]>
Commit | Line | Data |
---|---|---|
94bd60cc SS |
1 | diff -up ./mozilla/security/coreconf/Linux.mk.nosha224 ./mozilla/security/coreconf/Linux.mk |
2 | --- ./mozilla/security/coreconf/Linux.mk.nosha224 2011-12-04 22:03:47.295609957 -0800 | |
3 | +++ ./mozilla/security/coreconf/Linux.mk 2011-12-04 22:03:47.301609957 -0800 | |
4 | @@ -188,6 +188,14 @@ NSSUTIL_LIBS = -lnssutil3 | |
5 | USE_SYSTEM_FREEBL = 1 | |
6 | FREEBL_LIBS = -lfreebl3 | |
7 | ||
8 | +# | |
9 | +# Don't compile code that requires SHA224 if it isn't avilable | |
10 | +# Such is the case when system freebl/softokn is the 3.12 one | |
11 | +# | |
12 | +ifdef NO_SHA224_AVAILABLE | |
13 | +CFLAGS+=-DNO_SHA224_AVAILABLE | |
14 | +endif | |
15 | + | |
16 | # The -rpath '$$ORIGIN' linker option instructs this library to search for its | |
17 | # dependencies in the same directory where it resides. | |
18 | ifeq ($(BUILD_SUN_PKG), 1) | |
19 | diff -up ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224 ./mozilla/security/nss/cmd/bltest/blapitest.c | |
20 | --- ./mozilla/security/nss/cmd/bltest/blapitest.c.nosha224 2011-09-16 12:16:50.000000000 -0700 | |
21 | +++ ./mozilla/security/nss/cmd/bltest/blapitest.c 2011-12-04 22:03:47.302609957 -0800 | |
22 | @@ -686,7 +686,9 @@ typedef enum { | |
23 | bltestMD2, /* Hash algorithms */ | |
24 | bltestMD5, /* . */ | |
25 | bltestSHA1, /* . */ | |
26 | +#ifndef NO_SHA224_AVAILABLE | |
27 | bltestSHA224, /* . */ | |
28 | +#endif | |
29 | bltestSHA256, /* . */ | |
30 | bltestSHA384, /* . */ | |
31 | bltestSHA512, /* . */ | |
32 | @@ -721,7 +723,9 @@ static char *mode_strings[] = | |
33 | "md2", | |
34 | "md5", | |
35 | "sha1", | |
36 | +#ifndef NO_SHA224_AVAILABLE | |
37 | "sha224", | |
38 | +#endif | |
39 | "sha256", | |
40 | "sha384", | |
41 | "sha512", | |
42 | @@ -1761,6 +1765,7 @@ finish: | |
43 | return rv; | |
44 | } | |
45 | ||
46 | +#ifndef NO_SHA224_AVAILABLE | |
47 | SECStatus | |
48 | SHA224_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) | |
49 | { | |
50 | @@ -1800,6 +1805,7 @@ finish: | |
51 | SHA224_DestroyContext(cx, PR_TRUE); | |
52 | return rv; | |
53 | } | |
54 | +#endif | |
55 | ||
56 | SECStatus | |
57 | SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) | |
58 | @@ -2093,6 +2099,7 @@ cipherInit(bltestCipherInfo *cipherInfo, | |
59 | cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf; | |
60 | return SECSuccess; | |
61 | break; | |
62 | +#ifndef NO_SHA224_AVAILABLE | |
63 | case bltestSHA224: | |
64 | restart = cipherInfo->params.hash.restart; | |
65 | SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, | |
66 | @@ -2100,6 +2107,7 @@ cipherInit(bltestCipherInfo *cipherInfo, | |
67 | cipherInfo->cipher.hashCipher = (restart) ? SHA224_restart | |
68 | : SHA224_HashBuf; | |
69 | return SECSuccess; | |
70 | +#endif | |
71 | break; | |
72 | case bltestSHA256: | |
73 | restart = cipherInfo->params.hash.restart; | |
