cherry-picked mozilla NSS upstream changes (to rev 82de44ead36f, which is on par with 3.18):

bug1095307, bug1073330(backout), bug1084986, bug1050069, bug942172, bug1054547, bug532081, bug1096348, bug1058870, bug1093940, bug1102985, bug1112461, bug1094492, bug112029, bug1119983, bug1120685, bug1120691, bug1113632, bug863076, bug1082973, bug1124539, bug1117617, bug1117621, bug1121273, bug753136, bug921684, bug1132818, bug1125375, bug647690, bug1055441, bug1134455, bug975010, bug950369, bug1128367, bug1129573, bug1136095, bug1117897, bug1113453, bug1061725, bug1073330, bug1111901, bug1083900, bug1136095, bug1138820, bug1096741, bug1134548, bug345725, bug950348, bug950344, bug1151037, bug991783, bug1153994
This commit is contained in:
roytam1 2018-07-11 22:42:30 +08:00
parent 98d377b37b
commit a572ea8ca3
86 changed files with 1201 additions and 1142 deletions

View File

@ -40,7 +40,7 @@
#define MIN_KEY_BITS 512
/* MAX_KEY_BITS should agree with MAX_RSA_MODULUS in freebl */
#define MAX_KEY_BITS 8192
#define DEFAULT_KEY_BITS 1024
#define DEFAULT_KEY_BITS 2048
#define GEN_BREAK(e) rv=e; break;
@ -976,7 +976,7 @@ PrintSyntax(char *progName)
FPS "\t%s -B -i batch-file\n", progName);
FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n"
"\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
"\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
"\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-Z hashAlg]\n"
"\t\t [-1 | --keyUsage [keyUsageKeyword,..]] [-2] [-3] [-4]\n"
"\t\t [-5 | --nsCertType [nsCertTypeKeyword,...]]\n"
"\t\t [-6 | --extKeyUsage [extKeyUsageKeyword,...]] [-7 emailAddrs]\n"
@ -1010,14 +1010,15 @@ PrintSyntax(char *progName)
progName);
FPS "\t\t [-P targetDBPrefix] [--source-prefix sourceDBPrefix]\n");
FPS "\t\t [-f targetPWfile] [-@ sourcePWFile]\n");
FPS "\t%s -L [-n cert-name] [--email email-address] [-X] [-r] [-a]\n",
FPS "\t%s -L [-n cert-name] [-h token-name] [--email email-address]\n",
progName);
FPS "\t\t [--dump-ext-val OID] [-d certdir] [-P dbprefix]\n");
FPS "\t\t [-X] [-r] [-a] [--dump-ext-val OID] [-d certdir] [-P dbprefix]\n");
FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n",
progName);
FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n", progName);
FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n"
"\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile] [-g key-size]\n",
"\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile]\n"
"\t\t [-g key-size] [-Z hashAlg]\n",
progName);
FPS "\t%s -V -n cert-name -u usage [-b time] [-e] [-a]\n"
"\t\t[-X] [-d certdir] [-P dbprefix]\n",
@ -1027,7 +1028,7 @@ PrintSyntax(char *progName)
FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n"
"\t\t [-k key-type-or-id] [-q key-params] [-h token-name] [-g key-size]\n"
"\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
"\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
"\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-Z hashAlg]\n"
"\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6] [-7 emailAddrs]\n"
"\t\t [-8 DNS-names]\n"
"\t\t [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA]\n"
@ -1137,6 +1138,11 @@ static void luC(enum usage_level ul, const char *command)
" -d certdir");
FPS "%-20s Cert & Key database prefix\n",
" -P dbprefix");
FPS "%-20s \n"
"%-20s Specify the hash algorithm to use. Possible keywords:\n"
"%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n"
"%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n",
" -Z hashAlg", "", "", "");
FPS "%-20s \n"
"%-20s Create key usage extension. Possible keywords:\n"
"%-20s \"digitalSignature\", \"nonRepudiation\", \"keyEncipherment\",\n"
@ -1336,6 +1342,8 @@ static void luL(enum usage_level ul, const char *command)
"-L");
if (ul == usage_selected && !is_my_command)
return;
FPS "%-20s Name of token to search (\"all\" for all tokens)\n",
" -h token-name ");
FPS "%-20s Pretty print named cert (list all if unspecified)\n",
" -n cert-name");
FPS "%-20s \n"
@ -1388,6 +1396,8 @@ static void luN(enum usage_level ul, const char *command)
" -d certdir");
FPS "%-20s Cert & Key database prefix\n",
" -P dbprefix");
FPS "%-20s Specify the password file\n",
" -f password-file");
FPS "%-20s use empty password when creating a new database\n",
" --empty-password");
FPS "\n");
@ -1473,6 +1483,11 @@ static void luR(enum usage_level ul, const char *command)
" -P dbprefix");
FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
" -p phone");
FPS "%-20s \n"
"%-20s Specify the hash algorithm to use. Possible keywords:\n"
"%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n"
"%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n",
" -Z hashAlg", "", "", "");
FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n",
" -a");
FPS "%-20s \n",
@ -1634,6 +1649,11 @@ static void luS(enum usage_level ul, const char *command)
" -P dbprefix");
FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
" -p phone");
FPS "%-20s \n"
"%-20s Specify the hash algorithm to use. Possible keywords:\n"
"%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n"
"%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n",
" -Z hashAlg", "", "", "");
FPS "%-20s Create key usage extension\n",
" -1 ");
FPS "%-20s Create basic constraint extension\n",

View File

@ -494,7 +494,6 @@ CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
CK_FLAGS opFlagsOff, secuPWData *pwdata)
{
CK_MECHANISM_TYPE mechanism;
SECOidTag algtag;
PK11RSAGenParams rsaparams;
SECKEYPQGParams * dsaparams = NULL;
void * params;
@ -529,12 +528,10 @@ CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
rsaparams.keySizeInBits = size;
rsaparams.pe = publicExponent;
mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
params = &rsaparams;
break;
case dsaKey:
mechanism = CKM_DSA_KEY_PAIR_GEN;
algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
if (pqgFile) {
dsaparams = getpqgfromfile(size, pqgFile);
if (dsaparams == NULL)

View File

@ -1169,7 +1169,7 @@ crlgen_setNextDataFn_field(CRLGENGeneratorData *crlGenData, void *str,
switch (crlGenData->contextId) {
case CRLGEN_CHANGE_RANGE_CONTEXT:
if (dtype != CRLGEN_TYPE_DIGIT || dtype != CRLGEN_TYPE_DIGIT_RANGE) {
if (dtype != CRLGEN_TYPE_DIGIT && dtype != CRLGEN_TYPE_DIGIT_RANGE) {
crlgen_PrintError(crlGenData->parsedLineNum,
"range value should have "
"numeric or numeric range values.\n");

View File

@ -2411,6 +2411,46 @@ loser:
return rv;
}
int
SECU_PrintCertificateBasicInfo(FILE *out, const SECItem *der, const char *m, int level)
{
PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
CERTCertificate *c;
int rv = SEC_ERROR_NO_MEMORY;
int iv;
if (!arena)
return rv;
/* Decode certificate */
c = PORT_ArenaZNew(arena, CERTCertificate);
if (!c)
goto loser;
c->arena = arena;
rv = SEC_ASN1DecodeItem(arena, c,
SEC_ASN1_GET(CERT_CertificateTemplate), der);
if (rv) {
SECU_Indent(out, level);
SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
SECU_PrintAny(out, der, "Raw", level);
goto loser;
}
/* Pretty print it out */
SECU_Indent(out, level); fprintf(out, "%s:\n", m);
SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1);
SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1);
SECU_PrintName(out, &c->issuer, "Issuer", level+1);
if (!SECU_GetWrapEnabled()) /*SECU_PrintName didn't add newline*/
SECU_Newline(out);
secu_PrintValidity(out, &c->validity, "Validity", level+1);
SECU_PrintName(out, &c->subject, "Subject", level+1);
if (!SECU_GetWrapEnabled()) /*SECU_PrintName didn't add newline*/
SECU_Newline(out);
loser:
PORT_FreeArena(arena, PR_FALSE);
return rv;
}
int
SECU_PrintSubjectPublicKeyInfo(FILE *out, SECItem *der, char *m, int level)
{

View File

@ -221,6 +221,9 @@ extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m,
extern int SECU_PrintCertificate(FILE *out, const SECItem *der, const char *m,
int level);
extern int SECU_PrintCertificateBasicInfo(FILE *out, const SECItem *der, const char *m,
int level);
extern int SECU_PrintDumpDerIssuerAndSerial(FILE *out, SECItem *der, char *m,
int level);

View File

@ -45,7 +45,7 @@ Usage(char *progName)
FPS "\t\t [-c key_cipher] [-C cert_cipher]\n"
"\t\t [-m | --key_len keyLen] [--cert_key_len certKeyLen] [-v]\n");
FPS "\t\t [-k slotpwfile | -K slotpw]\n"
"\t\t [-w p12filepwfile | -W p12filefilepw]\n");
"\t\t [-w p12filepwfile | -W p12filepw]\n");
exit(PK12UERR_USAGE);
}
@ -101,9 +101,6 @@ static p12uContext *
p12u_InitContext(PRBool fileImport, char *filename)
{
p12uContext *p12cxt;
PRBool fileExist;
fileExist = fileImport;
p12cxt = PORT_ZNew(p12uContext);
if(!p12cxt) {

View File

@ -87,8 +87,8 @@ EXTRA_LIBS += \
$(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
$(PKIXLIB) \
$(DBMLIB) \
$(DIST)/lib/$(LIB_PREFIX)$(SQLITE_LIB_NAME).$(LIB_SUFFIX) \
$(DIST)/lib/$(LIB_PREFIX)nssutil3.$(LIB_SUFFIX) \
$(SQLITE_LIB_DIR)/$(LIB_PREFIX)$(SQLITE_LIB_NAME).$(LIB_SUFFIX) \
$(NSSUTIL_LIB_DIR)/$(LIB_PREFIX)nssutil3.$(LIB_SUFFIX) \
$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.$(LIB_SUFFIX) \
$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.$(LIB_SUFFIX) \
$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.$(LIB_SUFFIX) \
@ -135,7 +135,7 @@ endif
# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-L$(SQLITE_LIB_DIR) \
-l$(SQLITE_LIB_NAME) \
-L$(NSSUTIL_LIB_DIR) \
-lnssutil3 \
@ -153,7 +153,7 @@ ifeq ($(OS_ARCH), WINNT)
# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
EXTRA_LIBS += \
$(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
$(DIST)/lib/$(IMPORT_LIB_PREFIX)nssutil3$(IMPORT_LIB_SUFFIX) \
$(NSSUTIL_LIB_DIR)/$(IMPORT_LIB_PREFIX)nssutil3$(IMPORT_LIB_SUFFIX) \
$(DIST)/lib/$(IMPORT_LIB_PREFIX)smime3$(IMPORT_LIB_SUFFIX) \
$(DIST)/lib/$(IMPORT_LIB_PREFIX)ssl3$(IMPORT_LIB_SUFFIX) \
$(DIST)/lib/$(IMPORT_LIB_PREFIX)nss3$(IMPORT_LIB_SUFFIX) \

View File

@ -31,8 +31,7 @@ static void Usage(char *progName)
SEC_CT_CERTIFICATE, SEC_CT_CERTIFICATE_REQUEST);
fprintf(stderr, "%-14s %s (ci), %s (p7), %s or %s (n).\n", "", SEC_CT_CERTIFICATE_ID,
SEC_CT_PKCS7, SEC_CT_CRL, SEC_CT_NAME);
fprintf(stderr, "%-14s (Use either the long type name or the shortcut.)\n", "", SEC_CT_CERTIFICATE_ID,
SEC_CT_PKCS7, SEC_CT_CRL, SEC_CT_NAME);
fprintf(stderr, "%-14s (Use either the long type name or the shortcut.)\n", "");
fprintf(stderr, "%-14s Input is in ascii encoded form (RFC1113)\n",
"-a");
fprintf(stderr, "%-14s Define an input file to use (default is stdin)\n",

View File

@ -17,6 +17,7 @@ REQUIRES = seccmd dbm
# DIRS =
CSRCS = tstclnt.c
DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\"
PROGRAM = tstclnt

