Commit Graph

3757 Commits

Author SHA1 Message Date
neil.williams%sun.com
8657972540 CBug 290263, patch CERT_CreateCertificateRequest for doing extensions
r=bob
`VS: ----------------------------------------------------------------------
2005-10-12 00:10:17 +00:00
relyea%netscape.com
f8422acc69 Attempt to fix HPUX test failures.
Bug 311279 crmftest core dumps on HP-UX
(verbal) r=wtc
2005-10-08 00:57:31 +00:00
wtchang%redhat.com
491b4ef092 Bugzilla Bug 304360: generate ECC key with private key value less than the
group order using a combination of ANSI X9.62 A.4.1 and FIPS 186-2 Change
Notice 1.  Also changed structure of EC key generation functions to match
the scheme used in dsa.c.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca> of Sun Labs. r=wtc.
2005-10-06 23:16:20 +00:00
wtchang%redhat.com
81299cbc68 Bugzilla Bug 257693: set the correct error code in EC_ValidatePublicKey.
Documented the return values of ECPoint_validate.  Have the tests compare
the return value of ECPoint_validate with MP_NO for negative test cases.
r=doublas.stebila.
Modified Files:
	ec.c ecl/ecl.h ecl/tests/ec2_test.c ecl/tests/ecp_test.c
2005-10-06 21:42:55 +00:00
wtchang%redhat.com
d420dda744 Bugzilla bug 259135: fixed build breakage. In C, declarations must precede
code.
2005-10-05 22:03:14 +00:00
wtchang%redhat.com
002c9cc505 Bugzilla bug 259135: minor comment fix. 2005-10-05 17:58:01 +00:00
glen.beasley%sun.com
814a61d561 259135 added SHA 256,384,512 and AES powerupself tests sr=Wan-Teh 2005-10-05 16:31:01 +00:00
relyea%netscape.com
b0d1e52691 Back out non-reviewed strictly white space change in pk11sdr.c 2005-10-04 01:11:01 +00:00
wtchang%redhat.com
1a02e7736f Made the test compile and link without errors. 2005-10-04 00:46:50 +00:00
wtchang%redhat.com
775508c3c2 Fixed test file line endings. This file must be considered part of the
NSS module because it needs the private NSS header blapi.h.
2005-10-04 00:35:51 +00:00
wtchang%redhat.com
3fad97d84a Fixed test file line endings. 2005-10-04 00:28:55 +00:00
wtchang%redhat.com
058312eaa6 Bugzilla bug 310518: map CKR_PIN_INVALID and CKR_PIN_LEN_RANGE to
SEC_ERROR_INVALID_PASSWORD instead of SEC_ERROR_BAD_PASSWORD. r=relyea.
2005-10-03 22:41:45 +00:00
relyea%netscape.com
2fcee3f720 remove depricated mechanisms so pk11table continues to build. 2005-10-03 22:19:43 +00:00
relyea%netscape.com
5c3685a18e Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
r=wtc [part 3 of 3]
2005-10-03 22:01:57 +00:00
relyea%netscape.com
0cefb4acd8 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
r=wtc [part 2 of 3]
2005-10-03 22:00:22 +00:00
relyea%netscape.com
0223a07982 This change was not part of bug 272484 and has not been reviewed.
Back it out.
2005-10-03 21:58:24 +00:00
relyea%netscape.com
53f4189369 Bug 272484 Certificate manager crashes [@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)

This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.

r=wtc
2005-10-03 21:55:29 +00:00
wtchang%redhat.com
5d52123474 Bugzilla Bug 294106: removed an assertion that's no longer necessary.
Added buffer length error checking to back up an assertion. r=nelsonb.
2005-09-30 22:01:46 +00:00
relyea%netscape.com
bb7e1cb9f9 Bugzilla Bug 244922 ASN.1 encoder outputs trash for optional may-stream subtemplate
r=nelson (original patch by nelson, modifications by me).
2005-09-30 19:22:48 +00:00
relyea%netscape.com
b354997d97 Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported
wtc's review r=wtc
2005-09-29 23:44:39 +00:00
wtchang%redhat.com
5c38b2d572 Bugzilla Bug 294106: dsa.c: use const in the function prototype of
DSA_GenerateGlobalRandomBytes.  prng_fips1861.c: implemented Algorithm 1
of FIPS 186-2 Change Notice 1 and increased the size (b) of the RNG's
seed-key from 160 bits to 256 bits. r=relyea,nelsonb.
2005-09-29 23:22:53 +00:00
relyea%netscape.com
952e8e8f45 Tests won't pass if we don't build crmftest 2005-09-29 22:01:52 +00:00
relyea%netscape.com
f07ca5cfef Bug 308887 CRMF request generation problem when using latest firefox
Add crmf tests to the test suite.
2005-09-29 21:36:42 +00:00
relyea%netscape.com
9c9cecb9d7 Bugzilla Bug 119500 PKCS#11 CKF_PROTECTED_AUTHENTICATION_PATH token flag not supported
r=nelson

This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
2005-09-29 21:00:58 +00:00
wtchang%redhat.com
fc511c7607 Bug 271317, remove the old fortezza code 2005-09-29 18:09:11 +00:00
relyea%netscape.com
93e1f22027 Bugzilla Bug 298630 freebl needs a memory cache invariant RSA implementation.
r=nelson
2005-09-29 17:17:09 +00:00
relyea%netscape.com
b8917d3493 Add better tests for detached signatures. Actually test the other sha
variants rather than just say we do. done in the context of bug 30887
r=nelson
2005-09-29 17:14:19 +00:00
relyea%netscape.com
665d2accd1 Bug 271317, remove the old fortezza code 2005-09-29 00:36:53 +00:00
relyea%netscape.com
8d4f93463a Internal NSS defines shared between softoken and the rest of NSS, but not
exported.

added as part of bug 305697.
2005-09-28 23:52:59 +00:00
relyea%netscape.com
c4abacd281 Bug 305697 Softoken needs to give on the fly access to additional databases. Part 2, User interface
r=julien
2005-09-28 17:17:49 +00:00
relyea%netscape.com
e35607b9c4 bug 305697: open additional database on the fly in softoken. part1: softoken changes.
r=julien
2005-09-28 17:12:17 +00:00
nelsonb%netscape.com
ac626ee74e Avoid NULL ptr deref. Bug 310260. patch by Glen.Beasley. r=nelson. 2005-09-28 07:55:37 +00:00
neil.williams%sun.com
7b415783ba Bug 303508, committing attachment 196965. r=nelson,saul 2005-09-23 02:15:03 +00:00
nelsonb%netscape.com
abc6a22d68 Eliminate environment variable SSLNOLOCKS, add environment variable
SSLFORCELOCKS. Make SSL_FDX option mutually exclusive with SSL_NOLOCKS
option.  Bug 305147. r=rrelyea.
2005-09-23 01:04:32 +00:00
nelsonb%netscape.com
facd708671 Don't crash when printing an ASN.1 NULL primitive with a NULL prefix
string.  Bug 309651. r=wtchang.
2005-09-22 22:45:32 +00:00
nelsonb%netscape.com
d05886f50d Add version info to freebl shared libs for Windows and Unix. bub 303508.
Modified Files:  config.mk ldvector.c manifest.mn
Added Files:     freebl.rc freeblver.c                 r=wtc.
2005-09-21 03:01:49 +00:00
nelsonb%netscape.com
f12a0e5a63 Replace "fast" and "slow" with fpu and int in loader.c. Also add a
comment explaining ISA lists.  r=wtc. bug 303508.
