mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
164 537 коммитов 40 Ветки 136 Теги 1,1 GiB
Граф коммитов

3955 Коммитов

Автор SHA1 Сообщение Дата
glen.beasley%sun.com 8133edd3dc 318970 wtc fix for RSA fipstest using RSA_HashSign r=neilW sr= brelyea 2006-03-25 23:45:23 +00:00
rrelyea%redhat.com e0e96b99fd Bug 321350 Implement optimized code for NIST Suite B elliptic curves 
r=douglas r=vipul
 2006-03-24 22:55:51 +00:00
nelson%bolyard.com 84418c784c Backout changes for bug 321350 
Implement optimized code for NIST Suite B elliptic curves
Those changes broke the build on Solaris.  r=Sheriff Nelson
 2006-03-24 09:08:24 +00:00
rrelyea%redhat.com 22f4437ae4 321350 Implement optimized code for NIST Suite B elliptic curves 
r=douglas.
 2006-03-23 19:55:37 +00:00
rrelyea%redhat.com f368fa9bc8 Bug 238051 Enable SSL session reuse for ECC cipher suites 
r=nelson r=thomas.

patch in bug + white space changes suggested by nelson.
 2006-03-22 19:18:30 +00:00
rrelyea%redhat.com 5cdb03b3a0 Updated previous patch with douglas's input. (still bug 323817 
Truncation of hashes for ECDSA should be done at bit level, not octet level).
r= vipul r=douglas
 2006-03-22 19:02:06 +00:00
rrelyea%redhat.com 4f7109ca35 Bug 273637 3 locks in softoken have unsafe initialization 
r=alexi r=julien
 2006-03-21 19:36:53 +00:00
rrelyea%redhat.com 1df4844d30 Correct bug entry: 
25683 EC param parsing error not propagated correctly
r=andreas.
 2006-03-21 19:33:52 +00:00
rrelyea%redhat.com 05bebd6e05 Backing out previous changes that invalid or incorrect log entries for this 
patch.
 2006-03-21 19:30:10 +00:00
rrelyea%redhat.com 5560cefbe0 *** empty log message *** 2006-03-21 19:23:30 +00:00
rrelyea%redhat.com a8ad190dbf Bug 273637 3 locks in softoken have unsafe initialization 
r=alexi r=julien
 2006-03-21 02:28:48 +00:00
nelson%bolyard.com b90e7c50e0 Avoid stack overflow while generating primes. Bug 310145. r=wtchang 2006-03-19 05:09:30 +00:00
rrelyea%redhat.com 6b22522ae5 Bug 238051 Enable SSL session reuse for ECC cipher suites 
r=nelson
 2006-03-17 21:15:09 +00:00
rrelyea%redhat.com a3d27aefe2 Bug 329072 client sometimes fails to authenticate despite having cert 
r= nelson
 2006-03-17 20:44:23 +00:00
rrelyea%redhat.com 27b4c6e8f2 Bug 323817 Truncation of hashes for ECDSA should be done at bit level, not octet level 
r=vipul.gupta@sun.com
 2006-03-17 16:58:06 +00:00
rrelyea%redhat.com b4f12c8c77 Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails 
Use SEC_GetSignatureAlgorithmOidTag() to map to the signature oid.
r=wtc
 2006-03-15 21:46:24 +00:00
rrelyea%redhat.com 338d439f2f Bugzilla Bug 326503 producing a ProofOfPossession signature on a EC CRMF fails 
patch makes SHA1 the default hashing for RSA rather than MD5.
patch by wtc r=rrelyea.
 2006-03-15 21:42:21 +00:00
rrelyea%redhat.com aedc2aa4dd bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined 
r=wtc
 2006-03-15 19:22:32 +00:00
rrelyea%redhat.com 415567e012 bug 329058 mpmontg.c doesn't compile when MP_CHAR_STORE_SLOW is defined 
r=wtc
 2006-03-15 19:13:12 +00:00
nelson%bolyard.com ec2c925bf4 Bug 324448. Convert mpi_x86.asm to mpi_x86_asm.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre sr=nelson@bolyard.com
 2006-03-10 06:48:46 +00:00
nelson%bolyard.com 02e3d7578a Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
 2006-03-09 23:50:43 +00:00
nelson%bolyard.com 312856d27c Bug 324448. Convert mpi_x86.asm to mpi_x86.c for Win32 built with MSVC. 
Patch contributed by Benjamin Smedberg <benjamin@smedbergs.us>
r=julien.pierre  sr=nelson@bolyard.com
 2006-03-09 23:46:45 +00:00
nelson%bolyard.com c6858ae1e4 Bug 329002. fix cert reference leak. r=alexei.volkov,rrelyea 2006-03-09 23:38:57 +00:00
christophe.ravel.bugs%sun.com b458a866f2 Bugzilla 324887: merge ECC and non-ECC QA test scripts. 
Add return code and error message for ssl_stress and ssl_cov.
r=vipul, sr=nelson.
 2006-03-08 00:47:28 +00:00
wtchang%redhat.com 4951f5bfdc Bugzilla Bug 329575: ECPoint_mul should multiply a point by the group order 
faithfully because this operation is required by the public key validation
algorithm.  r=douglas.stebila,vipul.gupta.
 2006-03-08 00:19:34 +00:00
wtchang%redhat.com 4d4f8dd3de Bugzilla Bug 320578: added a new function ec_GenerateRandomPrivateKey to 
generate a random private key without bias using the algorithm of FIPS
186-2 Change Notice 1, and use it to generate EC private key d and ECDSA
ephemeral private key k.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca> and improved by me. r=douglas.stebila,vipul.gupta.
 2006-03-06 23:48:39 +00:00
wtchang%redhat.com 4f233bf7c1 Bugzilla Bug 324887: The previous checkin introduced a comment bug. A 
comment line must begin with exactly one '#' character followed by white
space.
 2006-03-03 22:10:30 +00:00
wtchang%redhat.com 7c9d71030c Bugzilla Bug 324887: merged ECC and non-ECC QA test scripts and removed 
ECC QA test scripts.  The patch is written by Vipul Gupta and Christophe
Ravel of Sun. r=wtc,nelsonb,jpierre
Modified Files:
	cert/cert.sh smime/smime.sh ssl/ssl.sh ssl/sslauth.txt
	ssl/sslcov.txt ssl/sslstress.txt tools/tools.sh
Removed Files:
	fixtests.sh cert/eccert.sh smime/ecsmime.sh ssl/ecssl.sh
	ssl/ecsslauth.txt ssl/ecsslcov.txt ssl/ecsslstress.txt
	tools/ectools.sh
 2006-03-03 20:06:03 +00:00
wtchang%redhat.com e1c95dc9e4 Bugzilla bug 326482: code cleanup: ssl3_NewKeyPair should not create a key 
pair with only one key. r=nelson.bolyard.
