superreview cancelled: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 247256] Add NSS 3.11.4's nss.h to lib/freebl and lib/softoken

Wan-Teh Chang <wtchang@redhat.com> has cancelled Wan-Teh Chang
<wtchang@redhat.com>'s request for superreview:
Bug 362173: The NSS cryptographic module should have its own version numbers.
https://bugzilla.mozilla.org/show_bug.cgi?id=362173

Attachment 247256: Add NSS 3.11.4's nss.h to lib/freebl and lib/softoken
https://bugzilla.mozilla.org/attachment.cgi?id=247256&action=edit

------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com>
Nelson, I'm proposing this patch for the NSS_3_11_BRANCH because
it is much easier to explain what the patch is than "proposed patch v2".
The hard part of this patch is to verify that all compilers use the
local copy of nss.h, which I have done.

I added the comments you suggested to the copies of nss.h in
lib/freebl and lib/softoken: a big block comment at the beginning of
the file, and a one-line comment at the place that someone is most
likely to change.  Please let me know if the comments are sufficient.
Note that I didn't change the original nss.h.

% diff -u ../nss/nss.h nss.h
--- ../nss/nss.h	2006-12-04 16:49:45.437500000 -0800
+++ nss.h	2006-12-04 17:04:10.546875000 -0800
@@ -1,3 +1,15 @@
+/***********************************************************************
+ *
+ * A copy of nss.h from NSS 3.11.4 for the directories that make up the
+ * NSS cryptographic module (lib/freebl and lib/softoken).
+ *
+ * When compiling in these directories, the compiler uses the local copy
+ * of nss.h, allowing the NSS cryptographic module to stay at version
+ * 3.11.4 (the version submitted to NIST for FIPS 140-2 validation).
+ *
+ * DO NOT CHANGE THIS FILE.
+ *
+ ***********************************************************************/
 /*
  * NSS utility functions
  *
@@ -52,6 +64,7 @@
  * The format of the version string should be
  *	"<major version>.<minor version>[.<patch level>] [<Beta>]"
  */
+/* ***** DO NOT CHANGE THIS FILE. ***** */
 #ifdef NSS_ENABLE_ECC
 #ifdef NSS_ECC_MORE_THAN_SUITE_B
 #define NSS_VERSION  "3.11.4 Extended ECC"
0
bugzilla
12/5/2006 1:06:27 AM
mozilla.dev.super-review 29307 articles. 2 followers. Post Follow

0 Replies
306 Views

Similar Articles

[PageSpeed] 19

Reply:

Similar Artilces:

superreview requested: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 247256] Add NSS 3.11.4's nss.h to lib/freebl and lib/softoken
Wan-Teh Chang <wtchang@redhat.com> has asked Robert Relyea <rrelyea@redhat.com> for superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 247256: Add NSS 3.11.4's nss.h to lib/freebl and lib/softoken https://bugzilla.mozilla.org/attachment.cgi?id=247256&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> This is a workaround for the NSS_3_11_BRANCH only, to avoid changing any file in lib/freebl and lib/softoken. I found that if...

superreview cancelled: [Bug 288647] NSS doesn't build --with-system-nspr : [Attachment 189377] NSS patch v1.1 (checked in to NSS 3.11)
Nelson Bolyard <nelson@bolyard.com> has cancelled Wan-Teh Chang <wtchang@redhat.com>'s request for superreview: Bug 288647: NSS doesn't build --with-system-nspr https://bugzilla.mozilla.org/show_bug.cgi?id=288647 Attachment 189377: NSS patch v1.1 (checked in to NSS 3.11) https://bugzilla.mozilla.org/attachment.cgi?id=189377&action=edit ------- Additional Comments from Nelson Bolyard <nelson@bolyard.com> Looking at the "my requests" page in BMO, I see that a review was requested of me a week ago. I never saw any email about it. Sorry. I rely...

superreview cancelled: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 246876] Proposed patch
Wan-Teh Chang <wtchang@redhat.com> has cancelled Wan-Teh Chang <wtchang@redhat.com>'s request for superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 246876: Proposed patch https://bugzilla.mozilla.org/attachment.cgi?id=246876&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> In this patch, cryptmod.h is renamed softkver.h and moved to lib/softoken, and the CRYPTO_MODULE_xxx macros are renamed SOFTOKEN_xxx. ...