View File

@ -32,6 +32,7 @@
#include "ssl.h"
#include "sslproto.h"
#include "pk11func.h"
#include "secmod.h"
#include "plgetopt.h"
#include "plstr.h"
@ -97,6 +98,7 @@ int ssl3CipherSuites[] = {
unsigned long __cmp_umuls;
PRBool verbose;
int dumpServerChain = 0;
int renegotiationsToDo = 0;
int renegotiationsDone = 0;
@ -179,7 +181,8 @@ static void PrintUsageHeader(const char *progName)
{
fprintf(stderr,
"Usage: %s -h host [-a 1st_hs_name ] [-a 2nd_hs_name ] [-p port]\n"
"[-d certdir] [-n nickname] [-Bafosvx] [-c ciphers] [-Y]\n"
"[-D | -d certdir] [-C] [-b | -R root-module] \n"
"[-n nickname] [-Bafosvx] [-c ciphers] [-Y]\n"
"[-V [min-version]:[max-version]] [-K] [-T]\n"
"[-r N] [-w passwd] [-W pwfile] [-q [-t seconds]]\n",
progName);
@ -196,6 +199,12 @@ static void PrintParameterUsage(void)
fprintf(stderr,
"%-20s Directory with cert database (default is ~/.netscape)\n",
"-d certdir");
fprintf(stderr, "%-20s Run without a cert database\n", "-D");
fprintf(stderr, "%-20s Load the default \"builtins\" root CA module\n", "-b");
fprintf(stderr, "%-20s Load the given root CA module\n", "-R");
fprintf(stderr, "%-20s Print certificate chain information\n", "-C");
fprintf(stderr, "%-20s (use -C twice to print more certificate details)\n", "");
fprintf(stderr, "%-20s (use -C three times to include PEM format certificate dumps)\n", "");
fprintf(stderr, "%-20s Nickname of key and cert for client auth\n",
"-n nickname");
fprintf(stderr,
@ -500,12 +509,114 @@ verifyFromSideChannel(CERTCertificate *cert, ServerCertAuth *sca)
EXIT_CODE_SIDECHANNELTEST_REVOKED;
}
static void
dumpCertificatePEM(CERTCertificate *cert)
{
SECItem data;
data.data = cert->derCert.data;
data.len = cert->derCert.len;
fprintf(stderr, "%s\n%s\n%s\n", NS_CERT_HEADER,
BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER);
}
static void
dumpServerCertificateChain(PRFileDesc *fd)
{
CERTCertList *peerCertChain = NULL;
CERTCertListNode *node = NULL;
CERTCertificate *peerCert = NULL;
CERTCertificateList *foundChain = NULL;
SECU_PPFunc dumpFunction = NULL;
PRBool dumpCertPEM = PR_FALSE;
if (!dumpServerChain) {
return;
}
else if (dumpServerChain == 1) {
dumpFunction = SECU_PrintCertificateBasicInfo;
} else {
dumpFunction = SECU_PrintCertificate;
if (dumpServerChain > 2) {
dumpCertPEM = PR_TRUE;
}
}
SECU_EnableWrap(PR_FALSE);
fprintf(stderr, "==== certificate(s) sent by server: ====\n");
peerCertChain = SSL_PeerCertificateChain(fd);
if (peerCertChain) {
node = CERT_LIST_HEAD(peerCertChain);
while ( ! CERT_LIST_END(node, peerCertChain) ) {
CERTCertificate *cert = node->cert;
SECU_PrintSignedContent(stderr, &cert->derCert, "Certificate", 0,
dumpFunction);
if (dumpCertPEM) {
dumpCertificatePEM(cert);
}
node = CERT_LIST_NEXT(node);
}
}
if (peerCertChain) {
peerCert = SSL_RevealCert(fd);
if (peerCert) {
foundChain = CERT_CertChainFromCert(peerCert, certificateUsageSSLServer,
PR_TRUE);
}
if (foundChain) {
int count = 0;
fprintf(stderr, "==== locally found issuer certificate(s): ====\n");
for(count = 0; count < (unsigned int)foundChain->len; count++) {
CERTCertificate *c;
PRBool wasSentByServer = PR_FALSE;
c = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(), &foundChain->certs[count]);
node = CERT_LIST_HEAD(peerCertChain);
while ( ! CERT_LIST_END(node, peerCertChain) ) {
CERTCertificate *cert = node->cert;
if (CERT_CompareCerts(cert, c)) {
wasSentByServer = PR_TRUE;
break;
}
node = CERT_LIST_NEXT(node);
}
if (!wasSentByServer) {
SECU_PrintSignedContent(stderr, &c->derCert, "Certificate", 0,
dumpFunction);
if (dumpCertPEM) {
dumpCertificatePEM(c);
}
}
CERT_DestroyCertificate(c);
}
CERT_DestroyCertificateList(foundChain);
}
if (peerCert) {
CERT_DestroyCertificate(peerCert);
}
CERT_DestroyCertList(peerCertChain);
peerCertChain = NULL;
}
fprintf(stderr, "==== end of certificate chain information ====\n");
fflush(stderr);
}
static SECStatus
ownAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
PRBool isServer)
{
ServerCertAuth * serverCertAuth = (ServerCertAuth *) arg;
if (dumpServerChain) {
dumpServerCertificateChain(fd);
}
if (!serverCertAuth->shouldPause) {
CERTCertificate *cert;
int i;
@ -828,6 +939,9 @@ int main(int argc, char **argv)
PLOptState *optstate;
PLOptStatus optstatus;
PRStatus prStatus;
PRBool openDB = PR_TRUE;
PRBool loadDefaultRootCAs = PR_FALSE;
char *rootModule = NULL;
serverCertAuth.shouldPause = PR_TRUE;
serverCertAuth.isPaused = PR_FALSE;
@ -854,7 +968,7 @@ int main(int argc, char **argv)
SSL_VersionRangeGetSupported(ssl_variant_stream, &enabledVersions);
optstate = PL_CreateOptState(argc, argv,
"46BFKM:OSTV:W:Ya:c:d:fgh:m:n:op:qr:st:uvw:xz");
"46BCDFKM:OR:STV:W:Ya:bc:d:fgh:m:n:op:qr:st:uvw:xz");
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
@ -865,6 +979,10 @@ int main(int argc, char **argv)
case 'B': bypassPKCS11 = 1; break;
case 'C': ++dumpServerChain; break;
case 'D': openDB = PR_FALSE; break;
case 'F': if (serverCertAuth.testFreshStatusFromSideChannel) {
/* parameter given twice or more */
serverCertAuth.requireDataForIntermediates = PR_TRUE;
@ -895,6 +1013,8 @@ int main(int argc, char **argv)
};
break;
case 'R': rootModule = PORT_Strdup(optstate->value); break;
case 'S': skipProtoHeader = PR_TRUE; break;
case 'T': enableCertStatus = 1; break;
@ -917,6 +1037,8 @@ int main(int argc, char **argv)
}
break;
case 'b': loadDefaultRootCAs = PR_TRUE; break;
case 'c': cipherString = PORT_Strdup(optstate->value); break;
case 'g': enableFalseStart = 1; break;
@ -972,8 +1094,10 @@ int main(int argc, char **argv)
if (optstatus == PL_OPT_BAD)
Usage(progName);
if (!host || !portno)
if (!host || !portno) {
fprintf(stderr, "%s: parameters -h and -p are mandatory\n", progName);
Usage(progName);
}
if (serverCertAuth.testFreshStatusFromSideChannel
&& serverCertAuth.shouldPause) {
@ -981,6 +1105,16 @@ int main(int argc, char **argv)
exit(1);
}
if (certDir && !openDB) {
fprintf(stderr, "%s: Cannot combine parameters -D and -d\n", progName);
exit(1);
}
if (rootModule && loadDefaultRootCAs) {
fprintf(stderr, "%s: Cannot combine parameters -b and -R\n", progName);
exit(1);
}
PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
PK11_SetPasswordFunc(SECU_GetModulePassword);
@ -1073,11 +1207,27 @@ int main(int argc, char **argv)
certDir = SECU_ConfigDirectory(certDirTmp);
PORT_Free(certDirTmp);
}
if (openDB) {
rv = NSS_Init(certDir);
if (rv != SECSuccess) {
SECU_PrintError(progName, "unable to open cert database");
return 1;
}
} else {
rv = NSS_NoDB_Init(NULL);
if (rv != SECSuccess) {
SECU_PrintError(progName, "failed to initialize NSS");
return 1;
}
}
if (loadDefaultRootCAs) {
SECMOD_AddNewModule("Builtins",
DLL_PREFIX"nssckbi."DLL_SUFFIX, 0, 0);
} else if (rootModule) {
SECMOD_AddNewModule("Builtins", rootModule, 0, 0);
}
/* set the policy bits true for all the cipher suites. */
if (useExportPolicy)

View File

@ -116,3 +116,22 @@ PROCESS_MAP_FILE = grep -v ';+' $< | grep -v ';-' | \
USE_SYSTEM_ZLIB = 1
ZLIB_LIBS = -lz
# The system sqlite library in the latest version of Mac OS X often becomes
# newer than the sqlite library in NSS. This may result in certain Mac OS X
# system libraries having unresolved sqlite symbols during the shlibsign step
# of the NSS build when we set DYLD_LIBRARY_PATH to the NSS lib directory and
# the NSS libsqlite3.dylib is used instead of the system one. So just use the
# system sqlite library on Mac, if it's sufficiently new.
SYS_SQLITE3_VERSION_FULL := $(shell /usr/bin/sqlite3 -version | awk '{print $$1}')
SYS_SQLITE3_VERSION_MAJOR := $(shell echo $(SYS_SQLITE3_VERSION_FULL) | awk -F. '{ print $$1 }')
SYS_SQLITE3_VERSION_MINOR := $(shell echo $(SYS_SQLITE3_VERSION_FULL) | awk -F. '{ print $$2 }')
ifeq (3,$(SYS_SQLITE3_VERSION_MAJOR))
ifeq (,$(filter-out 0 1 2 3 4,$(SYS_SQLITE3_VERSION_MINOR)))
# sqlite <= 3.4.x is too old, it doesn't provide sqlite3_file_control
else
NSS_USE_SYSTEM_SQLITE = 1
endif
endif

View File

@ -11,8 +11,7 @@
AS = $(CC)
ASFLAGS += $(CFLAGS)
CCF = $(CC) $(CFLAGS)
LINK_DLL = $(LINK) $(OS_DLLFLAGS) $(DLLFLAGS)
LINK_EXE = $(LINK) $(OS_LFLAGS) $(LFLAGS)
LINK_DLL = $(LINK) $(OS_DLLFLAGS) $(DLLFLAGS) $(XLDFLAGS)
CFLAGS = $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
$(XCFLAGS)
PERL = perl

View File

@ -67,6 +67,10 @@ ifndef SOFTOKEN_LIB_DIR
SOFTOKEN_LIB_DIR = $(DIST)/lib
endif
ifndef SQLITE_LIB_DIR
SQLITE_LIB_DIR = $(DIST)/lib
endif
ifndef SQLITE_LIB_NAME
SQLITE_LIB_NAME = sqlite3
endif

View File

@ -241,7 +241,7 @@ alltags:
$(PROGRAM): $(OBJS) $(EXTRA_LIBS)
@$(MAKE_OBJDIR)
ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
$(MKPROG) $(subst /,\\,$(OBJS)) -Fe$@ -link $(LDFLAGS) $(subst /,\\,$(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS))
$(MKPROG) $(subst /,\\,$(OBJS)) -Fe$@ -link $(LDFLAGS) $(XLDFLAGS) $(subst /,\\,$(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS))
ifdef MT
if test -f $@.manifest; then \
$(MT) -NOLOGO -MANIFEST $@.manifest -OUTPUTRESOURCE:$@\;1; \
@ -332,7 +332,7 @@ $(OBJDIR)/$(PROG_PREFIX)%$(PROG_SUFFIX): $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX)
@$(MAKE_OBJDIR)
ifeq (,$(filter-out _WIN%,$(NS_USE_GCC)_$(OS_TARGET)))
$(MKPROG) $< -Fe$@ -link \
$(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
$(LDFLAGS) $(XLDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)
ifdef MT
if test -f $@.manifest; then \
$(MT) -NOLOGO -MANIFEST $@.manifest -OUTPUTRESOURCE:$@\;1; \

View File

@ -39,19 +39,6 @@ version.xml:
.PHONY : $(HTMLPAGES)
.PHONY : $(TXTPAGES)
#------------------------------------------
# Package a tar ball for building in fedora
# Include the makefile and .xml files only
# man pages will be created at build time
#------------------------------------------
tarball:
rm -rf $(name); \
mkdir -p $(name)/nroff; \
cp Makefile $(name); \
cp *.xml $(name); \
tar cvjf $(name)-$(date).tar.bz2 $(name)
#--------------------------------------------------------
# manpages
#--------------------------------------------------------

View File

@ -247,7 +247,7 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their
<varlistentry>
<term>-g keysize</term>
<listitem><para>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 1024 bits. Any size between the minimum and maximum is allowed.</para></listitem>
<listitem><para>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 2048 bits. Any size between the minimum and maximum is allowed.</para></listitem>
</varlistentry>
@ -459,6 +459,23 @@ of the attribute codes:
<listitem><para>Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.</para></listitem>
</varlistentry>
<varlistentry>
<term>-Z hashAlg</term>
<listitem>
<para>Specify the hash algorithm to use with the -C, -S or -R command options. Possible keywords:</para>
<itemizedlist>
<listitem><para>MD2</para></listitem>
<listitem><para>MD4</para></listitem>
<listitem><para>MD5</para></listitem>
<listitem><para>SHA1</para></listitem>
<listitem><para>SHA224</para></listitem>
<listitem><para>SHA256</para></listitem>
<listitem><para>SHA384</para></listitem>
<listitem><para>SHA512</para></listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>-0 SSO_password</term>
<listitem><para>Set a site security officer password on a token.</para></listitem>

View File

@ -1,4 +1,4 @@
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>CERTUTIL</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="CERTUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">CERTUTIL</th></tr></table><hr></div><div class="refentry"><a name="certutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>certutil — Manage keys and certificate in both NSS databases and other NSS tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">certutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm226659332128"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>CERTUTIL</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="CERTUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">CERTUTIL</th></tr></table><hr></div><div class="refentry"><a name="certutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>certutil — Manage keys and certificate in both NSS databases and other NSS tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">certutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm139713586320592"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
</p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The Certificate Database Tool, <span class="command"><strong>certutil</strong></span>, is a command-line utility that can create and modify certificate and key databases. It can specifically list, generate, modify, or delete certificates, create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key database.</p><p>Certificate issuance, part of the key and certificate management process, requires that keys and certificates be created in the key database. This document discusses certificate and key database management. For information on the security module database management, see the <span class="command"><strong>modutil</strong></span> manpage.</p></div><div class="refsection"><a name="options"></a><h2>Command Options and Arguments</h2><p>Running <span class="command"><strong>certutil</strong></span> always requires one and only one command option to specify the type of certificate operation. Each command option may take zero or more arguments. The command option <code class="option">-H</code> will list all the command options and their relevant arguments.</p><p><span class="command"><strong>Command Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-A </span></dt><dd><p>Add an existing certificate to a certificate database. The certificate database should already exist; if one is not present, this command option will initialize one by default.</p></dd><dt><span class="term">-B</span></dt><dd><p>Run a series of commands from the specified batch file. This requires the <code class="option">-i</code> argument.</p></dd><dt><span class="term">-C </span></dt><dd><p>Create a new binary certificate file from a binary certificate request file. Use the <code class="option">-i</code> argument to specify the certificate request file. If this argument is not used, <span class="command"><strong>certutil</strong></span> prompts for a filename. </p></dd><dt><span class="term">-D </span></dt><dd><p>Delete a certificate from the certificate database.</p></dd><dt><span class="term">-E </span></dt><dd><p>Add an email certificate to the certificate database.</p></dd><dt><span class="term">-F</span></dt><dd><p>Delete a private key from a key database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the
<code class="option">-d</code> argument. Use the <code class="option">-k</code> argument to specify explicitly whether to delete a DSA, RSA, or ECC key. If you don't use the <code class="option">-k</code> argument, the option looks for an RSA key matching the specified nickname.
</p><p>
@ -14,7 +14,7 @@ If this option is not used, the validity check defaults to the current system ti
Add one or multiple extensions that certutil cannot encode yet, by loading their encodings from external files.
</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>OID (example): 1.2.3.4</p></li><li class="listitem"><p>critical-flag: critical or not-critical</p></li><li class="listitem"><p>filename: full path to a file containing an encoded extension</p></li></ul></div></dd><dt><span class="term">-f password-file</span></dt><dd><p>Specify a file that will automatically supply the password to include in a certificate
or to access a certificate database. This is a plain-text file containing one password. Be sure to prevent
unauthorized access to this file.</p></dd><dt><span class="term">-g keysize</span></dt><dd><p>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 1024 bits. Any size between the minimum and maximum is allowed.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</p></dd><dt><span class="term">-i input_file</span></dt><dd><p>Pass an input file to the command. Depending on the command option, an input file can be a specific certificate, a certificate request file, or a batch file of commands.</p></dd><dt><span class="term">-k key-type-or-id</span></dt><dd><p>Specify the type or specific ID of a key.</p><p>
unauthorized access to this file.</p></dd><dt><span class="term">-g keysize</span></dt><dd><p>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 2048 bits. Any size between the minimum and maximum is allowed.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</p></dd><dt><span class="term">-i input_file</span></dt><dd><p>Pass an input file to the command. Depending on the command option, an input file can be a specific certificate, a certificate request file, or a batch file of commands.</p></dd><dt><span class="term">-k key-type-or-id</span></dt><dd><p>Specify the type or specific ID of a key.</p><p>
The valid key type options are rsa, dsa, ec, or all. The default
value is rsa. Specifying the type of key can avoid mistakes caused by
duplicate nicknames. Giving a key type generates a new key pair;
@ -61,7 +61,7 @@ of the attribute codes:
the certificate or adding it to a database. Express the offset in integers,
using a minus sign (-) to indicate a negative offset. If this argument is
not used, the validity period begins at the current system time. The length
of the validity period is set with the -v argument. </p></dd><dt><span class="term">-X </span></dt><dd><p>Force the key and certificate database to open in read-write mode. This is used with the <code class="option">-U</code> and <code class="option">-L</code> command options.</p></dd><dt><span class="term">-x </span></dt><dd><p>Use <span class="command"><strong>certutil</strong></span> to generate the signature for a certificate being created or added to a database, rather than obtaining a signature from a separate CA.</p></dd><dt><span class="term">-y exp</span></dt><dd><p>Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.</p></dd><dt><span class="term">-z noise-file</span></dt><dd><p>Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.</p></dd><dt><span class="term">-0 SSO_password</span></dt><dd><p>Set a site security officer password on a token.</p></dd><dt><span class="term">-1 | --keyUsage keyword,keyword</span></dt><dd><p>Set an X.509 V3 Certificate Type Extension in the certificate. There are several available keywords:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>
of the validity period is set with the -v argument. </p></dd><dt><span class="term">-X </span></dt><dd><p>Force the key and certificate database to open in read-write mode. This is used with the <code class="option">-U</code> and <code class="option">-L</code> command options.</p></dd><dt><span class="term">-x </span></dt><dd><p>Use <span class="command"><strong>certutil</strong></span> to generate the signature for a certificate being created or added to a database, rather than obtaining a signature from a separate CA.</p></dd><dt><span class="term">-y exp</span></dt><dd><p>Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.</p></dd><dt><span class="term">-z noise-file</span></dt><dd><p>Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.</p></dd><dt><span class="term">-Z hashAlg</span></dt><dd><p>Specify the hash algorithm to use with the -C, -S or -R command options. Possible keywords:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>MD2</p></li><li class="listitem"><p>MD4</p></li><li class="listitem"><p>MD5</p></li><li class="listitem"><p>SHA1</p></li><li class="listitem"><p>SHA224</p></li><li class="listitem"><p>SHA256</p></li><li class="listitem"><p>SHA384</p></li><li class="listitem"><p>SHA512</p></li></ul></div></dd><dt><span class="term">-0 SSO_password</span></dt><dd><p>Set a site security officer password on a token.</p></dd><dt><span class="term">-1 | --keyUsage keyword,keyword</span></dt><dd><p>Set an X.509 V3 Certificate Type Extension in the certificate. There are several available keywords:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>
digitalSignature
</p></li><li class="listitem"><p>
nonRepudiation

View File

@ -2,12 +2,12 @@
.\" Title: CERTUTIL
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 29 July 2014
.\" Date: 23 February 2015
.\" Manual: NSS Security Tools
.\" Source: nss-tools
.\" Language: English
.\"
.TH "CERTUTIL" "1" "29 July 2014" "nss-tools" "NSS Security Tools"
.TH "CERTUTIL" "1" "23 February 2015" "nss-tools" "NSS Security Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@ -310,7 +310,7 @@ Specify a file that will automatically supply the password to include in a certi
.PP
\-g keysize
.RS 4
Set a key size to use when generating new public and private key pairs\&. The minimum is 512 bits and the maximum is 16384 bits\&. The default is 1024 bits\&. Any size between the minimum and maximum is allowed\&.
Set a key size to use when generating new public and private key pairs\&. The minimum is 512 bits and the maximum is 16384 bits\&. The default is 2048 bits\&. Any size between the minimum and maximum is allowed\&.
.RE
.PP
\-h tokenname
@ -619,6 +619,99 @@ Set an alternate exponent value to use in generating a new RSA public key for th
Read a seed value from the specified file to generate a new private and public key pair\&. This argument makes it possible to use hardware\-generated seed values or manually create a value from the keyboard\&. The minimum file size is 20 bytes\&.
.RE
.PP
\-Z hashAlg
.RS 4
Specify the hash algorithm to use with the \-C, \-S or \-R command options\&. Possible keywords:
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
MD2
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
MD4
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
MD5
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
SHA1
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
SHA224
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
SHA256
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
SHA384
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
SHA512
.RE
.RE
.PP
\-0 SSO_password
.RS 4
Set a site security officer password on a token\&.

