Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 09:05:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
139,400 Commits 615 Branches 98 Tags 5.9 GiB
d501f3ab57
Commit Graph

2186 Commits

Author SHA1 Message Date
jgmyers%netscape.com
51e59fccb4 support IPv6 in ssl: bug 48657 r=nelsonb 2000-09-12 20:15:44 +00:00
nelsonb%netscape.com
71f913281c Set the CKA_VALUE attribute in pk11_ImportSymKeyWithTempl(). 
This is a better solution to bug 52306, because it fixes the behavior of
all the functions that unwrap and/or import sym keys.
 2000-09-12 19:44:56 +00:00
nelsonb%netscape.com
cac7876f1e Fix two bugs in mp_invmod: a) returned wrong result if output var is also 
one of the input vars, b) sometimes returned negative answer. Added a test
case to mpi-test.c with a value that previously produced a negative answer.
 2000-09-12 00:41:09 +00:00
wtc%netscape.com
d6335b8f1d Checked in Perl-generated file certdata.c. 2000-09-11 23:34:42 +00:00
relyea%netscape.com
a4e1bb6ae3 nssTracker functions should only be defined in debug builds 2000-09-11 23:27:56 +00:00
nelsonb%netscape.com
ed8cacc2c9 Stop using "reserved" fields of PRIOMethods by name. Fixes bug 52092. 2000-09-11 22:37:12 +00:00
wtc%netscape.com
7774189fb3 Bugzilla bug #52187: modified ckapi.perl to read its input from the 
first command-line argument as opposed to stdin.  Checkin on behalf
of sonmi@netscape.com.
Modified files: Makefile, ckapi.perl
 2000-09-11 22:37:01 +00:00
mcgreer%netscape.com
527ef9f038 initial checkin of Diffie-Hellman implementation 2000-09-11 17:11:50 +00:00
wtc%netscape.com
9aeb25aa0d Changed the PR_GetError() call to PORT_GetError() because we use 
PORT_SetError() to set error codes.
Modified files: dsa.c, rsa.c
 2000-09-11 04:17:02 +00:00
nelsonb%netscape.com
cf6c8ac766 Fix a bug in pk11_HandUnwrap that made it always fail because it was not 
setting the CKA_VALUE attribute.  Also, fix two places that called
PK11_MapError(crv) unnecessarily and with improper crv values.
 2000-09-11 01:37:36 +00:00
nelsonb%netscape.com
d856a6e4f8 Create a new function, CERT_DupCertList(), and call it instead of calling 
CERT_CertChainFromCert in ssl_DupSocket().  This is MUCH faster.  This is
the first approximation of the right fix.  The next step is to consider
doing ref counting instead of actual duplication.  Fixes bug 51425 .
 2000-09-09 06:08:46 +00:00
nelsonb%netscape.com
1eac835d58 Change order of includes so this will build on NT. 2000-09-09 03:41:11 +00:00
nelsonb%netscape.com
32c1d386a9 Change order of includes, so this will build on NT. 2000-09-09 03:19:35 +00:00
wtc%netscape.com
8a2b495434 Bugzilla bug #48248: removed an extraneous declaration of putenv(). Thanks 
to Steven T. Hatton <hattons@bellatlantic.net> for reporting the bug.
 2000-09-09 02:25:18 +00:00
relyea%netscape.com
fb7884944f Sigh... let's compile this puppy before I check it in.... 2000-09-08 23:08:49 +00:00
relyea%netscape.com
1b9a8440af Fix Startup crash found by CPD on linux. (use the correct slot function). 2000-09-08 23:00:04 +00:00
relyea%netscape.com
9bab38e513 Fix bug where cached keys were keeping around dead sessions. 2000-09-08 22:59:06 +00:00
mcgreer%netscape.com
d236df63ea fix bugs where some nss code expects leading 0's (once used for signs). allows pkcs11 pairwise consistency check to operate correctly. 2000-09-08 22:41:51 +00:00
wtc%netscape.com
d57dc8ee4e gcc does not recognize the -xchip=ultra2 option on Solaris/Sparc. 2000-09-08 01:05:23 +00:00
mcgreer%netscape.com
3e85ae179d make compare_key do something (even if it will go away soon) 2000-09-07 23:18:40 +00:00
nelsonb%netscape.com
6547254b53 If an application calls SSL_SetURL on an NSPR FD that has NOT had SSL 
"imported" into it, SSL_SetURL will crash.  This change fixes that.
 2000-09-07 19:01:48 +00:00
mcgreer%netscape.com
4135f08e8f first draft of rsa CRT decryption 2000-09-07 16:29:23 +00:00
relyea%netscape.com
01507bd05b Add definitions for the nssCKFWMechanism functions. 
Add definitions to stub out the NSPR functions.
 2000-09-07 16:07:03 +00:00
mcgreer%netscape.com
2230de4f0a separate keygen from primegen, to facilitate testing (by using the self-test key from blapitest). using this verified the keygen process (against that self-test, anyway). leaving a testing function in temporarily. 2000-09-07 07:33:34 +00:00
mcgreer%netscape.com
8ddaa1f3d0 fix bad change made in keygen 2000-09-07 06:44:57 +00:00
nelsonb%netscape.com
2d0c9ab694 Attempt to prevent certain NSS internal error codes from being seen by 
applications that use SSL sockets.  These include:
SEC_ERROR_EXTENSION_NOT_FOUND and SSL_ERROR_SESSION_NOT_FOUND
 2000-09-07 03:35:31 +00:00
mcgreer%netscape.com
112bbb432e call extended euclidean algorithm directly instead of using mp_invmod 2000-09-07 03:14:16 +00:00
nelsonb%netscape.com
6e7fa5d7ee Remove PQG_DestroyParams(), PQG_DestroyVerify from pqg.c because they 
duplicate the functions in lib/util/pqgutil.c.  Also, the functions in
pqgutil correctly handle the case where the Params or Verify was
constructed without an arena (a fact which is now more obvious when
reading the code there).