74 | @@ -2542,7 +2550,9 @@ cipherFinish(bltestCipherInfo *cipherInf | |
75 | case bltestMD2: /* hash contexts are ephemeral */ | |
76 | case bltestMD5: | |
77 | case bltestSHA1: | |
78 | +#ifndef NO_SHA224_AVAILABLE | |
79 | case bltestSHA224: | |
80 | +#endif | |
81 | case bltestSHA256: | |
82 | case bltestSHA384: | |
83 | case bltestSHA512: | |
84 | @@ -2896,7 +2906,9 @@ get_params(PRArenaPool *arena, bltestPar | |
85 | case bltestMD2: | |
86 | case bltestMD5: | |
87 | case bltestSHA1: | |
88 | +#ifndef NO_SHA224_AVAILABLE | |
89 | case bltestSHA224: | |
90 | +#endif | |
91 | case bltestSHA256: | |
92 | case bltestSHA384: | |
93 | case bltestSHA512: | |
94 | diff -up ./mozilla/security/nss/cmd/chktest/chktest.c.nosha224 ./mozilla/security/nss/cmd/chktest/chktest.c | |
95 | --- ./mozilla/security/nss/cmd/chktest/chktest.c.nosha224 2010-12-06 09:22:49.000000000 -0800 | |
96 | +++ ./mozilla/security/nss/cmd/chktest/chktest.c 2011-12-04 22:03:47.304609957 -0800 | |
97 | @@ -41,6 +41,10 @@ | |
98 | #include "blapi.h" | |
99 | #include "secutil.h" | |
100 | ||
101 | +#ifdef NO_SHA224_AVAILABLE | |
102 | +PRBool BLAPI_SHVerifyFile(const char *shName); | |
103 | +#endif | |
104 | + | |
105 | static int Usage() | |
106 | { | |
107 | fprintf(stderr, "Usage: chktest <full-path-to-shared-library>\n"); | |
108 | diff -up ./mozilla/security/nss/cmd/lib/secutil.c.nosha224 ./mozilla/security/nss/cmd/lib/secutil.c | |
109 | --- ./mozilla/security/nss/cmd/lib/secutil.c.nosha224 2011-10-22 07:35:41.000000000 -0700 | |
110 | +++ ./mozilla/security/nss/cmd/lib/secutil.c 2011-12-04 22:03:47.305609957 -0800 | |
111 | @@ -86,6 +86,14 @@ static char consoleName[] = { | |
112 | #include "nssutil.h" | |
113 | #include "ssl.h" | |
114 | ||
115 | +/* Defined in ./mozilla/dist/public/nss/certdb.h which was included | |
116 | + * and also in ./mozilla/security/nss/lib/softoken/legacydb/pcertt.h | |
117 | + * but invisible here for some reason | |
118 | + */ | |
119 | +#ifndef CERTDB_TERMINAL_RECORD | |
120 | +#define CERTDB_TERMINAL_RECORD (1<<0) | |
121 | +#endif | |
122 | + | |
123 | ||
124 | void | |
125 | SECU_PrintErrMsg(FILE *out, int level, char *progName, char *msg, ...) | |
126 | @@ -1509,6 +1517,8 @@ const SEC_ASN1Template secuPBEV2Params[] | |
127 | { 0 } | |
128 | }; | |
129 | ||
130 | +/* if no sha224 then no psapss either */ | |
131 | +#ifndef NO_SHA224_AVAILABLE | |
132 | void | |
133 | secu_PrintRSAPSSParams(FILE *out, SECItem *value, char *m, int level) | |
134 | { | |
135 | @@ -1572,6 +1582,7 @@ secu_PrintRSAPSSParams(FILE *out, SECIte | |
136 | } | |
137 | PORT_FreeArena(pool, PR_FALSE); | |
138 | } | |
139 | +#endif | |
140 | ||
141 | void | |
142 | secu_PrintKDF2Params(FILE *out, SECItem *value, char *m, int level) | |
143 | @@ -1684,10 +1695,12 @@ SECU_PrintAlgorithmID(FILE *out, SECAlgo | |
144 | return; | |
145 | } | |
146 | ||
147 | +#ifndef NO_SHA224_AVAILABLE | |
