summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Added tag NSS_3_47_1_RTM for changeset 6339a6f350c9NSS_3_47_BRANCHJ.C. Jones2019-11-190-0/+0
|
* Set version numbers to 3.47.1 finalNSS_3_47_1_RTMJ.C. Jones2019-11-193-6/+6
|
* Bug 1586176 - EncryptUpdate should use maxout not block size. r=franziskusCraig Disselkoen2019-11-191-1/+1
|
* Bug 1589810 - Uninitialized variable warnings from certdata.perl. r=mtMarcus Burghardt2019-10-211-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D49978
* Bug 1590495 - Crash in PK11_MakeCertFromHandle->pk11_fastCert. r=jcjMarcus Burghardt2019-11-041-2/+8
| | | | | | | Fixed controls to avoid crashes caused by slots possibly without a token in pk11_fastCert. Also, improved arguments controls in PK11_MakeCertFromHandle. Differential Revision: https://phabricator.services.mozilla.com/D51406
* Bug 1594891 - Use tc-proxy for nss tooltool; r=dustin,jcjTom Prince2019-11-112-3/+5
| | | | Differential Revision: https://phabricator.services.mozilla.com/D52469
* Bug 1594891 - Updates to run correctly on the new TC deployment r=jcjDustin J. Mitchell2019-11-087-795/+721
| | | | | | | | | * Update the Taskcluster client used in the decision task to one that understands Taskcluster rootUrls. * Update scripts that fetch content to use the TASKCLUSTER_ROOT_URL * the absence of this variale signals an "old" worker so we use an "old" URL Differential Revision: https://phabricator.services.mozilla.com/D52287
* Bug 1591275: Switch workers to use AWS Provder; r=kjacobsTom Prince2019-11-073-5/+6
| | | | Differential Revision: https://phabricator.services.mozilla.com/D51952
* Added tag NSS_3_47_RTM for changeset 7ccb4ade5577J.C. Jones2019-10-180-0/+0
|
* Set version numbers to 3.47 finalNSS_3_47_RTMJ.C. Jones2019-10-183-6/+6
|
* Added tag NSS_3_47_BETA4 for changeset d3c8638f85cdJ.C. Jones2019-10-180-0/+0
|
* Bug 1459141 - Rewrite softoken CBC pad check to be constant r=jcj,kjacobsNSS_3_47_BETA4Deian Stefan2019-10-181-36/+74
| | | | Differential Revision: https://phabricator.services.mozilla.com/D49667
* Bug 1589120 - Additional test vectors for CBC padding. r=jcjKevin Jacobs2019-10-171-0/+144
| | | | | | This patch adds more test vectors for AES-CBC and 3DES-CBC padding. Differential Revision: https://phabricator.services.mozilla.com/D49658
* Bug 1589120 - Tests for padded AES key wrap r=jcjKevin Jacobs2019-10-173-0/+417
| | | | | | This patch adds test vectors for padded AES Key Wrap. AES-CBC and 3DES-CBC ports of the same vectors will be included in a separate revision. Differential Revision: https://phabricator.services.mozilla.com/D49503
* Bug 1588244 - SSLExp_DelegateCredential to support 'rsaEncryption' ↵Kevin Jacobs2019-10-168-27/+72
| | | | | | | | end-entity certs with default scheme override r=mt If an end-entity cert has an SPKI type of 'rsaEncryption', override the DC alg to be `ssl_sig_rsa_pss_rsae_sha256`. Differential Revision: https://phabricator.services.mozilla.com/D49176
* Added tag NSS_3_47_BETA3 for changeset f10c3e0757b7J.C. Jones2019-10-160-0/+0
|
* Bug 1459141 - Backed out changeset 474d62c9d0db for PK11_Wrap/Unwrap issues r=meNSS_3_47_BETA3J.C. Jones2019-10-161-68/+33
|
* Added tag NSS_3_47_BETA2 for changeset f657d65428c6J.C. Jones2019-10-150-0/+0
|
* Bug 1465613 - Fixup clang format a=bustageNSS_3_47_BETA2J.C. Jones2019-10-151-1/+1
|
* Bug 1465613 - Created two new fields for scheduled distrust from builtins ↵Marcus Burghardt2019-10-1130-96/+1594
| | | | | | | | | and updated support commands. r=jcj,kjacobs,mt Added two new fields do scheduled distrust of CAs in nssckbi/builtins. Also, created a testlib to validate these fields with gtests. Differential Revision: https://phabricator.services.mozilla.com/D36597
* Bug 1588557 - Fix debug statement, r=jcjMartin Thomson2019-10-141-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D49177
* bug 1579060 - fix handling of issuerUniqueID and subjectUniqueID in ↵Dana Keeler2019-10-153-12/+68
