Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 00:55:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
158,092 Commits 615 Branches 98 Tags 5.9 GiB
01891a9574
Commit Graph

2571 Commits

Author SHA1 Message Date
relyea%netscape.com
5c3685a18e Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 3 of 3]
 2005-10-03 22:01:57 +00:00
relyea%netscape.com
0cefb4acd8 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
r=wtc [part 2 of 3]
 2005-10-03 22:00:22 +00:00
relyea%netscape.com
0223a07982 This change was not part of bug 272484 and has not been reviewed. 
Back it out.
 2005-10-03 21:58:24 +00:00
relyea%netscape.com
53f4189369 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey] 
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)

This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.

r=wtc
 2005-10-03 21:55:29 +00:00
wtchang%redhat.com
5d52123474 Bugzilla Bug 294106: removed an assertion that's no longer necessary. 
Added buffer length error checking to back up an assertion. r=nelsonb.
 2005-09-30 22:01:46 +00:00
relyea%netscape.com
bb7e1cb9f9 Bugzilla Bug 244922 ASN.1 encoder outputs trash for optional may-stream subtemplate 
r=nelson (original patch by nelson, modifications by me).
 2005-09-30 19:22:48 +00:00
relyea%netscape.com
b354997d97 Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
wtc's review r=wtc
 2005-09-29 23:44:39 +00:00
wtchang%redhat.com
5c38b2d572 Bugzilla Bug 294106: dsa.c: use const in the function prototype of 
DSA_GenerateGlobalRandomBytes.  prng_fips1861.c: implemented Algorithm 1
of FIPS 186-2 Change Notice 1 and increased the size (b) of the RNG's
seed-key from 160 bits to 256 bits. r=relyea,nelsonb.
 2005-09-29 23:22:53 +00:00
relyea%netscape.com
f07ca5cfef Bug 308887 CRMF request generation problem when using latest firefox 
Add crmf tests to the test suite.
 2005-09-29 21:36:42 +00:00
relyea%netscape.com
9c9cecb9d7 Bugzilla Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported 
r=nelson

This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
 2005-09-29 21:00:58 +00:00
wtchang%redhat.com
fc511c7607 Bug 271317, remove the old fortezza code 2005-09-29 18:09:11 +00:00
relyea%netscape.com
93e1f22027 Bugzilla Bug 298630 freebl needs a memory cache invariant RSA implementation. 
r=nelson
 2005-09-29 17:17:09 +00:00
relyea%netscape.com
665d2accd1 Bug 271317, remove the old fortezza code 2005-09-29 00:36:53 +00:00
relyea%netscape.com
8d4f93463a Internal NSS defines shared between softoken and the rest of NSS, but not 
exported.

added as part of bug 305697.
 2005-09-28 23:52:59 +00:00
relyea%netscape.com
c4abacd281 Bug 305697 Softoken needs to give on the fly access to additional databases. Part 2, User interface 
r=julien
 2005-09-28 17:17:49 +00:00
relyea%netscape.com
e35607b9c4 bug 305697: open additional database on the fly in softoken. part1: softoken changes. 
r=julien
 2005-09-28 17:12:17 +00:00
nelsonb%netscape.com
ac626ee74e Avoid NULL ptr deref. Bug 310260. patch by Glen.Beasley. r=nelson. 2005-09-28 07:55:37 +00:00
neil.williams%sun.com
7b415783ba Bug 303508, committing attachment 196965. r=nelson,saul 2005-09-23 02:15:03 +00:00
nelsonb%netscape.com
abc6a22d68 Eliminate environment variable SSLNOLOCKS, add environment variable 
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.
 2005-09-23 01:04:32 +00:00
nelsonb%netscape.com
d05886f50d Add version info to freebl shared libs for Windows and Unix. bub 303508. 
Modified Files:  config.mk ldvector.c manifest.mn
Added Files:     freebl.rc freeblver.c                 r=wtc.
 2005-09-21 03:01:49 +00:00
nelsonb%netscape.com
f12a0e5a63 Replace "fast" and "slow" with fpu and int in loader.c. Also add a 
comment explaining ISA lists.  r=wtc. bug 303508.
 2005-09-21 02:53:25 +00:00
wtchang%redhat.com
73f597f990 Bug 299197: added the comment for PK11_TokenKeyGen back. r=relyea. 2005-09-21 01:32:11 +00:00
wtchang%redhat.com
ecdf90d92d Bug 299197: fixed comments. r=relyea. 2005-09-21 01:31:37 +00:00
relyea%netscape.com
aa8a2c0490 Only call C_WaitForSlotEvent if the module is PKCS #11 v2.01 or later. 
bug 196811 r=wtc sr=julien
 2005-09-20 20:56:07 +00:00
wtchang%redhat.com
13f41d4840 Bugzilla bug 303508: a more elegant way to decide when we need to prefix 
LIBRARY_VERSION with '_'. r=nelsonb.
 2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com
d42e92ad88 Fix hoarked build from previous checkin. Doh. 2005-09-16 21:28:20 +00:00
wtchang%redhat.com
b427dc6efe Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and 
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute.  r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
 2005-09-16 20:37:58 +00:00
julien.pierre.bugs%sun.com
c56d3589f6 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 2005-09-16 20:33:09 +00:00
wtchang%redhat.com
2e75eae9d5 Bugzilla Bug 288728: handle invalid values of recipient identifier type. 
r=jpierre,relyea.
 2005-09-16 17:54:31 +00:00
wtchang%redhat.com
019a13cbeb Bugzilla Bug 288728: use a whitelist instead of a blacklist when checking 
for invalid values of "type". r=jpierre,relyea.
 2005-09-16 17:52:37 +00:00
wtchang%redhat.com
dcad184fa4 Bugzilla Bug 303508: removed the underscore from the name of the "single" 
freebl shared library (freebl_3.dll -> freebl3.dll).  Do the recursive
child builds without changing directories.  This fixed the BUILD_TREE build
problem. r=nelsonb,saul.edwards.
Modified files: Makefile freebl.def manifest.mn
 2005-09-16 17:17:45 +00:00
wtchang%redhat.com
65241f7ef4 Removed an unnecessary -L linker flag. r=nelsonb,saul.edwards. 2005-09-16 17:02:49 +00:00
wtchang%redhat.com
3eac80068d Bugzilla Bug 303508: code cleanup. r=nelsonb,jpierre. 2005-09-16 16:59:22 +00:00
nelsonb%netscape.com
9499265f5c Plug leaks in SSL bypass code. Add freeit argument to HMAC_Destroy function. 
Change existing callers to pass this argument.  Call HMAC_Destroy from SSL.
Bug 305147. r=Julien.Pierre
Modified Files:  freebl/alghmac.c freebl/alghmac.h freebl/loader.c
  freebl/loader.h freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
  ssl/ssl3con.c
 2005-09-14 04:12:50 +00:00
wtchang%redhat.com
f889a99cbb Bugzilla Bug 301554: Clear the 'present' flag if slot fails to refresh. 
relyea wrote the patch. r=wtc,nelsonb.
 2005-09-14 01:35:02 +00:00
nelsonb%netscape.com
fdffe11308 Fix regression introduced in last checkin. If the caller disables the 
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack.  bug 305147. r=julien.pierre
 2005-09-10 01:18:40 +00:00
nelsonb%netscape.com
4b56704437 Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS. 
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c.  derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
    ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
    ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
    ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
 2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
1d31068271 Export function PK11_MapSignKeyType for use by libSSL. Bug 305147. 
r=relyea.