 2006-03-03 18:48:09 +00:00
wtchang%redhat.com db54a3ba4d Bugzilla bug 326482: removed incorrect comments. r=nelson.bolyard. 2006-03-03 18:45:54 +00:00
nelson%bolyard.com 83ae991c8d Fix standalone mpi Makefile to build on OS/X. Bug 327405. 
Patch contributed by Douglas Stebila <douglas@stebila.ca>
 2006-03-03 04:21:56 +00:00
nelson%bolyard.com dd859170b7 Bug 327677. Fix cert object reference leak. r=julien.pierre,nelson 
Patch contributed by Alexei Volkov <alexei.volkov.bugs@sun.com>
 2006-03-03 04:00:49 +00:00
wtchang%redhat.com 10904973ae Bug 236613: change to MPL/LGPL/GPL tri-license. 2006-03-02 22:48:55 +00:00
wtchang%redhat.com 86add9f57e Bugzilla Bug 320589: fixed PK11_SignatureLen to return the exact length of 
ECDSA signatures.  Backed out a temporary workaround in
ECDSA_SignDigestWithSeed.  Made other changes related to signature lengths.
r=relyea,nelson.bolyard.
Modified Files:
	cryptohi/keyhi.h cryptohi/seckey.c cryptohi/secsign.c
	freebl/ec.c pk11wrap/pk11obj.c pk11wrap/pk11pub.h
	ssl/ssl3con.c
 2006-03-02 00:07:08 +00:00
wtchang%redhat.com 239b405b14 Bugzilla Bug 326403: use "Mozilla Foundation" as the manufacturer or 
producer of our shared libraries/DLLs.  Removed the optional copyright
notices from our DLLs. r=relyea,jpierre.
Modified Files:
	lib/ckfw/builtins/constants.c lib/ckfw/builtins/nssckbi.rc
	lib/ckfw/capi/nsscapi.rc lib/ckfw/dbm/instance.c
	lib/freebl/freebl.rc lib/nss/nss.rc lib/smime/smime.rc
	lib/softoken/pkcs11.c lib/softoken/softokn.rc lib/ssl/ssl.rc
 2006-03-01 19:44:36 +00:00
rrelyea%redhat.com c9bd3d91a9 Remove mp_init/mp_clear calls (and potential mallocs,frees and zeros) 
in tight loops for bug #326482

r=nelson
 2006-03-01 17:09:17 +00:00
rrelyea%redhat.com 53ae20dc78 bug 326482 Implement the derive sensitive only for those derivation functions that require it. 
fixes a performance problem with ECDH.

r=wtchang, nelson.
 2006-03-01 16:12:22 +00:00
nelson%bolyard.com f39afabe6b Bug 327405. Correct EC keypair Generation. r=vipul.gupta,nelson.bolyard 
Patch contributed by Douglas Stebila <douglas@stebila.ca>
 2006-03-01 07:06:24 +00:00
nelson%bolyard.com 68bf5f0340 Bug 328262. Increment ssl3 statistics counters atomicly. r=wtchang,julien.pierre 2006-03-01 05:45:45 +00:00
wtchang%redhat.com e1f071ebf1 Bugzilla Bug 327978: removed obsolete files, superseded by the ecl 
directory.  r=douglas.stebila.
Removed files: GF2m_ecl.c GF2m_ecl.h GFp_ecl.c GFp_ecl.h
 2006-02-28 23:43:19 +00:00
nelson%bolyard.com 969236afbb Bug 326315. Warning Reduction. On TRUNK only. r=Julien.Pierre 2006-02-28 05:56:07 +00:00
nelson%bolyard.com d91164bf0e Bug 325683. EC param parsing error not propagated correctly. 
Fix the cases that Andreas identified.  Patch by Andreas.Sterbenz@sun.com
r=Julien,wtchang,nelson
 2006-02-28 05:44:56 +00:00
nelson%bolyard.com 61b48c1f2f Bug 326690. Enable modutil to configure default slots for the 
AES, SHA256 or SHA512 mechanisms.  r=rrelyea,julien.pierre
 2006-02-28 05:16:00 +00:00
nelson%bolyard.com 2f2900ce2e Bug 327105. Reintroduce an old bug that prevents _DHE_ cipher suites 
from being negotiated by NSS servers.  Necessary until the server side
of the _DHE_ cipher suites is fully implemented.  r=Julien,Wan-Teh,Vipul
 2006-02-28 04:20:23 +00:00
wtchang%redhat.com dff8039a7a Bugzilla Bug 320038: checked in a better fix that allows us to write 
EC domain parameters as hex strings with leading 00's. r=douglas.stebila
sr=relyea.
Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
 2006-02-27 23:18:34 +00:00
wtchang%redhat.com 6272976cfc Bugzilla Bug 328228: fixed the typo "secp169k1". The patch is contributed 
by jyri <jyri.virkki@sun.com>. r=wtc,vipul.gupta.
Modified files: bltest/blapitest.c certutil/certutil.c
 2006-02-22 22:15:57 +00:00
christophe.ravel.bugs%sun.com f6ee50a1b0 Change NSS version to 3.12 Beta on the tip. 2006-02-22 21:22:54 +00:00
wtchang%redhat.com 5a28fa6cbc Bugzilla Bug 326754: the previous checkin made us fail the NIST DSA PQGGen 
test for [mod = 768] only.  Backed out the more likely culprit.
 2006-02-22 02:12:09 +00:00
wtchang%redhat.com 0c86eb4eee Bugzilla Bug 327529: unnamed arguments (third and after) for CERT_CreateRDN 
must have the correct CERTAVA * type because compilers can't do automatic
type conversions. r=nelsonb,jpierre.
Modified files: alg1485.c secname.c
 2006-02-20 23:06:55 +00:00
wtchang%redhat.com b3c171eb42 Renamed DSA_TEST_SEED_BYTES to PQG_TEST_SEED_BYTES. 2006-02-18 02:39:12 +00:00
wtchang%redhat.com f84184efdf Bugzilla Bug 327384: fixed an off-by-one error in the size of the 'genenc' 
array.  The patch is contributed by Andreas Sterbenz
<Andreas.Sterbenz@sun.com>. r=wtc,nelsonb
 2006-02-16 22:33:13 +00:00
glen.beasley%sun.com ea2bb064f4 fix by wan-teh for RSA siggen tests r=glen 2006-02-16 01:50:55 +00:00
wtchang%redhat.com e49bf918fc Bugzilla Bug 318967: use 160-bit SEED when generating DSA domain parameters 
(PQG).  Removed unused keySizeIndex variables. Handle the return value and
result output parameter of PQG_VerifyParams separately. Pad H with leading
0's when printing. r=glen.beasley.
