Closed
Bug 356713
Opened 18 years ago
Closed 13 years ago
SHA224 hash / hmac algorithm not supported
Categories
(NSS :: Libraries, enhancement)
Tracking
(Not tracked)
RESOLVED
FIXED
3.13
People
(Reporter: bradh, Assigned: elio.maldonado.batiz)
Details
Attachments
(6 files, 3 obsolete files)
|
3.28 KB,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
|
47.87 KB,
patch
|
Details | Diff | Splinter Review | |
|
4.97 KB,
patch
|
Details | Diff | Splinter Review | |
|
2.14 KB,
patch
|
wtc
:
review+
elio.maldonado.batiz
:
superreview+
|
Details | Diff | Splinter Review |
|
13.84 KB,
patch
|
Details | Diff | Splinter Review | |
|
657 bytes,
patch
|
elio.maldonado.batiz
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.4 (like Gecko) Build Identifier: Not applicable The SHA224 hash algorithm is not supported by NSS. The details for this algorithm are provided in http://www.ietf.org/rfc/rfc3874.txt Known answer test vectors are provided for HMAC (including SHA224) in http://www.ietf.org/rfc/rfc4231.txt Reproducible: Always Steps to Reproduce: Not applicable - wishlist. Actual Results: Not applicable - wishlist. Expected Results: Not applicable - wishlist
|
||
Comment 1•18 years ago
|
||
Brad, where would you have NSS use SHA224? What standardized protocol would use it? SSL? TLS? S/MIME? Cert signatures? What product or service would mozilla be better able to interoperate with if this was offered?
URL: Not applicable
Version: unspecified → 3.11.3
|
Reporter | |
Comment 2•18 years ago
|
||
SHA224 is required for some XML security (XMLSEC) implementations (see RFC4051 and http://www.aleksey.com/xmlsec/xmldsig.html) It is expected to be required for some emerging PKIX implementations (http://tools.ietf.org/html/draft-ietf-pkix-ecc-pkalgs-03). It may also be used in the future version of openpgp, but I don't think that this is an important interop issue for NSS. There are other potential uses too (e.g. DNS TSIG - http://tools.ietf.org/html/rfc4635). It is a general purpose algorithm that is likely to be required everywhere SHA256, SHA384 or SHA512 are required.
|
||
Updated•17 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 3•14 years ago
|
||
(In reply to comment #1) > Brad, where would you have NSS use SHA224? > What standardized protocol would use it? > SSL? TLS? S/MIME? Cert signatures? > > What product or service would mozilla be better able to interoperate with > if this was offered? for example rpm. for signing packages is used GnuPG. GnuPG supports all SHA-2 hash algorithms including SHA224. when you set in gpg.conf as default digest algorithm H11 (SHA224), rpm is signed, but rpm validation is not passed, as rpm relies on nss (fips certification). and because fips pub 180-3 covers SHA224 in secure hash standard, answer 'don't use SHA224 for signatures' is not correct
|
||
Updated•14 years ago
|
Attachment #456718 -
Attachment is patch: true
|
|
||
Comment 5•14 years ago
|
||
Comment on attachment 456718 [details] [diff] [review] nss-sha224-oid.diff (checked in) r=wtc. Thanks for the patch. I verified that there is no other missing SHA-224 OID.
Attachment #456718 -
Flags: review? → review+
|
|
||
Comment 6•14 years ago
|
||
Comment on attachment 456718 [details] [diff] [review] nss-sha224-oid.diff (checked in) I checked in the patch on the NSS trunk (NSS 3.13). Checking in secoid.c; /cvsroot/mozilla/security/nss/lib/util/secoid.c,v <-- secoid.c new revision: 1.59; previous revision: 1.58 done Checking in secoidt.h; /cvsroot/mozilla/security/nss/lib/util/secoidt.h,v <-- secoidt.h new revision: 1.32; previous revision: 1.31 done
Attachment #456718 -
Attachment description: nss-sha224-oid.diff → nss-sha224-oid.diff (checked in)
|
Assignee | |
Comment 7•14 years ago
|
||
This is still work in progress but I thought wise to get some early feedback. Testing has been so far limited to the self tests. I may not have much time to work in it until after August.
