Bug 402777: moved the contents of pqgutil.{h,c} to lib/freebl and
authorwtc%google.com
Fri, 09 Nov 2007 18:49:35 +0000
changeset 8212 e191e7be9d84422cb4d75c1fe95aa7da4e00bd70
parent 8209 ae770a7e3d7438fc80d42b0e43fe283be3cf774e
child 8213 889f46fe6d147ce796e47c1528ba979424b54b6d
push idunknown
push userunknown
push dateunknown
bugs402777
Bug 402777: moved the contents of pqgutil.{h,c} to lib/freebl and lib/pk11wrap. r=rrelyea. Modified Files: cmd/fipstest/fipstest.c lib/freebl/blapi.h lib/freebl/ldvector.c lib/freebl/loader.c lib/freebl/loader.h lib/freebl/pqg.c lib/pk11wrap/pk11pqg.c lib/softoken/pkcs11c.c lib/util/manifest.mn lib/util/nssutil.def pkg/solaris/SUNWtlsd/prototype Removed Files: lib/util/pqgutil.c lib/util/pqgutil.h
security/nss/cmd/fipstest/fipstest.c
security/nss/lib/freebl/blapi.h
security/nss/lib/freebl/ldvector.c
security/nss/lib/freebl/loader.c
security/nss/lib/freebl/loader.h
security/nss/lib/freebl/pqg.c
security/nss/lib/pk11wrap/pk11pqg.c
security/nss/lib/softoken/pkcs11c.c
security/nss/lib/util/manifest.mn
security/nss/lib/util/nssutil.def
security/nss/lib/util/pqgutil.c
security/nss/lib/util/pqgutil.h
security/nss/pkg/solaris/SUNWtlsd/prototype
--- a/security/nss/cmd/fipstest/fipstest.c
+++ b/security/nss/cmd/fipstest/fipstest.c
@@ -44,17 +44,16 @@
 #include "secerr.h"
 #include "secder.h"
 #include "secdig.h"
 #include "keythi.h"
 #include "ec.h"
 #include "hasht.h"
 #include "lowkeyi.h"
 #include "softoken.h"
-#include "pqgutil.h"
 
 #if 0
 #include "../../lib/freebl/mpi/mpi.h"
 #endif
 
 #ifdef NSS_ENABLE_ECC
 extern SECStatus
 EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams);
--- a/security/nss/lib/freebl/blapi.h
+++ b/security/nss/lib/freebl/blapi.h
@@ -1136,16 +1136,20 @@ PQG_ParamGenSeedLen(
  * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
  * 11. 1 < h < P-1
  * 12. G generated from h matches G in PQGParams.
  */
 
 extern SECStatus   PQG_VerifyParams(const PQGParams *params, 
                                     const PQGVerify *vfy, SECStatus *result);
 
+extern void PQG_DestroyParams(PQGParams *params);
+
+extern void PQG_DestroyVerify(PQGVerify *vfy);
+
 
 /*
  * clean-up any global tables freebl may have allocated after it starts up.
  * This function is not thread safe and should be called only after the
  * library has been quiessed.
  */
 extern void BL_Cleanup(void);
 
--- a/security/nss/lib/freebl/ldvector.c
+++ b/security/nss/lib/freebl/ldvector.c
@@ -229,16 +229,20 @@ static const struct FREEBLVectorStr vect
     /* End of Version 3.009. */
     Camellia_InitContext,
     Camellia_AllocateContext,
     Camellia_CreateContext,
     Camellia_DestroyContext,
     Camellia_Encrypt,
     Camellia_Decrypt,
 
+    /* End of Version 3.010. */
+    PQG_DestroyParams,
+    PQG_DestroyVerify,
+
 };
 
 const FREEBLVector * 
 FREEBL_GetVector(void)
 {
     extern const char __nss_freebl_rcsid[];
     extern const char __nss_freebl_sccsid[];
 