 2006-02-16 01:28:35 +00:00
julien.pierre.bugs%sun.com 50ed7e0d79 Fix for bug 321765. Allow NSS to decode certs with unsupported critical extensions. r=wtchang,nelson,rrelyea. 2006-02-16 00:06:24 +00:00
alexei.volkov.bugs%sun.com 5156715044 [Bug 326963] Interoperability test with apache/mod_ssl: tstclnt 
produces: assertion failure: secmod_PrivateModuleCount == 0; r=nelson, sr=julie
n
 2006-02-15 22:22:32 +00:00
wtchang%redhat.com 3bd336da98 Bugzilla Bug 318962: fixed signed/unsigned comparison warnings by MSVC. 
r=glen.beasley.
 2006-02-15 19:14:09 +00:00
wtchang%redhat.com 88f7f20136 Bugzilla Bug 318968: more ECDSA test cleanup. Do not zeroize when freezing 
ECParams' arenas.  Use EC_CopyParams to copy ECParams to an EC public key
and allocate the public key's value from the same arena. r=glen.beasley.
 2006-02-15 19:06:51 +00:00
wtchang%redhat.com 44d4dbe3f6 Bugzilla Bug 326754: fixed two minor bugs related to the h parameter in 
PQG parameter generation. r=nelsonb,glen.beasley.
 2006-02-14 03:04:57 +00:00
wtchang%redhat.com cb0068da5a Bugzilla Bug 326144: need to zeroize a SECItem that contains a copy of the 
secret key. r=relyea,jpierre.
 2006-02-14 02:55:09 +00:00
wtchang%redhat.com f0bf04743d Bugzilla bug 326751: CKR_SIGNATURE_INVALID is a much better default error 
code for NSC_VerifyRecover than CKR_DEVICE_ERROR is. r=relyea.
 2006-02-11 02:03:25 +00:00
glen.beasley%sun.com a2642d5f53 318970 RSA sigver test fix r=wan-teh 2006-02-10 23:27:38 +00:00
rrelyea%redhat.com 4266eddd80 Bugzilla Bug 326482 NSS ECC performance problems. 
Patch by Nelson, r=relyea.

Save the public key when we create the keypair so we can use it later.
 2006-02-10 19:39:53 +00:00
rrelyea%redhat.com fc19f10d2e Bugzilla Bug 326482 NSS ECC performance problems. 
r=nelsonb
Fix bug where ECC keys were not being copied on server startup
 2006-02-10 18:54:58 +00:00
neil.williams%sun.com 99a30b78f0 Bug 325657, r=Nelson,Wan-Teh, Unset ECL_USE_FP INT Solaris SPARC freebl 2006-02-10 04:38:05 +00:00
rrelyea%redhat.com 9a4d9a97c2 Bug 320187 NSC_WrapKey called with null output returns short length 
r=nelsonb
 2006-02-09 19:54:22 +00:00
neil.williams%sun.com 9caf87f451 Bug #325682, Adds -Wl,-rpath to link step for Linux distributions 
r=Nelson, sr=Wan-Teh
 2006-02-09 00:12:17 +00:00
rrelyea%redhat.com a855b8fda9 Bug 320583 Support for SHA256/384/512 with ECC signing 2006-02-08 06:14:31 +00:00
julien.pierre.bugs%sun.com 7111e6ebf7 Fix for bug 326144 . softoken leaks in nsc_pbe_key_gen. r=nelson, rrelyea 2006-02-07 00:43:31 +00:00
wtchang%redhat.com dbb143b269 Bugzilla Bug 318967: fixed compiler warnings, most of which were char * 
and unsigned char * mismatches. r=glen.beasley.
 2006-02-04 06:39:44 +00:00
kaie%kuix.de 6e44613a74 Fix build bustage, change // comment to /* */ 2006-02-03 20:22:52 +00:00
kaie%kuix.de 93dc217dd8 bug 152426, delegation of HTTP download for OCSP 
r=julien.pierre, r=rrelyea
 2006-02-03 18:14:49 +00:00
neil.williams%sun.com b36cd3eaef bug 245518 r=nelson, fix for p12 files encoded with null PWs 2006-02-02 20:26:03 +00:00
nelson%bolyard.com d4b05e6bb3 Work around bug 292285: don't encode x400 addresses, don't print CRL contents 
r=julien.pierre
 2006-02-02 07:56:19 +00:00
wtchang%redhat.com 3dc55f1174 Allow CKM_ECDSA_SHA1 to be multipart. Bug 325494. 
Patch contributed by Andreas Sterbenz <Andreas.Sterbenz@sun.com>
r=nelsonb,relyea,wtc.
 2006-02-02 07:21:56 +00:00
alexei.volkov.bugs%sun.com a2cde1a2cd [Bug 325307] infinite loop in SECU_FindCrlIssuer. r=julien 2006-02-02 02:45:02 +00:00
alexei.volkov.bugs%sun.com 81fbb31a8a [Bug 324878] crlutil -L outputs false CRL names. r=julien 2006-02-02 02:35:07 +00:00
alexei.volkov.bugs%sun.com bc7dfc231d 325305: minor memory leak in CERT_FindCertByNameString. r=wtc 2006-02-02 00:57:54 +00:00
wtchang%redhat.com ca31a3a1e8 Bugzilla Bug 318966: implemented the tests for the NIST RNG Validation 
System.  r=glen.beasley.
Modified file: fipstest.c
Added file: rng.sh
 2006-02-01 21:28:25 +00:00
wtchang%redhat.com 2deab42637 Bugzilla Bug 318966: added two RNG functions FIPS186Change_GenerateX and 
FIPS186Change_ReduceModQForDSA to blapi.h for the NIST RNG Validation
System. r=relyea,nelsonb.
Modified files: blapi.h ldvector.c loader.c loader.h prng_fips1861.c
 2006-02-01 21:18:44 +00:00
rrelyea%redhat.com fd80d52937 Bug 319619 "large" ECC private keys cannot be exported through PKCS #11 
1) Change the export encrypted private key function to ask the token the wrap
size rather than trying to figure it out ourselves.

2) Fix the soften to correctly return the size.


r=wtc, nelsonb
 2006-02-01 16:43:47 +00:00
glen.beasley%sun.com 24f377f7dd 318970 RSA FIPS tests r=wan-teh sr=bobRelyea 2006-01-31 00:49:40 +00:00
glen.beasley%sun.com e3acf26812 318970 RSA FIPS tests r=wan-teh sr=bobRelyea 2006-01-31 00:49:02 +00:00
glen.beasley%sun.com e5919f82cb 318970 RSA FIPS Alg Tests r=wan-teh, sr=bRelyea 2006-01-30 19:58:52 +00:00
nelsonb%netscape.com e4ed0ba860 Fix broken build, caused by c++ style comment in c code. 2006-01-28 02:38:07 +00:00
nelsonb%netscape.com 3360534c6e Set SSL2 and SSL3 timeout times properly for SSL server session cache. 
