summaryrefslogtreecommitdiff
path: root/nss-tool
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1654142 - Add CPU feature detection for Intel SHA extension. r=kjacobsMakoto Kato2020-07-311-0/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D84286
* Bug 1603628 Update NSS to handle PKCS #11 v3.0 r=daiki r=mhoyeRobert Relyea2020-02-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://phabricator.services.mozilla.com/D63241 This patch implements the first phase: updating the headers. lib/util/pkcs11.h lib/util/pkcs11f.h lib/util/pkcs11t.h Were updated using the released OASIS PKCS #11 v3.0 header files. lib/util/pkcs11n.h was updated to finally deprecate all uses of CK?_NETSCAPE_?. A new define as added: NSS_PKCS11_2_0_COMPAT. If it's defined, the small semantic changes (including the removal of deprecated defines) between the NSS PKCS #11 v2 header file and the new PKCS #11 v3 are reverted in favor of the PKCS #11 v2 definitions. This include the removal of CK?_NETSCAPE_? in favor of CK?_NSS_?. One notable change was caused by an inconsistancy between the spec and the released headers in PKCS #11 v2.40. CK_GCM_PARAMS had an extra field in the header that was not in the spec. OASIS considers the header file to be normative, so PKCS #11 v3.0 resolved the issue in favor of the header file definition. NSS had the spec definition, so now there are 2 defines for this structure: CK_NSS_GCM_PARAMS - the old nss define. Still used internally in freebl. CK_GCM_PARAMS_V3 - the new define. CK_GCM_PARAMS - no longer referenced in NSS itself. It's defined as CK_GCM_PARAMS_V3 if NSS_PKCS11_2_0_COMPAT is *not* defined, and it's defined as CKM_NSS_GCM_PARAMS if NSS_PKCS11_2_0_COMPAT is defined. Softoken has been updated to accept either CK_NSS_GCM_PARAMS or CK_GCM_PARAMS_V3. In a future patch NSS will be updated to use CK_GCM_PARAMS_V3 and fall back to CK_NSS_GMC_PARAMS. One other semantic difference between the 3.0 version of pkcs11f.h and the version here: In the oasis version of the header, you must define CK_PKCS11_2_0_ONLY to get just the PKCS #11 v2 defines. In our version you must define CK_PKCS11_3 to get the PCKS #11 v3 defines. Most of this patch is to handle changing the deprecated defines that have been removed in PCKS #11 v3 from NSS. Differential Revision: https://phabricator.services.mozilla.com/D63241
* Bug 1612493 - Support for HACL* AVX2 code for Chacha20, Poly1305 and ↵Benjamin Beurdouche2020-02-281-0/+1
| | | | | | | | | | | | | | | | | Chacha20Poly1305. r=kjacobs *** Bug 1612493 - Import AVX2 code from HACL* *** Bug 1612493 - Add CPU detection for AVX2, BMI1, BMI2, FMA, MOVBE *** Bug 1612493 - New flag NSS_DISABLE_AVX2 for freebl/Makefile and freebl.gyp *** Bug 1612493 - Disable use of AVX2 on GCC 4.4 which doesn’t support -mavx2 *** Bug 1612493 - Disable tests when the platform doesn't have support for AVX2 Differential Revision: https://phabricator.services.mozilla.com/D64718
* Bug 1574643 - NSS changes for haclv2 r=jcj,kjacobsFranziskus Kiefer2020-01-141-0/+2
| | | | | | | | | | This patch contains the changes in NSS, necessary to pick up HACL*v2 in D55413. It has a couple of TODOs: * The chacha20 saw verification fails for some reason; it's disabled pending Bug 1604130. * The hacl task on CI requires Bug 1593647 to get fixed. Depends on D55413. Differential Revision: https://phabricator.services.mozilla.com/D55414
* Backed out changeset ac51d2490f9c (Bug 1574643) for crashes on early SSE4 CPUsJ.C. Jones2019-12-201-2/+0
|
* Bug 1574643 - NSS changes for haclv2 r=jcj,kjacobsFranziskus Kiefer2019-12-181-0/+2
