Closed
Bug 647706
Opened 13 years ago
Closed 13 years ago
Additional bits to support SHA224 certificates
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.13.1
People
(Reporter: hanno, Assigned: wtc)
Details
Attachments
(1 file, 4 obsolete files)
nss recently got SHA224 support in #356713 - however, many places within the nss code don't know about that. Attached patch will add it at some places, making it possible to use rsa/sha224 to sign certificates with certutil.
Reporter | ||
Updated•13 years ago
|
Version: unspecified → trunk
Reporter | ||
Comment 1•13 years ago
|
||
This also adds sha224 support to the softoken code for RSA-PSS. To be applied additionaly to the other patch.
Attachment #527527 -
Flags: review?
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → wtc
Status: NEW → ASSIGNED
OS: Linux → All
Priority: -- → P2
Hardware: x86_64 → All
Target Milestone: --- → 3.13.1
Version: trunk → 3.13
Assignee | ||
Comment 2•13 years ago
|
||
Comment on attachment 523995 [details] [diff] [review] add sha224 at various places to make certificate signatures possible r=wtc. Hanno, thanks for the patch. I wrote a patch to add SHA-224 support to more NSS functions. When I filed a bug for my patch, I found your bug. I am sorry that we didn't see your bug sooner. Your changes to lib/cryptohi/sechash.c were independently made by David Cooper in bug 356713 attachment 540747 [details] [diff] [review] (later than your patch) and have been checked in. I will combine your patch with my patch for checkin.
Attachment #523995 -
Flags: review+
Assignee | ||
Comment 3•13 years ago
|
||
Elio, please review. This patch includes changes from Hanno Boeck patch (attachment 523995 [details] [diff] [review]). I generated this patch by searching for "SHA256" in the NSS source tree, and inspecting every occurrence to see if SHA-224 should also be handled there. I did this three months ago (on July 30), so I don't remember if I completed the task.
Attachment #523995 -
Attachment is obsolete: true
Attachment #567745 -
Flags: review?(emaldona)
Assignee | ||
Comment 4•13 years ago
|
||
This is the same patch, regenerated with more context for easier code review.
Attachment #567745 -
Attachment is obsolete: true
Attachment #567745 -
Flags: review?(emaldona)
Attachment #567749 -
Flags: review?(emaldona)
Updated•13 years ago
|
Attachment #567749 -
Flags: review?(emaldona) → review+
Assignee | ||
Comment 5•13 years ago
|
||
Comment on attachment 527527 [details] [diff] [review] sha224-pss-softoken.diff r=wtc. The SHA-224 cases should be listed before the SHA-256 cases, and the TODO comment in the function should be removed. I will take care of these when I check this in.
Attachment #527527 -
Flags: review? → review+
Assignee | ||
Comment 6•13 years ago
|
||
I merged sha224-pss-softoken.diff (attachment 527527 [details] [diff] [review]) into this patch. Patch checked in on the NSS trunk (NSS 3.13.1). Checking in cmd/lib/secutil.c; /cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v <-- secutil.c new revision: 1.110; previous revision: 1.109 done Checking in lib/cryptohi/seckey.c; /cvsroot/mozilla/security/nss/lib/cryptohi/seckey.c,v <-- seckey.c new revision: 1.63; previous revision: 1.62 done Checking in lib/cryptohi/secsign.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v <-- secsign.c new revision: 1.27; previous revision: 1.26 done Checking in lib/cryptohi/secvfy.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secvfy.c,v <-- secvfy.c new revision: 1.25; previous revision: 1.24 done Checking in lib/pk11wrap/pk11mech.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11mech.c,v <-- pk11mech.c new revision: 1.16; previous revision: 1.15 done Checking in lib/pk11wrap/pk11slot.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11slot.c,v <-- pk11slot.c new revision: 1.106; previous revision: 1.105 done Checking in lib/pkcs12/p12local.c; /cvsroot/mozilla/security/nss/lib/pkcs12/p12local.c,v <-- p12local.c new revision: 1.10; previous revision: 1.9 done Checking in lib/softoken/rsawrapr.c; /cvsroot/mozilla/security/nss/lib/softoken/rsawrapr.c,v <-- rsawrapr.c new revision: 1.19; previous revision: 1.18 done Checking in lib/ssl/ssl3ecc.c; /cvsroot/mozilla/security/nss/lib/ssl/ssl3ecc.c,v <-- ssl3ecc.c new revision: 1.25; previous revision: 1.24 done Checking in lib/util/secalgid.c; /cvsroot/mozilla/security/nss/lib/util/secalgid.c,v <-- secalgid.c new revision: 1.7; previous revision: 1.6 done
Attachment #527527 -
Attachment is obsolete: true
Attachment #567749 -
Attachment is obsolete: true
Assignee | ||
Updated•13 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•