kamp/RetroZilla
1
0
Fork 0
mirror of https://github.com/rn10950/RetroZilla.git synced 2024-11-13 03:10:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17 from roytam1/tls12

Browse Source 
TLS 1.2
This commit is contained in:
rn10950 2018-06-14 03:37:44 -04:00 committed by GitHub
commit bb6b8a03fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2437 changed files with 249243 additions and 161942 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nsprpub/lib/ds/plarena.c
View File

@ -260,6 +260,21 @@ PR_IMPLEMENT(void *) PL_ArenaGrow(
return newp;
}
static void ClearArenaList(PLArena *a, PRInt32 pattern)
{
for (; a; a = a->next) {
PR_ASSERT(a->base <= a->avail && a->avail <= a->limit);
a->avail = a->base;
PL_CLEAR_UNUSED_PATTERN(a, pattern);
}
}
PR_IMPLEMENT(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern)
{
ClearArenaList(pool->first.next, pattern);
}
/*
* Free tail arenas linked after head, which may not be the true list head.
* Reset pool->current to point to head in case it pointed at a tail arena.
@ -274,12 +289,7 @@ static void FreeArenaList(PLArenaPool *pool, PLArena *head, PRBool reallyFree)
return;
#ifdef DEBUG
do {
PR_ASSERT(a->base <= a->avail && a->avail <= a->limit);
a->avail = a->base;
PL_CLEAR_UNUSED(a);
} while ((a = a->next) != 0);
a = *ap;
ClearArenaList(a, PL_FREE_PATTERN);
#endif
if (reallyFree) {

7
nsprpub/lib/ds/plarena.h
View File

@ -138,11 +138,12 @@ struct PLArenaPool {
#define PL_ARENA_MARK(pool) ((void *) (pool)->current->avail)
#define PR_UPTRDIFF(p,q) ((PRUword)(p) - (PRUword)(q))
#define PL_CLEAR_UNUSED_PATTERN(a, pattern) \
(PR_ASSERT((a)->avail <= (a)->limit), \
memset((void*)(a)->avail, (pattern), (a)->limit - (a)->avail))
#ifdef DEBUG
#define PL_FREE_PATTERN 0xDA
#define PL_CLEAR_UNUSED(a) (PR_ASSERT((a)->avail <= (a)->limit), \
memset((void*)(a)->avail, PL_FREE_PATTERN, \
(a)->limit - (a)->avail))
#define PL_CLEAR_UNUSED(a) PL_CLEAR_UNUSED_PATTERN((a), PL_FREE_PATTERN)
#define PL_CLEAR_ARENA(a) memset((void*)(a), PL_FREE_PATTERN, \
(a)->limit - (PRUword)(a))
#else

5
nsprpub/lib/ds/plarenas.h
View File

@ -108,6 +108,11 @@ PR_EXTERN(void *) PL_ArenaGrow(
PR_EXTERN(void) PL_ArenaRelease(PLArenaPool *pool, char *mark);
/*
** memset contents of all arenas in pool to pattern
*/
PR_EXTERN(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern);
PR_END_EXTERN_C
#endif /* defined(PLARENAS_H) */

5
nsprpub/lib/ds/plds.def
View File

@ -81,3 +81,8 @@ libVersionPoint;
PL_HashTableLookupConst;
PL_HashTableRawLookupConst;
;+} NSPR_4.0;
;+
;+NSPR_4.8.5 {
;+ global:
PL_ClearArenaPool;
;+} NSPR_4.1;

7
nsprpub/pr/include/prtypes.h
View File

@ -277,6 +277,13 @@
#define PR_MAX(x,y) ((x)>(y)?(x):(y))
#define PR_ABS(x) ((x)<0?-(x):(x))
/***********************************************************************
** MACROS: PR_ARRAY_SIZE
** DESCRIPTION:
** The number of elements in an array.
***********************************************************************/
#define PR_ARRAY_SIZE(a) (sizeof(a)/sizeof((a)[0]))
PR_BEGIN_EXTERN_C
/************************************************************************

34
nsprpub/pr/tests/sprintf.c
View File

@ -56,8 +56,6 @@
#include <stdio.h>
#include <stdlib.h>
#define countof(a) (sizeof(a)/sizeof(a[0]))
static char sbuf[20000];
@ -121,15 +119,15 @@ static void TestI(void)
int f, s, n, p;
char fmt[20];
for (f = 0; f < countof(formats); f++) {
for (s = 0; s < countof(signs); s++) {
for (p = 0; p < countof(precs); p++) {
for (f = 0; f < PR_ARRAY_SIZE(formats); f++) {
for (s = 0; s < PR_ARRAY_SIZE(signs); s++) {
for (p = 0; p < PR_ARRAY_SIZE(precs); p++) {
fmt[0] = '%';
fmt[1] = 0;
if (signs[s]) strcat(fmt, signs[s]);
if (precs[p]) strcat(fmt, precs[p]);
if (formats[f]) strcat(fmt, formats[f]);
for (n = 0; n < countof(nums); n++) {
for (n = 0; n < PR_ARRAY_SIZE(nums); n++) {
test_i(fmt, nums[n]);
}
}
@ -213,9 +211,9 @@ static void TestL(void)
int f, s, n, p;
char fmt[40], sfmt[40];
for (f = 0; f < countof(formats); f++) {
for (s = 0; s < countof(signs); s++) {
for (p = 0; p < countof(precs); p++) {
for (f = 0; f < PR_ARRAY_SIZE(formats); f++) {
for (s = 0; s < PR_ARRAY_SIZE(signs); s++) {
for (p = 0; p < PR_ARRAY_SIZE(precs); p++) {
fmt[0] = '%';
fmt[1] = 0;
if (signs[s]) strcat(fmt, signs[s]);
@ -223,7 +221,7 @@ static void TestL(void)
strcpy(sfmt, fmt);
if (formats[f]) strcat(fmt, formats[f]);
if (sformats[f]) strcat(sfmt, sformats[f]);
for (n = 0; n < countof(nums); n++) {
for (n = 0; n < PR_ARRAY_SIZE(nums); n++) {
test_l(fmt, sfmt, nums[n]);
}
}
@ -336,9 +334,9 @@ static void TestLL(void)
int f, s, n, p;
char fmt[40], sfmt[40];
for (f = 0; f < countof(formats); f++) {
for (s = 0; s < countof(signs); s++) {
for (p = 0; p < countof(precs); p++) {
for (f = 0; f < PR_ARRAY_SIZE(formats); f++) {
for (s = 0; s < PR_ARRAY_SIZE(signs); s++) {
for (p = 0; p < PR_ARRAY_SIZE(precs); p++) {
fmt[0] = '%';
fmt[1] = 0;
if (signs[s]) strcat(fmt, signs[s]);
@ -346,7 +344,7 @@ static void TestLL(void)
strcpy(sfmt, fmt);
if (formats[f]) strcat(fmt, formats[f]);
if (sformats[f]) strcat(sfmt, sformats[f]);
for (n = 0; n < countof(nums); n++) {
for (n = 0; n < PR_ARRAY_SIZE(nums); n++) {
test_ll(fmt, sfmt, nums[n]);
}
}
@ -424,15 +422,15 @@ static void TestS(void)
int f, s, n, p;
char fmt[40];
for (f = 0; f < countof(formats); f++) {
for (s = 0; s < countof(signs); s++) {
for (p = 0; p < countof(precs); p++) {
for (f = 0; f < PR_ARRAY_SIZE(formats); f++) {
for (s = 0; s < PR_ARRAY_SIZE(signs); s++) {
for (p = 0; p < PR_ARRAY_SIZE(precs); p++) {
fmt[0] = '%';
fmt[1] = 0;
if (signs[s]) strcat(fmt+strlen(fmt), signs[s]);
if (precs[p]) strcat(fmt+strlen(fmt), precs[p]);
if (formats[f]) strcat(fmt+strlen(fmt), formats[f]);
for (n = 0; n < countof(strs); n++) {
for (n = 0; n < PR_ARRAY_SIZE(strs); n++) {
test_s(fmt, strs[n]);
}
}

