diff options
author | wtc%netscape.com <devnull@localhost> | 2003-03-29 04:30:02 +0000 |
---|---|---|
committer | wtc%netscape.com <devnull@localhost> | 2003-03-29 04:30:02 +0000 |
commit | ece0f7dde11d754233ff130f2d0424dec7d6b52a (patch) | |
tree | 0858c88232e31325ebbcacb496a8ba015a30b84c | |
parent | d3bfd141c5c3207dc9ee565eaaeb5be1e1cb7ce9 (diff) | |
parent | f2d3aa43b14e2804a4346d577391ae9fee4d3a7d (diff) | |
download | nss-hg-ece0f7dde11d754233ff130f2d0424dec7d6b52a.tar.gz |
Bug 195127: Turn off debugging output now that we have the AIX tinderbox
working correctly.
36 files changed, 4023 insertions, 88 deletions
diff --git a/security/dbm/Makefile b/security/dbm/Makefile new file mode 100644 index 000000000..34cd6d899 --- /dev/null +++ b/security/dbm/Makefile @@ -0,0 +1,80 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + + + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +coreconf_hack: + cd ../coreconf; gmake + gmake import + +RelEng_bld: coreconf_hack + gmake diff --git a/security/dbm/config/config.mk b/security/dbm/config/config.mk new file mode 100644 index 000000000..753364931 --- /dev/null +++ b/security/dbm/config/config.mk @@ -0,0 +1,67 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +# +# These macros are defined by mozilla's configure script. +# We define them manually here. +# + +DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR + +# +# Most platforms have snprintf, so it's simpler to list the exceptions. +# +HAVE_SNPRINTF = 1 +# +# OSF1 V4.0D doesn't have snprintf but V5.0A does. +# +ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D) +HAVE_SNPRINTF = +endif +ifdef HAVE_SNPRINTF +DEFINES += -DHAVE_SNPRINTF +endif + +ifeq (,$(filter-out IRIX Linux,$(OS_TARGET))) +DEFINES += -DHAVE_SYS_CDEFS_H +endif + +ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET))) +DEFINES += -DHAVE_SYS_BYTEORDER_H +endif + +# +# None of the platforms that we are interested in need to +# define HAVE_MEMORY_H. +# diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile new file mode 100644 index 000000000..ba4dd8ddf --- /dev/null +++ b/security/dbm/include/Makefile @@ -0,0 +1,76 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + + + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + + + diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn new file mode 100644 index 000000000..886fedd98 --- /dev/null +++ b/security/dbm/include/manifest.mn @@ -0,0 +1,57 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +CORE_DEPTH = ../.. + +VPATH = $(CORE_DEPTH)/../dbm/include + +MODULE = dbm + +EXPORTS = nsres.h \ + cdefs.h \ + mcom_db.h \ + ncompat.h \ + winfile.h \ + $(NULL) + +PRIVATE_EXPORTS = hsearch.h \ + page.h \ + extern.h \ + ndbm.h \ + queue.h \ + hash.h \ + mpool.h \ + search.h \ + $(NULL) + diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn new file mode 100644 index 000000000..11f4f4237 --- /dev/null +++ b/security/dbm/manifest.mn @@ -0,0 +1,45 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +CORE_DEPTH = .. + +MODULE = dbm + +IMPORTS = nspr20/v4.1.2 + +RELEASE = dbm + +DIRS = include \ + src \ + $(NULL) diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile new file mode 100644 index 000000000..8fce98394 --- /dev/null +++ b/security/dbm/src/Makefile @@ -0,0 +1,76 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/dbm/config/config.mk + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include config.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + + + diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk new file mode 100644 index 000000000..370fd75d6 --- /dev/null +++ b/security/dbm/src/config.mk @@ -0,0 +1,63 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG) + +INCLUDES += -I$(CORE_DEPTH)/../dbm/include + +# +# Currently, override TARGETS variable so that only static libraries +# are specifed as dependencies within rules.mk. +# + +TARGETS = $(LIBRARY) +SHARED_LIBRARY = +IMPORT_LIBRARY = +PURE_LIBRARY = +PROGRAM = + +ifdef SHARED_LIBRARY + ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16 + DLLBASE=/BASE:0x30000000 + RES=$(OBJDIR)/dbm.res + RESNAME=../include/dbm.rc + endif + ifeq ($(DLL_SUFFIX),dll) + DEFINES += -D_DLL + endif +endif + +ifeq ($(OS_TARGET),AIX) + OS_LIBS += -lc_r +endif diff --git a/security/dbm/src/dirent.c b/security/dbm/src/dirent.c new file mode 100644 index 000000000..001a48c5c --- /dev/null +++ b/security/dbm/src/dirent.c @@ -0,0 +1,348 @@ +#ifdef OS2 + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> + +#include <dirent.h> +#include <errno.h> + +/*#ifndef __EMX__ +#include <libx.h> +#endif */ + +#define INCL_DOSFILEMGR +#define INCL_DOSERRORS +#include <os2.h> + +#if OS2 >= 2 +# define FFBUF FILEFINDBUF3 +# define Word ULONG + /* + * LS20 recommends a request count of 100, but according to the + * APAR text it does not lead to missing files, just to funny + * numbers of returned entries. + * + * LS30 HPFS386 requires a count greater than 2, or some files + * are missing (those starting with a character less that '.'). + * + * Novell looses entries which overflow the buffer. In previous + * versions of dirent2, this could have lead to missing files + * when the average length of 100 directory entries was 40 bytes + * or more (quite unlikely for files on a Novell server). + * + * Conclusion: Make sure that the entries all fit into the buffer + * and that the buffer is large enough for more than 2 entries + * (each entry is at most 300 bytes long). And ignore the LS20 + * effect. + */ +# define Count 25 +# define BufSz (25 * (sizeof(FILEFINDBUF3)+1)) +#else +# define FFBUF FILEFINDBUF +# define Word USHORT +# define BufSz 1024 +# define Count 3 +#endif + +#if defined(__IBMC__) || defined(__IBMCPP__) + #define error(rc) _doserrno = rc, errno = EOS2ERR +#elif defined(MICROSOFT) + #define error(rc) _doserrno = rc, errno = 255 +#else + #define error(rc) errno = 255 +#endif + +struct _dirdescr { + HDIR handle; /* DosFindFirst handle */ + char fstype; /* filesystem type */ + Word count; /* valid entries in <ffbuf> */ + long number; /* absolute number of next entry */ + int index; /* relative number of next entry */ + FFBUF * next; /* pointer to next entry */ + char name[MAXPATHLEN+3]; /* directory name */ + unsigned attrmask; /* attribute mask for seekdir */ + struct dirent entry; /* buffer for directory entry */ + BYTE ffbuf[BufSz]; +}; + +/* + * Return first char of filesystem type, or 0 if unknown. + */ +static char +getFSType(const char *path) +{ + static char cache[1+26]; + char drive[3], info[512]; + Word unit, infolen; + char r; + + if (isalpha(path[0]) && path[1] == ':') { + unit = toupper(path[0]) - '@'; + path += 2; + } else { + ULONG driveMap; +#if OS2 >= 2 + if (DosQueryCurrentDisk(&unit, &driveMap)) +#else + if (DosQCurDisk(&unit, &driveMap)) +#endif + return 0; + } + + if ((path[0] == '\\' || path[0] == '/') + && (path[1] == '\\' || path[1] == '/')) + return 0; + + if (cache [unit]) + return cache [unit]; + + drive[0] = '@' + unit; + drive[1] = ':'; + drive[2] = '\0'; + infolen = sizeof info; +#if OS2 >= 2 + if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen)) + return 0; + if (infolen >= sizeof(FSQBUFFER2)) { + FSQBUFFER2 *p = (FSQBUFFER2 *)info; + r = p->szFSDName[p->cbName]; + } else +#else + if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0)) + return 0; + if (infolen >= 9) { + char *p = info + sizeof(USHORT); + p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT); + r = *p; + } else +#endif + r = 0; + return cache [unit] = r; +} + +char * +abs_path(const char *name, char *buffer, int len) +{ + char buf[4]; + if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') { + buf[0] = name[0]; + buf[1] = name[1]; + buf[2] = '.'; + buf[3] = '\0'; + name = buf; + } +#if OS2 >= 2 + if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len)) +#else + if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L)) +#endif + return NULL; + return buffer; +} + +DIR * +openxdir(const char *path, unsigned att_mask) +{ + DIR *dir; + char name[MAXPATHLEN+3]; + Word rc; + + dir = malloc(sizeof(DIR)); + if (dir == NULL) { + errno = ENOMEM; + return NULL; + } + + strncpy(name, path, MAXPATHLEN); + name[MAXPATHLEN] = '\0'; + switch (name[strlen(name)-1]) { + default: + strcat(name, "\\"); + case '\\': + case '/': + case ':': + ; + } + strcat(name, "."); + if (!abs_path(name, dir->name, MAXPATHLEN+1)) + strcpy(dir->name, name); + if (dir->name[strlen(dir->name)-1] == '\\') + strcat(dir->name, "*"); + else + strcat(dir->name, "\\*"); + + dir->fstype = getFSType(dir->name); + dir->attrmask = att_mask | A_DIR; + + dir->handle = HDIR_CREATE; + dir->count = 100; +#if OS2 >= 2 + rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask, + dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); +#else + rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask, + (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); +#endif + switch (rc) { + default: + free(dir); + error(rc); + return NULL; + case NO_ERROR: + case ERROR_NO_MORE_FILES: + ; + } + + dir->number = 0; + dir->index = 0; + dir->next = (FFBUF *)dir->ffbuf; + + return (DIR *)dir; +} + +DIR * +opendir(const char *pathname) +{ + return openxdir(pathname, 0); +} + +struct dirent * +readdir(DIR *dir) +{ + static int dummy_ino = 2; + + if (dir->index == dir->count) { + Word rc; + dir->count = 100; +#if OS2 >= 2 + rc = DosFindNext(dir->handle, dir->ffbuf, + sizeof dir->ffbuf, &dir->count); +#else + rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf, + sizeof dir->ffbuf, &dir->count); +#endif + if (rc) { + error(rc); + return NULL; + } + + dir->index = 0; + dir->next = (FFBUF *)dir->ffbuf; + } + + if (dir->index == dir->count) + return NULL; + + memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName); + dir->entry.d_name[dir->next->cchName] = '\0'; + dir->entry.d_ino = dummy_ino++; + dir->entry.d_reclen = dir->next->cchName; + dir->entry.d_namlen = dir->next->cchName; + dir->entry.d_size = dir->next->cbFile; + dir->entry.d_attribute = dir->next->attrFile; + dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite; + dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite; + + switch (dir->fstype) { + case 'F': /* FAT */ + case 'C': /* CDFS */ + if (dir->next->attrFile & FILE_DIRECTORY) + strupr(dir->entry.d_name); + else + strlwr(dir->entry.d_name); + } + +#if OS2 >= 2 + dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset); +#else + dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1); +#endif + ++dir->number; + ++dir->index; + + return &dir->entry; +} + +long +telldir(DIR *dir) +{ + return dir->number; +} + +void +seekdir(DIR *dir, long off) +{ + if (dir->number > off) { + char name[MAXPATHLEN+2]; + Word rc; + + DosFindClose(dir->handle); + + strcpy(name, dir->name); + strcat(name, "*"); + + dir->handle = HDIR_CREATE; + dir->count = 32767; +#if OS2 >= 2 + rc = DosFindFirst(name, &dir->handle, dir->attrmask, + dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); +#else + rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask, + (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); +#endif + switch (rc) { + default: + error(rc); + return; + case NO_ERROR: + case ERROR_NO_MORE_FILES: + ; + } + + dir->number = 0; + dir->index = 0; + dir->next = (FFBUF *)dir->ffbuf; + } + + while (dir->number < off && readdir(dir)) + ; +} + +void +closedir(DIR *dir) +{ + DosFindClose(dir->handle); + free(dir); +} + +/*****************************************************************************/ + +#ifdef TEST + +main(int argc, char **argv) +{ + int i; + DIR *dir; + struct dirent *ep; + + for (i = 1; i < argc; ++i) { + dir = opendir(argv[i]); + if (!dir) + continue; + while (ep = readdir(dir)) + if (strchr("\\/:", argv[i] [strlen(argv[i]) - 1])) + printf("%s%s\n", argv[i], ep->d_name); + else + printf("%s/%s\n", argv[i], ep->d_name); + closedir(dir); + } + + return 0; +} + +#endif + +#endif /* OS2 */ + diff --git a/security/dbm/src/dirent.h b/security/dbm/src/dirent.h new file mode 100644 index 000000000..07a6c0ac8 --- /dev/null +++ b/security/dbm/src/dirent.h @@ -0,0 +1,97 @@ +#ifndef __DIRENT_H__ +#define __DIRENT_H__ +/* + * @(#)msd_dir.h 1.4 87/11/06 Public Domain. + * + * A public domain implementation of BSD directory routines for + * MS-DOS. Written by Michael Rendell ({uunet,utai}michael@garfield), + * August 1897 + * + * Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks + * and returns 2 more pieces of information - file size & attribute. + * Plus a little reshuffling of some #define's positions December 1987 + * + * Some modifications by Martin Junius 02-14-89 + * + * AK900712 + * AK910410 abs_path - make absolute path + * + */ + +#ifdef __EMX__ +#include <sys/param.h> +#else +#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC) +#include <stdio.h> +#ifdef MAXPATHLEN + #undef MAXPATHLEN +#endif +#define MAXPATHLEN (FILENAME_MAX*4) +#define MAXNAMLEN FILENAME_MAX + +#else +#include <param.h> +#endif +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* attribute stuff */ +#ifndef A_RONLY +# define A_RONLY 0x01 +# define A_HIDDEN 0x02 +# define A_SYSTEM 0x04 +# define A_LABEL 0x08 +# define A_DIR 0x10 +# define A_ARCHIVE 0x20 +#endif + +struct dirent { +#if defined(OS2) || defined(WIN32) /* use the layout of EMX to avoid trouble */ + int d_ino; /* Dummy */ + int d_reclen; /* Dummy, same as d_namlen */ + int d_namlen; /* length of name */ + char d_name[MAXNAMLEN + 1]; + unsigned long d_size; + unsigned short d_attribute; /* attributes (see above) */ + unsigned short d_time; /* modification time */ + unsigned short d_date; /* modification date */ +#else + char d_name[MAXNAMLEN + 1]; /* garentee null termination */ + char d_attribute; /* .. extension .. */ + unsigned long d_size; /* .. extension .. */ +#endif +}; + +typedef struct _dirdescr DIR; +/* the structs do not have to be defined here */ + +extern DIR *opendir(const char *); +extern DIR *openxdir(const char *, unsigned); +extern struct dirent *readdir(DIR *); +extern void seekdir(DIR *, long); +extern long telldir(DIR *); +extern void closedir(DIR *); +#define rewinddir(dirp) seekdir(dirp, 0L) + +extern char * abs_path(const char *name, char *buffer, int len); + +#ifndef S_IFMT +#define S_IFMT ( S_IFDIR | S_IFREG ) +#endif + +#ifndef S_ISDIR +#define S_ISDIR( m ) (((m) & S_IFMT) == S_IFDIR) +#endif + +#ifndef S_ISREG +#define S_ISREG( m ) (((m) & S_IFMT) == S_IFREG) +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/security/dbm/src/manifest.mn b/security/dbm/src/manifest.mn new file mode 100644 index 000000000..80f2abfd0 --- /dev/null +++ b/security/dbm/src/manifest.mn @@ -0,0 +1,61 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# + +CORE_DEPTH = ../.. + +VPATH = $(CORE_DEPTH)/../dbm/src + +MODULE = dbm + +# +# memmove.c, snprintf.c, and strerror.c are not in CSRCS because +# the Standard C Library has memmove and strerror and DBM is not +# using snprintf. +# + +CSRCS = db.c \ + h_bigkey.c \ + h_func.c \ + h_log2.c \ + h_page.c \ + hash.c \ + hash_buf.c \ + hsearch.c \ + mktemp.c \ + ndbm.c \ + nsres.c \ + dirent.c \ + $(NULL) + +LIBRARY_NAME = dbm diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile new file mode 100644 index 000000000..fe132e19c --- /dev/null +++ b/security/dbm/tests/Makefile @@ -0,0 +1,69 @@ +#! gmake +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# +DEPTH = ../.. +CORE_DEPTH = ../.. + +VPATH = $(CORE_DEPTH)/../dbm/tests + +MODULE = dbm + +CSRCS = lots.c + +PROGRAM = lots + +include $(DEPTH)/coreconf/config.mk + +include $(DEPTH)/dbm/config/config.mk + +ifeq (,$(filter-out WIN%,$(OS_TARGET))) +LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX) +else +LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX) +endif + +INCLUDES += -I$(CORE_DEPTH)/../dbm/include + +LDFLAGS = $(LDOPTS) $(LIBDBM) + +include $(DEPTH)/coreconf/rules.mk + +lots.pure: lots + purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS) + +crash: crash.o $(MYLIBS) + $(CC) -o crash $(CFLAGS) $^ + +crash.pure: crash.o $(MYLIBS) + purify $(CC) -o crash.pure $(CFLAGS) $^ + diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index 5a4dff262..41f1efe8b 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -1739,7 +1739,13 @@ main(int argc, char **argv) free(nickName); free(passwd); - NSS_Shutdown(); + SSL_ShutdownServerSessionIDCache(); + + if (NSS_Shutdown() != SECSuccess) { + SECU_PrintError(progName, "NSS_Shutdown"); + PR_Cleanup(); + exit(1); + } PR_Cleanup(); printf("selfserv: normal termination\n"); return 0; diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c index ff087c747..ae20c02bb 100644 --- a/security/nss/cmd/strsclnt/strsclnt.c +++ b/security/nss/cmd/strsclnt/strsclnt.c @@ -83,6 +83,27 @@ int ssl2CipherSuites[] = { SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */ SSL_EN_DES_64_CBC_WITH_MD5, /* E */ SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */ +#ifdef NSS_ENABLE_ECC + /* NOTE: Since no new SSL2 ciphersuites are being + * invented, and we've run out of lowercase letters + * for SSL3 ciphers, we use letters G and beyond + * for new SSL3 ciphers. + */ + TLS_ECDH_ECDSA_WITH_NULL_SHA, /* G */ + TLS_ECDH_ECDSA_WITH_RC4_128_SHA, /* H */ + TLS_ECDH_ECDSA_WITH_DES_CBC_SHA, /* I */ + TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, /* J */ + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, /* K */ + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, /* L */ + TLS_ECDH_RSA_WITH_NULL_SHA, /* M */ + TLS_ECDH_RSA_WITH_RC4_128_SHA, /* N */ + TLS_ECDH_RSA_WITH_DES_CBC_SHA, /* O */ + TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, /* P */ + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, /* Q */ + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, /* R */ + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, /* S */ + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, /* T */ +#endif /* NSS_ENABLE_ECC */ 0 }; diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c index 48a7c27ff..fa80fe344 100644 --- a/security/nss/lib/cryptohi/seckey.c +++ b/security/nss/lib/cryptohi/seckey.c @@ -943,10 +943,14 @@ seckey_supportedECParams(SECItem *encodedParams) oid.data = encodedParams->data + 2; tag = SECOID_FindOIDTag(&oid); - return (((tag >= SEC_OID_ANSIX962_EC_PRIME192V1) - && (tag <= SEC_OID_ANSIX962_EC_PRIME256V1)) || - ((tag >= SEC_OID_SECG_EC_SECP112R1) - && (tag <= SEC_OID_SECG_EC_SECP521R1))); + return (((tag >= SEC_OID_ANSIX962_EC_PRIME192V1) && + (tag <= SEC_OID_ANSIX962_EC_PRIME256V1)) || + ((tag >= SEC_OID_SECG_EC_SECP112R1) && + (tag <= SEC_OID_SECG_EC_SECP521R1)) || + ((tag >= SEC_OID_ANSIX962_EC_C2PNB163V1) && + (tag <= SEC_OID_ANSIX962_EC_C2TNB431R1)) || + ((tag >= SEC_OID_SECG_EC_SECT113R1) && + (tag <= SEC_OID_SECG_EC_SECT571R1))); } static int @@ -1177,39 +1181,116 @@ seckey_ECParams2KeySize(SECItem *encodedParams) oid.data = encodedParams->data + 2; if ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN) return 0; - switch (tag) { - case SEC_OID_ANSIX962_EC_PRIME192V1: - case SEC_OID_ANSIX962_EC_PRIME192V2: - case SEC_OID_ANSIX962_EC_PRIME192V3: - return 192; - case SEC_OID_ANSIX962_EC_PRIME239V1: - case SEC_OID_ANSIX962_EC_PRIME239V2: - case SEC_OID_ANSIX962_EC_PRIME239V3: - return 239; - case SEC_OID_ANSIX962_EC_PRIME256V1: - return 256; + switch (tag) { case SEC_OID_SECG_EC_SECP112R1: case SEC_OID_SECG_EC_SECP112R2: - return 112; + return 112; + + case SEC_OID_SECG_EC_SECT113R1: + case SEC_OID_SECG_EC_SECT113R2: + return 113; + case SEC_OID_SECG_EC_SECP128R1: case SEC_OID_SECG_EC_SECP128R2: - return 128; + return 128; + + case SEC_OID_SECG_EC_SECT131R1: + case SEC_OID_SECG_EC_SECT131R2: + return 131; + case SEC_OID_SECG_EC_SECP160K1: case SEC_OID_SECG_EC_SECP160R1: case SEC_OID_SECG_EC_SECP160R2: - return 160; + return 160; + + case SEC_OID_SECG_EC_SECT163K1: + case SEC_OID_SECG_EC_SECT163R1: + case SEC_OID_SECG_EC_SECT163R2: + case SEC_OID_ANSIX962_EC_C2PNB163V1: + case SEC_OID_ANSIX962_EC_C2PNB163V2: + case SEC_OID_ANSIX962_EC_C2PNB163V3: + return 163; + + case SEC_OID_ANSIX962_EC_C2PNB176V1: + return 176; + + case SEC_OID_ANSIX962_EC_C2TNB191V1: + case SEC_OID_ANSIX962_EC_C2TNB191V2: + case SEC_OID_ANSIX962_EC_C2TNB191V3: + case SEC_OID_ANSIX962_EC_C2ONB191V4: + case SEC_OID_ANSIX962_EC_C2ONB191V5: + return 191; + case SEC_OID_SECG_EC_SECP192K1: - return 192; + case SEC_OID_ANSIX962_EC_PRIME192V1: + case SEC_OID_ANSIX962_EC_PRIME192V2: + case SEC_OID_ANSIX962_EC_PRIME192V3: + return 192; + + case SEC_OID_SECG_EC_SECT193R1: + case SEC_OID_SECG_EC_SECT193R2: + return 193; + + case SEC_OID_ANSIX962_EC_C2PNB208W1: + return 208; + case SEC_OID_SECG_EC_SECP224K1: case SEC_OID_SECG_EC_SECP224R1: - return 224; + return 224; + + case SEC_OID_SECG_EC_SECT233K1: + case SEC_OID_SECG_EC_SECT233R1: + return 233; + + case SEC_OID_SECG_EC_SECT239K1: + case SEC_OID_ANSIX962_EC_C2TNB239V1: + case SEC_OID_ANSIX962_EC_C2TNB239V2: + case SEC_OID_ANSIX962_EC_C2TNB239V3: + case SEC_OID_ANSIX962_EC_C2ONB239V4: + case SEC_OID_ANSIX962_EC_C2ONB239V5: + case SEC_OID_ANSIX962_EC_PRIME239V1: + case SEC_OID_ANSIX962_EC_PRIME239V2: + case SEC_OID_ANSIX962_EC_PRIME239V3: + return 239; + case SEC_OID_SECG_EC_SECP256K1: - return 256; + case SEC_OID_ANSIX962_EC_PRIME256V1: + return 256; + + case SEC_OID_ANSIX962_EC_C2PNB272W1: + return 272; + + case SEC_OID_SECG_EC_SECT283K1: + case SEC_OID_SECG_EC_SECT283R1: + return 283; + + case SEC_OID_ANSIX962_EC_C2PNB304W1: + return 304; + + case SEC_OID_ANSIX962_EC_C2TNB359V1: + return 359; + + case SEC_OID_ANSIX962_EC_C2PNB368W1: + return 368; + case SEC_OID_SECG_EC_SECP384R1: - return 384; + return 384; + + case SEC_OID_SECG_EC_SECT409K1: + case SEC_OID_SECG_EC_SECT409R1: + return 409; + + case SEC_OID_ANSIX962_EC_C2TNB431R1: + return 431; + case SEC_OID_SECG_EC_SECP521R1: - return 521; + return 521; + + case SEC_OID_SECG_EC_SECT571K1: + case SEC_OID_SECG_EC_SECT571R1: + return 571; + default: return 0; } diff --git a/security/nss/lib/freebl/GF2m_ecl.c b/security/nss/lib/freebl/GF2m_ecl.c new file mode 100644 index 000000000..09fbf7979 --- /dev/null +++ b/security/nss/lib/freebl/GF2m_ecl.c @@ -0,0 +1,539 @@ +/* + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the elliptic curve math library for binary polynomial + * field curves. + * + * The Initial Developer of the Original Code is Sun Microsystems, Inc. + * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003 + * Sun Microsystems, Inc. All Rights Reserved. + * + * Contributor(s): + * Douglas Stebila <douglas@stebila.ca> + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + */ + +#ifdef NSS_ENABLE_ECC +/* + * GF2m_ecl.c: Contains an implementation of elliptic curve math library + * for curves over GF2m. + * + * XXX Can be moved to a separate subdirectory later. + * + */ + +#include "GF2m_ecl.h" +#include "mpi/mplogic.h" +#include "mpi/mp_gf2m.h" +#include <stdlib.h> + +/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */ +mp_err +GF2m_ec_pt_is_inf_aff(const mp_int *px, const mp_int *py) +{ + + if ((mp_cmp_z(px) == 0) && (mp_cmp_z(py) == 0)) { + return MP_YES; + } else { + return MP_NO; + } + +} + +/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */ +mp_err +GF2m_ec_pt_set_inf_aff(mp_int *px, mp_int *py) +{ + mp_zero(px); + mp_zero(py); + return MP_OKAY; +} + +/* Computes R = P + Q based on IEEE P1363 A.10.2. + * Elliptic curve points P, Q, and R can all be identical. + * Uses affine coordinates. + */ +mp_err +GF2m_ec_pt_add_aff(const mp_int *pp, const mp_int *a, const mp_int *px, + const mp_int *py, const mp_int *qx, const mp_int *qy, + mp_int *rx, mp_int *ry) +{ + mp_err err = MP_OKAY; + mp_int lambda, xtemp, ytemp; + unsigned int *p; + int p_size; + + p_size = mp_bpoly2arr(pp, p, 0) + 1; + p = (unsigned int *) (malloc(sizeof(unsigned int) * p_size)); + if (p == NULL) goto cleanup; + mp_bpoly2arr(pp, p, p_size); + + CHECK_MPI_OK( mp_init(&lambda) ); + CHECK_MPI_OK( mp_init(&xtemp) ); + CHECK_MPI_OK( mp_init(&ytemp) ); + /* if P = inf, then R = Q */ + if (GF2m_ec_pt_is_inf_aff(px, py) == 0) { + CHECK_MPI_OK( mp_copy(qx, rx) ); + CHECK_MPI_OK( mp_copy(qy, ry) ); + err = MP_OKAY; + goto cleanup; + } + /* if Q = inf, then R = P */ + if (GF2m_ec_pt_is_inf_aff(qx, qy) == 0) { + CHECK_MPI_OK( mp_copy(px, rx) ); + CHECK_MPI_OK( mp_copy(py, ry) ); + err = MP_OKAY; + goto cleanup; + } + /* if px != qx, then lambda = (py+qy) / (px+qx), + * xtemp = a + lambda^2 + lambda + px + qx + */ + if (mp_cmp(px, qx) != 0) { + CHECK_MPI_OK( mp_badd(py, qy, &ytemp) ); + CHECK_MPI_OK( mp_badd(px, qx, &xtemp) ); + CHECK_MPI_OK( mp_bdivmod(&ytemp, &xtemp, pp, p, &lambda) ); + CHECK_MPI_OK( mp_bsqrmod(&lambda, p, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, &lambda, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, a, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, px, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, qx, &xtemp) ); + } else { + /* if py != qy or qx = 0, then R = inf */ + if (((mp_cmp(py, qy) != 0)) || (mp_cmp_z(qx) == 0)) { + mp_zero(rx); + mp_zero(ry); + err = MP_OKAY; + goto cleanup; + } + /* lambda = qx + qy / qx */ + CHECK_MPI_OK( mp_bdivmod(qy, qx, pp, p, &lambda) ); + CHECK_MPI_OK( mp_badd(&lambda, qx, &lambda) ); + /* xtemp = a + lambda^2 + lambda */ + CHECK_MPI_OK( mp_bsqrmod(&lambda, p, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, &lambda, &xtemp) ); + CHECK_MPI_OK( mp_badd(&xtemp, a, &xtemp) ); + } + /* ry = (qx + xtemp) * lambda + xtemp + qy */ + CHECK_MPI_OK( mp_badd(qx, &xtemp, &ytemp) ); + CHECK_MPI_OK( mp_bmulmod(&ytemp, &lambda, p, &ytemp) ); + CHECK_MPI_OK( mp_badd(&ytemp, &xtemp, &ytemp) ); + CHECK_MPI_OK( mp_badd(&ytemp, qy, ry) ); + /* rx = xtemp */ + CHECK_MPI_OK( mp_copy(&xtemp, rx) ); + +cleanup: + mp_clear(&lambda); + mp_clear(&xtemp); + mp_clear(&ytemp); + free(p); + return err; +} + +/* Computes R = P - Q. + * Elliptic curve points P, Q, and R can all be identical. + * Uses affine coordinates. + */ +mp_err +GF2m_ec_pt_sub_aff(const mp_int *pp, const mp_int *a, const mp_int *px, + const mp_int *py, const mp_int *qx, const mp_int *qy, + mp_int *rx, mp_int *ry) +{ + mp_err err = MP_OKAY; + mp_int nqy; + MP_DIGITS(&nqy) = 0; + CHECK_MPI_OK( mp_init(&nqy) ); + /* nqy = qx+qy */ + CHECK_MPI_OK( mp_badd(qx, qy, &nqy) ); + err = GF2m_ec_pt_add_aff(pp, a, px, py, qx, &nqy, rx, ry); +cleanup: + mp_clear(&nqy); + return err; +} + +/* Computes R = 2P. + * Elliptic curve points P and R can be identical. + * Uses affine coordinates. + */ +mp_err +GF2m_ec_pt_dbl_aff(const mp_int *pp, const mp_int *a, const mp_int *px, + const mp_int *py, mp_int *rx, mp_int *ry) +{ + return GF2m_ec_pt_add_aff(pp, a, px, py, px, py, rx, ry); +} + +/* Gets the i'th bit in the binary representation of a. + * If i >= length(a), then return 0. + * (The above behaviour differs from mpl_get_bit, which + * causes an error if i >= length(a).) + */ +#define MP_GET_BIT(a, i) \ + ((i) >= mpl_significant_bits((a))) ? 0 : mpl_get_bit((a), (i)) + +/* Computes R = nP based on IEEE P1363 A.10.3. + * Elliptic curve points P and R can be identical. + * Uses affine coordinates. + */ +mp_err +GF2m_ec_pt_mul_aff(const mp_int *pp, const mp_int *a, const mp_int *b, + const mp_int *px, const mp_int *py, const mp_int *n, + mp_int *rx, mp_int *ry) +{ + mp_err err = MP_OKAY; + mp_int k, k3, qx, qy, sx, sy; + int b1, b3, i, l; + unsigned int *p; + int p_size; + + MP_DIGITS(&k) = 0; + MP_DIGITS(&k3) = 0; + MP_DIGITS(&qx) = 0; + MP_DIGITS(&qy) = 0; + MP_DIGITS(&sx) = 0; + MP_DIGITS(&sy) = 0; + CHECK_MPI_OK( mp_init(&k) ); + CHECK_MPI_OK( mp_init(&k3) ); + CHECK_MPI_OK( mp_init(&qx) ); + CHECK_MPI_OK( mp_init(&qy) ); + CHECK_MPI_OK( mp_init(&sx) ); + CHECK_MPI_OK( mp_init(&sy) ); + + p_size = mp_bpoly2arr(pp, p, 0) + 1; + p = (unsigned int *) (malloc(sizeof(unsigned int) * p_size)); + if (p == NULL) goto cleanup; + mp_bpoly2arr(pp, p, p_size); + + /* if n = 0 then r = inf */ + if (mp_cmp_z(n) == 0) { + mp_zero(rx); + mp_zero(ry); + err = MP_OKAY; + goto cleanup; + } + /* Q = P, k = n */ + CHECK_MPI_OK( mp_copy(px, &qx) ); + CHECK_MPI_OK( mp_copy(py, &qy) ); + CHECK_MPI_OK( mp_copy(n, &k) ); + /* if n < 0 then Q = -Q, k = -k */ + if (mp_cmp_z(n) < 0) { + CHECK_MPI_OK( mp_badd(&qx, &qy, &qy) ); + CHECK_MPI_OK( mp_neg(&k, &k) ); + } +#ifdef EC_DEBUG /* basic double and add method */ + l = mpl_significant_bits(&k) - 1; + mp_zero(&sx); + mp_zero(&sy); + for (i = l; i >= 0; i--) { + /* if k_i = 1, then S = S + Q */ + if (mpl_get_bit(&k, i) != 0) { + CHECK_MPI_OK( GF2m_ec_pt_add_aff(pp, a, &sx, &sy, &qx, &qy, &sx, &sy) ); + } + if (i > 0) { + /* S = 2S */ + CHECK_MPI_OK( GF2m_ec_pt_dbl_aff(pp, a, &sx, &sy, &sx, &sy) ); + } + } +#else /* double and add/subtract method from standard */ + /* k3 = 3 * k */ + mp_set(&k3, 0x3); + CHECK_MPI_OK( mp_mul(&k, &k3, &k3) ); + /* S = Q */ + CHECK_MPI_OK( mp_copy(&qx, &sx) ); + CHECK_MPI_OK( mp_copy(&qy, &sy) ); + /* l = index of high order bit in binary representation of 3*k */ + l = mpl_significant_bits(&k3) - 1; + /* for i = l-1 downto 1 */ + for (i = l - 1; i >= 1; i--) { + /* S = 2S */ + CHECK_MPI_OK( GF2m_ec_pt_dbl_aff(pp, a, &sx, &sy, &sx, &sy) ); + b3 = MP_GET_BIT(&k3, i); + b1 = MP_GET_BIT(&k, i); + /* if k3_i = 1 and k_i = 0, then S = S + Q */ + if ((b3 == 1) && (b1 == 0)) { + CHECK_MPI_OK( GF2m_ec_pt_add_aff(pp, a, &sx, &sy, &qx, &qy, &sx, &sy) ); + /* if k3_i = 0 and k_i = 1, then S = S - Q */ + } else if ((b3 == 0) && (b1 == 1)) { + CHECK_MPI_OK( GF2m_ec_pt_sub_aff(pp, a, &sx, &sy, &qx, &qy, &sx, &sy) ); + } + } +#endif + /* output S */ + CHECK_MPI_OK( mp_copy(&sx, rx) ); + CHECK_MPI_OK( mp_copy(&sy, ry) ); + +cleanup: + mp_clear(&k); + mp_clear(&k3); + mp_clear(&qx); + mp_clear(&qy); + mp_clear(&sx); + mp_clear(&sy); + free(p); + return err; +} + +/* Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective + * coordinates. + * Uses algorithm Mdouble in appendix of + * Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". + * modified to not require precomputation of c=b^{2^{m-1}}. + */ +static mp_err +gf2m_Mdouble(const mp_int *pp, const unsigned int p[], const mp_int *a, + const mp_int *b, mp_int *x, mp_int *z) +{ + mp_err err = MP_OKAY; + mp_int t1; + + MP_DIGITS(&t1) = 0; + CHECK_MPI_OK( mp_init(&t1) ); + + CHECK_MPI_OK( mp_bsqrmod(x, p, x) ); + CHECK_MPI_OK( mp_bsqrmod(z, p, &t1) ); + CHECK_MPI_OK( mp_bmulmod(x, &t1, p, z) ); + CHECK_MPI_OK( mp_bsqrmod(x, p, x) ); + CHECK_MPI_OK( mp_bsqrmod(&t1, p, &t1) ); + CHECK_MPI_OK( mp_bmulmod(b, &t1, p, &t1) ); + CHECK_MPI_OK( mp_badd(x, &t1, x) ); + +cleanup: + mp_clear(&t1); + return err; +} + +/* Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery + * projective coordinates. + * Uses algorithm Madd in appendix of + * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". + */ +static mp_err +gf2m_Madd(const mp_int *pp, const unsigned int p[], const mp_int *a, + const mp_int *b, const mp_int *x, mp_int *x1, mp_int *z1, mp_int *x2, + mp_int *z2) +{ + mp_err err = MP_OKAY; + mp_int t1, t2; + + MP_DIGITS(&t1) = 0; + MP_DIGITS(&t2) = 0; + CHECK_MPI_OK( mp_init(&t1) ); + CHECK_MPI_OK( mp_init(&t2) ); + + CHECK_MPI_OK( mp_copy(x, &t1) ); + CHECK_MPI_OK( mp_bmulmod(x1, z2, p, x1) ); + CHECK_MPI_OK( mp_bmulmod(z1, x2, p, z1) ); + CHECK_MPI_OK( mp_bmulmod(x1, z1, p, &t2) ); + CHECK_MPI_OK( mp_badd(z1, x1, z1) ); + CHECK_MPI_OK( mp_bsqrmod(z1, p, z1) ); + CHECK_MPI_OK( mp_bmulmod(z1, &t1, p, x1) ); + CHECK_MPI_OK( mp_badd(x1, &t2, x1) ); + +cleanup: + mp_clear(&t1); + mp_clear(&t2); + return err; +} + +/* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2) + * using Montgomery point multiplication algorithm Mxy() in appendix of + * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". + * Returns: + * 0 on error + * 1 if return value should be the point at infinity + * 2 otherwise + */ +static int +gf2m_Mxy(const mp_int *pp, const unsigned int p[], const mp_int *a, + const mp_int *b, const mp_int *x, const mp_int *y, mp_int *x1, mp_int *z1, + mp_int *x2, mp_int *z2) +{ + mp_err err = MP_OKAY; + int ret; + mp_int t3, t4, t5; + + MP_DIGITS(&t3) = 0; + MP_DIGITS(&t4) = 0; + MP_DIGITS(&t5) = 0; + CHECK_MPI_OK( mp_init(&t3) ); + CHECK_MPI_OK( mp_init(&t4) ); + CHECK_MPI_OK( mp_init(&t5) ); + + if (mp_cmp_z(z1) == 0) { + mp_zero(x2); + mp_zero(z2); + ret = 1; + goto cleanup; + } + + if (mp_cmp_z(z2) == 0) { + CHECK_MPI_OK( mp_copy(x, x2) ); + CHECK_MPI_OK( mp_badd(x, y, z2) ); + ret = 2; + goto cleanup; + } + + mp_set(&t5, 0x1); + + CHECK_MPI_OK( mp_bmulmod(z1, z2, p, &t3) ); + + CHECK_MPI_OK( mp_bmulmod(z1, x, p, z1) ); + CHECK_MPI_OK( mp_badd(z1, x1, z1) ); + CHECK_MPI_OK( mp_bmulmod(z2, x, p, z2) ); + CHECK_MPI_OK( mp_bmulmod(z2, x1, p, x1) ); + CHECK_MPI_OK( mp_badd(z2, x2, z2) ); + + CHECK_MPI_OK( mp_bmulmod(z2, z1, p, z2) ); + CHECK_MPI_OK( mp_bsqrmod(x, p, &t4) ); + CHECK_MPI_OK( mp_badd(&t4, y, &t4) ); + CHECK_MPI_OK( mp_bmulmod(&t4, &t3, p, &t4) ); + CHECK_MPI_OK( mp_badd(&t4, z2, &t4) ); + + CHECK_MPI_OK( mp_bmulmod(&t3, x, p, &t3) ); + CHECK_MPI_OK( mp_bdivmod(&t5, &t3, pp, p, &t3) ); + CHECK_MPI_OK( mp_bmulmod(&t3, &t4, p, &t4) ); + CHECK_MPI_OK( mp_bmulmod(x1, &t3, p, x2) ); + CHECK_MPI_OK( mp_badd(x2, x, z2) ); + + CHECK_MPI_OK( mp_bmulmod(z2, &t4, p, z2) ); + CHECK_MPI_OK( mp_badd(z2, y, z2) ); + + ret = 2; + +cleanup: + mp_clear(&t3); + mp_clear(&t4); + mp_clear(&t5); + if (err == MP_OKAY) { + return ret; + } else { + return 0; + } +} + +/* Computes R = nP based on algorithm 2P of + * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". + * Elliptic curve points P and R can be identical. + * Uses Montgomery projective coordinates. + */ +mp_err +GF2m_ec_pt_mul_mont(const mp_int *pp, const mp_int *a, const mp_int *b, + const mp_int *px, const mp_int *py, const mp_int *n, + mp_int *rx, mp_int *ry) +{ + mp_err err = MP_OKAY; + mp_int x1, x2, z1, z2; + int i, j; + mp_digit top_bit, mask; + unsigned int *p; + int p_size; + + MP_DIGITS(&x1) = 0; + MP_DIGITS(&x2) = 0; + MP_DIGITS(&z1) = 0; + MP_DIGITS(&z2) = 0; + CHECK_MPI_OK( mp_init(&x1) ); + CHECK_MPI_OK( mp_init(&x2) ); + CHECK_MPI_OK( mp_init(&z1) ); + CHECK_MPI_OK( mp_init(&z2) ); + + p_size = mp_bpoly2arr(pp, p, 0) + 1; + p = (unsigned int *) (malloc(sizeof(unsigned int) * p_size)); + if (p == NULL) goto cleanup; + mp_bpoly2arr(pp, p, p_size); + + /* if result should be point at infinity */ + if ((mp_cmp_z(n) == 0) || (GF2m_ec_pt_is_inf_aff(px, py) == MP_YES)) { + CHECK_MPI_OK( GF2m_ec_pt_set_inf_aff(rx, ry) ); + goto cleanup; + } + + CHECK_MPI_OK( mp_copy(rx, &x2) ); /* x2 = rx */ + CHECK_MPI_OK( mp_copy(ry, &z2) ); /* z2 = ry */ + + CHECK_MPI_OK( mp_copy(px, &x1) ); /* x1 = px */ + mp_set(&z1, 0x1); /* z1 = 1 */ + CHECK_MPI_OK( mp_bsqrmod(&x1, p, &z2) ); /* z2 = x1^2 = x2^2 */ + CHECK_MPI_OK( mp_bsqrmod(&z2, p, &x2) ); + CHECK_MPI_OK( mp_badd(&x2, b, &x2) ); /* x2 = px^4 + b */ + + /* find top-most bit and go one past it */ + i = MP_USED(n) - 1; + j = MP_DIGIT_BIT - 1; + top_bit = 1; + top_bit <<= MP_DIGIT_BIT - 1; + mask = top_bit; + while (!(MP_DIGITS(n)[i] & mask)) { + mask >>= 1; + j--; + } + mask >>= 1; j--; + + /* if top most bit was at word break, go to next word */ + if (!mask) { + i--; + j = MP_DIGIT_BIT - 1; + mask = top_bit; + } + + for (; i >= 0; i--) { + for (; j >= 0; j--) { + if (MP_DIGITS(n)[i] & mask) { + CHECK_MPI_OK( gf2m_Madd(pp, p, a, b, px, &x1, &z1, &x2, &z2) ); + CHECK_MPI_OK( gf2m_Mdouble(pp, p, a, b, &x2, &z2) ); + } else { + CHECK_MPI_OK( gf2m_Madd(pp, p, a, b, px, &x2, &z2, &x1, &z1) ); + CHECK_MPI_OK( gf2m_Mdouble(pp, p, a, b, &x1, &z1) ); + } + mask >>= 1; + } + j = MP_DIGIT_BIT - 1; + mask = top_bit; + } + + /* convert out of "projective" coordinates */ + i = gf2m_Mxy(pp, p, a, b, px, py, &x1, &z1, &x2, &z2); + if (i == 0) { + err = MP_BADARG; + goto cleanup; + } else if (i == 1) { + CHECK_MPI_OK( GF2m_ec_pt_set_inf_aff(rx, ry) ); + } else { + CHECK_MPI_OK( mp_copy(&x2, rx) ); + CHECK_MPI_OK( mp_copy(&z2, ry) ); + } + +cleanup: + mp_clear(&x1); + mp_clear(&x2); + mp_clear(&z1); + mp_clear(&z2); + free(p); + return err; +} + +#endif /* NSS_ENABLE_ECC */ diff --git a/security/nss/lib/freebl/GF2m_ecl.h b/security/nss/lib/freebl/GF2m_ecl.h new file mode 100644 index 000000000..e562c2fc0 --- /dev/null +++ b/security/nss/lib/freebl/GF2m_ecl.h @@ -0,0 +1,96 @@ +/* + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the elliptic curve math library for binary polynomial + * field curves. + * + * The Initial Developer of the Original Code is Sun Microsystems, Inc. + * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003 + * Sun Microsystems, Inc. All Rights Reserved. + * + * Contributor(s): + * Douglas Stebila <douglas@stebila.ca> + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + */ + +#ifndef __gf2m_ecl_h_ +#define __gf2m_ecl_h_ +#ifdef NSS_ENABLE_ECC + +#include "secmpi.h" + +/* Checks if point P(px, py) is at infinity. Uses affine coordinates. */ +mp_err GF2m_ec_pt_is_inf_aff(const mp_int *px, const mp_int *py); + +/* Sets P(px, py) to be the point at infinity. Uses affine coordinates. */ +mp_err GF2m_ec_pt_set_inf_aff(mp_int *px, mp_int *py); + +/* Computes R = P + Q where R is (rx, ry), P is (px, py) and Q is (qx, qy). + * Uses affine coordinates. + */ +mp_err GF2m_ec_pt_add_aff(const mp_int *pp, const mp_int *a, + const mp_int *px, const mp_int *py, const mp_int *qx, const mp_int *qy, + mp_int *rx, mp_int *ry); + +/* Computes R = P - Q. Uses affine coordinates. */ +mp_err GF2m_ec_pt_sub_aff(const mp_int *pp, const mp_int *a, + const mp_int *px, const mp_int *py, const mp_int *qx, const mp_int *qy, + mp_int *rx, mp_int *ry); + +/* Computes R = 2P. Uses affine coordinates. */ +mp_err GF2m_ec_pt_dbl_aff(const mp_int *pp, const mp_int *a, + const mp_int *px, const mp_int *py, mp_int *rx, mp_int *ry); + +/* Computes R = nP where R is (rx, ry) and P is (px, py). The parameters + * a, b and p are the elliptic curve coefficients and the irreducible that + * determines the field GF2m. Uses affine coordinates. + */ +mp_err GF2m_ec_pt_mul_aff(const mp_int *pp, const mp_int *a, const mp_int *b, + const mp_int *px, const mp_int *py, const mp_int *n, + mp_int *rx, mp_int *ry); + +/* Computes R = nP where R is (rx, ry) and P is (px, py). The parameters + * a, b and p are the elliptic curve coefficients and the irreducible that + * determines the field GF2m. Uses Montgomery projective coordinates. + */ +mp_err GF2m_ec_pt_mul_mont(const mp_int *pp, const mp_int *a, + const mp_int *b, const mp_int *px, const mp_int *py, + const mp_int *n, mp_int *rx, mp_int *ry); + +#define GF2m_ec_pt_is_inf(px, py) GF2m_ec_pt_is_inf_aff((px), (py)) +#define GF2m_ec_pt_add(p, a, px, py, qx, qy, rx, ry) \ + GF2m_ec_pt_add_aff((p), (a), (px), (py), (qx), (qy), (rx), (ry)) + +#define GF2m_ECL_MONTGOMERY +#ifdef GF2m_ECL_AFFINE +#define GF2m_ec_pt_mul(pp, a, b, px, py, n, rx, ry) \ + GF2m_ec_pt_mul_aff((pp), (a), (b), (px), (py), (n), (rx), (ry)) +#elif defined(GF2m_ECL_MONTGOMERY) +#define GF2m_ec_pt_mul(pp, a, b, px, py, n, rx, ry) \ + GF2m_ec_pt_mul_mont((pp), (a), (b), (px), (py), (n), (rx), (ry)) +#endif /* GF2m_ECL_AFFINE or GF2m_ECL_MONTGOMERY */ + +#endif /* NSS_ENABLE_ECC */ +#endif /* __gf2m_ecl_h_ */ diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h index cda4a9fb0..00c36612f 100644 --- a/security/nss/lib/freebl/blapit.h +++ b/security/nss/lib/freebl/blapit.h @@ -286,8 +286,8 @@ struct ECFieldIDStr { int size; /* field size in bits */ ECFieldType type; union { - SECItem prime; /* prime p for (GFp) */ - SECItem m; /* integer m for (GF2m) */ + SECItem prime; /* prime p for (GFp) */ + SECItem poly; /* irreducible binary polynomial for (GF2m) */ } u; int k1; /* first coefficient of pentanomial or * the only coefficient of trinomial diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c index db1fefd5b..bb61738a0 100644 --- a/security/nss/lib/freebl/ec.c +++ b/security/nss/lib/freebl/ec.c @@ -41,6 +41,7 @@ #include "secitem.h" #include "ec.h" #include "GFp_ecl.h" +#include "GF2m_ecl.h" #ifdef NSS_ENABLE_ECC @@ -69,7 +70,7 @@ ec_point_add(ECParams *params, SECItem *pointP, SECItem *pointQ, SECItem *pointR) { mp_int Px, Py, Qx, Qy, Rx, Ry; - mp_int prime, a; + mp_int irreducible, a; SECStatus rv = SECFailure; mp_err err = MP_OKAY; int len; @@ -109,7 +110,7 @@ ec_point_add(ECParams *params, SECItem *pointP, MP_DIGITS(&Qy) = 0; MP_DIGITS(&Rx) = 0; MP_DIGITS(&Ry) = 0; - MP_DIGITS(&prime) = 0; + MP_DIGITS(&irreducible) = 0; MP_DIGITS(&a) = 0; CHECK_MPI_OK( mp_init(&Px) ); CHECK_MPI_OK( mp_init(&Py) ); @@ -117,7 +118,7 @@ ec_point_add(ECParams *params, SECItem *pointP, CHECK_MPI_OK( mp_init(&Qy) ); CHECK_MPI_OK( mp_init(&Rx) ); CHECK_MPI_OK( mp_init(&Ry) ); - CHECK_MPI_OK( mp_init(&prime) ); + CHECK_MPI_OK( mp_init(&irreducible) ); CHECK_MPI_OK( mp_init(&a) ); /* Initialize Px and Py */ @@ -132,14 +133,21 @@ ec_point_add(ECParams *params, SECItem *pointP, CHECK_MPI_OK( mp_read_unsigned_octets(&Qy, pointQ->data + 1 + len, (mp_size) len) ); - /* Set up the prime and curve coefficient */ - SECITEM_TO_MPINT( params->fieldID.u.prime, &prime ); + /* Set up the curve coefficient */ SECITEM_TO_MPINT( params->curve.a, &a ); /* Compute R = P + Q */ - if (GFp_ec_pt_add(&prime, &a, &Px, &Py, &Qx, &Qy, + if (params->fieldID.type == ec_field_GFp) { + SECITEM_TO_MPINT( params->fieldID.u.prime, &irreducible ); + if (GFp_ec_pt_add(&irreducible, &a, &Px, &Py, &Qx, &Qy, &Rx, &Ry) != SECSuccess) goto cleanup; + } else { + SECITEM_TO_MPINT( params->fieldID.u.poly, &irreducible ); + if (GF2m_ec_pt_add(&irreducible, &a, &Px, &Py, &Qx, &Qy, &Rx, &Ry) + != SECSuccess) + goto cleanup; + } /* Construct the SECItem representation of the result */ pointR->data[0] = EC_POINT_FORM_UNCOMPRESSED; @@ -163,7 +171,7 @@ cleanup: mp_clear(&Qy); mp_clear(&Rx); mp_clear(&Ry); - mp_clear(&prime); + mp_clear(&irreducible); mp_clear(&a); if (err) { MP_TO_SEC_ERROR(err); @@ -182,7 +190,7 @@ ec_point_mul(ECParams *params, mp_int *k, SECItem *pointP, SECItem *pointQ) { mp_int Px, Py, Qx, Qy; - mp_int prime, a, b; + mp_int irreducible, a, b; SECStatus rv = SECFailure; mp_err err = MP_OKAY; int len; @@ -209,8 +217,7 @@ ec_point_mul(ECParams *params, mp_int *k, /* NOTE: We only support prime field curves for now */ len = (params->fieldID.size + 7) >> 3; - if ((params->fieldID.type != ec_field_GFp) || - (pointP->data[0] != EC_POINT_FORM_UNCOMPRESSED) || + if ((pointP->data[0] != EC_POINT_FORM_UNCOMPRESSED) || (pointP->len != (2 * len + 1))) { return SECFailure; }; @@ -219,33 +226,40 @@ ec_point_mul(ECParams *params, mp_int *k, MP_DIGITS(&Py) = 0; MP_DIGITS(&Qx) = 0; MP_DIGITS(&Qy) = 0; - MP_DIGITS(&prime) = 0; + MP_DIGITS(&irreducible) = 0; MP_DIGITS(&a) = 0; MP_DIGITS(&b) = 0; CHECK_MPI_OK( mp_init(&Px) ); CHECK_MPI_OK( mp_init(&Py) ); CHECK_MPI_OK( mp_init(&Qx) ); CHECK_MPI_OK( mp_init(&Qy) ); - CHECK_MPI_OK( mp_init(&prime) ); + CHECK_MPI_OK( mp_init(&irreducible) ); CHECK_MPI_OK( mp_init(&a) ); CHECK_MPI_OK( mp_init(&b) ); - /* Initialize Px and Py */ CHECK_MPI_OK( mp_read_unsigned_octets(&Px, pointP->data + 1, (mp_size) len) ); CHECK_MPI_OK( mp_read_unsigned_octets(&Py, pointP->data + 1 + len, (mp_size) len) ); - /* Set up mp_ints containing the prime and curve coefficients */ - SECITEM_TO_MPINT( params->fieldID.u.prime, &prime ); + /* Set up mp_ints containing the curve coefficients */ SECITEM_TO_MPINT( params->curve.a, &a ); SECITEM_TO_MPINT( params->curve.b, &b ); /* Compute Q = k * P */ - if (GFp_ec_pt_mul(&prime, &a, &b, &Px, &Py, k, - &Qx, &Qy) != SECSuccess) + if (params->fieldID.type == ec_field_GFp) { + SECITEM_TO_MPINT( params->fieldID.u.prime, &irreducible ); + if (GFp_ec_pt_mul(&irreducible, &a, &b, &Px, &Py, k, &Qx, &Qy) + != SECSuccess) goto cleanup; + } else { + SECITEM_TO_MPINT( params->fieldID.u.poly, &irreducible ); + if (GF2m_ec_pt_mul(&irreducible, &a, &b, &Px, &Py, k, &Qx, &Qy) + != SECSuccess) { + goto cleanup; + } + } /* Construct the SECItem representation of point Q */ pointQ->data[0] = EC_POINT_FORM_UNCOMPRESSED; @@ -253,6 +267,7 @@ ec_point_mul(ECParams *params, mp_int *k, (mp_size) len) ); CHECK_MPI_OK( mp_to_fixlen_octets(&Qy, pointQ->data + 1 + len, (mp_size) len) ); + rv = SECSuccess; #if EC_DEBUG @@ -267,7 +282,7 @@ cleanup: mp_clear(&Py); mp_clear(&Qx); mp_clear(&Qy); - mp_clear(&prime); + mp_clear(&irreducible); mp_clear(&a); mp_clear(&b); if (err) { @@ -328,8 +343,13 @@ EC_NewKeyFromSeed(ECParams *ecParams, ECPrivateKey **privKey, key->ecParams.type = ecParams->type; key->ecParams.fieldID.size = ecParams->fieldID.size; key->ecParams.fieldID.type = ecParams->fieldID.type; - CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.prime, - &ecParams->fieldID.u.prime)); + if (ecParams->fieldID.type == ec_field_GFp) { + CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.prime, + &ecParams->fieldID.u.prime)); + } else { + CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.poly, + &ecParams->fieldID.u.poly)); + } key->ecParams.fieldID.k1 = ecParams->fieldID.k1; key->ecParams.fieldID.k2 = ecParams->fieldID.k2; key->ecParams.fieldID.k3 = ecParams->fieldID.k3; @@ -787,7 +807,6 @@ ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature, ecParams = &(key->ecParams); len = (ecParams->fieldID.size + 7) >> 3; - printf("len is %d\n", len); if (signature->len < 2*len) { PORT_SetError(SEC_ERROR_INVALID_ARGS); goto cleanup; diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn index c68ecb90f..df7d79798 100644 --- a/security/nss/lib/freebl/manifest.mn +++ b/security/nss/lib/freebl/manifest.mn @@ -68,8 +68,8 @@ PRIVATE_EXPORTS = \ ec.h \ $(NULL) -MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h -MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c +MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h mp_gf2m.h +MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c mp_gf2m.c ifdef MOZILLA_BSAFE_BUILD CSRCS = \ @@ -100,6 +100,7 @@ CSRCS = \ dh.c \ ec.c \ GFp_ecl.c \ + GF2m_ecl.c \ pqg.c \ dsa.c \ rsa.c \ @@ -116,6 +117,7 @@ ALL_HDRS = \ des.h \ ec.h \ GFp_ecl.h \ + GF2m_ecl.h \ loader.h \ rijndael.h \ secmpi.h \ diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile index 23cd01b57..edf22894d 100644 --- a/security/nss/lib/freebl/mpi/Makefile +++ b/security/nss/lib/freebl/mpi/Makefile @@ -262,7 +262,7 @@ VERS=1.7p6 ## ## This is the list of source files that need to be packed into ## the distribution file -SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \ +SRCS= mpi.c mpprime.c mplogic.c mp_gf2m.c mpmontg.c mpi-test.c primes.c tests/ \ utils/gcd.c utils/invmod.c utils/lap.c \ utils/ptab.pl utils/sieve.c utils/isprime.c\ utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \ @@ -274,7 +274,7 @@ SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \ types.pl stats timetest multest ## These are the header files that go into the distribution file -HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \ +HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h mp_gf2m.h \ utils/bbs_rand.h tests/mpi.h tests/mpprime.h ## These are the documentation files that go into the distribution file @@ -284,9 +284,9 @@ DOCS=README doc utils/README utils/PRIMES TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \ basecvt fact exptmod pi makeprime identest -LIBOBJS = mpprime.o mpmontg.o mplogic.o mpi.o $(AS_OBJS) +LIBOBJS = mpprime.o mpmontg.o mplogic.o mp_gf2m.o mpi.o $(AS_OBJS) LIBHDRS = mpi-config.h mpi-priv.h mpi.h -APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h +APPHDRS = mpi-config.h mpi.h mplogic.h mp_gf2m.h mpprime.h help: @ echo "" @@ -320,6 +320,8 @@ mpi.o: mpi.c logtab.h $(LIBHDRS) mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS) +mp_gf2m.o: mp_gf2m.c mpi-priv.h mp_gf2m.h $(LIBHDRS) + mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS) mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS) @@ -354,7 +356,7 @@ mpi.i: mpi.h #--------------------------------------- MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \ - mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o + mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o mptestb.o MPTESTS = $(MPTESTOBJS:.o=) $(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS) @@ -364,7 +366,7 @@ $(MPTESTS): mptest%: mptest%.o libmpi.a $(CC) $(CFLAGS) -o $@ $^ $(LIBS) tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \ - bbsrand + mptestb bbsrand utests: mptest7 mptest8 mptest9 diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.c b/security/nss/lib/freebl/mpi/mp_gf2m.c new file mode 100644 index 000000000..93d419611 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mp_gf2m.c @@ -0,0 +1,570 @@ +/* + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the Multi-precision Binary Polynomial Arithmetic + * Library. + * + * The Initial Developer of the Original Code is Sun Microsystems, Inc. + * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003 + * Sun Microsystems, Inc. All Rights Reserved. + * + * Contributor(s): + * Sheueling Chang Shantz <sheueling.chang@sun.com> and + * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories. + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + */ + +#include "mp_gf2m.h" +#include "mplogic.h" +#include "mpi-priv.h" + +static const mp_digit SQR_tb[16] = +{ + 0, 1, 4, 5, 16, 17, 20, 21, + 64, 65, 68, 69, 80, 81, 84, 85 +}; + +#if defined(MP_USE_UINT_DIGIT) +#define MP_DIGIT_BITS 32 + +/* Platform-specific macros for fast binary polynomial squaring. */ + +#define gf2m_SQR1(w) \ + SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \ + SQR_tb[(w) >> 20 & 0xF] << 8 | SQR_tb[(w) >> 16 & 0xF] +#define gf2m_SQR0(w) \ + SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \ + SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF] + +/* Multiply two binary polynomials mp_digits a, b. + * Result is a polynomial with degree < 2 * MP_DIGIT_BITS - 1. + * Output in two mp_digits rh, rl. + */ +static void +s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b) +{ + register mp_digit h, l, s; + mp_digit tab[8], top2b = a >> 30; + register mp_digit a1, a2, a4; + + a1 = a & (0x3FFFFFFF); a2 = a1 << 1; a4 = a2 << 1; + + tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2; + tab[4] = a4; tab[5] = a1^a4; tab[6] = a2^a4; tab[7] = a1^a2^a4; + + s = tab[b & 0x7]; l = s; + s = tab[b >> 3 & 0x7]; l ^= s << 3; h = s >> 29; + s = tab[b >> 6 & 0x7]; l ^= s << 6; h ^= s >> 26; + s = tab[b >> 9 & 0x7]; l ^= s << 9; h ^= s >> 23; + s = tab[b >> 12 & 0x7]; l ^= s << 12; h ^= s >> 20; + s = tab[b >> 15 & 0x7]; l ^= s << 15; h ^= s >> 17; + s = tab[b >> 18 & 0x7]; l ^= s << 18; h ^= s >> 14; + s = tab[b >> 21 & 0x7]; l ^= s << 21; h ^= s >> 11; + s = tab[b >> 24 & 0x7]; l ^= s << 24; h ^= s >> 8; + s = tab[b >> 27 & 0x7]; l ^= s << 27; h ^= s >> 5; + s = tab[b >> 30 ]; l ^= s << 30; h ^= s >> 2; + + /* compensate for the top two bits of a */ + + if (top2b & 01) { l ^= b << 30; h ^= b >> 2; } + if (top2b & 02) { l ^= b << 31; h ^= b >> 1; } + + *rh = h; *rl = l; +} +#endif + +#if defined(MP_USE_LONG_DIGIT) || defined(MP_USE_LONG_LONG_DIGIT) +#define MP_DIGIT_BITS 64 +#define MP_TOP_BIT + +/* Platform-specific fast binary polynomial squaring. */ +#define gf2m_SQR1(w) \ + SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \ + SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \ + SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \ + SQR_tb[(w) >> 36 & 0xF] << 8 | SQR_tb[(w) >> 32 & 0xF] +#define gf2m_SQR0(w) \ + SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \ + SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \ + SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >> 8 & 0xF] << 16 | \ + SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF] + +/* Multiply two binary polynomials mp_digits a, b, output in rh, rl */ +static void +s_bmul_1x1(mp_digit *rh, mp_digit *rl, const mp_digit a, const mp_digit b) +{ + register mp_digit h, l, s; + mp_digit tab[16], top3b = a >> 61; + register mp_digit a1, a2, a4, a8; + + a1 = a & (0x1FFFFFFFFFFFFFFF); a2 = a1 << 1; + a4 = a2 << 1; a8 = a4 << 1; + tab[ 0] = 0; tab[ 1] = a1; tab[ 2] = a2; tab[ 3] = a1^a2; + tab[ 4] = a4; tab[ 5] = a1^a4; tab[ 6] = a2^a4; tab[ 7] = a1^a2^a4; + tab[ 8] = a8; tab[ 9] = a1^a8; tab[10] = a2^a8; tab[11] = a1^a2^a8; + tab[12] = a4^a8; tab[13] = a1^a4^a8; tab[14] = a2^a4^a8; tab[15] = a1^a2^a4^a8; + + s = tab[b & 0xF]; l = s; + s = tab[b >> 4 & 0xF]; l ^= s << 4; h = s >> 60; + s = tab[b >> 8 & 0xF]; l ^= s << 8; h ^= s >> 56; + s = tab[b >> 12 & 0xF]; l ^= s << 12; h ^= s >> 52; + s = tab[b >> 16 & 0xF]; l ^= s << 16; h ^= s >> 48; + s = tab[b >> 20 & 0xF]; l ^= s << 20; h ^= s >> 44; + s = tab[b >> 24 & 0xF]; l ^= s << 24; h ^= s >> 40; + s = tab[b >> 28 & 0xF]; l ^= s << 28; h ^= s >> 36; + s = tab[b >> 32 & 0xF]; l ^= s << 32; h ^= s >> 32; + s = tab[b >> 36 & 0xF]; l ^= s << 36; h ^= s >> 28; + s = tab[b >> 40 & 0xF]; l ^= s << 40; h ^= s >> 24; + s = tab[b >> 44 & 0xF]; l ^= s << 44; h ^= s >> 20; + s = tab[b >> 48 & 0xF]; l ^= s << 48; h ^= s >> 16; + s = tab[b >> 52 & 0xF]; l ^= s << 52; h ^= s >> 12; + s = tab[b >> 56 & 0xF]; l ^= s << 56; h ^= s >> 8; + s = tab[b >> 60 ]; l ^= s << 60; h ^= s >> 4; + + /* compensate for the top three bits of a */ + + if (top3b & 01) { l ^= b << 61; h ^= b >> 3; } + if (top3b & 02) { l ^= b << 62; h ^= b >> 2; } + if (top3b & 04) { l ^= b << 63; h ^= b >> 1; } + + *rh = h; *rl = l; +} +#endif + +#if 0 /* to be used later */ +/* Compute xor-multiply of two binary polynomials (a1, a0) x (b1, b0) + * result is a binary polynomial in 4 mp_digits r[4]. + * The caller MUST ensure that r has the right amount of space allocated. + */ +static void +s_bmul_2x2(mp_digit *r, const mp_digit a1, const mp_digit a0, const mp_digit b1, + const mp_digit b0) +{ + mp_digit m1, m0; + /* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */ + s_bmul_1x1(r+3, r+2, a1, b1); + s_bmul_1x1(r+1, r, a0, b0); + s_bmul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1); + /* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */ + r[2] ^= m1 ^ r[1] ^ r[3]; /* h0 ^= m1 ^ l1 ^ h1; */ + r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */ +} +#endif /* 0 */ + +/* Compute addition of two binary polynomials a and b, + * store result in c; c could be a or b, a and b could be equal; + * c is the bitwise XOR of a and b. + */ +mp_err +mp_badd(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_digit *pa, *pb, *pc; + mp_size ix; + mp_size used_pa, used_pb; + mp_err res = MP_OKAY; + + /* Add all digits up to the precision of b. If b had more + * precision than a initially, swap a, b first + */ + if (MP_USED(a) >= MP_USED(b)) { + pa = MP_DIGITS(a); + pb = MP_DIGITS(b); + used_pa = MP_USED(a); + used_pb = MP_USED(b); + } else { + pa = MP_DIGITS(b); + pb = MP_DIGITS(a); + used_pa = MP_USED(b); + used_pb = MP_USED(a); + } + + /* Make sure c has enough precision for the output value */ + MP_CHECKOK( s_mp_pad(c, used_pa) ); + + /* Do word-by-word xor */ + pc = MP_DIGITS(c); + for (ix = 0; ix < used_pb; ix++) { + (*pc++) = (*pa++) ^ (*pb++); + } + + /* Finish the rest of digits until we're actually done */ + for (; ix < used_pa; ++ix) { + *pc++ = *pa++; + } + + MP_USED(c) = used_pa; + MP_SIGN(c) = ZPOS; + s_mp_clamp(c); + +CLEANUP: + return res; +} + +#define s_mp_div2(a) MP_CHECKOK( mpl_rsh((a), (a), 1) ); + +/* Compute binary polynomial multiply d = a * b */ +static void +s_bmul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d) +{ + mp_digit a_i, a0b0, a1b1, carry = 0; + while (a_len--) { + a_i = *a++; + s_bmul_1x1(&a1b1, &a0b0, a_i, b); + *d++ = a0b0 ^ carry; + carry = a1b1; + } + *d = carry; +} + +/* Compute binary polynomial xor multiply accumulate d ^= a * b */ +static void +s_bmul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *d) +{ + mp_digit a_i, a0b0, a1b1, carry = 0; + while (a_len--) { + a_i = *a++; + s_bmul_1x1(&a1b1, &a0b0, a_i, b); + *d++ ^= a0b0 ^ carry; + carry = a1b1; + } + *d ^= carry; +} + +/* Compute binary polynomial xor multiply c = a * b. + * All parameters may be identical. + */ +mp_err +mp_bmul(const mp_int *a, const mp_int *b, mp_int *c) +{ + mp_digit *pb, b_i; + mp_int tmp; + mp_size ib, a_used, b_used; + mp_err res = MP_OKAY; + + ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG); + + if (a == c) { + MP_CHECKOK( mp_init_copy(&tmp, a) ); + if (a == b) + b = &tmp; + a = &tmp; + } else if (b == c) { + MP_CHECKOK( mp_init_copy(&tmp, b) ); + b = &tmp; + } else MP_DIGITS(&tmp) = 0; + + if (MP_USED(a) < MP_USED(b)) { + const mp_int *xch = b; /* switch a and b if b longer */ + b = a; + a = xch; + } + + MP_USED(c) = 1; MP_DIGIT(c, 0) = 0; + MP_CHECKOK( s_mp_pad(c, USED(a) + USED(b)) ); + + pb = MP_DIGITS(b); + s_bmul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c)); + + /* Outer loop: Digits of b */ + a_used = MP_USED(a); + b_used = MP_USED(b); + for (ib = 1; ib < b_used; ib++) { + b_i = *pb++; + + /* Inner product: Digits of a */ + if (b_i) + s_bmul_d_add(MP_DIGITS(a), a_used, b_i, MP_DIGITS(c) + ib); + else + MP_DIGIT(c, ib + a_used) = b_i; + } + + s_mp_clamp(c); + + SIGN(c) = ZPOS; + +CLEANUP: + mp_clear(&tmp); + return res; +} + + +/* Compute modular reduction of a and store result in r. + * r could be a. + * For modular arithmetic, the irreducible polynomial f(t) is represented + * as an array of int[], where f(t) is of the form: + * f(t) = t^p[0] + t^p[1] + ... + t^p[k] + * where m = p[0] > p[1] > ... > p[k] = 0. + */ +int +mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r) +{ + int j, k; + int n, dN, d0, d1; + mp_digit zz, *z, tmp; + mp_size used; + mp_err res = MP_OKAY; + + /* The algorithm does the reduction in place in r, + * if a != r, copy a into r first so reduction can be done in r + */ + if (a != r) { + MP_CHECKOK( mp_copy(a, r) ); + } + z = MP_DIGITS(r); + + /* start reduction */ + dN = p[0] / MP_DIGIT_BITS; + used = MP_USED(r); + + for (j = used - 1; j > dN;) { + + zz = z[j]; + if (zz == 0) { + j--; continue; + } + z[j] = 0; + + for (k = 1; p[k] > 0; k++) { + /* reducing component t^p[k] */ + n = p[0] - p[k]; + d0 = n % MP_DIGIT_BITS; + d1 = MP_DIGIT_BITS - d0; + n /= MP_DIGIT_BITS; + z[j-n] ^= (zz>>d0); + if (d0) + z[j-n-1] ^= (zz<<d1); + } + + /* reducing component t^0 */ + n = dN; + d0 = p[0] % MP_DIGIT_BITS; + d1 = MP_DIGIT_BITS - d0; + z[j-n] ^= (zz >> d0); + if (d0) + z[j-n-1] ^= (zz << d1); + + } + + /* final round of reduction */ + while (j == dN) { + + d0 = p[0] % MP_DIGIT_BITS; + zz = z[dN] >> d0; + if (zz == 0) break; + d1 = MP_DIGIT_BITS - d0; + + /* clear up the top d1 bits */ + if (d0) z[dN] = (z[dN] << d1) >> d1; + *z ^= zz; /* reduction t^0 component */ + + for (k = 1; p[k] > 0; k++) { + /* reducing component t^p[k]*/ + n = p[k] / MP_DIGIT_BITS; + d0 = p[k] % MP_DIGIT_BITS; + d1 = MP_DIGIT_BITS - d0; + z[n] ^= (zz << d0); + tmp = zz >> d1; + if (d0 && tmp) + z[n+1] ^= tmp; + } + } + + s_mp_clamp(r); +CLEANUP: + return res; +} + +/* Compute the product of two polynomials a and b, reduce modulo p, + * Store the result in r. r could be a or b; a could be b. + */ +mp_err +mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[], mp_int *r) +{ + mp_err res; + + if (a == b) return mp_bsqrmod(a, p, r); + if ((res = mp_bmul(a, b, r) ) != MP_OKAY) + return res; + return mp_bmod(r, p, r); +} + +/* Compute binary polynomial squaring c = a*a mod p . + * Parameter r and a can be identical. + */ + +mp_err +mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r) +{ + mp_digit *pa, *pr, a_i; + mp_int tmp; + mp_size ia, a_used; + mp_err res; + + ARGCHK(a != NULL && r != NULL, MP_BADARG); + + if (a == r) { + MP_CHECKOK( mp_init_copy(&tmp, a) ); + a = &tmp; + } else MP_DIGITS(&tmp) = 0; + + MP_USED(r) = 1; MP_DIGIT(r, 0) = 0; + MP_CHECKOK( s_mp_pad(r, 2*USED(a)) ); + + pa = MP_DIGITS(a); + pr = MP_DIGITS(r); + a_used = MP_USED(a); + + for (ia = 0; ia < a_used; ia++) { + a_i = *pa++; + *pr++ = gf2m_SQR0(a_i); + *pr++ = gf2m_SQR1(a_i); + } + + MP_CHECKOK( mp_bmod(r, p, r) ); + s_mp_clamp(r); + SIGN(r) = ZPOS; + +CLEANUP: + mp_clear(&tmp); + return res; +} + +/* Compute binary polynomial y/x mod p, y divided by x, reduce modulo p. + * Store the result in r. r could be x or y, and x could equal y. + * Uses algorithm Modular_Division_GF(2^m) from + * Chang-Shantz, S. "From Euclid's GCD to Montgomery Multiplication to + * the Great Divide". + */ +int +mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp, + const unsigned int p[], mp_int *r) +{ + mp_int aa, bb, uu; + mp_int *a, *b, *u, *v; + mp_err res = MP_OKAY; + + MP_CHECKOK( mp_init_copy(&aa, x) ); + MP_CHECKOK( mp_init_copy(&uu, y) ); + MP_CHECKOK( mp_init_copy(&bb, pp) ); + MP_CHECKOK( s_mp_pad(r, USED(pp)) ); + MP_USED(r) = 1; MP_DIGIT(r, 0) = 0; + + a = &aa; b= &bb; u=&uu; v=r; + /* reduce x and y mod p */ + MP_CHECKOK( mp_bmod(a, p, a) ); + MP_CHECKOK( mp_bmod(u, p, u) ); + + while (!mp_isodd(a)) { + s_mp_div2(a); + if (mp_isodd(u)) { + MP_CHECKOK( mp_badd(u, pp, u) ); + } + s_mp_div_2(u); + } + + do { + if (mp_cmp_mag(b, a) > 0) { + MP_CHECKOK( mp_badd(b, a, b) ); + MP_CHECKOK( mp_badd(v, u, v) ); + do { + s_mp_div2(b); + if (mp_isodd(v)) { + MP_CHECKOK( mp_badd(v, pp, v) ); + } + s_mp_div2(v); + } while (!mp_isodd(b)); + } + else if ((MP_DIGIT(a,0) == 1) && (MP_USED(a) == 1)) + break; + else { + MP_CHECKOK( mp_badd(a, b, a) ); + MP_CHECKOK( mp_badd(u, v, u) ); + do { + s_mp_div2(a); + if (mp_isodd(u)) { + MP_CHECKOK( mp_badd(u, pp, u) ); + } + s_mp_div2(u); + } while (!mp_isodd(a)); + } + } while (1); + + MP_CHECKOK( mp_copy(u, r) ); + +CLEANUP: + return res; + +} + +/* Convert the bit-string representation of a polynomial a into an array + * of integers corresponding to the bits with non-zero coefficient. + * Up to max elements of the array will be filled. Return value is total + * number of coefficients that would be extracted if array was large enough. + */ +int +mp_bpoly2arr(const mp_int *a, unsigned int p[], int max) +{ + int i, j, k; + mp_digit top_bit, mask; + + top_bit = 1; + top_bit <<= MP_DIGIT_BIT - 1; + + for (k = 0; k < max; k++) p[k] = 0; + k = 0; + + for (i = MP_USED(a) - 1; i >= 0; i--) { + mask = top_bit; + for (j = MP_DIGIT_BIT - 1; j >= 0; j--) { + if (MP_DIGITS(a)[i] & mask) { + if (k < max) p[k] = MP_DIGIT_BIT * i + j; + k++; + } + mask >>= 1; + } + } + + return k; +} + +/* Convert the coefficient array representation of a polynomial to a + * bit-string. The array must be terminated by 0. + */ +mp_err +mp_barr2poly(const unsigned int p[], mp_int *a) +{ + + mp_err res = MP_OKAY; + int i; + + mp_zero(a); + for (i = 0; p[i] > 0; i++) { + MP_CHECKOK( mpl_set_bit(a, p[i], 1) ); + } + MP_CHECKOK( mpl_set_bit(a, 0, 1) ); + +CLEANUP: + return MP_OKAY; +} diff --git a/security/nss/lib/freebl/mpi/mp_gf2m.h b/security/nss/lib/freebl/mpi/mp_gf2m.h new file mode 100644 index 000000000..c4268f142 --- /dev/null +++ b/security/nss/lib/freebl/mpi/mp_gf2m.h @@ -0,0 +1,62 @@ +/* + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the Multi-precision Binary Polynomial Arithmetic + * Library. + * + * The Initial Developer of the Original Code is Sun Microsystems, Inc. + * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003 + * Sun Microsystems, Inc. All Rights Reserved. + * + * Contributor(s): + * Sheueling Chang Shantz <sheueling.chang@sun.com> and + * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories. + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + */ + +#ifndef _MP_GF2M_H_ +#define _MP_GF2M_H_ + +#include "mpi.h" + +mp_err mp_badd(const mp_int *a, const mp_int *b, mp_int *c); +mp_err mp_bmul(const mp_int *a, const mp_int *b, mp_int *c); + +/* For modular arithmetic, the irreducible polynomial f(t) is represented + * as an array of int[], where f(t) is of the form: + * f(t) = t^p[0] + t^p[1] + ... + t^p[k] + * where m = p[0] > p[1] > ... > p[k] = 0. + */ +mp_err mp_bmod(const mp_int *a, const unsigned int p[], mp_int *r); +mp_err mp_bmulmod(const mp_int *a, const mp_int *b, const unsigned int p[], + mp_int *r); +mp_err mp_bsqrmod(const mp_int *a, const unsigned int p[], mp_int *r); +mp_err mp_bdivmod(const mp_int *y, const mp_int *x, const mp_int *pp, + const unsigned int p[], mp_int *r); + +int mp_bpoly2arr(const mp_int *a, unsigned int p[], int max); +mp_err mp_barr2poly(const unsigned int p[], mp_int *a); + +#endif /* _MP_GF2M_H_ */ diff --git a/security/nss/lib/freebl/mpi/tests/mptest-b.c b/security/nss/lib/freebl/mpi/tests/mptest-b.c new file mode 100644 index 000000000..da89cb3e0 --- /dev/null +++ b/security/nss/lib/freebl/mpi/tests/mptest-b.c @@ -0,0 +1,211 @@ +/* + * Simple test driver for MPI library + * + * Test GF2m: Binary Polynomial Arithmetic + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Multi-precision Binary Polynomial Arithmetic + * Library. + * + * Contributor(s): + * Sheueling Chang Shantz <sheueling.chang@sun.com> and + * Douglas Stebila <douglas@stebila.ca> of Sun Laboratories. + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the GPL. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> + +#include "mp_gf2m.h" + +int main(int argc, char *argv[]) +{ + int ix; + mp_int pp, a, b, x, y, order; + mp_int c, d, e; + mp_digit r; + mp_err res; + unsigned int p[] = {163,7,6,3,0}; + unsigned int ptemp[10]; + + printf("Test b: Binary Polynomial Arithmetic\n\n"); + + mp_init(&pp); + mp_init(&a); + mp_init(&b); + mp_init(&x); + mp_init(&y); + mp_init(&order); + + mp_read_radix(&pp, "0800000000000000000000000000000000000000C9", 16); + mp_read_radix(&a, "1", 16); + mp_read_radix(&b, "020A601907B8C953CA1481EB10512F78744A3205FD", 16); + mp_read_radix(&x, "03F0EBA16286A2D57EA0991168D4994637E8343E36", 16); + mp_read_radix(&y, "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", 16); + mp_read_radix(&order, "040000000000000000000292FE77E70C12A4234C33", 16); + printf("pp = "); mp_print(&pp, stdout); fputc('\n', stdout); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("x = "); mp_print(&x, stdout); fputc('\n', stdout); + printf("y = "); mp_print(&y, stdout); fputc('\n', stdout); + printf("order = "); mp_print(&order, stdout); fputc('\n', stdout); + + mp_init(&c); + mp_init(&d); + mp_init(&e); + + /* Test polynomial conversion */ + ix = mp_bpoly2arr(&pp, ptemp, 10); + if ( + (ix != 5) || + (ptemp[0] != p[0]) || + (ptemp[1] != p[1]) || + (ptemp[2] != p[2]) || + (ptemp[3] != p[3]) || + (ptemp[4] != p[4]) + ) { + printf("Polynomial to array conversion not correct\n"); + return -1; + } + + printf("Polynomial conversion test #1 successful.\n"); + MP_CHECKOK( mp_barr2poly(p, &c) ); + if (mp_cmp(&pp, &c) != 0) { + printf("Array to polynomial conversion not correct\n"); + return -1; + } + printf("Polynomial conversion test #2 successful.\n"); + + /* Test addition */ + MP_CHECKOK( mp_badd(&a, &a, &c) ); + if (mp_cmp_z(&c) != 0) { + printf("a+a should equal zero\n"); + return -1; + } + printf("Addition test #1 successful.\n"); + MP_CHECKOK( mp_badd(&a, &b, &c) ); + MP_CHECKOK( mp_badd(&b, &c, &c) ); + if (mp_cmp(&c, &a) != 0) { + printf("c = (a + b) + b should equal a\n"); + printf("a = "); mp_print(&a, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Addition test #2 successful.\n"); + + /* Test multiplication */ + mp_set(&c, 2); + MP_CHECKOK( mp_bmul(&b, &c, &c) ); + MP_CHECKOK( mp_badd(&b, &c, &c) ); + mp_set(&d, 3); + MP_CHECKOK( mp_bmul(&b, &d, &d) ); + if (mp_cmp(&c, &d) != 0) { + printf("c = (2 * b) + b should equal c = 3 * b\n"); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("d = "); mp_print(&d, stdout); fputc('\n', stdout); + return -1; + } + printf("Multiplication test #1 successful.\n"); + + /* Test modular reduction */ + MP_CHECKOK( mp_bmod(&b, p, &c) ); + if (mp_cmp(&b, &c) != 0) { + printf("c = b mod p should equal b\n"); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular reduction test #1 successful.\n"); + MP_CHECKOK( mp_badd(&b, &pp, &c) ); + MP_CHECKOK( mp_bmod(&c, p, &c) ); + if (mp_cmp(&b, &c) != 0) { + printf("c = (b + p) mod p should equal b\n"); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular reduction test #2 successful.\n"); + MP_CHECKOK( mp_bmul(&b, &pp, &c) ); + MP_CHECKOK( mp_bmod(&c, p, &c) ); + if (mp_cmp_z(&c) != 0) { + printf("c = (b * p) mod p should equal 0\n"); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular reduction test #3 successful.\n"); + + /* Test modular multiplication */ + MP_CHECKOK( mp_bmulmod(&b, &pp, p, &c) ); + if (mp_cmp_z(&c) != 0) { + printf("c = (b * p) mod p should equal 0\n"); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular multiplication test #1 successful.\n"); + mp_set(&c, 1); + MP_CHECKOK( mp_badd(&pp, &c, &c) ); + MP_CHECKOK( mp_bmulmod(&b, &c, p, &c) ); + if (mp_cmp(&b, &c) != 0) { + printf("c = (b * (p + 1)) mod p should equal b\n"); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular multiplication test #2 successful.\n"); + + /* Test modular squaring */ + MP_CHECKOK( mp_copy(&b, &c) ); + MP_CHECKOK( mp_bmulmod(&b, &c, p, &c) ); + MP_CHECKOK( mp_bsqrmod(&b, p, &d) ); + if (mp_cmp(&c, &d) != 0) { + printf("c = (b * b) mod p should equal d = b^2 mod p\n"); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + printf("d = "); mp_print(&d, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular squaring test #1 successful.\n"); + + /* Test modular division */ + MP_CHECKOK( mp_bdivmod(&b, &x, &pp, p, &c) ); + MP_CHECKOK( mp_bmulmod(&c, &x, p, &c) ); + if (mp_cmp(&b, &c) != 0) { + printf("c = (b / x) * x mod p should equal b\n"); + printf("b = "); mp_print(&b, stdout); fputc('\n', stdout); + printf("c = "); mp_print(&c, stdout); fputc('\n', stdout); + return -1; + } + printf("Modular division test #1 successful.\n"); + +CLEANUP: + + mp_clear(&order); + mp_clear(&y); + mp_clear(&x); + mp_clear(&b); + mp_clear(&a); + mp_clear(&pp); + + return 0; +} diff --git a/security/nss/lib/freebl/sha512.c b/security/nss/lib/freebl/sha512.c index c5d4c227c..e52652284 100644 --- a/security/nss/lib/freebl/sha512.c +++ b/security/nss/lib/freebl/sha512.c @@ -557,6 +557,48 @@ SHA256_Resurrect(unsigned char *space, void *arg) /* SHA-384 and SHA-512 constants, K512. */ static const PRUint64 K512[80] = { +#if PR_BYTES_PER_LONG == 8 + 0x428a2f98d728ae22UL , 0x7137449123ef65cdUL , + 0xb5c0fbcfec4d3b2fUL , 0xe9b5dba58189dbbcUL , + 0x3956c25bf348b538UL , 0x59f111f1b605d019UL , + 0x923f82a4af194f9bUL , 0xab1c5ed5da6d8118UL , + 0xd807aa98a3030242UL , 0x12835b0145706fbeUL , + 0x243185be4ee4b28cUL , 0x550c7dc3d5ffb4e2UL , + 0x72be5d74f27b896fUL , 0x80deb1fe3b1696b1UL , + 0x9bdc06a725c71235UL , 0xc19bf174cf692694UL , + 0xe49b69c19ef14ad2UL , 0xefbe4786384f25e3UL , + 0x0fc19dc68b8cd5b5UL , 0x240ca1cc77ac9c65UL , + 0x2de92c6f592b0275UL , 0x4a7484aa6ea6e483UL , + 0x5cb0a9dcbd41fbd4UL , 0x76f988da831153b5UL , + 0x983e5152ee66dfabUL , 0xa831c66d2db43210UL , + 0xb00327c898fb213fUL , 0xbf597fc7beef0ee4UL , + 0xc6e00bf33da88fc2UL , 0xd5a79147930aa725UL , + 0x06ca6351e003826fUL , 0x142929670a0e6e70UL , + 0x27b70a8546d22ffcUL , 0x2e1b21385c26c926UL , + 0x4d2c6dfc5ac42aedUL , 0x53380d139d95b3dfUL , + 0x650a73548baf63deUL , 0x766a0abb3c77b2a8UL , + 0x81c2c92e47edaee6UL , 0x92722c851482353bUL , + 0xa2bfe8a14cf10364UL , 0xa81a664bbc423001UL , + 0xc24b8b70d0f89791UL , 0xc76c51a30654be30UL , + 0xd192e819d6ef5218UL , 0xd69906245565a910UL , + 0xf40e35855771202aUL , 0x106aa07032bbd1b8UL , + 0x19a4c116b8d2d0c8UL , 0x1e376c085141ab53UL , + 0x2748774cdf8eeb99UL , 0x34b0bcb5e19b48a8UL , + 0x391c0cb3c5c95a63UL , 0x4ed8aa4ae3418acbUL , + 0x5b9cca4f7763e373UL , 0x682e6ff3d6b2b8a3UL , + 0x748f82ee5defb2fcUL , 0x78a5636f43172f60UL , + 0x84c87814a1f0ab72UL , 0x8cc702081a6439ecUL , + 0x90befffa23631e28UL , 0xa4506cebde82bde9UL , + 0xbef9a3f7b2c67915UL , 0xc67178f2e372532bUL , + 0xca273eceea26619cUL , 0xd186b8c721c0c207UL , + 0xeada7dd6cde0eb1eUL , 0xf57d4f7fee6ed178UL , + 0x06f067aa72176fbaUL , 0x0a637dc5a2c898a6UL , + 0x113f9804bef90daeUL , 0x1b710b35131c471bUL , + 0x28db77f523047d84UL , 0x32caab7b40c72493UL , + 0x3c9ebe0a15c9bebcUL , 0x431d67c49c100d4cUL , + 0x4cc5d4becb3e42b6UL , 0x597f299cfc657e2aUL , + 0x5fcb6fab3ad6faecUL , 0x6c44198c4a475817UL +#else ULLC(428a2f98,d728ae22), ULLC(71374491,23ef65cd), ULLC(b5c0fbcf,ec4d3b2f), ULLC(e9b5dba5,8189dbbc), ULLC(3956c25b,f348b538), ULLC(59f111f1,b605d019), @@ -597,6 +639,7 @@ static const PRUint64 K512[80] = { ULLC(3c9ebe0a,15c9bebc), ULLC(431d67c4,9c100d4c), ULLC(4cc5d4be,cb3e42b6), ULLC(597f299c,fc657e2a), ULLC(5fcb6fab,3ad6faec), ULLC(6c44198c,4a475817) +#endif }; struct SHA512ContextStr { @@ -613,10 +656,17 @@ struct SHA512ContextStr { /* SHA-512 initial hash values */ static const PRUint64 H512[8] = { +#if PR_BYTES_PER_LONG == 8 + 0x6a09e667f3bcc908UL , 0xbb67ae8584caa73bUL , + 0x3c6ef372fe94f82bUL , 0xa54ff53a5f1d36f1UL , + 0x510e527fade682d1UL , 0x9b05688c2b3e6c1fUL , + 0x1f83d9abfb41bd6bUL , 0x5be0cd19137e2179UL +#else ULLC(6a09e667,f3bcc908), ULLC(bb67ae85,84caa73b), ULLC(3c6ef372,fe94f82b), ULLC(a54ff53a,5f1d36f1), ULLC(510e527f,ade682d1), ULLC(9b05688c,2b3e6c1f), ULLC(1f83d9ab,fb41bd6b), ULLC(5be0cd19,137e2179) +#endif }; @@ -1124,10 +1174,17 @@ SHA512_Resurrect(unsigned char *space, void *arg) /* SHA-384 initial hash values */ static const PRUint64 H384[8] = { +#if PR_BYTES_PER_LONG == 8 + 0xcbbb9d5dc1059ed8UL , 0x629a292a367cd507UL , + 0x9159015a3070dd17UL , 0x152fecd8f70e5939UL , + 0x67332667ffc00b31UL , 0x8eb44a8768581511UL , + 0xdb0c2e0d64f98fa7UL , 0x47b5481dbefa4fa4UL +#else ULLC(cbbb9d5d,c1059ed8), ULLC(629a292a,367cd507), ULLC(9159015a,3070dd17), ULLC(152fecd8,f70e5939), ULLC(67332667,ffc00b31), ULLC(8eb44a87,68581511), ULLC(db0c2e0d,64f98fa7), ULLC(47b5481d,befa4fa4) +#endif }; SHA384Context * diff --git a/security/nss/lib/freebl/shvfy.c b/security/nss/lib/freebl/shvfy.c index a9c13d6aa..084ba0161 100644 --- a/security/nss/lib/freebl/shvfy.c +++ b/security/nss/lib/freebl/shvfy.c @@ -43,7 +43,7 @@ #include "seccomon.h" #include "stdio.h" -#define