de60f2b7f0c3fac0537346f1077f03d6d849edc5: Added tag NSS_3_36_8_RTM for changeset df8917878ea6 NSS_3_36_BRANCH
J.C. Jones <jjones@mozilla.com> - Fri, 21 Jun 2019 14:39:01 -0700 - rev 15182
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Added tag NSS_3_36_8_RTM for changeset df8917878ea6
df8917878ea67c03d06e430793d4e4dcd2eaa807: Set version numbers to 3.36.8 final NSS_3_36_BRANCH NSS_3_36_8_RTM
J.C. Jones <jjones@mozilla.com> - Fri, 21 Jun 2019 14:38:29 -0700 - rev 15181
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Set version numbers to 3.36.8 final
54f667fe074aca03840d875fae0f393ccf462083: Bug 1554336 - Optimize away unneeded loop in mpi.c r=kevinjacobs,jcj NSS_3_36_BRANCH
Greg Rubin <rubin@amazon.com> - Tue, 21 May 2019 11:41:23 -0700 - rev 15180
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Bug 1554336 - Optimize away unneeded loop in mpi.c r=kevinjacobs,jcj
247d2280022c5aae01a8ce39ba5c039776d2f5dc: Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj NSS_3_36_BRANCH
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 21 Jun 2019 19:33:55 +0000 - rev 15179
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D35565
d84ee4ba9eebe9d9a1cd138538a34444653d5a2e: Bug 1515342 - More thorough input checking, r=jcj NSS_3_36_BRANCH
Martin Thomson <mt@lowentropy.net> - Fri, 14 Jun 2019 07:55:51 +0000 - rev 15178
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Bug 1515342 - More thorough input checking, r=jcj All part of applying better discipline throughout. Differential Revision: https://phabricator.services.mozilla.com/D33736
51284317f74a7f3cf19bc07ee19fb3d742dd7a96: Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt NSS_3_36_BRANCH
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 14 Jun 2019 07:57:54 +0000 - rev 15177
Push 3410 by jjones@mozilla.com at Fri, 21 Jun 2019 21:40:23 +0000
Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt Differential Revision: https://phabricator.services.mozilla.com/D31671
ebc93d6daeaa9001d31fd18b5199779da99ae9aa: Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 21 Jun 2019 19:33:55 +0000 - rev 15176
Push 3409 by jjones@mozilla.com at Fri, 21 Jun 2019 19:34:16 +0000
Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D35565
efd44c8a6c6330fd5752f57d8d8b627aa3b36b43: Bug 1554336 - Optimize away unneeded loop in mpi.c r=kevinjacobs,jcj
Greg Rubin <rubin@amazon.com> - Tue, 21 May 2019 11:41:23 -0700 - rev 15175
Push 3408 by jjones@mozilla.com at Fri, 21 Jun 2019 18:18:45 +0000
Bug 1554336 - Optimize away unneeded loop in mpi.c r=kevinjacobs,jcj
dabfe1160c682b4d1d19c5a7a13ab3828bb9d37f: Bug 1515342 - More thorough input checking, r=jcj
Martin Thomson <mt@lowentropy.net> - Fri, 14 Jun 2019 07:55:51 +0000 - rev 15174
Push 3407 by jjones@mozilla.com at Fri, 21 Jun 2019 18:15:06 +0000
Bug 1515342 - More thorough input checking, r=jcj All part of applying better discipline throughout. Differential Revision: https://phabricator.services.mozilla.com/D33736
6cfb54d262d030783137aa6478b45ecb3cbfc624: Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt
Kevin Jacobs <kjacobs@mozilla.com> - Fri, 14 Jun 2019 07:57:54 +0000 - rev 15173
Push 3406 by jjones@mozilla.com at Fri, 21 Jun 2019 18:14:09 +0000
Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt Differential Revision: https://phabricator.services.mozilla.com/D31671
efd60422782c8d831e3c56be5828811d5cb7462c: Bug 1505317, update PayPal test certs, r=franziskus NSS_3_36_BRANCH
Daiki Ueno <dueno@redhat.com> - Wed, 07 Nov 2018 14:02:14 +0100 - rev 15172
Push 3405 by jjones@mozilla.com at Fri, 21 Jun 2019 17:39:42 +0000
Bug 1505317, update PayPal test certs, r=franziskus
be6a28956a8f28323384667675789b3e40b498a5: Bug 1535370 - Fix NSS CI for old branches [3.36] r=jcj NSS_3_36_BRANCH
Dustin J. Mitchell <dustin@mozilla.com> - Wed, 20 Mar 2019 08:28:18 -0700 - rev 15171
Push 3405 by jjones@mozilla.com at Fri, 21 Jun 2019 17:39:42 +0000
Bug 1535370 - Fix NSS CI for old branches [3.36] r=jcj A fold of two original patches: Bug 1535370 - use schedulerId nss-level-{level}; r=jcj Bug 1535370 - drop unnecessary queue:route:notify.. route from decision task; r=jcj Reviewers: mt, jcj Reviewed By: jcj Subscribers: jcj Bug #: 1535370 Differential Revision: https://phabricator.services.mozilla.com/D23544 Differential Revision: https://phabricator.services.mozilla.com/D23545
313dfef345bd93bc67982249bffa2cfdd5a9d1b5: Bug 1559095 - Support try_task_config.json parameters in taskgraph, r=jcj
Bastien Abadie <bastien@mozilla.com> - Thu, 13 Jun 2019 14:49:40 +0000 - rev 15170
Push 3404 by jjones@mozilla.com at Thu, 13 Jun 2019 14:50:07 +0000
Bug 1559095 - Support try_task_config.json parameters in taskgraph, r=jcj Differential Revision: https://phabricator.services.mozilla.com/D34846
9162c654d06915f0f15948fbf67d4103a229226f: Bug 1554616 - freebl: add lcc support r=jcj
Michael Shigorin <mike@altlinux.org> - Fri, 07 Jun 2019 14:53:06 -0700 - rev 15169
Push 3403 by jjones@mozilla.com at Fri, 07 Jun 2019 22:16:15 +0000
Bug 1554616 - freebl: add lcc support r=jcj lcc (the Elbrus C Compiler) has no __int128 support before version 1.24 being developed at the moment, still it pretends to be gcc5 confusing the tests.