12
security/manager/ssl/src/nsNSSComponent.cpp
View File

@ -949,6 +949,9 @@ static CipherPref CipherPrefs[] = {
{"security.ssl3.dhe_dss_des_sha", SSL_DHE_DSS_WITH_DES_CBC_SHA}, // 56-bit DES encryption with DSA, DHE, and a SHA1 MAC
{"security.ssl3.rsa_null_sha", SSL_RSA_WITH_NULL_SHA}, // No encryption with RSA authentication and a SHA1 MAC
{"security.ssl3.rsa_null_md5", SSL_RSA_WITH_NULL_MD5}, // No encryption with RSA authentication and an MD5 MAC
{"security.ssl3.rsa_seed_sha", TLS_RSA_WITH_SEED_CBC_SHA}, // SEED encryption with RSA and a SHA1 MAC
{"security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, // 128-bit AES-GCM encryption with ECDHE-ECDSA
{"security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, // 128-bit AES-GCM encryption with ECDHE-RSA
{NULL, 0} /* end marker */
};
@ -1527,6 +1530,10 @@ nsNSSComponent::InitializeNSS(PRBool showWarningBox)
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
SSLVersionRange supported;
SSL_VersionRangeGetSupported(ssl_variant_stream, &supported);
SSL_VersionRangeSetDefault(ssl_variant_stream, &supported);
// Disable any ciphers that NSS might have enabled by default
for (PRUint16 i = 0; i < SSL_NumImplementedCiphers; ++i)
{
@ -2031,6 +2038,11 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
} else if (prefName.Equals("security.enable_tls")) {
mPrefBranch->GetBoolPref("security.enable_tls", &enabled);
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
SSLVersionRange supported;
SSL_VersionRangeGetSupported(ssl_variant_stream, &supported);
SSL_VersionRangeSetDefault(ssl_variant_stream, &supported);
} else if (prefName.Equals("security.OCSP.enabled")) {
setOCSPOptions(mPrefBranch);
} else {

107
security/nss/Makefile
View File

@ -1,40 +1,8 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
@ -58,9 +26,7 @@ include $(CORE_DEPTH)/coreconf/config.mk
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
ifeq ($(OS_TARGET),WINCE)
DIRS = lib # omit cmd since wince has no command line shell
endif
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
@ -78,23 +44,20 @@ include $(CORE_DEPTH)/coreconf/rules.mk
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
nss_build_all: build_coreconf build_nspr build_dbm all
nss_build_all: build_nspr all
nss_clean_all: clobber_coreconf clobber_nspr clobber_dbm clobber
nss_clean_all: clobber_nspr clobber
build_coreconf:
cd $(CORE_DEPTH)/coreconf ; $(MAKE)
clobber_coreconf:
cd $(CORE_DEPTH)/coreconf ; $(MAKE) clobber
NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status
NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure
NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)/config.status
NSPR_CONFIGURE = $(CORE_DEPTH)/../nspr/configure
#
# Translate coreconf build options to NSPR configure options.
#
ifeq ($(OS_TARGET),Android)
NSPR_CONFIGURE_OPTS += --with-android-ndk=$(ANDROID_NDK) --target=arm-linux-androideabi --with-android-version=$(OS_TARGET_RELEASE)
endif
ifdef BUILD_OPT
NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize
endif
@ -127,59 +90,33 @@ USEABSPATH="NO"
endif
endif
ifeq ($(USEABSPATH),"YES")
NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME)
NSPR_PREFIX = $(shell pwd)/../dist/$(OBJDIR_NAME)
else
NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME)
endif
$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE)
$(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)
cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \
mkdir -p $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)
cd $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) ; \
$(NSPR_COMPILERS) sh ../configure \
$(NSPR_CONFIGURE_OPTS) \
--with-dist-prefix='$(NSPR_PREFIX)' \
--with-dist-includedir='$(NSPR_PREFIX)/include'
build_nspr: $(NSPR_CONFIG_STATUS)
cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
$(MAKE) -C $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)
clobber_nspr: $(NSPR_CONFIG_STATUS)
cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) clobber
$(MAKE) -C $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) clobber
build_dbm:
ifndef NSS_DISABLE_DBM
cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
else
echo "skipping the build of DBM"
endif
build_docs:
$(MAKE) -C $(CORE_DEPTH)/doc
clobber_dbm:
cd $(CORE_DEPTH)/dbm ; $(MAKE) clobber
clean_docs:
$(MAKE) -C $(CORE_DEPTH)/doc clean
moz_import::
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
$(NSINSTALL) -D $(DIST)/include/nspr
cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr
cp $(DIST)/../include/* $(DIST)/include
ifdef BUILD_OPT
cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib
else
cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib
endif
mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib
else
ifeq ($(OS_TARGET),OS2)
cp -rf $(DIST)/../include $(DIST)
cp -rf $(DIST)/../lib $(DIST)
cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
else
$(NSINSTALL) -L ../../dist include $(DIST)
$(NSINSTALL) -L ../../dist lib $(DIST)
cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
endif
endif
nss_RelEng_bld: build_coreconf import build_dbm all
nss_RelEng_bld: import all
package:
$(MAKE) -C pkg publish

69
security/nss/automation/buildbot-slave/bbenv-example.sh Normal file
View File

@ -0,0 +1,69 @@
#! /bin/bash
# Each buildbot-slave requires a bbenv.sh file that defines
# machine specific variables. This is an example file.
HOST=$(hostname | cut -d. -f1)
export HOST
# if your machine's IP isn't registered in DNS,
# you must set appropriate environment variables
# that can be resolved locally.
# For example, if localhost.localdomain works on your system, set:
#HOST=localhost
#DOMSUF=localdomain
#export DOMSUF
ARCH=$(uname -s)
ulimit -c unlimited 2> /dev/null
export NSS_ENABLE_ECC=1
export NSS_ECC_MORE_THAN_SUITE_B=1
export NSPR_LOG_MODULES="pkix:1"
#export JAVA_HOME_32=
#export JAVA_HOME_64=
#enable if you have PKITS data
#export PKITS_DATA=$HOME/pkits/data/
NSS_BUILD_TARGET="clean nss_build_all"
JSS_BUILD_TARGET="clean all"
MAKE=gmake
AWK=awk
PATCH=patch
if [ "${ARCH}" = "SunOS" ]; then
AWK=nawk
PATCH=gpatch
ARCH=SunOS/$(uname -p)
fi
if [ "${ARCH}" = "Linux" -a -f /etc/system-release ]; then
VERSION=`sed -e 's; release ;;' -e 's; (.*)$;;' -e 's;Red Hat Enterprise Linux Server;RHEL;' -e 's;Red Hat Enterprise Linux Workstation;RHEL;' /etc/system-release`
ARCH=Linux/${VERSION}
echo ${ARCH}
fi
PROCESSOR=$(uname -p)
if [ "${PROCESSOR}" = "ppc64" ]; then
ARCH="${ARCH}/ppc64"
fi
if [ "${PROCESSOR}" = "powerpc" ]; then
ARCH="${ARCH}/ppc"
fi
PORT_64_DBG=8543
PORT_64_OPT=8544
PORT_32_DBG=8545
PORT_32_OPT=8546
if [ "${NSS_TESTS}" = "memleak" ]; then
PORT_64_DBG=8547
PORT_64_OPT=8548
PORT_32_DBG=8549
PORT_32_OPT=8550
fi

