as defined in PKCS #11 v3.0. If it is found, the token is automatically marked as friendly so no authentication attempts will be made when accessing certificates. Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [b39c8eeabe6a] 2019-11-06 Martin Thomson <mt@lowentropy.net> * lib/freebl/blinit.c, lib/freebl/gcm-ppc.c: Bug 1566126 - clang-format, a=bustage [6125200fbc88] 2019-11-06 Lauri Kasanen <cand@gmx.com> * lib/freebl/Makefile, lib/freebl/altivec-types.h, lib/freebl/blapii.h, lib/freebl/blinit.c, lib/freebl/freebl.gyp, lib/freebl/gcm-ppc.c, lib/freebl/gcm.c, lib/freebl/gcm.h: Bug 1566126 - freebl: POWER GHASH Vector Acceleration, r=mt Implementation for POWER8 adapted from the ARM paper: https://conradoplg.cryptoland.net/files/2010/12/gcm14.pdf Benchmark of `bltest -E -m aes_gcm -i tests/aes_gcm/plaintext10 \ -v tests/aes_gcm/iv10 -k tests/aes_gcm/key10 -5 10` on POWER8 3.3GHz. NSS_DISABLE_HW_CRYPTO=1 mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 309Mb 192 5M 0 0.000 10000.000 10.001 30Mb mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 829Mb 192 14M 0 0.000 10000.000 10.001 82Mb Notable operf results, sw: samples % image name symbol name 226033 59.3991 libfreeblpriv3.so bmul 80606 21.1824 libfreeblpriv3.so rijndael_encryptBlock128 28851 7.5817 libfreeblpriv3.so gcm_HashMult_sftw hw: 213899 56.2037 libfreeblpriv3.so rijndael_encryptBlock128 45233 11.8853 libfreeblpriv3.so gcm_HashMult_hw So the ghash part is ~5.6x faster. Signed-off-by: Lauri Kasanen <cand@gmx.com> [3d7e509d6d20] 2019-11-05 Marcus Burghardt <mburghardt@mozilla.com> * lib/certdb/certdb.c, lib/util/secport.h: Bug 1589073 - Use of new PR_ASSERT_ARG in certdb.c. r=mt Bug 1588015 introduced in NSPR a new way to ASSERT values where the arguments are always used avoiding "unused variable" errors. This was implemented in NSS, at certdb.c. [73c28cad3dbb] 2019-11-05 Daiki Ueno <dueno@redhat.com> * cpputil/nss_scoped_ptrs.h, gtests/manifest.mn, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/Makefile, gtests/pkcs11testmodule/config.mk, gtests/pkcs11testmodule/manifest.mn, gtests/pkcs11testmodule/pkcs11testmodule.cpp, gtests/pkcs11testmodule/pkcs11testmodule.def, gtests/pkcs11testmodule/pkcs11testmodule.gyp, gtests/pkcs11testmodule/pkcs11testmodule.rc, nss.gyp: Bug 1577803, gtests: import pkcs11testmodule from Firefox, r=rrelyea Summary: This adds a mock PKCS #11 module from Firefox and add basic tests around it. This is needed for proper testing of PKCS #11 v3.0 profile objects (D45669). Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [0a86945adf74] Differential Revision: https://phabricator.services.mozilla.com/D52779 --HG-- extra : moz-landing-system : lando |
||
|---|---|---|
| .. | ||
| ecl | ||
| mpi | ||
| verified | ||
| Makefile | ||
| aes-armv8.c | ||
| aes-armv8.h | ||
| aes-x86.c | ||
| aeskeywrap.c | ||
| alg2268.c | ||
| alghmac.c | ||
| alghmac.h | ||
| altivec-types.h | ||
| arcfive.c | ||
| arcfour-amd64-gas.s | ||
| arcfour-amd64-masm.asm | ||
| arcfour-amd64-sun.s | ||
| arcfour.c | ||
| blake2b.c | ||
| blake2b.h | ||
| blapi.h | ||
| blapii.h | ||
| blapit.h | ||
| blinit.c | ||
| blname.c | ||
| camellia.c | ||
| camellia.h | ||
| chacha20poly1305.c | ||
| chacha20poly1305.h | ||
| cmac.c | ||
| cmac.h | ||
| config.mk | ||
| crypto_primitives.c | ||
| crypto_primitives.h | ||
| ctr.c | ||
| ctr.h | ||
| cts.c | ||
| cts.h | ||
| des.c | ||
| des.h | ||
| desblapi.c | ||
| det_rng.c | ||
| det_rng.h | ||
| dh.c | ||
| drbg.c | ||
| dsa.c | ||
| ec.c | ||
| ec.h | ||
| ecdecode.c | ||
| exports.gyp | ||
| fipsfreebl.c | ||
| freebl.def | ||
| freebl.gyp | ||
| freebl.rc | ||
| freebl_base.gypi | ||
| freebl_hash.def | ||
| freebl_hash_vector.def | ||
| freeblver.c | ||
| gcm-aarch64.c | ||
| gcm-ppc.c | ||
| gcm-x86.c | ||
| gcm.c | ||
| gcm.h | ||
| genload.c | ||
| hmacct.c | ||
| hmacct.h | ||
| intel-aes-x64-masm.asm | ||
| intel-aes-x86-masm.asm | ||
| intel-aes.h | ||
| intel-aes.s | ||
| intel-gcm-wrap.c | ||
| intel-gcm-x64-masm.asm | ||
| intel-gcm-x86-masm.asm | ||
| intel-gcm.h | ||
| intel-gcm.s | ||
| jpake.c | ||
| ldvector.c | ||
| loader.c | ||
| loader.h | ||
| lowhash_vector.c | ||
| manifest.mn | ||
| md2.c | ||
| md5.c | ||
| mknewpc2.c | ||
| mksp.c | ||
| nsslowhash.c | ||
| nsslowhash.h | ||
| pqg.c | ||
| pqg.h | ||
| rawhash.c | ||
| ret_cr16.s | ||
| rijndael.c | ||
| rijndael.h | ||
| rijndael32.tab | ||
| rijndael_tables.c | ||
| rsa.c | ||
| rsapkcs.c | ||
| secmpi.h | ||
| secrng.h | ||
| seed.c | ||
| seed.h | ||
| sha-fast-amd64-sun.s | ||
| sha256.h | ||
| sha512.c | ||
| sha_fast.c | ||
| sha_fast.h | ||
| shsign.h | ||
| shvfy.c | ||
| stubs.c | ||
| stubs.h | ||
| sysrand.c | ||
| tlsprfalg.c | ||
| unix_rand.c | ||
| unix_urandom.c | ||
| win_rand.c | ||