Modified Files: nss/nss.def pk11wrap/pk11mech.c pk11wrap/pk11obj.c
	pk11wrap/pk11pub.h pk11wrap/secmodi.h
 2005-09-09 02:03:57 +00:00
wtchang%redhat.com
4250ad5929 Bugzilla Bug 299197: define two bitflags for every PKCS #11 object 
attribute with no exceptions. renamed PK11_ATTR_READONLY as
PK11_ATTR_UNMODIFIABLE.  In pk11_OpFlagsToAttributes, backed out a change
I made before.  Made pk11_AttrFlagsToAttributes table-driven. In
pk11_loadPrivKeyWithFlags, fixed the bug (always loading the public key as
a token object).  Other code cleanups. r=relyea,nelsonb.
Modified files: pk11akey.c pk11obj.c pk11pub.h pk11skey.c secmodt.h
 2005-09-07 18:23:35 +00:00
saul.edwards%sun.com
0194469cc5 Bug 303508: Add freebl shared libs that do 64-bit integer math. Bug 274984: softoken fails to load freebl in setuid programs. freebl becomes a shared library on all platforms. r=nelson 
Modified Files:
	coreconf/HP-UXB.11.mk coreconf/SunOS5.mk
	nss/cmd/shlibsign/Makefile nss/cmd/shlibsign/manifest.mn
	nss/lib/freebl/Makefile nss/lib/freebl/arcfour.c
	nss/lib/freebl/blapi.h nss/lib/freebl/config.mk
	nss/lib/freebl/ldvector.c nss/lib/freebl/loader.c
	nss/lib/freebl/loader.h nss/lib/freebl/manifest.mn
Added Files:
	nss/lib/freebl/freebl.def
 2005-09-07 02:47:16 +00:00
glen.beasley%sun.com
8ebcacd943 305984 update FIPS values for cipher suites file=sslinfo.c r=bob,sr=wtc 2005-09-06 17:15:32 +00:00
julien.pierre.bugs%sun.com
132ddbe43e Fix 306785 . Memory leaks in PQG_ParamGenSeedLen . r=nelson 2005-09-02 20:05:35 +00:00
wtchang%redhat.com
db235ef59a Bugzilla Bug 299197: added PK11AttrFlags and PK11_GenerateKeyPairWithFlags. 
Modified PK11_TokenKeyGenWithFlags to take a PK11AttrFlags parameter.
PK11AttrFlags controls the values of commonly used PKCS #11 object
attributes that have Boolean values. r=relyea,nelsonb.
Modified Files:
	nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11obj.c
	pk11wrap/pk11pub.h pk11wrap/pk11skey.c pk11wrap/secmodi.h
	pk11wrap/secmodt.h
 2005-09-02 18:25:04 +00:00
wtchang%redhat.com
184d7ab678 Bugzilla Bug 305835: removed NSS_ENABLE_ECC ifdefs under nss/lib except 
nss/lib/{freebl,softoken,ssl}. r=nelsonb.
Modified Files:
	cryptohi/keyhi.h cryptohi/manifest.mn cryptohi/seckey.c
	cryptohi/secsign.c freebl/ec.c pk11wrap/manifest.mn
	pk11wrap/pk11akey.c pk11wrap/pk11cert.c pk11wrap/pk11mech.c
	pk11wrap/pk11obj.c pk11wrap/pk11skey.c pkcs12/manifest.mn
	pkcs12/p12d.c pkcs7/config.mk pkcs7/p7decode.c
	pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
	smime/config.mk
 2005-09-02 01:24:57 +00:00
wtchang%redhat.com
afccecc775 Bugzilla Bug 257693: code cleanup. 1. Change "X9.63" to "X9.62". 2. In 
EC_ValidatePublicKey, set error codes and handle a NULL return from
ECGroup_fromName.  3. In the ECGroupStr structure, move the validate_point
field up.  4. In the test cases, if the tests that should fail, passed,
say so in the error messages.  r=douglas@stebila.ca.
Modified Files:
	blapi.h ec.c ecl/ecl-priv.h ecl/ecl.c ecl/ecl.h
	ecl/tests/ec2_test.c ecl/tests/ecp_test.c
 2005-08-27 01:09:22 +00:00
relyea%netscape.com
33f6464950 Bug 302416 NSS root cert module & fortezza should not be using NSPR static libraries 
r=wtc
sr-julien
Side effects: Root cert module now works with CKF_OS_LOCKING_OK and not callbacks,
but does not work if CKF_OS_LOCKING_OK == 0 and callbacks are define.
 2005-08-25 20:08:27 +00:00
wtchang%redhat.com
d624f9129a Bugzilla Bug 296410: further simplify the code by always referencing the 
buffer using the same union member. r=relyea.
VFYContextCVS: ----------------------------------------------------------------------
 2005-08-24 23:05:39 +00:00
julien.pierre.bugs%sun.com
22ff330626 Fix AIX build problem 2005-08-18 23:37:31 +00:00
julien.pierre.bugs%sun.com
6b5d842c09 Fix for bug 217024. add a function for comparing cert validity periods. r=wtchang 2005-08-17 02:04:12 +00:00
saul.edwards%sun.com
c3fa2091c5 Bug 303507: Add comba for MPI's multiply and square routines. 
This code is currently for AMD 64 on both Linux and Solaris only.
 2005-08-16 19:25:48 +00:00
nelsonb%netscape.com
d391504d03 Remove fortezza code from libSSL and from the SSL test programs. 
Stop building fortezza's special software token, and fortezza specific
test programs.   Bug 239960. r=rrelyea.
Modified Files:
    cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
    cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
    cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
    cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
    cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
    lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
    lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
    lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
    lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
    lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
    lib/ssl/sslt.h
 2005-08-16 03:42:26 +00:00
wtchang%redhat.com
3e2e9c754f Bugzilla bug 296410: checked in a better fix than the previous checkin. 
Also removed the unused, unexported function SEC_VerifyFile. r=nelsonb.
 2005-08-16 01:57:51 +00:00
wtchang%redhat.com
88fb7bee52 Bugzilla bug 296410: removed unused, unexported function SEC_SignFile. 
r=nelsonb.
 2005-08-16 01:52:17 +00:00
wtchang%redhat.com
5e25df8763 Bugzilla Bug 298957: removed a comment. The code already does what the 
comment asked for. r=relyea.
 2005-08-15 21:34:42 +00:00
wtchang%redhat.com
55197b5cfd Bugzilla Bug 289530: fixed signed/unsigned comparison compiler warnings. 
Fixed compilation errors of new ECC code added in the previous checkin.
r=nelsonb.
 2005-08-15 21:23:39 +00:00
relyea%netscape.com
29e52be20d Remove ^M from the tree version of mpcpucache.c 2005-08-15 19:00:17 +00:00
saul.edwards%sun.com
95723d010a Bug 285932: Faster SHA1 implementation for AMD64: sha-fast-amd64-sun.s is 
currently only for Solaris AMD 64 when using Sun studio compilers.
 2005-08-15 16:55:22 +00:00
wtchang%redhat.com
2577eb148c Bugzilla bug 302286: fixed the bug that NSS misinterpreted the 
CKA_PRIME_BITS attribute for DSA's p parameter. r=relyea.
Modified files: pk11wrap/pk11pqg.c softoken/pkcs11c.c
 2005-08-13 00:09:26 +00:00
wtchang%redhat.com
12ebc20147 Bugzilla Bug 302286: PQG_PBITS_TO_INDEX should reject p bits that are 
less than 512 or greater than 1024. r=relyea.
 2005-08-13 00:07:18 +00:00
wtchang%redhat.com
0824c317a1 Bugzilla Bug 296410: enlarge the buffer size for message digest so that 
we can generate and verify signatures that use SHA-512. r=relyea
Modified files: secsign.c secvfy.c
 2005-08-12 23:50:19 +00:00
wtchang%redhat.com
148653a358 Bugzilla bug 240554: we should pass the signature algorithm, not the 
public key's algorithm, to VFY_VerifyData and VFY_VerifyDigest. Only
fixed this in cmssiginfo.c.  In p7decode.c I just added comments saying
they should be fixed. r=relyea.