 2000-09-07 01:24:52 +00:00
nelsonb%netscape.com
8bad955812 Effectively remove all the code that uses RC5 from the software token 
by surrounding it with #if NSS_SOFTOKEN_DOES_RC5
 2000-09-07 01:17:00 +00:00
mcgreer%netscape.com
6db674e674 first draft of rsa public key op (tested against blapi self-test) 2000-09-06 23:58:41 +00:00
mcgreer%netscape.com
61e4b81333 first draft of rsa keygen 
secmpi.h is defines used by nss code calling mpi
 2000-09-06 23:27:34 +00:00
relyea%netscape.com
c6710a81b3 Add the base and pkcs11 framework to the builds. 2000-09-06 22:24:48 +00:00
relyea%netscape.com
7b234beea7 Make the framework compile with the rest of NSS. 
Include a 'live' certdata.txt with those certs we have permission to push to
open source (additional certs will be added as we get permission from the
owners).
 2000-09-06 22:24:00 +00:00
relyea%netscape.com
e4f381443a Changes to make base code compile in the current nss environment. This is so 
the pkcs framework can use it.
 2000-09-06 22:11:57 +00:00
relyea%netscape.com
2280fb6816 Set Root certs to be an externally loaded PKCS #11 module. 2000-09-06 22:10:07 +00:00
relyea%netscape.com
eebbb60194 Add code to allow Trusted root certs to come from an externally loaded 
pkcs #11 module.
 2000-09-06 22:05:57 +00:00
mcgreer%netscape.com
5de79419b1 private header file to talk between mpi and nss 2000-09-06 21:46:43 +00:00
mcgreer%netscape.com
865fd868f2 *added pqg code based on fips 186-1 
*added stubs to rsa functions
 2000-09-06 17:43:42 +00:00
nelsonb%netscape.com
fa26c513b0 When building on NT for X86, use new mpi_x86.asm implementation. 2000-09-02 05:41:21 +00:00
nelsonb%netscape.com
54ce559f68 Makefile.win - gmake Makefile for building MPI with MSVC on NT. 2000-09-02 05:38:51 +00:00
nelsonb%netscape.com
dab570427d mpi_x86.asm - assembly language implementation of s_mpv_ functions. 2000-09-02 05:33:15 +00:00
nelsonb%netscape.com
0bbb06a9ca Use new assembler files. 
Define MP_NO_MP_WORD on platforms that don't have 64-bit registers.
 2000-09-02 01:40:41 +00:00
nelsonb%netscape.com
5fe44c9349 Checkin a big speedup for sparc v8 CPUs when compiled with Workshop 
compilers.  Be sure to use -DMP_NO_MP_WORD with v8 CPUs.
 2000-08-31 04:59:05 +00:00
nelsonb%netscape.com
eb2a2982e3 Fix mpi.h so that it compiles when MP_NO_MP_WORD is defined on the command 
line (or prior to including mpi.h).
 2000-08-31 03:59:48 +00:00
nelsonb%netscape.com
1b6110f143 Add missing copyright notice. Doh! 2000-08-31 03:45:39 +00:00
nelsonb%netscape.com
9b2c335e20 Some cleanup. Check error codes for all functions that return them. 2000-08-31 02:52:23 +00:00
nelsonb%netscape.com
8b0c1dcf1e Big changes for performance. mp_digits are now always unsigned ints. 
mp_words are used only on machines that support long long arithmetic.
s_mp_mod_d() was deleted.  It was not being used and was not part of the
public API. The code that computes squares in s_mp_sqr was broken out
into a separate new function s_mpv_sqr_add_prop(), which is a target for
assembly language optimization.  New function s_mpv_div_2dx1d(), also a
target for assembly optimization.  These changes made X86 benchmark time
go from 22.5 seconds to 8.3 seconds on my reference test system.
 2000-08-31 02:51:23 +00:00
nelsonb%netscape.com
52652e08a5 Add support for Linux on X86 CPUs. Use assembler code on MIPS CPUs. 2000-08-31 02:43:56 +00:00
nelsonb%netscape.com
5e06b71329 Gnu assembler implementations of all s_mpv_ functions for Intel X86 CPUs. 2000-08-31 02:41:20 +00:00
nelsonb%netscape.com
118024af9e Add implementation of s_mpv_sqr_add_prop. 2000-08-31 02:40:32 +00:00
nelsonb%netscape.com
41b3d16d17 Change mpi-test to check the return values from most functions-under-test 
explicitly for errors.
 2000-08-29 04:26:23 +00:00
nelsonb%netscape.com
bb088780f3 Initial Checkin. 2000-08-26 23:50:58 +00:00
mcgreer%netscape.com
609c9bf7d4 don't zero input to random update (RNG_SystemInfoForRNG uses environment as input). Fix for bug 49898. 2000-08-23 18:11:47 +00:00
nelsonb%netscape.com
3431bd1245 Fix two uninitialized variables, found while porting to Linux. 2000-08-23 01:20:15 +00:00
nelsonb%netscape.com
7c623513e6 des.c wants _X86_ defined for intel CPUs. 
coreconf does this for windows, but not for Linux, FreeBSD, etc.
 2000-08-23 00:06:08 +00:00
nelsonb%netscape.com
f28d74b9ab Big changes for performance. 
- In mpi-priv.h, declare new 3 argument versions of s_mp_add and s_mp_sub.
Also declare new set of s_mpv_ functions that operate on vectors (arrays)
of mp_digits instead of on mp_ints.  These functions are candidates for
implementation in assembler.
- In mpi.c reimplement mp_add and mp_sub using the new 3arg functions.
Implement 3 argument versions of s_mp_add and s_mp_sub.
This eliminates all need for temporary variables in mp_add and mp_sub.