superreview canceled: [Bug 449883] Replace existing "GlobalSign Root CA" cert and add new WellsSecure cert : [Attachment 333011] Patch v1 for both NSS 3.12x and NSS 3.11.x
Nelson Bolyard (:MisterSSL) <nelson@bolyard.com> has canceled Kai Engert (:kaie, kengert@redhat.com) <kaie@kuix.de>'s request for superreview: Bug 449883: Replace existing "GlobalSign Root CA" cert and add new WellsSecure cert https://bugzilla.mozilla.org/show_bug.cgi?id=449883 Attachment 333011: Patch v1 for both NSS 3.12x and NSS 3.11.x https://bugzilla.mozilla.org/attachment.cgi?id=333011&action=edit ...

superreview requested: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 246876] Proposed patch
Wan-Teh Chang <wtchang@redhat.com> has asked Neil Williams <neil.williams@sun.com> for superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 246876: Proposed patch https://bugzilla.mozilla.org/attachment.cgi?id=246876&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> Add a new header file, cryptmod.h, that defines the macros for the NSS cryptographic module's version numbers. Change the files to include cryptmod.h instead of ...

superreview granted: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 246876] Proposed patch
Neil Williams <neil.williams@sun.com> has granted superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 246876: Proposed patch https://bugzilla.mozilla.org/attachment.cgi?id=246876&action=edit ------- Additional Comments from Neil Williams <neil.williams@sun.com> Looks good as far as it goes. ...

superreview granted: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 246995] Proposed patch v2
Neil Williams <neil.williams@sun.com> has granted Wan-Teh Chang <wtchang@redhat.com>'s request for superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 246995: Proposed patch v2 https://bugzilla.mozilla.org/attachment.cgi?id=246995&action=edit ...

superreview requested: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 246995] Proposed patch v2
Wan-Teh Chang <wtchang@redhat.com> has asked Neil Williams <neil.williams@sun.com> for superreview: Bug 362173: The NSS cryptographic module should have its own version numbers. https://bugzilla.mozilla.org/show_bug.cgi?id=362173 Attachment 246995: Proposed patch v2 https://bugzilla.mozilla.org/attachment.cgi?id=246995&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> In this patch, cryptmod.h is renamed softkver.h and moved to lib/softoken, and the CRYPTO_MODULE_xxx macros are renamed SOFTOKEN_xxx. ...

superreview requested: [Bug 449883] Replace existing "GlobalSign Root CA" cert and add new WellsSecure cert : [Attachment 333011] Patch v1 for both NSS 3.12x and NSS 3.11.x
Kai Engert (:kaie, kengert@redhat.com) <kaie@kuix.de> has asked Nelson Bolyard (:MisterSSL) <nelson@bolyard.com> for superreview: Bug 449883: Replace existing "GlobalSign Root CA" cert and add new WellsSecure cert https://bugzilla.mozilla.org/show_bug.cgi?id=449883 Attachment 333011: Patch v1 for both NSS 3.12x and NSS 3.11.x https://bugzilla.mozilla.org/attachment.cgi?id=333011&action=edit ...

superreview requested: [Bug 320583] NSS ECDSA can only sign SHA-1 : [Attachment 208799] Incorporate WTC and Nelson's comments. 3.11 version
Robert Relyea <rrelyea@redhat.com> has asked Nelson Bolyard <nelson@bolyard.com> for superreview: Bug 320583: NSS ECDSA can only sign SHA-1 https://bugzilla.mozilla.org/show_bug.cgi?id=320583 Attachment 208799: Incorporate WTC and Nelson's comments. 3.11 version https://bugzilla.mozilla.org/attachment.cgi?id=208799&action=edit ------- Additional Comments from Robert Relyea <rrelyea@redhat.com> Some notes: I did not pick up the 3.12 version of decodeECorDSASignature() because the meaning of the paramters have changed between those 2 versions. The algid is ...

superreview granted: [Bug 320583] NSS ECDSA can only sign SHA-1 : [Attachment 208799] Incorporate WTC and Nelson's comments. 3.11 version
Nelson Bolyard <nelson@bolyard.com> has granted Robert Relyea <rrelyea@redhat.com>'s request for superreview: Bug 320583: NSS ECDSA can only sign SHA-1 https://bugzilla.mozilla.org/show_bug.cgi?id=320583 Attachment 208799: Incorporate WTC and Nelson's comments. 3.11 version https://bugzilla.mozilla.org/attachment.cgi?id=208799&action=edit ------- Additional Comments from Nelson Bolyard <nelson@bolyard.com> Thanks, Bob. This is much clearer to me than the previous patch. I see there are several places where you had to "cast away const" in t...