Attachment #461432 -
Flags: review?(wtc)
|
|
Assignee | |
Updated•14 years ago
|
Assignee: nobody → emaldona
|
|
||
Comment 8•14 years ago
|
||
Comment on attachment 461432 [details] [diff] [review] sha-224 implementention WIP Elio, thanks for the patch. I hope you can finish this patch soon because it's not hard to implement SHA-224 when SHA-256 is already implemented. Your patch has three serious bugs, all simple to fix. 1. You need to add an entry to the SECRawHashObjects array in mozilla/security/nss/lib/freebl/rawhash.c. (See IMPORTANT NOTE below before you add this entry.) I believe this missing entry is why HMAC-SHA-224 and RSA-SHA-224 don't work yet. 2. In mozilla/security/nss/lib/freebl/hasht.h, you have: >@@ -51,9 +51,10 @@ typedef enum { > HASH_AlgMD2 = 1, > HASH_AlgMD5 = 2, > HASH_AlgSHA1 = 3, >- HASH_AlgSHA256 = 4, >- HASH_AlgSHA384 = 5, >- HASH_AlgSHA512 = 6, >+ HASH_AlgSHA224 = 4, >+ HASH_AlgSHA256 = 5, >+ HASH_AlgSHA384 = 6, >+ HASH_AlgSHA512 = 7, > HASH_AlgTOTAL > } HASH_HashType; Since hasht.h is a public header (listed in EXPORTS in the manifest.mn file): http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/manifest.mn&rev=1.59&mark=83,87#81 you cannot change the values of enum constants in it. (We added the = 1, = 2, etc. to make it clear when you change their values.) So HASH_AlgSHA224 must be added last, with value 7. IMPORTANT NOTE: the SECRawHashObjects array in rawhash.c and the SECHashObjects array in sechash.c must match this order. So you need to move your new SHA-224 array entry in sechash.c to the end of the array. 3. SHA224_Hash is wrong. See my comment marked with "BUG" below. Minor issues: In mozilla/security/nss/lib/freebl/ldvector.c: >- MGF1 >+ MGF1, > > /* End of Version 3.012 */ >+ >+ SHA224_NewContext, ... >+ SHA224_Clone, >+ >+ /* End of Version 3.013 */ > }; Do not add "Version 3.013". Simply move "Version 3.012" to the end of this list, because 3.012 (version of the FREEBL vector, not to be confused with the NSS or Softoken version) hasn't been released yet. Please fix a similar issue in mozilla/security/nss/lib/freebl/loader.h. In mozilla/security/nss/lib/freebl/loader.c: >+/* ============== New for 3.013 =============================== */ Delete this. (See above.) >+void >+SHA224_DestroyContext(SHA224Context *cx, PRBool freeit) >+{ >+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) >+ return ; >+ (vector->p_SHA224_DestroyContext)(cx, freeit); >+} Delete the space in "return ;". Please fix the same issue in SHA224_Begin, SHA224_Update, SHA224_End, and SHA224_TraceState below. In mozilla/security/nss/lib/freebl/nsslowhash.c: >+ /* SHA-224 Known Digest Message (256-bits). */ 256-bits => 224-bits In mozilla/security/nss/lib/freebl/sha512.c: >+SECStatus >+SHA224_HashBuf(unsigned char *dest, const unsigned char *src, >+ uint32 src_length) >+{ >+ SHA256Context ctx; >+ unsigned int outLen; >+ >+ SHA224_Begin(&ctx); >+ SHA256_Update(&ctx, src, src_length); >+ SHA224_End(&ctx, dest, &outLen, SHA224_LENGTH); >+ >+ return SECSuccess; >+} I believe we can use SHA256_End instead of SHA224_End. (Saves one function call.) This is what SHA384_HashBuf does. >+SECStatus >+SHA224_Hash(unsigned char *dest, const char *src) >+{ >+ return SHA256_Hash(dest, src); >+} BUG: please see how SHA384_Hash is implemented. >+void test224(void) >+{ >+ SHA224Context ctx = NULL; >+ char a1000times[1001]; You can declare this array with size 1000, without the terminating null byte. This requires changing Test Vector 3 as follows: >+ a1000times[1000] = 0; Remove this line. Can't do this any more. >+ SHA224_Hash(outBuf, a1000times); Remove this line, because this is NOT part of Test Vector 3. >+ SHA224_End(&ctx, dest, &outLen, SHA224_LENGTH); dest => outBuf Did you compile this code? I think 'dest' is not declared.
Attachment #461432 -
Flags: review?(wtc) → review-
|
|
||
Updated•14 years ago
|
Target Milestone: --- → 3.13
|
|
Assignee | |
Comment 9•14 years ago
|
||
Addresses wtc's comments in the first review. It is not working yet. 1. For mozilla/security/nss/lib/softoken/fipstest.c I still have to generate a known answer from a trusted implementation for hmac-sha224. For the time being the comparison against the known answer is disabled. 2. Need to find the cause of failures in the fips suite of which 175 tests pass and 5 test fail. Most test involve using modutil to enable or disable FIPS mode. Will ask for advise off-line.