148 | if (algtag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { | |
149 | secu_PrintRSAPSSParams(out, &a->parameters, "Parameters", level+1); | |
150 | return; | |
151 | } | |
152 | +#endif | |
153 | ||
154 | if (a->parameters.len == 0 | |
155 | || (a->parameters.len == 2 | |
156 | @@ -3763,8 +3776,10 @@ SECU_StringToSignatureAlgTag(const char | |
157 | hashAlgTag = SEC_OID_MD5; | |
158 | } else if (!PL_strcmp(alg, "SHA1")) { | |
159 | hashAlgTag = SEC_OID_SHA1; | |
160 | +#ifndef NO_SHA224_AVAILABLE | |
161 | } else if (!PL_strcmp(alg, "SHA224")) { | |
162 | hashAlgTag = SEC_OID_SHA224; | |
163 | +#endif | |
164 | } else if (!PL_strcmp(alg, "SHA256")) { | |
165 | hashAlgTag = SEC_OID_SHA256; | |
166 | } else if (!PL_strcmp(alg, "SHA384")) { | |
167 | diff -up ./mozilla/security/nss/cmd/pk11mode/pk11mode.c.nosha224 ./mozilla/security/nss/cmd/pk11mode/pk11mode.c | |
168 | --- ./mozilla/security/nss/cmd/pk11mode/pk11mode.c.nosha224 2011-12-04 22:07:27.230604899 -0800 | |
169 | +++ ./mozilla/security/nss/cmd/pk11mode/pk11mode.c 2011-12-04 22:10:06.365601241 -0800 | |
170 | @@ -883,21 +883,27 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR | |
171 | ||
172 | mech_str digestMechs[] = { | |
173 | {CKM_SHA_1, "CKM_SHA_1 "}, | |
174 | +#ifndef NO_SHA224_AVAILABLE | |
175 | {CKM_SHA224, "CKM_SHA224"}, | |
176 | +#endif | |
177 | {CKM_SHA256, "CKM_SHA256"}, | |
178 | {CKM_SHA384, "CKM_SHA384"}, | |
179 | {CKM_SHA512, "CKM_SHA512"} | |
180 | }; | |
181 | mech_str hmacMechs[] = { | |
182 | {CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC"}, | |
183 | +#ifndef NO_SHA224_AVAILABLE | |
184 | {CKM_SHA224_HMAC, "CKM_SHA224_HMAC"}, | |
185 | +#endif | |
186 | {CKM_SHA256_HMAC, "CKM_SHA256_HMAC"}, | |
187 | {CKM_SHA384_HMAC, "CKM_SHA384_HMAC"}, | |
188 | {CKM_SHA512_HMAC, "CKM_SHA512_HMAC"} | |
189 | }; | |
190 | mech_str sigRSAMechs[] = { | |
191 | {CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS"}, | |
192 | +#ifndef NO_SHA224_AVAILABLE | |
193 | {CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS"}, | |
194 | +#endif | |
195 | {CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS"}, | |
196 | {CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS"}, | |
197 | {CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS"} | |
198 | diff -up ./mozilla/security/nss/lib/cryptohi/sechash.c.nosha224 ./mozilla/security/nss/lib/cryptohi/sechash.c | |
199 | --- ./mozilla/security/nss/lib/cryptohi/sechash.c.nosha224 2011-06-21 15:47:54.000000000 -0700 | |
200 | +++ ./mozilla/security/nss/lib/cryptohi/sechash.c 2011-12-04 22:03:47.306609957 -0800 | |
201 | @@ -91,10 +91,12 @@ sha1_NewContext(void) { | |
202 | return (void *) PK11_CreateDigestContext(SEC_OID_SHA1); | |
203 | } | |
204 | ||
205 | +#ifndef NO_SHA224_AVAILABLE | |
206 | static void * | |
207 | sha224_NewContext(void) { | |
208 | return (void *) PK11_CreateDigestContext(SEC_OID_SHA224); | |
209 | } | |
210 | +#endif | |