Implement c language reference implementations of new s_mpv vector multiply
and multiply and add functions.  Change mp_mul and mp_sqr so they no longer
pre-zero the output variable.  It's no longer nececssary with the new s_mpv
functions.  s_mp_pad no longer zeros out the new padded space.
-In mpmontg.c, implement variable width exponetiation windows.  Implement
a new function to compute the multiply and Montgomery reduction in a
single pass.  This is "Improvement 2" from Dusse' and Kaliski's paper
"A Cryptographic Library for the Motorola DSP56000".  Performance impact
is negligible in this c implementation.  However, this function is another
target for assembly language optimization.
 2000-08-22 01:57:34 +00:00
nelsonb%netscape.com
a61f1b73ab Overhaul Makefile. Change it to use gmake's "static pattern rules", 
instead of having explicit individual rules for every program. Also,
build .o files for programs, and link them in a separate step. This
speeds building after changing a .c file in the library.
 2000-08-22 01:45:25 +00:00
nelsonb%netscape.com
4cf2feb015 Get these tests to build with the current mpi API. 2000-08-22 01:19:26 +00:00
nelsonb%netscape.com
67da52ab59 Go back to using gmake. 2000-08-22 01:15:41 +00:00
nelsonb%netscape.com
ddb4786c4a MIPS assembler code to optimize inner multiply loops for mips3 CPUs. 2000-08-22 00:55:10 +00:00
mcgreer%netscape.com
5585f66cd2 initial checkin of DSA implementation. 2000-08-18 18:32:33 +00:00
nelsonb%netscape.com
99c2fa3f33 Build des.c and desblapi.c. 2000-08-14 22:28:10 +00:00
nelsonb%netscape.com
792d99fbaa The Initial Developer of the Original Code is Nelson B. Bolyard, 
nelsonb@iname.com.  Portions created by Nelson B. Bolyard are
Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
 2000-08-14 22:27:20 +00:00
nelsonb%netscape.com
9cc24caab8 "clean" target will also remove primes.c from mpi. 2000-08-14 21:04:46 +00:00
nelsonb%netscape.com
c8c44aff3b Add commented-out lines to build on other platforms. 
Clean target now removes libmpi.a also.
 2000-08-11 05:01:59 +00:00
nelsonb%netscape.com
8f6b77ce4d Change mp_add and mp_sub to not allocate a temporary variable unless it's 
really necessary.
 2000-08-11 01:58:20 +00:00
nelsonb%netscape.com
d2a30db497 Replace s_mp_ispow2d with faster version. Change s_mp_mul_d to detect 
multiplication by 0, 1, and powers of 2, and handle them without actual
multiplication.
 2000-08-10 21:43:16 +00:00
nelsonb%netscape.com
67cf3588f2 Eliminate one more warning. Add missing f suffix to float constant. 2000-08-09 22:45:51 +00:00
nelsonb%netscape.com
5826c388d2 - Change mp_mul to minimize number of outer loops when multipliers are 
of unequal length.
- Fix s_mp_fixup_reciprocal to not truncate the result.
- Use new macros in mpi-priv.h
 2000-08-09 20:55:39 +00:00
nelsonb%netscape.com
203d540004 Use new MP_HOWMANY macro instead of equivalent code. 2000-08-09 20:53:25 +00:00
nelsonb%netscape.com
3f16031cb2 Comment out call to unimplemented function, so this will compile. 2000-08-09 20:46:59 +00:00
nelsonb%netscape.com
60e7af5b8b Some unix platform kshells don't understand export VAR=value 
So instead use                                VAR=value; export VAR
 2000-08-09 20:44:05 +00:00
nelsonb%netscape.com
6e65d05e51 Add new macros: MP_MIN, MP_MAX, MP_HOWMANY, MP_ROUNDUP. 2000-08-09 20:42:18 +00:00
nelsonb%netscape.com
6449cf0e9f Emulate an SSL3 client more closely after a server negotiates down to 3.0. 2000-08-08 22:54:02 +00:00
mcgreer%netscape.com
a4c0bd7e17 zero the correct amount of input bytes 2000-08-08 20:30:56 +00:00
nelsonb%netscape.com
1a81db9b8a Fix crash caused by zeroing a larger buffer than the caller passed in. 2000-08-08 05:56:56 +00:00
nelsonb%netscape.com
1818f084e5 Fix crash caused by uninitialized variable. 2000-08-08 05:56:10 +00:00
nelsonb%netscape.com
53ac6c5c98 - Change mpi private function s_mp_mul_d_add_offset into a macro. 
- Declare and implement new function s_mp_mul_add, which is a candidate
  for replacement with assembler code.
- Convert mp_mul, mp_sqr, etc. to use s_mp_mul_add.
- New implementation of mp_invmod for odd moduli. Algorithm from paper
  "Fast Modular Reciprocals" by Richard Schroeppel (a.k.a. Captain Nemo).
- New function s_mp_invmod_32b in mpi.c, computes inverse mod 2**32, also
  from same paper. Used in mp_invmod and mp_exptmod.
 2000-08-08 03:20:35 +00:00
nelsonb%netscape.com
0bade04ba3 Platform independent performance enhancements to functions that multiply, 
square, subtract, right shift, compare, mul_d_add_offset.  This lib's
Modular Exponentiation performance now compares favorably with most (not
all) other open source bignum libs on IRIX/R5000.  No assembler code is
presently being used.  Comparison on other platforms will now commence.
 2000-08-05 03:37:46 +00:00
nelsonb%netscape.com
e30a05c7bf Minor performance tweaks. 2000-08-04 19:58:20 +00:00
nelsonb%netscape.com
f5478e8ae0 Add new signed mp_word type, mp_sword. Used to get arithmetic right 
shifts when doing subtraction.
 2000-08-04 19:57:24 +00:00
nelsonb%netscape.com
a8b9681335 mpl_rsh now calls s_mp_div_2d instead of duplicating its logic. 
mpl_lsh now calls s_mp_mul_2d instead of duplicating its logic.
