diff options
author | Elio Maldonado <emaldona@redhat.com> | 2013-04-10 12:22:57 -0700 |
---|---|---|
committer | Elio Maldonado <emaldona@redhat.com> | 2013-04-10 12:22:57 -0700 |
commit | d5f324eef1699ab5177df1f848f49f1355a2d073 (patch) | |
tree | 31c2fa8e192bac87602fb5a4b572152b1e231061 /cmd | |
parent | f5751eef41594717893f21834cb1ba1c225886f5 (diff) | |
download | nss-hg-d5f324eef1699ab5177df1f848f49f1355a2d073.tar.gz |
backout bug 835919, backout bug 850905
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/Makefile | 8 | ||||
-rw-r--r-- | cmd/manifest.mn | 4 | ||||
-rw-r--r-- | cmd/platlibs.mk | 31 | ||||
-rw-r--r-- | cmd/shlibsign/shlibsign.c | 45 |
4 files changed, 17 insertions, 71 deletions
diff --git a/cmd/Makefile b/cmd/Makefile index 0ae45649c..b98205926 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -14,14 +14,6 @@ ifdef BUILD_LIBPKIX_TESTS DIRS += libpkix endif -ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1) -BLTEST_SRCDIR= -FIPSTEST_SRCDIR= -else -BLTEST_SRCDIR = bltest -FIPSTEST_SRCDIR = fipstest -endif - LOWHASHTEST_SRCDIR= ifeq ($(FREEBL_LOWHASH),1) LOWHASHTEST_SRCDIR = lowhashtest # Add the lowhashtest directory to DIRS. diff --git a/cmd/manifest.mn b/cmd/manifest.mn index 4ebe00478..f66abc306 100644 --- a/cmd/manifest.mn +++ b/cmd/manifest.mn @@ -11,7 +11,7 @@ REQUIRES = nss nspr libdbm DIRS = lib \ addbuiltin \ atob \ - $(BLTEST_SRCDIR) \ + bltest \ btoa \ certcgi \ certutil \ @@ -23,7 +23,7 @@ DIRS = lib \ derdump \ digest \ httpserv \ - $(FIPSTEST_SRCDIR) \ + fipstest \ $(LOWHASHTEST_SRCDIR) \ listsuites \ makepqg \ diff --git a/cmd/platlibs.mk b/cmd/platlibs.mk index 200faf701..332681dd4 100644 --- a/cmd/platlibs.mk +++ b/cmd/platlibs.mk @@ -36,18 +36,7 @@ ifdef USE_STATIC_LIBS DEFINES += -DNSS_USE_STATIC_LIBS # $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS) -ifndef USE_SYSTEM_FREEBL -CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -SOFTOKENLIB=$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) -else -# Use the system freebl and softoken libraries -CRYPTOLIB=$(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -SOFTOKENLIB= -EXTRA_SHARED_LIBS += \ - -L$(SOFTOKEN_LIB_DIR) \ - -lsoftokn3 \ - $(NULL) -endif +CRYPTOLIB=$(SOFTOKEN_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) PKIXLIB = \ $(DIST)/lib/$(LIB_PREFIX)pkixtop.$(LIB_SUFFIX) \ @@ -78,7 +67,7 @@ EXTRA_LIBS += \ $(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \ - $(SOFTOKENLIB) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ $(CRYPTOLIB) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ @@ -113,7 +102,7 @@ EXTRA_LIBS += \ $(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \ - $(SOFTOKENLIB) \ + $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \ @@ -196,22 +185,8 @@ EXTRA_SHARED_LIBS += \ $(NULL) endif -ifdef SOFTOKEN_LIB_DIR -ifdef NSS_USE_SYSTEM_FREEBL -EXTRA_SHARED_LIBS += -L$(SOFTOKEN_LIB_DIR) -lsoftokn3 -endif -endif - endif # USE_STATIC_LIBS -# If a platform has a system freebl, set USE_SYSTEM_FREEBL to 1 and -# FREEBL_LIBS to the linker command-line arguments for the system nss-util -# (for example, -lfreebl3 on fedora) in the platform's config file in coreconf. -ifdef NSS_USE_SYSTEM_FREEBL -FREEBL_LIBS = $(FREEBL_LIB_DIR)/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) -EXTRA_LIBS += $(FREEBL_LIBS) -endif - # If a platform has a system zlib, set USE_SYSTEM_ZLIB to 1 and # ZLIB_LIBS to the linker command-line arguments for the system zlib # (for example, -lz) in the platform's config file in coreconf. diff --git a/cmd/shlibsign/shlibsign.c b/cmd/shlibsign/shlibsign.c index cd25838bb..e283cccd9 100644 --- a/cmd/shlibsign/shlibsign.c +++ b/cmd/shlibsign/shlibsign.c @@ -49,7 +49,6 @@ #include "pkcs11t.h" /* freebl headers */ -#include "blapit.h" #include "shsign.h" #define NUM_ELEM(array) (sizeof(array)/sizeof(array[0])) @@ -64,7 +63,7 @@ usage (const char *program_name) PR_fprintf (debug_out, "type %s -H for more detail information.