211 | ||
212 | static void * | |
213 | sha256_NewContext(void) { | |
214 | @@ -189,6 +191,7 @@ const SECHashObject SECHashObjects[] = { | |
215 | SHA512_BLOCK_LENGTH, | |
216 | HASH_AlgSHA512 | |
217 | }, | |
218 | +#ifndef NO_SHA224_AVAILABLE | |
219 | { SHA224_LENGTH, | |
220 | (void * (*)(void)) sha224_NewContext, | |
221 | (void * (*)(void *)) PK11_CloneContext, | |
222 | @@ -200,6 +203,7 @@ const SECHashObject SECHashObjects[] = { | |
223 | SHA224_BLOCK_LENGTH, | |
224 | HASH_AlgSHA224 | |
225 | }, | |
226 | +#endif | |
227 | }; | |
228 | ||
229 | const SECHashObject * | |
230 | @@ -217,7 +221,9 @@ HASH_GetHashTypeByOidTag(SECOidTag hashO | |
231 | case SEC_OID_MD2: ht = HASH_AlgMD2; break; | |
232 | case SEC_OID_MD5: ht = HASH_AlgMD5; break; | |
233 | case SEC_OID_SHA1: ht = HASH_AlgSHA1; break; | |
234 | +#ifndef NO_SHA224_AVAILABLE | |
235 | case SEC_OID_SHA224: ht = HASH_AlgSHA224; break; | |
236 | +#endif | |
237 | case SEC_OID_SHA256: ht = HASH_AlgSHA256; break; | |
238 | case SEC_OID_SHA384: ht = HASH_AlgSHA384; break; | |
239 | case SEC_OID_SHA512: ht = HASH_AlgSHA512; break; | |
240 | @@ -237,7 +243,9 @@ HASH_GetHashOidTagByHMACOidTag(SECOidTag | |
241 | /* no oid exists for HMAC_MD2 */ | |
242 | /* NSS does not define a oid for HMAC_MD4 */ | |
243 | case SEC_OID_HMAC_SHA1: hashOid = SEC_OID_SHA1; break; | |
244 | +#ifndef NO_SHA224_AVAILABLE | |
245 | case SEC_OID_HMAC_SHA224: hashOid = SEC_OID_SHA224; break; | |
246 | +#endif | |
247 | case SEC_OID_HMAC_SHA256: hashOid = SEC_OID_SHA256; break; | |
248 | case SEC_OID_HMAC_SHA384: hashOid = SEC_OID_SHA384; break; | |
249 | case SEC_OID_HMAC_SHA512: hashOid = SEC_OID_SHA512; break; | |
250 | @@ -257,7 +265,9 @@ HASH_GetHMACOidTagByHashOidTag(SECOidTag | |
251 | /* no oid exists for HMAC_MD2 */ | |
252 | /* NSS does not define a oid for HMAC_MD4 */ | |
253 | case SEC_OID_SHA1: hmacOid = SEC_OID_HMAC_SHA1; break; | |
254 | +#ifndef NO_SHA224_AVAILABLE | |
255 | case SEC_OID_SHA224: hmacOid = SEC_OID_HMAC_SHA224; break; | |
256 | +#endif | |
257 | case SEC_OID_SHA256: hmacOid = SEC_OID_HMAC_SHA256; break; | |
258 | case SEC_OID_SHA384: hmacOid = SEC_OID_HMAC_SHA384; break; | |
259 | case SEC_OID_SHA512: hmacOid = SEC_OID_HMAC_SHA512; break; | |
260 | diff -up ./mozilla/security/nss/lib/cryptohi/seckey.c.nosha224 ./mozilla/security/nss/lib/cryptohi/seckey.c | |
261 | --- ./mozilla/security/nss/lib/cryptohi/seckey.c.nosha224 2011-10-22 07:35:42.000000000 -0700 | |
262 | +++ ./mozilla/security/nss/lib/cryptohi/seckey.c 2011-12-04 22:03:47.307609957 -0800 | |
263 | @@ -550,7 +550,9 @@ seckey_GetKeyType (SECOidTag tag) { | |
264 | * should be handing us a cipher type */ | |
265 | case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION: | |
266 | case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: | |
267 | +#ifndef NO_SHA224_AVAILABLE | |
268 | case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: | |