 2000-08-02 20:52:17 +00:00
nelsonb%netscape.com
26a0e342f4 - Implement s_mp_mul_2d, which complements s_mp_div_2d. 
- Rewrite and speed up mp_sqr, most-frequently used in mp_exptmod().
- Speed up mp_sqrt by starting with a much better initial estimate.
 2000-08-02 20:50:57 +00:00
nelsonb%netscape.com
da54a36647 Accept input args in hex, not decimal. Line up output into columns. 2000-08-02 20:48:28 +00:00
nelsonb%netscape.com
9620ef0ca4 Declare s_mp_mul_2d(), which is complementary to s_mp_div_2d(). 2000-08-02 20:47:05 +00:00
relyea%netscape.com
0ae2a22271 Remove old communicator stuff from libjar so modutil will build now. 2000-08-02 18:41:31 +00:00
nelsonb%netscape.com
886543402f Reduced the number of temporary variables allocated and freed during a 
modular exponentiation by over 99%.  Modified mp_mul and mp_sqr to only
allocate temporary variables when absolutely needed.  Changed mp_copy
and mp_init_copy to allocate space according to the amount allocated
in the source, reducing the need to grow the variable later.
 2000-08-02 01:03:14 +00:00
nelsonb%netscape.com
147b7451ec Investigating allocation of temporary variables. 2000-08-02 01:01:01 +00:00
nelsonb%netscape.com
e24f34f2c8 Declare mp_int function arguments "const" as appropriate. 2000-08-01 01:38:30 +00:00
nelsonb%netscape.com
9caea97bd1 Change default value for MP_ARGCHK to depend on whether or not DEBUG is 
defined.  Raise the default "precision" to reduce reallocations.
 2000-08-01 01:36:30 +00:00
nelsonb%netscape.com
cb72925c4a Fix initalizers in logtab.h to be "float" values, not "double" values. 2000-07-31 20:36:41 +00:00
nelsonb%netscape.com
1ebd55b401 Fix build problem caused by the fact that including stdlib.h implicitly 
includes stdio.h on some platforms, but not on others.
 2000-07-31 20:08:46 +00:00
nelsonb%netscape.com
4e92230a97 Use Windowed computation of exponent in mp_exptmod(). 2000-07-30 06:37:14 +00:00
nelsonb%netscape.com
71be9cf03c Add function mpl_get_bits(). Returns value of contiguous subset of bits 
of bignum.  Useful for windowed modular exponentiation.
 2000-07-30 06:35:38 +00:00
nelsonb%netscape.com
78256a8fa7 MPI Arbitrary Precision Integer Arithmetic library. 
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
 2000-07-30 02:05:19 +00:00
nelsonb%netscape.com
97ef19c3b8 MPI Arbitrary Precision Integer Arithmetic library. 
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
 2000-07-30 01:56:35 +00:00
nelsonb%netscape.com
792ad45230 Build mpi library files in freebl. 2000-07-29 19:07:22 +00:00
nelsonb%netscape.com
df9c21a9de Separate DH implementation for use with BSAFE and mpi-based implementation 
into two files.
 2000-07-29 19:06:54 +00:00
nelsonb%netscape.com
534ec52daa Build libmpi.a. Include mpmontg.o in libmpi.a. Build programs with 
libmpi.a.  Fix dependencies so lib is rebuilt when headers change.
 2000-07-28 23:11:12 +00:00
nelsonb%netscape.com
6b24794435 Modular exponentiation with Montgomery reduction for MPI. 
The Initial Developer of the Original Code is
Netscape Communications Corporation.  Portions created by Netscape are
Copyright (C) 2000 Netscape Communications Corporation.
All Rights Reserved.
 2000-07-28 23:09:02 +00:00
nelsonb%netscape.com
71fb2fa5e4 Disambiguoate error messages in mod-expt test. 2000-07-28 23:04:23 +00:00
nelsonb%netscape.com
385fd4fc86 - Renamed mp_exptmod to s_mp_exptmod. This function is now used only in 
when the modulus is even. mp_exptmod is now in mpmontg.c.
- Declare and define new function s_mp_mul_d_add_offset(), which computes
the product of an mp_digit and an mp_int, shifts the product to the left
by a number of digits, and adds the shifted product to another mp_int.
Used in multiplication and Montgomery reduction.  Numerous platform
vendors have assembly language versions of this function.
- Removed some ANDs with DIGIT_MAX.  Casting to mp_digit is necessary
and sufficient.  The AND doesn't help.
 2000-07-28 23:03:12 +00:00
nelsonb%netscape.com
f554a212b4 Use unsigned int for mp_digit instead of unsigned long when both are 
32-bits.  This reduced warnings.  Use mp_size instead of unsigned int
in function declarations. Fix MP_DIGIT_FMT for 32-bit digits.
 2000-07-28 22:55:56 +00:00
nelsonb%netscape.com
a38b5ec52f Use mp_size instead of unsigned int in function prototypes. 2000-07-28 22:49:42 +00:00
mcgreer%netscape.com
ce6f724504 merge changes from 3.0 branch 2000-07-27 18:26:28 +00:00
nelsonb%netscape.com
99f3a8bf86 Add new function s_mp_add_offset(). 
Very handy in Montgomery reduction using Dusse' and Kalski's method.
 2000-07-27 03:02:42 +00:00
nelsonb%netscape.com
b05581f7ec Moved the declarations of many private defines and functions out of mpi.c 
and into mpi-priv.h.  Previously, mplogic.c and mpprime.c had duplicate
copies of some of those declarations.  Now, they include mpi-priv.h
 2000-07-27 02:38:54 +00:00
nelsonb%netscape.com
bf4e60e7b3 Fix sprintf format, can't use DIGIT_FMT. 2000-07-27 00:23:17 +00:00
nelsonb%netscape.com
ba8b232867 Move enhanced prime finder function mpp_make_prime from primegen utility 
program into mpprime.c.  declared in mpprime.h.
