summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Added tag NSS_3_51_1_RTM for changeset 81a16f9b6562NSS_3_51_BRANCHKevin Jacobs2020-04-030-0/+0
|
* Set version numbers to 3.51.1 finalNSS_3_51_1_RTMKevin Jacobs2020-04-033-6/+6
|
* Added tag NSS_3_51_1_BETA1 for changeset 581ed41d0a8dKevin Jacobs2020-04-010-0/+0
|
* Set version numbers to 3.51.1 BetaNSS_3_51_1_BETA1Kevin Jacobs2020-03-273-9/+9
|
* Bug 1617968 - Update Delegated Credentials implementation to draft-07 r=mtKevin Jacobs2020-03-1618-80/+473
| | | | | | Remove support for RSAE in delegated credentials (both in DC signatures and SPKIs), add SignatureScheme list functionality to initial DC extension. Differential Revision: https://phabricator.services.mozilla.com/D65252
* Bug 1608250 KBKDF - broken fipstest handling of KI_len r=rrelyea p=cipherboyRobert Relyea2020-03-131-19/+19
| | | | | | | | | | | | | https://phabricator.services.mozilla.com/D59412 When testing Bug 1608245, I realized that I had inadvertently broken fipstest.c's handling of KI and KI_len. This lead to it passing bogus keys (with unusually large lengths exceeding the bounds of sizeof KI) to kbkdf_Dispatch(...). This uses Bob Relyea's suggestion on how to handle this: detect the size of KI when processing the mech selection, storing KI_len there. This simplifies reading of the KI value in later code.
* Bug 1608245 KBKDF - Consistently handle NULL slot/session r=kjacobsRobert Relyea2020-03-131-6/+10
| | | | | | | | | | | | | | Patch by cipherboy, review by kjacobs. https://phabricator.services.mozilla.com/D59409 Per Bug 1607955, the KBKDF code introduced in Bug 1599603 confused Coverity with a elided NULL check on sftk_SlotFromSessionHandle(...). While Coverity is incorrect (and the behavior is fine as-is), it isn't consistent with the KBKDF code's handling of sftk_SessionFromHandle(...) (which is NULL checked). This brings these two call sites into internal consistency.
* Bug 1618915 - Fix UBSAN issue in ssl_ParseSessionTicket r=jcj,bbeurdoucheKevin Jacobs2020-03-101-1/+3
| | | | Differential Revision: https://phabricator.services.mozilla.com/D66130
* Bug 1618739 - Don't assert fuzzer behavior in SSL_ParseSessionTicket r=jcjKevin Jacobs2020-03-091-1/+4
| | | | Differential Revision: https://phabricator.services.mozilla.com/D66122
* Bug 1619056 - Update README: TLS 1.3 is not experimental anymore. r=jcjBenjamin Beurdouche2020-03-031-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D64863
* Bug 1619102 - Add workaround option to include both DTLS and TLS versions in ↵Kevin Jacobs2020-03-095-0/+65
| | | | | | | | DTLS supported_versions. r=mt Add an experimental function for enabling a DTLS 1.3 supported_versions compatibility workaround. Differential Revision: https://phabricator.services.mozilla.com/D65735
* Added tag NSS_3_51_RTM for changeset d3e6d637eaecKevin Jacobs2020-03-060-0/+0
|
* Set version numbers to 3.51 finalNSS_3_51_RTMKevin Jacobs2020-03-063-6/+6
|
* Added tag NSS_3_51_BETA2 for changeset 6e610ed9b196Kevin Jacobs2020-03-030-0/+0
|
* Backed out changeset b6677ae9067e (Bug 1612493) for Windows build failures.NSS_3_51_BETA2Kevin Jacobs2020-03-0316-1222/+1254
|
* Backed out changeset d5deac55f543Kevin Jacobs2020-03-0315-4593/+44
|
* Added tag NSS_3_51_BETA1 for changeset b17a367b83deKevin Jacobs2020-03-020-0/+0
|
* Bug 1614183 - Fixup, clang-format. r=meNSS_3_51_BETA1Kevin Jacobs2020-03-021-0/+2
|
* Bug 1614183 - Check if PPC __has_include(<sys/auxv.h>). r=kjacobsGiulio Benetti2020-03-021-0/+10
| | | | | | | | Some build environment doesn't provide <sys/auxv.h> and this causes build failure, so let's check if that header exists by using __has_include() helper. Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
* Bug 1618400 - Fix unused variable 'getauxval' on OpenBSD/arm64 r=jcjKurt Miller2020-03-021-1/+1
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=1618400
* Bug 1612493 - Support for HACL* AVX2 code for Chacha20, Poly1305 and ↵Benjamin Beurdouche2020-02-2815-44/+4593
| | | | | | | | | | | | | | | | | Chacha20Poly1305. r=kjacobs *** Bug 1612493 - Import AVX2 code from HACL* *** Bug 1612493 - Add CPU detection for AVX2, BMI1, BMI2, FMA, MOVBE *** Bug 1612493 - New flag NSS_DISABLE_AVX2 for freebl/Makefile and freebl.gyp *** Bug 1612493 - Disable use of AVX2 on GCC 4.4 which doesn’t support -mavx2 *** Bug 1612493 - Disable tests when the platform doesn't have support for AVX2 Differential Revision: https://phabricator.services.mozilla.com/D64718
* Bug 1617533 - Update of HACL* after libintvector.h and coding style changes. ↵Benjamin Beurdouche2020-02-2816-1254/+1222
| | | | | | | | | | | | | | | r=kjacobs *** Bug 1617533 - Clang format *** Bug 1617533 - Update HACL* commit for job in Taskcluster *** Bug 1617533 - Update HACL* Kremlin code Differential Revision: https://phabricator.services.mozilla.com/D63829
