Commit Graph

50 Commits

Author SHA1 Message Date
jpierre%netscape.com
f5d7282963 Fix for 232377 - assertion in vfychain with DSA cert. r=wtc, nelsonb 2004-01-28 23:25:07 +00:00
nelsonb%netscape.com
ce75f8d873 Move an extern function declaration to the header file where it belongs.
Bug 229212. r=relyea.
2004-01-22 02:19:42 +00:00
relyea%netscape.com
6a63299667 Bug 229193
Patch by wtc revied by relyea & ian
2003-12-31 23:19:26 +00:00
wchang0222%aol.com
34519e6ab3 Removed unused variable 'rawSigLen'. 2003-12-23 21:24:01 +00:00
wchang0222%aol.com
5bfcd81514 Declare the argument to SECKEY_ECParamsToKeySize as const.
Modified Files: seckey.c pk11skey.c
2003-12-23 02:05:28 +00:00
wchang0222%aol.com
79387320b7 Renamed SECKEY_ECParams2KeySize as SECKEY_ECParamsToKeySize. Do not export
this function from the nss3 shared library.
Modified Files: seckey.c pk11skey.c nss.def
2003-12-22 23:36:40 +00:00
ian.mcgreer%sun.com
5c2c5888f9 ECC code landing.
Contributed by Sheuling Chang, Stephen Fung, Vipul Gupta, Nils Gura,
and Douglas Stebila of Sun Labs
2003-10-17 13:45:42 +00:00
nelsonb%netscape.com
e7297b0a76 Fix bug 213084. Detect when cert in signature cannot be imported.
Detect NULL pointer, don't crash.
2003-07-31 00:16:27 +00:00
wtc%netscape.com
ce11300ca6 Bug 206926: 1. Undo the changes to secrng.h, pqgutil.h, swfutl.c,
unix_rand.c, and win_rand.c. 2. Make secrng.h and pqgutil.h private.
3. Public header pk11pqg.h can't include private header pqgutil.h.
4. Many files don't need to include secrng.h.  A few don't need to include
pqgutil.h.  5. Remove duplicate declarations of PQG_DestroyParams and
PQG_DestroyVerify from blapi.h.
2003-05-30 23:31:32 +00:00
wtc%netscape.com
6022e0f192 Bug 206926: make blapi.h private. Public headers that included blapi.h
now include blapit.h.  It is necessary to make blapit.h because some
public headers and PSM use the types defined in it.  r=relyea,nelsonb.
Modified Files: cryptohi.h lib/freebl/manifest.mn secrng.h pqgutil.h
2003-05-24 03:34:55 +00:00
nelsonb%netscape.com
3f52ba47c1 Changes to enable ECC over characteristic 2^m fields.
Contribution from Vipul Gupta <Vipul.Gupta@Sun.COM>
Modified Files:
 nss/cmd/strsclnt/strsclnt.c nss/lib/cryptohi/seckey.c
 nss/lib/freebl/blapit.h nss/lib/freebl/ec.c
 nss/lib/freebl/manifest.mn nss/lib/freebl/mpi/Makefile
 nss/lib/softoken/ecdecode.c nss/lib/softoken/pkcs11.c
 nss/lib/ssl/ssl3con.c nss/lib/util/secoid.c
 nss/lib/util/secoidt.h
2003-03-29 00:18:30 +00:00
nelsonb%netscape.com
f87129ad87 Add support for Elliptic Curve Cryptography. Bug 195135.
Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c
2003-02-27 01:31:38 +00:00
wtc%netscape.com
3cfd1da0cc Bug 145029: fixed compiler warnings (mostly "xxx might be used
uninitialized").
2003-01-17 02:49:11 +00:00
nelsonb%netscape.com
a4ffefd8be Support SHA256, SHA384, and SHA512 hashes in NSS. 2002-12-12 06:05:45 +00:00
nelsonb%netscape.com
dd4c5651b8 Add new SHAxxx hash algorithms to tables of SECHashObjects. 2002-11-16 03:29:32 +00:00
jpierre%netscape.com
c4e2aa9127 Fix for bug 95311 - copy the DER input key to the arena, and free the arena upon decoding failure. 2002-10-29 23:47:31 +00:00
jpierre%netscape.com
31ce9957ca Use QuickDER to decode DER public key. Bug #95311 2002-10-29 22:52:31 +00:00
nicolson%netscape.com
fcbdfadf85 Fix 169577: SGN_End crashes if DSA signature fails. 2002-09-19 01:07:43 +00:00
nicolson%netscape.com
e179fe8904 Fix 164126: makefile build error.
Change the NSS module name from "security" to "nss".