 2000-07-26 05:41:59 +00:00
nelsonb%netscape.com
8bf87ce6bb Fix bug in mp_div_2d that set r = q % d when a and q are the same mp_int. 
Minor performance enhancement to s_mp_div_2d when DIGIT_BIT divides d.
 2000-07-26 05:39:53 +00:00
nelsonb%netscape.com
7bb8634a3c Fix a bug in recently added function mp_set_bit(). 2000-07-26 05:32:30 +00:00
nelsonb%netscape.com
b9d1a404d2 Update nTires via a pointer argument to mpp_make_prime(). 
Change some printfs.
 2000-07-25 00:16:57 +00:00
nelsonb%netscape.com
aef9190b64 Add new function mpp_fermat_list, which performs the fermat test on a 
list of "witness" numbers.  Simplify and accelerate mpp_pprime().
 2000-07-25 00:15:06 +00:00
nelsonb%netscape.com
cbc85c762b Fix assertion. Comparison sense was inverted. 2000-07-25 00:12:57 +00:00
nelsonb%netscape.com
f16cc60f1a Add -fullwarn to some build flags. Change dependencies for primegen. 2000-07-22 07:22:37 +00:00
nelsonb%netscape.com
175cab0f15 Implement sieving to accelerate elimination of composites. 
This sieve eliminates all but about 3500 numbers from each range of 64k.
 2000-07-22 05:54:21 +00:00
nelsonb%netscape.com
1f040d3f9f Use large prime table for faster prime gen. Make prime table "const". 
Change functions that use prime table to use const arguments.
 2000-07-22 05:36:45 +00:00
nelsonb%netscape.com
41121574a7 Change s_mp_norm to always use a power of two as the normalizing factor. 
This enhancement performance by turning the normalizing and denormalizing
operations into shifts.
 2000-07-21 21:06:08 +00:00
nelsonb%netscape.com
4b4e6bccd9 Implement mpl_get_bit, mpl_set_bit, mpl_significant_bits. 2000-07-21 21:04:14 +00:00
nelsonb%netscape.com
3b292e3f60 Fix symbol prefixes in some comments. 2000-07-21 20:50:31 +00:00
mcgreer%netscape.com
36c22a2a15 some compilers don't like the void* arithmetic 2000-07-20 16:58:32 +00:00
nelsonb%netscape.com
350eea5535 Use unsigned ints for length parameters to "octets" functions. 2000-07-20 04:47:24 +00:00
nelsonb%netscape.com
7f70f07983 Eliminate lots of warnings found by -fullwarn. 
Add sanity test to s_mp_div().
 2000-07-20 04:21:37 +00:00
nelsonb%netscape.com
04007f8bb5 Eliminate warnings found with -fullwarn. 2000-07-20 04:20:21 +00:00
mcgreer%netscape.com
dbede1a951 Change the startup/shutdown procedure. Now a minimum amount of seed bytes, MIN_SEED_COUNT, are required before output bytes can be extracted. Also, it is possible to do a full restart by calling RNG_RNGInit() and RNG_RNGShutdown() in succession. This is noted in the blapi.h comments for those functions. 2000-07-19 23:54:43 +00:00
nelsonb%netscape.com
5a1cb37329 Build all mpi .c files with -DMP_API_COMPATIBLE 2000-07-19 23:23:24 +00:00
nelsonb%netscape.com
94e36d6f32 Implement 5 new functions for dealing with variable length integers 
represented as unsigned and signed octet strings.
mp_read_unsigned_octets(), mp_unsigned_octet_size(),
mp_to_unsigned_octets(), mp_to_signed_octets(), mp_to_fixlen_octets()
See mpi.h for more info.
 2000-07-19 23:22:43 +00:00
nelsonb%netscape.com
9ab0d70f0e All #defines now have MP_ prefix. To get old #defines, compile with 
-DMP_API_COMPATIBLE .  mpi.c is compiled that way.
 2000-07-19 23:18:08 +00:00
mcgreer%netscape.com
adc97e5caf initial checkin of PRNG code 2000-07-19 17:01:31 +00:00
mcgreer%netscape.com
0b57de2866 initial checkin of ARCFour. 2000-07-18 00:56:09 +00:00
nelsonb%netscape.com
49bfd5fc00 Fix "random" modulus so it is odd and has msb of most significant digit 
set to 1, and "random" base to be less than modulus.
 2000-07-17 22:37:55 +00:00
nelsonb%netscape.com
8133fdd980 Fix script to run on certain unix platforms. 2000-07-17 22:34:30 +00:00
nelsonb%netscape.com
7dc037f3a3 Shorten this test so it completes in less time. 2000-07-17 22:33:46 +00:00
nelsonb%netscape.com
bdf621e594 Fix mpp_pprime() so it doesn't stop after first succesful iteration. 2000-07-17 22:32:46 +00:00
nelsonb%netscape.com
88292a3a0d Add support for 32-bit digits (64-bit words) on platforms that can 
multiply two 32-bit values yielding a 64-bit product in hardware.
Fix bug in s_mp_div that computed a quotient digit q > DIGIT_MAX
when b > DIGIT_MAX/2 and b < a <= DIGIT_MAX.
 2000-07-17 22:31:18 +00:00
nelsonb%netscape.com
29b5ea6ec4 Elimintate type mismatch warning. 2000-07-17 22:23:23 +00:00
nelsonb%netscape.com
9ae84ceff8 Turn on MP_CRYPTO flag by default. Increase default size to 32 digits. 2000-07-17 22:22:28 +00:00
nelsonb%netscape.com
3e30ad8b50 Get file to work with SysV make on IRIX. 
Add .i target (preprocessor output).
 2000-07-17 22:21:42 +00:00
nelsonb%netscape.com
7ed5654089 MPI Arbitrary Precision Integer Arithmetic library. 