378
security/nss/automation/buildbot-slave/build.sh Normal file
View File

@ -0,0 +1,378 @@
#! /bin/bash
# Ensure a failure of the first command inside a pipe
# won't be hidden by commands later in the pipe.
# (e.g. as in ./dosomething | grep)
set -o pipefail
proc_args()
{
while [ -n "$1" ]; do
OPT=$(echo $1 | cut -d= -f1)
VAL=$(echo $1 | cut -d= -f2)
case $OPT in
"--build-nss")
BUILD_NSS=1
;;
"--test-nss")
TEST_NSS=1
;;
"--build-jss")
BUILD_JSS=1
;;
"--test-jss")
TEST_JSS=1
;;
"--memtest")
NSS_TESTS="memleak"
export NSS_TESTS
;;
"--nojsssign")
NO_JSS_SIGN=1
;;
*)
echo "Usage: $0 ..."
echo " --memtest - run the memory leak tests"
echo " --nojsssign - try to sign jss"
echo " --build-nss"
echo " --build-jss"
echo " --test-nss"
echo " --test-jss"
exit 1
;;
esac
shift
done
}
set_env()
{
TOPDIR=$(pwd)
HGDIR=$(pwd)$(echo "/hg")
OUTPUTDIR=$(pwd)$(echo "/output")
LOG_ALL="${OUTPUTDIR}/all.log"
LOG_TMP="${OUTPUTDIR}/tmp.log"
echo "hello" |grep --line-buffered hello >/dev/null 2>&1
[ $? -eq 0 ] && GREP_BUFFER="--line-buffered"
}
print_log()
{
DATE=$(date "+TB [%Y-%m-%d %H:%M:%S]")
echo "${DATE} $*"
echo "${DATE} $*" >> ${LOG_ALL}
}
print_result()
{
TESTNAME=$1
RET=$2
EXP=$3
if [ ${RET} -eq ${EXP} ]; then
print_log "${TESTNAME} PASSED"
else
print_log "${TESTNAME} FAILED"
fi
}
print_env()
{
print_log "######## Environment variables ########"
uname -a | tee -a ${LOG_ALL}
if [ -e "/etc/redhat-release" ]; then
cat "/etc/redhat-release" | tee -a ${LOG_ALL}
fi
# don't print the MAIL command, it might contain a password
env | grep -v "^MAIL=" | tee -a ${LOG_ALL}
}
set_cycle()
{
BITS=$1
OPT=$2
if [ "${BITS}" = "64" ]; then
USE_64=1
JAVA_HOME=${JAVA_HOME_64}
PORT_DBG=${PORT_64_DBG}
PORT_OPT=${PORT_64_OPT}
else
USE_64=
JAVA_HOME=${JAVA_HOME_32}
PORT_DBG=${PORT_32_DBG}
PORT_OPT=${PORT_32_OPT}
fi
export USE_64
export JAVA_HOME
BUILD_OPT=
if [ "${OPT}" = "OPT" ]; then
BUILD_OPT=1
XPCLASS=xpclass.jar
PORT=${PORT_OPT}
else
BUILD_OPT=
XPCLASS=xpclass_dbg.jar
PORT=${PORT_DBG}
fi
export BUILD_OPT
PORT_JSS_SERVER=$(expr ${PORT} + 20)
PORT_JSSE_SERVER=$(expr ${PORT} + 40)
export PORT
export PORT_JSS_SERVER
export PORT_JSSE_SERVER
}
build_nss()
{
print_log "######## NSS - build - ${BITS} bits - ${OPT} ########"
print_log "$ cd ${HGDIR}/nss"
cd ${HGDIR}/nss
print_log "$ ${MAKE} ${NSS_BUILD_TARGET}"
#${MAKE} ${NSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} | grep ${GREP_BUFFER} "^${MAKE}"
${MAKE} ${NSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL}
RET=$?
print_result "NSS - build - ${BITS} bits - ${OPT}" ${RET} 0
if [ ${RET} -eq 0 ]; then
return 0
else
tail -100 ${LOG_ALL}
return ${RET}
fi
}
build_jss()
{
print_log "######## JSS - build - ${BITS} bits - ${OPT} ########"
print_log "$ cd ${HGDIR}/jss"
cd ${HGDIR}/jss
print_log "$ ${MAKE} ${JSS_BUILD_TARGET}"
#${MAKE} ${JSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} | grep ${GREP_BUFFER} "^${MAKE}"
${MAKE} ${JSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL}
RET=$?
print_result "JSS build - ${BITS} bits - ${OPT}" ${RET} 0
[ ${RET} -eq 0 ] || return ${RET}
print_log "$ cd ${HGDIR}/dist"
cd ${HGDIR}/dist
if [ -z "${NO_JSS_SIGN}" ]; then
print_log "cat ${TOPDIR}/keystore.pw | ${JAVA_HOME}/bin/jarsigner -keystore ${TOPDIR}/keystore -internalsf ${XPCLASS} jssdsa"
cat ${TOPDIR}/keystore.pw | ${JAVA_HOME}/bin/jarsigner -keystore ${TOPDIR}/keystore -internalsf ${XPCLASS} jssdsa >> ${LOG_ALL} 2>&1
RET=$?
print_result "JSS - sign JAR files - ${BITS} bits - ${OPT}" ${RET} 0
[ ${RET} -eq 0 ] || return ${RET}
fi
print_log "${JAVA_HOME}/bin/jarsigner -verify -certs ${XPCLASS}"
${JAVA_HOME}/bin/jarsigner -verify -certs ${XPCLASS} >> ${LOG_ALL} 2>&1
RET=$?
print_result "JSS - verify JAR files - ${BITS} bits - ${OPT}" ${RET} 0
[ ${RET} -eq 0 ] || return ${RET}
return 0
}
test_nss()
{
print_log "######## NSS - tests - ${BITS} bits - ${OPT} ########"
if [ "${OS_TARGET}" = "Android" ]; then
print_log "$ cd ${HGDIR}/nss/tests/remote"
cd ${HGDIR}/nss/tests/remote
print_log "$ make test_android"
make test_android 2>&1 | tee ${LOG_TMP} | grep ${GREP_BUFFER} ": #"
OUTPUTFILE=${HGDIR}/tests_results/security/*.1/output.log
else
print_log "$ cd ${HGDIR}/nss/tests"
cd ${HGDIR}/nss/tests
print_log "$ ./all.sh"
./all.sh 2>&1 | tee ${LOG_TMP} | grep ${GREP_BUFFER} ": #"
OUTPUTFILE=${LOG_TMP}
fi
cat ${LOG_TMP} >> ${LOG_ALL}
tail -n2 ${HGDIR}/tests_results/security/*.1/results.html | grep END_OF_TEST >> ${LOG_ALL}
RET=$?
print_log "######## details of detected failures (if any) ########"
grep -B50 FAIL ${OUTPUTFILE}
[ $? -eq 1 ] || RET=1
print_result "NSS - tests - ${BITS} bits - ${OPT}" ${RET} 0
return ${RET}
}
test_jss()
{
print_log "######## JSS - tests - ${BITS} bits - ${OPT} ########"
print_log "$ cd ${HGDIR}/jss"
cd ${HGDIR}/jss
print_log "$ ${MAKE} platform"
PLATFORM=$(${MAKE} platform)
print_log "PLATFORM=${PLATFORM}"
print_log "$ cd ${HGDIR}/jss/org/mozilla/jss/tests"
cd ${HGDIR}/jss/org/mozilla/jss/tests
print_log "$ perl all.pl dist ${HGDIR}/dist/${PLATFORM}"
perl all.pl dist ${HGDIR}/dist/${PLATFORM} 2>&1 | tee ${LOG_TMP}
cat ${LOG_TMP} >> ${LOG_ALL}
tail -n2 ${LOG_TMP} | grep JSSTEST_RATE > /dev/null
RET=$?
grep FAIL ${LOG_TMP}
[ $? -eq 1 ] || RET=1
print_result "JSS - tests - ${BITS} bits - ${OPT}" ${RET} 0
return ${RET}
}
build_and_test()
{
if [ -n "${BUILD_NSS}" ]; then
build_nss
[ $? -eq 0 ] || return 1
fi
if [ -n "${TEST_NSS}" ]; then
test_nss
[ $? -eq 0 ] || return 1
fi
if [ -n "${BUILD_JSS}" ]; then
build_jss
[ $? -eq 0 ] || return 1
fi
if [ -n "${TEST_JSS}" ]; then
test_jss
[ $? -eq 0 ] || return 1
fi
return 0
}
run_cycle()
{
print_env
build_and_test
RET=$?
grep ^TinderboxPrint ${LOG_ALL}
return ${RET}
}
prepare()
{
rm -rf ${OUTPUTDIR}.oldest >/dev/null 2>&1
mv ${OUTPUTDIR}.older ${OUTPUTDIR}.oldest >/dev/null 2>&1
mv ${OUTPUTDIR}.old ${OUTPUTDIR}.older >/dev/null 2>&1
mv ${OUTPUTDIR}.last ${OUTPUTDIR}.old >/dev/null 2>&1
mv ${OUTPUTDIR} ${OUTPUTDIR}.last >/dev/null 2>&1
mkdir -p ${OUTPUTDIR}
if [ -n "${NSS_ENABLE_ECC}" -a -n "${NSS_ECC_MORE_THAN_SUITE_B}" ]; then
cd ${HGDIR}/nss
ECF="lib/freebl/ecl/ecl-curve.h"
print_log "hg revert -r NSS_3_11_1_RTM ${ECF}"
hg revert -r NSS_3_11_1_RTM security/nss/${ECF}
cp -f security/nss/${ECF} ${ECF}
fi
return 0
}
move_results()
{
cd ${HGDIR}
if [ -n "${TEST_NSS}" ]; then
mv -f tests_results ${OUTPUTDIR}
fi
tar -c -z --dereference -f ${OUTPUTDIR}/dist.tgz dist
rm -rf dist
}
run_all()
{
set_cycle ${BITS} ${OPT}
prepare
run_cycle
RESULT=$?
print_log "### result of run_cycle is ${RESULT}"
move_results
return ${RESULT}
}
main()
{
VALID=0
RET=1
for BITS in 32 64; do
echo ${RUN_BITS} | grep ${BITS} > /dev/null
[ $? -eq 0 ] || continue
for OPT in DBG OPT; do
echo ${RUN_OPT} | grep ${OPT} > /dev/null
[ $? -eq 0 ] || continue
VALID=1
set_env
run_all
RET=$?
print_log "### result of run_all is ${RET}"
done
done
if [ ${VALID} -ne 1 ]; then
echo "Need to set valid bits/opt values."
return 1
fi
return ${RET}
}
#function killallsub()
#{
# FINAL_RET=$?
# for proc in `jobs -p`
# do
# kill -9 $proc
# done
# return ${FINAL_RET}
#}
#trap killallsub EXIT
#IS_RUNNING_FILE="./build-is-running"
#if [ -a $IS_RUNNING_FILE ]; then
# echo "exiting, because old job is still running"
# exit 1
#fi
#touch $IS_RUNNING_FILE
echo "tinderbox args: $0 $@"
. ${ENVVARS}
proc_args "$@"
main
#RET=$?
#rm $IS_RUNNING_FILE
#exit ${RET}