View File

@ -929,15 +929,9 @@ extern SECStatus CERT_FindNSCertTypeExtension
extern char * CERT_FindNSStringExtension (CERTCertificate *cert, int oidtag);
extern SECStatus CERT_FindIssuerCertExtension
(CERTCertificate *cert, int tag, SECItem *value);
extern SECStatus CERT_FindCertExtensionByOID
(CERTCertificate *cert, SECItem *oid, SECItem *value);
extern char *CERT_FindCertURLExtension (CERTCertificate *cert, int tag,
int catag);
/* Returns the decoded value of the authKeyID extension.
** Note that this uses passed in the arena to allocate storage for the result
*/
@ -1178,6 +1172,20 @@ CERT_GetNextGeneralName(CERTGeneralName *current);
extern CERTGeneralName *
CERT_GetPrevGeneralName(CERTGeneralName *current);
/*
* Look up name constraints for some certs that do not include name constraints
* (Most importantly, root certificates)
*
* If a matching subject is found, |extensions| will be populated with a copy of the
* DER-encoded name constraints extension. The data in |extensions| will point to
* memory that the caller owns.
*
* There is no mechanism to configure imposed name constraints right now. All
* imposed name constraints are built into NSS.
*/
SECStatus
CERT_GetImposedNameConstraints(const SECItem *derSubject, SECItem *extensions);
CERTNameConstraint *
CERT_GetNextNameConstraint(CERTNameConstraint *current);
@ -1549,6 +1557,9 @@ CERT_CheckNameSpace(PLArenaPool *arena,
/*
* Extract and allocate the name constraints extension from the CA cert.
* If the certificate contains no name constraints extension, but
* CERT_GetImposedNameConstraints returns a name constraints extension
* for the subject of the certificate, then that extension will be returned.
*/
extern SECStatus
CERT_FindNameConstraintsExten(PLArenaPool *arena,

View File

@ -1051,6 +1051,11 @@ SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
PRTime notBefore, notAfter, llPendingSlop, tmp1;
SECStatus rv;
if (!crl) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return(secCertTimeUndetermined);
}
rv = SEC_GetCrlTimes(crl, &notBefore, &notAfter);
if (rv) {
@ -1063,6 +1068,7 @@ SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
LL_MUL(llPendingSlop, llPendingSlop, tmp1);
LL_SUB(notBefore, notBefore, llPendingSlop);
if ( LL_CMP( t, <, notBefore ) ) {
PORT_SetError(SEC_ERROR_CRL_EXPIRED);
return(secCertTimeNotValidYet);
}
@ -1074,6 +1080,7 @@ SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
}
if ( LL_CMP( t, >, notAfter) ) {
PORT_SetError(SEC_ERROR_CRL_EXPIRED);
return(secCertTimeExpired);
}
@ -1425,7 +1432,6 @@ cert_VerifySubjectAltName(const CERTCertificate *cert, const char *hn)
CERTGeneralName * current;
char * cn;
int cnBufLen;
unsigned int hnLen;
int DNSextCount = 0;
int IPextCount = 0;
PRBool isIPaddr = PR_FALSE;
@ -1435,7 +1441,6 @@ cert_VerifySubjectAltName(const CERTCertificate *cert, const char *hn)
char cnbuf[128];
subAltName.data = NULL;
hnLen = strlen(hn);
cn = cnbuf;
cnBufLen = sizeof cnbuf;
@ -2371,6 +2376,7 @@ CERT_DecodeTrustString(CERTCertTrust *trust, const char *trusts)
}
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
}

View File

@ -75,6 +75,21 @@ SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
PRBool
SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old);
/*
** Extract the validity times from a CRL
** "crl" is the CRL
** "notBefore" is the start of the validity period (last update)
** "notAfter" is the end of the validity period (next update)
*/
SECStatus
SEC_GetCrlTimes(CERTCrl *crl, PRTime *notBefore, PRTime *notAfter);
/*
** Check the validity times of a crl vs. time 't', allowing
** some slop for broken clocks and stuff.
** "crl" is the certificate to be checked
** "t" is the time to check against
*/
SECCertTimeValidity
SEC_CheckCrlTimes(CERTCrl *crl, PRTime t);

View File

@ -116,11 +116,16 @@ struct CRLDPCacheStr {
#else
PRLock* lock;
#endif
CERTCertificate* issuer; /* issuer cert
SECItem *issuerDERCert; /* issuer DER cert. Don't hold a reference
to the actual cert so the trust can be
updated on the cert automatically.
XXX there may be multiple issuer certs,
with different validity dates. Also
need to deal with SKID/AKID . See
bugzilla 217387, 233118 */
CERTCertDBHandle *dbHandle;
SECItem* subject; /* DER of issuer subject */
SECItem* distributionPoint; /* DER of distribution point. This may be
NULL when distribution points aren't
@ -165,15 +170,6 @@ struct CRLDPCacheStr {
struct CRLIssuerCacheStr {
SECItem* subject; /* DER of issuer subject */
CRLDPCache* dpp;
#if 0
/* XCRL for future use.
We don't need to lock at the moment because we only have one DP,
which gets created at the same time as this object */
NSSRWLock* lock;
CRLDPCache** dps;
PLHashTable* distributionpoints;
CERTCertificate* issuer;
#endif
};
/* CRL revocation cache object

View File

@ -186,7 +186,7 @@ struct CERTSubjectListStr {
struct CERTCertificateStr {
/* the arena is used to allocate any data structures that have the same
* lifetime as the cert. This is all stuff that hangs off of the cert
* structure, and is all freed at the same time. I is used when the
* structure, and is all freed at the same time. It is used when the
* cert is decoded, destroyed, and at some times when it changes
* state
*/
@ -1177,7 +1177,7 @@ typedef struct {
/*
* How many preferred methods are specified?
* This is equivalent to the size of the array that
* preferred_revocation_methods points to.
* preferred_methods points to.
* It's allowed to set this value to zero,
* then NSS will decide which methods to prefer.
*/
@ -1186,7 +1186,7 @@ typedef struct {
/* Array that may specify an optional order of preferred methods.
* Each array entry shall contain a method identifier as defined
* by CERTRevocationMethodIndex.
* The entry at index [0] specifies the method with highest preferrence.
* The entry at index [0] specifies the method with highest preference.
* These methods will be tested first for locally available information.
* Methods allowed for downloading will be attempted in the same order.
*/

View File

@ -43,142 +43,6 @@ CERT_StartCertExtensions(CERTCertificate *cert)
return (cert_StartExtensions ((void *)cert, cert->arena, SetExts));
}
/* find the given extension in the certificate of the Issuer of 'cert' */
SECStatus
CERT_FindIssuerCertExtension(CERTCertificate *cert, int tag, SECItem *value)
{
CERTCertificate *issuercert;
SECStatus rv;
issuercert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
if ( issuercert ) {
rv = cert_FindExtension(issuercert->extensions, tag, value);
CERT_DestroyCertificate(issuercert);
} else {
rv = SECFailure;
}
return(rv);
}
/* find a URL extension in the cert or its CA
* apply the base URL string if it exists
*/
char *
CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag)
{
SECStatus rv;
SECItem urlitem = {siBuffer,0};
SECItem baseitem = {siBuffer,0};
SECItem urlstringitem = {siBuffer,0};
SECItem basestringitem = {siBuffer,0};
PLArenaPool *arena = NULL;
PRBool hasbase;
char *urlstring;
char *str;
int len;
unsigned int i;
urlstring = NULL;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if ( ! arena ) {
goto loser;
}
hasbase = PR_FALSE;
rv = cert_FindExtension(cert->extensions, tag, &urlitem);
if ( rv == SECSuccess ) {
rv = cert_FindExtension(cert->extensions, SEC_OID_NS_CERT_EXT_BASE_URL,
&baseitem);
if ( rv == SECSuccess ) {
hasbase = PR_TRUE;
}
} else if ( catag ) {
/* if the cert doesn't have the extensions, see if the issuer does */
rv = CERT_FindIssuerCertExtension(cert, catag, &urlitem);
if ( rv != SECSuccess ) {
goto loser;
}
rv = CERT_FindIssuerCertExtension(cert, SEC_OID_NS_CERT_EXT_BASE_URL,
&baseitem);
if ( rv == SECSuccess ) {
hasbase = PR_TRUE;
}
} else {
goto loser;
}
rv = SEC_QuickDERDecodeItem(arena, &urlstringitem,
SEC_ASN1_GET(SEC_IA5StringTemplate), &urlitem);
if ( rv != SECSuccess ) {
goto loser;
}
if ( hasbase ) {
rv = SEC_QuickDERDecodeItem(arena, &basestringitem,
SEC_ASN1_GET(SEC_IA5StringTemplate),
&baseitem);
if ( rv != SECSuccess ) {
goto loser;
}
}
len = urlstringitem.len + ( hasbase ? basestringitem.len : 0 ) + 1;
str = urlstring = (char *)PORT_Alloc(len);
if ( urlstring == NULL ) {
goto loser;
}
/* copy the URL base first */
if ( hasbase ) {
/* if the urlstring has a : in it, then we assume it is an absolute
* URL, and will not get the base string pre-pended
*/
for ( i = 0; i < urlstringitem.len; i++ ) {
if ( urlstringitem.data[i] == ':' ) {
goto nobase;
}
}
PORT_Memcpy(str, basestringitem.data, basestringitem.len);
str += basestringitem.len;
}
nobase:
/* copy the rest (or all) of the URL */
PORT_Memcpy(str, urlstringitem.data, urlstringitem.len);
str += urlstringitem.len;
*str = '\0';
goto done;
loser:
if ( urlstring ) {
PORT_Free(urlstring);
}
urlstring = NULL;
done:
if ( arena ) {
PORT_FreeArena(arena, PR_FALSE);
}
if ( baseitem.data ) {
PORT_Free(baseitem.data);
}
if ( urlitem.data ) {
PORT_Free(urlitem.data);
}
return(urlstring);
}
/*
* get the value of the Netscape Certificate Type Extension
*/

View File

@ -1123,9 +1123,9 @@ static SECStatus DPCache_Destroy(CRLDPCache* cache)
PORT_Free(cache->crls);
}
/* destroy the cert */
if (cache->issuer)
if (cache->issuerDERCert)
{
CERT_DestroyCertificate(cache->issuer);
SECITEM_FreeItem(cache->issuerDERCert, PR_TRUE);
}
/* free the subject */
if (cache->subject)
@ -1571,14 +1571,20 @@ static SECStatus CachedCrl_Verify(CRLDPCache* cache, CachedCrl* crlobject,
else
{
SECStatus signstatus = SECFailure;
if (cache->issuer)
if (cache->issuerDERCert)
{
signstatus = CERT_VerifyCRL(crlobject->crl, cache->issuer, vfdate,
CERTCertificate *issuer = CERT_NewTempCertificate(cache->dbHandle,
cache->issuerDERCert, NULL, PR_FALSE, PR_TRUE);
if (issuer) {
signstatus = CERT_VerifyCRL(crlobject->crl, issuer, vfdate,
wincx);
CERT_DestroyCertificate(issuer);
}
}
if (SECSuccess != signstatus)
{
if (!cache->issuer)
if (!cache->issuerDERCert)
{
/* we tried to verify without an issuer cert . This is
because this CRL came through a call to SEC_FindCrlByName.
@ -1925,15 +1931,16 @@ static SECStatus DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate*
}
/* add issuer certificate if it was previously unavailable */
if (issuer && (NULL == cache->issuer) &&
if (issuer && (NULL == cache->issuerDERCert) &&
(SECSuccess == CERT_CheckCertUsage(issuer, KU_CRL_SIGN)))
{
/* if we didn't have a valid issuer cert yet, but we do now. add it */
DPCache_LockWrite();
if (!cache->issuer)
if (!cache->issuerDERCert)
{
dirty = PR_TRUE;
cache->issuer = CERT_DupCertificate(issuer);
cache->dbHandle = issuer->dbhandle;
cache->issuerDERCert = SECITEM_DupItem(&issuer->derCert);
}
DPCache_UnlockWrite();
}
@ -1944,7 +1951,7 @@ static SECStatus DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate*
SEC_FindCrlByName, or through manual insertion, rather than through a
certificate verification (CERT_CheckCRL) */
if (cache->issuer && vfdate )
if (cache->issuerDERCert && vfdate )
{
mustunlock = PR_FALSE;
/* re-process all unverified CRLs */
@ -2201,7 +2208,8 @@ static SECStatus DPCache_Create(CRLDPCache** returned, CERTCertificate* issuer,
}
if (issuer)
{
cache->issuer = CERT_DupCertificate(issuer);
cache->dbHandle = issuer->dbhandle;
cache->issuerDERCert = SECITEM_DupItem(&issuer->derCert);
}
cache->distributionPoint = SECITEM_DupItem(dp);
cache->subject = SECITEM_DupItem(subject);