--- a/security/nss/lib/freebl/loader.c
+++ b/security/nss/lib/freebl/loader.c
@@ -829,16 +829,32 @@ SECStatus
 PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy, 
 		 SECStatus *result)
 {
   if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
       return SECFailure;
   return (vector->p_PQG_VerifyParams)(params, vfy, result);
 }
 
+void   
+PQG_DestroyParams(PQGParams *params)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return SECFailure;
+  return (vector->p_PQG_DestroyParams)(params);
+}
+
+void   
+PQG_DestroyVerify(PQGVerify *vfy)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return SECFailure;
+  return (vector->p_PQG_DestroyVerify)(vfy);
+}
+
 void 
 BL_Cleanup(void)
 {
   if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
       return;
   (vector->p_BL_Cleanup)();
 }
 
--- a/security/nss/lib/freebl/loader.h
+++ b/security/nss/lib/freebl/loader.h
@@ -39,17 +39,17 @@
  * ***** END LICENSE BLOCK ***** */
 /* $Id$ */
 
 #ifndef _LOADER_H_
 #define _LOADER_H_ 1
 
 #include "blapi.h"
 
-#define FREEBL_VERSION 0x0309
+#define FREEBL_VERSION 0x0310
 
 struct FREEBLVectorStr {
 
   unsigned short length;  /* of this struct in bytes */
   unsigned short version; /* of this struct. */
 
   RSAPrivateKey * (* p_RSA_NewKey)(int         keySizeInBits,
 				 SECItem *   publicExponent);
@@ -479,16 +479,21 @@ struct FREEBLVectorStr {
 				  const unsigned char *input,
 				  unsigned int inputLen);
 
  SECStatus (* p_Camellia_Decrypt)(CamelliaContext *cx, unsigned char *output,
 				  unsigned int *outputLen,
 				  unsigned int maxOutputLen,
 				  const unsigned char *input,
 				  unsigned int inputLen);
+
+  /* Version 3.010 came to here */
+ void (* p_PQG_DestroyParams)(PQGParams *params);
+
+ void (* p_PQG_DestroyVerify)(PQGVerify *vfy);
 };
 
 typedef struct FREEBLVectorStr FREEBLVector;
 
 SEC_BEGIN_PROTOS
 
 typedef const FREEBLVector * FREEBLGetVectorFn(void);
 
--- a/security/nss/lib/freebl/pqg.c
+++ b/security/nss/lib/freebl/pqg.c
@@ -672,9 +672,43 @@ cleanup:
     mp_clear(&h);
     if (err) {
 	MP_TO_SEC_ERROR(err);
 	rv = SECFailure;
     }
     return rv;
 }
 
+/**************************************************************************
+ *  Free the PQGParams struct and the things it points to.                *
+ **************************************************************************/
+void
+PQG_DestroyParams(PQGParams *params)
+{
+    if (params == NULL) 
+    	return;
+    if (params->arena != NULL) {
+	PORT_FreeArena(params->arena, PR_FALSE);	/* don't zero it */
+    } else {
+	SECITEM_FreeItem(&params->prime,    PR_FALSE); /* don't free prime */
+	SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
+	SECITEM_FreeItem(&params->base,     PR_FALSE); /* don't free base */
+	PORT_Free(params);
+    }
+}
 
+/**************************************************************************
+ *  Free the PQGVerify struct and the things it points to.                *
+ **************************************************************************/
+
+void
+PQG_DestroyVerify(PQGVerify *vfy)
+{
+    if (vfy == NULL) 
+    	return;
+    if (vfy->arena != NULL) {
+	PORT_FreeArena(vfy->arena, PR_FALSE);	/* don't zero it */
+    } else {
+	SECITEM_FreeItem(&vfy->seed,   PR_FALSE); /* don't free seed */
+	SECITEM_FreeItem(&vfy->h,      PR_FALSE); /* don't free h */
+	PORT_Free(vfy);
+    }
+}
--- a/security/nss/lib/pk11wrap/pk11pqg.c
+++ b/security/nss/lib/pk11wrap/pk11pqg.c
@@ -38,17 +38,16 @@
  */
 