6
security/nss/automation/buildbot-slave/reboot.bat Normal file
View File

@ -0,0 +1,6 @@
IF EXIST ..\buildbot-is-building (
del ..\buildbot-is-building
shutdown /r /t 0
timeout /t 120
)

14
security/nss/automation/buildbot-slave/startbuild.bat Normal file
View File

@ -0,0 +1,14 @@
echo running > ..\buildbot-is-building
echo running: "%MOZILLABUILD%\msys\bin\bash" -c "hg/tinder/buildbot/build.sh %*"
"%MOZILLABUILD%\msys\bin\bash" -c "hg/tinder/buildbot/build.sh %*"
if %errorlevel% neq 0 (
set EXITCODE=1
) else (
set EXITCODE=0
)
del ..\buildbot-is-building
exit /b %EXITCODE%

57
security/nss/cmd/Makefile
View File

@ -1,43 +1,11 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
CORE_DEPTH = ../..
DEPTH = ../..
CORE_DEPTH = ..
DEPTH = ..
include manifest.mn
include $(CORE_DEPTH)/coreconf/config.mk
@ -46,8 +14,19 @@ ifdef BUILD_LIBPKIX_TESTS
DIRS += libpkix
endif
ifndef USE_SYSTEM_ZLIB
ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1)
BLTEST_SRCDIR =
FIPSTEST_SRCDIR =
SHLIBSIGN_SRCDIR =
else
BLTEST_SRCDIR = bltest
FIPSTEST_SRCDIR = fipstest
SHLIBSIGN_SRCDIR = shlibsign
endif
LOWHASHTEST_SRCDIR=
ifeq ($(FREEBL_LOWHASH),1)
LOWHASHTEST_SRCDIR = lowhashtest # Add the lowhashtest directory to DIRS.
endif
INCLUDES += \