View File

@ -1556,76 +1556,98 @@ done:
return rv;
}
/* Add name constraints to certain certs that do not include name constraints
* This is the core of the implementation for bug 952572.
/*
* Here we define a list of name constraints to be imposed on
* certain certificates, most importantly root certificates.
*
* Each entry in the name constraints list is constructed with this
* macro. An entry contains two SECItems, which have names in
* specific forms to make the macro work:
*
* * ${CA}_SUBJECT_DN - The subject DN for which the constraints
* should be applied
* * ${CA}_NAME_CONSTRAINTS - The name constraints extension
*
* Entities subject to name constraints are identified by subject name
* so that we can cover all certificates for that entity, including, e.g.,
* cross-certificates. We use subject rather than public key because
* calling methods often have easy access to that field (vs., say, a key ID),
* and in practice, subject names and public keys are usually in one-to-one
* correspondence anyway.
*
*/
static SECStatus
getNameExtensionsBuiltIn(CERTCertificate *cert,
#define STRING_TO_SECITEM(str) \
{ siBuffer, (unsigned char*) str, sizeof(str) - 1 }
#define NAME_CONSTRAINTS_ENTRY(CA) \
{ \
STRING_TO_SECITEM(CA ## _SUBJECT_DN), \
STRING_TO_SECITEM(CA ## _NAME_CONSTRAINTS) \
}
/* Agence Nationale de la Securite des Systemes d'Information (ANSSI) */
#define ANSSI_SUBJECT_DN \
"\x30\x81\x85" \
"\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02" "FR" /* C */ \
"\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x13\x06" "France" /* ST */ \
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05" "Paris" /* L */ \
"\x31\x10\x30\x0E\x06\x03\x55\x04\x0A\x13\x07" "PM/SGDN" /* O */ \
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13\x05" "DCSSI" /* OU */ \
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x03\x13\x05" "IGC/A" /* CN */ \
"\x31\x23\x30\x21\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01" \
"\x16\x14" "igca@sgdn.pm.gouv.fr" /* emailAddress */ \
#define ANSSI_NAME_CONSTRAINTS \
"\x30\x5D\xA0\x5B" \
"\x30\x05\x82\x03" ".fr" \
"\x30\x05\x82\x03" ".gp" \
"\x30\x05\x82\x03" ".gf" \
"\x30\x05\x82\x03" ".mq" \
"\x30\x05\x82\x03" ".re" \
"\x30\x05\x82\x03" ".yt" \
"\x30\x05\x82\x03" ".pm" \
"\x30\x05\x82\x03" ".bl" \
"\x30\x05\x82\x03" ".mf" \
"\x30\x05\x82\x03" ".wf" \
"\x30\x05\x82\x03" ".pf" \
"\x30\x05\x82\x03" ".nc" \
"\x30\x05\x82\x03" ".tf" \
static const SECItem builtInNameConstraints[][2] = {
NAME_CONSTRAINTS_ENTRY(ANSSI)
};
SECStatus
CERT_GetImposedNameConstraints(const SECItem *derSubject,
SECItem *extensions)
{
const char constraintFranceGov[] = "\x30\x5D" /* sequence len = 93*/
"\xA0\x5B" /* element len =91 */
"\x30\x05" /* sequence len 5 */
"\x82\x03" /* entry len 3 */
".fr"
"\x30\x05\x82\x03" /* sequence len5, entry len 3 */
".gp"
"\x30\x05\x82\x03"
".gf"
"\x30\x05\x82\x03"
".mq"
"\x30\x05\x82\x03"
".re"
"\x30\x05\x82\x03"
".yt"
"\x30\x05\x82\x03"
".pm"
"\x30\x05\x82\x03"
".bl"
"\x30\x05\x82\x03"
".mf"
"\x30\x05\x82\x03"
".wf"
"\x30\x05\x82\x03"
".pf"
"\x30\x05\x82\x03"
".nc"
"\x30\x05\x82\x03"
".tf";
size_t i;
/* The stringified value for the subject is:
E=igca@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR
*/
const char rawANSSISubject[] = "\x30\x81\x85\x31\x0B\x30\x09\x06\x03\x55\x04"
"\x06\x13\x02\x46\x52\x31\x0F\x30\x0D\x06\x03"
"\x55\x04\x08\x13\x06\x46\x72\x61\x6E\x63\x65"
"\x31\x0E\x30\x0C\x06\x03\x55\x04\x07\x13\x05"
"\x50\x61\x72\x69\x73\x31\x10\x30\x0E\x06\x03"
"\x55\x04\x0A\x13\x07\x50\x4D\x2F\x53\x47\x44"
"\x4E\x31\x0E\x30\x0C\x06\x03\x55\x04\x0B\x13"
"\x05\x44\x43\x53\x53\x49\x31\x0E\x30\x0C\x06"
"\x03\x55\x04\x03\x13\x05\x49\x47\x43\x2F\x41"
"\x31\x23\x30\x21\x06\x09\x2A\x86\x48\x86\xF7"
"\x0D\x01\x09\x01\x16\x14\x69\x67\x63\x61\x40"
"\x73\x67\x64\x6E\x2E\x70\x6D\x2E\x67\x6F\x75"
"\x76\x2E\x66\x72";
const SECItem anssi_subject = {0, (unsigned char *) rawANSSISubject,
sizeof(rawANSSISubject)-1};
const SECItem permitFranceGovNC = {0, (unsigned char *) constraintFranceGov,
sizeof(constraintFranceGov)-1};
if (SECITEM_ItemsAreEqual(&cert->derSubject, &anssi_subject)) {
SECStatus rv;
rv = SECITEM_CopyItem(NULL, extensions, &permitFranceGovNC);
return rv;
if (!extensions) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
for (i = 0; i < PR_ARRAY_SIZE(builtInNameConstraints); ++i) {
if (SECITEM_ItemsAreEqual(derSubject, &builtInNameConstraints[i][0])) {
return SECITEM_CopyItem(NULL,
extensions,
&builtInNameConstraints[i][1]);
}
}
PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
return SECFailure;
}
/* Extract the name constraints extension from the CA cert. */
/*
* Extract the name constraints extension from the CA cert.
* If the certificate contains no name constraints extension, but
* CERT_GetImposedNameConstraints returns a name constraints extension
* for the subject of the certificate, then that extension will be returned.
*/
SECStatus
CERT_FindNameConstraintsExten(PLArenaPool *arena,
CERTCertificate *cert,
@ -1643,7 +1665,8 @@ CERT_FindNameConstraintsExten(PLArenaPool *arena,
if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
return rv;
}
rv = getNameExtensionsBuiltIn(cert, &constraintsExtension);
rv = CERT_GetImposedNameConstraints(&cert->derSubject,
&constraintsExtension);
if (rv != SECSuccess) {
if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) {
return SECSuccess;

View File

@ -45,8 +45,8 @@
* of the comment in the CK_VERSION type definition.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 1
#define NSS_BUILTINS_LIBRARY_VERSION "2.1"
#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 4
#define NSS_BUILTINS_LIBRARY_VERSION "2.4"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1

View File

@ -137,7 +137,8 @@ nss_dbm_db_set_label
/* Locked region */
{
if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
rv = NSSCKFWMutex_Lock(db->crustylock);
if( CKR_OK != rv ) {
return rv;
}

View File

@ -1880,7 +1880,7 @@ nss_ckmk_CreateObject
)
{
CK_OBJECT_CLASS objClass;
ckmkInternalObject *io;
ckmkInternalObject *io = NULL;
CK_BBOOL isToken;
/*

View File

@ -1,39 +1,6 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the elliptic curve math library.
The Initial Developer of the Original Code is Sun Microsystems, Inc.
Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
Sun Microsystems, Inc. All Rights Reserved.
Contributor(s):
Stephen Fung <fungstep@hotmail.com> and
Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
The ECL exposes routines for constructing and converting curve
parameters for internal use.

View File

@ -1,39 +1,6 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the MPI Arbitrary Precision Integer Arithmetic
library.
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
Portions created by the Initial Developer are Copyright (C) 1997-2000
the Initial Developer. All Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
About the MPI Library
---------------------

View File

@ -1,35 +1,3 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the Netscape security libraries.
The Initial Developer of the Original Code is Netscape
Communications Corporation. Portions created by Netscape are
Copyright (C) 1994-2000 Netscape Communications Corporation. All
Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.

View File

@ -883,8 +883,8 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
int expOff;
mp_int accum1, accum2, accum[WEAVE_WORD_SIZE];
mp_int tmp;
unsigned char *powersArray;
unsigned char *powers;
unsigned char *powersArray = NULL;
unsigned char *powers = NULL;
MP_DIGITS(&accum1) = 0;
MP_DIGITS(&accum2) = 0;
@ -894,15 +894,6 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
MP_DIGITS(&accum[3]) = 0;
MP_DIGITS(&tmp) = 0;
powersArray = (unsigned char *)malloc(num_powers*(nLen*sizeof(mp_digit)+1));
if (powersArray == NULL) {
res = MP_MEM;
goto CLEANUP;
}
/* powers[i] = base ** (i); */
powers = (unsigned char *)MP_ALIGN(powersArray,num_powers);
/* grab the first window value. This allows us to preload accumulator1
* and save a conversion, some squares and a multiple*/
MP_CHECKOK( mpl_get_bits(exponent,
@ -911,7 +902,6 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
MP_CHECKOK( mp_init_size(&tmp, 3 * nLen + 2) );
/* build the first WEAVE_WORD powers inline */
/* if WEAVE_WORD_SIZE is not 4, this code will have to change */
@ -925,6 +915,13 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
MP_CHECKOK( mp_copy(montBase, &accum[1]) );
SQR(montBase, &accum[2]);
MUL_NOWEAVE(montBase, &accum[2], &accum[3]);
powersArray = (unsigned char *)malloc(num_powers*(nLen*sizeof(mp_digit)+1));
if (!powersArray) {
res = MP_MEM;
goto CLEANUP;
}
/* powers[i] = base ** (i); */ \
powers = (unsigned char *)MP_ALIGN(powersArray,num_powers); \
MP_CHECKOK( mpi_to_weave(accum, powers, nLen, num_powers) );
if (first_window < 4) {
MP_CHECKOK( mp_copy(&accum[first_window], &accum1) );
@ -946,7 +943,10 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
* odd powers where k is the window size in the two other mp_modexpt
* implementations in this file. We will get some of that
* back by not needing the first 'k' squares and one multiply for the
* first window */
* first window.
* Given the value of 4 for WEAVE_WORD_SIZE, this loop will only execute if
* num_powers > 2, in which case powers will have been allocated.
*/
for (i = WEAVE_WORD_SIZE; i < num_powers; i++) {
int acc_index = i & (WEAVE_WORD_SIZE-1); /* i % WEAVE_WORD_SIZE */
if ( i & 1 ) {
@ -993,6 +993,11 @@ mp_err mp_exptmod_safe_i(const mp_int * montBase,
pa1 = &accum1;
pa2 = &accum2;
/* tmp is not used if window_bits == 1. */
if (window_bits != 1) {
MP_CHECKOK( mp_init_size(&tmp, 3 * nLen + 2) );
}
for (expOff = bits_in_exponent - window_bits*2; expOff >= 0; expOff -= window_bits) {
mp_size smallExp;
MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );

View File

@ -1,35 +1,3 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the Netscape security libraries.
The Initial Developer of the Original Code is Netscape
Communications Corporation. Portions created by Netscape are
Copyright (C) 1994-2000 Netscape Communications Corporation. All
Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.

View File

@ -1,35 +1,3 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the Netscape security libraries.
The Initial Developer of the Original Code is Netscape
Communications Corporation. Portions created by Netscape are
Copyright (C) 1994-2000 Netscape Communications Corporation. All
Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.

View File

@ -1,39 +1,6 @@
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the MPI Arbitrary Precision Integer Arithmetic
library.
The Initial Developer of the Original Code is
Michael J. Fromberger <sting@linguist.dartmouth.edu>
Portions created by the Initial Developer are Copyright (C) 1998, 2000
the Initial Developer. All Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
Additional MPI utilities
------------------------

View File

@ -1093,7 +1093,6 @@ PKIX_ERRORENTRY(X500NAMEGETSECNAMEFAILED,pkix_pl_X500Name_GetSECName failed,0),
PKIX_ERRORENTRY(X500NAMEHASHCODEFAILED,PKIX_PL_X500Name_Hashcode failed,0),
PKIX_ERRORENTRY(X500NAMEMATCHFAILED,PKIX_PL_X500Name_Match failed,0),
PKIX_ERRORENTRY(X500NAMETOSTRINGFAILED,PKIX_PL_X500Name_ToString failed,0),
PKIX_ERRORENTRY(X500NAMETOSTRINGHELPERFAILED,pkix_pl_X500Name_ToString_Helper failed,0),
PKIX_ERRORENTRY(ZEROLENGTHBYTEARRAYFORCRLENCODING,Zero-length ByteArray for CRL encoding,0),
PKIX_ERRORENTRY(INVALIDOCSPHTTPMETHOD,Unsupported HTTP Method for OCSP retrieval,0),
PKIX_ERRORENTRY(OCSPGETREQUESTTOOBIG,OCSP request too big for HTTP GET method,0)

View File

@ -117,7 +117,7 @@ PKIX_RevocationChecker_Create(
* "methodFlags"
* Set of flags for the method.
* "methodPriority"
* Method priority. (0 corresponds to a highest priority)
* Method priority. (0 corresponds to the highest priority)
* "verificationFn"
* User call back function that will perform validation of fetched
* revocation information(new crl or ocsp response)
@ -143,7 +143,7 @@ PKIX_RevocationChecker_CreateAndAddMethod(
PKIX_ProcessingParams *params,
PKIX_RevocationMethodType methodType,
PKIX_UInt32 methodFlags,
PKIX_UInt32 mathodPriority,
PKIX_UInt32 methodPriority,
PKIX_PL_VerifyCallback verificationFn,
PKIX_Boolean isLeafMethod,
void *plContext);

View File

@ -137,7 +137,7 @@ pkix_RevocationChecker_RegisterSelf(void *plContext)
PKIX_RETURN(REVOCATIONCHECKER);
}
/* Sort methods by theirs priorities */
/* Sort methods by their priorities (lower priority = higher preference) */
static PKIX_Error *
pkix_RevocationChecker_SortComparator(
PKIX_PL_Object *obj1,
@ -152,7 +152,13 @@ pkix_RevocationChecker_SortComparator(
method1 = (pkix_RevocationMethod *)obj1;
method2 = (pkix_RevocationMethod *)obj2;
*pResult = (method1->priority > method2->priority);
if (method1->priority < method2->priority) {
*pResult = -1;
} else if (method1->priority > method2->priority) {
*pResult = 1;
} else {
*pResult = 0;
}
PKIX_RETURN(BUILD);
}

View File

@ -48,8 +48,9 @@ pkix_ExternalRevocationCheckFn(PKIX_PL_Cert *cert, PKIX_PL_Cert *issuer,
void **pNBIOContext, void *plContext);
/* Revocation method structure assosiates revocation types with
* a set of flags on the method, a priority of the method, and
* method local/external checker functions. */
* a set of flags on the method, a priority of the method (0
* corresponds to the highest priority), and method local/external
* checker functions. */
struct pkix_RevocationMethodStruct {
PKIX_RevocationMethodType methodType;
PKIX_UInt32 flags;

View File

@ -660,9 +660,11 @@ pkix_ForwardBuilderState_IsIOPending(
* DESCRIPTION:
*
* This Function takes two Certificates cast in "obj1" and "obj2",
* compares their validity NotAfter dates and returns the result at
* "pResult". The comparison key(s) can be expanded by using other
* data in the Certificate in the future.
* compares them to determine which is a more preferable certificate
* for chain building. This Function is suitable for use as a
* comparator callback for pkix_List_BubbleSort, setting "*pResult" to
* > 0 if "obj1" is less desirable than "obj2" and < 0 if "obj1"
* is more desirable than "obj2".
*
* PARAMETERS:
* "obj1"
@ -691,14 +693,14 @@ pkix_Build_SortCertComparator(
{
PKIX_PL_Date *date1 = NULL;
PKIX_PL_Date *date2 = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_Int32 result = 0;
PKIX_ENTER(BUILD, "pkix_Build_SortCertComparator");
PKIX_NULLCHECK_THREE(obj1, obj2, pResult);
/*
* For sorting candidate certificates, we use NotAfter date as the
* sorted key for now (can be expanded if desired in the future).
* comparison key for now (can be expanded if desired in the future).
*
* In PKIX_BuildChain, the List of CertStores was reordered so that
* trusted CertStores are ahead of untrusted CertStores. That sort, or
@ -727,7 +729,12 @@ pkix_Build_SortCertComparator(
plContext),
PKIX_OBJECTCOMPARATORFAILED);
*pResult = !result;
/*
* Invert the result, so that if date1 is greater than date2,
* obj1 is sorted before obj2. This is because pkix_List_BubbleSort
* sorts in ascending order.
*/
*pResult = -result;
cleanup:

