Closed
Bug 298627
Opened 19 years ago
Closed 19 years ago
Need to give apps access to Random number generators on tokens.
Categories
(NSS :: Libraries, enhancement)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11
People
(Reporter: rrelyea, Assigned: rrelyea)
References
Details
Attachments
(1 file, 1 obsolete file)
2.71 KB,
patch
|
wtc
:
review+
julien.pierre
:
superreview+
|
Details | Diff | Splinter Review |
Currently apps only have one API to access the random number generator -- PK11_GenerateRandom. This function used the default token for Random numbers (usually the softoken). Apps may need to grab random numbers from various other tokens as well. Currently there are functions to seed and read from the default random number slot, and functions to seed a specific slot, but there is no function to generate from a specific slot.
Assignee | ||
Comment 1•19 years ago
|
||
I thought steve had already written a bug on this, but I can't seem to find it, so here's it is.
Target Milestone: --- → 3.11
Assignee | ||
Comment 2•19 years ago
|
||
Attachment #187158 -
Flags: superreview?(julien.pierre.bugs)
Attachment #187158 -
Flags: review?(wtchang)
Comment 3•19 years ago
|
||
Steve mentioned this bug in JSS bug 293908. It is a good idea to write this NSS bug for the NSS issue.
Comment 4•19 years ago
|
||
Comment on attachment 187158 [details] [diff] [review] Give Token Random number access to applications Bob, you attached the wrong patch :-)
Attachment #187158 -
Attachment is obsolete: true
Attachment #187158 -
Flags: superreview?(julien.pierre.bugs)
Attachment #187158 -
Flags: review?(wtchang)
Assignee | ||
Comment 5•19 years ago
|
||
Attachment #187160 -
Flags: superreview?(julien.pierre.bugs)
Attachment #187160 -
Flags: review?(wtchang)
Assignee | ||
Comment 6•19 years ago
|
||
There should also be the corresponding addition to nss/nss.def I'll attach that patch after we branch and I can clear bug 294556.
Comment 7•19 years ago
|
||
Comment on attachment 187160 [details] [diff] [review] Get the correct patch r=wtc. I assume the nss.def change is implied.
Attachment #187160 -
Flags: review?(wtchang) → review+
Comment 8•19 years ago
|
||
Comment on attachment 187160 [details] [diff] [review] Get the correct patch Just curious: in PK11_SeedRandom, why don't we need to protect the PK11_EnterSlotMonitor(slot) and PK11_ExitSlotMonitor(slot) calls with "if (!slot->isInternal)", as we do in PK11_GetRandom? Nice to have: a name that self-documents the difference from PK11_GenerateRandom.
Assignee | ||
Comment 9•19 years ago
|
||
Technically we need to enter the slot monitor for both, but we 'know' that the softoken is 'safe' to call in this case without a lock. C_SeedRandom is also safe in the softoken, but it didn't show up as a bottleneck. A agree with the need for a better name: PK11_GenerateRandomOnSlot() ? bob
Comment 10•19 years ago
|
||
Ah, now I remember. It was done to reduce lock contention inside PK11_GenerateRandom. PK11_GenerateRandomOnSlot (or PK11_GenerateRandomOnToken) sounds good.
Updated•19 years ago
|
Attachment #187160 -
Flags: superreview?(julien.pierre.bugs) → superreview+
Assignee | ||
Comment 11•19 years ago
|
||
Checking in nss/nss.def; /cvsroot/mozilla/security/nss/lib/nss/nss.def,v <-- nss.def new revision: 1.148; previous revision: 1.147 done Checking in pk11wrap/pk11pub.h; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pub.h,v <-- pk11pub.h new revision: 1.7; previous revision: 1.6 done Checking in pk11wrap/pk11slot.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11slot.c,v <-- pk11slot.c new revision: 1.84; previous revision: 1.83 done
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•