38
security/nss/cmd/addbuiltin/Makefile
View File

@ -1,40 +1,8 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #

466
security/nss/cmd/addbuiltin/addbuiltin.c
View File

@ -1,43 +1,9 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/*
* Tool for converting builtin CA certs.
*
* $Id: addbuiltin.c,v 1.14 2007/02/14 00:35:52 alexei.volkov.bugs%sun.com Exp $
*/
#include "nssrenam.h"
@ -68,20 +34,22 @@ char *getTrustString(unsigned int trust)
{
if (trust & CERTDB_TRUSTED) {
if (trust & CERTDB_TRUSTED_CA) {
return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
return "CKT_NSS_TRUSTED_DELEGATOR";
} else {
return "CKT_NETSCAPE_TRUSTED";
return "CKT_NSS_TRUSTED";
}
} else {
if (trust & CERTDB_TRUSTED_CA) {
return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
return "CKT_NSS_TRUSTED_DELEGATOR";
} else if (trust & CERTDB_VALID_CA) {
return "CKT_NETSCAPE_VALID_DELEGATOR";
return "CKT_NSS_VALID_DELEGATOR";
} else if (trust & CERTDB_TERMINAL_RECORD) {
return "CKT_NSS_NOT_TRUSTED";
} else {
return "CKT_NETSCAPE_TRUST_UNKNOWN";
return "CKT_NSS_MUST_VERIFY_TRUST";
}
}
return "CKT_NETSCAPE_TRUST_UNKNOWN"; /* not reached */
return "CKT_NSS_TRUST_UNKNOWN"; /* not reached */
}
static const SEC_ASN1Template serialTemplate[] = {
@ -89,14 +57,115 @@ static const SEC_ASN1Template serialTemplate[] = {
{ 0 }
};
void print_crl_info(CERTName *name, SECItem *serial)
{
PRBool saveWrapeState = SECU_GetWrapEnabled();
SECU_EnableWrap(PR_FALSE);
SECU_PrintNameQuotesOptional(stdout, name, "# Issuer", 0, PR_FALSE);
printf("\n");
SECU_PrintInteger(stdout, serial, "# Serial Number", 0);
SECU_EnableWrap(saveWrapeState);
}
static SECStatus
ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
ConvertCRLEntry(SECItem *sdder, PRInt32 crlentry, char *nickname)
{
int rv;
PLArenaPool *arena = NULL;
CERTSignedCrl *newCrl = NULL;
CERTCrlEntry *entry;
CERTName *name = NULL;
SECItem *derName = NULL;
SECItem *serial = NULL;
rv = SEC_ERROR_NO_MEMORY;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (!arena)
return rv;
newCrl = CERT_DecodeDERCrlWithFlags(arena, sdder, SEC_CRL_TYPE,
CRL_DECODE_DEFAULT_OPTIONS);
if (!newCrl)
return SECFailure;
name = &newCrl->crl.name;
derName = &newCrl->crl.derName;
if (newCrl->crl.entries != NULL) {
PRInt32 iv = 0;
while ((entry = newCrl->crl.entries[iv++]) != NULL) {
if (crlentry == iv) {
serial = &entry->serialNumber;
break;
}
}
}
if (!name || !derName || !serial)
return SECFailure;
printf("\n# Distrust \"%s\"\n",nickname);
print_crl_info(name, serial);
printf("CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST\n");
printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
printf("CKA_ISSUER MULTILINE_OCTAL\n");
dumpbytes(derName->data,derName->len);
printf("END\n");
printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
printf("\\002\\%03o", serial->len); /* 002: type integer; len >=3 digits */
dumpbytes(serial->data,serial->len);
printf("END\n");
printf("CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED\n");
printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED\n");
printf("CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED\n");
printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE\n");
PORT_FreeArena (arena, PR_FALSE);
return rv;
}
void print_info(SECItem *sdder, CERTCertificate *c)
{
PRBool saveWrapeState = SECU_GetWrapEnabled();
SECU_EnableWrap(PR_FALSE);
SECU_PrintNameQuotesOptional(stdout, &c->issuer, "# Issuer", 0, PR_FALSE);
printf("\n");
SECU_PrintInteger(stdout, &c->serialNumber, "# Serial Number", 0);
SECU_PrintNameQuotesOptional(stdout, &c->subject, "# Subject", 0, PR_FALSE);
printf("\n");
SECU_PrintTimeChoice(stdout, &c->validity.notBefore, "# Not Valid Before", 0);
SECU_PrintTimeChoice(stdout, &c->validity.notAfter, "# Not Valid After ", 0);
SECU_PrintFingerprints(stdout, sdder, "# Fingerprint", 0);
SECU_EnableWrap(saveWrapeState);
}
static SECStatus
ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust,
PRBool excludeCert, PRBool excludeHash)
{
SECStatus rv = SECSuccess;
CERTCertificate *cert;
unsigned char sha1_hash[SHA1_LENGTH];
unsigned char md5_hash[MD5_LENGTH];
SECItem *serial = NULL;
PRBool step_up = PR_FALSE;
const char *trust_info;
cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
if (!cert) {
@ -106,42 +175,56 @@ ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
if (!serial) {
return SECFailure;
}
if (!excludeCert) {
printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
print_info(sdder, cert);
printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
printf("CKA_SUBJECT MULTILINE_OCTAL\n");
dumpbytes(cert->derSubject.data,cert->derSubject.len);
printf("END\n");
printf("CKA_ID UTF8 \"0\"\n");
printf("CKA_ISSUER MULTILINE_OCTAL\n");
dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
printf("END\n");
printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
dumpbytes(serial->data,serial->len);
printf("END\n");
printf("CKA_VALUE MULTILINE_OCTAL\n");
dumpbytes(sdder->data,sdder->len);
printf("END\n");
}
if ((trust->sslFlags | trust->emailFlags | trust->objectSigningFlags)
== CERTDB_TERMINAL_RECORD)
trust_info = "Distrust";
else
trust_info = "Trust for";
printf("\n# %s \"%s\"\n", trust_info, nickname);
print_info(sdder, cert);
printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
printf("CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST\n");
printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
printf("CKA_SUBJECT MULTILINE_OCTAL\n");
dumpbytes(cert->derSubject.data,cert->derSubject.len);
printf("END\n");
printf("CKA_ID UTF8 \"0\"\n");
printf("CKA_ISSUER MULTILINE_OCTAL\n");
dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
printf("END\n");
printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
dumpbytes(serial->data,serial->len);
printf("END\n");
printf("CKA_VALUE MULTILINE_OCTAL\n");
dumpbytes(sdder->data,sdder->len);
printf("END\n");
PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
printf("\n# Trust for Certificate \"%s\"\n",nickname);
printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
dumpbytes(sha1_hash,SHA1_LENGTH);
printf("END\n");
printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
dumpbytes(md5_hash,MD5_LENGTH);
printf("END\n");
if (!excludeHash) {
PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
dumpbytes(sha1_hash,SHA1_LENGTH);
printf("END\n");
PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
dumpbytes(md5_hash,MD5_LENGTH);
printf("END\n");
}
printf("CKA_ISSUER MULTILINE_OCTAL\n");
dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
@ -151,24 +234,24 @@ ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
printf("END\n");
printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
getTrustString(trust->sslFlags));
getTrustString(trust->sslFlags));
printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
getTrustString(trust->emailFlags));
getTrustString(trust->emailFlags));
printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
getTrustString(trust->objectSigningFlags));
getTrustString(trust->objectSigningFlags));
#ifdef notdef
printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NSS_TRUSTED\n");
printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n");
#endif
step_up = (trust->sslFlags & CERTDB_GOVT_APPROVED_CA);
printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL %s\n",
trust->sslFlags & CERTDB_GOVT_APPROVED_CA ?
"CK_TRUE" : "CK_FALSE");
step_up ? "CK_TRUE" : "CK_FALSE");
PORT_Free(sdder->data);
return(rv);
@ -177,43 +260,11 @@ ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
void printheader() {
printf("# \n"
"# ***** BEGIN LICENSE BLOCK *****\n"
"# Version: MPL 1.1/GPL 2.0/LGPL 2.1\n"
"#\n"
"# The contents of this file are subject to the Mozilla Public License Version\n"
"# 1.1 (the \"License\"); you may not use this file except in compliance with\n"
"# the License. You may obtain a copy of the License at\n"
"# http://www.mozilla.org/MPL/\n"
"#\n"
"# Software distributed under the License is distributed on an \"AS IS\" basis,\n"
"# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License\n"
"# for the specific language governing rights and limitations under the\n"
"# License.\n"
"#\n"
"# The Original Code is the Netscape security libraries..\n"
"#\n"
"# The Initial Developer of the Original Code is\n"
"# Netscape Communications Corporation.\n"
"# Portions created by the Initial Developer are Copyright (C) 1994-2000\n"
"# the Initial Developer. All Rights Reserved.\n"
"#\n"
"# Contributor(s):\n"
"#\n"
"# Alternatively, the contents of this file may be used under the terms of\n"
"# either the GNU General Public License Version 2 or later (the \"GPL\"), or\n"
"# the GNU Lesser General Public License Version 2.1 or later (the \"LGPL\"),\n"
"# in which case the provisions of the GPL or the LGPL are applicable instead\n"
"# of those above. If you wish to allow use of your version of this file only\n"
"# under the terms of either the GPL or the LGPL, and not to allow others to\n"
"# use your version of this file under the terms of the MPL, indicate your\n"
"# decision by deleting the provisions above and replace them with the notice\n"
"# and other provisions required by the GPL or the LGPL. If you do not delete\n"
"# the provisions above, a recipient may use your version of this file under\n"
"# the terms of any one of the MPL, the GPL or the LGPL.\n"
"#\n"
"# ***** END LICENSE BLOCK *****\n"
"# This Source Code Form is subject to the terms of the Mozilla Public\n"
"# License, v. 2.0. If a copy of the MPL was not distributed with this\n"
"# file, You can obtain one at http://mozilla.org/MPL/2.0/.\n"
"#\n"
"CVS_ID \"@(#) $RCSfile: addbuiltin.c,v $ $Revision: 1.14 $ $Date: 2007/02/14 00:35:52 $\"\n"
"CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$\"\n"
"\n"
"#\n"
"# certdata.txt\n"
@ -237,7 +288,7 @@ void printheader() {
"# CKA_ISSUER DER+base64 (varies)\n"
"# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
"# CKA_VALUE DER+base64 (varies)\n"
"# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n"
"# CKA_NSS_EMAIL ASCII7 (unused here)\n"
"#\n"
"# Trust\n"
"#\n"
@ -274,7 +325,7 @@ void printheader() {
"# have to go looking for others.\n"
"#\n"
"BEGINDATA\n"
"CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
"CKA_CLASS CK_OBJECT_CLASS CKO_NSS_BUILTIN_ROOT_LIST\n"
"CKA_TOKEN CK_BBOOL CK_TRUE\n"
"CKA_PRIVATE CK_BBOOL CK_FALSE\n"
"CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
@ -283,41 +334,71 @@ void printheader() {
static void Usage(char *progName)
{
fprintf(stderr, "%s -n nickname -t trust [-i certfile]\n", progName);
fprintf(stderr, "%s -t trust -n nickname [-i certfile] [-c] [-h]\n", progName);
fprintf(stderr,
"\tRead a der-encoded cert from certfile or stdin, and output\n"
"\tit to stdout in a format suitable for the builtin root module.\n"
"\tExample: %s -n MyCA -t \"C,C,C\" -i myca.der >> certdata.txt\n"
"\t(pipe through atob if the cert is b64-encoded)\n", progName);
fprintf(stderr, "%-15s nickname to assign to builtin cert.\n",
"-n nickname");
"\tExample: %s -n MyCA -t \"C,C,C\" -i myca.der >> certdata.txt\n",
progName);
fprintf(stderr, "%s -D -n label [-i certfile]\n", progName);
fprintf(stderr,
"\tRead a der-encoded cert from certfile or stdin, and output\n"
"\ta distrust record.\n"
"\t(-D is equivalent to -t p,p,p -c -h)\n");
fprintf(stderr, "%s -C -e crl-entry-number -n label [-i crlfile]\n", progName);
fprintf(stderr,
"\tRead a CRL from crlfile or stdin, and output\n"
"\ta distrust record (issuer+serial).\n"
"\t(-C implies -c -h)\n");
fprintf(stderr, "%-15s trust flags (cCTpPuw).\n", "-t trust");
fprintf(stderr, "%-15s file to read (default stdin)\n", "-i certfile");
fprintf(stderr, "%-15s nickname to assign to builtin cert, or\n",
"-n nickname");
fprintf(stderr, "%-15s a label for the distrust record.\n", "");
fprintf(stderr, "%-15s exclude the certificate (only add a trust record)\n", "-c");
fprintf(stderr, "%-15s exclude hash from trust record\n", "-h");
fprintf(stderr, "%-15s (useful to distrust any matching issuer/serial)\n", "");
fprintf(stderr, "%-15s (not allowed when adding positive trust)\n", "");
fprintf(stderr, "%-15s a CRL entry number, as shown by \"crlutil -S\"\n", "-e");
fprintf(stderr, "%-15s input file to read (default stdin)\n", "-i file");
fprintf(stderr, "%-15s (pipe through atob if the cert is b64-encoded)\n", "");
exit(-1);
}
enum {
opt_Input = 0,
opt_Nickname,
opt_Trust
opt_Trust,
opt_Distrust,
opt_ExcludeCert,
opt_ExcludeHash,
opt_DistrustCRL,
opt_CRLEnry
};
static secuCommandFlag addbuiltin_options[] =
{
{ /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
{ /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
{ /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }
{ /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
{ /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
{ /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE },
{ /* opt_Distrust */ 'D', PR_FALSE, 0, PR_FALSE },
{ /* opt_ExcludeCert */ 'c', PR_FALSE, 0, PR_FALSE },
{ /* opt_ExcludeHash */ 'h', PR_FALSE, 0, PR_FALSE },
{ /* opt_DistrustCRL */ 'C', PR_FALSE, 0, PR_FALSE },
{ /* opt_CRLEnry */ 'e', PR_TRUE, 0, PR_FALSE },
};
int main(int argc, char **argv)
{
SECStatus rv;
char *nickname;
char *trusts;
char *nickname = NULL;
char *trusts = NULL;
char *progName;
PRFileDesc *infile;
CERTCertTrust trust = { 0 };
SECItem derCert = { 0 };
SECItem derItem = { 0 };
PRInt32 crlentry = 0;
PRInt32 mutuallyExclusiveOpts = 0;
PRBool decodeTrust = PR_FALSE;
secuCommand addbuiltin = { 0 };
addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
@ -330,12 +411,40 @@ int main(int argc, char **argv)
if (rv != SECSuccess)
Usage(progName);
if (addbuiltin.options[opt_Trust].activated)
++mutuallyExclusiveOpts;
if (addbuiltin.options[opt_Distrust].activated)
++mutuallyExclusiveOpts;
if (addbuiltin.options[opt_DistrustCRL].activated)
++mutuallyExclusiveOpts;
if (!addbuiltin.options[opt_Nickname].activated &&
!addbuiltin.options[opt_Trust].activated) {
fprintf(stderr, "%s: you must specify both a nickname and trust.\n",
progName);
Usage(progName);
if (mutuallyExclusiveOpts != 1) {
fprintf(stderr, "%s: you must specify exactly one of -t or -D or -C\n",
progName);
Usage(progName);
}
if (addbuiltin.options[opt_DistrustCRL].activated) {
if (!addbuiltin.options[opt_CRLEnry].activated) {
fprintf(stderr, "%s: you must specify the CRL entry number.\n",
progName);
Usage(progName);
}
else {
crlentry = atoi(addbuiltin.options[opt_CRLEnry].arg);
if (crlentry < 1) {
fprintf(stderr, "%s: The CRL entry number must be > 0.\n",
progName);
Usage(progName);
}
}
}
if (!addbuiltin.options[opt_Nickname].activated) {
fprintf(stderr, "%s: you must specify parameter -n (a nickname or a label).\n",
progName);
Usage(progName);
}
if (addbuiltin.options[opt_Input].activated) {
@ -362,25 +471,70 @@ int main(int argc, char **argv)
infile = PR_STDIN;
}
nickname = strdup(addbuiltin.options[opt_Nickname].arg);
trusts = strdup(addbuiltin.options[opt_Trust].arg);
#if defined(WIN32)
/* We must put stdout into O_BINARY mode or else the output will include
** carriage returns.
*/
{
int smrv = _setmode(_fileno(stdout), _O_BINARY);
if (smrv == -1) {
fprintf(stderr, "%s: Cannot change stdout to binary mode.\n", progName);
exit(1);
}
}
#endif
nickname = strdup(addbuiltin.options[opt_Nickname].arg);
NSS_NoDB_Init(NULL);
rv = CERT_DecodeTrustString(&trust, trusts);
if (rv) {
fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
Usage(progName);
if (addbuiltin.options[opt_Distrust].activated ||
addbuiltin.options[opt_DistrustCRL].activated) {
addbuiltin.options[opt_ExcludeCert].activated = PR_TRUE;
addbuiltin.options[opt_ExcludeHash].activated = PR_TRUE;
}
if (addbuiltin.options[opt_Distrust].activated) {
trusts = strdup("p,p,p");
decodeTrust = PR_TRUE;
}
else if (addbuiltin.options[opt_Trust].activated) {
trusts = strdup(addbuiltin.options[opt_Trust].arg);
decodeTrust = PR_TRUE;
}
if (decodeTrust) {
rv = CERT_DecodeTrustString(&trust, trusts);
if (rv) {
fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
Usage(progName);
}
}
if (addbuiltin.options[opt_Trust].activated &&
addbuiltin.options[opt_ExcludeHash].activated) {
if ((trust.sslFlags | trust.emailFlags | trust.objectSigningFlags)
!= CERTDB_TERMINAL_RECORD) {
fprintf(stderr, "%s: Excluding the hash only allowed with distrust.\n", progName);
Usage(progName);
}
}
SECU_FileToItem(&derCert, infile);
SECU_FileToItem(&derItem, infile);
/*printheader();*/
rv = ConvertCertificate(&derCert, nickname, &trust);
if (rv) {
fprintf(stderr, "%s: failed to convert certificate.\n", progName);
exit(1);
if (addbuiltin.options[opt_DistrustCRL].activated) {
rv = ConvertCRLEntry(&derItem, crlentry, nickname);
}
else {
rv = ConvertCertificate(&derItem, nickname, &trust,
addbuiltin.options[opt_ExcludeCert].activated,
addbuiltin.options[opt_ExcludeHash].activated);
if (rv) {
fprintf(stderr, "%s: failed to convert certificate.\n", progName);
exit(1);
}
}
if (NSS_Shutdown() != SECSuccess) {