Modified files: lib/smime/cmssiginfo.c lib/pkcs7/p7decode.c
 2005-08-12 23:26:38 +00:00
wtchang%redhat.com
1a568d0852 Bugzilla bug 240554: set (better) error codes and removed an unreachable 
break statement. r=relyea.
 2005-08-12 23:24:22 +00:00
wtchang%redhat.com
c0bd0e749a Bugzilla bug 240554: fixed signed/unsigned comparison compiler warning. 
r=relyea.
 2005-08-12 23:22:28 +00:00
wtchang%redhat.com
e09393045c Bugzilla bug 292239: have the softoken report Cryptoki version 2.20. 
r=relyea.
 2005-08-12 23:14:22 +00:00
wtchang%redhat.com
2d2b80688d Bugzilla bug 292239: added a change missed in the previous checkin. 
r=relyea.
 2005-08-12 23:12:18 +00:00
relyea%netscape.com
684e5d1c2b Correct mistyped version of wtc patch. 2005-08-12 22:19:19 +00:00
relyea%netscape.com
a584ef4a1d Bug 292239 r wtc & julien 
Merge PKCS #11 v2.20 header files
 2005-08-12 18:58:47 +00:00
relyea%netscape.com
5ab7c1109c Bug 303010 Certificate upgrade can drop S/MIME certificates 
r=wtc.

Delay loading the S/MIME records on upgrade until the cert is loaded
 2005-08-12 18:01:26 +00:00
wtchang%redhat.com
0543618d9c Bugzilla Bug 257693: actually implemented EC_ValidatePublicKey and added a 
test case.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca>.  r=wtc.
Modified Files:
	ec.c ecl/ec2.h ecl/ec2_aff.c ecl/ecl-priv.h ecl/ecl.c
	ecl/ecl.h ecl/ecp.h ecl/ecp_aff.c ecl/tests/ec2_test.c
	ecl/tests/ecp_test.c
 2005-08-12 00:59:19 +00:00
wtchang%redhat.com
67ffaff684 Bugzilla Bug 298514: added a missing break statement and removed an unused 
variable. r=jpierre.
 2005-08-12 00:44:35 +00:00
wtchang%redhat.com
9a026f7eba Bugzilla Bug 240554: added ECDSA support in S/MIME. The patch is 
contributed by Vipul Gupta <vipul.gupta@sun.com>. r=wtc.
Modified Files:
	cryptohi/secsign.c pkcs7/config.mk pkcs7/p7decode.c
	pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
	smime/config.mk
 2005-08-11 23:11:40 +00:00
nelsonb%netscape.com
0d980a5ea1 A faster c implementation of SHA1 for most platforms. Bug 285932. 
r=wtchang     Modified Files: prng_fips1861.c sha_fast.c sha_fast.h
 2005-08-11 01:01:08 +00:00
wtchang%redhat.com
9b7075b1d2 Bugzilla Bug 303116: fixed an off-by-one error in the size of the NAF 
buffer. We access this buffer using indices from 0 to orderBitSize.
r=douglas.stebila.
 2005-08-10 20:35:07 +00:00
wtchang%redhat.com
24b5ce2c08 Bugzilla Bug 303116: fixed an off-by-one error when duplicating a string. 
r=douglas.stebila.
 2005-08-10 18:49:29 +00:00
wtchang%redhat.com
19e9429f0d Bugzilla Bug 303116: this file doesn't need to include <strings.h>, which 
doesn't exist on Windows. r=relyea.
Bugzilla Bug 303130: fixed memory leak of mp_int in ECPoints_mul.
r=douglas.stebila.
 2005-08-10 18:46:29 +00:00
nelsonb%netscape.com
c893021cd0 Address review comments. Add test after PORT_Assert. Bug 303334. 
r=rrelyea,sr=wtchang
Modified Files: rijndael.c
 2005-08-09 03:09:38 +00:00
nelsonb%netscape.com
7755e752cd Make changes from review feedback. Bug 303316. r=wtchang. 
Modified Files: freebl/alghmac.h freebl/blapi.h freebl/ldvector.c
freebl/loader.c freebl/loader.h freebl/rawhash.c
freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
 2005-08-09 02:54:54 +00:00
nelsonb%netscape.com
8260a85fe6 Add a new assembly language source file with multiplication code for 
Sparc v8 (not V8plus) CPUs.  This works around a performance regression
by restoring the former code.  Bug 303338. r=wtchang.
Modified Files: Makefile
Added Files:    mpi/mpv_sparcv8x.s
 2005-08-06 11:08:41 +00:00
nelsonb%netscape.com
c02e614a66 Add a comment clarifying that this source file is for sparc v8plus CPUs. 
Upgrade license to tri-license.  Fix a bunch of whitespace problems,
WAY too much indentation.  Related to bug 303338. r=wtchang.
Modified Files: mpi/mpv_sparcv8.s
 2005-08-06 11:06:55 +00:00
nelsonb%netscape.com
1f607bc371 Move the TLS Pseudo Random Function (PRF) and the HMAC algorithm from 
softoken to freebl.  Bug 303316. r=wtchang (with suggested changes)
Modified Files:
	freebl/blapi.h freebl/ldvector.c freebl/loader.c
	freebl/loader.h freebl/manifest.mn softoken/lowpbe.c
	softoken/manifest.mn softoken/pkcs11c.c softoken/pkcs11i.h
	softoken/tlsprf.c
Added Files:
	freebl/alghmac.c freebl/alghmac.h freebl/rawhash.c
	freebl/tlsprfalg.c
Removed Files:
	softoken/alghmac.c softoken/alghmac.h softoken/rawhash.c
 2005-08-06 09:27:28 +00:00
nelsonb%netscape.com
9a8510d59b This is the last trunk version of this file. The file will be moved 
to nss/lib/freebl.  This version is identical to the first version
of this file in nss/lib/freebl.  Bug 303316. r=wtchang.
Modified Files: alghmac.c alghmac.h rawhash.c
 2005-08-06 09:24:13 +00:00
nelsonb%netscape.com
8521bea2ba Add new functions for blapi symmetric ciphers and digest functions, 
so that all those functions can initialize a preallocated context.
Bug 303334. r=rrelyea.
Modified Files: aeskeywrap.c alg2268.c arcfour.c blapi.h blapit.h desblapi.c
ldvector.c loader.c loader.h md2.c md5.c rijndael.c rijndael.h sha512.c
 2005-08-06 07:24:21 +00:00
nelsonb%netscape.com
51714ee5f1 Faster SHA1 implementation. Further corrections expected. bug 285932. 
r=wtchang     Modified Files: prng_fips1861.c sha_fast.c sha_fast.h
 2005-08-06 07:10:34 +00:00
julien.pierre.bugs%sun.com
440dae786f Fix for bug 303494 . SEC_LookupCrls passes the address of a stack variable that goes out of scope. r=nelson,wtchang 2005-08-05 21:15:22 +00:00
nelsonb%netscape.com
60181a7016 NSC_CopyObject can now copy token keys to session keys. Bug 289530. 
r=rrelyea. Modified Files: pkcs11.c pkcs11u.c
 2005-08-03 02:26:55 +00:00
nelsonb%netscape.com
6ee92f33d0 Implement PK11_CopyTokenPrivKeyToSessionPrivKey, function to copy token 
RSA private key to a session key, to eliminate DB lookups and 3DES
unwrapping for every use.  Bug 274538.  r=rrelyea.
Modified Files: nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11pub.h
 2005-08-03 01:57:40 +00:00
nelsonb%netscape.com
6edae5d3b6 Eliminate numerous potential causes of sending invalid (zero) session 
handles down to a PKCS11 module.  Bug 292049. r=relyea.