Bug 223242. r=jullien.pierre
 2006-01-28 02:21:31 +00:00
glen.beasley%sun.com decef2ce52 328967 DSA FIPS tests r=Wan-Teh 2006-01-27 18:53:07 +00:00
wtchang%redhat.com 47f924a72a Removed a blank line that broke the ssl_stress function in ecssl.sh, which 
cannot handle blank lines.
 2006-01-27 18:44:13 +00:00
wtchang%redhat.com ca32c95cb1 Bugzilla Bug 320589: temporary workaround for SEC_SignData ECDSA signature 
generation bug introduced by the previous checkin.
 2006-01-26 23:51:42 +00:00
wtchang%redhat.com dc090904ca Removed an extraneous semicolon after the last parameter in a function 
declaration.
 2006-01-26 23:21:39 +00:00
nelsonb%netscape.com 91dc066263 Remove unnecessary ISALIST test from sparc versions of freebl DSOs. 
Bug 302658. r=jullien.pierre,wtchang
 2006-01-22 08:43:57 +00:00
nelsonb%netscape.com c600655628 Make dbck Debug mode work with Softoken. Bug 323570. r=rrelyea. 2006-01-22 06:54:34 +00:00
nelsonb%netscape.com 84f7a58b5e Don't use variables as structure initializers. Bug 274512. Fix build 
on HPUX.  r=julien.pierre,wtchang
 2006-01-22 06:42:14 +00:00
nelsonb%netscape.com 3ab06bd1bf Detect certdb reference leaks at shutdown with assertions. Bug 324103. 
r=rrelyea.
 2006-01-22 06:36:36 +00:00
wtchang%redhat.com de87a39bcf Bugzilla Bug 323977: use the "mapfile" (ld version script) on FreeBSD. 
Build the freebl shared libraries with the -Bsymbolic flag for GNU ld.
r=nelsonb.  Thanks to Glenn Randers-Pehrson <glennrp@imagemagick.org> for
reporting this bug and verifying these changes.
Modified files: coreconf/FreeBSD.mk nss/lib/freebl/Makefile
 2006-01-21 02:33:33 +00:00
nelsonb%netscape.com 0379858bcd Plug a cert DB reference leak in softoken, related to trust objects. 
Bug 324103, r=rrelyea
 2006-01-21 02:23:42 +00:00
wtchang%redhat.com 035d4d364f Bugzilla Bug 320589: miscellaneous code cleanup: distinguish between the 
length of the field size and the length of the base point order.  Report
better error codes.  In ECDSA_VerifyDigest, removed unnecessary local
variables and be lenient in the signature lengths we accept.
r=relyea,nelsonb
 2006-01-21 02:14:46 +00:00
julien.pierre.bugs%sun.com bce474d96e Fix for bug 317856 . uninitialized variable correction. r=wtchang 2006-01-20 22:55:15 +00:00
nelsonb%netscape.com 0521005f8e Detect NULL server key pair pointer. Bug 321161. r=wtchang. 2006-01-20 17:40:21 +00:00
julien.pierre.bugs%sun.com b9bbd71bdd Fix for bug 317856 . compiler warnings in strsclnt 2006-01-20 00:43:23 +00:00
rrelyea%redhat.com e88416641f Bugzilla Bug 95323. Conditionally compile nsscapi. 
r=julien
 2006-01-19 19:55:28 +00:00
nelsonb%netscape.com c10ca51cd5 change QA test order to be bottom-up. Bug 309412. r=jullien.pierre 2006-01-19 11:59:56 +00:00
nelsonb%netscape.com 81262a171f Back out last change, which broke the build. 2006-01-19 02:34:12 +00:00
nelsonb%netscape.com 0c53a2cee8 Prevent crash when making new cert8.db from old cert5.db. 
This is not the final solution, but it works.
Bug 320029. r=rrelyea,sr=julien.pierre.  On TRUNK.
 2006-01-19 02:16:30 +00:00
nelsonb%netscape.com 9e6bb5e04e Add new function nsslowcert_DecodeAnyDBEntry. Correct the union 
certDBEntry by adding the missing members. Bug 323570. r=rrelyea.
 2006-01-19 02:09:37 +00:00
nelsonb%netscape.com e601c1afd7 Softoken will no longer generate excessive key material for some SSL3 
cipher suites.  Bug 274512. r=rrelyea.
 2006-01-19 01:12:53 +00:00
wtchang%redhat.com feef0984c4 Bugzilla Bug 318217: use the new NSPR functions PR_EmulateAcceptRead and 
PR_EmulateSendFile added in NSPR 4.1.  r=nelsonb.
Modified files: manifest.mn sslimpl.h sslsock.c
Removed file: emulate.c
 2006-01-18 23:06:57 +00:00
julien.pierre.bugs%sun.com cf6fab0ce0 Fix for bug 319495 . Clean up Makefiles for command-line tools. r=nelson 2006-01-18 22:44:39 +00:00
wtchang%redhat.com bfb0b53c24 Bugzilla Bug 323379: need to set ADDON_PATH for libsoftokn3.so to load 
libfreebl3.so as an add-on on BeOS.  Thanks to Doug Shelton
<doug@sheltonfamily.org>for reporting the bug and verifying the fix.
r=christophe.ravel.
 2006-01-18 20:56:28 +00:00
rrelyea%redhat.com 129a80aa06 NSS ECDSA can only sign SHA-1 bug 320583 
r=nelson patch ammended to change SHA-1 to HASH per wtc comment.
 2006-01-17 00:38:59 +00:00
wtchang%redhat.com 0c4d029490 Bugzilla Bug 320497: indicate that we don't need an executable stack. 
r=wolfgang.rosenauer,jpierre.
Modified files: arcfour-amd64-gas.s mpi/mpi_amd64_gas.s
 2006-01-13 17:33:10 +00:00
alexei.volkov.bugs%sun.com af798d22c0 HP and AIX cert extension tests failure fix. 2006-01-13 07:59:31 +00:00
wtchang%redhat.com 21d4070e16 Bugzilla Bug 323079: when libsoftoken and libssl load the freebl library, 
first try without resolving symlinks.  If we fail to load the library and
the pathname is a symbolic link, resolve the symbolic link and try again.
r=jpierre. sr=relyea.
 2006-01-12 23:46:31 +00:00
alexei.volkov.bugs%sun.com c9cb870d39 cert extension test for 53229: certutil should not use gets(). julien:review+ 2006-01-12 01:09:03 +00:00
wtchang%redhat.com e43ae180d6 Bugzilla Bug 318968: fixed the build error with NSS_ENABLE_ECC unset. 
Modified files: Makefile fipstest.c
 2006-01-05 21:49:05 +00:00
julien.pierre.bugs%sun.com 2b8116135c Fix the build busted by checkin for bug 318968 2005-12-23 03:14:36 +00:00
wtchang%redhat.com a9a0f1c1b2 Bugzilla Bug 318968: added FIPS ECDSA algorithm test. r=glen.beasley. 