View File

@ -1132,8 +1132,6 @@ pkix_pl_HttpDefaultClient_KeepAliveSession(
PRPollDesc **pPollDesc,
void *plContext)
{
PKIX_PL_HttpDefaultClient *client = NULL;
PKIX_ENTER
(HTTPDEFAULTCLIENT,
"pkix_pl_HttpDefaultClient_KeepAliveSession");
@ -1145,8 +1143,6 @@ pkix_pl_HttpDefaultClient_KeepAliveSession(
plContext),
PKIX_SESSIONNOTANHTTPDEFAULTCLIENT);
client = (PKIX_PL_HttpDefaultClient *)session;
/* XXX Not implemented */
cleanup:

View File

@ -45,4 +45,9 @@ pkix_pl_CrlDp_Create(const CRLDistributionPoint *dp,
const CERTName *certIssuerName,
pkix_pl_CrlDp **pPkixDP,
void *plContext);
#ifdef __cplusplus
}
#endif
#endif /* _PKIX_PL_CRLDP_H */

View File

@ -211,7 +211,6 @@ pkix_pl_PublicKey_Hashcode(
PKIX_UInt32 algOIDHash;
PKIX_UInt32 algParamsHash;
PKIX_UInt32 pubKeyHash;
PKIX_UInt32 fullHash;
PKIX_ENTER(PUBLICKEY, "pkix_pl_PublicKey_Hashcode");
PKIX_NULLCHECK_TWO(object, pHashcode);
@ -239,8 +238,6 @@ pkix_pl_PublicKey_Hashcode(
(nssPubKey.data, nssPubKey.len, &pubKeyHash, plContext),
PKIX_HASHFAILED);
fullHash = algOIDHash + algParamsHash + pubKeyHash;
*pHashcode = pubKeyHash;
cleanup:

View File

@ -12,61 +12,6 @@
/* --Private-X500Name-Functions------------------------------------- */
/*
* FUNCTION: pkix_pl_X500Name_ToString_Helper
* DESCRIPTION:
*
* Helper function that creates a string representation of the X500Name
* pointed to by "name" and stores it at "pString".
*
* PARAMETERS
* "name"
* Address of X500Name whose string representation is desired.
* Must be non-NULL.
* "pString"
* Address where object pointer will be stored. Must be non-NULL.
* "plContext" - Platform-specific context pointer.
* THREAD SAFETY:
* Thread Safe (see Thread Safety Definitions in Programmer's Guide)
* RETURNS:
* Returns NULL if the function succeeds.
* Returns a X500Name Error if the function fails in a non-fatal way.
* Returns a Fatal Error if the function fails in an unrecoverable way.
*/
static PKIX_Error *
pkix_pl_X500Name_ToString_Helper(
PKIX_PL_X500Name *name,
PKIX_PL_String **pString,
void *plContext)
{
CERTName *nssDN = NULL;
char *utf8String = NULL;
PKIX_UInt32 utf8Length;
PKIX_ENTER(X500NAME, "pkix_pl_X500Name_ToString_Helper");
PKIX_NULLCHECK_TWO(name, pString);
nssDN = &name->nssDN;
/* this should really be called CERT_NameToUTF8 */
utf8String = CERT_NameToAsciiInvertible(nssDN, CERT_N2A_INVERTIBLE);
if (!utf8String){
PKIX_ERROR(PKIX_CERTNAMETOASCIIFAILED);
}
PKIX_X500NAME_DEBUG("\t\tCalling PL_strlen).\n");
utf8Length = PL_strlen(utf8String);
PKIX_CHECK(PKIX_PL_String_Create
(PKIX_UTF8, utf8String, utf8Length, pString, plContext),
PKIX_STRINGCREATEFAILED);
cleanup:
PR_Free(utf8String);
PKIX_RETURN(X500NAME);
}
/*
* FUNCTION: pkix_pl_X500Name_Destroy
* (see comments for PKIX_PL_DestructorCallback in pkix_pl_system.h)

View File

@ -1064,7 +1064,15 @@ PK11_PrivDecrypt;
;+};
;+NSS_3.18 { # NSS 3.18 release
;+ global:
PK11_SetCertificateNickname;
__PK11_SetCertificateNickname;
SEC_CheckCrlTimes;
SEC_GetCrlTimes;
;+ local:
;+ *;
;+};
;+NSS_3.18.1 { # NSS 3.18.1 release
;+ global:
CERT_GetImposedNameConstraints;
;+ local:
;+ *;
;+};

View File

@ -33,10 +33,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define NSS_VERSION "3.17.2.1" _NSS_ECC_STRING _NSS_CUSTOMIZED
#define NSS_VERSION "3.18.0.1" _NSS_ECC_STRING _NSS_CUSTOMIZED
#define NSS_VMAJOR 3
#define NSS_VMINOR 17
#define NSS_VPATCH 2
#define NSS_VMINOR 18
#define NSS_VPATCH 0
#define NSS_VBUILD 1
#define NSS_BETA PR_FALSE

View File

@ -293,8 +293,6 @@ PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
char * nickname = NULL;
CERTCertificate *cert = NULL;
CERTCertTrust *trust;
PRBool isFortezzaRootCA = PR_FALSE;
PRBool swapNickname = PR_FALSE;
cert = pk11_fastCert(slot,certID,privateLabel, &nickname);
if (cert == NULL)
@ -307,7 +305,6 @@ PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
cert->nickname = PORT_ArenaStrdup(cert->arena,nickname);
PORT_Free(nickname);
nickname = NULL;
swapNickname = PR_TRUE;
}
/* remember where this cert came from.... If we have just looked
@ -343,7 +340,6 @@ PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
* full trust on explicitly */
if (PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
trust->objectSigningFlags |= CERTDB_VALID_CA;
isFortezzaRootCA = PR_TRUE;
}
}
if ((type & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
@ -2687,8 +2683,20 @@ PK11_GetAllSlotsForCert(CERTCertificate *cert, void *arg)
return slotList;
}
/*
* Using __PK11_SetCertificateNickname is *DANGEROUS*.
*
* The API will update the NSS database, but it *will NOT* update the in-memory data.
* As a result, after calling this API, there will be INCONSISTENCY between
* in-memory data and the database.
*
* Use of the API should be limited to short-lived tools, which will exit immediately
* after using this API.
*
* If you ignore this warning, your process is TAINTED and will most likely misbehave.
*/
SECStatus
PK11_SetCertificateNickname(CERTCertificate *cert, const char *nickname)
__PK11_SetCertificateNickname(CERTCertificate *cert, const char *nickname)
{
/* Can't set nickname of temp cert. */
if (!cert->slot || cert->pkcs11ID == CK_INVALID_HANDLE) {
@ -2696,4 +2704,3 @@ PK11_SetCertificateNickname(CERTCertificate *cert, const char *nickname)
}
return PK11_SetObjectNickname(cert->slot, cert->pkcs11ID, nickname);
}

View File

@ -1378,12 +1378,13 @@ pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen)
SECItem iv;
SECStatus rv;
mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
if (mech == NULL) return NULL;
rv = SECSuccess;
mech->type = siBuffer;
mech->data = NULL;
mech->len = 0;
switch (type) {
case CKM_RC4:
case CKM_SEED_ECB:
@ -1396,8 +1397,6 @@ pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen)
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
mech->data = NULL;
mech->len = 0;
break;
case CKM_RC2_ECB:
rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
@ -1445,8 +1444,6 @@ pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen)
return PK11_ParamFromIV(type,&iv);
default:
if (pk11_lookup(type)->iv == 0) {
mech->data = NULL;
mech->len = 0;
break;
}
case CKM_SEED_CBC:

View File

@ -458,7 +458,20 @@ SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey,
const char *nickname);
SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey,
const char *nickname);
SECStatus PK11_SetCertificateNickname(CERTCertificate *cert,
/*
* Using __PK11_SetCertificateNickname is *DANGEROUS*.
*
* The API will update the NSS database, but it *will NOT* update the in-memory data.
* As a result, after calling this API, there will be INCONSISTENCY between
* in-memory data and the database.
*
* Use of the API should be limited to short-lived tools, which will exit immediately
* after using this API.
*
* If you ignore this warning, your process is TAINTED and will most likely misbehave.
*/
SECStatus __PK11_SetCertificateNickname(CERTCertificate *cert,
const char *nickname);
/* size to hold key in bytes */

View File

@ -36,14 +36,49 @@ typedef void (PR_CALLBACK * SEC_PKCS12DecoderOutputCallback)(
* In NSS 3.12 or later, 'arg' actually points to a CERTCertificate,
* the 'leafCert' variable in sec_pkcs12_validate_cert in p12d.c.
* See r1.35 of p12d.c ("Patch 2" in bug 321584).
*
* This callback might be called by SEC_PKCS12DecoderValidateBags each time
* a nickname collission is detected. The callback must return a new
* nickname. The returned SECItem should be of type siAsciiString,
* it should be allocated using:
* SECITEM_AllocItem(NULL, NULL, LENGTH_OF_NEW_NICKNAME + 1)
* and data must contain the new nickname as a zero terminated string.
*/
typedef SECItem * (PR_CALLBACK * SEC_PKCS12NicknameCollisionCallback)(
SECItem *old_nickname,
PRBool *cancel,
void *arg);
/*
* This callback is called by SEC_PKCS12DecoderRenameCertNicknames for each
* certificate found in the p12 source data.
*
* cert: A decoded certificate.
* default_nickname: The nickname as found in the source data.
* Will be NULL if source data doesn't have nickname.
* new_nickname: Output parameter that may contain the renamed nickname.
* arg: The user data that was passed to SEC_PKCS12DecoderRenameCertNicknames.
*
* If the callback accept that NSS will use a nickname based on the
* default_nickname (potentially resolving conflicts), then the callback
* must set *new_nickname to NULL.
*
* If the callback wishes to override the nickname, it must set *new_nickname
* to a new SECItem which should be allocated using
* SECITEM_AllocItem(NULL, NULL, LENGTH_OF_NEW_NICKNAME + 1)
* new_nickname->type should be set to siAsciiString, and new_nickname->data
* must contain the new nickname as a zero terminated string.
*
* A return value of SECFailure indicates that the renaming operation failed,
* and callback should release new_nickname before returning if it's already
* being allocated.
* Otherwise, the callback function must return SECSuccess, including use
* default nickname as mentioned above.
*/
typedef SECStatus (PR_CALLBACK * SEC_PKCS12NicknameRenameCallback)(
const CERTCertificate *cert,
const SECItem *default_nickname,
SECItem **new_nickname,
void *arg);
typedef SECStatus (PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData);
typedef SECStatus (PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile);
@ -167,6 +202,26 @@ extern SECStatus
SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
SEC_PKCS12NicknameCollisionCallback nicknameCb);
/*
* SEC_PKCS12DecoderRenameCertNicknames() can be used to change
* certificate nicknames in SEC_PKCS12DecoderContext, prior to calling
* SEC_PKCS12DecoderImportBags.
*
* arg: User-defined data that will be passed to nicknameCb.
*
* If SEC_PKCS12DecoderRenameCertNicknames() is called after calling
* SEC_PKCS12DecoderValidateBags(), then only the certificate nickname
* will be changed.
* If SEC_PKCS12DecoderRenameCertNicknames() is called prior to calling
* SEC_PKCS12DecoderValidateBags(), then SEC_PKCS12DecoderValidateBags()
* will change the nickname of the corresponding private key, too.
*/
extern SECStatus
SEC_PKCS12DecoderRenameCertNicknames(SEC_PKCS12DecoderContext *p12dcx,
SEC_PKCS12NicknameRenameCallback nicknameCb,
void *arg);
extern SECStatus
SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx);

View File

@ -2795,6 +2795,64 @@ SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
return rv;
}
SECStatus
SEC_PKCS12DecoderRenameCertNicknames(SEC_PKCS12DecoderContext *p12dcx,
SEC_PKCS12NicknameRenameCallback nicknameCb,
void *arg)
{
int i;
sec_PKCS12SafeBag *safeBag;
CERTCertificate *cert;
SECStatus srv;
if(!p12dcx || p12dcx->error || !p12dcx->safeBags || !nicknameCb) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
for (i = 0; safeBag = p12dcx->safeBags[i]; i++) {
SECItem *newNickname = NULL;
SECItem *defaultNickname = NULL;
SECStatus rename_rv;
if (SECOID_FindOIDTag(&(safeBag->safeBagType)) !=
SEC_OID_PKCS12_V1_CERT_BAG_ID) {
continue;
}
cert = CERT_DecodeDERCertificate(
&safeBag->safeBagContent.certBag->value.x509Cert,
PR_FALSE, NULL);
if (!cert) {
return SECFailure;
}
defaultNickname = sec_pkcs12_get_nickname(safeBag);
rename_rv = (*nicknameCb)(cert, defaultNickname, &newNickname, arg);
CERT_DestroyCertificate(cert);
if (defaultNickname) {
SECITEM_ZfreeItem(defaultNickname, PR_TRUE);
defaultNickname = NULL;
}
if (rename_rv != SECSuccess) {
return rename_rv;
}
if (newNickname) {
srv = sec_pkcs12_set_nickname(safeBag, newNickname);
SECITEM_ZfreeItem(newNickname, PR_TRUE);
newNickname = NULL;
if (srv != SECSuccess) {
return SECFailure;
}
}
}
return SECSuccess;
}
static SECKEYPublicKey *
sec_pkcs12_get_public_key_and_usage(sec_PKCS12SafeBag *certBag,

View File

@ -928,7 +928,8 @@ sec_pkcs12_convert_item_to_unicode(PLArenaPool *arena, SECItem *dest,
return PR_FALSE;
}
if((dest->data[dest->len-1] || dest->data[dest->len-2]) && zeroTerm) {
if ((dest->len >= 2) &&
(dest->data[dest->len-1] || dest->data[dest->len-2]) && zeroTerm) {
if(dest->len + 2 > 3 * src->len) {
if(arena) {
dest->data = (unsigned char*)PORT_ArenaGrow(arena,

View File

@ -247,27 +247,28 @@ STAN_GetCertIdentifierFromDER(NSSArena *arenaOpt, NSSDER *der)
}
NSS_IMPLEMENT PRStatus
nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena,
nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der,
NSSDER *issuer, NSSDER *serial)
{
SECStatus secrv;
SECItem derCert;
SECItem derCert = { 0 };
SECItem derIssuer = { 0 };
SECItem derSerial = { 0 };
SECITEM_FROM_NSSITEM(&derCert, der);
secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
if (secrv != SECSuccess) {
return PR_FAILURE;
}
(void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
SECStatus secrv;
derCert.data = (unsigned char *)der->data;
derCert.len = der->size;
secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
if (secrv != SECSuccess) {
return PR_FAILURE;
}
secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
if (secrv != SECSuccess) {
PORT_Free(derSerial.data);
return PR_FAILURE;
}
(void)nssItem_Create(arena, issuer, derIssuer.len, derIssuer.data);
PORT_Free(derSerial.data);
PORT_Free(derIssuer.data);
issuer->data = derIssuer.data;
issuer->size = derIssuer.len;
serial->data = derSerial.data;
serial->size = derSerial.len;
return PR_SUCCESS;
}
@ -855,6 +856,8 @@ stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
CERTCertificate *cc = NULL;
CERTCertTrust certTrust;
/* make sure object does not go away until we finish */
nssPKIObject_AddRef(&c->object);
nssPKIObject_Lock(&c->object);
dc = c->decoding;
@ -904,6 +907,7 @@ stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
loser:
nssPKIObject_Unlock(&c->object);
nssPKIObject_Destroy(&c->object);
return cc;
}
@ -1270,6 +1274,7 @@ DeleteCertTrustMatchingSlot(PK11SlotInfo *pk11slot, nssPKIObject *tObject)
int failureCount = 0; /* actual deletion failures by devices */
int index;
nssPKIObject_AddRef(tObject);
nssPKIObject_Lock(tObject);
/* Keep going even if a module fails to delete. */
for (index = 0; index < tObject->numInstances; index++) {
@ -1303,6 +1308,7 @@ DeleteCertTrustMatchingSlot(PK11SlotInfo *pk11slot, nssPKIObject *tObject)
}
nssPKIObject_Unlock(tObject);
nssPKIObject_Destroy(tObject);
return failureCount == 0 ? PR_SUCCESS : PR_FAILURE;
}
@ -1329,6 +1335,7 @@ STAN_DeleteCertTrustMatchingSlot(NSSCertificate *c)
* loop so that once it's failed the other gets set.
*/
NSSRWLock_LockRead(td->tokensLock);
nssPKIObject_AddRef(cobject);
nssPKIObject_Lock(cobject);
for (i = 0; i < cobject->numInstances; i++) {
nssCryptokiObject *cInstance = cobject->instances[i];
@ -1343,6 +1350,7 @@ STAN_DeleteCertTrustMatchingSlot(NSSCertificate *c)
}
}
nssPKIObject_Unlock(cobject);
nssPKIObject_Destroy(cobject);
NSSRWLock_UnlockRead(td->tokensLock);
return nssrv;
}