Modified Files: pk11akey.c pk11auth.c pk11obj.c pk11skey.c pk11slot.c
 	pk11util.c
 2005-08-03 01:22:07 +00:00
nelsonb%netscape.com
eeb454fae5 remove NSS_CLASSIC code from pk11cert.c and pk11nobj.c. 
bug 293847  r=rrelyea
 2005-08-02 01:34:38 +00:00
wtchang%redhat.com
ea595039b7 Bugzilla Bug 298957: PK11_TokenKeyGenWithFlags will be released in NSS 
3.10.2.
 2005-08-02 01:04:55 +00:00
wtchang%redhat.com
035c21bfa6 Bugzilla Bug 298957: improved the comment for PK11_TokenKeyGenWithFlags. 
r=relyea.
 2005-08-02 01:03:08 +00:00
wtchang%redhat.com
8825fcbdba Bugzilla Bug 302663: SECKEY_CopySubjectPublicKeyInfo needs to copy the 
subjectPublicKeyInfo as a bit string. r=nelsonb,jpierre.  Thanks to
Mikhail Teterin <mi+mozilla@aldan.algebra.com> for the bug report and
Purify output.
 2005-08-02 00:34:00 +00:00
wtchang%redhat.com
b5b833a9c0 Bugzilla Bug 302262: Check for SECITEM_AllocItem failure in 
MPINT_TO_SECITEM. r=nelsonb.
 2005-08-01 22:43:54 +00:00
wtchang%redhat.com
a82541564d Added a comment that answers the question "why isn't there a pairwise 
consistency test for Diffie-Hellman or ECDH key pairs?"
 2005-08-01 21:04:41 +00:00
relyea%netscape.com
f7cb169d0a Bugzilla Bug 298906 really check in the patch to the tip, not a test branch 
crash when accepting new certificate permanently on taschenonkel.de
r=wtc, r=nelson
 2005-08-01 20:41:30 +00:00
wtchang%redhat.com
e4ab6fa7bb Bugzilla Bug 302262: dsa.c should use the macros defined in secmpi.h. 
r=nelsonb.
 2005-08-01 18:51:06 +00:00
relyea%netscape.com
d527565866 I have to many patches in one tree! Stay at 1.103 until this patch has a bug and 
reviews!
 2005-08-01 18:32:45 +00:00
relyea%netscape.com
775b5372bc These changes were part of a different patch, reviews are not yet complete. 
Backing out to previous versions.
 2005-08-01 18:31:12 +00:00
relyea%netscape.com
7af3f28d88 ARG -- reverted to the wrong version. The correct version was 1.103, not 1.102 2005-08-01 18:27:30 +00:00
relyea%netscape.com
625993f336 Backing out previous checkin. This was a separate unreviewed patch. 2005-08-01 18:26:12 +00:00
relyea%netscape.com
b62dc0bebc Bug 298906 crash when accepting new certificate permanently on taschenonkel.de 
r=wtc, sr=nelson
 2005-08-01 18:23:56 +00:00
wtchang%redhat.com
7053ab4abf Bugzilla Bug 302219: added CKM_RSA_X9_31_KEY_PAIR_GEN support. r=relyea. 2005-07-29 23:43:40 +00:00
wtchang%redhat.com
a3ac2d6b1d Bugzilla Bug 302219: added CKM_RSA_X9_31_KEY_PAIR_GEN support to 
PK11_GenerateKeyPair. r=relyea.
 2005-07-29 23:23:35 +00:00
relyea%netscape.com
03738e2557 Bug 278276 Slot List Elements cannot be freed by applications. 
wtchang: review+
julien.pierre.bugs: superreview+
 2005-07-28 23:17:43 +00:00
relyea%netscape.com
f212e4ecf1 bug 278276 Slot List Elements cannot be freed by applications. 
wtchang: review+
julien.pierre.bugs: superreview+
	E
 2005-07-28 23:16:26 +00:00
relyea%netscape.com
8be47f79ed bug 278276 Slot List Elements cannot be freed by applications. 
Export a free function for slot list elements.

r = wtc & julien.
 2005-07-28 23:13:21 +00:00
wtchang%redhat.com
0fc278d80f Bugzilla Bug 302262: fixed an error in the comment. Set the error code 
if signature verification fails.  r=nelsonb.
 2005-07-27 18:48:44 +00:00
wtchang%redhat.com
512a35d372 Bugzilla Bug 298514: Moved the FIPS 140-2 pairwise consistency check from 
pk11wrap to softoken because the softoken shared library is our new crypto
module boundary. r=relyea,nelsonb.
Modified files: pk11wrap/pk11akey.c softoken/fipstokn.c softoken/pkcs11c.c
 2005-07-22 22:11:22 +00:00
wtchang%redhat.com
75dc722c28 Bugzilla Bug 298957: moved PK11_TokenKeyGenWithFlags from the NSS_3.11 
section to the NSS_3.10.1 section because we plan to export that function
in NSS 3.10.1. r=jpierre.
 2005-07-22 01:43:36 +00:00
wtchang%redhat.com
ee93d82c69 Bugzilla Bug 298516: fixed problems found by code inspection. r=relyea. 
Modified Files: pk11db.c pkcs11.c
 2005-07-22 00:47:18 +00:00
wtchang%redhat.com
256eb43b03 Bugzilla Bug 298957: make the new function PK11_TokenKeyGenWithFlags 
"legacy free" and move the code that set the CKF_ENCRYPT flag by default
and the Fortezza hack code to PK11_TokenKeyGen. r=relyea.
 2005-07-22 00:07:52 +00:00
wtchang%redhat.com
252be2d441 Bugzilla Bug 288647: enable building NSS with an NSPR binary distribution. 
Introduced NSPR_INCLUDE_DIR and NSPR_LIB_DIR make variables. Portions of
the patch were contributed by Chris Seawood <cls@seawood.org>. r=relyea.
Modified Files:
	coreconf/OS2.mk coreconf/OpenVMS.mk coreconf/location.mk
	nss/cmd/platlibs.mk nss/cmd/shlibsign/Makefile
	nss/cmd/shlibsign/sign.cmd nss/cmd/shlibsign/sign.sh
	nss/lib/ckfw/builtins/Makefile
	nss/lib/fortcrypt/swfort/pkcs11/Makefile nss/lib/nss/config.mk
	nss/lib/smime/config.mk nss/lib/softoken/config.mk
	nss/lib/ssl/config.mk
 2005-07-21 23:48:30 +00:00
julien.pierre.bugs%sun.com
26dff248b1 Fix for 217024 . Address Wan-Teh's concerns about naming and documentation. Also fix AIX build by removing extraneous comma. 2005-07-09 00:34:43 +00:00
wtchang%redhat.com
6893edd94b Bugzilla bug 300068: fixed the bug that "collection" is used uninitialized 
if "td", "c", or "cc" is NULL.  The patch is contributed by Wolfgang
Rosenauer <mozilla@rosenauer.org>. r=wtc.
 2005-07-08 17:06:15 +00:00
julien.pierre.bugs%sun.com
bae291f63a Fix for bug 217024 . Add a function to compare validity times. r=relyea 2005-07-08 07:06:56 +00:00
julien.pierre.bugs%sun.com
bdc5219738 Fix for bug 292809 . Add flags to NSS_Initialize to better cooperate with the Java SunPKCS11 provider. r=relyea, wtchang 2005-07-08 04:41:32 +00:00
relyea%netscape.com
2b2395e4a9 Bugzilla Bug 287418: remove redundant memory allocation in DSA and ECDSA sign 
wtchang: review+
julien.pierre.bugs: superreview+
 2005-07-07 20:19:36 +00:00
julien.pierre.bugs%sun.com
0269e27f2d Fix for 297735 . C_Initialize should return CKR_CANT_LOCK . r=wtchang,rrelyea 2005-07-06 22:32:12 +00:00
wtchang%redhat.com
7f68104244 Removed an extraneous line at the end of file added in the previous 
checkin.