2005-09-21 02:53:25 +00:00
wtchang%redhat.com
73f597f990 Bug 299197: added the comment for PK11_TokenKeyGen back. r=relyea. 2005-09-21 01:32:11 +00:00
wtchang%redhat.com
ecdf90d92d Bug 299197: fixed comments. r=relyea. 2005-09-21 01:31:37 +00:00
relyea%netscape.com
aa8a2c0490 Only call C_WaitForSlotEvent if the module is PKCS #11 v2.01 or later.
bug 196811 r=wtc sr=julien
2005-09-20 20:56:07 +00:00
julien.pierre.bugs%sun.com
b8d9f0ef9a Fix for 293686. Check status from SECU_ParseCommandLine. r=nelson 2005-09-20 05:13:01 +00:00
julien.pierre.bugs%sun.com
48b2d654bd Fix for 292390. NSS tools with missing command-line operands cause crash. r=nelson 2005-09-19 20:59:46 +00:00
julien.pierre.bugs%sun.com
7e8884e00e Fix for 293686 . signver has command-line options with optional arguments. r=nelsonb 2005-09-19 20:52:11 +00:00
christophe.ravel.bugs%sun.com
41da874bf6 238319: Sun packages changes.
Change libfreebl name on Solaris x86 (following changes from Bugzilla 303508).
2005-09-19 19:12:24 +00:00
wtchang%redhat.com
13f41d4840 Bugzilla bug 303508: a more elegant way to decide when we need to prefix
LIBRARY_VERSION with '_'. r=nelsonb.
2005-09-16 23:18:01 +00:00
julien.pierre.bugs%sun.com
d42e92ad88 Fix hoarked build from previous checkin. Doh. 2005-09-16 21:28:20 +00:00
wtchang%redhat.com
b427dc6efe Bugzilla Bug 298517: when in FIPS mode, impose minimum password length and
quality to ensure a password guessing probability of less than 1 in
10,000,000, and impose a one second delay after failed login attempt to
allow at most 60 login attempts per minute.  r=relyea,nelsonb.
Modified files: fipstokn.c pkcs11.c pkcs11i.h
2005-09-16 20:37:58 +00:00
julien.pierre.bugs%sun.com
c56d3589f6 Fix for bug 127960 . Add SSL force handshake APIs which take a timeout . r=nelson 2005-09-16 20:33:09 +00:00
wtchang%redhat.com
2e75eae9d5 Bugzilla Bug 288728: handle invalid values of recipient identifier type.
r=jpierre,relyea.
2005-09-16 17:54:31 +00:00
wtchang%redhat.com
019a13cbeb Bugzilla Bug 288728: use a whitelist instead of a blacklist when checking
for invalid values of "type". r=jpierre,relyea.
2005-09-16 17:52:37 +00:00
wtchang%redhat.com
dcad184fa4 Bugzilla Bug 303508: removed the underscore from the name of the "single"
freebl shared library (freebl_3.dll -> freebl3.dll).  Do the recursive
child builds without changing directories.  This fixed the BUILD_TREE build
problem. r=nelsonb,saul.edwards.
Modified files: Makefile freebl.def manifest.mn
2005-09-16 17:17:45 +00:00
wtchang%redhat.com
65241f7ef4 Removed an unnecessary -L linker flag. r=nelsonb,saul.edwards. 2005-09-16 17:02:49 +00:00
wtchang%redhat.com
3eac80068d Bugzilla Bug 303508: code cleanup. r=nelsonb,jpierre. 2005-09-16 16:59:22 +00:00
nelsonb%netscape.com
9499265f5c Plug leaks in SSL bypass code. Add freeit argument to HMAC_Destroy function.
Change existing callers to pass this argument.  Call HMAC_Destroy from SSL.
Bug 305147. r=Julien.Pierre
Modified Files:  freebl/alghmac.c freebl/alghmac.h freebl/loader.c
  freebl/loader.h freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
  ssl/ssl3con.c
2005-09-14 04:12:50 +00:00
wtchang%redhat.com
f889a99cbb Bugzilla Bug 301554: Clear the 'present' flag if slot fails to refresh.
relyea wrote the patch. r=wtc,nelsonb.
2005-09-14 01:35:02 +00:00
nelsonb%netscape.com
fdffe11308 Fix regression introduced in last checkin. If the caller disables the
use of locks while locks are in use, don't forget to unlock the locks
already locked on the stack.  bug 305147. r=julien.pierre
2005-09-10 01:18:40 +00:00
saul.edwards%sun.com
d016e006b8 Bug 305147: add -B (bypass SSL) and -s (disable SSL locking) to server and client commands; add bypass testing to SSL test suite. 2005-09-09 04:50:07 +00:00
nelsonb%netscape.com
4b56704437 Implement two new SSL socket options: SSL_BYPASS_PKCS11 and SSL_NO_LOCKS.
Reorganize the SSL Socket structure contents to obviate ssl3 pointer.
Move much of the ECC code from ssl3con to new file ssl3ecc.c.  derive.c
implements derivation of the SSL/TLS master secret and the encryption and
MAC keys and IVs without using PKCS11. Bug 305147. r=rrelyea.
Modified Files: ssl/config.mk ssl/manifest.mn ssl/ssl.h ssl/ssl3con.c
    ssl/ssl3gthr.c ssl/sslauth.c ssl/sslcon.c ssl/ssldef.c ssl/sslgathr.c
    ssl/sslimpl.h ssl/sslinfo.c ssl/sslnonce.c ssl/sslsecur.c ssl/sslsnce.c
    ssl/sslsock.c
Added Files: ssl/derive.c ssl/ssl3ecc.c
2005-09-09 03:02:16 +00:00
nelsonb%netscape.com
1d31068271 Export function PK11_MapSignKeyType for use by libSSL. Bug 305147.
r=relyea.
Modified Files: nss/nss.def pk11wrap/pk11mech.c pk11wrap/pk11obj.c
	pk11wrap/pk11pub.h pk11wrap/secmodi.h
2005-09-09 02:03:57 +00:00
christophe.ravel.bugs%sun.com
cba8f8955c 238319: Sun packages changes.
Install 64 bit libraries in lib64 on Linux.
2005-09-08 22:23:54 +00:00
saul.edwards%sun.com
80e0981d59 Packaging for bug 303508: new freebl library names for Solaris packages.
Note that Linux does not require these changes because the Makefile picks up
all .so and .chk files for Linux packages.
2005-09-08 02:25:49 +00:00
wtchang%redhat.com
4250ad5929 Bugzilla Bug 299197: define two bitflags for every PKCS #11 object
attribute with no exceptions. renamed PK11_ATTR_READONLY as
PK11_ATTR_UNMODIFIABLE.  In pk11_OpFlagsToAttributes, backed out a change
I made before.  Made pk11_AttrFlagsToAttributes table-driven. In
pk11_loadPrivKeyWithFlags, fixed the bug (always loading the public key as
a token object).  Other code cleanups. r=relyea,nelsonb.
Modified files: pk11akey.c pk11obj.c pk11pub.h pk11skey.c secmodt.h
2005-09-07 18:23:35 +00:00
saul.edwards%sun.com
0194469cc5 Bug 303508: Add freebl shared libs that do 64-bit integer math. Bug 274984: softoken fails to load freebl in setuid programs. freebl becomes a shared library on all platforms. r=nelson
Modified Files:
	coreconf/HP-UXB.11.mk coreconf/SunOS5.mk
	nss/cmd/shlibsign/Makefile nss/cmd/shlibsign/manifest.mn
	nss/lib/freebl/Makefile nss/lib/freebl/arcfour.c
	nss/lib/freebl/blapi.h nss/lib/freebl/config.mk
	nss/lib/freebl/ldvector.c nss/lib/freebl/loader.c
	nss/lib/freebl/loader.h nss/lib/freebl/manifest.mn
Added Files:
	nss/lib/freebl/freebl.def
2005-09-07 02:47:16 +00:00
glen.beasley%sun.com
8ebcacd943 305984 update FIPS values for cipher suites file=sslinfo.c r=bob,sr=wtc 2005-09-06 17:15:32 +00:00
julien.pierre.bugs%sun.com
132ddbe43e Fix 306785 . Memory leaks in PQG_ParamGenSeedLen . r=nelson 2005-09-02 20:05:35 +00:00
wtchang%redhat.com
db235ef59a Bugzilla Bug 299197: added PK11AttrFlags and PK11_GenerateKeyPairWithFlags.