Modified file: fipstest.c
Added file: ecdsa.sh
 2005-12-22 22:22:17 +00:00
wtchang%redhat.com 4102e295a8 Bugzilla Bug 318962: combined a PORT_Realloc and a memset call into an 
equivalent PORT_ZAlloc call.  r=glen.beasley.
 2005-12-22 22:19:03 +00:00
wtchang%redhat.com 7af58c4ead Bugzilla bug 318962: it is legal for PORT_Realloc(oldptr, 0) to return 
NULL, so that shouldn't be treated as a memory allocation failure.
 2005-12-22 01:39:17 +00:00
glen.beasley%sun.com 6392f0b284 318958 fixing c++/java comment to C 2005-12-21 00:29:44 +00:00
glen.beasley%sun.com 827078f238 318958 fixing Monte Carlo test r=Wan-Teh 2005-12-21 00:13:52 +00:00
glen.beasley%sun.com 0820769573 318962 buffer fix for SHA Monte Carlo tests r=wan-teh 2005-12-20 18:20:50 +00:00
wtchang%redhat.com 45db1b5756 Bugzilla Bug 317052: removed the obsolete file lib/base/whatnspr.c from 
CVS.  r=relyea.
Modified Files:
	base.h error.c manifest.mn
Removed Files:
	whatnspr.c
 2005-12-19 17:53:28 +00:00
wtchang%redhat.com 06b4fdda1a Bugzilla Bug 272484: code cleanup. keythi.h: remove the unused type 
definition of SEC_PKCS5KeyAndPassword.  p12d.c: We only need to set
p12dcx->currentASafeP7Dcx to NULL if it isn't NULL.  r=relyea.
Modified Files: cryptohi/keythi.h pkcs12/p12d.c
 2005-12-19 17:46:30 +00:00
nelsonb%netscape.com 19047568b5 Fix build. Remove c++ style declaration of loop control variables. 2005-12-17 01:03:12 +00:00
glen.beasley%sun.com 4e0681121a 318964 implement HMAC algorithm tests for FIPS 140-2 validation r=Wan-teh 2005-12-16 16:57:49 +00:00
rrelyea%redhat.com bb35ec1ad1 Mac fixes to ckfw. 2005-12-16 01:57:41 +00:00
rrelyea%redhat.com 901eacef3b Add support for the cryptoki crypto functions. This support is necessary for 
capi and mackey. r=kaie
 2005-12-16 00:48:02 +00:00
glen.beasley%sun.com 7020114b03 318962 Added FIPS 140-2 SHA tests and removed FIPS 140-1 SHA tests r=wan-teh 2005-12-15 18:50:52 +00:00
glen.beasley%sun.com f4a0a3492e 318962 Added FIPS 140-2 SHA tests and removed FIPS 140-1 SHA tests r=wan-teh 2005-12-15 18:47:20 +00:00
wtchang%redhat.com 38037a473a Bugzilla Bug 320047: mp_to_unsigned/signed/fixlen_octets copies nothing to 
the buffer if the mp_int is zero. r=nelsonb.
 2005-12-14 02:18:35 +00:00
wtchang%redhat.com f8302eae78 Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12 
plus upcoming revisions.  The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
	cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
	cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
	lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
	lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
	lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
	tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
	tests/ssl/ssl.sh
 2005-12-14 01:49:40 +00:00
glen.beasley%sun.com 2f95017a80 318958 removal of DES and Triple DES 140-1 code r=wan-teh 2005-12-14 01:19:11 +00:00
wtchang%redhat.com a74affdee9 Bugzilla Bug 320038: ecl/ecl-curve.h: removed unnecessary leading zero byte 
in the base point orders of curves K-233 and K-409.  ec.c: pad the private
key with leading zeros to the length of the base point order.
r=douglas.steblia.
 2005-12-13 22:31:34 +00:00
glen.beasley%sun.com d15a3a9c9f 318958 TDEA algorithm tests for FIPS 140-2 2005-12-09 16:55:53 +00:00
relyea%netscape.com 3bb8ee4f59 Initialize mpi data using mpi macros, not static data bug 319252 
r=douglas
 2005-12-08 23:22:26 +00:00
alexei.volkov.bugs%sun.com 3b330a9206 305028: make pretty print utility print hex data in case when data type was not recognized; rw+nelson 2005-12-05 23:09:38 +00:00
relyea%netscape.com 5389c82af5 Bug 316925 
Key export does not work on tokens with non-sensitive keys that can't wrap.
r=kaie
 2005-11-24 00:40:14 +00:00
relyea%netscape.com d83eb37a5a Bug 129303 
NSS needs to expose interfaces to deal with multiple token sources of certs.

r=kaie
 2005-11-23 23:56:38 +00:00
relyea%netscape.com d6c2066d8b Bug 129303 NSS needs to expose interfaces to deal with multiple token sources of certs 
r=kaie
 2005-11-23 23:54:15 +00:00
relyea%netscape.com 505a100fea PKCS #11 module to supply Access to the Mac OS X Keychain. 2005-11-23 23:04:08 +00:00
nelsonb%netscape.com 209e64fb65 Fix bug in MP_ALIGN macro that always truncated pointers to 32-bits, 
even on 64-bin platforms.  Bug 298630. r=rrelyea.
 2005-11-23 01:12:34 +00:00
relyea%netscape.com 2c47437c90 Weave patch: bug 298630 r=nelson 2005-11-22 07:16:43 +00:00
nelsonb%netscape.com a10b284613 Begin building mpcpucache.c. On Sun Studio platforms, build from two 
new .s files.  Bug 298630. r=rrelyea.
 2005-11-22 07:13:32 +00:00
christophe.ravel.bugs%sun.com 637ff91341 Turn NSS_BETA off for NSS 3.11 RC2. 
r+ Julien Pierre.
 2005-11-22 01:58:35 +00:00
christophe.ravel.bugs%sun.com 7ec492e5b4 Back to BETA flag on the trunk. 
r+ Julien Pierre
 2005-11-21 18:46:12 +00:00
christophe.ravel.bugs%sun.com de04f252bb Turn NSS_BETA to FALSE for NSS 3.11 RC. 
r+: Julien Pierre.
 2005-11-21 04:08:44 +00:00
alexei.volkov.bugs%sun.com cea5f015e0 53229: certutil should not use gets(); 
julien rv+; wan-teh sr+
 2005-11-20 01:46:59 +00:00
christophe.ravel.bugs%sun.com d1149b4b8f 238319: Sun packages changes. 
RPM_RELEASE can be set from the command line.