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
 2000-07-14 00:45:02 +00:00
relyea%netscape.com
2c08b2ae6c Fix memory leak when using hardware acceleraters. 2000-06-29 21:26:17 +00:00
chrisk%netscape.com
3902194f5b Added some comments and asserts 2000-06-21 18:12:02 +00:00
chrisk%netscape.com
92a3672caa Oops - fixed the fix. The prototype now correctly unpacks into a 
DHPublicKey structure.
 2000-06-21 00:04:38 +00:00
chrisk%netscape.com
a83d527722 Fix OID for DC AVAs - the root OID in RFC2247 is not different from 
the root OID in RFC1274 - so the one we had was WRONG.
I don't know where it came from.
 2000-06-20 16:31:31 +00:00
chrisk%netscape.com
390a6f1dec Add code for generation of SMIMEProfile and SMIMEKeyEncryptionPreference 2000-06-20 16:28:59 +00:00
chrisk%netscape.com
23cd2f3659 First feeble attempt at fixing the problem that our definition of 
Diffie-Hellman key parameters does not encompass all the optional
fields defined in RFC2459, section 7.3.2 (namely j and validationParams).

I added comments reminding us of the fact that PQGParams need to be
extended to hold these, and fixed the ASN1 prototype from its previous
totally broken status to one that decodes prime, subPrime and base
correctly, and skips the rest.

This avoids failure in public key extraction (which is part of verification)
with DH certs.
 2000-06-20 16:22:36 +00:00
chrisk%netscape.com
3550ea9e23 Fix problem where DH certs were always rejected when verifying them 
for EMail encryption.
A Diffie-Hellman key needs to be tested for KU_KEY_AGREEMENT, not
KU_KEY_ENCIPHERMENT.
 2000-06-20 16:15:32 +00:00
chrisk%netscape.com
c8e8241728 Fix bug in decoder: 
When encoding indefinitely & encountering an optional field at the end of
a sequence, right after an IMPLICIT or POINTER template, the decoder
was not propagating the optionalness and the end-of-contents condition
correctly as it hits the end-of-contents octets instead of the optional
field. This is because IMPLICIT and POINTER push TWO states to look
for the next tag, not just one.
(The first state is "afterImplicit" or "afterPointer", the second one
starts with "beforeIdentifier" as usual).
This finally makes decoding envelopedData messages in cmsutil work.
 2000-06-20 13:24:01 +00:00
thayes%netscape.com
4cd82c9914 Fix double free of item value that is in an arena. 2000-06-16 23:26:16 +00:00
chrisk%netscape.com
9f56a873d3 Add generation of SMIMECapabilities 2000-06-14 23:17:52 +00:00
chrisk%netscape.com
9cbdb3d252 Make example 5.7 of ietf-smime-examples draft decode correctly 
(we still cannot look up certs by SubjectKeyID, so it won't verify)
 2000-06-14 23:12:48 +00:00
chrisk%netscape.com
f7113ab1b2 Merge smimetk_branch to tip... 2000-06-13 21:56:37 +00:00
relyea%netscape.com
d43393b11b reuse old key structures on a given token rather than building it up and 
tearing it down every time.
 2000-06-13 21:37:28 +00:00
relyea%netscape.com
78671954d3 Reuse old Object structures rather than build and free them every time. 2000-06-13 21:34:52 +00:00
chrisk%netscape.com
67e0b44687 Fix DSA / BLAPI interface by creating stub functions that have the 
correct signature for being called via context->update or context->verify.
 2000-06-12 23:43:42 +00:00
mcgreer%netscape.com
dd3dd4e3e1 added roots. 2000-06-12 22:39:02 +00:00
thayes%netscape.com
8d09de22cf Fix cleanup code in Decrypt to check for NULL pointers 2000-06-12 20:19:39 +00:00
thayes%netscape.com
d562a12ca9 Add permanent (token) key for supporting Secret Decoder Ring (SDR) 
Bug 26085
 2000-06-10 19:00:45 +00:00
nelsonb%netscape.com
9d2744f5ce Carry forward fix from NSS 2.8 for servers that don't do ssl2. 2000-06-06 20:32:18 +00:00
mcgreer%netscape.com
8afb3c69cf fork content version between ns-branded builds and mozilla builds. 2000-06-02 22:35:29 +00:00
mcgreer%netscape.com
0307d81230 Allow for building with internal roots. 2000-06-02 18:37:53 +00:00
mcgreer%netscape.com
883e025f3d Allow for building with internal root certs. 2000-06-02 18:37:14 +00:00
thayes%netscape.com
b2aa68c6fe Use PK11 fixed key lookup to locate the key value. Fix ENCRYPT/DECRYPT bug in 
SDR_Decrypt.
 2000-05-31 23:06:02 +00:00
relyea%netscape.com
d6dd1b2540 Return to using the thread safe version. The non-thread safe version can double free memory 2000-05-31 22:37:17 +00:00
relyea%netscape.com
2900921f0d Fix bug which would have bypassed mac checking in TLS 2000-05-31 22:36:02 +00:00
mcgreer%netscape.com
e771f6a310 fix static array (found with solaris 2.7 build) 2000-05-31 22:17:47 +00:00
thayes%netscape.com
bbed546e6b Initial version of header for SDR wrappers 2000-05-27 03:31:51 +00:00
nelsonb%netscape.com
51de4ce7a6 Fix build on NT. Correct link order in PKCS11 directory. 2000-05-27 01:30:29 +00:00
nelsonb%netscape.com
211a572ab0 Add new implementation of the algorithm from RFC 2268. Fix some comments. 2000-05-27 01:29:35 +00:00
thayes%netscape.com
27d1adc752 Initial version of the PK11 wrappers for SDR. This version uses a fixed key id (0) 
and and 3DES key value.
 2000-05-26 22:24:01 +00:00
nelsonb%netscape.com
34ae72b37f Simplify and speed up client cache expiration detection. 2000-05-24 19:28:27 +00:00
nelsonb%netscape.com
0ea2ec3f99 Fix the logic in client and server to detect version roll-back attack, 
rolling back from TLS (SSL 3.1) to SSL 3.0.  Provide a new SSL socket
option to disable roll-back detection in servers, since certain TLS
clients are doing it incorrectly.