| | | | | | | | | | This patch contains the changes in NSS, necessary to pick up HACL*v2 in D55413. It has a couple of TODOs: * The chacha20 saw verification fails for some reason; it's disabled pending Bug 1604130. * The hacl task on CI requires Bug 1593647 to get fixed. Depends on D55413. Differential Revision: https://phabricator.services.mozilla.com/D55414
* Bug 1479787 - clang-format, r=mt,keelerFranziskus Kiefer2018-08-031-1/+1
| | | | Differential Revision: https://phabricator.services.mozilla.com/D2721
* Bug 1479787 - build mozpkix as part of NSS, r=mt,keelerFranziskus Kiefer2018-08-034-4/+4
| | | | | | Differential Revision: https://phabricator.services.mozilla.com/D2719 Differential Revision: https://phabricator.services.mozilla.com/D2720 Differential Revision: https://phabricator.services.mozilla.com/D2861
* Bug 1309068 - Enable -Wshadow, r=franziskusMartin Thomson2018-02-141-1/+0
|
* Bug 1424663 - vectorized ChaCha20 from HACL* for SSSE3 and ARM NEON, r=ttaubertFranziskus Kiefer2018-02-192-1/+75
| | | | | | | | | | | | | | Summary: This adds the vectorized ChaCha20 implementation from HACL* to NSS and replaces the old vectorized code. Note that this is not used on Android as we currently have no way of testing this for Android or use it on Android for Firefox. Reviewers: ttaubert Reviewed By: ttaubert Bug #: 1424663 Differential Revision: https://phabricator.services.mozilla.com/D467
* Bug 1371303 - Add "digest" command to NSS tool r=ttaubertStefan Gschiel2017-06-086-0/+204
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D253
* Bug 1358134 - Don't use dirent.h in DBTool to check whether a DB exists ↵Tim Taubert2017-05-231-9/+8
| | | | | | r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D326
* make clang-format 3.9 happyFranziskus Kiefer2017-04-261-4/+4
|
* Bug 1355422 - make enctool windows compatible, r=ttaubertFranziskus Kiefer2017-04-261-6/+6
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D293
* Bug 1355422 - fix DoCipher return values, r=mtFranziskus Kiefer2017-04-191-3/+3
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D287
* Bug 1355422 - NSS tool for encryption, r=ttaubertFranziskus Kiefer2017-04-109-18/+593
| | | | | | | | | | Summary: Command line tool to encrypt files with aes-gcm and chacha. Can also be used to measure performance of the cipher. Reviewers: ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D245
* Bug 1347613 - nss-tool: allow removing certs and keys from a DB, changing a ↵Stefan Gschiel2017-03-154-13/+150
| | | | | | DB password r=ttaubert Differential Revision: https://nss-review.dev.mozaws.net/D247
* Bug 1346250 - Implement --import-key for nss-tool r=ttaubertStefan Gschiel2017-03-104-35/+98
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D235
* Bug 1342351 - Implement --list-keys for nss-tool r=ttaubertStefan Gschiel2017-02-246-5/+252
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D191
* Bug 1330557 - Add basic TLS client fuzzer r=mt,franziskusTim Taubert2017-02-102-58/+2
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D145
* Bug 1330980 - Implement 'db --import-cert' for nss-tool r=ttaubertStefan Gschiel2017-02-034-20/+116
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D152
* Bug 1331867 - NSS Tool: add 'nss db --create' command r=ttaubertStefan Gschiel2017-01-242-4/+54
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D164
* Bug 1331594 - nss-tool needs to check whether given DB path exists r=ttaubertStefan Gschiel2017-01-171-0/+7
| | | | Differential Revision: https://nss-review.dev.mozaws.net/D151
* Bug 1330980 - Add <vector> to dbtool.h to unbreak GYP builds r=bustageTim Taubert2017-01-131-0/+1
|
* Bug 1330980 - Add first version of new "nss" tool r=ttaubertStefan Gschiel2017-01-138-0/+335
Differential Revision: https://nss-review.dev.mozaws.net/D84
View Lorry Controller Status