 #include "pk11func.h"
 #include "secmod.h"
 #include "secmodi.h"
 #include "secmodti.h"
 #include "pkcs11t.h"
 #include "pk11pqg.h"
-#include "pqgutil.h"
 #include "secerr.h"
 
 
 /* Generate PQGParams and PQGVerify structs.
  * Length of P specified by j.  Length of h will match length of P.
  * Length of SEED in bytes specified in seedBytes.
  * seedBbytes must be in the range [20..255] or an error will result.
  */
@@ -295,101 +294,177 @@ PK11_PQG_VerifyParams(const PQGParams *p
 
 
 
 /**************************************************************************
  *  Free the PQGParams struct and the things it points to.                *
  **************************************************************************/
 extern void 
 PK11_PQG_DestroyParams(PQGParams *params) {
-     PQG_DestroyParams(params);
-     return;
+    if (params == NULL) 
+    	return;
+    if (params->arena != NULL) {
+	PORT_FreeArena(params->arena, PR_FALSE);	/* don't zero it */
+    } else {
+	SECITEM_FreeItem(&params->prime,    PR_FALSE); /* don't free prime */
+	SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
+	SECITEM_FreeItem(&params->base,     PR_FALSE); /* don't free base */
+	PORT_Free(params);
+    }
 }
 
 /**************************************************************************
  *  Free the PQGVerify struct and the things it points to.                *
  **************************************************************************/
 extern void
 PK11_PQG_DestroyVerify(PQGVerify *vfy) {
-    PQG_DestroyVerify(vfy);
-    return;
+    if (vfy == NULL) 
+    	return;
+    if (vfy->arena != NULL) {
+	PORT_FreeArena(vfy->arena, PR_FALSE);	/* don't zero it */
+    } else {
+	SECITEM_FreeItem(&vfy->seed,   PR_FALSE); /* don't free seed */
+	SECITEM_FreeItem(&vfy->h,      PR_FALSE); /* don't free h */
+	PORT_Free(vfy);
+    }
 }
 
+#define PQG_DEFAULT_CHUNKSIZE 2048	/* bytes */
+
 /**************************************************************************
  *  Return a pointer to a new PQGParams struct that is constructed from   *
  *  copies of the arguments passed in.                                    *
  *  Return NULL on failure.                                               *
  **************************************************************************/
 extern PQGParams *
 PK11_PQG_NewParams(const SECItem * prime, const SECItem * subPrime, 
                                  		const SECItem * base) {
-    return PQG_NewParams(prime, subPrime, base);
+    PRArenaPool *arena;
+    PQGParams *dest;
+    SECStatus status;
+
+    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
+    if (arena == NULL)
+	goto loser;
+
+    dest = (PQGParams*)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
+    if (dest == NULL)
+	goto loser;
+
+    dest->arena = arena;
+
+    status = SECITEM_CopyItem(arena, &dest->prime, prime);
+    if (status != SECSuccess)
+	goto loser;
+
+    status = SECITEM_CopyItem(arena, &dest->subPrime, subPrime);
+    if (status != SECSuccess)
+	goto loser;
+
+    status = SECITEM_CopyItem(arena, &dest->base, base);
+    if (status != SECSuccess)
+	goto loser;
+
+    return dest;
+
+loser:
+    if (arena != NULL)
+	PORT_FreeArena(arena, PR_FALSE);
+    return NULL;
 }
 
 
 /**************************************************************************
  * Fills in caller's "prime" SECItem with the prime value in params.
  * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
  **************************************************************************/
 extern SECStatus 
 PK11_PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime) {
-    return PQG_GetPrimeFromParams(params, prime);
+    return SECITEM_CopyItem(NULL, prime, &params->prime);
 }
 
 
 /**************************************************************************
  * Fills in caller's "subPrime" SECItem with the prime value in params.
  * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
  **************************************************************************/
 extern SECStatus
 PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime) {
-    return PQG_GetSubPrimeFromParams(params, subPrime);
+    return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
 }
 