\n", program_name); PR_fprintf (debug_out, - "Usage: %s [-v] [-V] [-k keysize] [-o outfile] [-d dbdir] [-f pwfile]\n" + "Usage: %s [-v] [-V] [-o outfile] [-d dbdir] [-f pwfile]\n" " [-F] [-p pwd] -[P dbprefix ] " "-i shared_library_name\n", program_name); @@ -85,7 +84,6 @@ long_usage(const char *program_name) PR_fprintf(debug_out, "\t-p <pwd> password\n"); PR_fprintf(debug_out, "\t-v verbose output\n"); PR_fprintf(debug_out, "\t-V perform Verify operations\n"); - PR_fprintf(debug_out, "\t-k <key_size> key size in bits, default 2048\n"); PR_fprintf(debug_out, "\t-? short help message\n"); PR_fprintf(debug_out, "\t-h short help message\n"); PR_fprintf(debug_out, "\t-H this help message\n"); @@ -727,16 +725,13 @@ int main(int argc, char **argv) CK_ULONG slotIndex = 0; CK_MECHANISM digestmech; CK_ULONG digestLen = 0; - CK_BYTE digest[HASH_LENGTH_MAX]; - CK_BYTE sign[DSA_MAX_SIGNATURE_LEN]; + CK_BYTE digest[32]; /* SHA256_LENGTH */ + CK_BYTE sign[64]; /* DSA SIGNATURE LENGTH */ CK_ULONG signLen = 0 ; CK_MECHANISM signMech = { CKM_DSA, NULL, 0 }; - int expectedDigestLen; - int expectedSignatureLen; - /*** DSA Key ***/ CK_MECHANISM dsaKeyPairGenMech; @@ -918,18 +913,10 @@ int main(int argc, char **argv) goto cleanup; } - if (keySize == 0) { - if (mechInfo.ulMaxKeySize >=2048) { - keySize = 2048; - } else { - keySize = 1024; - } - } - if (keySize > mechInfo.ulMaxKeySize) { - PR_fprintf(PR_STDERR, - "Requested key size of %d bits exceeds the mechanism's maximum key size of %d bits\n", - keySize, mechInfo.ulMaxKeySize); - goto cleanup; + if ((keySize == 0) && mechInfo.ulMaxKeySize >=2048 ) { + keySize = 2048; + } else { + keySize = 1024; } } @@ -947,10 +934,6 @@ int main(int argc, char **argv) digestmech.mechanism = CKM_SHA_1; digestmech.pParameter = NULL; digestmech.ulParameterLen = 0; - - expectedDigestLen = SHA1_LENGTH; - expectedSignatureLen = sizeof(subprime)*2; /* length of q*2 */; - } else if (keySize == 2048) { dsaPubKeyTemplate[0].type = CKA_PRIME; dsaPubKeyTemplate[0].pValue = (CK_VOID_PTR) &prime2; @@ -964,13 +947,9 @@ int main(int argc, char **argv) digestmech.mechanism = CKM_SHA256; digestmech.pParameter = NULL; digestmech.ulParameterLen = 0; - - expectedDigestLen = SHA256_LENGTH; - expectedSignatureLen = sizeof(subprime2)*2; /* length of q*2 */ - } else { /* future - generate pqg */ - PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported\n"); + PR_fprintf(PR_STDERR, "Only keysizes 1024 and 2048 are supported"); goto cleanup; } dsaPubKeyTemplate[3].type = CKA_TOKEN; @@ -1125,9 +1104,9 @@ int main(int argc, char **argv) goto cleanup; } - if (digestLen != expectedDigestLen) { + if (digestLen != sizeof(digest)) { PR_fprintf(PR_STDERR, "digestLen has incorrect length %lu " - "it should be %lu \n",digestLen, expectedDigestLen); + "it should be %lu \n",digestLen, sizeof(digest)); goto cleanup; } @@ -1148,9 +1127,9 @@ int main(int argc, char **argv) goto cleanup; } - if (signLen != expectedSignatureLen) { + if (signLen != sizeof(sign)) { PR_fprintf(PR_STDERR, "signLen has incorrect length %lu " - "it should be %lu \n", signLen, expectedSignatureLen); + "it should be %lu \n", signLen, sizeof(sign)); goto cleanup; } |