of 64 bytes, which is wrong for SHA-384 and SHA-512. This requires adding
the hash input block size to the SECHashObject structure. r=relyea,nelsonb
Modified Files:
cryptohi/hasht.h cryptohi/sechash.c freebl/alghmac.c
freebl/blapit.h freebl/rawhash.c
git-svn-id: svn://10.0.0.236/trunk@255476 18797224-902f-48f8-a5cc-f745e15eee43
r=rrelyea. In loader.c, functions returning void must not return a value.
Modified Files:
lib/freebl/loader.c lib/pk11wrap/secmodt.h
lib/softoken/pkcs11n.h
git-svn-id: svn://10.0.0.236/trunk@255473 18797224-902f-48f8-a5cc-f745e15eee43
CKM_INVALID_MECHANISM from secmodt.h to pkcs11n.h. Moved the three
CERTValidity functions from lib/util/sectime.c to lib/certdb/certdb.c.
r=rrelyea.
Modified Files:
lib/certdb/certdb.c lib/nss/utilwrap.c lib/pk11wrap/secmodt.h
lib/softoken/pkcs11n.h lib/util/nssutil.def lib/util/secoid.c
lib/util/sectime.c lib/util/utilrename.h
git-svn-id: svn://10.0.0.236/trunk@255470 18797224-902f-48f8-a5cc-f745e15eee43
bug 401026
r=julien
Implements 2 new functions, one to modify existing pkcs #11 objects, and
another to creat them.
git-svn-id: svn://10.0.0.236/trunk@255469 18797224-902f-48f8-a5cc-f745e15eee43
The problem only happens if we try to import a key into a token which then fails
to import. The basic issue was a hack in the pkcs 7 code to support PKCS 12, A
special structure was used to replace the SymKey structure, and the code 'knew'
the special structure existed before it dealt with the symkey. The fix addes a
new capability to symkeys, where applications can attach application specific
data to the key structure. PKCS 12 uses this to attache the PBE information
for CMS. (part 1 of 3)
This patch also improves the key's reuse of sessions, so sessions are not thrashed
when SSL is used with them.
r=wtc
git-svn-id: svn://10.0.0.236/trunk@255466 18797224-902f-48f8-a5cc-f745e15eee43
r=nelson
This is only the NSS portion of this patch. The PSM portion will be checked in once the
NSS portion is mainlined to mozilla.
git-svn-id: svn://10.0.0.236/trunk@255464 18797224-902f-48f8-a5cc-f745e15eee43
attribute with no exceptions. renamed PK11_ATTR_READONLY as
PK11_ATTR_UNMODIFIABLE. In pk11_OpFlagsToAttributes, backed out a change
I made before. Made pk11_AttrFlagsToAttributes table-driven. In
pk11_loadPrivKeyWithFlags, fixed the bug (always loading the public key as
a token object). Other code cleanups. r=relyea,nelsonb.
Modified files: pk11akey.c pk11obj.c pk11pub.h pk11skey.c secmodt.h
git-svn-id: svn://10.0.0.236/trunk@255462 18797224-902f-48f8-a5cc-f745e15eee43
Modified PK11_TokenKeyGenWithFlags to take a PK11AttrFlags parameter.
PK11AttrFlags controls the values of commonly used PKCS #11 object
attributes that have Boolean values. r=relyea,nelsonb.
Modified Files:
nss/nss.def pk11wrap/pk11akey.c pk11wrap/pk11obj.c
pk11wrap/pk11pub.h pk11wrap/pk11skey.c pk11wrap/secmodi.h
pk11wrap/secmodt.h
git-svn-id: svn://10.0.0.236/trunk@255461 18797224-902f-48f8-a5cc-f745e15eee43
NSS needs to handle better token insertion and removal.
Applied from patch to NSS 3.9
git-svn-id: svn://10.0.0.236/trunk@255459 18797224-902f-48f8-a5cc-f745e15eee43
bug 246130. The new factor is:
pk11akey.c - asymetric keys constructed from pk11cert.c and pk11skey.c
pk11auth.c - authentication/password management factored from pk11slot.c
pk11cert.c - cert code with private key, crls and trust factored out.
pk11ctx.c -- pkcs11 context code, factored out of pk11skey.c
new pk11func.h -- for backward compatibility.
pk11mech.c - mechanism mapping code, factored mostly from pk11slot.c
pk11nobj.c - netscape objects (crls and trust), factored mostly from pk11cert.c
pk11obj.c - generic object support, factored from pk11skey.c pk11slot.c and
pk11cert.c
pk11priv.h -- private functions factored from pk11func.h
pk11pub.h -- public functions factored from pk11func.h
pk11skey.c - now only symetric key ops; private, public key ops, generic ops
and crypto contexs have been factored out.
pk11slot.c - still slot operations. Authentication, generic object ops,
mechanism mapping has been factored out.
This patch should only have refactoring, no new functions or other changes.
git-svn-id: svn://10.0.0.236/trunk@255458 18797224-902f-48f8-a5cc-f745e15eee43
Add support for unprotected private keys without requiring authentication.
Add support to access application specific PKCS #11 objects through NSS.
git-svn-id: svn://10.0.0.236/trunk@255457 18797224-902f-48f8-a5cc-f745e15eee43
function names containing SubjectKey and PublicKey. Moved internal
functions to private headers and use the lowercase cert_ prefix for the
internal functions for subject key ID mapping hash table. r=nelsonb.
git-svn-id: svn://10.0.0.236/trunk@255455 18797224-902f-48f8-a5cc-f745e15eee43
1) 3.4 needs to bump the version numbers up by one on secmod.db from NSS 3.3
2) Need to add escapes to the configdirectory. (should add them to other parameters as well.
3) put exported files back into the correct headers.
4) Add _BEGIN/_END protos where appropriate.
git-svn-id: svn://10.0.0.236/trunk@255444 18797224-902f-48f8-a5cc-f745e15eee43
remove lots of depricated files.
move some files to appropriate directories (pcertdb *_rand
associated headers to soft token, for instance)
rename several stan files which had the same name as other nss files.
remove depricated functions.
git-svn-id: svn://10.0.0.236/trunk@255443 18797224-902f-48f8-a5cc-f745e15eee43
2) Move private functions into private headers.
3) Sharpen the layer separation between NSS components, especially pkcs #12
and soft token.
4) Remove dead code.
git-svn-id: svn://10.0.0.236/trunk@255442 18797224-902f-48f8-a5cc-f745e15eee43
Add necessary exported symbols.
Fix bug in NSS_Initialize where we weren't passing the read only paramter
through.
Add function to search for Certificate Lists so that Traverse does not need to
be exposed.
Update pkcs11 names.
git-svn-id: svn://10.0.0.236/trunk@255436 18797224-902f-48f8-a5cc-f745e15eee43
The same values that the compiler would assign are assigned, with only
one exception (cmmfNoPKIStatus in cmmft.h). This is patch id=22555,
reviewed by Nelson Bolyard.
git-svn-id: svn://10.0.0.236/trunk@255435 18797224-902f-48f8-a5cc-f745e15eee43
SECHashObjects[] is no longer exported.
New function HASH_GetHashObject returns pointer to selected const object.
SSL statistics are now in a structure whose address is obtained via a
call to SSL_GetStatistics().
On NT, the new symbol NSS_USE_STATIC_LIBS must be declared in programs
that use the static SSL library.
Also, propagate "const" declaration for SECHashObjects.
git-svn-id: svn://10.0.0.236/trunk@255434 18797224-902f-48f8-a5cc-f745e15eee43