2002-09-06 16:38:56 +00:00
jpierre%netscape.com
5e5a705cb7 Fix for 160805 . Make a copy of items into the arena before calling SEC_QuickDERDecodeItem where needed 2002-08-31 00:37:52 +00:00
jpierre%netscape.com
463500a5ab Convert slow SEC_ASN1DecodeItem calls to SEC_QuickDERDecodeItem where possible. Performance improvement. Bug #160805 . r=relyea 2002-08-24 00:52:47 +00:00
bishakhabanerjee%netscape.com
532b7c841e Checking in riceman+bmo@mail.rit.edu's patch for bug 133702 2002-07-30 19:01:18 +00:00
ian.mcgreer%sun.com
bc5808a5ed bug 125359, by default the ASN.1 en/decoder should treat all numbers as signed. But many source/target items desire unsigned integers (specifically, bignums in the crypto stuff), so implement an siUnsignedInteger type which notifies the en/decoder to handle the conversion.
r=nelsonb
2002-02-21 22:41:44 +00:00
relyea%netscape.com
31218c1ff3 Bug 117978: accessor functions to all JCE keystore API to be implemented. 2002-02-03 03:37:26 +00:00
nicolson%netscape.com
64b6656f21 Fix 113301: SECKEY_ImportDERPublicKey should support all public key types.
r=relyea.
2001-12-10 21:11:14 +00:00
relyea%netscape.com
ab7e346965 changes for PSM to compile against NSS shared libraries.
Move SSL and S/MIME to the new common MAPFILE usage
2001-11-21 18:00:28 +00:00
relyea%netscape.com
68bc6218a2 NSS 3.4 integration changes.
1) 3.4 needs to bump the version numbers up by one on secmod.db from NSS 3.3
   2) Need to add escapes to the configdirectory. (should add them to other parameters as well.
   3) put exported files back into the correct headers.
   4) Add _BEGIN/_END protos where appropriate.
2001-11-19 19:04:59 +00:00
nelsonb%netscape.com
cd6006d2cd Now that the implementations of all the RNG_ functions have been moved
from lib/util to lib/freebl, move the RNG header file there, too.
Eliminate secrngt.h, which has been empty (except for the license
boilerplate) for many releases.
2001-11-15 04:29:27 +00:00
relyea%netscape.com
e27189dd1d Land BOB_WORK_BRANCH unto the tip.
remove lots of depricated files.
move some files to appropriate directories (pcertdb *_rand
associated headers to soft token, for instance)
rename several stan files which had the same name as other nss files.
remove depricated functions.
2001-11-08 00:15:51 +00:00
nelsonb%netscape.com
bb37a46273 Add a few new OIDs for AES and one old semi-bogus OID for DSA. 55048. 2001-09-25 23:29:30 +00:00
relyea%netscape.com
d58d421bd6 1) fix compilier warnings on AIX, Solaris, HP, and Linux.
2) remove Dependency on low key structures in the soft token.
2001-09-20 21:30:48 +00:00
nicolson%netscape.com
7f28add0af Fix 95666: ImportDERPublicKey assigns CK_KEY_TYPE to pubkey->type. 2001-09-10 22:53:34 +00:00
nelsonb%netscape.com
e17976568a Fix a crash. An attempt to move a sensitive key longer than 48 bytes
from one token to another will no longer crash.  Instead, it will fail
with the new error code SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY.  Bug 97887.
In addition, DHE key pairs are now generated with CKA_SENSITIVE false.
2001-09-06 03:00:39 +00:00
nicolson%netscape.com
46c3dc53ea Fix bug 87650: replace slot traversal functions with list functions.
Add SECKEY_ImportDERPublicKey.
2001-06-25 19:31:17 +00:00
relyea%netscape.com
2c16a917c9 Add function to encode a SPKI structure. 2001-06-07 21:47:29 +00:00
relyea%netscape.com
9e28385aa3 JSS integration bug 77662 . Allow Verification by passing the signature at the
end of the process rather than at the beginning.
2001-05-01 23:59:27 +00:00
relyea%netscape.com
d530cbbec8 Export function to extract the public key from a subject key info
for JSS to use for CMS.
2001-04-24 20:04:14 +00:00
nelsonb%netscape.com
f8e2a2a948 Implementation of 5 DHE ciphersuites, client side only.
Contributed by Dr Stephen Henson <stephen.henson@gemplus.com>
2001-04-11 00:29:18 +00:00
wtc%netscape.com
a83eb31b00 Bugzilla bug #63768: removed references to the obsolete PURE_LIBRARY,
HAVE_PURIFY etc. make variables in NSS files.  Reviewed by nelson Bolyard.
Modified Files:
	cmd/platrules.mk cmd/crmf-cgi/config.mk cmd/crmftest/config.mk
	cmd/lib/config.mk cmd/zlib/config.mk lib/base/config.mk
	lib/certdb/config.mk lib/certhigh/config.mk lib/ckfw/config.mk
	lib/crmf/config.mk lib/cryptohi/config.mk
	lib/fortcrypt/swfort/config.mk lib/freebl/config.mk
	lib/jar/config.mk lib/nss/config.mk lib/pk11wrap/config.mk
	lib/pkcs12/config.mk lib/pkcs7/config.mk lib/smime/config.mk
	lib/softoken/config.mk lib/ssl/config.mk lib/util/config.mk
2001-02-02 01:49:57 +00:00
wtc%netscape.com
6f7422a77a Bugzilla bug #65416: assign values explicitly to enumeration constants.