Attachment #461432 -
Attachment is obsolete: true
|
|
||
Comment 10•14 years ago
|
||
Comment on attachment 462094 [details] [diff] [review] WIP: sha224 implemantation revision 1 This patch looks good to me. I suggest that you check it in as soon as you fix the FIPS test failures, and deal with other issues in separate patches. It's painful to review a large patch repeatedly. In mozilla/security/nss/lib/freebl/loader.c: >+ >+/* ============== New for 3.012 =============================== */ >+ >+SECStatus >+SHA224_Hash(unsigned char *dest, const char *src) >+{ >+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) >+ return SECFailure; >+ return (vector->p_SHA224_Hash)(dest, src); >+} Remove the "New for 3.012" comment. One such comment should already be there before the MGF1 function. In mozilla/security/nss/lib/freebl/loader.h: >+ SHA224Context * (* p_SHA224_Resurrect)(unsigned char *space, void *arg); >+ >+ void (* p_SHA224_Clone)(SHA224Context *dest, SHA224Context *src); Nit: delete the blank line. In mozilla/security/nss/lib/freebl/sha512.c: >@@ -1107,13 +1201,12 @@ SHA512_End(SHA512Context *ctx, unsigned > #if defined(HAVE_LONG_LONG) > unsigned int inBuf = (unsigned int)ctx->sizeLo & 0x7f; > unsigned int padLen = (inBuf < 112) ? (112 - inBuf) : (112 + 128 - inBuf); >- PRUint64 lo, t1; >+ PRUint64 lo; > lo = (ctx->sizeLo << 3); > #else > unsigned int inBuf = (unsigned int)ctx->sizeLo.lo & 0x7f; > unsigned int padLen = (inBuf < 112) ? (112 - inBuf) : (112 + 128 - inBuf); > PRUint64 lo = ctx->sizeLo; >- PRUint32 t1; > lo.lo <<= 3; > #endif This kind of "unused variable" compiler warning is very tricky to fix because of the complex macro definitions in this file. I strongly suggest that you fix the compiler warning about t1 in a separate patch, so that this patch stays focused on SHA-224. >@@ -1394,6 +1518,7 @@ int main (int argc, char *argv[], char * > } > if (i < 2) { > test256(); >+ test224(); > test512(); > test384(); > } else { Nit: list test224() before test256().
|
|
Assignee | |
Comment 11•14 years ago
|
||
fips test pass now that I fixed a known answer for sha224. I also needed
to patch another file to enable rsa signatures with sha224.
[emaldona@localhost NSS]$ cvs diff -up mozilla/security/nss/lib/util
cvs diff: Diffing mozilla/security/nss/lib/util
Index: mozilla/security/nss/lib/util/secdig.c
===================================================================
RCS file: /cvsroot/mozilla/security/nss/lib/util/secdig.c,v
retrieving revision 1.9
diff -u -p -r1.9 secdig.c
--- mozilla/security/nss/lib/util/secdig.c 7 Nov 2007 02:37:22 -0000 1.9
+++ mozilla/security/nss/lib/util/secdig.c 15 Aug 2010 21:52:07 -0000
@@ -74,6 +74,7 @@ SGN_CreateDigestInfo(SECOidTag algorithm
case SEC_OID_MD2:
case SEC_OID_MD5:
case SEC_OID_SHA1:
+ case SEC_OID_SHA224:
case SEC_OID_SHA256:
case SEC_OID_SHA384:
case SEC_OID_SHA51
all.sh is passing.|
|
Assignee | |
Comment 12•14 years ago
|
||
Changes commited to the trunk. cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/blapitest.c Checking in ./mozilla/security/nss/cmd/bltest/blapitest.c; /cvsroot/mozilla/security/nss/cmd/bltest/blapitest.c,v <-- blapitest.c new revision: 1.60; previous revision: 1.59 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext0 RCS file: /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext0,v Checking in ./mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext0; /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext0,v <-- ciphertext0 initial revision: 1.1 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext1 RCS file: /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext1,v Checking in ./mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext1; /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/ciphertext1,v <-- ciphertext1 initial revision: 1.1 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/tests/sha224/numtests RCS file: /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/numtests,v Checking in ./mozilla/security/nss/cmd/bltest/tests/sha224/numtests; /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/numtests,v <-- numtests initial revision: 1.1 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/tests/sha224/plaintext0 RCS file: /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/plaintext0,v Checking in ./mozilla/security/nss/cmd/bltest/tests/sha224/plaintext0; /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/plaintext0,v <-- plaintext0 initial revision: 1.1 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/bltest/tests/sha224/plaintext1 RCS file: /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/plaintext1,v Checking in ./mozilla/security/nss/cmd/bltest/tests/sha224/plaintext1; /cvsroot/mozilla/security/nss/cmd/bltest/tests/sha224/plaintext1,v <-- plaintext1 initial revision: 1.1 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/cmd/pk11mode/pk11mode.c Checking in ./mozilla/security/nss/cmd/pk11mode/pk11mode.c; /cvsroot/mozilla/security/nss/cmd/pk11mode/pk11mode.c,v <-- pk11mode.c new revision: 1.29; previous revision: 1.28 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/cryptohi/sechash.c Checking in ./mozilla/security/nss/lib/cryptohi/sechash.c; /cvsroot/mozilla/security/nss/lib/cryptohi/sechash.c,v <-- sechash.c new revision: 1.11; previous revision: 1.10 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/cryptohi/secsign.c Checking in ./mozilla/security/nss/lib/cryptohi/secsign.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v <-- secsign.c new revision: 1.24; previous revision: 1.23 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/blapi.h Checking in ./mozilla/security/nss/lib/freebl/blapi.h; /cvsroot/mozilla/security/nss/lib/freebl/blapi.h,v <-- blapi.h new revision: 1.38; previous revision: 1.37 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/blapit.h Checking in ./mozilla/security/nss/lib/freebl/blapit.h; /cvsroot/mozilla/security/nss/lib/freebl/blapit.h,v <-- blapit.h new revision: 1.23; previous revision: 1.22 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/hasht.h Checking in ./mozilla/security/nss/lib/freebl/hasht.h; /cvsroot/mozilla/security/nss/lib/freebl/hasht.h,v <-- hasht.h new revision: 1.8; previous revision: 1.7 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/ldvector.c Checking in ./mozilla/security/nss/lib/freebl/ldvector.c; /cvsroot/mozilla/security/nss/lib/freebl/ldvector.c,v <-- ldvector.c new revision: 1.25; previous revision: 1.24 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/loader.c Checking in ./mozilla/security/nss/lib/freebl/loader.c; /cvsroot/mozilla/security/nss/lib/freebl/loader.c,v <-- loader.c new revision: 1.49; previous revision: 1.48 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/loader.h Checking in ./mozilla/security/nss/lib/freebl/loader.h; /cvsroot/mozilla/security/nss/lib/freebl/loader.h,v <-- loader.h new revision: 1.30; previous revision: 1.29 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/nsslowhash.c Checking in ./mozilla/security/nss/lib/freebl/nsslowhash.c; /cvsroot/mozilla/security/nss/lib/freebl/nsslowhash.c,v <-- nsslowhash.c new revision: 1.5; previous revision: 1.4 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/rawhash.c Checking in ./mozilla/security/nss/lib/freebl/rawhash.c; /cvsroot/mozilla/security/nss/lib/freebl/rawhash.c,v <-- rawhash.c new revision: 1.6; previous revision: 1.5 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/freebl/sha512.c Checking in ./mozilla/security/nss/lib/freebl/sha512.c; /cvsroot/mozilla/security/nss/lib/freebl/sha512.c,v <-- sha512.c new revision: 1.15; previous revision: 1.14 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/pk11wrap/pk11mech.c Checking in ./mozilla/security/nss/lib/pk11wrap/pk11mech.c; /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11mech.c,v <-- pk11mech.c new revision: 1.14; previous revision: 1.13 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/softoken/fipstest.c Checking in ./mozilla/security/nss/lib/softoken/fipstest.c; /cvsroot/mozilla/security/nss/lib/softoken/fipstest.c,v <-- fipstest.c new revision: 1.28; previous revision: 1.27 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/softoken/pkcs11.c Checking in ./mozilla/security/nss/lib/softoken/pkcs11.c; /cvsroot/mozilla/security/nss/lib/softoken/pkcs11.c,v <-- pkcs11.c new revision: 1.171; previous revision: 1.170 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/softoken/pkcs11c.c Checking in ./mozilla/security/nss/lib/softoken/pkcs11c.c; /cvsroot/mozilla/security/nss/lib/softoken/pkcs11c.c,v <-- pkcs11c.c new revision: 1.116; previous revision: 1.115 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/lib/util/secdig.c Checking in ./mozilla/security/nss/lib/util/secdig.c; /cvsroot/mozilla/security/nss/lib/util/secdig.c,v <-- secdig.c new revision: 1.10; previous revision: 1.9 cvs commit -m "Bug 356713 - Support SHA224 has/hmac and rsa signature, r=wtc" ./mozilla/security/nss/tests/cipher/cipher.txt Checking in ./mozilla/security/nss/tests/cipher/cipher.txt; /cvsroot/mozilla/security/nss/tests/cipher/cipher.txt,v <-- cipher.txt new revision: 1.7; previous revision: 1.6
|
|
||
Comment 13•14 years ago
|
||
Elio: thank you for writing this patch! In the future please attach the patch that you checked in. This makes it easy for others to review your work. I recreated the patch for you.