40
security/nss/cmd/addbuiltin/manifest.mn
View File

@ -1,41 +1,9 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
CORE_DEPTH = ../../..
CORE_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss

38
security/nss/cmd/atob/Makefile
View File

@ -1,40 +1,8 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #

38
security/nss/cmd/atob/atob.c
View File

@ -1,38 +1,6 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "plgetopt.h"
#include "secutil.h"

40
security/nss/cmd/atob/manifest.mn
View File

@ -1,41 +1,9 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
CORE_DEPTH = ../../..
CORE_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss

38
security/nss/cmd/bltest/Makefile
View File

@ -1,40 +1,8 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #

1433
security/nss/cmd/bltest/blapitest.c
View File

File diff suppressed because it is too large Load Diff

40
security/nss/cmd/bltest/manifest.mn
View File

@ -1,40 +1,8 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
CORE_DEPTH = ../../..
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
CORE_DEPTH = ../..
MODULE = nss

7
security/nss/cmd/bltest/tests/README
View File

@ -46,4 +46,11 @@ trusted implementation. bltest will generate a key and store it in
bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
mv tmp.key key0
RSA-OAEP/RSA-PSS:
RSA-OAEP and RSA-PSS have a number of additional parameters to feed in.
- "seedN": The seed or salt to use when encrypting/signing
- "hashN" / "maskhashN" - The base digest algorithm and the digest algorithm
to use with MGF1, respectively. This should be an ASCII string specifying
one of the hash algorithms recognized by bltest (eg: "sha1", "sha256")
[note: specifying a keysize (-g) when using RSA is important!]

2
security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
View File

@ -1 +1 @@
oJLgOzZ1GiWt3DGo2sPKaA==
oJLgOzZ1GiWt3DGo2sPKaOnyGuRz5sZwmDyn4dvAqd8=

2
security/nss/cmd/bltest/tests/aes_cbc/plaintext0
View File

@ -1 +1 @@
0123456789abcdef
0123456789abcdef0123456789abcdef

28
security/nss/cmd/bltest/tests/aes_ctr/aes_ctr_0.txt Normal file
View File

@ -0,0 +1,28 @@
Test="F.5.1 CTR-AES128.Encrypt"
Type=Encrypt
Key=2b7e151628aed2a6abf7158809cf4f3c
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=ec8cdf7398607cb0f2d21675ea9ea1e4
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=874d6191b620e3261bef6864990db6ce
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=362b7c3c6773516318a077d7fc5073ae
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=9806f66b7970fdff8617187bb9fffdff
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=6a2cc3787889374fbeb4c81b17ba6c44
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=5ae4df3edbd5d35e5b4f09020db03eab
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=e89c399ff0f198c6d40a31db156cabfe
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=1e031dda2fbe03d1792170a0f3009cee
}

28
security/nss/cmd/bltest/tests/aes_ctr/aes_ctr_1.txt Normal file
View File

@ -0,0 +1,28 @@
Test="F.5.3 CTR-AES192.Encrypt"
Type=Encrypt
Key=8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=717d2dc639128334a6167a488ded7921
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=1abc932417521ca24f2b0459fe7e6e0b
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=a72eb3bb14a556734b7bad6ab16100c5
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=090339ec0aa6faefd5ccc2c6f4ce8e94
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=2efeae2d72b722613446dc7f4c2af918
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=1e36b26bd1ebc670d1bd1d665620abf7
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=b9e783b30dd7924ff7bc9b97beaa8740
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=4f78a7f6d29809585a97daec58c6b050
}

28
security/nss/cmd/bltest/tests/aes_ctr/aes_ctr_2.txt Normal file
View File

@ -0,0 +1,28 @@
Test="F.5.5 CTR-AES256.Encrypt"
Type=Encrypt
Key=603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=0bdf7df1591716335e9a8b15c860c502
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=601ec313775789a5b7a7f504bbf3d228
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=5a6e699d536119065433863c8f657b94
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=f443e3ca4d62b59aca84e990cacaf5c5
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=1bc12c9c01610d5d0d8bd6a3378eca62
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=2b0930daa23de94ce87017ba2d84988d
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=2956e1c8693536b1bee99c73a31576b6
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=dfc9c58db67aada613c2dd08457941a6
}

199
security/nss/cmd/bltest/tests/aes_ctr/aes_ctr_tests_source.txt Normal file
View File