* Bug 1608892 - Update DTLS 1.3 to draft-34 r=mtKevin Jacobs2020-02-2720-245/+476
| | | | | | | | | | | | | This patch updates the DTLS 1.3 implementation to draft-34. Notable changes: 1) Key separation via `ssl_protocol_variant`. 2) No longer apply sequence number masking when in `UNSAFE_FUZZER_MODE`. This allowed removal of workarounds for unpadded (<16B) ciphertexts being used as input to `SSL_CreateMask`. 3) Compile ssl_gtests in `UNSAFE_FUZZER_MODE` iff `--fuzz=tls` was specified. Currently all gtests are compiled this way if `--fuzz`, but lib/ssl only if `--fuzz=tls`. (See above, we can't have ssl_gtests in fuzzer mode, but not lib/ssl, since the masking mismatch will break filters). 4) Parameterize masking tests, as appropriate. 5) Reject non-empty legacy_cookie, and test. 6) Reject ciphertexts <16B in length in `dtls13_MaskSequenceNumber` (if not `UNSAFE_FUZZER_MODE`). Differential Revision: https://phabricator.services.mozilla.com/D62488
* Bug 1617387 fix compiler warning r=jcjJean-Luc Bonnafoux2020-02-241-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D63771
* Bug 1612259 - Add Wycheproof vectors for P384 and P521 ECDH. r=bbeurdoucheKevin Jacobs2020-02-246-13/+47545
| | | | Differential Revision: https://phabricator.services.mozilla.com/D63688
* Bug 1609751 - Additional tests for mp_comba r=mtKevin Jacobs2020-02-192-0/+52
| | | | | | Verify that when clamping, the upper 4 bytes of an `mp_digit` is checked. Differential Revision: https://phabricator.services.mozilla.com/D58576
* Bug 1561337: fix compiler warning r=jcjJean-Luc Bonnafoux2020-02-191-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D62999
* Bug 1615208 - Send DTLS version numbers in DTLS 1.3 supported_versions ↵Kevin Jacobs2020-02-186-17/+90
| | | | | | | | extension r=mt This patch modifies `supported_versions` encodings to reflect DTLS versions when DTLS1.3 is use. Previously, a DTLS1.3 CH would include `[0x7f1e, 0x303, 0x302]` instead of the expected `[0x7f1e, 0xfefd, 0xfeff]`, causing compatibility issues. Differential Revision: https://phabricator.services.mozilla.com/D62963
* Bug 1612177 - Set -march=armv7 when compiling gcm-arm32-neon, in order to ↵Mikael Urankar2020-02-122-1/+2
| | | | enable NEON code generation.
* Bug 1431940 - remove dereference before NULL check in BLAKE2B code. r=kjacobsDmitry Baryshkov2020-02-142-8/+18
| | | | Differential Revision: https://phabricator.services.mozilla.com/D62676
* Bug 1614870 - Free sid->peerID before reallocating in ↵Kevin Jacobs2020-02-122-2/+36
| | | | | | | | ssl_DecodeResumptionToken. r=mt This patch adds a missing `PORT_Free()` when reallocating `sid->PeerID`, and adds a test for a non-empty PeerID. Differential Revision: https://phabricator.services.mozilla.com/D62653
* bug 1538980 - null-terminate ascii input in SECU_ReadDERFromFile so strstr ↵Dana Keeler2020-02-112-14/+24
| | | | | | is safe to call r=jcj,kjacobs Differential Revision: https://phabricator.services.mozilla.com/D61931
* Bug 1614786 - Fixup for ‘getFIPSEnv’ being unused r=kjacobsJ.C. Jones2020-02-111-1/+3
| | | | | | Fixes a regression from Bug 1582169 ../../lib/sysinit/nsssysinit.c:153:1: error: ‘getFIPSEnv’ defined but not used [-Werror=unused-function]
* Bug 1582169 - Disable reading /proc/sys/crypto/fips_enabled if FIPS is not ↵Victor Tapia2020-02-112-0/+6
| | | | | | enabled on build r=jcj,rrelyea Differential Revision: https://phabricator.services.mozilla.com/D61236
* Bug 1611209 - Value of CKM_AES_CMAC and CKM_AES_CMAC_GENERAL are swapped ↵Robert Relyea2020-02-101-2/+2
| | | | r=rrelyea
* Bug 1610687 - Crash on unaligned CMACContext.aes.keySchedule when using ↵Robert Relyea2020-02-101-6/+7
| | | | | | AES-NI intrinsics r=kjacobs https://phabricator.services.mozilla.com/D60699
* Set version numbers to 3.51 betaJ.C. Jones2020-02-054-7/+7
|
* Bug 1609673 - Conditionally compile out all libnssdbm glue if ↵J.C. Jones2020-02-055-5/+38
| | | | | | | | NSS_DISABLE_DBM is set r=mt Remove `lgglue` from compilation entirely if DBM is disabled Differential Revision: https://phabricator.services.mozilla.com/D61759
* Bug 1612623 - NSS 3.50 should depend on NSPR 4.25. r=kjacobsNSS_3_50_BETA1Kai Engert2020-02-031-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D61380
* Bug 1608151 - Introduce NSS_DISABLE_ALTIVEC and disable_altivec r=jcjGiulio Benetti2020-01-275-3/+21
| | | | | | | | At the moment NSS assumes that every PowerPC64 architecture supports Altivec but it's not true and this leads to build failure. So add NSS_DISABLE_ALTIVEC environment variable(and disable_altivec for gyp) to disable Altivec extension on PowerPC build that don't support Altivec.