DEBUG_SHVERIFY 1 +/* #define DEBUG_SHVERIFY 1 */ static char * mkCheckFileName(const char *libName) diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c index 9c66a6491..1a32d04b9 100644 --- a/security/nss/lib/pk11wrap/pk11util.c +++ b/security/nss/lib/pk11wrap/pk11util.c @@ -112,7 +112,11 @@ SECMOD_Shutdown() { PORT_Assert(secmod_PrivateModuleCount == 0); } #endif - return (secmod_PrivateModuleCount == 0) ? SECSuccess : SECFailure; + if (secmod_PrivateModuleCount) { + PORT_SetError(SEC_ERROR_BUSY); + return SECFailure; + } + return SECSuccess; } diff --git a/security/nss/lib/softoken/ecdecode.c b/security/nss/lib/softoken/ecdecode.c index d65b018a4..a981241f7 100644 --- a/security/nss/lib/softoken/ecdecode.c +++ b/security/nss/lib/softoken/ecdecode.c @@ -114,7 +114,942 @@ EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, params->cofactor = 0; params->type = ec_params_named; +#if EC_DEBUG + printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); +#endif + switch (tag) { + case SEC_OID_ANSIX962_EC_C2PNB163V1: + /* Populate params for c2pnb163v1 */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "0000000107")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "072546B5435234A422E0789675F432C8" \ + "9435DE5242")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "00C9517D06D5240D3CFF38C74B20B6CD" \ + "4D6F9DD4D9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "07AF69989546103D79329FCC3D74880F" \ + "33BBE803CB" \ + "01EC23211B5966ADEA1D3F87F7EA5848" \ + "AEF0B7CA9F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "0400000000000000000001E60FC8821C" \ + "C74DAEAFC1")); + params->cofactor = 2; + break; + + case SEC_OID_ANSIX962_EC_C2PNB163V2: + /* Populate params for c2pnb163v2 */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "0000000107")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "0108B39E77C4B108BED981ED0E890E11" \ + "7C511CF072")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0667ACEB38AF4E488C407433FFAE4F1C" \ + "811638DF20")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0024266E4EB5106D0A964D92C4860E26" \ + "71DB9B6CC5" \ + "079F684DDF6684C5CD258B3890021B23" \ + "86DFD19FC5")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03FFFFFFFFFFFFFFFFFFFDF64DE1151A" \ + "DBB78F10A7")); + params->cofactor = 2; + break; + + case SEC_OID_ANSIX962_EC_C2PNB163V3: + /* Populate params for c2pnb163v3 */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "0000000107")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "07A526C63D3E25A256A007699F5447E3" \ + "2AE456B50E")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "03F7061798EB99E238FD6F1BF95B48FE" \ + "EB4854252B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "02F9F87B7C574D0BDECF8A22E6524775" \ + "F98CDEBDCB" \ + "05B935590C155E17EA48EB3FF3718B89" \ + "3DF59A05D0")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03FFFFFFFFFFFFFFFFFFFE1AEE140F11" \ + "0AFF961309")); + params->cofactor = 2; + break; + + case SEC_OID_ANSIX962_EC_C2PNB176V1: + /* Populate params for c2pnb176v1 */ + params->fieldID.size = 176; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "01000000000000000000000000000000" \ + "00080000000007")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "E4E6DB2995065C407D9D39B8D0967B96" \ + "704BA8E9C90B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "5DDA470ABE6414DE8EC133AE28E9BBD7" \ + "FCEC0AE0FFF2")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "8D16C2866798B600F9F08BB4A8E860F3" \ + "298CE04A5798" \ + "6FA4539C2DADDDD6BAB5167D61B436E1" \ + "D92BB16A562C")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "00010092537397ECA4F6145799D62B0A" \ + "19CE06FE26AD")); + params->cofactor = 0xFF6E; + break; + + case SEC_OID_ANSIX962_EC_C2TNB191V1: + /* Populate params for c2tnb191v1 */ + params->fieldID.size = 191; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000201")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "2866537B676752636A68F56554E12640" \ + "276B649EF7526267")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "2E45EF571F00786F67B0081B9495A3D9" \ + "5462F5DE0AA185EC")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "36B3DAF8A23206F9C4F299D7B21A9C36" \ + "9137F2C84AE1AA0D" \ + "765BE73433B3F95E332932E70EA245CA" \ + "2418EA0EF98018FB")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "40000000000000000000000004A20E90" \ + "C39067C893BBB9A5")); + params->cofactor = 2; + break; + + case SEC_OID_ANSIX962_EC_C2TNB191V2: + /* Populate params for c2tnb191v2 */ + params->fieldID.size = 191; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000201")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "401028774D7777C7B7666D1366EA4320" \ + "71274F89FF01E718")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0620048D28BCBD03B6249C99182B7C8C" \ + "D19700C362C46A01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "3809B2B7CC1B28CC5A87926AAD83FD28" \ + "789E81E2C9E3BF10" \ + "17434386626D14F3DBF01760D9213A3E" \ + "1CF37AEC437D668A")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "20000000000000000000000050508CB8" \ + "9F652824E06B8173")); + params->cofactor = 4; + break; + + case SEC_OID_ANSIX962_EC_C2TNB191V3: + /* Populate params for c2tnb191v3 */ + params->fieldID.size = 191; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000201")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "6C01074756099122221056911C77D77E" \ + "77A777E7E7E77FCB")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "71FE1AF926CF847989EFEF8DB459F663" \ + "94D90F32AD3F15E8")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "375D4CE24FDE434489DE8746E7178601" \ + "5009E66E38A926DD" \ + "545A39176196575D985999366E6AD34C" \ + "E0A77CD7127B06BE")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "155555555555555555555555610C0B19" \ + "6812BFB6288A3EA3")); + params->cofactor = 6; + break; + + case SEC_OID_ANSIX962_EC_C2PNB208W1: + /* Populate params for c2pnb208w1 */ + params->fieldID.size = 208; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "01000000000000000000000000000000" \ + "0800000000000000000007")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "C8619ED45A62E6212E1160349E2BFA84" \ + "4439FAFC2A3FD1638F9E")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "89FDFBE4ABE193DF9559ECF07AC0CE78" \ + "554E2784EB8C1ED1A57A" \ + "0F55B51A06E78E9AC38A035FF520D8B0" \ + "1781BEB1A6BB08617DE3")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "000101BAF95C9723C57B6C21DA2EFF2D" \ + "5ED588BDD5717E212F9D")); + params->cofactor = 0xFE48; + break; + + case SEC_OID_ANSIX962_EC_C2TNB239V1: + /* Populate params for c2tnb239v1 */ + params->fieldID.size = 239; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000000001000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "32010857077C5431123A46B808906756" \ + "F543423E8D27877578125778AC76")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "790408F2EEDAF392B012EDEFB3392F30" \ + "F4327C0CA3F31FC383C422AA8C16")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "57927098FA932E7C0A96D3FD5B706EF7" \ + "E5F5C156E16B7E7C86038552E91D" \ + "61D8EE5077C33FECF6F1A16B268DE469" \ + "C3C7744EA9A971649FC7A9616305")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "2000000000000000000000000000000F" \ + "4D42FFE1492A4993F1CAD666E447")); + params->cofactor = 4; + break; + + case SEC_OID_ANSIX962_EC_C2TNB239V2: + /* Populate params for c2tnb239v2 */ + params->fieldID.size = 239; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000000001000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "4230017757A767FAE42398569B746325" \ + "D45313AF0766266479B75654E65F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "5037EA654196CFF0CD82B2C14A2FCF2E" \ + "3FF8775285B545722F03EACDB74B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "28F9D04E900069C8DC47A08534FE76D2" \ + "B900B7D7EF31F5709F200C4CA205" \ + "5667334C45AFF3B5A03BAD9DD75E2C71" \ + "A99362567D5453F7FA6E227EC833")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "1555555555555555555555555555553C" \ + "6F2885259C31E3FCDF154624522D")); + params->cofactor = 6; + break; + + case SEC_OID_ANSIX962_EC_C2TNB239V3: + /* Populate params for c2tnb239v3 */ + params->fieldID.size = 239; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "0000000000000000001000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01238774666A67766D6676F778E676B6" \ + "6999176666E687666D8766C66A9F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "6A941977BA9F6A435199ACFC51067ED5" \ + "87F519C5ECB541B8E44111DE1D40")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "70F6E9D04D289C4E89913CE3530BFDE9" \ + "03977D42B146D539BF1BDE4E9C92" \ + "2E5A0EAF6E5E1305B9004DCE5C0ED7FE" \ + "59A35608F33837C816D80B79F461")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC" \ + "4912D2D9DF903EF9888B8A0E4CFF")); + params->cofactor = 0x0A; + break; + + case SEC_OID_ANSIX962_EC_C2PNB272W1: + /* Populate params for c2pnb272w1 */ + params->fieldID.size = 272; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "01000000000000000000000000000000" \ + "00000000000000000000000100000000" \ + "00000B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "91A091F03B5FBA4AB2CCF49C4EDD220F" \ + "B028712D42BE752B2C40094DBACDB586" \ + "FB20")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "7167EFC92BB2E3CE7C8AAAFF34E12A9C" \ + "557003D7C73A6FAF003F99F6CC8482E5" \ + "40F7")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "6108BABB2CEEBCF787058A056CBE0CFE" \ + "622D7723A289E08A07AE13EF0D10D171" \ + "DD8D" \ + "10C7695716851EEF6BA7F6872E6142FB" \ + "D241B830FF5EFCACECCAB05E02005DDE" \ + "9D23")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "000100FAF51354E0E39E4892DF6E319C" \ + "72C8161603FA45AA7B998A167B8F1E62" \ + "9521")); + params->cofactor = 0xFF06; + break; + + case SEC_OID_ANSIX962_EC_C2PNB304W1: + /* Populate params for c2pnb304w1 */ + params->fieldID.size = 304; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "01000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000807")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "FD0D693149A118F651E6DCE680208537" \ + "7E5F882D1B510B44160074C128807836" \ + "5A0396C8E681")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "BDDB97E555A50A908E43B01C798EA5DA" \ + "A6788F1EA2794EFCF57166B8C1403960" \ + "1E55827340BE")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "197B07845E9BE2D96ADB0F5F3C7F2CFF" \ + "BD7A3EB8B6FEC35C7FD67F26DDF6285A" \ + "644F740A2614" \ + "E19FBEB76E0DA171517ECF401B50289B" \ + "F014103288527A9B416A105E80260B54" \ + "9FDC1B92C03B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "000101D556572AABAC800101D556572A" \ + "ABAC8001022D5C91DD173F8FB561DA68" \ + "99164443051D")); + params->cofactor = 0xFE2E; + break; + + case SEC_OID_ANSIX962_EC_C2TNB359V1: + /* Populate params for c2tnb359v1 */ + params->fieldID.size = 359; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000100000000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "5667676A654B20754F356EA92017D946" \ + "567C46675556F19556A04616B567D223" \ + "A5E05656FB549016A96656A557")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "2472E2D0197C49363F1FE7F5B6DB075D" \ + "52B6947D135D8CA445805D39BC345626" \ + "089687742B6329E70680231988")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "3C258EF3047767E7EDE0F1FDAA79DAEE" \ + "3841366A132E163ACED4ED2401DF9C6B" \ + "DCDE98E8E707C07A2239B1B097" \ + "53D7E08529547048121E9C95F3791DD8" \ + "04963948F34FAE7BF44EA82365DC7868" \ + "FE57E4AE2DE211305A407104BD")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "01AF286BCA1AF286BCA1AF286BCA1AF2" \ + "86BCA1AF286BC9FB8F6B85C556892C20" \ + "A7EB964FE7719E74F490758D3B")); + params->cofactor = 0x4C; + break; + + case SEC_OID_ANSIX962_EC_C2PNB368W1: + /* Populate params for c2pnb368w1 */ + params->fieldID.size = 368; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "01000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "000000002000000000000000000007")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "E0D2EE25095206F5E2A4F9ED229F1F25" \ + "6E79A0E2B455970D8D0D865BD94778C5" \ + "76D62F0AB7519CCD2A1A906AE30D")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "FC1217D4320A90452C760A58EDCD30C8" \ + "DD069B3C34453837A34ED50CB54917E1" \ + "C2112D84D164F444F8F74786046A")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "1085E2755381DCCCE3C1557AFA10C2F0" \ + "C0C2825646C5B34A394CBCFA8BC16B22" \ + "E7E789E927BE216F02E1FB136A5F" \ + "7B3EB1BDDCBA62D5D8B2059B525797FC" \ + "73822C59059C623A45FF3843CEE8F87C" \ + "D1855ADAA81E2A0750B80FDA2310")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "00010090512DA9AF72B08349D98A5DD4" \ + "C7B0532ECA51CE03E2D10F3B7AC579BD" \ + "87E909AE40A6F131E9CFCE5BD967")); + params->cofactor = 0xFF70; + break; + + case SEC_OID_ANSIX962_EC_C2TNB431R1: + /* Populate params for c2tnb431r1 */ + params->fieldID.size = 431; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000001000000000000000000" \ + "000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "1A827EF00DD6FC0E234CAF046C6A5D8A" \ + "85395B236CC4AD2CF32A0CADBDC9DDF6" \ + "20B0EB9906D0957F6C6FEACD615468DF" \ + "104DE296CD8F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "10D9B4A3D9047D8B154359ABFB1B7F54" \ + "85B04CEB868237DDC9DEDA982A679A5A" \ + "919B626D4E50A8DD731B107A9962381F" \ + "B5D807BF2618")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "120FC05D3C67A99DE161D2F4092622FE" \ + "CA701BE4F50F4758714E8A87BBF2A658" \ + "EF8C21E7C5EFE965361F6C2999C0C247" \ + "B0DBD70CE6B7" \ + "20D0AF8903A96F8D5FA2C255745D3C45" \ + "1B302C9346D9B7E485E7BCE41F6B591F" \ + "3E8F6ADDCBB0BC4C2F947A7DE1A89B62" \ + "5D6A598B3760")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03403403403403403403403403403403" \ + "40340340340340340340340323C313FA" \ + "B50589703B5EC68D3587FEC60D161CC1" \ + "49C1AD4A91")); + params->cofactor = 0x2760; + break; + + case SEC_OID_SECG_EC_SECT113R1: + /* Populate params for sect113r1 */ + params->fieldID.size = 113; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "020000000000000000000000000201")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "003088250CA6E7C7FE649CE85820F7")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "00E8BEE4D3E2260744188BE0E9C723")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "009D73616F35F4AB1407D73562C10F" \ + "00A52830277958EE84D1315ED31886")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "0100000000000000D9CCEC8A39E56F")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT113R2: + /* Populate params for sect113r2 */ + params->fieldID.size = 113; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "020000000000000000000000000201")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00689918DBEC7E5A0DD6DFC0AA55C7")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0095E9A9EC9B297BD4BF36E059184F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "01A57A6A7B26CA5EF52FCDB8164797" \ + "00B3ADC94ED1FE674C06E695BABA1D")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "010000000000000108789B2496AF93")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT131R1: + /* Populate params for sect131r1 */ + params->fieldID.size = 131; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000001" \ + "0D")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "07A11B09A76B562144418FF3FF8C2570" \ + "B8")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0217C05610884B63B9C6C7291678F9D3" \ + "41")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0081BAF91FDF9833C40F9C1813436383" \ + "99" \ + "078C6E7EA38C001F73C8134B1B4EF9E1" \ + "50")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "0400000000000000023123953A9464B5" \ + "4D")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT131R2: + /* Populate params for sect131r2 */ + params->fieldID.size = 131; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000001" \ + "0D")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "03E5A88919D7CAFCBF415F07C2176573" \ + "B2")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "04B8266A46C55657AC734CE38F018F21" \ + "92")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0356DCD8F2F95031AD652D23951BB366" \ + "A8" \ + "0648F06D867940A5366D9E265DE9EB24" \ + "0F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "0400000000000000016954A233049BA9" \ + "8F")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT163K1: + /* Populate params for sect163k1 + * (the NIST K-163 curve) + */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000C9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "02FE13C0537BBC11ACAA07D793DE4E6D" \ + "5E5C94EEE8" \ + "0289070FB05D38FF58321F2E800536D5" \ + "38CCDAA3D9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "04000000000000000000020108A2E0CC" \ + "0D99F8A5EF")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT163R1: + /* Populate params for sect163r1 */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000C9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "07B6882CAAEFA84F9554FF8428BD88E2" \ + "46D2782AE2")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0713612DCDDCB40AAB946BDA29CA91F7" \ + "3AF958AFD9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0369979697AB43897789566789567F78" \ + "7A7876A654" \ + "00435EDB42EFAFB2989D51FEFCE3C809" \ + "88F41FF883")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03FFFFFFFFFFFFFFFFFFFF48AAB689C2" \ + "9CA710279B")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT163R2: + /* Populate params for sect163r2 + * (the NIST B-163 curve) + */ + params->fieldID.size = 163; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000C9")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "020A601907B8C953CA1481EB10512F78" \ + "744A3205FD")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "03F0EBA16286A2D57EA0991168D49946" \ + "37E8343E36" \ + "00D51FBC6C71A0094FA2CDD545B11C5C" \ + "0C797324F1")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "040000000000000000000292FE77E70C" \ + "12A4234C33")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT193R1: + /* Populate params for sect193r1 */ + params->fieldID.size = 193; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "000000000000008001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "0017858FEB7A98975169E171F77B4087" \ + "DE098AC8A911DF7B01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "00FDFB49BFE6C3A89FACADAA7A1E5BBC" \ + "7CC1C2E5D831478814")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "01F481BC5F0FF84A74AD6CDF6FDEF4BF" \ + "6179625372D8C0C5E1" \ + "0025E399F2903712CCF3EA9E3A1AD17F" \ + "B0B3201B6AF7CE1B05")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "01000000000000000000000000C7F34A" \ + "778F443ACC920EBA49")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT193R2: + /* Populate params for sect193r2 */ + params->fieldID.size = 193; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "000000000000008001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "0163F35A5137C2CE3EA6ED8667190B0B" \ + "C43ECD69977702709B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "00C9BB9E8927D4D64C377E2AB2856A5B" \ + "16E3EFB7F61D4316AE")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "00D9B67D192E0367C803F39E1A7E82CA1" \ + "4A651350AAE617E8F" \ + "01CE94335607C304AC29E7DEFBD9CA01" \ + "F596F927224CDECF6C")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "010000000000000000000000015AAB56" \ + "1B005413CCD4EE99D5")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT233K1: + /* Populate params for sect233k1 + * (the NIST K-233 curve) + */ + params->fieldID.size = 233; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "0000000004000000000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "017232BA853A7E731AF129F22FF41495" \ + "63A419C26BF50A4C9D6EEFAD6126" \ + "01DB537DECE819B7F70F555A67C427A8" \ + "CD9BF18AEB9B56E0C11056FAE6A3")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "00800000000000000000000000000006" \ + "9D5BB915BCD46EFB1AD5F173ABDF")); + params->cofactor = 4; + break; + + case SEC_OID_SECG_EC_SECT233R1: + /* Populate params for sect233r1 + * (the NIST B-233 curve) + */ + params->fieldID.size = 233; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "0000000004000000000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00000000000000000000000000000000" \ + "0000000000000000000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0066647EDE6C332C7F8C0923BB58213B" \ + "333B20E9CE4281FE115F7D8F90AD")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "00FAC9DFCBAC8313BB2139F1BB755FEF" \ + "65BC391F8B36F8F8EB7371FD558B" \ + "01006A08A41903350678E58528BEBF8A" \ + "0BEFF867A7CA36716F7E01F81052")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "01000000000000000000000000000013" \ + "E974E72F8A6922031D2603CFE0D7")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT239K1: + /* Populate params for sect239k1 */ + params->fieldID.size = 239; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "80000000000000000000400000000000" \ + "0000000000000000000000000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "29A0B6A887A983E9730988A68727A8B2" \ + "D126C44CC2CC7B2A6555193035DC" \ + "76310804F12E549BDB011C103089E735" \ + "10ACB275FC312A5DC6B76553F0CA")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "2000000000000000000000000000005A" \ + "79FEC67CB6E91F1C1DA800E478A5")); + params->cofactor = 4; + break; + + case SEC_OID_SECG_EC_SECT283K1: + /* Populate params for sect283k1 + * (the NIST K-283 curve) + */ + params->fieldID.size = 283; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "000010A1")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0503213F78CA44883F1A3B8162F188E5" \ + "53CD265F23C1567A16876913B0C2AC24" \ + "58492836" \ + "01CCDA380F1C9E318D90F95D07E5426F" \ + "E87E45C0E8184698E45962364E341161" \ + "77DD2259")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \ + "FFFFE9AE2ED07577265DFF7F94451E06" \ + "1E163C61")); + params->cofactor = 4; + break; + + case SEC_OID_SECG_EC_SECT283R1: + /* Populate params for sect283r1 + * (the NIST B-283 curve) + */ + params->fieldID.size = 283; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "000010A1")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "027B680AC8B8596DA5A4AF8A19A0303F" \ + "CA97FD7645309FA2A581485AF6263E31" \ + "3B79A2F5")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "05F939258DB7DD90E1934F8C70B0DFEC" \ + "2EED25B8557EAC9C80E2E198F8CDBECD" \ + "86B12053" \ + "03676854FE24141CB98FE6D4B20D02B4" \ + "516FF702350EDDB0826779C813F0DF45" \ + "BE8112F4")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \ + "FFFFEF90399660FC938A90165B042A7C" \ + "EFADB307")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT409K1: + /* Populate params for sect409k1 + * (the NIST K-409 curve) + */ + params->fieldID.size = 409; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000080000000000000" \ + "00000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0060F05F658F49C1AD3AB1890F718421" \ + "0EFD0987E307C84C27ACCFB8F9F67CC2" \ + "C460189EB5AAAA62EE222EB1B35540CF" \ + "E9023746" \ + "01E369050B7C4E42ACBA1DACBF04299C" \ + "3460782F918EA427E6325165E9EA10E3" \ + "DA5F6C42E9C55215AA9CA27A5863EC48" \ + "D8E0286B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \ + "FFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA" \ + "20400EC4557D5ED3E3E7CA5B4B5C83B8" \ + "E01E5FCF")); + params->cofactor = 4; + break; + + case SEC_OID_SECG_EC_SECT409R1: + /* Populate params for sect409r1 + * (the NIST B-409 curve) + */ + params->fieldID.size = 409; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "02000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000080000000000000" \ + "00000001")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "0021A5C2C8EE9FEB5C4B9A753B7B476B" \ + "7FD6422EF1F3DD674761FA99D6AC27C8" \ + "A9A197B272822F6CD57A55AA4F50AE31" \ + "7B13545F")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "015D4860D088DDB3496B0C6064756260" \ + "441CDE4AF1771D4DB01FFE5B34E59703" \ + "DC255A868A1180515603AEAB60794E54" \ + "BB7996A7" \ + "0061B1CFAB6BE5F32BBFA78324ED106A" \ + "7636B9C5A7BD198D0158AA4F5488D08F" \ + "38514F1FDF4B4F40D2181B3681C364BA" \ + "0273C706")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "01000000000000000000000000000000" \ + "0000000000000000000001E2AAD6A612" \ + "F33307BE5FA47C3C9E052F838164CD37" \ + "D9A21173")); + params->cofactor = 2; + break; + + case SEC_OID_SECG_EC_SECT571K1: + /* Populate params for sect571k1 + * (the NIST K-571 curve) + */ + params->fieldID.size = 571; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "0000000000000425")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "00")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "026EB7A859923FBC82189631F8103FE4" \ + "AC9CA2970012D5D46024804801841CA4" \ + "4370958493B205E647DA304DB4CEB08C" \ + "BBD1BA39494776FB988B47174DCA88C7" \ + "E2945283A01C8972" \ + "0349DC807F4FBF374F4AEADE3BCA9531" \ + "4DD58CEC9F307A54FFC61EFC006D8A2C" \ + "9D4979C0AC44AEA74FBEBBB9F772AEDC" \ + "B620B01A7BA7AF1B320430C8591984F6" \ + "01CD4C143EF1C7A3")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "02000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000131850E1F19A63E4B391A8DB" \ + "917F4138B630D84BE5D639381E91DEB4" \ + "5CFE778F637C1001")); + params->cofactor = 4; + break; + + case SEC_OID_SECG_EC_SECT571R1: + /* Populate params for sect571r1 + * (the NIST B-571 curve) + */ + params->fieldID.size = 571; + params->fieldID.type = ec_field_GF2m; + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + "08000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "00000000000000000000000000000000" \ + "0000000000000425")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + "01")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + "02F40E7E2221F295DE297117B7F3D62F" \ + "5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD" \ + "84FFABBD8EFA59332BE7AD6756A66E29" \ + "4AFD185A78FF12AA520E4DE739BACA0C" \ + "7FFEFF7F2955727A")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, + "04" \ + "0303001D34B856296C16C0D40D3CD775" \ + "0A93D1D2955FA80AA5F40FC8DB7B2ABD" \ + "BDE53950F4C0D293CDD711A35B67FB14" \ + "99AE60038614F1394ABFA3B4C850D927" \ + "E1E7769C8EEC2D19" \ + "037BF27342DA639B6DCCFFFEB73D69D7" \ + "8C6C27A6009CBBCA1980F8533921E8A6" \ + "84423E43BAB08A576291AF8F461BB2A8" \ + "B3531D2F0485C19B16E2F1516E23DD3C" \ + "1A4827AF1B8AC15B")); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \ + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \ + "FFFFFFFFE661CE18FF55987308059B18" \ + "6823851EC7DD9CA1161DE93D5174D66E" \ + "8382E9BB2FE84E47")); + params->cofactor = 2; + break; + case SEC_OID_ANSIX962_EC_PRIME192V1: /* Populate params for prime192v1 aka secp192r1 * (the NIST P-192 curve) @@ -617,7 +1552,7 @@ EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, "6409")); params->cofactor = 1; break; - + default: break; }; diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index cd5cc3d2a..599b9a5fd 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -236,6 +236,8 @@ struct mechanismList { #define CKF_EC_PNU CKF_EC_FP | CKF_EC_NAMEDCURVE | CKF_EC_UNCOMPRESS +#define CKF_EC_BPNU CKF_EC_F_2M | CKF_EC_PNU + #define CK_MAX 0xffffffff static const struct mechanismList mechanisms[] = { @@ -284,10 +286,10 @@ static const struct mechanismList mechanisms[] = { {CKM_DH_PKCS_DERIVE, {128, 1024, CKF_DERIVE}, PR_TRUE}, #ifdef NSS_ENABLE_ECC /* -------------------- Elliptic Curve Operations --------------------- */ - {CKM_EC_KEY_PAIR_GEN, {112, 571, CKF_GENERATE_KEY_PAIR|CKF_EC_PNU}, PR_TRUE}, - {CKM_ECDH1_DERIVE, {112, 571, CKF_DERIVE|CKF_EC_PNU}, PR_TRUE}, - {CKM_ECDSA, {112, 571, CKF_SN_VR|CKF_EC_PNU}, PR_TRUE}, - {CKM_ECDSA_SHA1, {112, 571, CKF_SN_VR|CKF_EC_PNU}, PR_TRUE}, + {CKM_EC_KEY_PAIR_GEN, {112, 571, CKF_GENERATE_KEY_PAIR|CKF_EC_BPNU}, PR_TRUE}, + {CKM_ECDH1_DERIVE, {112, 571, CKF_DERIVE|CKF_EC_BPNU}, PR_TRUE}, + {CKM_ECDSA, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE}, + {CKM_ECDSA_SHA1, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE}, #endif /* NSS_ENABLE_ECC */ /* ------------------------- RC2 Operations --------------------------- */ {CKM_RC2_KEY_GEN, {1, 128, CKF_GENERATE}, PR_TRUE}, diff --git a/security/nss/lib/ssl/ssl.def b/security/nss/lib/ssl/ssl.def index 7833ae741..33083caea 100644 --- a/security/nss/lib/ssl/ssl.def +++ b/security/nss/lib/ssl/ssl.def @@ -115,3 +115,9 @@ SSL_SetMaxServerCacheLocks; ;+ local: ;+*; ;+}; +;+NSS_3.7.4 { # NSS 3.7.4 release +;+ global: +SSL_ShutdownServerSessionIDCache; +;+ local: +;+*; +;+}; diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h index 59b511f31..cbc5dcc6d 100644 --- a/security/nss/lib/ssl/ssl.h +++ b/security/nss/lib/ssl/ssl.h @@ -365,6 +365,11 @@ SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); SSL_IMPORT void SSL_ClearSessionCache(void); /* +** Close the server's SSL session cache. +*/ +SSL_IMPORT SECStatus SSL_ShutdownServerSessionIDCache(void); + +/* ** Set peer information so we can correctly look up SSL session later. ** You only have to do this if you're tunneling through a proxy. */ diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 09fb81152..51ddd58f3 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -423,28 +423,27 @@ typedef enum { ec_noName = 0, ec_pastLastName } ECName; -/* XXX Change this when more curves are supported */ -#define supportedCurve(x) (((x) >= ec_secp160k1) && ((x) <= ec_secp521r1)) +#define supportedCurve(x) (((x) > ec_noName) && ((x) < ec_pastLastName)) /* Table containing OID tags