269 | +#endif | |
270 | case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: | |
271 | case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION: | |
272 | case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION: | |
273 | diff -up ./mozilla/security/nss/lib/cryptohi/secvfy.c.nosha224 ./mozilla/security/nss/lib/cryptohi/secvfy.c | |
274 | --- ./mozilla/security/nss/lib/cryptohi/secvfy.c.nosha224 2011-10-22 07:35:42.000000000 -0700 | |
275 | +++ ./mozilla/security/nss/lib/cryptohi/secvfy.c 2011-12-04 22:03:47.307609957 -0800 | |
276 | @@ -240,11 +240,12 @@ sec_DecodeSigAlg(const SECKEYPublicKey * | |
277 | case SEC_OID_PKCS1_RSA_PSS_SIGNATURE: | |
278 | *hashalg = SEC_OID_UNKNOWN; /* get it from the RSA signature */ | |
279 | break; | |
280 | - | |
281 | +#ifndef NO_SHA224_AVAILABLE | |
282 | case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE: | |
283 | case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: | |
284 | *hashalg = SEC_OID_SHA224; | |
285 | break; | |
286 | +#endif | |
287 | case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE: | |
288 | case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: | |
289 | *hashalg = SEC_OID_SHA256; | |
290 | @@ -279,8 +280,10 @@ sec_DecodeSigAlg(const SECKEYPublicKey * | |
291 | len = SECKEY_PublicKeyStrength(key); | |
292 | if (len < 28) { /* 28 bytes == 224 bits */ | |
293 | *hashalg = SEC_OID_SHA1; | |
294 | +#ifndef NO_SHA224_AVAILABLE | |
295 | } else if (len < 32) { /* 32 bytes == 256 bits */ | |
296 | *hashalg = SEC_OID_SHA224; | |
297 | +#endif | |
298 | } else if (len < 48) { /* 48 bytes == 384 bits */ | |
299 | *hashalg = SEC_OID_SHA256; | |
300 | } else if (len < 64) { /* 48 bytes == 512 bits */ | |
301 | @@ -325,7 +328,9 @@ sec_DecodeSigAlg(const SECKEYPublicKey * | |
302 | case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: | |
303 | case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE: | |
304 | case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE: | |
305 | +#ifndef NO_SHA224_AVAILABLE | |
306 | case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: | |
307 | +#endif | |
308 | case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: | |
309 | case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION: | |
310 | case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION: | |
311 | @@ -347,7 +352,9 @@ sec_DecodeSigAlg(const SECKEYPublicKey * | |
312 | *encalg = SEC_OID_MISSI_DSS; | |
313 | break; | |
314 | case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE: | |
315 | +#ifndef NO_SHA224_AVAILABLE | |
316 | case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE: | |
317 | +#endif | |
318 | case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE: | |
319 | case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE: | |
320 | case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE: | |