 
 /**************************************************************************
  * Fills in caller's "base" SECItem with the base value in params.
  * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
  **************************************************************************/
 extern SECStatus 
 PK11_PQG_GetBaseFromParams(const PQGParams *params, SECItem *base) {
-    return PQG_GetBaseFromParams(params, base);
+    return SECITEM_CopyItem(NULL, base, &params->base);
 }
 
 
 /**************************************************************************
  *  Return a pointer to a new PQGVerify struct that is constructed from   *
  *  copies of the arguments passed in.                                    *
  *  Return NULL on failure.                                               *
  **************************************************************************/
 extern PQGVerify *
 PK11_PQG_NewVerify(unsigned int counter, const SECItem * seed, 
 							const SECItem * h) {
-    return PQG_NewVerify(counter, seed, h);
+    PRArenaPool *arena;
+    PQGVerify *  dest;
+    SECStatus    status;
+
+    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
+    if (arena == NULL)
+	goto loser;
+
+    dest = (PQGVerify*)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
+    if (dest == NULL)
+	goto loser;
+
+    dest->arena   = arena;
+    dest->counter = counter;
+
+    status = SECITEM_CopyItem(arena, &dest->seed, seed);
+    if (status != SECSuccess)
+	goto loser;
+
+    status = SECITEM_CopyItem(arena, &dest->h, h);
+    if (status != SECSuccess)
+	goto loser;
+
+    return dest;
+
+loser:
+    if (arena != NULL)
+	PORT_FreeArena(arena, PR_FALSE);
+    return NULL;
 }
 
 
 /**************************************************************************
  * Returns "counter" value from the PQGVerify.
  **************************************************************************/
 extern unsigned int 
 PK11_PQG_GetCounterFromVerify(const PQGVerify *verify) {
-    return PQG_GetCounterFromVerify(verify);
+    return verify->counter;
 }
 
 /**************************************************************************
  * Fills in caller's "seed" SECItem with the seed value in verify.
  * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
  **************************************************************************/
 extern SECStatus 
 PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed) {
-    return PQG_GetSeedFromVerify(verify, seed);
+    return SECITEM_CopyItem(NULL, seed, &verify->seed);
 }
 
 
 /**************************************************************************
  * Fills in caller's "h" SECItem with the h value in verify.
  * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
  **************************************************************************/
 extern SECStatus 
 PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h) {
-    return PQG_GetHFromVerify(verify, h);
+    return SECITEM_CopyItem(NULL, h, &verify->h);
 }
--- a/security/nss/lib/softoken/pkcs11c.c
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -50,17 +50,16 @@
  *
  *   In this implementation, session objects are only visible to the session
  *   that created or generated them.
  */
 #include "seccomon.h"
 #include "secitem.h"
 #include "secport.h"
 #include "blapi.h"
-#include "pqgutil.h"
 #include "pkcs11.h"
 #include "pkcs11i.h"
 #include "lowkeyi.h"
 #include "sechash.h"
 #include "secder.h"
 #include "secdig.h"
 #include "lowpbe.h"	/* We do PBE below */
 #include "pkcs11t.h"
--- a/security/nss/lib/util/manifest.mn
+++ b/security/nss/lib/util/manifest.mn
@@ -59,17 +59,16 @@ EXPORTS = \
 	secoidt.h \
 	secport.h \
 	secerr.h \
 	utilrename.h \
 	watcomfx.h \
 	$(NULL)
 
 PRIVATE_EXPORTS = \
-	pqgutil.h \
 	templates.c \
 	$(NULL)
 