@ -0,0 +1,199 @@
#
# From NIST Special Publication 800-38A; 2001 Edition ;
# "Recommendation for Block Cipher Modes of Operation: Methods and Techniques"
# Morris Dworkin
# Appendix F Example Vectors for Modes of Operation of the AES
#
# In this appendix, three examples are provided for each of the modes in this recommendation with
# the AES algorithm [2] as the underlying block cipher: one example is given for each of the
# allowed key sizes (128, 192, and 256 bits). Some intermediate results are presented. For the five
# confidentiality modes, examples are provided for both encryption and decryption. Examples are
# provided for 1-bit, 8-bit, and 128 bit CFB. The plaintext for all but two of these examples is
# equivalent to the following string of hexadecimal characters, formatted into four 128 bit blocks:
#
# 6bc1bee22e409f96e93d7e117393172a
# ae2d8a571e03ac9c9eb76fac45af8e51
# 30c81c46a35ce411e5fbc1191a0a52ef
# f69f2445df4f9b17ad2b417be66c3710.
#
# For the example of 1-bit CFB, the plaintext is the first 16 bits in the above string; for the example
# of 8-bit CFB, the plaintext is the first 18 octets in the above string. All strings are presented in
# hexadecimal notation, except in the example of 1-bit CFB, where the plaintext and ciphertext
# segments are single bits.
#
#
# F.5 CTR Example Vectors
Test="F.5.1 CTR-AES128.Encrypt"
Type=Encrypt
Key=2b7e151628aed2a6abf7158809cf4f3c
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=ec8cdf7398607cb0f2d21675ea9ea1e4
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=874d6191b620e3261bef6864990db6ce
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=362b7c3c6773516318a077d7fc5073ae
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=9806f66b7970fdff8617187bb9fffdff
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=6a2cc3787889374fbeb4c81b17ba6c44
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=5ae4df3edbd5d35e5b4f09020db03eab
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=e89c399ff0f198c6d40a31db156cabfe
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=1e031dda2fbe03d1792170a0f3009cee
}
Test="F.5.2 CTR-AES128.Decrypt"
Type=Decrypt
Key=2b7e151628aed2a6abf7158809cf4f3c
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=ec8cdf7398607cb0f2d21675ea9ea1e4
Ciphertext=874d6191b620e3261bef6864990db6ce
Plaintext=6bc1bee22e409f96e93d7e117393172a
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=362b7c3c6773516318a077d7fc5073ae
Ciphertext=9806f66b7970fdff8617187bb9fffdff
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=6a2cc3787889374fbeb4c81b17ba6c44
Ciphertext=5ae4df3edbd5d35e5b4f09020db03eab
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=e89c399ff0f198c6d40a31db156cabfe
Ciphertext=1e031dda2fbe03d1792170a0f3009cee
Plaintext=f69f2445df4f9b17ad2b417be66c3710
}
Test="F.5.3 CTR-AES192.Encrypt"
Type=Encrypt
Key=8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=717d2dc639128334a6167a488ded7921
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=1abc932417521ca24f2b0459fe7e6e0b
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=a72eb3bb14a556734b7bad6ab16100c5
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=090339ec0aa6faefd5ccc2c6f4ce8e94
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=2efeae2d72b722613446dc7f4c2af918
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=1e36b26bd1ebc670d1bd1d665620abf7
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=b9e783b30dd7924ff7bc9b97beaa8740
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=4f78a7f6d29809585a97daec58c6b050
}
Test="F.5.4 CTR-AES192.Decrypt"
Type="Decrypt"
Key=8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=717d2dc639128334a6167a488ded7921
Ciphertext=1abc932417521ca24f2b0459fe7e6e0b
Plaintext=6bc1bee22e409f96e93d7e117393172a
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=a72eb3bb14a556734b7bad6ab16100c5
Ciphertext=090339ec0aa6faefd5ccc2c6f4ce8e94
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
}
Block #3
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=2efeae2d72b722613446dc7f4c2af918
Ciphertext=1e36b26bd1ebc670d1bd1d665620abf7
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
}
Block #4
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=b9e783b30dd7924ff7bc9b97beaa8740
Ciphertext=4f78a7f6d29809585a97daec58c6b050
Plaintext=f69f2445df4f9b17ad2b417be66c3710
}
Test="F.5.5 CTR-AES256.Encrypt"
Type=Encrypt
Key=603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Output Block=0bdf7df1591716335e9a8b15c860c502
Plaintext=6bc1bee22e409f96e93d7e117393172a
Ciphertext=601ec313775789a5b7a7f504bbf3d228
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
Output Block=5a6e699d536119065433863c8f657b94
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
Ciphertext=f443e3ca4d62b59aca84e990cacaf5c5
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
Output Block=1bc12c9c01610d5d0d8bd6a3378eca62
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
Ciphertext=2b0930daa23de94ce87017ba2d84988d
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
Output Block=2956e1c8693536b1bee99c73a31576b6
Plaintext=f69f2445df4f9b17ad2b417be66c3710
Ciphertext=dfc9c58db67aada613c2dd08457941a6
}
Test="F.5.6 CTR-AES256.Decrypt"
Type=Decrypt
Key=603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4
Init. Counter=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
Block #1={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
OutputBlock=0bdf7df1591716335e9a8b15c860c502
Ciphertext=601ec313775789a5b7a7f504bbf3d228
Plaintext=6bc1bee22e409f96e93d7e117393172a
}
Block #2={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff00
OutputBlock=5a6e699d536119065433863c8f657b94
Ciphertext=f443e3ca4d62b59aca84e990cacaf5c5
Plaintext=ae2d8a571e03ac9c9eb76fac45af8e51
}
Block #3={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff01
OutputBlock=1bc12c9c01610d5d0d8bd6a3378eca62
Ciphertext=2b0930daa23de94ce87017ba2d84988d
Plaintext=30c81c46a35ce411e5fbc1191a0a52ef
}
Block #4={
Input Block=f0f1f2f3f4f5f6f7f8f9fafbfcfdff02
OutputBlock=2956e1c8693536b1bee99c73a31576b6
Ciphertext=dfc9c58db67aada613c2dd08457941a6
Plaintext=f69f2445df4f9b17ad2b417be66c3710
}

2
security/nss/cmd/bltest/tests/aes_ctr/ciphertext0 Normal file
View File

@ -0,0 +1,2 @@
h01hkbYg4yYb72hkmQ22zpgG9mt5cP3/hhcYe7n//f9a5N8+29XTXltPCQINsD6r
HgMd2i++A9F5IXCg8wCc7g==

2
security/nss/cmd/bltest/tests/aes_ctr/ciphertext1 Normal file
View File

@ -0,0 +1,2 @@
GryTJBdSHKJPKwRZ/n5uCwkDOewKpvrv1czCxvTOjpQeNrJr0evGcNG9HWZWIKv3
T3in9tKYCVhal9rsWMawUA==

2
security/nss/cmd/bltest/tests/aes_ctr/ciphertext2 Normal file
View File

@ -0,0 +1,2 @@
YB7DE3dXiaW3p/UEu/PSKPRD48pNYrWayoTpkMrK9cUrCTDaoj3pTOhwF7othJiN
38nFjbZ6raYTwt0IRXlBpg==

1
security/nss/cmd/bltest/tests/aes_ctr/iv0 Normal file
View File

@ -0,0 +1 @@
πρςστυφχψωϊϋόύώ<EFBFBD>

1
security/nss/cmd/bltest/tests/aes_ctr/iv1 Normal file
View File

@ -0,0 +1 @@
πρςστυφχψωϊϋόύώ<EFBFBD>

1
security/nss/cmd/bltest/tests/aes_ctr/iv2 Normal file
View File

@ -0,0 +1 @@
πρςστυφχψωϊϋόύώ<EFBFBD>

1
security/nss/cmd/bltest/tests/aes_ctr/key0 Normal file
View File

@ -0,0 +1 @@
+~(╝р╕╚ВоO<

1
security/nss/cmd/bltest/tests/aes_ctr/key1 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>s<EFBFBD><EFBFBD><EFBFBD>dR<64><10>+<2B><>y<EFBFBD>b<EFBFBD><62><EFBFBD>R,k{

1
security/nss/cmd/bltest/tests/aes_ctr/key2 Normal file
View File

@ -0,0 +1 @@
`=ëÊq¾+s®ð…}w<>5,;a×-˜£ ßô

9
security/nss/cmd/bltest/tests/aes_ctr/mktst.sh Normal file
View File

@ -0,0 +1,9 @@
#!/bin/sh
for i in 0 1 2
do
file="aes_ctr_$i.txt"
grep Key $file | sed -e 's;Key=;;' | hex > key$i
grep "Init. Counter" $file | sed -e 's;Init. Counter=;;' | hex > iv$i
grep "Ciphertext" $file | sed -e 's;Ciphertext=;;' | hex | btoa > ciphertext$i
grep "Plaintext" $file | sed -e 's;Plaintext=;;' | hex > plaintext$i
done