 2005-07-06 18:56:37 +00:00
relyea%netscape.com
66d0ee6781 Bug 294556 (not all functions exported) reviews wtc nelsonb 
Bug 298627 (need to access random number generator on a slot). reviews wtc julien
 2005-07-06 18:46:36 +00:00
wtchang%redhat.com
2fa8c48fa5 Bugzilla Bug 298957: pk11_FlagsToAttributes should not add attributes 
whose type is 0. r=relyea.
 2005-07-06 18:36:05 +00:00
wtchang%redhat.com
f8218a271b Bugzilla Bug 298957: code cleanup -- the array size can be MAX_TEMPL_ATTRS. 
r=relyea.
 2005-07-06 18:34:39 +00:00
wtchang%redhat.com
14794607bc Trivial comment fix. 2005-07-05 22:41:33 +00:00
wtchang%redhat.com
a36a0d6ad4 Bugzilla Bug 287057: fixed memory leaks in callers of cert_FindExtension. 
pass NULL as the SECItem* argument if we only want to know if the extension
exists but don't need its value. r=jpierre,nelsonb.
Modified Files:
	certdb/certdb.c certdb/genname.c certhigh/certhigh.c
	certhigh/certhtml.c certhigh/crlv2.c certhigh/ocsp.c
 2005-06-30 20:53:57 +00:00
wtchang%redhat.com
1639879aa6 Bugzilla Bug 298957: added new function PK11_TokenKeyGenWithFlags. 
r=relyea,nelsonb.
Modified files: nss/nss.def pk11wrap/pk11pub.h pk11wrap/pk11skey.c
 2005-06-30 17:50:41 +00:00
wtchang%redhat.com
9ee0623105 Bugzilla Bug 298962: Removed dead code: nssBestCertificate_SetArgs, 
nssBestCertificate_Callback, and nssBestCertificateCB. r=jpierre,nelsonb.
Modified files: certificate.c pkitm.h
 2005-06-28 17:55:29 +00:00
wtchang%redhat.com
fafa59ce5f Bugzilla Bug 298953: fixed a memory leak in sslBuffer_Grow if PORT_Realloc 
fails. r=nelsonb.
 2005-06-28 17:48:26 +00:00
julien.pierre.bugs%sun.com
a7638aa1fd Fix for 298538 - fix signature verification in S/MIME with signer-only cert. r=wtchang, nelson 2005-06-27 22:21:19 +00:00
wtchang%redhat.com
2a3bb9d1e0 Bugzilla Bug 295754: moved duplicate function subject_list_sort to 
certificate.c and renamed it nssCertificate_SubjectListSort.
r=relyea,nelsonb.
Modified files: certificate.c pkim.h pkistore.c tdcache.c
 2005-06-27 21:50:06 +00:00
christophe.ravel.bugs%sun.com
a12b562c66 After branching NSS_3_10_BRANCH, the tip target is 3.11 2005-06-27 18:21:02 +00:00
wtchang%redhat.com
dd3c6f24d1 Bugzilla Bug 295754: fixed a crash in subject_list_sort if a cert is not 
decodable (e.g., it has unsupported critical extension). r=relyea,nelsonb.
Modified Files: pkistore.c tdcache.c
 2005-06-24 00:33:28 +00:00
wtchang%redhat.com
de7814e763 Bugzilla Bug 298537: replaced hardcoded 3 and 8 with the NSS_VMAJOR and 
NSS_VMINOR macros defined in nss.h. r=relyea,nelsonb.
 2005-06-23 23:41:29 +00:00
relyea%netscape.com
f0a85660c4 Arg! This change was supposed to go to a branch, not the tip. back it out now. 
bob
 2005-06-20 23:14:45 +00:00
relyea%netscape.com
6c951345b4 Test multiaccess Databases. This patch causes softoken to Always use the 
multiaccess Database for clients. This is not intended for the final release
 2005-06-20 23:11:25 +00:00
relyea%netscape.com
3f9404d4ce Get the Processer cache line size. This file contains processor and OS 
specific content. Currently it only works well with x86 and 64-bit PPC.
 2005-06-09 20:43:40 +00:00
wtchang%redhat.com
026a0217ed Bugzilla bug 295298: enforce RSA key size limits when generating a new 
key pair. r=nelsonb,jpierre.
 2005-05-27 23:53:19 +00:00
nelsonb%netscape.com
e5eb16af00 Allow DSA signature output buffer to exceed required length. 
Bug 191470. r=nelson. Patch by rrelyea@redhat.com.
 2005-05-21 21:35:24 +00:00
wtchang%redhat.com
bf8bc99a2c Bugzilla Bug 294071: removed out-of-date comments and dead code. r=nelsonb. 2005-05-18 00:03:11 +00:00
julien.pierre.bugs%sun.com
3046175100 Rename NEXT_ITERATION macro to NEXT_USAGE to make code clearer 2005-05-17 17:41:17 +00:00
julien.pierre.bugs%sun.com
065d103d3a Fix for 265369 - fix compiler warning in unix_rand . r=nelson 2005-05-10 21:14:51 +00:00
wtchang%redhat.com
ecafacb917 Bugzilla Bug 291858: fixed incorrect definitions of the CKM_SHAxxx_HMAC, 
CKM_SHAxxx_HMAC_GENERAL, CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and
CKM_ECMQV_DERIVE macros. r=nelsonb,relyea.
 2005-04-28 16:53:19 +00:00
christophe.ravel.bugs%sun.com
18a44a9aad Change NSS version to 3.10.1 Beta. 2005-04-27 20:28:39 +00:00
neil.williams%sun.com
b2e194a3d0 Bug 291555. Makes certutil process null CSR ext req lists as it did before NSS3.10. r=nelson 2005-04-23 03:58:19 +00:00
christophe.ravel.bugs%sun.com
df9ef8a155 Changing beta flag to RTM. 2005-04-19 22:53:46 +00:00
wtchang%redhat.com
3395848fa4 Bugzilla bug 275576: added "Root" to the nickname for the "Global 
Chambersign" root. r=nelsonb.
Modified files: certdata.txt certdata.c
 2005-04-18 16:08:10 +00:00
julien.pierre.bugs%sun.com
a5a1ba4841 Fix for 290121. Replace PRIntervalTime with PRTime when checking for the need to query the token for CRLs. r=nelson 2005-04-17 03:17:07 +00:00
wtchang%redhat.com
3e92cbf95d Bugzilla Bug 288095: removed unnecessary #include "alghmac.h". alghmac.h 
and pkcs11i.h don't need to be exported to the outside of lib/softoken.
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11pbe.c pkcs12/p12d.c pkcs12/p12e.c
	pkcs12/p12local.c softoken/manifest.mn
 2005-04-15 16:38:46 +00:00
wtchang%redhat.com
540c1cf71a Bugzilla Bug 258416: trust Sonera Class 1 CA only for S/MIME. r=nelsonb. 
Modified files: certdata.c certdata.txt
 2005-04-14 16:45:04 +00:00
julien.pierre.bugs%sun.com
fb7c3531fe Fix for 290121 - always fill the CRL cache on first entry, to fix AIX problem. r=nelson 2005-04-13 18:08:48 +00:00
wtchang%redhat.com
5a9624f05e Bugzilla Bug 287495: added Go Daddy Class 2 CA and Starfield Class 2 CA. 
Bumped the nssckbi module's version to 1.53.  Updated the instructions in
README. r=relyea,nelsonb.