 CSRCS = \
 	quickder.c \
 	secdig.c \
 	derdec.c \
 	derenc.c \
@@ -77,17 +76,16 @@ CSRCS = \
 	dertime.c \
 	nssb64d.c \
 	nssb64e.c \
 	nssrwlk.c \
 	nssilock.c \
 	nsslocks.c \
 	oidstring.c \
 	portreg.c \
-	pqgutil.c \
 	secalgid.c \
 	secasn1d.c \
 	secasn1e.c \
 	secasn1u.c \
 	secitem.c \
 	secoid.c \
 	sectime.c \
 	secport.c \
--- a/security/nss/lib/util/nssutil.def
+++ b/security/nss/lib/util/nssutil.def
@@ -113,26 +113,16 @@ PORT_SetUCS2_ASCIIConversionFunction_Uti
 PORT_SetUCS2_UTF8ConversionFunction_Util;
 PORT_SetUCS4_UTF8ConversionFunction_Util;
 PORT_Strdup_Util;
 PORT_UCS2_ASCIIConversion_Util;
 PORT_UCS2_UTF8Conversion_Util;
 PORT_UCS4_UTF8Conversion;
 PORT_ZAlloc_Util;
 PORT_ZFree_Util;
-PQG_DestroyParams;
-PQG_DestroyVerify;
-PQG_GetBaseFromParams;
-PQG_GetCounterFromVerify;
-PQG_GetHFromVerify;
-PQG_GetPrimeFromParams;
-PQG_GetSeedFromVerify;
-PQG_GetSubPrimeFromParams;
-PQG_NewParams;
-PQG_NewVerify;
 SEC_ASN1Decode_Util;
 SEC_ASN1DecodeInteger_Util;
 SEC_ASN1DecodeItem_Util;
 SEC_ASN1DecoderAbort_Util;
 SEC_ASN1DecoderClearFilterProc_Util;
 SEC_ASN1DecoderClearNotifyProc_Util;
 SEC_ASN1DecoderFinish_Util;
 SEC_ASN1DecoderSetFilterProc_Util;
deleted file mode 100644
--- a/security/nss/lib/util/pqgutil.c
+++ /dev/null
@@ -1,270 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "pqgutil.h"
-#include "prerror.h"
-#include "secitem.h"
-
-#define PQG_DEFAULT_CHUNKSIZE 2048	/* bytes */
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- *                                                                        *
- **************************************************************************/
-
-PQGParams *
-PQG_DupParams(const PQGParams *src)
-{
-    PRArenaPool *arena;
-    PQGParams *dest;
-    SECStatus status;
-
-    if (src == NULL) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return NULL;
-    }
-
-    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	goto loser;
-
-    dest = (PQGParams*)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
-    if (dest == NULL)
-	goto loser;
-
-    dest->arena = arena;
-
-    status = SECITEM_CopyItem(arena, &dest->prime, &src->prime);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->subPrime, &src->subPrime);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->base, &src->base);
-    if (status != SECSuccess)
-	goto loser;
-
-    return dest;
-
-loser:
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-
-PQGParams *
-PQG_NewParams(const SECItem * prime, const SECItem * subPrime, 
-              const SECItem * base)
-{
-    PQGParams *  dest;
-    PQGParams    src;
-
-    src.arena    = NULL;
-    src.prime    = *prime;
-    src.subPrime = *subPrime;
-    src.base     = *base;
-    dest         = PQG_DupParams(&src);
-    return dest;
-}
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime)
-{
-    return SECITEM_CopyItem(NULL, prime, &params->prime);
-}
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime)
-{
-    return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
-}
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetBaseFromParams(const PQGParams *params, SECItem * base)
-{
-    return SECITEM_CopyItem(NULL, base, &params->base);
-}
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-void
-PQG_DestroyParams(PQGParams *params)
-{
-    if (params == NULL) 
-    	return;
-    if (params->arena != NULL) {
-	PORT_FreeArena(params->arena, PR_FALSE);	/* don't zero it */
-    } else {
-	SECITEM_FreeItem(&params->prime,    PR_FALSE); /* don't free prime */
-	SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
-	SECITEM_FreeItem(&params->base,     PR_FALSE); /* don't free base */
-	PORT_Free(params);
-    }
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-
-PQGVerify *
-PQG_DupVerify(const PQGVerify *src)
-{
-    PRArenaPool *arena;
-    PQGVerify *  dest;
-    SECStatus    status;
-
-    if (src == NULL) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return NULL;
-    }
-
-    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	goto loser;