1
security/nss/cmd/bltest/tests/aes_ctr/numtests Normal file
View File

@ -0,0 +1 @@
3

2
security/nss/cmd/bltest/tests/aes_ctr/plaintext0 Normal file
View File

@ -0,0 +1,2 @@
kÁ¾â.@Ÿ–é=~s“*®-ŠW¬œž·o¬E¯ŽQ0ÈF£\äåûÁ
RïöŸ$EßO­+A{æl7

2
security/nss/cmd/bltest/tests/aes_ctr/plaintext1 Normal file
View File

@ -0,0 +1,2 @@
kÁ¾â.@Ÿ–é=~s“*®-ŠW¬œž·o¬E¯ŽQ0ÈF£\äåûÁ
RïöŸ$EßO­+A{æl7

2
security/nss/cmd/bltest/tests/aes_ctr/plaintext2 Normal file
View File

@ -0,0 +1,2 @@
kÁ¾â.@Ÿ–é=~s“*®-ŠW¬œž·o¬E¯ŽQ0ÈF£\äåûÁ
RïöŸ$EßO­+A{æl7

47
security/nss/cmd/bltest/tests/aes_cts/aes-cts-type-1-vectors.txt Normal file
View File

@ -0,0 +1,47 @@
# Raeburn Standards Track [Page 12]
#
# RFC 3962 AES Encryption for Kerberos 5 February 2005
#
# Some test vectors for CBC with ciphertext stealing, using an initial
# vector of all-zero.
#
# Original Test vectors were for AES CTS-3 (Kerberos). These test vectors have been modified for AES CTS-1 (NIST)
#
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20
Output: 97 c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f
Next IV: c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22
Next IV: fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8
Next IV: 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e
Next IV: b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8
Next IV: 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 61 6e 64 20 77 6f 6e 74 6f 6e 20 73 6f 75 70 2e
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40
Next IV: 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_0.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20
Output: 97 c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f
Next IV: c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_1.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22
Next IV: fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_2.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8
Next IV: 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_3.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e
Next IV: b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_4.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8
Next IV: 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8

6
security/nss/cmd/bltest/tests/aes_cts/aes_cts_5.txt Normal file
View File

@ -0,0 +1,6 @@
Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69
IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 61 6e 64 20 77 6f 6e 74 6f 6e 20 73 6f 75 70 2e
Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40
Next IV: 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40

1
security/nss/cmd/bltest/tests/aes_cts/ciphertext0 Normal file
View File

@ -0,0 +1 @@
l8Y1NWjyv4y02KWANi2n/38=

1
security/nss/cmd/bltest/tests/aes_cts/ciphertext1 Normal file
View File

@ -0,0 +1 @@
l2hyaNbszMDAeyXiXs/l/AB4Pg79ssHURdTI7/ftIg==

1
security/nss/cmd/bltest/tests/aes_cts/ciphertext2 Normal file
View File

@ -0,0 +1 @@
l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9ag=

1
security/nss/cmd/bltest/tests/aes_cts/ciphertext3 Normal file
View File

@ -0,0 +1 @@
l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9bP//ZQMFqGMG1VJ0vg4Ap4=

1
security/nss/cmd/bltest/tests/aes_cts/ciphertext4 Normal file
View File

@ -0,0 +1 @@
l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9aidrYu7lsTNwDvBA+GhlLvY

2
security/nss/cmd/bltest/tests/aes_cts/ciphertext5 Normal file
View File

@ -0,0 +1,2 @@
l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9aidrYu7lsTNwDvBA+GhlLvY
SAfv6DbuiaUmcw28L3vIQA==

BIN
security/nss/cmd/bltest/tests/aes_cts/iv0 Normal file
View File

Binary file not shown.

BIN
security/nss/cmd/bltest/tests/aes_cts/iv1 Normal file
View File

Binary file not shown.

BIN
security/nss/cmd/bltest/tests/aes_cts/iv2 Normal file
View File

Binary file not shown.

BIN
security/nss/cmd/bltest/tests/aes_cts/iv3 Normal file
View File

Binary file not shown.

BIN
security/nss/cmd/bltest/tests/aes_cts/iv4 Normal file
View File

Binary file not shown.

BIN
security/nss/cmd/bltest/tests/aes_cts/iv5 Normal file
View File

Binary file not shown.

1
security/nss/cmd/bltest/tests/aes_cts/key0 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

1
security/nss/cmd/bltest/tests/aes_cts/key1 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

1
security/nss/cmd/bltest/tests/aes_cts/key2 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

1
security/nss/cmd/bltest/tests/aes_cts/key3 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

1
security/nss/cmd/bltest/tests/aes_cts/key4 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

1
security/nss/cmd/bltest/tests/aes_cts/key5 Normal file
View File

@ -0,0 +1 @@
chicken teriyaki

9
security/nss/cmd/bltest/tests/aes_cts/mktst.sh Normal file
View File

@ -0,0 +1,9 @@
#!/bin/sh
for i in 0 1 2 3 4 5
do
file="aes_cts_$i.txt"
grep "Key" $file | sed -e 's;Key:;;' | hex > key$i
grep "IV" $file | sed -e 's;IV:;;' | hex > iv$i
grep "Input" $file | sed -e 's;Input:;;' | hex > plaintext$i
grep "Output" $file | sed -e 's;Output:;;' | hex | btoa > ciphertext$i
done

1
security/nss/cmd/bltest/tests/aes_cts/numtests Normal file
View File

@ -0,0 +1 @@
6

1
security/nss/cmd/bltest/tests/aes_cts/plaintext0 Normal file
View File

@ -0,0 +1 @@
I would like the

1
security/nss/cmd/bltest/tests/aes_cts/plaintext1 Normal file
View File

@ -0,0 +1 @@
I would like the General Gau's

1
security/nss/cmd/bltest/tests/aes_cts/plaintext2 Normal file
View File

@ -0,0 +1 @@
I would like the General Gau's C

1
security/nss/cmd/bltest/tests/aes_cts/plaintext3 Normal file
View File

@ -0,0 +1 @@
I would like the General Gau's Chicken, please,

1
security/nss/cmd/bltest/tests/aes_cts/plaintext4 Normal file
View File

@ -0,0 +1 @@
I would like the General Gau's Chicken, please,

1
security/nss/cmd/bltest/tests/aes_cts/plaintext5 Normal file
View File

@ -0,0 +1 @@
I would like the General Gau's Chicken, please, and wonton soup.

2
security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
View File

@ -1 +1 @@
PVuaCIiaKQhblgFCbVMTTg==
PVuaCIiaKQhblgFCbVMTTg==

0
security/nss/cmd/bltest/tests/aes_gcm/aad0 Normal file
View File

0
security/nss/cmd/bltest/tests/aes_gcm/aad1 Normal file
View File

1
security/nss/cmd/bltest/tests/aes_gcm/aad10 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/aad11 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

0
security/nss/cmd/bltest/tests/aes_gcm/aad12 Normal file
View File

0
security/nss/cmd/bltest/tests/aes_gcm/aad13 Normal file
View File

0
security/nss/cmd/bltest/tests/aes_gcm/aad14 Normal file
View File

1
security/nss/cmd/bltest/tests/aes_gcm/aad15 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/aad16 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/aad17 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

0
security/nss/cmd/bltest/tests/aes_gcm/aad2 Normal file
View File

1
security/nss/cmd/bltest/tests/aes_gcm/aad3 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/aad4 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/aad5 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

0
security/nss/cmd/bltest/tests/aes_gcm/aad6 Normal file
View File

0
security/nss/cmd/bltest/tests/aes_gcm/aad7 Normal file
View File

0
security/nss/cmd/bltest/tests/aes_gcm/aad8 Normal file
View File

1
security/nss/cmd/bltest/tests/aes_gcm/aad9 Normal file
View File

@ -0,0 +1 @@
<EFBFBD>燁ボュセ<EFBFBD>燁ボュセ<EFBFBD>ュレメ

1
security/nss/cmd/bltest/tests/aes_gcm/ciphertext0 Normal file
View File

@ -0,0 +1 @@
WOL8zvp+MGE2fx1XpOdFWg==

1
security/nss/cmd/bltest/tests/aes_gcm/ciphertext1 Normal file
View File

@ -0,0 +1 @@
A4jazmC2o5LzKMK5cbL+eKtuR9Qs7BO99TpnshJXvd8=

2
security/nss/cmd/bltest/tests/aes_gcm/ciphertext10 Normal file
View File

@ -0,0 +1,2 @@
DxD1ma4UoVTtJLNuJTJNuMVmYy7yu7NPg0coD8RQcFf93CnfmkcfdcZlQdTU2tHJ
6ToZpY6LRz+g8GL3ZdzFf89iOiQJT8ykDTUz+A==

2
security/nss/cmd/bltest/tests/aes_gcm/ciphertext11 Normal file
View File

@ -0,0 +1,2 @@
0n6IaBzjJDxIMBZaj9z5/x3podjmtEfvbve3mChmbkWB55ASrzTd2eLwN1ibKS2z
5nwDZ0X6Iufptzc73PVm/ykcJbu4Vo/D03am2Q==

1
security/nss/cmd/bltest/tests/aes_gcm/ciphertext12 Normal file
View File

@ -0,0 +1 @@
Uw+K+8dFNrmpY7TxxMtziw==

Some files were not shown because too many files have changed in this diff Show More