d17569aa9d5673e3113d56184a96f34794159c8c: Bug 1557675 - Add code-review ending task in automation graph, r=jcj
Bastien Abadie <bastien@mozilla.com> - Fri, 07 Jun 2019 16:53:03 +0000 - rev 15168
Push 3402 by jjones@mozilla.com at Fri, 07 Jun 2019 16:53:34 +0000
Bug 1557675 - Add code-review ending task in automation graph, r=jcj Differential Revision: https://phabricator.services.mozilla.com/D34135
6d48fb303c5cd5305eebeb2efcf872d9706cfedc: Bug 1546229 Add IPSEC IKE support to softoken.
Robert Relyea <rrelyea@redhat.com> - Thu, 06 Jun 2019 14:52:36 -0700 - rev 15167
Push 3401 by rrelyea@redhat.com at Thu, 06 Jun 2019 21:52:45 +0000
Bug 1546229 Add IPSEC IKE support to softoken.
4df9eab935b22f2ef6e214d7f43efe1b37007bd5: Merge Bug 1473806 3.38 certutil -R cannot use EC orphan key
Robert Relyea <rrelyea@redhat.com> - Thu, 06 Jun 2019 14:49:28 -0700 - rev 15166
Push 3401 by rrelyea@redhat.com at Thu, 06 Jun 2019 21:52:45 +0000
Merge Bug 1473806 3.38 certutil -R cannot use EC orphan key onto tip
20671f860c2619dc27208d64a84a759fdffc5ed1: Bug 1546229 Add IPSEC IKE support to softoken. NSS_3_44_BRANCH
Robert Relyea <rrelyea@redhat.com> - Mon, 22 Apr 2019 16:48:36 -0700 - rev 15165
Push 3400 by rrelyea@redhat.com at Thu, 06 Jun 2019 21:05:28 +0000
Bug 1546229 Add IPSEC IKE support to softoken. Differential Revision: https://phabricator.services.mozilla.com/D28519 Patch notes: cmd/fipstest: Update fipstest to allow using old CAVS vectors in our all.sh. The various scripts have been moved to tests/fips/cavs_scripts. IKE functions were added to fipstest, and fipstest was updated to support verifying the output of ecdh and dh key agreement tests (kas). fipstest.c: NOTE: fipstest is the program NSS uses to process CAVS vectors from NIST. For historical reasons, it has known memory management issues. In general if there is a mistake, fipstest will likely crash. It has very little error checking. It has a very simplistic parser for the CAVS files. It requires the elements of the CAVS files to be in the correct order (most notably it requires the last element to always be in the last position. This is true of all the tests in fipstest, not just the new code. 1. when verifying ec_dh and dh, accept both CAVSHashZZ and HashZZ as the input hash. This allows verify not only to verify NIST CAVS vectors, but also the output of ec_dh and dh functional tests. 2. create ike functions modelled after the tls test functions. We test ike at the pkcs #11 level. There are three ike tests (driven by the three types of ike tests that NIST supplies): 2.1) ikev1. This generates the ike v1 keys from the provided input. It used ike_prf to generate SKEYID and ikev1_prf to generate SKEYID_d, SKEYID_a, and SKEYID_e. 2.2) ikev1_psk. This generates ike v1 keys from the provided input. It uses a pre-shared-secret-key. It also used ike_prf to generate SKEYID (though it uses it with bDataAsKey=false), and ikev1_prf to generate SKEYID_d, SKEYID_a, and SKEYID_e. 2.3) ikev2. This generates ike v2 keys from the provided input. It uses ike_prf to generate SKEYSEED and ike_prf_plus to generate the key material. It also does a rekey using ike_prf and bRekey = true. 3. Add parameters so the tls can be called. lib/softoken This is the main location where the new functionality is provided. fipstest.c Add the power up self test for ike. The actual test lives in sftkike.c. manifest.mn Add sftkike.c to the build. pkcs11.c Add AES XCBC MAC and IKE Mechanisms to the softoken mechanism table. pkcs11c.c sftk_MapCryptError() is now a 'global' within softoken and lives in pkcs11u.c. This was done so that sftkike.c can use it. sftk_InitCBCMac(). Update to handle AES XCBC., which is AES CBC MAC except 1) the underlying AES key is derived from the input key, and 2) the pad block is obscured using 2 new keys (k2, k3) also derived from the input key. sftk_MACFinal() handle the special pad processing for the XCBC case. sftk_MACUpdate() change the padding code to keep one full pad in the buffer. This won't affect normal MACs, but means that the last block in the Mac is always in the buffer so it can be processed in the XCBC case. NSC_DerviceKey() add the ike functions into the