Attachment #462094 -
Attachment is obsolete: true
|
|
||
Comment 14•13 years ago
|
||
Elio's checkin looks good to me. I fixed some formatting issues in fipstest.c (to be consistent with the existing code) and loader.h, and added back a cast (to cast away the const) that was removed accidentally from secsign.c. Checked in on the NSS trunk (NSS 3.13). Checking in mozilla/security/nss/lib/softoken/fipstest.c; /cvsroot/mozilla/security/nss/lib/softoken/fipstest.c,v <-- fipstest.c new revision: 1.29; previous revision: 1.28 done Checking in mozilla/security/nss/lib/freebl/loader.h; /cvsroot/mozilla/security/nss/lib/freebl/loader.h,v <-- loader.h new revision: 1.34; previous revision: 1.33 done Checking in mozilla/security/nss/lib/cryptohi/secsign.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v <-- secsign.c new revision: 1.25; previous revision: 1.24 done
|
|
Assignee | |
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Comment 15•13 years ago
|
||
The patches to add SHA-224 support to NSS are not entirely complete since they do not add SHA-224 to the functions HASH_GetHashTypeByOidTag, HASH_GetHashOidTagByHMACOidTag, and HASH_GetHMACOidTagByHashOidTag.
|
|
||
Comment 16•13 years ago
|
||
Comment on attachment 540747 [details] [diff] [review] Add SHA-224 support to HASH_GetHashTypeByOidTag, HASH_GetHashOidTagByHMACOidTag, and HASH_GetHMACOidTagByHashOidTag r=wtc. Thank you for the patch, David. Elio, could you review the patch and check it in?
Attachment #540747 -
Flags: superreview?(emaldona)
Attachment #540747 -
Flags: review+
|
|
Assignee | |
Updated•13 years ago
|
Attachment #540747 -
Flags: superreview?(emaldona) → superreview+
|
|
Assignee | |
Comment 17•13 years ago
|
||
Changes committed in the TRUNK: Checking in sechash.c; /cvsroot/mozilla/security/nss/lib/cryptohi/sechash.c,v <-- sechash.c new revision: 1.12; previous revision: 1.11
|
|
||
Comment 18•13 years ago
|
||
I searched for "SHA256" in the lib/cryptohi directory, and added the missing SHA-224 support code.
Attachment #549586 -
Flags: review?(emaldona)
|
|
||
Comment 19•13 years ago
|
||
I fixed more subdirectories under lib.
Attachment #549586 -
Attachment is obsolete: true
Attachment #549586 -
Flags: review?(emaldona)
|
|
||
Comment 20•13 years ago
|
||
This causes a compiler warning.
Attachment #560082 -
Flags: review?(emaldona)
|
|
Assignee | |
Updated•13 years ago
|
Attachment #560082 -
Flags: review?(emaldona) → review+
|
|
||
Comment 21•13 years ago
|
||
Comment on attachment 560082 [details] [diff] [review] Remove unused function SHA224_Compress Patch checked in on the NSS trunk (NSS 3.13). Checking in sha512.c; /cvsroot/mozilla/security/nss/lib/freebl/sha512.c,v <-- sha512.c new revision: 1.19; previous revision: 1.18 done
|
|
Assignee | |
Comment 22•13 years ago
|
||
The XXX_Compress functions are only called by the XXX_Update functions and since SHA224_Update is implemented on top of SHA256_Update it was unnecessary to have it.
|
|
||
Comment 23•13 years ago
|
||
Yes. I verified that's the same reason there is no SHA384_Compress function.
You need to log in
before you can comment on or make changes to this bug.
Description
•