Modified PK11_TokenKeyGenWithFlags to take a PK11AttrFlags parameter.
PK11AttrFlags controls the values of commonly used PKCS #11 object
attributes that have Boolean values. r=relyea,nelsonb.
Modified Files:
	nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11obj.c
	pk11wrap/pk11pub.h pk11wrap/pk11skey.c pk11wrap/secmodi.h
	pk11wrap/secmodt.h
2005-09-02 18:25:04 +00:00
wtchang%redhat.com
184d7ab678 Bugzilla Bug 305835: removed NSS_ENABLE_ECC ifdefs under nss/lib except
nss/lib/{freebl,softoken,ssl}. r=nelsonb.
Modified Files:
	cryptohi/keyhi.h cryptohi/manifest.mn cryptohi/seckey.c
	cryptohi/secsign.c freebl/ec.c pk11wrap/manifest.mn
	pk11wrap/pk11akey.c pk11wrap/pk11cert.c pk11wrap/pk11mech.c
	pk11wrap/pk11obj.c pk11wrap/pk11skey.c pkcs12/manifest.mn
	pkcs12/p12d.c pkcs7/config.mk pkcs7/p7decode.c
	pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
	smime/config.mk
2005-09-02 01:24:57 +00:00
wtchang%redhat.com
afccecc775 Bugzilla Bug 257693: code cleanup. 1. Change "X9.63" to "X9.62". 2. In
EC_ValidatePublicKey, set error codes and handle a NULL return from
ECGroup_fromName.  3. In the ECGroupStr structure, move the validate_point
field up.  4. In the test cases, if the tests that should fail, passed,
say so in the error messages.  r=douglas@stebila.ca.
Modified Files:
	blapi.h ec.c ecl/ecl-priv.h ecl/ecl.c ecl/ecl.h
	ecl/tests/ec2_test.c ecl/tests/ecp_test.c
2005-08-27 01:09:22 +00:00
relyea%netscape.com
33f6464950 Bug 302416 NSS root cert module & fortezza should not be using NSPR static libraries
r=wtc
sr-julien
Side effects: Root cert module now works with CKF_OS_LOCKING_OK and not callbacks,
but does not work if CKF_OS_LOCKING_OK == 0 and callbacks are define.
2005-08-25 20:08:27 +00:00
wtchang%redhat.com
d624f9129a Bugzilla Bug 296410: further simplify the code by always referencing the
buffer using the same union member. r=relyea.
VFYContextCVS: ----------------------------------------------------------------------
2005-08-24 23:05:39 +00:00
julien.pierre.bugs%sun.com
22ff330626 Fix AIX build problem 2005-08-18 23:37:31 +00:00
nelsonb%netscape.com
3c64b87604 Remove fortezza header files from package. Bug 239960. patch by
wtchang@redhat.com, r=nelson@bolyard.com Modified Files: prototype
2005-08-18 03:42:00 +00:00
julien.pierre.bugs%sun.com
6b5d842c09 Fix for bug 217024. add a function for comparing cert validity periods. r=wtchang 2005-08-17 02:04:12 +00:00
saul.edwards%sun.com
c3fa2091c5 Bug 303507: Add comba for MPI's multiply and square routines.
This code is currently for AMD 64 on both Linux and Solaris only.
2005-08-16 19:25:48 +00:00
nelsonb%netscape.com
d391504d03 Remove fortezza code from libSSL and from the SSL test programs.
Stop building fortezza's special software token, and fortezza specific
test programs.   Bug 239960. r=rrelyea.
Modified Files:
    cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
    cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
    cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
    cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
    cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
    lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
    lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
    lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
    lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
    lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
    lib/ssl/sslt.h
2005-08-16 03:42:26 +00:00
wtchang%redhat.com
3e2e9c754f Bugzilla bug 296410: checked in a better fix than the previous checkin.
Also removed the unused, unexported function SEC_VerifyFile. r=nelsonb.
2005-08-16 01:57:51 +00:00
wtchang%redhat.com
88fb7bee52 Bugzilla bug 296410: removed unused, unexported function SEC_SignFile.
r=nelsonb.
2005-08-16 01:52:17 +00:00
wtchang%redhat.com
af11fc1310 Bugzilla Bug 302670: enable NSS to use system zlib and do that on Linux.
r=nelsonb.
Modified Files:
	coreconf/Linux.mk nss/cmd/Makefile nss/cmd/manifest.mn
	nss/cmd/platlibs.mk
2005-08-16 01:08:59 +00:00
wtchang%redhat.com
e758a9999b Bugzilla Bug 298612: make sure that the int argument that we pass to the
isspace, etc. macros is EOF or between 0 and 255. r=nelsonb.
2005-08-15 22:06:47 +00:00
wtchang%redhat.com
5e25df8763 Bugzilla Bug 298957: removed a comment. The code already does what the
comment asked for. r=relyea.
2005-08-15 21:34:42 +00:00
wtchang%redhat.com
55197b5cfd Bugzilla Bug 289530: fixed signed/unsigned comparison compiler warnings.
Fixed compilation errors of new ECC code added in the previous checkin.
r=nelsonb.
2005-08-15 21:23:39 +00:00
relyea%netscape.com
29e52be20d Remove ^M from the tree version of mpcpucache.c 2005-08-15 19:00:17 +00:00
saul.edwards%sun.com
95723d010a Bug 285932: Faster SHA1 implementation for AMD64: sha-fast-amd64-sun.s is
currently only for Solaris AMD 64 when using Sun studio compilers.
2005-08-15 16:55:22 +00:00
wtchang%redhat.com
2577eb148c Bugzilla bug 302286: fixed the bug that NSS misinterpreted the
CKA_PRIME_BITS attribute for DSA's p parameter. r=relyea.
Modified files: pk11wrap/pk11pqg.c softoken/pkcs11c.c
2005-08-13 00:09:26 +00:00
wtchang%redhat.com
12ebc20147 Bugzilla Bug 302286: PQG_PBITS_TO_INDEX should reject p bits that are
less than 512 or greater than 1024. r=relyea.
2005-08-13 00:07:18 +00:00
wtchang%redhat.com
0824c317a1 Bugzilla Bug 296410: enlarge the buffer size for message digest so that
we can generate and verify signatures that use SHA-512. r=relyea
Modified files: secsign.c secvfy.c
2005-08-12 23:50:19 +00:00
wtchang%redhat.com
3caf238827 Bugzilla bug 240554: Alice's cert doesn't need to be added to Bob's db.
r=relyea.
Modified files: cert.sh eccert.sh
2005-08-12 23:27:44 +00:00
wtchang%redhat.com
148653a358 Bugzilla bug 240554: we should pass the signature algorithm, not the
public key's algorithm, to VFY_VerifyData and VFY_VerifyDigest. Only
fixed this in cmssiginfo.c.  In p7decode.c I just added comments saying
they should be fixed. r=relyea.