-
-    dest = (PQGVerify*)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
-    if (dest == NULL)
-	goto loser;
-
-    dest->arena   = arena;
-    dest->counter = src->counter;
-
-    status = SECITEM_CopyItem(arena, &dest->seed, &src->seed);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->h, &src->h);
-    if (status != SECSuccess)
-	goto loser;
-
-    return dest;
-
-loser:
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-
-PQGVerify *
-PQG_NewVerify(unsigned int counter, const SECItem * seed, const SECItem * h)
-{
-    PQGVerify *  dest;
-    PQGVerify    src;
-
-    src.arena    = NULL;
-    src.counter  = counter;
-    src.seed     = *seed;
-    src.h        = *h;
-    dest         = PQG_DupVerify(&src);
-    return dest;
-}
-
-/**************************************************************************
- * Returns the "counter" value from the PQGVerify.
- **************************************************************************/
-unsigned int
-PQG_GetCounterFromVerify(const PQGVerify *verify)
-{
-    return verify->counter;
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem * seed)
-{
-    return SECITEM_CopyItem(NULL, seed, &verify->seed);
-}
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h)
-{
-    return SECITEM_CopyItem(NULL, h, &verify->h);
-}
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-
-void
-PQG_DestroyVerify(PQGVerify *vfy)
-{
-    if (vfy == NULL) 
-    	return;
-    if (vfy->arena != NULL) {
-	PORT_FreeArena(vfy->arena, PR_FALSE);	/* don't zero it */
-    } else {
-	SECITEM_FreeItem(&vfy->seed,   PR_FALSE); /* don't free seed */
-	SECITEM_FreeItem(&vfy->h,      PR_FALSE); /* don't free h */
-	PORT_Free(vfy);
-    }
-}
deleted file mode 100644
--- a/security/nss/lib/util/pqgutil.h
+++ /dev/null
@@ -1,131 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifndef _PQGUTIL_H_
-#define _PQGUTIL_H_ 1
-
-#include "utilrename.h"
-#include "blapit.h"
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-extern PQGParams * PQG_DupParams(const PQGParams *src);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGParams * PQG_NewParams(const SECItem * prime, 
-                                 const SECItem * subPrime, 
-                                 const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetPrimeFromParams(const PQGParams *params, 
-                                        SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetSubPrimeFromParams(const PQGParams *params, 
-                                           SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetBaseFromParams(const PQGParams *params, SECItem *base);
-
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-extern PQGVerify * PQG_DupVerify(const PQGVerify *src);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGVerify * PQG_NewVerify(unsigned int counter, const SECItem * seed, 
-                                 const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed);
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-
-#endif
--- a/security/nss/pkg/solaris/SUNWtlsd/prototype
+++ b/security/nss/pkg/solaris/SUNWtlsd/prototype
@@ -127,17 +127,16 @@ f none usr/include/mps/pkcs11f.h 0644 ro
 f none usr/include/mps/pkcs11p.h 0644 root bin
 f none usr/include/mps/pkcs11t.h 0644 root bin
 f none usr/include/mps/pkcs11u.h 0644 root bin
 f none usr/include/mps/pkcs11n.h 0644 root bin
 f none usr/include/mps/pkcs12.h 0644 root bin
 f none usr/include/mps/pkcs12t.h 0644 root bin
 f none usr/include/mps/pkcs7t.h 0644 root bin
 f none usr/include/mps/portreg.h 0644 root bin
-#f none usr/include/mps/pqgutil.h 0644 root bin
 f none usr/include/mps/preenc.h 0644 root bin
 f none usr/include/mps/secasn1.h 0644 root bin
 f none usr/include/mps/secasn1t.h 0644 root bin
 f none usr/include/mps/seccomon.h 0644 root bin
 f none usr/include/mps/secder.h 0644 root bin
 f none usr/include/mps/secdert.h 0644 root bin
 f none usr/include/mps/secdig.h 0644 root bin
 f none usr/include/mps/secdigt.h 0644 root bin