 2005-11-18 21:52:41 +00:00
nelsonb%netscape.com 79b50a06c6 Initialize slot pointer in ssl3_HandleServerHello. Bug 311590. r=wtchang 2005-11-18 01:25:20 +00:00
nelsonb%netscape.com d5b6167e41 Restore binary compatilibity for old Fortezza cipher suites. 
Bug 316640. r-glen.beasley
 2005-11-18 01:21:22 +00:00
wtchang%redhat.com 869b60c32a Bugzilla Bug 292427: on Windows, search in $(DIST)/lib before $(DIST)/bin 
because in a Mozilla build $(DIST)/bin may contain old copies of the NSS
DLLs. r=relyea,jpierre.
 2005-11-16 02:17:36 +00:00
relyea%netscape.com 31f296f5fc Handle nicknames on certificates. 
Fix bug where we weren't allocating enough space for wchar (wide, utf16, etc).
strings in ckcapi_UTF8ToWide().
 2005-11-16 01:17:25 +00:00
neil.williams%sun.com 9a4cfadbcd Bug 315135, pk12util -w <non-existent pwfile> causes seg fault. 
r=nelson
 2005-11-16 00:59:18 +00:00
nelsonb%netscape.com 74b43d3995 Eliminate leak and heap buffer overrun. Bug 315994. r=julien, sr=rrelyea 2005-11-15 23:40:18 +00:00
julien.pierre.bugs%sun.com 2cc80666f0 fix for bug 316446 . -z defs option was included twice in linker line . r=nelson 2005-11-15 19:01:18 +00:00
wtchang%redhat.com 36c9d7bd15 Bugzilla Bug 312202: use the _32 tag in 32-bit HP-UX IPF builds. Use the 
$ORIGIN linker keyword when building shared libraries and executable
programs on HP-UX IPF. r=nelsonb.
Modified Files: coreconf/HP-UX.mk nss/cmd/platlibs.mk
 2005-11-15 18:19:18 +00:00
relyea%netscape.com dae1c89238 New pk11util scripts. 2005-11-15 01:53:44 +00:00
relyea%netscape.com fb32732d2d Add loops, conditionals and simple math. 2005-11-15 01:49:01 +00:00
julien.pierre.bugs%sun.com 4a998c5a80 Fix for bug 232604. don't open DBs in user's directory in shlibsign. r=nelson 2005-11-15 00:34:39 +00:00
relyea%netscape.com b23c1197b0 Add r/w support. The Capi token can now: 
Import certs and keys.
  Delete certs and keys.
 2005-11-15 00:13:58 +00:00
julien.pierre.bugs%sun.com 23746dd145 Fix for bug 316250. crmftest doesn't build on OS/2. Add LIB_PREFIX . 2005-11-14 00:17:21 +00:00
julien.pierre.bugs%sun.com 0f242e9190 Fix for bug 316219. Don't build an import library on OS/2. r=wtchang 2005-11-14 00:13:41 +00:00
julien.pierre.bugs%sun.com 3166b5b213 Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson 2005-11-12 00:14:25 +00:00
julien.pierre.bugs%sun.com 77bd7f02b5 Fix for bug 286685. rename SFTK symbols to SECMOD. r=rrelyea, nelson 2005-11-11 23:36:33 +00:00
julien.pierre.bugs%sun.com fc7b9a9d6d Fix for bug 315033 . Remove dead command-line tool sources. r=nelson 2005-11-11 04:02:16 +00:00
julien.pierre.bugs%sun.com b43fd37a3d Fix for 292156. Prevent crash in SSL session cache init if invalid arguments are passed. r=nelson 2005-11-11 02:45:59 +00:00
julien.pierre.bugs%sun.com 4c5dd38fa9 Fix for bug 292156. Add -C SSLCacheEntries option to selfserv. r=nelson 2005-11-11 02:44:56 +00:00
julien.pierre.bugs%sun.com 034706090e Fix for 166727 . certutil should not call CERT_GetDBContentVersion. r=nelson 2005-11-10 21:18:26 +00:00
julien.pierre.bugs%sun.com 27ffe0dd6a Remove dead config.mk files for modutil and ssltap. Fix for 294720. r=nelson 2005-11-10 03:00:05 +00:00
julien.pierre.bugs%sun.com 8c4c16a46f Resolve symlinks when loader freebl shared libs, and limit iterations to 20. r=wtchang 2005-11-10 02:18:22 +00:00
wtchang%redhat.com 67dd7124b0 Bugzilla Bug 311432: renamed USE_FP_CODE as ECL_USE_FP. Do not set 
ECL_USE_FP to 1 on Linux x86 to work around the bug.  Moved a dependency
rule to the appropriate section of the makefile. r=nelsonb.
 2005-11-08 22:03:17 +00:00
wtchang%redhat.com c6ec74b2bd Improved a comment. Suggested by Nelson Bolyard of Sun. r=wtc. 2005-11-08 22:00:46 +00:00
alexei.volkov.bugs%sun.com 40e89ae3ab fix for 313680: add missing TLS cipher types to SSLTAP. r=nelson 2005-11-07 23:54:33 +00:00
christophe.ravel.bugs%sun.com 3a519f40a2 238319: Sun packages changes 
Set rpm release to 2 for NSS 3.11
 2005-11-07 20:20:10 +00:00
wtchang%redhat.com 16471390c4 Bugzilla Bug 298522: added power-up self tests for HMAC SHA-384 and HMAC 
SHA-512.  The patch was written by Glen Beasley of Sun. r=wtc.
 2005-11-07 19:05:45 +00:00
wtchang%redhat.com 402c5fce34 Bugzilla bug 313196: include the minimal headers. 2005-11-07 19:00:58 +00:00
wtchang%redhat.com 62c2120244 Bugzilla Bug 313196: checked in a header inclusion change that I missed in 
the previous checkin.
 2005-11-07 18:48:39 +00:00
wtchang%redhat.com bccb80f1c9 Bugzilla Bug 313196: HMAC code should not use a fixed hash input block size 
of 64 bytes, which is wrong for SHA-384 and SHA-512.  This requires adding
the hash input block size to the SECHashObject structure. r=relyea,nelsonb
Modified Files:
	cryptohi/hasht.h cryptohi/sechash.c freebl/alghmac.c
	freebl/blapit.h freebl/rawhash.c
 2005-11-07 18:44:21 +00:00
wtchang%redhat.com f8d339ea35 Replaced the magic constant 20 by SHA1_LENGTH. Use sizeof(buffer) to 
be more robust. r=nelsonb
 2005-11-05 01:00:14 +00:00
relyea%netscape.com a94c630a38 replace missing header files. 2005-11-04 23:44:19 +00:00
wtchang%redhat.com 3ef095214d Bugzilla Bug 311958: Update the nssckbi versions for NSS 3.11. r=relyea. 2005-11-04 22:51:55 +00:00
julien.pierre.bugs%sun.com f322685ad8 Move ret_cr16.s from util to freebl. r=nelsonb 2005-11-04 04:11:04 +00:00
relyea%netscape.com 624b78a677 Initial CAPI PKCS #11 Module. 