The same values that the compiler would assign are assigned, with only
one exception (cmmfNoPKIStatus in cmmft.h).  This is patch id=22555,
reviewed by Nelson Bolyard.
2001-01-18 16:36:43 +00:00
nelsonb%netscape.com
eea673c43a MSVC won't let you initialize a pointer in a data structure with the
address of an external variable that comes from another DLL.
This is a fundamental difference between WIN32 DLLs and Unix DSOs.
So, for every SEC_ASN1Template inside of libnss3 that is referenced by
other templates outside of libnss3, a new "chooser" function was created
that returns the address of that template.  For WIN32, the templates
outside of libnss3 access libnss3's templates by the chooser function
rather than by direct reference.  Some simple macros allow Unix to
continue to use direct references, avoiding the extra function calls.
With these changes, all.sh (qa script) passes all tests on NT with DLLs.
Modified Files:
	cmd/checkcert/checkcert.c cmd/lib/secutil.c lib/asn1/asn1t.h
	lib/certdb/certdb.c lib/certdb/certt.h lib/certdb/crl.c
	lib/certhigh/certreq.c lib/crmf/asn1cmn.c lib/crmf/crmfcont.c
	lib/crmf/crmftmpl.c lib/cryptohi/secsign.c lib/nss/nss.def
	lib/pkcs12/p12local.c lib/pkcs12/p12tmpl.c
	lib/pkcs7/certread.c lib/pkcs7/p7decode.c lib/pkcs7/p7local.c
	lib/smime/cmsasn1.c lib/smime/cmsattr.c lib/smime/cmspubkey.c
	lib/smime/cmssigdata.c lib/smime/smimeutil.c
	lib/softoken/keydb.c lib/softoken/keydbt.h lib/util/secalgid.c
	lib/util/secasn1.h lib/util/secasn1d.c lib/util/secasn1t.h
	lib/util/secasn1u.c lib/util/secdig.c lib/util/secdig.h
	lib/util/secoid.h
2001-01-07 08:13:13 +00:00
nelsonb%netscape.com
9407723b67 Eliminate some warnings by adding missing #include lines, or other minor
cleanup.
2001-01-07 07:56:35 +00:00
nelsonb%netscape.com
1311ab52d4 Changes to deal with exporting data from Windows DLLs.
SECHashObjects[] is no longer exported.
New function HASH_GetHashObject returns pointer to selected const object.
SSL statistics are now in a structure whose address is obtained via a
call to SSL_GetStatistics().
On NT, the new symbol NSS_USE_STATIC_LIBS must be declared in programs
that use the static SSL library.
Also, propagate "const" declaration for SECHashObjects.
2001-01-05 01:38:26 +00:00
wtc%netscape.com
4c72980500 Bugzilla bug #64238: removed the unnecessary inclusion of mcom_db.h from
cryptohi.h, pk11func.h, secpkcs7.h, and cms.h.  Some files now need to
include <errno.h>.  They were including <errno.h> indirectly through
mcom_db.h.
Modified Files:
	cmd/atob/atob.c cmd/btoa/btoa.c cmd/derdump/derdump.c
	lib/cryptohi/cryptohi.h lib/pk11wrap/pk11func.h
	lib/pkcs7/secpkcs7.h lib/smime/cms.h lib/ssl/sslsnce.c
2001-01-04 00:44:30 +00:00
chrisk%netscape.com
92a3672caa Oops - fixed the fix. The prototype now correctly unpacks into a
DHPublicKey structure.
2000-06-21 00:04:38 +00:00
chrisk%netscape.com
23cd2f3659 First feeble attempt at fixing the problem that our definition of
Diffie-Hellman key parameters does not encompass all the optional
fields defined in RFC2459, section 7.3.2 (namely j and validationParams).

I added comments reminding us of the fact that PQGParams need to be
extended to hold these, and fixed the ASN1 prototype from its previous
totally broken status to one that decodes prime, subPrime and base
correctly, and skips the rest.

This avoids failure in public key extraction (which is part of verification)
with DH certs.
2000-06-20 16:22:36 +00:00
chrisk%netscape.com
f7113ab1b2 Merge smimetk_branch to tip... 2000-06-13 21:56:37 +00:00
chrisk%netscape.com
67e0b44687 Fix DSA / BLAPI interface by creating stub functions that have the
correct signature for being called via context->update or context->verify.
2000-06-12 23:43:42 +00:00
mcgreer%netscape.com
aba66a5214 changing all MIN's and MAX's to PR_MIN, PR_MAX (MIN and MAX were defined in dbm). 2000-05-18 15:28:43 +00:00
relyea%netscape.com
9fd7059a19 Initial NSS Open Source checkin 2000-03-31 20:13:40 +00:00