superreview denied: [Bug 320583] NSS ECDSA can only sign SHA-1 : [Attachment 206556] NSS 3.11 version of this patch
Nelson Bolyard <nelson@bolyard.com> has denied Robert Relyea <rrelyea@redhat.com>'s request for superreview: Bug 320583: NSS ECDSA can only sign SHA-1 https://bugzilla.mozilla.org/show_bug.cgi?id=320583 Attachment 206556: NSS 3.11 version of this patch https://bugzilla.mozilla.org/attachment.cgi?id=206556&action=edit ------- Additional Comments from Nelson Bolyard <nelson@bolyard.com> See review comments in attachment. ...

superreview requested: [Bug 320583] NSS ECDSA can only sign SHA-1 : [Attachment 206556] NSS 3.11 version of this patch
Robert Relyea <rrelyea@redhat.com> has asked Nelson Bolyard <nelson@bolyard.com> for superreview: Bug 320583: NSS ECDSA can only sign SHA-1 https://bugzilla.mozilla.org/show_bug.cgi?id=320583 Attachment 206556: NSS 3.11 version of this patch https://bugzilla.mozilla.org/attachment.cgi?id=206556&action=edit ------- Additional Comments from Robert Relyea <rrelyea@redhat.com> Unlike the Tip patch, this patch does not add any new external APIs. This means that non-NSS programs will still not be able to handle ECC_SPECIFY type oids. Particularly gross things abo...

superreview granted: [Bug 239827] NSS has race condition in unwrap key code. : [Attachment 145559] Add the appropriate locks.
Nelson Bolyard <MisterSSL@aol.com> has granted Wan-Teh Chang <wchang0222@aol.com>'s request for superreview: Bug 239827: NSS has race condition in unwrap key code. http://bugzilla.mozilla.org/show_bug.cgi?id=239827 Attachment 145559: Add the appropriate locks. - Version NSS 3.7 http://bugzilla.mozilla.org/attachment.cgi?id=145559&action=edit ------- Additional Comments from Nelson Bolyard <MisterSSL@aol.com> This patch appears to be correct. However, it seems odd that all such operations will now be single threaded for session objects, but not for token ...

Web resources about - superreview cancelled: [Bug 362173] The NSS cryptographic module should have its own version numbers. : [Attachment 247256] Add NSS 3.11.4's nss.h to lib/freebl and lib/softoken - mozilla.dev.super-review

Cryptographic hash function - Wikipedia, the free encyclopedia
A cryptographic hash function (specifically, SHA-1 ) at work. Note that even small changes in the source input (here in the word "over") drastically ...

Amazon releases open source cryptographic module
... saving the world from another online security disaster like last year's Heartbleed, Amazon Web Services has released as open source a cryptographic ...

iOS 6: Apple FIPS iOS Cryptographic Modules v3.0
Learn about FIPS in iOS 6. The iOS Cryptographic Modules, Apple iOS CoreCrypto Module v3.0, and Apple iOS CoreCrypto Kernel Module v3.0, require ...

Cryptographic certification could lead to wider iPhone use in government
Apple's iPhone might see wider adoption in government use, thanks to the recent validation of a cryptographic module for iOS.

Scientists crack RSA SecurID 800 tokens, steal cryptographic keys
RSA's SecurID 800 is one of at least five commercially available security devices susceptible to a new attack that extracts cryptographic keys ...

Sensitive cryptographic gear could slow recovery of Cygnus cargo
... was carrying an unmanned Cygnus spacecraft with about 5,000 pounds of cargo on board including classified equipment that uses sensitive cryptographic ...

Cryptographic currency
MATT Green would like you to think of Zerocoin, a Bitcoin-like alternative currency in the process of finalising its specifications, as a bulletin ...

NIST to review its cryptographic standards, hopes to regain trust in wake of NSA scandals
... thing as bad press should talk to the NIST it says that "recent news reports about classified documents" are hurting its standing in the cryptographic ...

Cryptographic Key Reuse Exposed, Leaving Users at Risk
A lack of unique keys in embedded devices is revealed, leaving such devices subject to impersonation, man-in-the-middle or passive decryption ...

New Xerox PARC processor can self-destruct, destroy cryptographic keys on command
A new cryptographic processor from DARPA could store keys inside a chip on a glass substrate and shatter when ordered to do so, locking the keys ...

Resources last updated: 12/4/2015 6:36:46 AM