321 | diff -up ./mozilla/security/nss/lib/freebl/blapi.h.nosha224 ./mozilla/security/nss/lib/freebl/blapi.h | |
322 | --- ./mozilla/security/nss/lib/freebl/blapi.h.nosha224 2011-10-04 15:05:53.000000000 -0700 | |
323 | +++ ./mozilla/security/nss/lib/freebl/blapi.h 2011-12-04 22:03:47.308609957 -0800 | |
324 | @@ -1088,7 +1088,7 @@ extern SHA1Context * SHA1_Resurrect(unsi | |
325 | extern void SHA1_Clone(SHA1Context *dest, SHA1Context *src); | |
326 | ||
327 | /******************************************/ | |
328 | - | |
329 | +#ifndef NO_SHA224_AVAILABLE | |
330 | extern SHA224Context *SHA224_NewContext(void); | |
331 | extern void SHA224_DestroyContext(SHA224Context *cx, PRBool freeit); | |
332 | extern void SHA224_Begin(SHA224Context *cx); | |
333 | @@ -1104,6 +1104,7 @@ extern unsigned int SHA224_FlattenSize(S | |
334 | extern SECStatus SHA224_Flatten(SHA224Context *cx,unsigned char *space); | |
335 | extern SHA224Context * SHA224_Resurrect(unsigned char *space, void *arg); | |
336 | extern void SHA224_Clone(SHA224Context *dest, SHA224Context *src); | |
337 | +#endif | |
338 | ||
339 | /******************************************/ | |
340 | ||
341 | diff -up ./mozilla/security/nss/lib/freebl/ldvector.c.nosha224 ./mozilla/security/nss/lib/freebl/ldvector.c | |
342 | --- ./mozilla/security/nss/lib/freebl/ldvector.c.nosha224 2011-10-04 15:05:53.000000000 -0700 | |
343 | +++ ./mozilla/security/nss/lib/freebl/ldvector.c 2011-12-04 22:03:47.309609957 -0800 | |
344 | @@ -270,7 +270,7 @@ static const struct FREEBLVectorStr vect | |
345 | JPAKE_Verify, | |
346 | JPAKE_Round2, | |
347 | JPAKE_Final, | |
348 | - | |
349 | +#ifndef NO_SHA224_AVAILABLE | |
350 | /* End of Version 3.012 */ | |
351 | ||
352 | TLS_P_hash, | |
353 | @@ -287,7 +287,7 @@ static const struct FREEBLVectorStr vect | |
354 | SHA224_Resurrect, | |
355 | SHA224_Clone, | |
356 | BLAPI_SHVerifyFile | |
357 | - | |
358 | +#endif | |
359 | /* End of Version 3.013 */ | |
360 | }; | |
361 | ||
362 | diff -up ./mozilla/security/nss/lib/freebl/nsslowhash.c.nosha224 ./mozilla/security/nss/lib/freebl/nsslowhash.c | |
363 | --- ./mozilla/security/nss/lib/freebl/nsslowhash.c.nosha224 2010-09-09 17:42:36.000000000 -0700 | |
364 | +++ ./mozilla/security/nss/lib/freebl/nsslowhash.c 2011-12-04 22:03:47.309609957 -0800 | |
365 | @@ -128,14 +128,14 @@ freebl_fips_SHA_PowerUpSelfTest( void ) | |
366 | 0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b, | |
367 | 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0, | |
368 | 0xe0,0x68,0x47,0x7a}; | |
369 | - | |
370 | +#ifndef NO_SHA224_AVAILABLE | |
371 | /* SHA-224 Known Digest Message (224-bits). */ | |
372 | static const PRUint8 sha224_known_digest[] = { | |
373 | 0x1c,0xc3,0x06,0x8e,0xce,0x37,0x68,0xfb, | |
374 | 0x1a,0x82,0x4a,0xbe,0x2b,0x00,0x51,0xf8, | |
375 | 0x9d,0xb6,0xe0,0x90,0x0d,0x00,0xc9,0x64, | |
376 | 0x9a,0xb8,0x98,0x4e}; | |
377 | - | |
378 | +#endif | |
379 | /* SHA-256 Known Digest Message (256-bits). */ | |