View File

@ -77,7 +77,7 @@ NSS_EXTERN PRStatus
STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust);
NSS_EXTERN PRStatus
nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena,
nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der,
NSSDER *issuer, NSSDER *serial);
NSS_EXTERN char *

View File

@ -23,6 +23,7 @@
#endif /* PKISTORE_H */
#include "cert.h"
#include "pki3hack.h"
#include "prbit.h"
@ -554,33 +555,6 @@ nssCertificateStore_FindCertificateByIssuerAndSerialNumber (
return rvCert;
}
static PRStatus
issuer_and_serial_from_encoding (
NSSBER *encoding,
NSSDER *issuer,
NSSDER *serial
)
{
SECItem derCert, derIssuer, derSerial;
SECStatus secrv;
derCert.data = (unsigned char *)encoding->data;
derCert.len = encoding->size;
secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
if (secrv != SECSuccess) {
return PR_FAILURE;
}
secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
if (secrv != SECSuccess) {
PORT_Free(derIssuer.data);
return PR_FAILURE;
}
issuer->data = derIssuer.data;
issuer->size = derIssuer.len;
serial->data = derSerial.data;
serial->size = derSerial.len;
return PR_SUCCESS;
}
NSS_IMPLEMENT NSSCertificate *
nssCertificateStore_FindCertificateByEncodedCertificate (
nssCertificateStore *store,
@ -590,7 +564,7 @@ nssCertificateStore_FindCertificateByEncodedCertificate (
PRStatus nssrv = PR_FAILURE;
NSSDER issuer, serial;
NSSCertificate *rvCert = NULL;
nssrv = issuer_and_serial_from_encoding(encoding, &issuer, &serial);
nssrv = nssPKIX509_GetIssuerAndSerialFromDER(encoding, &issuer, &serial);
if (nssrv != PR_SUCCESS) {
return NULL;
}

View File

@ -391,6 +391,7 @@ remove_token_certs(const void *k, void *v, void *a)
nssPKIObject *object = &c->object;
struct token_cert_dtor *dtor = a;
PRUint32 i;
nssPKIObject_AddRef(object);
nssPKIObject_Lock(object);
for (i=0; i<object->numInstances; i++) {
if (object->instances[i]->token == dtor->token) {
@ -409,6 +410,7 @@ remove_token_certs(const void *k, void *v, void *a)
}
}
nssPKIObject_Unlock(object);
nssPKIObject_Destroy(object);
return;
}
@ -435,17 +437,21 @@ nssTrustDomain_RemoveTokenCertsFromCache (
dtor.numCerts = 0;
dtor.arrSize = arrSize;
PZ_Lock(td->cache->lock);
nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, (void *)&dtor);
nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, &dtor);
for (i=0; i<dtor.numCerts; i++) {
if (dtor.certs[i]->object.numInstances == 0) {
nssTrustDomain_RemoveCertFromCacheLOCKED(td, dtor.certs[i]);
dtor.certs[i] = NULL; /* skip this cert in the second for loop */
} else {
/* make sure it doesn't disappear on us before we finish */
nssCertificate_AddRef(dtor.certs[i]);
}
}
PZ_Unlock(td->cache->lock);
for (i=0; i<dtor.numCerts; i++) {
if (dtor.certs[i]) {
STAN_ForceCERTCertificateUpdate(dtor.certs[i]);
nssCertificate_Destroy(dtor.certs[i]);
}
}
nss_ZFreeIf(dtor.certs);
@ -1046,32 +1052,6 @@ nssTrustDomain_GetCertForIssuerAndSNFromCache (
return rvCert;
}
static PRStatus
issuer_and_serial_from_encoding (
NSSBER *encoding,
NSSDER *issuer,
NSSDER *serial
)
{
SECItem derCert, derIssuer, derSerial;
SECStatus secrv;
derCert.data = (unsigned char *)encoding->data;
derCert.len = encoding->size;
secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
if (secrv != SECSuccess) {
return PR_FAILURE;
}
secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
if (secrv != SECSuccess) {
return PR_FAILURE;
}
issuer->data = derIssuer.data;
issuer->size = derIssuer.len;
serial->data = derSerial.data;
serial->size = derSerial.len;
return PR_SUCCESS;
}
/*
* Look for a specific cert in the cache
*/
@ -1084,7 +1064,7 @@ nssTrustDomain_GetCertByDERFromCache (
PRStatus nssrv = PR_FAILURE;
NSSDER issuer, serial;
NSSCertificate *rvCert;
nssrv = issuer_and_serial_from_encoding(der, &issuer, &serial);
nssrv = nssPKIX509_GetIssuerAndSerialFromDER(der, &issuer, &serial);
if (nssrv != PR_SUCCESS) {
return NULL;
}

View File

@ -831,20 +831,16 @@ nssTrustDomain_FindCertificateByEncodedCertificate (
NSSCertificate *rvCert = NULL;
NSSDER issuer = { 0 };
NSSDER serial = { 0 };
NSSArena *arena = nssArena_Create();
if (!arena) {
return (NSSCertificate *)NULL;
}
/* XXX this is not generic... will any cert crack into issuer/serial? */
status = nssPKIX509_GetIssuerAndSerialFromDER(ber, arena, &issuer, &serial);
status = nssPKIX509_GetIssuerAndSerialFromDER(ber, &issuer, &serial);
if (status != PR_SUCCESS) {
goto finish;
return NULL;
}
rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
&issuer,
&serial);
finish:
nssArena_Destroy(arena);
PORT_Free(issuer.data);
PORT_Free(serial.data);
return rvCert;
}

View File

@ -279,3 +279,9 @@ NSS_CMSSignerInfo_Verify;
;+ local:
;+ *;
;+};
;+NSS_3.18 { # NSS 3.18 release
;+ global:
SEC_PKCS12DecoderRenameCertNicknames;
;+ local:
;+ *;
;+};

View File

@ -437,10 +437,12 @@ smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
*/
key = CERT_ExtractPublicKey(rcerts[rcount]);
pklen_bits = 0;
key_type = nullKey;
if (key != NULL) {
pklen_bits = SECKEY_PublicKeyStrengthInBits (key);
key_type = SECKEY_GetPublicKeyType(key);
SECKEY_DestroyPublicKey (key);
key = NULL;
}
if (key_type == ecKey) {

View File

@ -23,7 +23,7 @@ RESNAME = $(LIBRARY_NAME).rc
# -l$(SQLITE_LIB_NAME)
ifdef NS_USE_GCC
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-L$(SQLITE_LIB_DIR) \
-L$(NSSUTIL_LIB_DIR) \
-lnssutil3 \
-L$(NSPR_LIB_DIR) \
@ -36,7 +36,7 @@ else # ! NS_USE_GCC
# $(DIST)/lib/$(SQLITE_LIB_NAME).lib
EXTRA_SHARED_LIBS += \
$(DIST)/lib/sqlite3.lib \
$(SQLITE_LIB_DIR)/$(SQLITE_LIB_NAME).lib \
$(NSSUTIL_LIB_DIR)/nssutil3.lib \
$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
@ -49,7 +49,7 @@ else
# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-L$(SQLITE_LIB_DIR) \
-l$(SQLITE_LIB_NAME) \
-L$(NSSUTIL_LIB_DIR) \
-lnssutil3 \

View File

@ -720,13 +720,22 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
CK_OBJECT_HANDLE_PTR phObject) {
CK_OBJECT_CLASS * classptr;
CK_RV rv = CKR_OK;
SFTK_FIPSCHECK();
CHECK_FORK();
classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
if (*classptr == CKO_NETSCAPE_NEWSLOT || *classptr == CKO_NETSCAPE_DELSLOT) {
if (sftk_fatalError)
return CKR_DEVICE_ERROR;
} else {
rv = sftk_fipsCheck();
if (rv != CKR_OK)
return rv;
}
/* FIPS can't create keys from raw key material */
if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
rv = CKR_ATTRIBUTE_VALUE_INVALID;

View File

@ -319,7 +319,7 @@ do_xor(unsigned char *dest, unsigned char *src, int len)
}
static SECStatus
nsspkcs5_PBKFD2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
nsspkcs5_PBKDF2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
int iterations, unsigned int i, unsigned char *T)
{
int j;
@ -393,7 +393,7 @@ nsspkcs5_PBKDF2(const SECHashObject *hashobj, NSSPKCS5PBEParameter *pbe_param,
}
for (i=1,rp=result->data; i <= nblocks ; i++, rp +=hLen) {
rv = nsspkcs5_PBKFD2_F(hashobj,pwitem,salt,iterations,i,T);
rv = nsspkcs5_PBKDF2_F(hashobj, pwitem, salt, iterations, i, T);
if (rv != SECSuccess) {
break;
}

View File

@ -1691,8 +1691,6 @@ void sdb_SetForkState(PRBool forked)
*/
static const char INIT_CMD[] =
"CREATE TABLE %s (id PRIMARY KEY UNIQUE ON CONFLICT ABORT%s)";
static const char ALTER_CMD[] =
"ALTER TABLE %s ADD COLUMN a%x";
CK_RV
sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate,

View File

@ -25,10 +25,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
#define SOFTOKEN_VERSION "3.17.2.1" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VERSION "3.18.0.1" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VMAJOR 3
#define SOFTOKEN_VMINOR 17
#define SOFTOKEN_VPATCH 2
#define SOFTOKEN_VMINOR 18
#define SOFTOKEN_VPATCH 0
#define SOFTOKEN_VBUILD 1
#define SOFTOKEN_BETA PR_FALSE

View File

@ -904,7 +904,7 @@ ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion,
if (peerVersion < ss->vrange.min ||
(peerVersion > ss->vrange.max && !allowLargerPeerVersion)) {
PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
return SECFailure;
}
@ -2788,6 +2788,12 @@ ssl3_SendRecord( sslSocket * ss,
PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
if (ss->ssl3.fatalAlertSent) {
SSL_TRC(3, ("%d: SSL3[%d] Suppress write, fatal alert already sent",
SSL_GETPID(), ss->fd));
return SECFailure;
}
capRecordVersion = ((flags & ssl_SEND_FLAG_CAP_RECORD_VERSION) != 0);
if (capRecordVersion) {
@ -3233,6 +3239,9 @@ SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
? ssl_SEND_FLAG_FORCE_INTO_BUFFER : 0);
rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
}
if (level == alert_fatal) {
ss->ssl3.fatalAlertSent = PR_TRUE;
}
ssl_ReleaseXmitBufLock(ss);
ssl_ReleaseSSL3HandshakeLock(ss);
return rv; /* error set by ssl3_FlushHandshake or ssl3_SendRecord */
@ -4978,23 +4987,17 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
sidOK = PR_FALSE;
}
/* TLS 1.0 (RFC 2246) Appendix E says:
* Whenever a client already knows the highest protocol known to
* a server (for example, when resuming a session), it should
* initiate the connection in that native protocol.
* So we pass sid->version to ssl3_NegotiateVersion() here, except
* when renegotiating.
*
if (sidOK) {
/* Set ss->version based on the session cache */
if (ss->firstHsDone) {
/*
* Windows SChannel compares the client_version inside the RSA
* EncryptedPreMasterSecret of a renegotiation with the
* client_version of the initial ClientHello rather than the
* ClientHello in the renegotiation. To work around this bug, we
* continue to use the client_version used in the initial
* ClientHello when renegotiating.
*/
if (sidOK) {
if (ss->firstHsDone) {
/*
*
* The client_version of the initial ClientHello is still
* available in ss->clientHelloVersion. Ensure that
* sid->version is bounded within
@ -5008,9 +5011,21 @@ ssl3_SendClientHello(sslSocket *ss, PRBool resending)
sidOK = PR_FALSE;
}
} else {
if (ssl3_NegotiateVersion(ss, sid->version,
PR_FALSE) != SECSuccess) {
/*
* Check sid->version is OK first.
* Previously, we would cap the version based on sid->version,
* but that prevents negotiation of a higher version if the
* previous session was reduced (e.g., with version fallback)
*/
if (sid->version < ss->vrange.min ||
sid->version > ss->vrange.max) {
sidOK = PR_FALSE;
} else {
rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_MAX_SUPPORTED,
PR_TRUE);
if (rv != SECSuccess) {
return rv; /* error code was set */
}
}
}
}
@ -6287,7 +6302,7 @@ ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
if (rv != SECSuccess) {
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version
: handshake_failure;
errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
errCode = SSL_ERROR_UNSUPPORTED_VERSION;
goto alert_loser;
}
isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
@ -7699,7 +7714,7 @@ ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
if (rv != SECSuccess) {
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version
: handshake_failure;
errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
errCode = SSL_ERROR_UNSUPPORTED_VERSION;
goto alert_loser;
}
@ -8472,8 +8487,9 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length)
rv = ssl3_NegotiateVersion(ss, version, PR_TRUE);
if (rv != SECSuccess) {
/* send back which ever alert client will understand. */
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version
: handshake_failure;
errCode = SSL_ERROR_UNSUPPORTED_VERSION;
goto alert_loser;
}
@ -8743,11 +8759,11 @@ ssl3_PickSignatureHashAlgorithm(sslSocket *ss,
unsigned int i, j;
/* hashPreference expresses our preferences for hash algorithms, most
* preferable first. */
static const PRUint8 hashPreference[] = {
tls_hash_sha256,
tls_hash_sha384,
tls_hash_sha512,
tls_hash_sha1,
static const SECOidTag hashPreference[] = {
SEC_OID_SHA256,
SEC_OID_SHA384,
SEC_OID_SHA512,
SEC_OID_SHA1,
};
switch (ss->ssl3.hs.kea_def->kea) {

View File

@ -1,3 +1,4 @@
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* SSL3 Protocol
*
@ -1184,8 +1185,7 @@ ssl3_HandleSupportedPointFormatsXtn(sslSocket *ss, PRUint16 ex_type,
if (data->len < 2 || data->len > 255 || !data->data ||
data->len != (unsigned int)data->data[0] + 1) {
/* malformed */
goto loser;
return ssl3_DecodeError(ss);
}
for (i = data->len; --i > 0; ) {
if (data->data[i] == 0) {
@ -1196,10 +1196,10 @@ ssl3_HandleSupportedPointFormatsXtn(sslSocket *ss, PRUint16 ex_type,
return rv;
}
}
loser:
/* evil client doesn't support uncompressed */
ssl3_DisableECCSuites(ss, ecSuites);
return SECFailure;
return SECSuccess;
}
@ -1220,7 +1220,7 @@ ECName ssl3_GetSvrCertCurveName(sslSocket *ss)
return ec_curve;
}
/* Ensure that the curve in our server cert is one of the ones suppored
/* Ensure that the curve in our server cert is one of the ones supported
* by the remote client, and disable all ECC cipher suites if not.
*/
SECStatus
@ -1231,26 +1231,34 @@ ssl3_HandleSupportedCurvesXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
PRUint32 mutualCurves = 0;
PRUint16 svrCertCurveName;
if (!data->data || data->len < 4 || data->len > 65535)
goto loser;
if (!data->data || data->len < 4) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
/* get the length of elliptic_curve_list */
list_len = ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
if (list_len < 0 || data->len != list_len || (data->len % 2) != 0) {
/* malformed */
goto loser;
(void)ssl3_DecodeError(ss);
return SECFailure;
}
/* build bit vector of peer's supported curve names */
while (data->len) {
PRInt32 curve_name =
ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
if (curve_name < 0) {
return SECFailure; /* fatal alert already sent */
}
if (curve_name > ec_noName && curve_name < ec_pastLastName) {
peerCurves |= (1U << curve_name);
}
}
/* What curves do we support in common? */
mutualCurves = ss->ssl3.hs.negotiatedECCurves &= peerCurves;
if (!mutualCurves) { /* no mutually supported EC Curves */
goto loser;
if (!mutualCurves) {
/* no mutually supported EC Curves, disable ECC */
ssl3_DisableECCSuites(ss, ecSuites);
return SECSuccess;
}
/* if our ECC cert doesn't use one of these supported curves,
@ -1266,12 +1274,7 @@ ssl3_HandleSupportedCurvesXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
*/
ssl3_DisableECCSuites(ss, ecdh_ecdsa_suites);
ssl3_DisableECCSuites(ss, ecdhe_ecdsa_suites);
return SECFailure;
loser:
/* no common curve supported */
ssl3_DisableECCSuites(ss, ecSuites);
return SECFailure;
return SECSuccess;
}
#endif /* NSS_DISABLE_ECC */