 2000-05-24 03:35:23 +00:00
nelsonb%netscape.com
d14a82cbb8 Changes in support of corrected TLS rollback detection. 2000-05-24 03:31:44 +00:00
nelsonb%netscape.com
a113e9ad8a Fix a transcription error that caused a crash. 2000-05-24 02:22:18 +00:00
mcgreer%netscape.com
1f8008ee85 Added calls for BSAFE 5.0 2000-05-23 22:15:25 +00:00
chrisk%netscape.com
cc9a75cd14 Added RFC2630 OID values: 
SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = id-alg-ESDH
SEC_OID_CMS_3DES_KEY_WRAP                   = id-alg-CMS3DESwrap
SEC_OID_CMS_RC2_KEY_WRAP                    = id-alg-CMSRC2wrap
 2000-05-22 15:28:22 +00:00
chrisk%netscape.com
8a40c748ac Added SEC_ASN1DecodeInteger function 2000-05-22 15:24:20 +00:00
nelsonb%netscape.com
7e2567dffc Performance enhancement. Takes only 70% as long as previous version. 2000-05-19 22:14:38 +00:00
nelsonb%netscape.com
b486d9d3d5 Fix sha_fast for 64-bit solaris and 64-bit Alpha. 2000-05-19 02:10:33 +00:00
mcgreer%netscape.com
5ca43c9e50 Changing MIN's and MAX's to PR_MIN, PR_MAX 2000-05-18 15:32:18 +00:00
mcgreer%netscape.com
1d3f68dd7e Changing all MIN's and MAX's to PR_MIN, PR_MAX 2000-05-18 15:30:12 +00:00
mcgreer%netscape.com
aba66a5214 changing all MIN's and MAX's to PR_MIN, PR_MAX (MIN and MAX were defined in dbm). 2000-05-18 15:28:43 +00:00
nelsonb%netscape.com
db1c7e8b35 Changes to ssl_EmulateSendFile suggested by Wan-Teh. 
See http://bugzilla.mozilla.org/show_bug.cgi?id=39011
 2000-05-18 01:32:53 +00:00
nelsonb%netscape.com
401cd644f6 In ssl3_GenerateSessionKeys() ensure params secitem always points to valid 
CK_SSL3_MASTER_KEY_DERIVE_PARAMS structure.  Bugzilla bug 39682.
 2000-05-18 00:41:38 +00:00
roeber%netscape.com
4c7240ff19 Detect at runtime when we're running with NSPR 1 and switch the thread-private-data calls accordingly. This lets our pkcs#11 modules be loaded into Communicator. 2000-05-17 20:19:24 +00:00
roeber%netscape.com
bbe222523a If a database has not been given a label, return the filename so Communicator has *something* to show 2000-05-17 18:28:13 +00:00
mcgreer%netscape.com
40616e7038 fix some compiler warnings 2000-05-17 17:31:20 +00:00
mcgreer%netscape.com
1d9865e6d7 including md2 and md5 implementations in MOZILLA_SECURITY_BUILD 2000-05-16 23:05:47 +00:00
mcgreer%netscape.com
978cc868ef Performance enhancements for md5 implementation. 
+ unroll a loop in md5_compress
+ remove a superfluous variable
 2000-05-16 18:18:39 +00:00
relyea%netscape.com
984310dddf Change the attribute allocation scheme to a fixed array in the object. 2000-05-16 17:40:22 +00:00
relyea%netscape.com
0430e9e67e Add SSL and TLS to the slotlist search functions 2000-05-16 17:37:10 +00:00
relyea%netscape.com
a46662c0d0 1) performance changes. 
a) do C_Decrypt in the handUnwrap case on it's own session so we don't
 single thread through the code.
	b) reuse the session created for the symKey when importing the key from data.

2) robustness changes.
	a) try different ways of getting the signature length if non-complient
 tokens don't present the modulus to us.
	b) Recover from state buffers changing sizes on us in the middle of
GetOperationState().
 2000-05-16 17:36:24 +00:00
relyea%netscape.com
9da670d592 Only output caching if we turn tracing on. 2000-05-16 17:28:31 +00:00
roeber%netscape.com
3cb835685f sync the database after writes 2000-05-16 01:55:20 +00:00
roeber%netscape.com
4c6e020a10 Properly deregister shadow objects of session objects 2000-05-16 01:54:46 +00:00
roeber%netscape.com
4b1bc871db Store object contents in network byte order, for database portability 2000-05-15 20:59:11 +00:00
roeber%netscape.com
84d6e244cd Use the public (cap-NSS) mutex calls, not the private ones 2000-05-15 20:58:19 +00:00
mcgreer%netscape.com
6342624688 Changed DestroyContext functions so that freeit means free everything or free nothing, not just the context pointer. 2000-05-15 20:54:35 +00:00
roeber%netscape.com
d46ea0e2c3 First checkin of database module 2000-05-15 20:39:58 +00:00
mcgreer%netscape.com
50cdc7829c Add condition for BSAFE build. 2000-05-12 23:37:36 +00:00
mcgreer%netscape.com
0d6b5ee3a6 Initial checkin of implementations of MD2 and MD5. An empty definition of Diffie-Hellman to allow for building, more later. Changes to Makefile for building with BSAFE. 2000-05-12 23:35:06 +00:00
dougt%netscape.com
7dc028cf1e Minor changes to fix mac build bustages. 2000-05-12 18:43:28 +00:00
roeber%netscape.com
6416a1bd38 Adding CK_USHORT back in, for pedantic tests' sake 2000-05-09 18:57:58 +00:00
roeber%netscape.com
21d2b28567 Backing out accidental (recursive) commit 2000-05-09 18:35:24 +00:00
roeber%netscape.com
28dc429127 Added ckmd.h to private exports list 2000-05-09 18:31:16 +00:00
nelsonb%netscape.com
e65d9f2223 Small optimization for RSA Server Key exchange message. Uses fewer PK11_ 
calls to do the job. Also, plug one mem leak in Fortezza code.