Needs the updated ckfw.
 2005-11-04 02:05:04 +00:00
wtchang%redhat.com bf1f22d59c Bugzilla Bug 298512: Ensure the seed and seed key input for RNG do not have 
same value for FIPS 140-2. r=nelsonb.
 2005-11-04 01:07:30 +00:00
julien.pierre.bugs%sun.com 58312a336d Remove nmake Makefiles and references to them. r=nelson 2005-11-04 01:01:37 +00:00
julien.pierre.bugs%sun.com 82076672d5 Remove dead files. r=wtchang 2005-11-04 00:48:41 +00:00
julien.pierre.bugs%sun.com e9b3d77725 Fix for 314115 . Comments about QuickDER and classic ASN.1 decoders relating to SECItem.type field 2005-10-31 18:52:20 +00:00
julien.pierre.bugs%sun.com b7643ddac3 Fix for 314115 - QuickDER modifies SECItem.type while decoding. r=wtchang 2005-10-31 18:34:42 +00:00
wtchang%redhat.com 9f00787971 Bugzilla bug 239960: cvs removed cmd/swfort. r=relyea. 2005-10-27 22:49:22 +00:00
wtchang%redhat.com 2982dcd8d0 Bugzilla bug 298522: added power-up self tests for HMAC SHA-1 and HMAC 
SHA-256.  The patch is contributed by Glen Beasley of Sun. r=wtc.
 2005-10-20 21:46:51 +00:00
wtchang%redhat.com f1989d462e Build fipstest. 2005-10-19 01:14:20 +00:00
julien.pierre.bugs%sun.com 1074e8d40b Add dependency on freebl so ssl will rebuild if freebl has changed. 2005-10-19 01:04:16 +00:00
julien.pierre.bugs%sun.com 4b3046e544 Add dependency on freebl so softoken will rebuild if freebl has changed. 2005-10-19 01:03:31 +00:00
wtchang%redhat.com c550139189 Added a shell script for running the NIST AES Algorithm Validation Suite. 2005-10-19 00:55:20 +00:00
wtchang%redhat.com 3cc2568dbc Bugzilla Bug 312395: Added FIPS AES Known Answer Test, Multi-block Message 
Test, and Monte Carlo Test in ECB and CBC modes.  Also changed the types
of some variables from int to unsigned int to fix compiler warnings about
signed/unsigned comparisons.
 2005-10-14 20:04:39 +00:00
wtchang%redhat.com f1ab1aa413 Bugzilla bug 311440: ssl3_ConsumeHandshakeVariable now longer returns a 
SECItem pointing to memory allocated with PORT_Alloc, so we don't need to
use PORT_Free to free the SECItem's buffer.  r=nelsonb.
 2005-10-14 16:48:58 +00:00
wtchang%redhat.com e43c3ce2ce Bugzilla Bug 312202: checked in HP-UX IPF (Itanium) porting changes 
contributed by Grace Lu of HP.  Use the .so suffix for shared libraries
on HP-UX IPF.  Support building on HP-UX B.11.23. r=wtc.
Modified Files:
	coreconf/HP-UX.mk nss/lib/nss/nssinit.c
Added Files:
	coreconf/HP-UXB.11.23.mk
 2005-10-12 19:04:13 +00:00
wtchang%redhat.com e853dbd1aa Bugzilla Bug 302998: disallow x=0,1 and k=0. r=nelsonb. 2005-10-12 00:48:25 +00:00
neil.williams%sun.com e900e4197d CBug 290263, patch CERT_CreateCertificateRequest for doing extensions 
r=bob
`VS: ----------------------------------------------------------------------
 2005-10-12 00:10:17 +00:00
relyea%netscape.com 0999eacfac Attempt to fix HPUX test failures. 
Bug 311279 crmftest core dumps on HP-UX
(verbal) r=wtc
 2005-10-08 00:57:31 +00:00
wtchang%redhat.com f0ecbc1907 Bugzilla Bug 304360: generate ECC key with private key value less than the 
group order using a combination of ANSI X9.62 A.4.1 and FIPS 186-2 Change
Notice 1.  Also changed structure of EC key generation functions to match
the scheme used in dsa.c.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca> of Sun Labs. r=wtc.
 2005-10-06 23:16:20 +00:00
wtchang%redhat.com 137ae27c40 Bugzilla Bug 257693: set the correct error code in EC_ValidatePublicKey. 
Documented the return values of ECPoint_validate.  Have the tests compare
the return value of ECPoint_validate with MP_NO for negative test cases.
r=doublas.stebila.
Modified Files:
	ec.c ecl/ecl.h ecl/tests/ec2_test.c ecl/tests/ecp_test.c
 2005-10-06 21:42:55 +00:00
wtchang%redhat.com f1c1c9ff83 Bugzilla bug 259135: fixed build breakage. In C, declarations must precede 
code.
 2005-10-05 22:03:14 +00:00
wtchang%redhat.com a2a6f7d5d0 Bugzilla bug 259135: minor comment fix. 2005-10-05 17:58:01 +00:00
glen.beasley%sun.com ce927b8172 259135 added SHA 256,384,512 and AES powerupself tests sr=Wan-Teh 2005-10-05 16:31:01 +00:00
relyea%netscape.com 3f0a5a238f Back out non-reviewed strictly white space change in pk11sdr.c 2005-10-04 01:11:01 +00:00
wtchang%redhat.com cf9da5e041 Made the test compile and link without errors. 2005-10-04 00:46:50 +00:00
wtchang%redhat.com c37177be01 Fixed test file line endings. This file must be considered part of the 
NSS module because it needs the private NSS header blapi.h.
 2005-10-04 00:35:51 +00:00
wtchang%redhat.com 36b838d2de Fixed test file line endings. 2005-10-04 00:28:55 +00:00
wtchang%redhat.com 42340d8d1f Bugzilla bug 310518: map CKR_PIN_INVALID and CKR_PIN_LEN_RANGE to 
SEC_ERROR_INVALID_PASSWORD instead of SEC_ERROR_BAD_PASSWORD. r=relyea.
 2005-10-03 22:41:45 +00:00
relyea%netscape.com 017d2e48a7 remove depricated mechanisms so pk11table continues to build. 2005-10-03 22:19:43 +00:00
relyea%netscape.com c498db1b4e Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 3 of 3]
 2005-10-03 22:01:57 +00:00
relyea%netscape.com 383e05c9b6 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 2 of 3]
 2005-10-03 22:00:22 +00:00
relyea%netscape.com 1dbbf4afca This change was not part of bug 272484 and has not been reviewed. 
Back it out.
 2005-10-03 21:58:24 +00:00
relyea%netscape.com aacba3b4b3 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)

This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.

