diff options
| author | Robert Relyea <rrelyea@redhat.com> | 2021-09-07 16:18:08 -0700 |
|---|---|---|
| committer | Robert Relyea <rrelyea@redhat.com> | 2021-09-07 16:18:08 -0700 |
| commit | 3aac321166c6f2e1574431340ae4ffcda499a7c3 (patch) | |
| tree | 4ae0c25ffb5ace3d6eafe060f8984dab708b51f3 /nss.gyp | |
| parent | ff2a9a912667c239486de4351422bee7fabbd337 (diff) | |
| download | nss-hg-3aac321166c6f2e1574431340ae4ffcda499a7c3.tar.gz | |
Bug 1729550 NSS needs FiPS 140-3 version indicators.NSS_3_73_BETA1
1. This patch adds a new command, validation, which dumps the validation
objects ina given token. It defaults to the softoken.
2. It sets up the infrastructure to allow creation at init time of token
specific objects (like validation objects and profile objects) by:
2a. factoring out the code to get the next available object handle to a
new function call sftk_getNextHandle().
2b. The object freelists are now initialized before SFTK_SlotInit, so that
SFTK_SlotInit can initialize these new token objects.
2c. A new staticly defined session is created to hand these object on.
2c1. sftk_NewSession and sftk_FreeSession has the initialization and
clearing functions factored out from the actual space freeing clearing
so they can be used on this staticly allocated session. (NOTE: NSS has
two ways it handles this internally: use of Init/New Clear/Free
functions as in this patch, or the use of a bool called 'FreeIt' added
to the original function. There is no technical reason for why I used
Init/New other than I didn't have to go change all the places the
currently call them. These are internal private functions, so it's ok
to change their signatures.
2c2. The static sessions are initialized on freed when the slot is
created and destroyed.
3. For fips slot the validation object is created. The version number is
selected at compile time with a build time environment variable. If no
version number is provided, a default version number (related to the NSS
version) is selected as well as the string 'unvalidated'.
4. The NSS spefic defines for Validation objects are defined in the NSS vendor
space (until PKCS #11 v3.2 comes out with the official values).
Differential Revision: https://phabricator.services.mozilla.com/D124951
Diffstat (limited to 'nss.gyp')
| -rw-r--r-- | nss.gyp | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -131,6 +131,7 @@ 'cmd/smimetools/smimetools.gyp:cmsutil', 'cmd/ssltap/ssltap.gyp:ssltap', 'cmd/symkeyutil/symkeyutil.gyp:symkeyutil', + 'cmd/validation/validation.gyp:validation', 'nss-tool/nss_tool.gyp:nss', 'nss-tool/nss_tool.gyp:hw-support', ], |