 2000-05-08 23:55:05 +00:00
mcgreer%netscape.com
48ae0ebe61 change to comment text 2000-05-05 00:50:38 +00:00
mcgreer%netscape.com
3e2a298606 Code to provide hooks to RSA's BSAFE licensed code. 2000-05-04 21:58:18 +00:00
roeber%netscape.com
739f76548f Getting session objects working. 2000-04-20 03:14:47 +00:00
roeber%netscape.com
93897a83fe Wait a minute, I was right the first time: I don't need to worry about 
endianness, that's a display problem.
 2000-04-19 22:07:09 +00:00
roeber%netscape.com
db07e9f9cf Multiple changes to get the cryptoki framework and builtin-object 
module working:  1) C_GetFunctionList is always present; 2) fwObject
and fwSession now remember their handles on behalf of the fwInstance;
3) fwSessions are created before mdSessions, so the mdSession can
use the fwSession's arena; 4) finished implementing findObjects;
5) builtin constants are in network byte order; 6) libnssckbi.so
knows about and can pull in its dependencies (e.g. libnssckfw.so,
libnssb.so, and NSPR).
 2000-04-19 21:32:38 +00:00
roeber%netscape.com
c71276e88d I missed a couple usages of nssUTF8_Size when its signature changed. 
Also made a pedantic check #ifdef PEDANTIC.
 2000-04-19 21:24:57 +00:00
roeber%netscape.com
c7ce07669f Free from the beginning of the real block pointer, not the user's pointer. 2000-04-19 21:23:13 +00:00
nelsonb%netscape.com
967ed46e9f This file was not the source authorized by Paul Kocher of Cryptography 
Research Inc for release on Mozilla.  It has been replaced by sha_fast.c.
 2000-04-07 02:24:57 +00:00
nelsonb%netscape.com
81f283c678 Switch freebl to use the sha1 sources authorized by Paul Kocher of 
Cryptography Research Inc.
 2000-04-07 02:22:47 +00:00
nelsonb%netscape.com
2554f98616 Make additional performance improvements, especially for big endian CPUs. 2000-04-07 01:14:06 +00:00
repka%netscape.com
6f4b665973 Build new base64 encoder implementation. 2000-04-06 22:41:21 +00:00
repka%netscape.com
80689ecb46 Removed BTOA_ConvertItemToAscii (now defined in nssb64e.c, using new 
base64 encoder implementation).
 2000-04-06 22:38:27 +00:00
nelsonb%netscape.com
082f19af2f Convert to BLAPI interface. Make very minor optimizations. 2000-04-06 06:07:37 +00:00
nelsonb%netscape.com
6ad931fad9 Check in original SHA implementation sources on behalf of Paul Kocher Cryptography Research, Inc. paul@cryptography.com 2000-04-06 02:48:30 +00:00
repka%netscape.com
355556a555 Fixed some typos and inconsistencies. 2000-04-06 00:42:49 +00:00
repka%netscape.com
97cb8bcf38 First cut at replacement for base64 encoder. 2000-04-06 00:39:49 +00:00
repka%netscape.com
73b70ac5a7 - Added an error check and comment complementary to thayes's previous change 
(same as I had already made in my version, but he beat me to checking it in).
- Some miscellaneous clean-up (typos, really).
 2000-04-06 00:38:12 +00:00
thayes%netscape.com
48f0c9789e Initialize SECItem values in ATOB_ routines to avoid PR_Assert for previously 
allocated data buffers in the NSS versions of these routines.
 2000-04-06 00:26:24 +00:00
thayes%netscape.com
915877263f Change handling of hash table for OSCP hashes to delete both hash key and 
associated value in the hashtable "free entry" routine.  Fixes a memory leak.
(Re Netscape bug: 390117)
 2000-04-06 00:24:43 +00:00
nelsonb%netscape.com
8499f9c677 Change definition of $FILES. Don't include contents of CVS subdirectory. 2000-04-05 01:11:53 +00:00
relyea%netscape.com
a3332a7b7f Make the stub sytem work for WIN NT as well as other unix platforms: 
1) fix compile issue in the stub maci.c file (change dllimports to dllexports).
	2) build a dll with matching lib to make the symbols all work.
 2000-04-04 23:49:50 +00:00
roeber%netscape.com
ce5fd5acf0 Added a comment to the PORT character-conversion routines about 
network byte order.
 2000-04-04 18:27:34 +00:00
roeber%netscape.com
0f208ea997 Make the conversion routines handle network byte order, not host byte order. 2000-04-04 02:36:46 +00:00
relyea%netscape.com
0633919690 Use NSINSTALL instead of symbolic links so crypto works on NT builds as well. 2000-04-03 22:28:49 +00:00
roeber%netscape.com
f59f634fdf typo I missed from last may 2000-04-03 21:58:53 +00:00
roeber%netscape.com
78c1cb10f0 the license boilerplate whompage induced a compile-blocking typo 2000-04-03 21:58:34 +00:00
relyea%netscape.com
5ff98f3f5a Adjust jzlib.h acquired for zlib.h to it builds in the .jar file. 
Add define in manistet to make it work.
 2000-03-31 20:56:10 +00:00
relyea%netscape.com
477a06c7b1 Create the Security link correctly. 2000-03-31 20:48:55 +00:00
relyea%netscape.com
9fd7059a19 Initial NSS Open Source checkin 2000-03-31 20:13:40 +00:00
relyea%netscape.com
8c4b7edd1d Initial NSS Open Source Checkin 2000-03-31 19:16:26 +00:00
relyea%netscape.com
3302748a42 Initial NSS Open source checkin 2000-03-31 19:14:40 +00:00