View File

@ -1,3 +1,4 @@
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* SSL3 Protocol
*
@ -64,9 +65,13 @@ static PRInt32 ssl3_ClientSendAppProtoXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
static PRInt32 ssl3_ServerSendAppProtoXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
static PRInt32 ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append,
static PRInt32 ssl3_ClientSendUseSRTPXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
static SECStatus ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type,
static PRInt32 ssl3_ServerSendUseSRTPXtn(sslSocket *ss, PRBool append,
PRUint32 maxBytes);
static SECStatus ssl3_ClientHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type,
SECItem *data);
static SECStatus ssl3_ServerHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type,
SECItem *data);
static PRInt32 ssl3_ServerSendStatusRequestXtn(sslSocket * ss,
PRBool append, PRUint32 maxBytes);
@ -247,7 +252,7 @@ static const ssl3HelloExtensionHandler clientHelloHandlers[] = {
{ ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
{ ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn },
{ ssl_app_layer_protocol_xtn, &ssl3_ServerHandleAppProtoXtn },
{ ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn },
{ ssl_use_srtp_xtn, &ssl3_ServerHandleUseSRTPXtn },
{ ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn },
{ ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn },
{ ssl_tls13_draft_version_xtn, &ssl3_ServerHandleDraftVersionXtn },
@ -263,7 +268,7 @@ static const ssl3HelloExtensionHandler serverHelloHandlersTLS[] = {
{ ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
{ ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn },
{ ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn },
{ ssl_use_srtp_xtn, &ssl3_HandleUseSRTPXtn },
{ ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn },
{ ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
{ -1, NULL }
};
@ -290,7 +295,7 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
{ ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn },
{ ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
{ ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn },
{ ssl_use_srtp_xtn, &ssl3_SendUseSRTPXtn },
{ ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn },
{ ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
{ ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
{ ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },
@ -398,13 +403,7 @@ ssl3_HandleServerNameXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
PRInt32 listLenBytes = 0;
if (!ss->sec.isServer) {
/* Verify extension_data is empty. */
if (data->data || data->len ||
!ssl3_ExtensionNegotiated(ss, ssl_server_name_xtn)) {
/* malformed or was not initiated by the client.*/
return SECFailure;
}
return SECSuccess;
return SECSuccess; /* ignore extension */
}
/* Server side - consume client data and register server sender. */
@ -414,33 +413,38 @@ ssl3_HandleServerNameXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
}
/* length of server_name_list */
listLenBytes = ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
if (listLenBytes == 0 || listLenBytes != data->len) {
if (listLenBytes < 0 || listLenBytes != data->len) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
if (listLenBytes == 0) {
return SECSuccess; /* ignore an empty extension */
}
ldata = *data;
/* Calculate the size of the array.*/
while (listLenBytes > 0) {
SECItem litem;
SECStatus rv;
PRInt32 type;
/* Name Type (sni_host_name) */
/* Skip Name Type (sni_host_name); checks are on the second pass */
type = ssl3_ConsumeHandshakeNumber(ss, 1, &ldata.data, &ldata.len);
if (!ldata.len) {
if (type < 0) { /* i.e., SECFailure cast to PRint32 */
return SECFailure;
}
rv = ssl3_ConsumeHandshakeVariable(ss, &litem, 2, &ldata.data, &ldata.len);
if (rv != SECSuccess) {
return SECFailure;
return rv;
}
/* Adjust total length for cunsumed item, item len and type.*/
/* Adjust total length for consumed item, item len and type.*/
listLenBytes -= litem.len + 3;
if (listLenBytes > 0 && !ldata.len) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
listCount += 1;
}
if (!listCount) {
return SECFailure;
return SECFailure; /* nothing we can act on */
}
names = PORT_ZNewArray(SECItem, listCount);
if (!names) {
@ -455,6 +459,7 @@ ssl3_HandleServerNameXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
type = ssl3_ConsumeHandshakeNumber(ss, 1, &data->data, &data->len);
/* Check if we have such type in the list */
for (j = 0;j < listCount && names[j].data;j++) {
/* TODO bug 998524: .type is not assigned a value */
if (names[j].type == type) {
nametypePresent = PR_TRUE;
break;
@ -464,7 +469,10 @@ ssl3_HandleServerNameXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
rv = ssl3_ConsumeHandshakeVariable(ss, &names[namesPos], 2,
&data->data, &data->len);
if (rv != SECSuccess) {
goto loser;
PORT_Assert(0);
PORT_Free(names);
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return rv;
}
if (nametypePresent == PR_FALSE) {
namesPos += 1;
@ -479,10 +487,6 @@ ssl3_HandleServerNameXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
xtnData->negotiated[xtnData->numNegotiated++] = ssl_server_name_xtn;
return SECSuccess;
loser:
PORT_Free(names);
return SECFailure;
}
/* Called by both clients and servers.
@ -603,17 +607,11 @@ ssl3_ValidateNextProtoNego(const unsigned char* data, unsigned int length)
* store protocol identifiers in null-terminated strings.
*/
if (newOffset > length || data[offset] == 0) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
return SECFailure;
}
offset = newOffset;
}
if (offset > length) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
return SECFailure;
}
return SECSuccess;
}
@ -626,34 +624,41 @@ ssl3_SelectAppProtocol(sslSocket *ss, PRUint16 ex_type, SECItem *data)
SECItem result = { siBuffer, resultBuffer, 0 };
rv = ssl3_ValidateNextProtoNego(data->data, data->len);
if (rv != SECSuccess)
if (rv != SECSuccess) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
(void)SSL3_SendAlert(ss, alert_fatal, decode_error);
return rv;
}
PORT_Assert(ss->nextProtoCallback);
rv = ss->nextProtoCallback(ss->nextProtoArg, ss->fd, data->data, data->len,
result.data, &result.len, sizeof resultBuffer);
if (rv != SECSuccess)
return rv;
/* If the callback wrote more than allowed to |result| it has corrupted our
* stack. */
if (result.len > sizeof resultBuffer) {
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
result.data, &result.len, sizeof(resultBuffer));
if (rv != SECSuccess) {
/* Expect callback to call PORT_SetError() */
(void)SSL3_SendAlert(ss, alert_fatal, internal_error);
return SECFailure;
}
/* If the callback wrote more than allowed to |result| it has corrupted our
* stack. */
if (result.len > sizeof(resultBuffer)) {
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
/* TODO: crash */
return SECFailure;
}
SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
if (ex_type == ssl_app_layer_protocol_xtn &&
ss->ssl3.nextProtoState != SSL_NEXT_PROTO_NEGOTIATED) {
/* The callback might say OK, but then it's picked a default.
* That's OK for NPN, but not ALPN. */
SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
/* The callback might say OK, but then it picks a default value - one
* that was not listed. That's OK for NPN, but not ALPN. */
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL);
(void)SSL3_SendAlert(ss, alert_fatal, no_application_protocol);
return SECFailure;
}
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
return SECITEM_CopyItem(NULL, &ss->ssl3.nextProto, &result);
}
@ -669,17 +674,16 @@ ssl3_ServerHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
if (ss->firstHsDone || data->len == 0) {
/* Clients MUST send a non-empty ALPN extension. */
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
(void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
return SECFailure;
}
/* unlike NPN, ALPN has extra redundant length information so that
* the extension is the same in both ClientHello and ServerHello */
/* Unlike NPN, ALPN has extra redundant length information so that
* the extension is the same in both ClientHello and ServerHello. */
count = ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
if (count < 0) {
return SECFailure; /* fatal alert was sent */
}
if (count != data->len) {
return ssl3_DecodeError(ss);
(void)ssl3_DecodeError(ss);
return SECFailure;
}
if (!ss->nextProtoCallback) {
@ -694,8 +698,13 @@ ssl3_ServerHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
/* prepare to send back a response, if we negotiated */
if (ss->ssl3.nextProtoState == SSL_NEXT_PROTO_NEGOTIATED) {
return ssl3_RegisterServerHelloExtensionSender(
rv = ssl3_RegisterServerHelloExtensionSender(
ss, ex_type, ssl3_ServerSendAppProtoXtn);
if (rv != SECSuccess) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
(void)SSL3_SendAlert(ss, alert_fatal, internal_error);
return rv;
}
}
return SECSuccess;
}
@ -713,7 +722,8 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, PRUint16 ex_type,
* we've negotiated NPN then we're required to send the NPN handshake
* message. Thus, these two extensions cannot both be negotiated on the
* same connection. */
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
PORT_SetError(SSL_ERROR_BAD_SERVER);
(void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
return SECFailure;
}
@ -722,7 +732,9 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, PRUint16 ex_type,
* that an application erroneously cleared the callback between the time
* we sent the ClientHello and now. */
if (!ss->nextProtoCallback) {
PORT_Assert(0);
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK);
(void)SSL3_SendAlert(ss, alert_fatal, internal_error);
return SECFailure;
}
@ -732,8 +744,8 @@ ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, PRUint16 ex_type,
static SECStatus
ssl3_ClientHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
{
const unsigned char* d = data->data;
PRUint16 name_list_len;
SECStatus rv;
PRInt32 list_len;
SECItem protocol_name;
if (ssl3_ExtensionNegotiated(ss, ssl_next_proto_nego_xtn)) {
@ -743,22 +755,30 @@ ssl3_ClientHandleAppProtoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
/* The extension data from the server has the following format:
* uint16 name_list_len;
* uint8 len;
* uint8 len; // where len >= 1
* uint8 protocol_name[len]; */
if (data->len < 4 || data->len > 2 + 1 + 255) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
(void)SSL3_SendAlert(ss, alert_fatal, decode_error);
return SECFailure;
}
name_list_len = ((PRUint16) d[0]) << 8 |
((PRUint16) d[1]);
if (name_list_len != data->len - 2 || d[2] != data->len - 3) {
list_len = ssl3_ConsumeHandshakeNumber(ss, 2, &data->data, &data->len);
/* The list has to be the entire extension. */
if (list_len != data->len) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
(void)SSL3_SendAlert(ss, alert_fatal, decode_error);
return SECFailure;
}
protocol_name.data = data->data + 3;
protocol_name.len = data->len - 3;
rv = ssl3_ConsumeHandshakeVariable(ss, &protocol_name, 1,
&data->data, &data->len);
/* The list must have exactly one value. */
if (rv != SECSuccess || data->len != 0) {
PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID);
(void)SSL3_SendAlert(ss, alert_fatal, decode_error);
return SECFailure;
}
SECITEM_FreeItem(&ss->ssl3.nextProto, PR_FALSE);
ss->ssl3.nextProtoState = SSL_NEXT_PROTO_SELECTED;
@ -914,8 +934,9 @@ ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, PRUint16 ex_type,
SECItem *data)
{
/* The echoed extension must be empty. */
if (data->len != 0)
return SECFailure;
if (data->len != 0) {
return SECSuccess; /* Ignore the extension. */
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
@ -1365,8 +1386,9 @@ SECStatus
ssl3_ClientHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type,
SECItem *data)
{
if (data->len != 0)
return SECFailure;
if (data->len != 0) {
return SECSuccess; /* Ignore the extension. */
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
@ -1384,8 +1406,9 @@ ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type,
SSL3Statistics *ssl3stats;
/* Ignore the SessionTicket extension if processing is disabled. */
if (!ss->opt.enableSessionTickets)
if (!ss->opt.enableSessionTickets) {
return SECSuccess;
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
@ -1443,8 +1466,9 @@ ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, PRUint16 ex_type,
extension_data.len = data->len;
if (ssl3_ParseEncryptedSessionTicket(ss, data, &enc_session_ticket)
!= SECSuccess)
return SECFailure;
!= SECSuccess) {
return SECSuccess; /* Pretend it isn't there */
}
/* Get session ticket keys. */
#ifndef NO_PKCS11_BYPASS
@ -1872,18 +1896,22 @@ ssl3_HandleHelloExtensions(sslSocket *ss, SSL3Opaque **b, PRUint32 *length)
/* get the data for this extension, so we can pass it or skip it. */
rv = ssl3_ConsumeHandshakeVariable(ss, &extension_data, 2, b, length);
if (rv != SECSuccess)
return rv;
return rv; /* alert already sent */
/* Check whether the server sent an extension which was not advertised
* in the ClientHello.
*/
if (!ss->sec.isServer &&
!ssl3_ClientExtensionAdvertised(ss, extension_type))
return SECFailure; /* TODO: send unsupported_extension alert */
!ssl3_ClientExtensionAdvertised(ss, extension_type)) {
(void)SSL3_SendAlert(ss, alert_fatal, unsupported_extension);
return SECFailure;
}
/* Check whether an extension has been sent multiple times. */
if (ssl3_ExtensionNegotiated(ss, extension_type))
if (ssl3_ExtensionNegotiated(ss, extension_type)) {
(void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
return SECFailure;
}
/* find extension_type in table of Hello Extension Handlers */
for (handler = handlers; handler->ex_type >= 0; handler++) {
@ -1891,9 +1919,13 @@ ssl3_HandleHelloExtensions(sslSocket *ss, SSL3Opaque **b, PRUint32 *length)
if (handler->ex_type == extension_type) {
rv = (*handler->ex_handler)(ss, (PRUint16)extension_type,
&extension_data);
/* Ignore this result */
/* Treat all bad extensions as unrecognized types. */
break;
if (rv != SECSuccess) {
if (!ss->ssl3.fatalAlertSent) {
/* send a generic alert if the handler didn't already */
(void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
}
return SECFailure;
}
}
}
}
@ -2025,13 +2057,14 @@ ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
len = ss->sec.isServer ? ss->ssl3.hs.finishedBytes
: ss->ssl3.hs.finishedBytes * 2;
}
if (data->len != 1 + len ||
data->data[0] != len || (len &&
NSS_SecureMemcmp(ss->ssl3.hs.finishedMsgs.data,
data->data + 1, len))) {
/* Can we do this here? Or, must we arrange for the caller to do it? */
(void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
if (data->len != 1 + len || data->data[0] != len ) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
if (len && NSS_SecureMemcmp(ss->ssl3.hs.finishedMsgs.data,
data->data + 1, len)) {
PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
(void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
return SECFailure;
}
/* remember that we got this extension and it was correct. */
@ -2046,7 +2079,7 @@ ssl3_HandleRenegotiationInfoXtn(sslSocket *ss, PRUint16 ex_type, SECItem *data)
}
static PRInt32
ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
ssl3_ClientSendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
{
PRUint32 ext_data_len;
PRInt16 i;
@ -2055,9 +2088,6 @@ ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
if (!ss)
return 0;
if (!ss->sec.isServer) {
/* Client side */
if (!IS_DTLS(ss) || !ss->ssl3.dtlsSRTPCipherCount)
return 0; /* Not relevant */
@ -2091,8 +2121,16 @@ ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
return 4 + ext_data_len;
}
static PRInt32
ssl3_ServerSendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
{
SECStatus rv;
/* Server side */
if (append && maxBytes >= 9) {
if (!append || maxBytes < 9) {
return 9;
}
/* Extension type */
rv = ssl3_AppendHandshakeNumber(ss, ssl_use_srtp_xtn, 2);
if (rv != SECSuccess) return -1;
@ -2107,26 +2145,22 @@ ssl3_SendUseSRTPXtn(sslSocket *ss, PRBool append, PRUint32 maxBytes)
if (rv != SECSuccess) return -1;
/* Empty MKI value */
ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
}
return 9;
}
static SECStatus
ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
ssl3_ClientHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
{
SECStatus rv;
SECItem ciphers = {siBuffer, NULL, 0};
PRUint16 i;
unsigned int j;
PRUint16 cipher = 0;
PRBool found = PR_FALSE;
SECItem litem;
if (!ss->sec.isServer) {
/* Client side */
if (!data->data || !data->len) {
/* malformed */
(void)ssl3_DecodeError(ss);
return SECFailure;
}
@ -2134,10 +2168,11 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
rv = ssl3_ConsumeHandshakeVariable(ss, &ciphers, 2,
&data->data, &data->len);
if (rv != SECSuccess) {
return SECFailure;
return SECFailure; /* fatal alert already sent */
}
/* Now check that the number of ciphers listed is 1 (len = 2) */
/* Now check that the server has picked just 1 (i.e., len = 2) */
if (ciphers.len != 2) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
@ -2153,6 +2188,8 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
}
if (!found) {
PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
(void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
return SECFailure;
}
@ -2160,27 +2197,19 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
rv = ssl3_ConsumeHandshakeVariable(ss, &litem, 1,
&data->data, &data->len);
if (rv != SECSuccess) {
return SECFailure;
return SECFailure; /* alert already sent */
}
/* We didn't offer an MKI, so this must be 0 length */
/* XXX RFC 5764 Section 4.1.3 says:
* If the client detects a nonzero-length MKI in the server's
* response that is different than the one the client offered,
* then the client MUST abort the handshake and SHOULD send an
* invalid_parameter alert.
*
* Due to a limitation of the ssl3_HandleHelloExtensions function,
* returning SECFailure here won't abort the handshake. It will
* merely cause the use_srtp extension to be not negotiated. We
* should fix this. See NSS bug 753136.
*/
if (litem.len != 0) {
PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
(void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
return SECFailure;
}
/* extra trailing bytes */
if (data->len != 0) {
/* malformed */
(void)ssl3_DecodeError(ss);
return SECFailure;
}
@ -2190,7 +2219,17 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
return SECSuccess;
}
/* Server side */
static SECStatus
ssl3_ServerHandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
{
SECStatus rv;
SECItem ciphers = {siBuffer, NULL, 0};
PRUint16 i;
unsigned int j;
PRUint16 cipher = 0;
PRBool found = PR_FALSE;
SECItem litem;
if (!IS_DTLS(ss) || !ss->ssl3.dtlsSRTPCipherCount) {
/* Ignore the extension if we aren't doing DTLS or no DTLS-SRTP
* preferences have been set. */
@ -2198,7 +2237,7 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
}
if (!data->data || data->len < 5) {
/* malformed */
(void)ssl3_DecodeError(ss);
return SECFailure;
}
@ -2206,10 +2245,11 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
rv = ssl3_ConsumeHandshakeVariable(ss, &ciphers, 2,
&data->data, &data->len);
if (rv != SECSuccess) {
return SECFailure;
return SECFailure; /* alert already sent */
}
/* Check that the list is even length */
if (ciphers.len % 2) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
@ -2232,12 +2272,13 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
}
if (data->len != 0) {
return SECFailure; /* Malformed */
(void)ssl3_DecodeError(ss); /* trailing bytes */
return SECFailure;
}
/* Now figure out what to do */
if (!found) {
/* No matching ciphers */
/* No matching ciphers, pretend we don't support use_srtp */
return SECSuccess;
}
@ -2246,7 +2287,7 @@ ssl3_HandleUseSRTPXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ssl_use_srtp_xtn;
return ssl3_RegisterServerHelloExtensionSender(ss, ssl_use_srtp_xtn,
ssl3_SendUseSRTPXtn);
ssl3_ServerSendUseSRTPXtn);
}
/* ssl3_ServerHandleSigAlgsXtn handles the signature_algorithms extension
@ -2258,16 +2299,13 @@ ssl3_ServerHandleSigAlgsXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
SECStatus rv;
SECItem algorithms;
const unsigned char *b;
unsigned int numAlgorithms, i;
unsigned int numAlgorithms, i, j;
/* Ignore this extension if we aren't doing TLS 1.2 or greater. */
if (ss->version < SSL_LIBRARY_VERSION_TLS_1_2) {
return SECSuccess;
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
rv = ssl3_ConsumeHandshakeVariable(ss, &algorithms, 2, &data->data,
&data->len);
if (rv != SECSuccess) {
@ -2276,6 +2314,7 @@ ssl3_ServerHandleSigAlgsXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
/* Trailing data, empty value, or odd-length value is invalid. */
if (data->len != 0 || algorithms.len == 0 || (algorithms.len & 1) != 0) {
PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
(void)SSL3_SendAlert(ss, alert_fatal, decode_error);
return SECFailure;
}
@ -2289,12 +2328,14 @@ ssl3_ServerHandleSigAlgsXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
ss->ssl3.hs.clientSigAndHash =
PORT_NewArray(SSL3SignatureAndHashAlgorithm, numAlgorithms);
if (!ss->ssl3.hs.clientSigAndHash) {
PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
(void)SSL3_SendAlert(ss, alert_fatal, internal_error);
return SECFailure;
}
ss->ssl3.hs.numClientSigAndHash = 0;
b = algorithms.data;
for (i = 0; i < numAlgorithms; i++) {
for (i = j = 0; i < numAlgorithms; i++) {
unsigned char tls_hash = *(b++);
unsigned char tls_sig = *(b++);
SECOidTag hash = ssl3_TLSHashAlgorithmToOID(tls_hash);
@ -2305,9 +2346,10 @@ ssl3_ServerHandleSigAlgsXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
}
/* tls_sig support will be checked later in
* ssl3_PickSignatureHashAlgorithm. */
ss->ssl3.hs.clientSigAndHash[i].hashAlg = hash;
ss->ssl3.hs.clientSigAndHash[i].sigAlg = tls_sig;
ss->ssl3.hs.numClientSigAndHash++;
ss->ssl3.hs.clientSigAndHash[j].hashAlg = hash;
ss->ssl3.hs.clientSigAndHash[j].sigAlg = tls_sig;
++j;
++ss->ssl3.hs.numClientSigAndHash;
}
if (!ss->ssl3.hs.numClientSigAndHash) {
@ -2317,6 +2359,8 @@ ssl3_ServerHandleSigAlgsXtn(sslSocket * ss, PRUint16 ex_type, SECItem *data)
ss->ssl3.hs.clientSigAndHash = NULL;
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
return SECSuccess;
}
@ -2480,41 +2524,32 @@ ssl3_ServerHandleDraftVersionXtn(sslSocket * ss, PRUint16 ex_type,
return SECSuccess;
}
if (data->len != 2)
goto loser;
if (data->len != 2) {
(void)ssl3_DecodeError(ss);
return SECFailure;
}
/* Get the draft version out of the handshake */
draft_version = ssl3_ConsumeHandshakeNumber(ss, 2,
&data->data, &data->len);
if (draft_version < 0) {
goto loser;
return SECFailure;
}
/* Keep track of negotiated extensions. */
ss->xtnData.negotiated[ss->xtnData.numNegotiated++] = ex_type;
/* Compare the version */
if (draft_version != TLS_1_3_DRAFT_VERSION) {
SSL_TRC(30, ("%d: SSL3[%d]: Incompatible version of TLS 1.3 (%d), "
"expected %d",
SSL_GETPID(), ss->fd, draft_version, TLS_1_3_DRAFT_VERSION));
goto loser;
}
return SECSuccess;
loser:
/*
* Incompatible/broken TLS 1.3 implementation. Fall back to TLS 1.2.
* TODO(ekr@rtfm.com): It's not entirely clear it's safe to roll back
* here. Need to double-check.
* TODO(ekr@rtfm.com): Currently we fall back even on broken extensions.
* because SECFailure does not cause handshake failures. See bug
* 753136.
*/
SSL_TRC(30, ("%d: SSL3[%d]: Rolling back to TLS 1.2", SSL_GETPID(), ss->fd));
SSL_TRC(30, ("%d: SSL3[%d]: Incompatible version of TLS 1.3 (%d), "
"expected %d",
SSL_GETPID(), ss->fd, draft_version, TLS_1_3_DRAFT_VERSION));
ss->version = SSL_LIBRARY_VERSION_TLS_1_2;
}
return SECSuccess;
}