380 | static const PRUint8 sha256_known_digest[] = { | |
381 | 0x38,0xa9,0xc1,0xf0,0x35,0xf6,0x5d,0x61, | |
382 | @@ -178,7 +178,7 @@ freebl_fips_SHA_PowerUpSelfTest( void ) | |
383 | ( PORT_Memcmp( sha_computed_digest, sha1_known_digest, | |
384 | SHA1_LENGTH ) != 0 ) ) | |
385 | return( CKR_DEVICE_ERROR ); | |
386 | - | |
387 | +#ifndef NO_SHA224_AVAILABLE | |
388 | /***************************************************/ | |
389 | /* SHA-224 Single-Round Known Answer Hashing Test. */ | |
390 | /***************************************************/ | |
391 | @@ -190,7 +190,7 @@ freebl_fips_SHA_PowerUpSelfTest( void ) | |
392 | ( PORT_Memcmp( sha_computed_digest, sha224_known_digest, | |
393 | SHA224_LENGTH ) != 0 ) ) | |
394 | return( CKR_DEVICE_ERROR ); | |
395 | - | |
396 | +#endif | |
397 | /***************************************************/ | |
398 | /* SHA-256 Single-Round Known Answer Hashing Test. */ | |
399 | /***************************************************/ | |
400 | diff -up ./mozilla/security/nss/lib/freebl/rawhash.c.nosha224 ./mozilla/security/nss/lib/freebl/rawhash.c | |
401 | --- ./mozilla/security/nss/lib/freebl/rawhash.c.nosha224 2010-08-17 22:55:47.000000000 -0700 | |
402 | +++ ./mozilla/security/nss/lib/freebl/rawhash.c 2011-12-04 22:03:47.309609957 -0800 | |
403 | @@ -155,6 +155,7 @@ const SECHashObject SECRawHashObjects[] | |
404 | SHA512_BLOCK_LENGTH, | |
405 | HASH_AlgSHA512 | |
406 | }, | |
407 | +#ifndef NO_SHA224_AVAILABLE | |
408 | { SHA224_LENGTH, | |
409 | (void * (*)(void)) SHA224_NewContext, | |
410 | (void * (*)(void *)) null_hash_clone_context, | |
411 | @@ -166,6 +167,7 @@ const SECHashObject SECRawHashObjects[] | |
412 | SHA224_BLOCK_LENGTH, | |
413 | HASH_AlgSHA224 | |
414 | }, | |
415 | +#endif | |
416 | }; | |
417 | ||
418 | const SECHashObject * | |
419 | diff -up ./mozilla/security/nss/lib/freebl/sha512.c.nosha224 ./mozilla/security/nss/lib/freebl/sha512.c | |
420 | --- ./mozilla/security/nss/lib/freebl/sha512.c.nosha224 2011-09-14 10:48:03.000000000 -0700 | |
421 | +++ ./mozilla/security/nss/lib/freebl/sha512.c 2011-12-04 22:03:47.310609957 -0800 | |
422 | @@ -544,6 +544,7 @@ void SHA256_Clone(SHA256Context *dest, S | |
423 | memcpy(dest, src, sizeof *dest); | |
424 | } | |
425 | ||
426 | +#ifndef NO_SHA224_AVAILABLE | |
427 | /* ============= SHA224 implementation ================================== */ | |
428 | ||
429 | /* SHA-224 initial hash values */ | |
430 | @@ -630,7 +631,7 @@ void SHA224_Clone(SHA224Context *dest, S | |
431 | { | |
432 | SHA256_Clone(dest, src); | |
433 | } | |
434 | - | |
435 | +#endif | |
436 | ||
437 | /* ======= SHA512 and SHA384 common constants and defines ================= */ | |
438 | ||
439 | diff -up ./mozilla/security/nss/lib/softoken/fipstest.c.nosha224 ./mozilla/security/nss/lib/softoken/fipstest.c | |
440 | --- ./mozilla/security/nss/lib/softoken/fipstest.c.nosha224 2011-03-29 08:12:43.000000000 -0700 | |