Modified files: lib/smime/cmssiginfo.c lib/pkcs7/p7decode.c
2005-08-12 23:26:38 +00:00
wtchang%redhat.com
1a568d0852 Bugzilla bug 240554: set (better) error codes and removed an unreachable
break statement. r=relyea.
2005-08-12 23:24:22 +00:00
wtchang%redhat.com
c0bd0e749a Bugzilla bug 240554: fixed signed/unsigned comparison compiler warning.
r=relyea.
2005-08-12 23:22:28 +00:00
wtchang%redhat.com
e09393045c Bugzilla bug 292239: have the softoken report Cryptoki version 2.20.
r=relyea.
2005-08-12 23:14:22 +00:00
wtchang%redhat.com
2d2b80688d Bugzilla bug 292239: added a change missed in the previous checkin.
r=relyea.
2005-08-12 23:12:18 +00:00
relyea%netscape.com
684e5d1c2b Correct mistyped version of wtc patch. 2005-08-12 22:19:19 +00:00
relyea%netscape.com
a584ef4a1d Bug 292239 r wtc & julien
Merge PKCS #11 v2.20 header files
2005-08-12 18:58:47 +00:00
relyea%netscape.com
5ab7c1109c Bug 303010 Certificate upgrade can drop S/MIME certificates
r=wtc.

Delay loading the S/MIME records on upgrade until the cert is loaded
2005-08-12 18:01:26 +00:00
wtchang%redhat.com
0543618d9c Bugzilla Bug 257693: actually implemented EC_ValidatePublicKey and added a
test case.  The patch is contributed by Douglas Stebila
<douglas@stebila.ca>.  r=wtc.
Modified Files:
	ec.c ecl/ec2.h ecl/ec2_aff.c ecl/ecl-priv.h ecl/ecl.c
	ecl/ecl.h ecl/ecp.h ecl/ecp_aff.c ecl/tests/ec2_test.c
	ecl/tests/ecp_test.c
2005-08-12 00:59:19 +00:00
wtchang%redhat.com
67ffaff684 Bugzilla Bug 298514: added a missing break statement and removed an unused
variable. r=jpierre.
2005-08-12 00:44:35 +00:00
wtchang%redhat.com
9a026f7eba Bugzilla Bug 240554: added ECDSA support in S/MIME. The patch is
contributed by Vipul Gupta <vipul.gupta@sun.com>. r=wtc.
Modified Files:
	cryptohi/secsign.c pkcs7/config.mk pkcs7/p7decode.c
	pkcs7/p7encode.c smime/cmssiginfo.c smime/cmsutil.c
	smime/config.mk
2005-08-11 23:11:40 +00:00
wtchang%redhat.com
e8ad6847cf Bugzilla Bug 240554: added S/MIME tests for ECDSA. The patch is
contributed by Vipul Gupta <vipul.gupta@sun.com>. r=wtc.
Modified files: fixtests.sh cert/eccert.sh
Added file: smime/ecsmime.sh
2005-08-11 22:50:12 +00:00
nelsonb%netscape.com
0d980a5ea1 A faster c implementation of SHA1 for most platforms. Bug 285932.
r=wtchang     Modified Files: prng_fips1861.c sha_fast.c sha_fast.h
2005-08-11 01:01:08 +00:00
wtchang%redhat.com
9b7075b1d2 Bugzilla Bug 303116: fixed an off-by-one error in the size of the NAF
buffer. We access this buffer using indices from 0 to orderBitSize.
r=douglas.stebila.
2005-08-10 20:35:07 +00:00
wtchang%redhat.com
24b5ce2c08 Bugzilla Bug 303116: fixed an off-by-one error when duplicating a string.
r=douglas.stebila.
2005-08-10 18:49:29 +00:00
wtchang%redhat.com
19e9429f0d Bugzilla Bug 303116: this file doesn't need to include <strings.h>, which
doesn't exist on Windows. r=relyea.
Bugzilla Bug 303130: fixed memory leak of mp_int in ECPoints_mul.
r=douglas.stebila.
2005-08-10 18:46:29 +00:00
wtchang%redhat.com
51a9c2f4bd Bugzilla bug 303986: do not assume the line ending is '\n'; it may be the
two character sequence '\r''\n'.  Make sure a character is a digit before
using it as a digit. r=jpierre.
2005-08-09 22:19:09 +00:00
nelsonb%netscape.com
c893021cd0 Address review comments. Add test after PORT_Assert. Bug 303334.
r=rrelyea,sr=wtchang
Modified Files: rijndael.c
2005-08-09 03:09:38 +00:00
nelsonb%netscape.com
7755e752cd Make changes from review feedback. Bug 303316. r=wtchang.
Modified Files: freebl/alghmac.h freebl/blapi.h freebl/ldvector.c
freebl/loader.c freebl/loader.h freebl/rawhash.c
freebl/tlsprfalg.c softoken/lowpbe.c softoken/pkcs11c.c
2005-08-09 02:54:54 +00:00
nelsonb%netscape.com
8260a85fe6 Add a new assembly language source file with multiplication code for
Sparc v8 (not V8plus) CPUs.  This works around a performance regression
by restoring the former code.  Bug 303338. r=wtchang.
Modified Files: Makefile
Added Files:    mpi/mpv_sparcv8x.s
2005-08-06 11:08:41 +00:00
nelsonb%netscape.com
c02e614a66 Add a comment clarifying that this source file is for sparc v8plus CPUs.
Upgrade license to tri-license.  Fix a bunch of whitespace problems,
WAY too much indentation.  Related to bug 303338. r=wtchang.
Modified Files: mpi/mpv_sparcv8.s
2005-08-06 11:06:55 +00:00
nelsonb%netscape.com
1f607bc371 Move the TLS Pseudo Random Function (PRF) and the HMAC algorithm from
softoken to freebl.  Bug 303316. r=wtchang (with suggested changes)
Modified Files:
	freebl/blapi.h freebl/ldvector.c freebl/loader.c
	freebl/loader.h freebl/manifest.mn softoken/lowpbe.c
	softoken/manifest.mn softoken/pkcs11c.c softoken/pkcs11i.h
	softoken/tlsprf.c
Added Files:
	freebl/alghmac.c freebl/alghmac.h freebl/rawhash.c
	freebl/tlsprfalg.c
Removed Files:
	softoken/alghmac.c softoken/alghmac.h softoken/rawhash.c
2005-08-06 09:27:28 +00:00
nelsonb%netscape.com
9a8510d59b This is the last trunk version of this file. The file will be moved
to nss/lib/freebl.  This version is identical to the first version
of this file in nss/lib/freebl.  Bug 303316. r=wtchang.
Modified Files: alghmac.c alghmac.h rawhash.c
2005-08-06 09:24:13 +00:00
nelsonb%netscape.com
8521bea2ba Add new functions for blapi symmetric ciphers and digest functions,
so that all those functions can initialize a preallocated context.
Bug 303334. r=rrelyea.
Modified Files: aeskeywrap.c alg2268.c arcfour.c blapi.h blapit.h desblapi.c
ldvector.c loader.c loader.h md2.c md5.c rijndael.c rijndael.h sha512.c
2005-08-06 07:24:21 +00:00
nelsonb%netscape.com
51714ee5f1 Faster SHA1 implementation. Further corrections expected. bug 285932.
r=wtchang     Modified Files: prng_fips1861.c sha_fast.c sha_fast.h
2005-08-06 07:10:34 +00:00
julien.pierre.bugs%sun.com
440dae786f Fix for bug 303494 . SEC_LookupCrls passes the address of a stack variable that goes out of scope. r=nelson,wtchang 2005-08-05 21:15:22 +00:00
wtchang%redhat.com
7931c0ace4 Removed noeccert.sh and noectools.sh from CVS. These two files are
automatically created by the fixtests.sh script by copying the non-ECC
(default) test scripts to these names. r=vipul.gupta.