r=wtc
 2005-10-03 21:55:29 +00:00
wtchang%redhat.com 7cdc2237f9 Bugzilla Bug 294106: removed an assertion that's no longer necessary. 
Added buffer length error checking to back up an assertion. r=nelsonb.
 2005-09-30 22:01:46 +00:00
relyea%netscape.com ca331d0f84 Bugzilla Bug 244922 ASN.1 encoder outputs trash for optional may-stream subtemplate 
r=nelson (original patch by nelson, modifications by me).
 2005-09-30 19:22:48 +00:00
relyea%netscape.com b8ff00fa4d Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
wtc's review r=wtc
 2005-09-29 23:44:39 +00:00
wtchang%redhat.com b5dad5e71d Bugzilla Bug 294106: dsa.c: use const in the function prototype of 
DSA_GenerateGlobalRandomBytes.  prng_fips1861.c: implemented Algorithm 1
of FIPS 186-2 Change Notice 1 and increased the size (b) of the RNG's
seed-key from 160 bits to 256 bits. r=relyea,nelsonb.
 2005-09-29 23:22:53 +00:00
relyea%netscape.com f07d043fa0 Tests won't pass if we don't build crmftest 2005-09-29 22:01:52 +00:00
relyea%netscape.com f7650e2dfd Bug 308887 CRMF request generation problem when using latest firefox 
Add crmf tests to the test suite.
 2005-09-29 21:36:42 +00:00
relyea%netscape.com bb4e6de04d Bugzilla Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
r=nelson

This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
 2005-09-29 21:00:58 +00:00
wtchang%redhat.com 5ca23c5ac1 Bug 271317, remove the old fortezza code 2005-09-29 18:09:11 +00:00
relyea%netscape.com 0c257cc408 Bugzilla Bug 298630 freebl needs a memory cache invariant RSA implementation. 
r=nelson
 2005-09-29 17:17:09 +00:00
relyea%netscape.com 9f3f33c4d8 Add better tests for detached signatures. Actually test the other sha 
variants rather than just say we do. done in the context of bug 30887
r=nelson
 2005-09-29 17:14:19 +00:00
relyea%netscape.com ab65fadf87 Bug 271317, remove the old fortezza code 2005-09-29 00:36:53 +00:00
relyea%netscape.com 6bae625be5 Internal NSS defines shared between softoken and the rest of NSS, but not 
exported.

added as part of bug 305697.
 2005-09-28 23:52:59 +00:00
relyea%netscape.com d8e2256322 Bug 305697 Softoken needs to give on the fly access to additional databases. Part 2, User interface 
r=julien
 2005-09-28 17:17:49 +00:00
relyea%netscape.com 73c2c7913b bug 305697: open additional database on the fly in softoken. part1: softoken changes. 
r=julien
 2005-09-28 17:12:17 +00:00
nelsonb%netscape.com 9d1b27d77f Avoid NULL ptr deref. Bug 310260. patch by Glen.Beasley. r=nelson. 2005-09-28 07:55:37 +00:00
neil.williams%sun.com f21769892b Bug 303508, committing attachment 196965. r=nelson,saul 2005-09-23 02:15:03 +00:00
nelsonb%netscape.com 1be2e6565e Eliminate environment variable SSLNOLOCKS, add environment variable 
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.
 2005-09-23 01:04:32 +00:00
nelsonb%netscape.com 392492409b Don't crash when printing an ASN.1 NULL primitive with a NULL prefix 
string.  Bug 309651. r=wtchang.
 2005-09-22 22:45:32 +00:00
nelsonb%netscape.com 984c14b592 Add version info to freebl shared libs for Windows and Unix. bub 303508. 
Modified Files:  config.mk ldvector.c manifest.mn
Added Files:     freebl.rc freeblver.c                 r=wtc.
 2005-09-21 03:01:49 +00:00
nelsonb%netscape.com 8e90b38bb0 Replace "fast" and "slow" with fpu and int in loader.c. Also add a 
comment explaining ISA lists.  r=wtc. bug 303508.
 2005-09-21 02:53:25 +00:00
wtchang%redhat.com 5a7a4f41b6 Bug 299197: added the comment for PK11_TokenKeyGen back. r=relyea. 2005-09-21 01:32:11 +00:00
wtchang%redhat.com e6c2b3be72 Bug 299197: fixed comments. r=relyea. 2005-09-21 01:31:37 +00:00
relyea%netscape.com 6745cd57ef Only call C_WaitForSlotEvent if the module is PKCS #11 v2.01 or later. 
bug 196811 r=wtc sr=julien
 2005-09-20 20:56:07 +00:00
julien.pierre.bugs%sun.com bc02bfe07d Fix for 293686. Check status from SECU_ParseCommandLine. r=nelson 2005-09-20 05:13:01 +00:00
julien.pierre.bugs%sun.com 2bd2306d6c Fix for 292390. NSS tools with missing command-line operands cause crash. r=nelson 2005-09-19 20:59:46 +00:00
julien.pierre.bugs%sun.com 83ceb87c51 Fix for 293686 . signver has command-line options with optional arguments. r=nelsonb 2005-09-19 20:52:11 +00:00
christophe.ravel.bugs%sun.com 3241563dc1 238319: Sun packages changes. 
Change libfreebl name on Solaris x86 (following changes from Bugzilla 303508).
 2005-09-19 19:12:24 +00:00
wtchang%redhat.com ad39a7ded6 Bugzilla bug 303508: a more elegant way to decide when we need to prefix 
LIBRARY_VERSION with '_'. r=nelsonb.
 2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com c9cc74edbc Fix hoarked build from previous checkin. Doh. 2005-09-16 21:28:20 +00:00
wtchang%redhat.com 976c2df41a Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and 
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute.  r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
 2005-09-16 20:37:58 +00:00
julien.pierre.bugs%sun.com 34f69db6a3 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 2005-09-16 20:33:09 +00:00
wtchang%redhat.com 3e13aeb576 Bugzilla Bug 288728: handle invalid values of recipient identifier type. 
r=jpierre,relyea.
 2005-09-16 17:54:31 +00:00
wtchang%redhat.com fce7dd3516 Bugzilla Bug 288728: use a whitelist instead of a blacklist when checking 
for invalid values of "type". r=jpierre,relyea.
 2005-09-16 17:52:37 +00:00
wtchang%redhat.com c1d23a672f Bugzilla Bug 303508: removed the underscore from the name of the "single" 
freebl shared library (freebl_3.dll -> freebl3.dll).  Do the recursive
child builds without changing directories.  This fixed the BUILD_TREE build
problem. r=nelsonb,saul.edwards.
Modified files: Makefile freebl.def manifest.mn
 2005-09-16 17:17:45 +00:00
wtchang%redhat.com b11dc01e94 Removed an unnecessary -L linker flag. r=nelsonb,saul.edwards. 2005-09-16 17:02:49 +00:00