* Bug 1602386 - clang-format r=bustageJ.C. Jones2020-01-271-3/+3
|
* Bug 1602386 - Fix build on FreeBSD/powerpc platforms. r=jcjPiotr Kubaj2020-01-272-2/+18
| | | | | | FreeBSD has elf_aux_info instead of getauxval, but only since FreeBSD 12. Previous versions (11 is still supported) don't have any equivalent and users need to query sysctl manually. Differential Revision: https://phabricator.services.mozilla.com/D56712
* Bug 1609181 - Detect ARM CPU features on FreeBSD. r=jcjJan Beich2020-01-271-0/+16
| | | | | Implement `getauxval` via `elf_aux_info` to avoid code duplication. `AT_HWCAP*` can be used on powerpc* and riscv64 as well.
* Bug 1547639 - Update zlib to 1.2.11, r=jcjMartin Thomson2020-01-2225-1755/+2873
| | | | Differential Revision: https://phabricator.services.mozilla.com/D58500
* Bug 1547639 - Automatic vendoring of zlib, r=jcjMartin Thomson2020-01-227-1016/+69
| | | | Differential Revision: https://phabricator.services.mozilla.com/D58499
* Bug 1606992 - Follow-up to also cache most recent PBKDF1 hash (in addition ↵Kai Engert2020-01-221-40/+114
| | | | | | to PBKDF2 hash). r=kjacobs Differential Revision: https://phabricator.services.mozilla.com/D60739
* Bug 1608493 - Use AES-NI intrinsics for CBC and ECB decrypt when no assembly ↵Kevin Jacobs2020-01-223-34/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | implementation is available. r=mt AES-NI is currently not used for //CBC// or //ECB decrypt// when an assembly implementation (`intel-aes.s` or `intel-aes-x86/64-masm.asm`) is not available. Concretely, this is the case on MacOS, Linux32, and other non-Linux OSes such as BSD. This patch adds the plumbing to use AES-NI intrinsics when available. Before: ``` mode in symmkey opreps cxreps context op time(sec) thrgput aes_ecb_d 78Mb 256 10T 0 0.000 395.000 0.395 197Mb aes_cbc_e 78Mb 256 10T 0 0.000 392.000 0.393 198Mb aes_cbc_d 78Mb 256 10T 0 0.000 425.000 0.425 183Mb ``` After: ``` mode in symmkey opreps cxreps context op time(sec) thrgput aes_ecb_d 78Mb 256 10T 0 0.000 39.000 0.039 1Gb aes_cbc_e 78Mb 256 10T 0 0.000 94.000 0.094 831Mb aes_cbc_d 78Mb 256 10T 0 0.000 74.000 0.075 1Gb ``` Differential Revision: https://phabricator.services.mozilla.com/D60195
* Bug 1604596 - Update Wycheproof vectors and add support for CBC, P256-ECDH, ↵Kevin Jacobs2020-01-1627-4120/+49551
| | | | | | | | | | | | | | | and CMAC tests r=franziskus This patch updates to the latest Wycheproof vectors and adds Wycheproof support for CBC, CMAC, and P256-ECDH: ChaCha20: +141 tests Curve25519: +431 tests GCM: +39 tests CBC (new): +183 tests CMAC (new): +308 tests P256 ECDH (new): +460 tests Differential Revision: https://phabricator.services.mozilla.com/D57477
* Bug 1606992 - Permit sftk_PBELockInit being called multiple times. r=kjacobsKai Engert2020-01-171-2/+3
| | | | Differential Revision: https://phabricator.services.mozilla.com/D60236
* Bug 1606992 - follow up to fix clang-format, whitespace only. rs=meKai Engert2020-01-171-7/+7
| | | | DONTBUILD
View Lorry Controller Status