Removed Files: cert/noeccert.sh tools/noectools.sh
2005-08-04 16:27:07 +00:00
nelsonb%netscape.com
60181a7016 NSC_CopyObject can now copy token keys to session keys. Bug 289530.
r=rrelyea. Modified Files: pkcs11.c pkcs11u.c
2005-08-03 02:26:55 +00:00
nelsonb%netscape.com
6ee92f33d0 Implement PK11_CopyTokenPrivKeyToSessionPrivKey, function to copy token
RSA private key to a session key, to eliminate DB lookups and 3DES
unwrapping for every use.  Bug 274538.  r=rrelyea.
Modified Files: nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11pub.h
2005-08-03 01:57:40 +00:00
nelsonb%netscape.com
6edae5d3b6 Eliminate numerous potential causes of sending invalid (zero) session
handles down to a PKCS11 module.  Bug 292049. r=relyea.
Modified Files: pk11akey.c pk11auth.c pk11obj.c pk11skey.c pk11slot.c
 	pk11util.c
2005-08-03 01:22:07 +00:00
nelsonb%netscape.com
eeb454fae5 remove NSS_CLASSIC code from pk11cert.c and pk11nobj.c.
bug 293847  r=rrelyea
2005-08-02 01:34:38 +00:00
wtchang%redhat.com
ea595039b7 Bugzilla Bug 298957: PK11_TokenKeyGenWithFlags will be released in NSS
3.10.2.
2005-08-02 01:04:55 +00:00
wtchang%redhat.com
035c21bfa6 Bugzilla Bug 298957: improved the comment for PK11_TokenKeyGenWithFlags.
r=relyea.
2005-08-02 01:03:08 +00:00
wtchang%redhat.com
8825fcbdba Bugzilla Bug 302663: SECKEY_CopySubjectPublicKeyInfo needs to copy the
subjectPublicKeyInfo as a bit string. r=nelsonb,jpierre.  Thanks to
Mikhail Teterin <mi+mozilla@aldan.algebra.com> for the bug report and
Purify output.
2005-08-02 00:34:00 +00:00
wtchang%redhat.com
b5b833a9c0 Bugzilla Bug 302262: Check for SECITEM_AllocItem failure in
MPINT_TO_SECITEM. r=nelsonb.
2005-08-01 22:43:54 +00:00
wtchang%redhat.com
a82541564d Added a comment that answers the question "why isn't there a pairwise
consistency test for Diffie-Hellman or ECDH key pairs?"
2005-08-01 21:04:41 +00:00
relyea%netscape.com
f7cb169d0a Bugzilla Bug 298906 really check in the patch to the tip, not a test branch
crash when accepting new certificate permanently on taschenonkel.de
r=wtc, r=nelson
2005-08-01 20:41:30 +00:00
wtchang%redhat.com
e4ab6fa7bb Bugzilla Bug 302262: dsa.c should use the macros defined in secmpi.h.
r=nelsonb.
2005-08-01 18:51:06 +00:00
relyea%netscape.com
d527565866 I have to many patches in one tree! Stay at 1.103 until this patch has a bug and
reviews!
2005-08-01 18:32:45 +00:00
relyea%netscape.com
775b5372bc These changes were part of a different patch, reviews are not yet complete.
Backing out to previous versions.
2005-08-01 18:31:12 +00:00
relyea%netscape.com
7af3f28d88 ARG -- reverted to the wrong version. The correct version was 1.103, not 1.102 2005-08-01 18:27:30 +00:00
relyea%netscape.com
625993f336 Backing out previous checkin. This was a separate unreviewed patch. 2005-08-01 18:26:12 +00:00
relyea%netscape.com
b62dc0bebc Bug 298906 crash when accepting new certificate permanently on taschenonkel.de
r=wtc, sr=nelson
2005-08-01 18:23:56 +00:00
wtchang%redhat.com
7053ab4abf Bugzilla Bug 302219: added CKM_RSA_X9_31_KEY_PAIR_GEN support. r=relyea. 2005-07-29 23:43:40 +00:00
wtchang%redhat.com
a3ac2d6b1d Bugzilla Bug 302219: added CKM_RSA_X9_31_KEY_PAIR_GEN support to
PK11_GenerateKeyPair. r=relyea.
2005-07-29 23:23:35 +00:00
relyea%netscape.com
03738e2557 Bug 278276 Slot List Elements cannot be freed by applications.
wtchang: review+
julien.pierre.bugs: superreview+
2005-07-28 23:17:43 +00:00
relyea%netscape.com
f212e4ecf1 bug 278276 Slot List Elements cannot be freed by applications.
wtchang: review+
julien.pierre.bugs: superreview+
	E
2005-07-28 23:16:26 +00:00
relyea%netscape.com
8be47f79ed bug 278276 Slot List Elements cannot be freed by applications.
Export a free function for slot list elements.

r = wtc & julien.
2005-07-28 23:13:21 +00:00
wtchang%redhat.com
0fc278d80f Bugzilla Bug 302262: fixed an error in the comment. Set the error code
if signature verification fails.  r=nelsonb.
2005-07-27 18:48:44 +00:00
julien.pierre.bugs%sun.com
5c55935a1d Fix for bug 292151 . Prevent strsclnt from starting threads for each connection. Allow specifying a ratio of full handshakes . r=nelson 2005-07-25 20:39:14 +00:00
wtchang%redhat.com
512a35d372 Bugzilla Bug 298514: Moved the FIPS 140-2 pairwise consistency check from
pk11wrap to softoken because the softoken shared library is our new crypto
module boundary. r=relyea,nelsonb.
Modified files: pk11wrap/pk11akey.c softoken/fipstokn.c softoken/pkcs11c.c
2005-07-22 22:11:22 +00:00
christophe.ravel.bugs%sun.com
f970690695 238319: Sun packages changes
Change rpm packaging for RHEL3 i386 and x86_64.
2005-07-22 15:32:50 +00:00
wtchang%redhat.com
75dc722c28 Bugzilla Bug 298957: moved PK11_TokenKeyGenWithFlags from the NSS_3.11
section to the NSS_3.10.1 section because we plan to export that function
in NSS 3.10.1. r=jpierre.
2005-07-22 01:43:36 +00:00
wtchang%redhat.com
ee93d82c69 Bugzilla Bug 298516: fixed problems found by code inspection. r=relyea.
Modified Files: pk11db.c pkcs11.c
2005-07-22 00:47:18 +00:00
wtchang%redhat.com
256eb43b03 Bugzilla Bug 298957: make the new function PK11_TokenKeyGenWithFlags
"legacy free" and move the code that set the CKF_ENCRYPT flag by default
and the Fortezza hack code to PK11_TokenKeyGen. r=relyea.
2005-07-22 00:07:52 +00:00
wtchang%redhat.com
252be2d441 Bugzilla Bug 288647: enable building NSS with an NSPR binary distribution.
Introduced NSPR_INCLUDE_DIR and NSPR_LIB_DIR make variables. Portions of
the patch were contributed by Chris Seawood <cls@seawood.org>. r=relyea.
Modified Files:
	coreconf/OS2.mk coreconf/OpenVMS.mk coreconf/location.mk
	nss/cmd/platlibs.mk nss/cmd/shlibsign/Makefile
	nss/cmd/shlibsign/sign.cmd nss/cmd/shlibsign/sign.sh
	nss/lib/ckfw/builtins/Makefile
	nss/lib/fortcrypt/swfort/pkcs11/Makefile nss/lib/nss/config.mk
	nss/lib/smime/config.mk nss/lib/softoken/config.mk
	nss/lib/ssl/config.mk
2005-07-21 23:48:30 +00:00
wtchang%redhat.com
cfbc0bfe3d Bugzilla bug 301212: Upgraded to zlib 1.2.3. r=relyea.