View File

@ -981,6 +981,7 @@ struct ssl3StateStr {
PRUint16 dtlsSRTPCiphers[MAX_DTLS_SRTP_CIPHER_SUITES];
PRUint16 dtlsSRTPCipherCount;
PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */
PRBool fatalAlertSent;
};
#define DTLS_MAX_MTU 1500 /* Ethernet MTU but without subtracting the

View File

@ -90,12 +90,12 @@ static sslOptions ssl_defaults = {
*/
static SSLVersionRange versions_defaults_stream = {
SSL_LIBRARY_VERSION_3_0,
SSL_LIBRARY_VERSION_TLS_1_0
SSL_LIBRARY_VERSION_TLS_1_2
};
static SSLVersionRange versions_defaults_datagram = {
SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_1
SSL_LIBRARY_VERSION_TLS_1_2
};
#define VERSIONS_DEFAULTS(variant) \

View File

@ -19,10 +19,10 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
#define NSSUTIL_VERSION "3.17.2.1"
#define NSSUTIL_VERSION "3.18.0.1"
#define NSSUTIL_VMAJOR 3
#define NSSUTIL_VMINOR 17
#define NSSUTIL_VPATCH 2
#define NSSUTIL_VMINOR 18
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 1
#define NSSUTIL_BETA PR_FALSE

View File

@ -1,38 +1,6 @@
Copyright 2005 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
***** BEGIN LICENSE BLOCK *****
Version: MPL 1.1/GPL 2.0/LGPL 2.1
The contents of this package are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this package except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is the Netscape Portable Runtime (NSPR).
The Initial Developer of the Original Code is
Netscape Communications Corporation.
Portions created by the Initial Developer are Copyright (C) 1998-2000
the Initial Developer. All Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the terms of
either the GNU General Public License Version 2 or later (the "GPL"), or
the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
in which case the provisions of the GPL or the LGPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of either the GPL or the LGPL, and not to allow others to
use your version of this file under the terms of the MPL, indicate your
decision by deleting the provisions above and replace them with the notice
and other provisions required by the GPL or the LGPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the MPL, the GPL or the LGPL.
***** END LICENSE BLOCK *****
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.

View File

@ -301,7 +301,7 @@ fi
# following test for modutil should check for that instead.
# Exception: when building softoken only, shlibsign is the
# last file created.
if [ ${NSS_BUILD_SOFTOKEN_ONLY} -eq "1" ]; then
if [ "${NSS_BUILD_SOFTOKEN_ONLY}" = "1" ]; then
LAST_FILE_BUILT=shlibsign
else
LAST_FILE_BUILT=modutil

View File

@ -21,7 +21,7 @@ verify TestUser51:x
result pass
verify PayPalEE:x
policy OID.2.16.840.1.113733.1.7.23.6
policy OID.2.16.840.1.114412.1.1
result pass
verify BrAirWaysBadSig:x

View File

@ -1,47 +1,6 @@
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Network Security Services (NSS)
#
# The Initial Developer of the Original Code is Sun Microsystems, Inc.
# Portions created by the Initial Developer are Copyright (C) 2009
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems
# Ryan Sleevi <ryan.sleevi@gmail.com>, Google
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Scenario ocspd.cfg will always be processed first,
# regardless of its presence in this list.
#
# Scenario method.cfg will always be processed, regardless of its presence
# in this list, and will be processed twice, once with httpserv -O get
# and once with -O post. Because method.cfg will be executed with both
# classic and libpkix engines, it must not contain any policy checks.
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
bridge.cfg
megabridge_3_2.cfg

View File

@ -225,7 +225,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
}
html_msg()
{
if [ "$1" -ne "$2" ] ; then
if [ $1 -ne $2 ] ; then
html_failed "$3" "$4"
else
html_passed "$3" "$4"

View File

@ -168,20 +168,30 @@ dbtest_main()
cat $RONLY_DIR/* > /dev/null
fi
# skipping the next two tests when user is root,
# otherwise they would fail due to rooty powers
if [ $UID -ne 0 ]; then
${BINDIR}/dbtest -d $RONLY_DIR
ret=$?
if [ $ret -ne 46 ]; then
html_failed "Dbtest r/w succeeded in an readonly directory $ret"
html_failed "Dbtest r/w succeeded in a readonly directory $ret"
else
html_passed "Dbtest r/w didn't work in an readonly dir $ret"
fi
else
html_passed "Skipping Dbtest r/w in a readonly dir because user is root"
fi
if [ $UID -ne 0 ]; then
${BINDIR}/certutil -D -n "TestUser" -d .
ret=$?
if [ $ret -ne 255 ]; then
html_failed "Certutil succeeded in deleting a cert in an readonly directory $ret"
html_failed "Certutil succeeded in deleting a cert in a readonly directory $ret"
else
html_passed "Certutil didn't work in an readonly dir $ret"
fi
else
html_passed "Skipping Certutil delete cert in a readonly directory test because user is root"
fi
Echo "test opening the database ronly in a readonly directory"

View File

@ -1,37 +1,6 @@
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Network Security Services (NSS)
#
# The Initial Developer of the Original Code is Sun Microsystems, Inc.
# Portions created by the Initial Developer are Copyright (C) 2006-2009
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
certDir=/iopr
caCertName=TestCA

View File

@ -1,39 +1,6 @@
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the PKIX-C library.
#
# The Initial Developer of the Original Code is
# Sun Microsystems, Inc.
# Portions created by the Initial Developer are
# Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
#
# Contributor(s):
# Sun Microsystems, Inc.
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
This directory contains both sample applications and performance evaluation
applications.

View File

@ -1,4 +1,4 @@
# Status | Leaf Cert | Policies | Others(undef)
0 TestUser50 undef
0 TestUser51 undef
0 PayPalEE OID.2.16.840.1.113733.1.7.23.6
0 PayPalEE OID.2.16.840.1.114412.1.1

View File

@ -206,7 +206,8 @@ set_test_mode()
${BINDIR}/modutil -dbdir ${CLIENT_DB} -list
echo "${SCRIPTNAME}: FIPS is OFF"
cipher_list="A B C D E F :C001 :C002 :C003 :C004 :C005 :C006 :C007 :C008 :C009 :C00A :C010 :C011 :C012 :C013 :C014 c d e f g i j k l m n v y z"
# ciphers l and m removed, see bug 1136095
cipher_list="A B C D E F :C001 :C002 :C003 :C004 :C005 :C006 :C007 :C008 :C009 :C00A :C010 :C011 :C012 :C013 :C014 c d e f g i j k n v y z"
fi
}

View File

@ -78,8 +78,10 @@
noECC TLS12 i TLS12_RSA_WITH_NULL_MD5
noECC TLS12 j TLS12_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
noECC TLS12 k TLS12_RSA_FIPS_WITH_DES_CBC_SHA
noECC TLS12 l TLS12_RSA_EXPORT_WITH_DES_CBC_SHA (new)
noECC TLS12 m TLS12_RSA_EXPORT_WITH_RC4_56_SHA (new)
# disabled because of bug 1136095
# noECC TLS12 l TLS12_RSA_EXPORT_WITH_DES_CBC_SHA (new)
# disabled because of bug 1136095
# noECC TLS12 m TLS12_RSA_EXPORT_WITH_RC4_56_SHA (new)
noECC TLS12 n TLS12_RSA_WITH_RC4_128_SHA
noECC TLS12 v TLS12_RSA_WITH_AES_128_CBC_SHA
noECC TLS12 y TLS12_RSA_WITH_AES_256_CBC_SHA