Modified Files: README certdata.c certdata.txt nssckbi.h
 2005-04-13 01:45:53 +00:00
alexei.volkov.bugs%sun.com
d2f6e314c7 Fix for bug 265003: Add CRL generation to crlutil. Reviewed JP+ 2005-04-12 02:24:17 +00:00
julien.pierre.bugs%sun.com
98d2ea1e3c Correct name of extension from "Invalid Date" to "Invalidity Date". 2005-04-11 21:27:01 +00:00
nelsonb%netscape.com
0187d36e9b Report correct error code when input cert file contains extra stuff. 
bug 289819.  r=julien.pierre
 2005-04-11 02:52:01 +00:00
julien.pierre.bugs%sun.com
4f4e3af5f8 Fix for 280121 - allow encoding simple templates with SEC_ASN1_INLINE and SEC_ASN1_OPTIONAL . r=nelson 2005-04-09 05:06:34 +00:00
nelsonb%netscape.com
e0a7c75322 Don't crash in NSC_CopyObject after failing to copy a token object. 
Bug 289529. r=relyea.
 2005-04-09 00:42:01 +00:00
nelsonb%netscape.com
7d6edc424d Back out the preceeding fortezza removal patch, which was accidentally 
applied to the trunk, not to the intended branch.
 2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
17a1f014fd Remove fortezza support from libSSL and related commands. Bug 239960. 
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.
 2005-04-06 19:43:19 +00:00
nelsonb%netscape.com
095a0172f0 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre. 
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c
 2005-04-05 03:48:20 +00:00
julien.pierre.bugs%sun.com
a2ec53c02b Fix gcc compiler warning 2005-04-05 00:55:55 +00:00
julien.pierre.bugs%sun.com
9b65f66678 Fix for bug 287654 - check message value against RSA modulus. r=nelson 2005-04-05 00:14:07 +00:00
neil.williams%sun.com
fe7d548e36 This fixes Bugzilla Bug 288227 by initializing the stepUp flag in 
nssCryptokiTrust_GetAttributes(). r=nelsonb
 2005-04-04 18:46:23 +00:00
julien.pierre.bugs%sun.com
51bba31171 Fix for 287654 . Check input buffer length for C_Encrypt with RSA . r=nelson 2005-04-04 09:27:42 +00:00
julien.pierre.bugs%sun.com
e38dfe9691 Fix for bug 288726. error in SECMOD_CancelWait 2005-04-02 06:02:53 +00:00
julien.pierre.bugs%sun.com
16a9e79d60 Silence compiler warnings 2005-04-02 05:33:41 +00:00
julien.pierre.bugs%sun.com
85f13422bc Remove unused variable 2005-04-02 05:17:27 +00:00
nelsonb%netscape.com
aed5390a2d Rename functions that are shared by pk11wrap and softoken from sftk_ to 
secmod_.  Bug 286685. r=relyea.
 2005-04-02 00:46:13 +00:00
wtchang%redhat.com
1ddbee0247 Bugzilla bug 288657: fixed the bug that pk11_AnyUnwrapKey returns a 
partially constructed symKey object if C_UnwrapKey fails with
CKR_DEVICE_ERROR.  r=relyea.
 2005-04-01 22:27:44 +00:00
wtchang%redhat.com
dda0b57a91 Set NSS version to 3.10 Beta 3. 2005-03-30 00:22:36 +00:00
nelsonb%netscape.com
c03b9d33fe Rename all internal private softoken functions types and symbols from 
PK11 or pk11 prefixes to SFTK or sftk prefixes.  Bug 286685.
r=relyea,wtchang  Modified Files:
 cmd/bltest/blapitest.c lib/pk11wrap/pk11pars.c lib/softoken/dbinit.c
 lib/softoken/dbmshim.c lib/softoken/fipstest.c lib/softoken/fipstokn.c
 lib/softoken/pcertdb.c lib/softoken/pk11db.c lib/softoken/pk11pars.h
 lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h
 lib/softoken/pkcs11u.c lib/softoken/softoken.h lib/softoken/tlsprf.c
 2005-03-29 18:21:18 +00:00
wtchang%redhat.com
bbd584b694 Bugzilla Bug 286439: Removed PKCS11_USE_THREADS and PK11_USE_THREADS. 
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11list.c pk11wrap/pk11pars.c pk11wrap/pk11skey.c
	pk11wrap/pk11slot.c pk11wrap/pk11util.c pk11wrap/secmod.h
	pk11wrap/secmodi.h pk11wrap/secmodt.h pk11wrap/secmodti.h
	softoken/pkcs11.c softoken/pkcs11i.h softoken/pkcs11u.c
 2005-03-28 20:45:37 +00:00
wtchang%redhat.com
ef701de98b Removed an extraneous ^M character at the end of a line. 2005-03-28 19:37:28 +00:00
wtchang%redhat.com
cb2efbad98 Got rid of extraneous ^M characters at some line endings. 2005-03-17 21:28:40 +00:00
wtchang%redhat.com
ddab8fa00e Bugzilla Bug 286302: made PK11_CreateSymKey static and renamed it 
pk11_CreateSymKey.  r=nelsonb.
Modified Files: pk11priv.h pk11skey.c
 2005-03-16 22:40:35 +00:00
wtchang%redhat.com
4dc846b1fe Bugzilla Bug 286313: code cleanup: use PORT_New and PORT_ZNew to allocate 
structures. r=nelsonb.
 2005-03-16 21:57:47 +00:00
wtchang%redhat.com
e112b06ae2 Bugzilla Bug 286318: performance optimization: save the result of 
PK11_SESSION_LOCK in a local variable and reuse the result. r=nelsonb.
Modified Files: pkcs11.c pkcs11u.c
 2005-03-16 19:24:45 +00:00
wtchang%redhat.com
7c8a3f8874 Bugzilla Bug 286313: pk11_getKeyFromList can call PORT_Alloc instead of 
PORT_ZAlloc.  PK11_CreateSymKey should set the data.type member. r=jpierre
 2005-03-16 19:10:49 +00:00
wtchang%redhat.com
733584cdd9 Bugzilla Bug 286298: comment formatting changes only. 
Modified Files: pkcs11i.h pkcs11u.c
 2005-03-16 19:02:04 +00:00
wtchang%redhat.com
08af568746 Bugzilla Bug 286298: removed the PKCS11_STATIC_ATTRIBUTES and 
PKCS11_REF_COUNT_ATTRIBUTES macros, supporting only one of the three
attribute allocation strategies (static allocation). r=jpierre.
Modified Files: pkcs11i.h pkcs11u.c
 2005-03-16 18:48:34 +00:00
nelsonb%netscape.com
0b4c6bf4e9 Eliminate one cause of double-deletes of PKCS11 keys and sessions. 
Bug 283690. Patch contributed by Bob Relyea. r=nelson.
 2005-03-15 05:27:31 +00:00
wtchang%redhat.com
1980fc5f8a Bugzilla Bug 276183: added a comment for PK11_HashBuf. 2005-03-14 19:22:06 +00:00
wtchang%redhat.com
38c071cb45 Bugzilla Bug 284386: the OID for RFC 1327 ucl was incorrectly encoded. 2005-03-14 18:04:44 +00:00
wtchang%redhat.com
5a13096fee Bugzilla Bug 284386: fixed build error using gcc4. gcc4 disallows arrays 
of incomplete element type (which are invalid in C).  We moved the
declaration of nss_builtin_oids to pki1.h, after the definition of NSSOID.
r=caillon.
Modified Files: oiddata.h oidgen.perl pki1.h
 2005-03-14 18:02:00 +00:00
julien.pierre.bugs%sun.com
49a5cedc08 Fix for 176705 - fix rpath on AMD64 platform. r=saul, sr=wtchang 2005-03-09 23:04:49 +00:00
neil.williams%sun.com
5431bc6445 r=nelson Bug=263779 2005-03-09 23:02:48 +00:00
nelsonb%netscape.com
d126b39b34 Do not crash if Server SID cache is uninitialized. Bug 237724 r=Julien 
Instead, if SSL_NO_CACHE is not set, return an error code.