Modified Files:
	README adler32.c compress.c crc32.c deflate.c deflate.h
	example.c gzio.c infback.c inffast.c inflate.c inflate.h
	inftrees.c inftrees.h minigzip.c trees.c uncompr.c zconf.h
	zlib.h zutil.c zutil.h
2005-07-20 20:32:42 +00:00
julien.pierre.bugs%sun.com
26dff248b1 Fix for 217024 . Address Wan-Teh's concerns about naming and documentation. Also fix AIX build by removing extraneous comma. 2005-07-09 00:34:43 +00:00
wtchang%redhat.com
6893edd94b Bugzilla bug 300068: fixed the bug that "collection" is used uninitialized
if "td", "c", or "cc" is NULL.  The patch is contributed by Wolfgang
Rosenauer <mozilla@rosenauer.org>. r=wtc.
2005-07-08 17:06:15 +00:00
julien.pierre.bugs%sun.com
bae291f63a Fix for bug 217024 . Add a function to compare validity times. r=relyea 2005-07-08 07:06:56 +00:00
julien.pierre.bugs%sun.com
bdc5219738 Fix for bug 292809 . Add flags to NSS_Initialize to better cooperate with the Java SunPKCS11 provider. r=relyea, wtchang 2005-07-08 04:41:32 +00:00
relyea%netscape.com
2b2395e4a9 Bugzilla Bug 287418: remove redundant memory allocation in DSA and ECDSA sign
wtchang: review+
julien.pierre.bugs: superreview+
2005-07-07 20:19:36 +00:00
julien.pierre.bugs%sun.com
0269e27f2d Fix for 297735 . C_Initialize should return CKR_CANT_LOCK . r=wtchang,rrelyea 2005-07-06 22:32:12 +00:00
wtchang%redhat.com
7f68104244 Removed an extraneous line at the end of file added in the previous
checkin.
2005-07-06 18:56:37 +00:00
relyea%netscape.com
66d0ee6781 Bug 294556 (not all functions exported) reviews wtc nelsonb
Bug 298627 (need to access random number generator on a slot). reviews wtc julien
2005-07-06 18:46:36 +00:00
wtchang%redhat.com
2fa8c48fa5 Bugzilla Bug 298957: pk11_FlagsToAttributes should not add attributes
whose type is 0. r=relyea.
2005-07-06 18:36:05 +00:00
wtchang%redhat.com
f8218a271b Bugzilla Bug 298957: code cleanup -- the array size can be MAX_TEMPL_ATTRS.
r=relyea.
2005-07-06 18:34:39 +00:00
wtchang%redhat.com
4527e657e5 Bugzilla Bug 299445 - fixed the check for an incomplete code set. 2005-07-06 18:14:26 +00:00
wtchang%redhat.com
14794607bc Trivial comment fix. 2005-07-05 22:41:33 +00:00
wtchang%redhat.com
a36a0d6ad4 Bugzilla Bug 287057: fixed memory leaks in callers of cert_FindExtension.
pass NULL as the SECItem* argument if we only want to know if the extension
exists but don't need its value. r=jpierre,nelsonb.
Modified Files:
	certdb/certdb.c certdb/genname.c certhigh/certhigh.c
	certhigh/certhtml.c certhigh/crlv2.c certhigh/ocsp.c
2005-06-30 20:53:57 +00:00
julien.pierre.bugs%sun.com
20e7c73484 Fix for 298955 - make rsaperf authenticate to hardware tokens. r=relyea 2005-06-30 20:38:33 +00:00
wtchang%redhat.com
1639879aa6 Bugzilla Bug 298957: added new function PK11_TokenKeyGenWithFlags.
r=relyea,nelsonb.
Modified files: nss/nss.def pk11wrap/pk11pub.h pk11wrap/pk11skey.c
2005-06-30 17:50:41 +00:00
wtchang%redhat.com
9ee0623105 Bugzilla Bug 298962: Removed dead code: nssBestCertificate_SetArgs,
nssBestCertificate_Callback, and nssBestCertificateCB. r=jpierre,nelsonb.
Modified files: certificate.c pkitm.h
2005-06-28 17:55:29 +00:00
wtchang%redhat.com
fafa59ce5f Bugzilla Bug 298953: fixed a memory leak in sslBuffer_Grow if PORT_Realloc
fails. r=nelsonb.
2005-06-28 17:48:26 +00:00
julien.pierre.bugs%sun.com
a7638aa1fd Fix for 298538 - fix signature verification in S/MIME with signer-only cert. r=wtchang, nelson 2005-06-27 22:21:19 +00:00
wtchang%redhat.com
2a3bb9d1e0 Bugzilla Bug 295754: moved duplicate function subject_list_sort to
certificate.c and renamed it nssCertificate_SubjectListSort.
r=relyea,nelsonb.
Modified files: certificate.c pkim.h pkistore.c tdcache.c
2005-06-27 21:50:06 +00:00
christophe.ravel.bugs%sun.com
80cfefb48e 238319: Sun packages changes
Reset the rpm release to 1 for NSS 3.11
2005-06-27 18:22:02 +00:00
christophe.ravel.bugs%sun.com
a12b562c66 After branching NSS_3_10_BRANCH, the tip target is 3.11 2005-06-27 18:21:02 +00:00
wtchang%redhat.com
47bf55ca0f Bugzilla Bug 298409: fixed an array index off-by-one error and a memory
leak. r=nelsonb.
2005-06-24 23:00:02 +00:00
wtchang%redhat.com
dd3c6f24d1 Bugzilla Bug 295754: fixed a crash in subject_list_sort if a cert is not
decodable (e.g., it has unsupported critical extension). r=relyea,nelsonb.
Modified Files: pkistore.c tdcache.c
2005-06-24 00:33:28 +00:00
wtchang%redhat.com
de7814e763 Bugzilla Bug 298537: replaced hardcoded 3 and 8 with the NSS_VMAJOR and
NSS_VMINOR macros defined in nss.h. r=relyea,nelsonb.
2005-06-23 23:41:29 +00:00
wtchang%redhat.com
2540bdf095 Bugzilla Bug 298409: fixed the bug that an array size was incorrectly
calculated. r=alexei.volkov.
2005-06-23 22:05:21 +00:00
christophe.ravel.bugs%sun.com
b58c408d21 297965 - Add a marker at the end of the test result report (result.html)
r: Julien
mozilla/security/nss/tests/common/cleanup.sh
Add END_OF_TEST<BR> before </BODY>
2005-06-21 16:31:57 +00:00
relyea%netscape.com
f0a85660c4 Arg! This change was supposed to go to a branch, not the tip. back it out now.
bob
2005-06-20 23:14:45 +00:00
relyea%netscape.com
6c951345b4 Test multiaccess Databases. This patch causes softoken to Always use the
multiaccess Database for clients. This is not intended for the final release
2005-06-20 23:11:25 +00:00
alexei.volkov.bugs%sun.com
cd0a03b285 fix for bug: 297015 - bltest should run multithreaded. r=julien 2005-06-16 21:11:02 +00:00
nelsonb%netscape.com
1d7a71582a Back out last checkin, which broke the build on some platforms. 2005-06-14 05:51:51 +00:00
alexei.volkov.bugs%sun.com
d930c554f5 RFE fix 297015: bltest should run multithreaded. julien r+ 2005-06-14 01:58:22 +00:00
relyea%netscape.com
3f9404d4ce Get the Processer cache line size. This file contains processor and OS
specific content. Currently it only works well with x86 and 64-bit PPC.