mechanism swtich table. The actual implementations are in sftkike.c pkcs11i.h Add the XCBC state information into the SessionContext structure. sftk_MapCryptError is now global, include it in the header. include the ike and aes_xcbc helper functions. pkcs11u.c sftk_MapCryptError() now lives in pkcs11 utilities. sftkike.c prf_* functions implement all the underlying prf specific stuff. It hides whether the prf is an hmac or aes_xcbc. If there are additional prfs, they can be implemented here without affecting the rest of the derivation code. The AES_XCBC code is aes specific. If we ever add another XCBC type operation, we would probably want to initialize some encryption functions in prf_setup and only handle the difference between hmac and xcbc in the other prf functions. sftk_aes_xcbc_get_keys - takes in input key and derives k1, k2, and k3. This function handles this derivation for both the prf_ functions in sftkike and the exported AES_XCBC Mac in pkcs11c.c sftk_xcbc_mac_pad - function to handle the correct padding method for the last block of an xcbc operation. Unlike sftk_aes_xcbc_get_keys, it is independent of the xcbc's underlying encryption method, though only AES_XCBC is defined at this time. sftk_ike_prf - common prf between ikev1 and ikev2 to generate SKEYID/SKEYSEED. See comments in code. sftk_ike1_prf - ikev1 prf to generate the session keys in ikev1 from SKEYID. See comments in code. sftk_ike_prf_plus - ike prf+ to generate the session keys in ikev2 from SKEYSEED. See comments in code. sftk_aes_xcbc_new_keys - used in pkcs11c.c to generate the 2 derived keys used in aes_xcbc. Loads k1 into the pkcs11 slot as a session key. prf_test - helper function to test our known test vectors for our FIPS powerup self tests. sftk_fips_IKE_PowerUpSelfTests - test to make sure our basic system is working correctly. softokn.gyp - add sftkike.c to gyp lib/util pkcs11n.h add defines and structures for IKE. Since they are not yet an official PKCS #11 mechanism, use CKM_NSS and CK_NSS names for them. pkcs11t.h add CKM_AES_XCBC* mechanisms. These are defined in the latest PKCS #11 spec. tests/fips The work in this directory hooks up the CAVS tests we run to do fips validation into our normal test suite. This lets us use the NIST generated samples for cavs_samples/* These are all vectors generated by the NIST CAVS tools (*.req) or the expected results generated by the last openssl or NSS runs and verified by the NIST CAVS tools (*.fax). These are the inputs to our fipstest. No need to detail review these. The are not explicitly included in this patch because they are too big for phabricator to handle. cavs_scripts/* See the read me in that directory. These scripts were originally in cmd/fipstest. I added ike.sh, and I updated the verify target of all the scripts so they they return 0 on success and 1 on failure. This allows us to use the tests in fips.sh fips.sh run the CAVS tests as part of the fips tests. This works to test our IKE support. Three of the cavs tests can take significant type (dsa and rsa takes several minutes, tdea is just over a minute). The code currently skips running those tests. You can run all the cavs tests by setting CAV_VECTORS=all
9a9903c2ee89e94de7d7dfc73042cd96c8743f30: Bug 1557264 - All child tasks should be in the same TaskGroupId as the decision task. r=jcj
Andi-Bogdan Postelnicu <bpostelnicu@mozilla.com> - Thu, 06 Jun 2019 18:22:31 +0000 - rev 15164
Push 3399 by jjones@mozilla.com at Thu, 06 Jun 2019 18:32:13 +0000
Bug 1557264 - All child tasks should be in the same TaskGroupId as the decision task. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D33917
f73f87346d9bba9a1659fe7015df8d8363613e25: Bug 1557264 - All child tasks should be in the same TaskGroupId as the decision task. r=jcj NSS_3_44_BRANCH
Andi-Bogdan Postelnicu <bpostelnicu@mozilla.com> - Thu, 06 Jun 2019 18:22:31 +0000 - rev 15163
Push 3398 by jjones@mozilla.com at Thu, 06 Jun 2019 18:22:51 +0000
Bug 1557264 - All child tasks should be in the same TaskGroupId as the decision task. r=jcj Differential Revision: https://phabricator.services.mozilla.com/D33917
(0) -10000 -3000 -1000 -300 -100 -50 -20 +20 +50 +100 +300 tip