| Commit message (Collapse) | Author | Age |
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple (Bug 1767590)
|
|
|
|
|
| |
- Default configure to enable dbm
- Remove a redundant check on ASN1 decoding (Bug 1753535)
|
| |
|
|\
| |
| |
| |
| |
| | |
master
Reviewed-on: https://repo.palemoon.org/MoonchildProductions/UXP/pulls/1850
|
| | |
|
|/ |
|
|
|
|
| |
Update root certificates and port NSS sec patches from previous work.
|
| |
|
|
|
|
|
| |
Basically, NSC_GetTokenInfo doesn't lock slot->slotLock before accessing slot
after obtaining it, even though slotLock is defined as its lock.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The implementation is based on the work by Bernstein and Yang
(https://eprint.iacr.org/2019/266)
"Fast constant-time gcd computation and modular inversion".
It fixes the old mp_gcd and s_mp_invmod_odd_m functions. The patch also fixes
mpl_significant_bits s_mp_div_2d and s_mp_mul_2d by having less control flow to
reduce side-channel leaks.
Co-authored by : Billy Bob Brumley
|
| |
|
| |
|
|
|
|
|
| |
This updates to MoonchildProductions/NSS@bd49b2b88 in the repo created for our
consumption of the library.
|
| |
|
| |
|
|
|
|
|
|
| |
Since these are just interpreted comments, there's 0 impact on actual code.
This removes all lines that match /* vim: set(.*)tw=80: */ with S&R -- there are
a few others scattered around which will be removed manually in a second part.
|
| |
|
|
|
|
|
| |
Basically, NSC_GetTokenInfo doesn't lock slot->slotLock before accessing slot
after obtaining it, even though slotLock is defined as its lock.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The implementation is based on the work by Bernstein and Yang
(https://eprint.iacr.org/2019/266)
"Fast constant-time gcd computation and modular inversion".
It fixes the old mp_gcd and s_mp_invmod_odd_m functions. The patch also fixes
mpl_significant_bits s_mp_div_2d and s_mp_mul_2d by having less control flow to
reduce side-channel leaks.
Co-authored by : Billy Bob Brumley
|
| |
|
| |
|
|
|
|
| |
This rewrites the caching mechanism to apply to both PBKDF1 and PBKDF2
|
|
|
|
|
|
|
| |
Our NSS version is closer to the currently-released .1, so bump version
to that.
Note: we still have some additional patches to the in-tree version in
place so this isn't a 100% match to the RTM one.
|
|
|
|
|
|
| |
to speed up repeated SDR operations.
Landed on NSS-3.48 for Bug 1606992
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
module is loaded afterwards,
Summary: When the builtin trust module is loaded after some temp certs
being created, these temp certs are usually not accompanied by trust
information. This causes a problem in UXP as it loads the module from a
separate thread while accessing the network cache which populates temp
certs.
This change makes it properly roll up the trust information, if a temp
cert doesn't have trust information.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
SFTKSession objects are only ever actually destroyed at PK11 session
closure, as the session is always the final holder -- and asserting
refCount == 1 shows that to be true. Because of that, NSC_CloseSession
can just call `sftk_DestroySession` directly and leave
`sftk_FreeSession` as a no-op to be removed in the future.
|
|\
| |
| | |
Support Modern Solaris
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Solaris.
https://bugzilla.mozilla.org/show_bug.cgi?id=1513913
Mozilla's solution to this is arguably overkill, since the namespace issue on Solaris only required them to change (or temporarily undefine) __log2. Instead they changed ALL the functions to be something along the lines of dbm_log2. They haven't changed the external interface at all, though.
If you're unhappy with this patch, I think I could also use XP_SOLARIS ifdefs to undefine __log2 prior to where it's declared in the dbm headers. The good thing about Mozilla's solution is that it guarantees this namespace issue never occurs again on any platform, though.
|
| | |
|
| |
| |
| |
| |
| | |
This rollup patch adds additional length checks around cryptographic
primitives.
|
|/
|
|
|
|
| |
HKDF-Expand enforces a maximum output length much shorter than stated in
the RFC. This patch aligns the implementation with the RFC by allocating
more output space when necessary.
|
| |
|
|
|
|
| |
This is a spec compliance issue.
|
| |
|
| |
|
|
|
|
|
| |
within industry standard security, considering our db hashing is more
CPU intensive than anticipated.
|
|
|
|
| |
This resolves #82
|
|
|
|
| |
This reverts commit fbc2eaacd679f0c484993ffe23d786fd06da22c3.
|
|
|
|
| |
This resolves #82
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.
|