2005-06-09 20:43:40 +00:00
christophe.ravel.bugs%sun.com
9ba24491bc 238319: Sun packages changes.
Adjust rpm release numbers.
2005-06-01 20:51:33 +00:00
wtchang%redhat.com
026a0217ed Bugzilla bug 295298: enforce RSA key size limits when generating a new
key pair. r=nelsonb,jpierre.
2005-05-27 23:53:19 +00:00
julien.pierre.bugs%sun.com
af93fc8e3b Fix crash of rsaperf on keygen failure 2005-05-24 03:54:13 +00:00
nelsonb%netscape.com
e5eb16af00 Allow DSA signature output buffer to exceed required length.
Bug 191470. r=nelson. Patch by rrelyea@redhat.com.
2005-05-21 21:35:24 +00:00
nelsonb%netscape.com
57ecc16528 Change while read statements to work with MKS. Bug 295060. r=wtchang 2005-05-21 21:30:29 +00:00
wtchang%redhat.com
bf8bc99a2c Bugzilla Bug 294071: removed out-of-date comments and dead code. r=nelsonb. 2005-05-18 00:03:11 +00:00
julien.pierre.bugs%sun.com
3046175100 Rename NEXT_ITERATION macro to NEXT_USAGE to make code clearer 2005-05-17 17:41:17 +00:00
julien.pierre.bugs%sun.com
065d103d3a Fix for 265369 - fix compiler warning in unix_rand . r=nelson 2005-05-10 21:14:51 +00:00
julien.pierre.bugs%sun.com
80dfaa9d1b Fix for 293091 - add double -o option to skip cert verification completely. r=nelson 2005-05-07 04:10:55 +00:00
julien.pierre.bugs%sun.com
543a367433 Fix for bug 292390 . Prevent crash in certutil with -P option and dbprefix omitted. 2005-04-29 21:58:49 +00:00
wtchang%redhat.com
ecafacb917 Bugzilla Bug 291858: fixed incorrect definitions of the CKM_SHAxxx_HMAC,
CKM_SHAxxx_HMAC_GENERAL, CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and
CKM_ECMQV_DERIVE macros. r=nelsonb,relyea.
2005-04-28 16:53:19 +00:00
christophe.ravel.bugs%sun.com
18a44a9aad Change NSS version to 3.10.1 Beta. 2005-04-27 20:28:39 +00:00
neil.williams%sun.com
b2e194a3d0 Bug 291555. Makes certutil process null CSR ext req lists as it did before NSS3.10. r=nelson 2005-04-23 03:58:19 +00:00
nelsonb%netscape.com
91bf1ecf54 Prevent crash in certutil -C when incoming request has no attributes.
Bug 291542. r=julien.pierre
2005-04-23 02:12:00 +00:00
christophe.ravel.bugs%sun.com
7c66d1bccc 238319: Sun packages changes
Uprev rpm release to 4.
2005-04-20 00:18:27 +00:00
christophe.ravel.bugs%sun.com
df9ef8a155 Changing beta flag to RTM. 2005-04-19 22:53:46 +00:00
wtchang%redhat.com
3395848fa4 Bugzilla bug 275576: added "Root" to the nickname for the "Global
Chambersign" root. r=nelsonb.
Modified files: certdata.txt certdata.c
2005-04-18 16:08:10 +00:00
julien.pierre.bugs%sun.com
a5a1ba4841 Fix for 290121. Replace PRIntervalTime with PRTime when checking for the need to query the token for CRLs. r=nelson 2005-04-17 03:17:07 +00:00
wtchang%redhat.com
3e92cbf95d Bugzilla Bug 288095: removed unnecessary #include "alghmac.h". alghmac.h
and pkcs11i.h don't need to be exported to the outside of lib/softoken.
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11pbe.c pkcs12/p12d.c pkcs12/p12e.c
	pkcs12/p12local.c softoken/manifest.mn
2005-04-15 16:38:46 +00:00
wtchang%redhat.com
c82c09e77b Bugzilla Bug 290217: in the "gmake import" build method, import NSPR 4.6
and do not import DBM. Instead, build DBM from sources. r=relyea.
a=christophe.ravel.
Modified files: manifest.mn Makefile
2005-04-15 00:28:40 +00:00
wtchang%redhat.com
540c1cf71a Bugzilla Bug 258416: trust Sonera Class 1 CA only for S/MIME. r=nelsonb.
Modified files: certdata.c certdata.txt
2005-04-14 16:45:04 +00:00
wtchang%redhat.com
a2bada0039 Bugzilla bug 290233: fixed printf format related bugs reported as compiler
warnings. r=nelsonb.
Modified Files: addbuiltin.c rsaperf.c vfychain.c
2005-04-13 23:03:15 +00:00
julien.pierre.bugs%sun.com
fb7c3531fe Fix for 290121 - always fill the CRL cache on first entry, to fix AIX problem. r=nelson 2005-04-13 18:08:48 +00:00
wtchang%redhat.com
5a9624f05e Bugzilla Bug 287495: added Go Daddy Class 2 CA and Starfield Class 2 CA.
Bumped the nssckbi module's version to 1.53.  Updated the instructions in
README. r=relyea,nelsonb.
Modified Files: README certdata.c certdata.txt nssckbi.h
2005-04-13 01:45:53 +00:00
alexei.volkov.bugs%sun.com
1776147b6c Adding cert id and revocation indication to CRL SSL Client Tests results. 2005-04-13 00:23:09 +00:00
alexei.volkov.bugs%sun.com
d2f6e314c7 Fix for bug 265003: Add CRL generation to crlutil. Reviewed JP+ 2005-04-12 02:24:17 +00:00
julien.pierre.bugs%sun.com
98d2ea1e3c Correct name of extension from "Invalid Date" to "Invalidity Date". 2005-04-11 21:27:01 +00:00
wtchang%redhat.com
55b75e7a5b Bugzilla Bug 289819: fixed a typo in the SEC_ERROR_EXTRA_INPUT error
message.  r=nelsonb.
2005-04-11 19:02:47 +00:00
nelsonb%netscape.com
0187d36e9b Report correct error code when input cert file contains extra stuff.
bug 289819.  r=julien.pierre
2005-04-11 02:52:01 +00:00
nelsonb%netscape.com
f454364692 Truncate output file before writing. Bug 289817. r=julien.pierre 2005-04-11 02:48:54 +00:00
julien.pierre.bugs%sun.com
4f4e3af5f8 Fix for 280121 - allow encoding simple templates with SEC_ASN1_INLINE and SEC_ASN1_OPTIONAL . r=nelson 2005-04-09 05:06:34 +00:00
julien.pierre.bugs%sun.com
41b238e2b7 Fix for 288892 - fix for tstlcnt to help QA run on OS/2 . r=nelson, wtchang 2005-04-09 01:46:38 +00:00
nelsonb%netscape.com
e0a7c75322 Don't crash in NSC_CopyObject after failing to copy a token object.
Bug 289529. r=relyea.
2005-04-09 00:42:01 +00:00
nelsonb%netscape.com
764545022b decouple block size from buffer size for AES/rijndael in bltest.
Bug 289066. r=saul.edwards,rrelyea.
2005-04-06 23:19:22 +00:00
nelsonb%netscape.com
7d6edc424d Back out the preceeding fortezza removal patch, which was accidentally
applied to the trunk, not to the intended branch.
2005-04-06 21:35:45 +00:00
nelsonb%netscape.com
17a1f014fd Remove fortezza support from libSSL and related commands. Bug 239960.
ON PERFORMANCE_HACKS_BRANCH.  r=rrelyea.