| | | | | | | | | | | | | | | | | | | | | | | | | mozilla::pkix::BackCert r=jcj According to RFC 5280, the definitions of issuerUniqueID and subjectUniqueID in TBSCertificate are as follows: issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, where UniqueIdentifier is a BIT STRING. IMPLICIT tags replace the tag of the underlying type. For these fields, there is no specified class (just a tag number within the class), and the underlying type of BIT STRING is "primitive" (i.e. not constructed). Thus, the tags should be of the form CONTEXT SPECIFIC | [number in class], which comes out to 0x81 and 0x82, respectively. When originally implemented, mozilla::pkix incorrectly required that the CONSTRUCTED bit also be set for these fields. Consequently, the library would reject any certificate that actually contained these fields. Evidently such certificates are rare. Differential Revision: https://phabricator.services.mozilla.com/D49013
* Bug 1459141 - Rewrite softoken CBC pad check to be constant time. r=kjacobs,jcjDeian Stefan2019-10-141-33/+68
|
* Added tag NSS_3_47_BETA1 for changeset 93245f5733b3J.C. Jones2019-10-110-0/+0
|
* Bug 1583068 - Require NSPR version 4.23 r=jcjNSS_3_47_BETA1Kai Engert2019-10-111-1/+1
|
* Bug 1152625 - Add gyp flag for disabling ARM HW AES r=jcjKevin Jacobs2019-10-112-3/+3
| | | | | | | | Adds an option to disable ARMv8 HW AES, if `-Ddisable_arm_hw_aes=1` is passed to build.sh. Depends on D34473 Differential Revision: https://phabricator.services.mozilla.com/D44018
* Bug 1152625 - Part 2. Remove __builtin_assume to avoid crash on PGO. ↵Makoto Kato2019-10-111-165/+165
| | | | | | | | | r=kjacobs,mt `AESContext->iv` doesn't align to 16 bytes on PGO build, so we should remove __builtin_assume. Also, I guess that `expandedKey` has same problem. Differential Revision: https://phabricator.services.mozilla.com/D40607
* Bug 1152625 - Support AES HW acceleration on ARMv8. r=kjacobs,jcjMakoto Kato2019-10-116-8/+1356
| | | | Differential Revision: https://phabricator.services.mozilla.com/D34473
* Bug 1549225 - Up front Signature Scheme validation, r=uenoMartin Thomson2019-09-069-78/+303
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This patch started as an attempt to ensure that a DSA signature scheme would not be advertised if we weren't willing to negotiate versions less than TLS 1.3. Then I realized that we didn't do the same for PKCS#1 RSA. Then I realized that we were still willing to try to establish connections when we had a certificate that we couldn't use. Then I realized that ssl3_config_match_init() wasn't being run consistently. On resumption, we only ran it when we were PARANOID. That's silly because we weren't checking policies. Then I realized that we were allowing ECDSA certificates to be used when the named group in the certificate was disabled. We weren't enforcing that consistently either. However, I also discovered that the check we have wouldn't work without a tweak because in TLS 1.3 the named group is part of the signature scheme; the configured named groups are only used prior to TLS 1.3 when selecting ECDSA/ECDH certificates. So that sounds like a lot of changes but what it boils down to is more robust checking of the configuration prior to starting a connection. As a result, we should be offering fewer options that we're unwilling or unable to follow through on. A good number of tests needed tweaking as a result because we were relying on getting past the checks in those tests. No real problems were found as a result; this just moves failures that might arise from misconfiguration a little earlier in the process. Differential Revision: https://phabricator.services.mozilla.com/D45966
* Bug 1586947 - Store nickname during EC key import. r=jcjKevin Jacobs2019-10-082-15/+71
| | | | | | This patch stores the nickname (if specified) during EC key import. This was already done for all other key types. Differential Revision: https://phabricator.services.mozilla.com/D48459
* Bug 1586456 - Unnecessary conditional in pki3hack, pk11load and stanpcertdb. ↵Marcus Burghardt2019-10-083-31/+27
| | | | | | | | r=jcj Some conditionals that are always true were removed. Differential Revision: https://phabricator.services.mozilla.com/D48255
* Bug 1576307 - Fixup for fips tests, permit NULL iv as necessary. r=jcjKevin Jacobs2019-10-032-15/+3
| | | | | | ECB mode should not require an IV. Differential Revision: https://phabricator.services.mozilla.com/D47990
* Bug 1576307 - Check mechanism param and param length before casting to ↵Kevin Jacobs2019-09-302-19/+214