for elliptic curves named in the * ECC-TLS IETF draft. */ static const SECOidTag ecName2OIDTag[] = { 0, - 0, /* SEC_OID_SECG_EC_SECT163K1, */ /* 1 */ - 0, /* SEC_OID_SECG_EC_SECT163R1, */ /* 2 */ - 0, /* SEC_OID_SECG_EC_SECT163R2, */ /* 3 */ - 0, /* SEC_OID_SECG_EC_SECT193R1, */ /* 4 */ - 0, /* SEC_OID_SECG_EC_SECT193R2, */ /* 5 */ - 0, /* SEC_OID_SECG_EC_SECT233K1, */ /* 6 */ - 0, /* SEC_OID_SECG_EC_SECT233R1, */ /* 7 */ - 0, /* SEC_OID_SECG_EC_SECT239K1, */ /* 8 */ - 0, /* SEC_OID_SECG_EC_SECT283K1, */ /* 9 */ - 0, /* SEC_OID_SECG_EC_SECT283R1, */ /* 10 */ - 0, /* SEC_OID_SECG_EC_SECT409K1, */ /* 11 */ - 0, /* SEC_OID_SECG_EC_SECT409R1, */ /* 12 */ - 0, /* SEC_OID_SECG_EC_SECT571K1, */ /* 13 */ - 0, /* SEC_OID_SECG_EC_SECT571R1, */ /* 14 */ + SEC_OID_SECG_EC_SECT163K1, /* 1 */ + SEC_OID_SECG_EC_SECT163R1, /* 2 */ + SEC_OID_SECG_EC_SECT163R2, /* 3 */ + SEC_OID_SECG_EC_SECT193R1, /* 4 */ + SEC_OID_SECG_EC_SECT193R2, /* 5 */ + SEC_OID_SECG_EC_SECT233K1, /* 6 */ + SEC_OID_SECG_EC_SECT233R1, /* 7 */ + SEC_OID_SECG_EC_SECT239K1, /* 8 */ + SEC_OID_SECG_EC_SECT283K1, /* 9 */ + SEC_OID_SECG_EC_SECT283R1, /* 10 */ + SEC_OID_SECG_EC_SECT409K1, /* 11 */ + SEC_OID_SECG_EC_SECT409R1, /* 12 */ + SEC_OID_SECG_EC_SECT571K1, /* 13 */ + SEC_OID_SECG_EC_SECT571R1, /* 14 */ SEC_OID_SECG_EC_SECP160K1, /* 15 */ SEC_OID_SECG_EC_SECP160R1, /* 16 */ SEC_OID_SECG_EC_SECP160R2, /* 17 */ @@ -3320,6 +3319,33 @@ typedef struct { PK11SymKey * symWrapKey[kt_kea_size]; } ssl3SymWrapKey; +static PZLock * symWrapKeysLock; +static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS]; + +SECStatus +SSL3_ShutdownServerCache(void) +{ + int i, j; + + if (!symWrapKeysLock) + return SECSuccess; /* was never initialized */ + PZ_Lock(symWrapKeysLock); + /* get rid of all symWrapKeys */ + for (i = 0; i < SSL_NUM_WRAP_MECHS; ++i) { + for (j = 0; j < kt_kea_size; ++j) { + PK11SymKey ** pSymWrapKey; + pSymWrapKey = &symWrapKeys[i].symWrapKey[j]; + if (*pSymWrapKey) { + PK11_FreeSymKey(*pSymWrapKey); + *pSymWrapKey = NULL; + } + } + } + + PZ_Unlock(symWrapKeysLock); + return SECSuccess; +} + /* Try to get wrapping key for mechanism from in-memory array. * If that fails, look for one on disk. * If that fails, generate a new one, put the new one on disk, @@ -3344,9 +3370,6 @@ getWrappingKey( sslSocket * ss, SECItem wrappedKey; SSLWrappedSymWrappingKey wswk; - static PZLock * symWrapKeysLock; - static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS]; - svrPrivKey = ss->serverCerts[exchKeyType].serverKey; PORT_Assert(svrPrivKey != NULL); if (!svrPrivKey) { diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index c53e53757..90a99100e 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -1261,6 +1261,9 @@ ssl_GetWrappingKey( PRInt32 symWrapMechIndex, extern PRBool ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk); +/* get rid of the symmetric wrapping key references. */ +extern SECStatus SSL3_ShutdownServerCache(void); + /********************** misc calls *********************/ extern int ssl_MapLowLevelError(int hiLevelError); diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c index 85c985b79..15d0a618b 100644 --- a/security/nss/lib/ssl/sslsnce.c +++ b/security/nss/lib/ssl/sslsnce.c @@ -1158,6 +1158,22 @@ SSL_ConfigServerSessionIDCache( int maxCacheEntries, maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE); } +SECStatus +SSL_ShutdownServerSessionIDCacheInstance(cacheDesc *cache) +{ + /* if single process, close down, clean up. + ** if multi-process, TBD. + */ + return SECSuccess; +} + +SECStatus +SSL_ShutdownServerSessionIDCache(void) +{ + SSL3_ShutdownServerCache(); + return SSL_ShutdownServerSessionIDCacheInstance(&globalCache); +} + /* Use this function, instead of SSL_ConfigServerSessionIDCache, * if the cache will be shared by multiple processes. */ diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c index 89ae845c1..e83c04d7a 100644 --- a/security/nss/lib/util/secoid.c +++ b/security/nss/lib/util/secoid.c @@ -466,6 +466,48 @@ CONST_OID secgECsecp256k1[] = { SECG_OID, 0x0a }; CONST_OID secgECsecp384r1[] = { SECG_OID, 0x22 }; CONST_OID secgECsecp521r1[] = { SECG_OID, 0x23 }; +/* ANSI X9.62 characteristic two curve OIDs */ +CONST_OID ansiX962c2pnb163v1[] = { ANSI_X962_GF2m_OID, 0x01 }; +CONST_OID ansiX962c2pnb163v2[] = { ANSI_X962_GF2m_OID, 0x02 }; +CONST_OID ansiX962c2pnb163v3[] = { ANSI_X962_GF2m_OID, 0x03 }; +CONST_OID ansiX962c2pnb176v1[] = { ANSI_X962_GF2m_OID, 0x04 }; +CONST_OID ansiX962c2tnb191v1[] = { ANSI_X962_GF2m_OID, 0x05 }; +CONST_OID ansiX962c2tnb191v2[] = { ANSI_X962_GF2m_OID, 0x06 }; +CONST_OID ansiX962c2tnb191v3[] = { ANSI_X962_GF2m_OID, 0x07 }; +CONST_OID ansiX962c2onb191v4[] = { ANSI_X962_GF2m_OID, 0x08 }; +CONST_OID ansiX962c2onb191v5[] = { ANSI_X962_GF2m_OID, 0x09 }; +CONST_OID ansiX962c2pnb208w1[] = { ANSI_X962_GF2m_OID, 0x0a }; +CONST_OID ansiX962c2tnb239v1[] = { ANSI_X962_GF2m_OID, 0x0b }; +CONST_OID ansiX962c2tnb239v2[] = { ANSI_X962_GF2m_OID, 0x0c }; +CONST_OID ansiX962c2tnb239v3[] = { ANSI_X962_GF2m_OID, 0x0d }; +CONST_OID ansiX962c2onb239v4[] = { ANSI_X962_GF2m_OID, 0x0e }; +CONST_OID ansiX962c2onb239v5[] = { ANSI_X962_GF2m_OID, 0x0f }; +CONST_OID ansiX962c2pnb272w1[] = { ANSI_X962_GF2m_OID, 0x10 }; +CONST_OID ansiX962c2pnb304w1[] = { ANSI_X962_GF2m_OID, 0x11 }; +CONST_OID ansiX962c2tnb359v1[] = { ANSI_X962_GF2m_OID, 0x12 }; +CONST_OID ansiX962c2pnb368w1[] = { ANSI_X962_GF2m_OID, 0x13 }; +CONST_OID ansiX962c2tnb431r1[] = { ANSI_X962_GF2m_OID, 0x14 }; + +/* SECG characterisitic two curve OIDs */ +CONST_OID secgECsect113r1[] = {SECG_OID, 0x04 }; +CONST_OID secgECsect113r2[] = {SECG_OID, 0x05 }; +CONST_OID secgECsect131r1[] = {SECG_OID, 0x16 }; +CONST_OID secgECsect131r2[] = {SECG_OID, 0x17 }; +CONST_OID secgECsect163k1[] = {SECG_OID, 0x01 }; +CONST_OID secgECsect163r1[] = {SECG_OID, 0x02 }; +CONST_OID secgECsect163r2[] = {SECG_OID, 0x0f }; +CONST_OID secgECsect193r1[] = {SECG_OID, 0x18 }; +CONST_OID secgECsect193r2[] = {SECG_OID, 0x19 }; +CONST_OID secgECsect233k1[] = {SECG_OID, 0x1a }; +CONST_OID secgECsect233r1[] = {SECG_OID, 0x1b }; +CONST_OID secgECsect239k1[] = {SECG_OID, 0x03 }; +CONST_OID secgECsect283k1[] = {SECG_OID, 0x10 }; +CONST_OID secgECsect283r1[] = {SECG_OID, 0x11 }; +CONST_OID secgECsect409k1[] = {SECG_OID, 0x24 }; +CONST_OID secgECsect409r1[] = {SECG_OID, 0x25 }; +CONST_OID secgECsect571k1[] = {SECG_OID, 0x26 }; +CONST_OID secgECsect571r1[] = {SECG_OID, 0x27 }; + #define OI(x) { siDEROID, (unsigned char *)x, sizeof x } #ifndef SECOID_NO_STRINGS #define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext } @@ -1181,6 +1223,163 @@ const static SECOidData oids[] = { "SECG elliptic curve secp521r1 (aka NIST P-521)", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ), + + /* ANSI X9.62 named elliptic curves (characteristic two field) */ + OD( ansiX962c2pnb163v1, SEC_OID_ANSIX962_EC_C2PNB163V1, + "ANSI X9.62 elliptic curve c2pnb163v1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb163v2, SEC_OID_ANSIX962_EC_C2PNB163V2, + "ANSI X9.62 elliptic curve c2pnb163v2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb163v3, SEC_OID_ANSIX962_EC_C2PNB163V3, + "ANSI X9.62 elliptic curve c2pnb163v3", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb176v1, SEC_OID_ANSIX962_EC_C2PNB176V1, + "ANSI X9.62 elliptic curve c2pnb176v1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb191v1, SEC_OID_ANSIX962_EC_C2TNB191V1, + "ANSI X9.62 elliptic curve c2tnb191v1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb191v2, SEC_OID_ANSIX962_EC_C2TNB191V2, + "ANSI X9.62 elliptic curve c2tnb191v2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb191v3, SEC_OID_ANSIX962_EC_C2TNB191V3, + "ANSI X9.62 elliptic curve c2tnb191v3", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2onb191v4, SEC_OID_ANSIX962_EC_C2ONB191V4, + "ANSI X9.62 elliptic curve c2onb191v4", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2onb191v5, SEC_OID_ANSIX962_EC_C2ONB191V5, + "ANSI X9.62 elliptic curve c2onb191v5", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb208w1, SEC_OID_ANSIX962_EC_C2PNB208W1, + "ANSI X9.62 elliptic curve c2pnb208w1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb239v1, SEC_OID_ANSIX962_EC_C2TNB239V1, + "ANSI X9.62 elliptic curve c2tnb239v1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb239v2, SEC_OID_ANSIX962_EC_C2TNB239V2, + "ANSI X9.62 elliptic curve c2tnb239v2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb239v3, SEC_OID_ANSIX962_EC_C2TNB239V3, + "ANSI X9.62 elliptic curve c2tnb239v3", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2onb239v4, SEC_OID_ANSIX962_EC_C2ONB239V4, + "ANSI X9.62 elliptic curve c2onb239v4", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2onb239v5, SEC_OID_ANSIX962_EC_C2ONB239V5, + "ANSI X9.62 elliptic curve c2onb239v5", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb272w1, SEC_OID_ANSIX962_EC_C2PNB272W1, + "ANSI X9.62 elliptic curve c2pnb272w1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb304w1, SEC_OID_ANSIX962_EC_C2PNB304W1, + "ANSI X9.62 elliptic curve c2pnb304w1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb359v1, SEC_OID_ANSIX962_EC_C2TNB359V1, + "ANSI X9.62 elliptic curve c2tnb359v1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2pnb368w1, SEC_OID_ANSIX962_EC_C2PNB368W1, + "ANSI X9.62 elliptic curve c2pnb368w1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( ansiX962c2tnb431r1, SEC_OID_ANSIX962_EC_C2TNB431R1, + "ANSI X9.62 elliptic curve c2tnb431r1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + + /* SECG named elliptic curves (characterisitic two field) */ + OD( secgECsect113r1, SEC_OID_SECG_EC_SECT113R1, + "SECG elliptic curve sect113r1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect113r2, SEC_OID_SECG_EC_SECT113R2, + "SECG elliptic curve sect113r2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect131r1, SEC_OID_SECG_EC_SECT131R1, + "SECG elliptic curve sect131r1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect131r2, SEC_OID_SECG_EC_SECT131R2, + "SECG elliptic curve sect131r2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect163k1, SEC_OID_SECG_EC_SECT163K1, + "SECG elliptic curve sect163k1 (aka NIST K-163)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect163r1, SEC_OID_SECG_EC_SECT163R1, + "SECG elliptic curve sect163r1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect163r2, SEC_OID_SECG_EC_SECT163R2, + "SECG elliptic curve sect163r2 (aka NIST B-163)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect193r1, SEC_OID_SECG_EC_SECT193R1, + "SECG elliptic curve sect193r1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect193r2, SEC_OID_SECG_EC_SECT193R2, + "SECG elliptic curve sect193r2", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect233k1, SEC_OID_SECG_EC_SECT233K1, + "SECG elliptic curve sect233k1 (aka NIST K-233)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect233r1, SEC_OID_SECG_EC_SECT233R1, + "SECG elliptic curve sect233r1 (aka NIST B-233)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect239k1, SEC_OID_SECG_EC_SECT239K1, + "SECG elliptic curve sect239k1", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect283k1, SEC_OID_SECG_EC_SECT283K1, + "SECG elliptic curve sect283k1 (aka NIST K-283)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect283r1, SEC_OID_SECG_EC_SECT283R1, + "SECG elliptic curve sect283r1 (aka NIST B-283)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect409k1, SEC_OID_SECG_EC_SECT409K1, + "SECG elliptic curve sect409k1 (aka NIST K-409)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect409r1, SEC_OID_SECG_EC_SECT409R1, + "SECG elliptic curve sect409r1 (aka NIST B-409)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect571k1, SEC_OID_SECG_EC_SECT571K1, + "SECG elliptic curve sect571k1 (aka NIST K-571)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( secgECsect571r1, SEC_OID_SECG_EC_SECT571R1, + "SECG elliptic curve sect571r1 (aka NIST B-571)", + CKM_INVALID_MECHANISM, + INVALID_CERT_EXTENSION ), + OD( netscapeAOLScreenname, SEC_OID_NETSCAPE_AOLSCREENNAME, "AOL Screenname", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ), diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h index f46b8923b..62d15d7b1 100644 --- a/security/nss/lib/util/secoidt.h +++ b/security/nss/lib/util/secoidt.h @@ -341,7 +341,50 @@ typedef enum { /* SEC_OID_SECG_EC_SECP256R1 is SEC_OID_ANSIX962_EC_PRIME256V1 */ SEC_OID_SECG_EC_SECP384R1 = 220, SEC_OID_SECG_EC_SECP521R1 = 221, - SEC_OID_NETSCAPE_AOLSCREENNAME = 222, + + /* ANSI X9.62 named elliptic curves (characteristic two field) */ + SEC_OID_ANSIX962_EC_C2PNB163V1 = 222, + SEC_OID_ANSIX962_EC_C2PNB163V2 = 223, + SEC_OID_ANSIX962_EC_C2PNB163V3 = 224, + SEC_OID_ANSIX962_EC_C2PNB176V1 = 225, + SEC_OID_ANSIX962_EC_C2TNB191V1 = 226, + SEC_OID_ANSIX962_EC_C2TNB191V2 = 227, + SEC_OID_ANSIX962_EC_C2TNB191V3 = 228, + SEC_OID_ANSIX962_EC_C2ONB191V4 = 229, + SEC_OID_ANSIX962_EC_C2ONB191V5 = 230, + SEC_OID_ANSIX962_EC_C2PNB208W1 = 231, + SEC_OID_ANSIX962_EC_C2TNB239V1 = 232, + SEC_OID_ANSIX962_EC_C2TNB239V2 = 233, + SEC_OID_ANSIX962_EC_C2TNB239V3 = 234, + SEC_OID_ANSIX962_EC_C2ONB239V4 = 235, + SEC_OID_ANSIX962_EC_C2ONB239V5 = 236, + SEC_OID_ANSIX962_EC_C2PNB272W1 = 237, + SEC_OID_ANSIX962_EC_C2PNB304W1 = 238, + SEC_OID_ANSIX962_EC_C2TNB359V1 = 239, + SEC_OID_ANSIX962_EC_C2PNB368W1 = 240, + SEC_OID_ANSIX962_EC_C2TNB431R1 = 241, + + /* SECG named elliptic curves (characteristic two field) */ + SEC_OID_SECG_EC_SECT113R1 = 242, + SEC_OID_SECG_EC_SECT113R2 = 243, + SEC_OID_SECG_EC_SECT131R1 = 244, + SEC_OID_SECG_EC_SECT131R2 = 245, + SEC_OID_SECG_EC_SECT163K1 = 246, + SEC_OID_SECG_EC_SECT163R1 = 247, + SEC_OID_SECG_EC_SECT163R2 = 248, + SEC_OID_SECG_EC_SECT193R1 = 249, + SEC_OID_SECG_EC_SECT193R2 = 250, + SEC_OID_SECG_EC_SECT233K1 = 251, + SEC_OID_SECG_EC_SECT233R1 = 252, + SEC_OID_SECG_EC_SECT239K1 = 253, + SEC_OID_SECG_EC_SECT283K1 = 254, + SEC_OID_SECG_EC_SECT283R1 = 255, + SEC_OID_SECG_EC_SECT409K1 = 256, + SEC_OID_SECG_EC_SECT409R1 = 257, + SEC_OID_SECG_EC_SECT571K1 = 258, + SEC_OID_SECG_EC_SECT571R1 = 259, + + SEC_OID_NETSCAPE_AOLSCREENNAME = 260, SEC_OID_TOTAL } SECOidTag; diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh index b8373923f..11d59456a 100755 --- a/security/nss/tests/cert/cert.sh +++ b/security/nss/tests/cert/cert.sh @@ -610,12 +610,6 @@ y MODSCRIPT RET=$? if [ "$RET" -ne 0 ]; then - # Debugging output for bug 195127 - echo "Current directory is `pwd`" - echo "ls -l ../../../../dist/${OBJDIR}/lib/libsoftokn3.chk" - ls -l ../../../../dist/${OBJDIR}/lib/libsoftokn3.chk - echo "ls -l ../../../../dist/${OBJDIR}/lib" - ls -l ../../../../dist/${OBJDIR}/lib html_failed "<TR><TD>${CU_ACTION} ($RET) " cert_log "ERROR: ${CU_ACTION} failed $RET" else |