2005-04-06 19:43:19 +00:00
christophe.ravel.bugs%sun.com
0612631846 238319: Sun packages changes.
Rpm release: 3
2005-04-05 17:36:27 +00:00
nelsonb%netscape.com
095a0172f0 Fix implementation of SSL_NO_STEP_DOWN. Bug 148452. r=julien.pierre.
Modified Files:  sslimpl.h sslinfo.c sslsecur.c sslsock.c
2005-04-05 03:48:20 +00:00
julien.pierre.bugs%sun.com
a2ec53c02b Fix gcc compiler warning 2005-04-05 00:55:55 +00:00
julien.pierre.bugs%sun.com
9b65f66678 Fix for bug 287654 - check message value against RSA modulus. r=nelson 2005-04-05 00:14:07 +00:00
neil.williams%sun.com
fe7d548e36 This fixes Bugzilla Bug 288227 by initializing the stepUp flag in
nssCryptokiTrust_GetAttributes(). r=nelsonb
2005-04-04 18:46:23 +00:00
nelsonb%netscape.com
2295f52e3f Add new -E option to test the SSL_NO_STEPDOWN option. r=julien. bug 148452. 2005-04-04 17:42:24 +00:00
julien.pierre.bugs%sun.com
51bba31171 Fix for 287654 . Check input buffer length for C_Encrypt with RSA . r=nelson 2005-04-04 09:27:42 +00:00
julien.pierre.bugs%sun.com
cb30654b49 Remove unused variable 2005-04-02 06:52:04 +00:00
julien.pierre.bugs%sun.com
d8d9c318e9 Reduce unneeded warning output 2005-04-02 06:46:51 +00:00
julien.pierre.bugs%sun.com
60434802cb Add include for definition of SECU_RegisterDynamicOids 2005-04-02 06:40:30 +00:00
julien.pierre.bugs%sun.com
d7a47fe87b Remove unused variable 2005-04-02 06:38:39 +00:00
julien.pierre.bugs%sun.com
f33115f7d0 Remove dead and very bogus pre-softoken code 2005-04-02 06:33:25 +00:00
julien.pierre.bugs%sun.com
7ab19a77f5 Clean-up compiler warnings 2005-04-02 06:21:20 +00:00
julien.pierre.bugs%sun.com
e38dfe9691 Fix for bug 288726. error in SECMOD_CancelWait 2005-04-02 06:02:53 +00:00
julien.pierre.bugs%sun.com
16a9e79d60 Silence compiler warnings 2005-04-02 05:33:41 +00:00
julien.pierre.bugs%sun.com
bfae460ea7 Remove unused variable 2005-04-02 05:26:58 +00:00
julien.pierre.bugs%sun.com
e413d4ae39 Remove unused variables 2005-04-02 05:25:26 +00:00
julien.pierre.bugs%sun.com
a35532a9db Cleanup unused variables and dead code 2005-04-02 05:24:07 +00:00
julien.pierre.bugs%sun.com
85f13422bc Remove unused variable 2005-04-02 05:17:27 +00:00
alexei.volkov.bugs%sun.com
aa8a4b4b1c fix for bug 265003: selfserv.c: allow selfserv to load crls. R=julien 2005-04-02 02:29:24 +00:00
nelsonb%netscape.com
aed5390a2d Rename functions that are shared by pk11wrap and softoken from sftk_ to
secmod_.  Bug 286685. r=relyea.
2005-04-02 00:46:13 +00:00
wtchang%redhat.com
1ddbee0247 Bugzilla bug 288657: fixed the bug that pk11_AnyUnwrapKey returns a
partially constructed symKey object if C_UnwrapKey fails with
CKR_DEVICE_ERROR.  r=relyea.
2005-04-01 22:27:44 +00:00
julien.pierre.bugs%sun.com
ae1e453088 Cleanup unused variables 2005-04-01 02:47:52 +00:00
julien.pierre.bugs%sun.com
f48776e693 Indentation fix (related to 287498) 2005-04-01 00:14:34 +00:00
julien.pierre.bugs%sun.com
9e0be5be27 Fix for 259896 - make rsaperf use PKCS#11 . and many other improvements. r=nelson 2005-03-31 23:33:51 +00:00
wtchang%redhat.com
dda0b57a91 Set NSS version to 3.10 Beta 3. 2005-03-30 00:22:36 +00:00
alexei.volkov.bugs%sun.com
e93227eb79 fix for bug 287625: rsaperf should run multithreaded 2005-03-29 22:32:22 +00:00
nelsonb%netscape.com
c03b9d33fe Rename all internal private softoken functions types and symbols from
PK11 or pk11 prefixes to SFTK or sftk prefixes.  Bug 286685.
r=relyea,wtchang  Modified Files:
 cmd/bltest/blapitest.c lib/pk11wrap/pk11pars.c lib/softoken/dbinit.c
 lib/softoken/dbmshim.c lib/softoken/fipstest.c lib/softoken/fipstokn.c
 lib/softoken/pcertdb.c lib/softoken/pk11db.c lib/softoken/pk11pars.h
 lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h
 lib/softoken/pkcs11u.c lib/softoken/softoken.h lib/softoken/tlsprf.c
2005-03-29 18:21:18 +00:00
wtchang%redhat.com
bbd584b694 Bugzilla Bug 286439: Removed PKCS11_USE_THREADS and PK11_USE_THREADS.
r=relyea,nelsonb.
Modified Files:
	pk11wrap/pk11list.c pk11wrap/pk11pars.c pk11wrap/pk11skey.c
	pk11wrap/pk11slot.c pk11wrap/pk11util.c pk11wrap/secmod.h
	pk11wrap/secmodi.h pk11wrap/secmodt.h pk11wrap/secmodti.h
	softoken/pkcs11.c softoken/pkcs11i.h softoken/pkcs11u.c
2005-03-28 20:45:37 +00:00
wtchang%redhat.com
ef701de98b Removed an extraneous ^M character at the end of a line. 2005-03-28 19:37:28 +00:00
julien.pierre.bugs%sun.com
6ac5e73fd8 Fix for 287948 - fix overflow in calculation of ops/s 2005-03-25 02:59:07 +00:00
julien.pierre.bugs%sun.com
3b46c1cef2 Fix for bug 287498 - add option for rsaperf to run for a fixed duration, and display ops/s . 2005-03-24 23:07:40 +00:00
neil.williams%sun.com
cf193dfda4 Bug 286505 Now reports an error on EOF in standard input. Leaving resolution
unchanged until we find out why the failure is different on SPARC than on x86.
r=nelson
2005-03-19 03:36:55 +00:00
wtchang%redhat.com
cb2efbad98 Got rid of extraneous ^M characters at some line endings. 2005-03-17 21:28:40 +00:00
neil.williams%sun.com
d5d19c56f7 Bug 285208 Fixes ext processing bug introduced by previous patch.
r=nelson
2005-03-17 01:43:47 +00:00
wtchang%redhat.com
ddab8fa00e Bugzilla Bug 286302: made PK11_CreateSymKey static and renamed it
pk11_CreateSymKey.  r=nelsonb.
Modified Files: pk11priv.h pk11skey.c
2005-03-16 22:40:35 +00:00
wtchang%redhat.com
4dc846b1fe Bugzilla Bug 286313: code cleanup: use PORT_New and PORT_ZNew to allocate
structures. r=nelsonb.
2005-03-16 21:57:47 +00:00
wtchang%redhat.com
e112b06ae2 Bugzilla Bug 286318: performance optimization: save the result of
PK11_SESSION_LOCK in a local variable and reuse the result. r=nelsonb.
Modified Files: pkcs11.c pkcs11u.c
2005-03-16 19:24:45 +00:00