| | | | | | | | mechanism-specific structs. r=jcj This patch adds missing PKCS11 input parameter checks, which are needed prior to casting to mechanism-specific structs. Differential Revision: https://phabricator.services.mozilla.com/D44075
* Bug 1577953 - Support longer (up to RFC maximum) HKDF outputs r=jcjKevin Jacobs2019-10-011-7/+24
| | | | | | HKDF-Expand enforces a maximum output length much shorter than stated in the RFC. This patch aligns the implementation with the RFC by allocating more output space when necessary. Differential Revision: https://phabricator.services.mozilla.com/D45249
* Bug 1558234 - Additional EC key tests, r=jcjKevin Jacobs2019-09-305-23/+167
| | | | | | Adds additional EC key corner case testing. Differential Revision: https://phabricator.services.mozilla.com/D34388
* Bug 1508776 - Remove unneeded refcounting from SFTKSession r=mt,kjacobsJ.C. Jones2019-09-273-24/+11
| | | | | | | | | | SFTKSession objects are only ever actually destroyed at PK11 session closure, as the session is always the final holder -- and asserting refCount == 1 shows that to be true. Because of that, NSC_CloseSession can just call `sftk_DestroySession` directly and leave `sftk_FreeSession` as a no-op to be removed in the future. Differential Revision: https://phabricator.services.mozilla.com/D47010
* Bug 1494063, add -x option to tstclnt/selfserv to export keying material, r=mtDaiki Ueno2019-09-279-9/+284
| | | | | | | | | | | | Reviewers: rrelyea, mt Reviewed By: mt Subscribers: HubertKario Bug #: 1494063 Differential Revision: https://phabricator.services.mozilla.com/D29166
* Bug 1515342 - Tests for invalid DH public keys, r=jcjMartin Thomson2019-02-256-144/+289
| | | | | | | | | Summary: This prevents crashes on invalid, particularly NULL, keys for DH and ECDH. I factored out test code already landed for this. Differential Revision: https://phabricator.services.mozilla.com/D15062
* Bug 1515342 - Checks for invalid bit strings, r=jcjMartin Thomson2019-09-275-33/+63
| | | | Differential Revision: https://phabricator.services.mozilla.com/D15061
* Bug 1581024 - Fix pointer comparisons, a=bustageMartin Thomson2019-09-271-2/+3
|
* Bug 1581024 - fixup pointer wrap check to prevent it from being optimized ↵Kevin Jacobs2019-09-241-1/+2
| | | | | | out. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D47013
* Bug 1582343 - Use constant time memcmp in more places r=kjacobs,jcjDeian Stefan2019-09-262-4/+4
|
* Bug 1578238 - Validate tag size in AES_GCM. r=kjacobs,jcjMarcus Burghardt2019-09-263-49/+78
| | | | | | Validate tag size in AES_GCM. Differential Revision: https://phabricator.services.mozilla.com/D44900
* Bug 1576295 - SEED_CBC encryption check input arguments. r=kjacobs,jcj,mtMarcus Burghardt2019-09-264-7/+99
| | | | | | Ensure the arguments passed to these functions are valid. Differential Revision: https://phabricator.services.mozilla.com/D44721
* Bug 1580286, account for IV size when checking TLS 1.2 records, r=mtDaiki Ueno2019-09-234-7/+29
| | | | | | | | | | | | | | | | | Summary: This increases the limit of record expansion by 16 so that it doesn't reject maximum block padding when HMAC-SHA384 is used. To test this, tlsfuzzer is updated to the latest version (commit 80d7932ead1d8dae6e555cfd2b1c4c5beb2847df). Reviewers: mt Reviewed By: mt Bug #: 1580286 Differential Revision: https://phabricator.services.mozilla.com/D46760
* Bug 1577448 - Create additional nested S/MIME test messages for Thunderbird. ↵Kai Engert2019-09-201-22/+213
| | | | r=jcj
* Bug 1399095 - Allow nss-try to be used to test NSPR changes. r=kjacobsKai Engert2019-09-1911-2/+68
|
* Bug 1267894 - New functions for CipherSuites Ordering and gtests. ↵Marcus Burghardt2019-09-166-1/+400
| | | | | | | | r=jcj,kjacobs,mt Created two new experimental functions which permit the caller change the default order of CipherSuites used during the handshake. Differential Revision: https://phabricator.services.mozilla.com/D36588
* Bug 1581507 - Fix unportable grep expression in test scripts r=marcusburghardtChristian Weisgerber2019-09-182-2/+2
|
* Bug 1234830 - [CID 1242894][CID 1242852] unused values. r=kaie,r=kjacobsFranziskus Kiefer2019-09-181-18/+26
|
View Lorry Controller Status