 2005-03-09 05:20:44 +00:00
nelsonb%netscape.com
b4a5eb6864 Add root CA certs for XRamp, Camerafina and NetLock. 
Bugs 274723. 275576, and 280744.  r=Jullien.Pierre
 2005-03-08 08:44:57 +00:00
julien.pierre.bugs%sun.com
d501f3ab57 Fix for 285233 - need extra symbols to be exported to support CRL generation. Ch 
ecking in for alexei volkov . r=nelson
 2005-03-08 07:08:48 +00:00
julien.pierre.bugs%sun.com
c62079e031 Fix for bug 270689 . minor issues remaining with list cleanup and on-the-fly lock creation 2005-03-08 05:52:33 +00:00
wtchang%redhat.com
11ee6948b1 Bugzilla Bug 284839: checked in Bob Relyea's patch to improve the 
responsiveness of SECMOD_WaitForAnyTokenEvent. r=wtc,nelsonb.
Modified Files: lib/dev/dev.h lib/dev/devslot.c lib/pk11wrap/pk11util.c
 2005-03-07 21:20:38 +00:00
wtchang%redhat.com
c6b963e853 Bugzilla Bug 263779: update the comment to reflect the new code. 
Modified Files: secoid.c secoidt.h
 2005-03-07 18:34:48 +00:00
nelsonb%netscape.com
f9e9a4b85f Export CERT_SequenceOfCertExtensionTemplate on Windows. 
Fix type of "attributes" member of struct CERTCertificateRequestStr.
Bug 284200.  r=nelson.williams & wtchang.
 2005-03-05 08:03:04 +00:00
wtchang%redhat.com
e14aed2199 Added a blank line after the triple license header to match the output 
of the new oidgen.perl.
 2005-03-04 18:30:12 +00:00
julien.pierre.bugs%sun.com
afed9f1c17 Fix for 283765. Fix for UMR in NSSUsage. r=julien 2005-03-04 04:32:04 +00:00
julien.pierre.bugs%sun.com
e31568eecd Fix crash in CRL sorting callbacks from qsort. 2005-03-03 04:07:26 +00:00
neil.williams%sun.com
aa670cb0b1 Bug 263779 r=nelson@bolyard.com 
This patch adds a new OID which is needed for the certutil patch which will follow.
 2005-03-02 02:54:54 +00:00
nelsonb%netscape.com
d614d9c9ff Report invalid key when key import fails. Do not go on and use invalid 
key handle.  Bug 283642.  r=relyea
 2005-02-27 15:25:46 +00:00
julien.pierre.bugs%sun.com
cd9154c2e8 Fix for bug 272327 . AMD64 assembly optimization for bignum multiply. r=nelson 2005-02-25 04:30:11 +00:00
julien.pierre.bugs%sun.com
f8a1159f11 Move static functions out of certi.h header file and into crl.c source file, to remove warnings with gcc 2005-02-25 00:54:29 +00:00
julien.pierre.bugs%sun.com
1861144044 Undo accidental deletion of PORT_ZFree 2005-02-24 06:02:16 +00:00
julien.pierre.bugs%sun.com
a4621e0461 Fix for bug 270742 - incorporate AMD64 implementation of arcfour . Code donated by Marc Bevand, and integrated by Nelson . r=wtchang 2005-02-24 02:09:41 +00:00
julien.pierre.bugs%sun.com
09e544676a Fix for 269581 - cache the value of CKA_PRIVATE on private keys to avoid unnecessary C_GetAttributeValue . Also fix i 
ncorrect logic in attribute tests. r=rrelyea,wtchang
 2005-02-24 00:38:23 +00:00
julien.pierre.bugs%sun.com
0a4b279c0f Fix for 269581 - cache the value of CKA_PRIVATE on private keys to avoid unnecessary C_GetAttributeValue . Also fix incorrect logic in attribute tests. r=rrelyea,wtchang 2005-02-24 00:35:51 +00:00
julien.pierre.bugs%sun.com
8ac2cbecc8 Fix compiler warnings under Linux 2005-02-24 00:22:59 +00:00
julien.pierre.bugs%sun.com
2c3c71caa0 Add comment for bug 243585 2005-02-24 00:22:23 +00:00
wtchang%redhat.com
2887e52c23 Bugzilla Bug 282370: Added OID for PKIX_CA_ISSUERS. The patch is 
contributed by Martin v. L�wis <martin@v.loewis.de>. r=nelson,wtc.
Modified Files: secoid.c secoidt.h
 2005-02-23 19:43:02 +00:00
wtchang%redhat.com
cf7f00183c Bug 236613: fixed the fallout from the change to MPL/LGPL/GPL tri-license. 
Our script for processing the *.def on the Mac cannot handle blank lines.
Modified Files: nssckbi.def nss.def smime.def softokn.def ssl.def
 2005-02-23 19:25:39 +00:00
wtchang%redhat.com
07d5483970 Bugzilla Bug 282367: Export CERT_DestroyUserNotice from the nss shared 
library.  Added a CERT_DestroyUserNotice call to cmd/lib/pppolicy.c to
fix a leak of CERTUserNotice. r=nelsonb.
Modified Files: lib/nss/nss.def cmd/lib/pppolicy.c
 2005-02-22 20:02:22 +00:00
julien.pierre.bugs%sun.com
66bc594587 Fix compilation on AIX 2005-02-15 19:26:28 +00:00
julien.pierre.bugs%sun.com
1b8fc2a9d7 Fix for 243585 - add the ability to use CRL objects from RAM . r=nelson, neil.williams 2005-02-15 06:26:43 +00:00
nelsonb%netscape.com
756dbad584 Export HASH_Clone HASH_HashBuf HASH_ResultLenContext 
Bug 273444, r=julien.pierre
 2005-02-12 06:39:23 +00:00
julien.pierre.bugs%sun.com
37fdc5fab9 Fix for 281761 - VFY_CreateContext passes wrong key object; and other cleanup. r=nelson 2005-02-10 08:05:54 +00:00
neil.williams%sun.com
a7dcc795a8 Bug#:280602 Added list option to pk12uti, test for it. 
r=nelson@bolyard.com
 2005-02-08 01:04:50 +00:00
gerv%gerv.net
f45b5900c8 Bug 236613: change to MPL/LGPL/GPL tri-license. 2005-02-02 22:28:27 +00:00
wtchang%redhat.com
4c5ddcd96b Wrap long lines. 2005-01-27 21:33:59 +00:00
wtchang%redhat.com
82b1183c84 Bugzilla Bug 267158: removed the $Name$ RCS keyword from our source files. 
This keyword adds noise to the output of "ident libnss3.so | grep NSS"
on our debug build, and appears to cause spurious CVS conflicts. r=nelsonb.
 2005-01-20 02:25:51 +00:00
wtchang%redhat.com
d0724fcd94 Bugzilla Bug 278381: fixed double frees and mismatch of format specifers 
and arguments. The patch is contributed by Tim Ruehsen
<tim.ruehsen@gmx.de>. r=wtc,relyea.
 2005-01-14 18:59:20 +00:00
wtchang%redhat.com
467935176b Bugzilla Bug 276180: defend against invalid arguments to PK11_HashBuf 
and PK11_DigestOp. r=nelsonb.
 2005-01-04 22:00:01 +00:00
wtchang%redhat.com
ddbea8b6fc Bugzilla bug 273624: fixed the regression (from NSS 3.3.x) that 
NSS_Initialize didn't report the SEC_ERROR_BAD_DATABASE error if
the NSS databases haven't been created.  r=nelsonb,relyea.
Modified Files: pk11wrap/pk11err.c pk11wrap/pk11load.c
                softoken/dbinit.c softoken/pkcs11n.h
 2005-01-04 18:20:00 +00:00
nelsonb%netscape.com
897bade8c1 Initialize 4 variables. Plug UMR reports. Bug 263691. r=wtchang 2004-12-24 07:13:35 +00:00
nelsonb%netscape.com
c50e280c7b Add end of list marker to SECErrorCodes enum in secerr.h. 
Bug  273611, r=Saul.edwards
 2004-12-23 23:42:25 +00:00
julien.pierre.bugs%sun.com
99bef0be47 Fix for 273993 . SSL client cache grows with non-restartable sessions . r=saul,nelson 2004-12-17 02:01:35 +00:00
julien.pierre.bugs%sun.com
6c048409ed Fix for 266206 - avoid calling getdtablesize twice 2004-12-08 23:00:19 +00:00
julien.pierre.bugs%sun.com
5ab2c1cd4b Fix for bug 270689 - race condition in softoken list lock creation . r=nelson 2004-12-08 01:13:54 +00:00
nelsonb%netscape.com
5bf350b4f7 Workaround the occasional SSL server cert that has the step-up OID but 
not the SSL server OID.  Patch by Aaron Spangler <aaron@spangler.ods.org>
Bug 231775. r=nelson
 2004-12-02 22:08:14 +00:00
nelsonb%netscape.com
c33c315aee When attempting to find an SMIME profile for a given email address, 
firt ensure that the email address is not NULL and not empty.
Bugzilla bug 263596. r=wan-teh.
Modified Files: lib/certdb/stanpcertdb.c lib/pk11wrap/pk11nobj.c
 2004-12-02 21:34:15 +00:00
nelsonb%netscape.com
5b13f09e65 Fixes bugs 258416, 261374, 261375, 261379, 271551 and 271585 
Modified Files: certdata.c certdata.txt nssckbi.h
r=relyea.  Add root CA certs for
    QuoVadis Root CA                        C,C,C
    Security Communication Root CA          C,C,C
    Sonera Class 1 Root CA                  C,C,C
    Sonera Class 2 Root CA                  C,C,C
    Staat der Nederlanden Root CA           C,C,C
    TDC Internet Root CA                    C,C,C
    TDC OCES Root CA                        C,C,C
    UTN DATACorp SGC Root CA                C,p,p
    UTN USERFirst Email Root CA             p,C,p
    UTN USERFirst Hardware Root CA          C,p,p
    UTN USERFirst Object Root CA            p,p,C
 2004-12-02 19:47:45 +00:00
nelsonb%netscape.com
08836590b0 Do case-insensitive comparisons of hostnames to wildcarded names. 
Bug 266651.  Patch contributed by Ken Key <key+mozilla@ksquared.net>.
 2004-11-19 23:54:10 +00:00
wchang0222%aol.com
7c98ff6077 Bugzilla bug 268502: fixed some function declaration problems. r=jpierre, 
relyea.
 2004-11-18 23:51:37 +00:00
julien.pierre.bugs%sun.com
94b08bc344 Fix bugzilla 268521 - C_CloseSession getting called after C_CloseAllSessions . r=relyea, nelsonb 2004-11-09 23:19:24 +00:00
wchang0222%aol.com
3b305b181f Bugzilla bug 248435: declare the exported functions CERT_DecodeGeneralName 
and CERT_EncodeGeneralName in the public header cert.h.  r=jpierre.
Modified Files: cert.h genname.h xconst.c
 2004-11-09 06:13:32 +00:00
wchang0222%aol.com
254aeee16c Bugzilla bug 261794: cvs removed obsolete .cvsignore files that contain 
only files that have since been checked into CVS.  r=gerv.
Removed Files: ckfw/.cvsignore pki1/.cvsignore
 2004-11-05 02:28:40 +00:00
julien.pierre.bugs%sun.com
504b389434 Fix for 266206 . close only up to 64k descriptors. 2004-10-29 06:14:22 +00:00
julien.pierre.bugs%sun.com
781aca838b Fix for bug 262192 . assert and check attribute ptr 2004-10-24 18:31:27 +00:00
julien.pierre.bugs%sun.com
464720d125 Fix for bug 265707 - SECMOD_FindSlot always returns NULL. r=relyea 2004-10-24 18:25:04 +00:00
julien.pierre.bugs%sun.com
0571dde1e9 Fix for 265708. - count should be CK_ULONG 2004-10-23 20:23:50 +00:00
wchang0222%aol.com
0e502115b8 Bugzilla bug 265686: the 'name' argument to PK11_FindSlotByName should be 
const char *.  The patch is contributed by timeless@bemail.org. r=wtc.
Modified files: pk11pub.h pk11slot.c
 2004-10-22 22:13:45 +00:00
relyea%netscape.com
e93a53498f [Bug 262274] visibility of PK11_GetCertFromPrivateKey and CERT_DecodeDERCertificate 2004-10-14 22:34:47 +00:00
relyea%netscape.com
e56b27e7a7 bug 262774 export PK11_GetCertFromPrivateKey publically. 2004-10-14 22:15:21 +00:00
relyea%netscape.com
5be4b0f4b4 Fix regression where PK11LogoutAll will crash when called when NSS is not initialized. 2004-10-11 22:37:41 +00:00
julien.pierre.bugs%sun.com
e6651557ec Fix for 259003 - port NSS to Solaris AMD64 . r=wtc 2004-10-11 02:15:42 +00:00
julien.pierre.bugs%sun.com
69a7452f8e Include nssrwlk.h for NSSRWLock_ funtions 2004-10-07 04:36:03 +00:00
nelsonb%netscape.com
5178c6777b Fix bugzilla bug 261496. Absent OPTIONAL CHOICEs should not cause fatal 
errors.  Fix printing code to not crash on missing optional nextUpdate.
r=julien.pierre
 2004-09-27 22:41:41 +00:00
nelsonb%netscape.com
ebadd0ad21 Fix bug 261333. Use the modulus length for the length of the output 
buffer, not the length of the input data.  r=julien.pierre
 2004-09-24 21:44:20 +00:00
nelsonb%netscape.com
e4191760ba Patch by kinmoz@netscape.net. Fix bug 260882 by clearing the valid 
cache flag (named "searchedObjectType") even when the cache was empty.
 2004-09-22 01:45:26 +00:00
saul.edwards%sun.com
035652083f 258779: Add /usr/lib/mps to RPATH for Solaris 10. 2004-09-17 22:25:50 +00:00
nelsonb%netscape.com
5f3c5e717c Increase the maximum allowable size of the prime field for DH computations. 
bug 259229.
 2004-09-17 00:34:52 +00:00
saul.edwards%sun.com
a72892ef68 Bug 245915: Add NSS_IsInitialized prototype to header. 2004-09-16 16:31:45 +00:00
nelsonb%netscape.com
85d9ad67fc Two new functions: PK11_PubEncryptPKCS1 and PK11_PrivDecryptPKCS1. 
Bugzilla bug 258366. Ported from NSS 3.9 branch.
 2004-09-08 02:52:15 +00:00
nelsonb%netscape.com
11b916c95a export CERT_ConvertAndDecodeCertificate and SEC_PKCS7EncodeItem from 
libSMIME.  Bugzilla bug 258362.  Fix ported from 3.9 branch.
 2004-09-08 01:20:46 +00:00
nelsonb%netscape.com
24904acb6f Add root CA certs for Certum, Comodo, and IPS. 
Bugzilla bugs 242040 244982 252132.
 2004-09-03 04:35:28 +00:00
wchang0222%aol.com
bad8733fd8 Added a comment explaining how NSS_BUILTINS_LIBRARY_VERSION_MINOR should be 
incremented.
 2004-08-31 17:39:15 +00:00