441 | +++ ./mozilla/security/nss/lib/softoken/fipstest.c 2011-12-04 22:03:47.311609956 -0800 | |
442 | @@ -865,12 +865,14 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) | |
443 | 0x3b, 0x57, 0x1d, 0x61, 0xe7, 0xb8, 0x84, 0x1e, | |
444 | 0x5d, 0x0e, 0x1e, 0x11}; | |
445 | ||
446 | +#ifndef NO_SHA224_AVAILABLE | |
447 | /* known SHA224 hmac (28 bytes) */ | |
448 | static const PRUint8 known_SHA224_hmac[] = { | |
449 | 0x1c, 0xc3, 0x06, 0x8e, 0xce, 0x37, 0x68, 0xfb, | |
450 | 0x1a, 0x82, 0x4a, 0xbe, 0x2b, 0x00, 0x51, 0xf8, | |
451 | 0x9d, 0xb6, 0xe0, 0x90, 0x0d, 0x00, 0xc9, 0x64, | |
452 | 0x9a, 0xb8, 0x98, 0x4e}; | |
453 | +#endif | |
454 | ||
455 | /* known SHA256 hmac (32 bytes) */ | |
456 | static const PRUint8 known_SHA256_hmac[] = { | |
457 | @@ -922,6 +924,7 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) | |
458 | /* HMAC SHA-224 Single-Round Known Answer Test. */ | |
459 | /***************************************************/ | |
460 | ||
461 | +#ifndef NO_SHA224_AVAILABLE | |
462 | hmac_status = sftk_fips_HMAC(hmac_computed, | |
463 | HMAC_known_secret_key, | |
464 | HMAC_known_secret_key_length, | |
465 | @@ -933,6 +936,7 @@ sftk_fips_HMAC_PowerUpSelfTest( void ) | |
466 | ( PORT_Memcmp( hmac_computed, known_SHA224_hmac, | |
467 | SHA224_LENGTH ) != 0 ) ) | |
468 | return( CKR_DEVICE_ERROR ); | |
469 | +#endif | |
470 | ||
471 | /***************************************************/ | |
472 | /* HMAC SHA-256 Single-Round Known Answer Test. */ | |
473 | @@ -994,12 +998,14 @@ sftk_fips_SHA_PowerUpSelfTest( void ) | |
474 | 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0, | |
475 | 0xe0,0x68,0x47,0x7a}; | |
476 | ||
477 | +#ifndef NO_SHA224_AVAILABLE | |
478 | /* SHA-224 Known Digest Message (224-bits). */ | |
479 | static const PRUint8 sha224_known_digest[] = { | |
480 | 0x89,0x5e,0x7f,0xfd,0x0e,0xd8,0x35,0x6f, | |
481 | 0x64,0x6d,0xf2,0xde,0x5e,0xed,0xa6,0x7f, | |
482 | 0x29,0xd1,0x12,0x73,0x42,0x84,0x95,0x4f, | |
483 | 0x8e,0x08,0xe5,0xcb}; | |
484 | +#endif | |
485 | ||
486 | /* SHA-256 Known Digest Message (256-bits). */ | |
487 | static const PRUint8 sha256_known_digest[] = { | |
488 | @@ -1048,6 +1054,7 @@ sftk_fips_SHA_PowerUpSelfTest( void ) | |
489 | /* SHA-224 Single-Round Known Answer Hashing Test. */ | |
490 | /***************************************************/ | |
491 | ||
492 | +#ifndef NO_SHA224_AVAILABLE | |
493 | sha_status = SHA224_HashBuf( sha_computed_digest, known_hash_message, | |
494 | FIPS_KNOWN_HASH_MESSAGE_LENGTH ); | |
495 | ||
496 | @@ -1055,6 +1062,7 @@ sftk_fips_SHA_PowerUpSelfTest( void ) | |
497 | ( PORT_Memcmp( sha_computed_digest, sha224_known_digest, | |
498 | SHA224_LENGTH ) != 0 ) ) | |
499 | return( CKR_DEVICE_ERROR ); | |
500 | +#endif | |
501 | ||
502 | /***************************************************/ | |
503 | /* SHA-256 Single-Round Known Answer Hashing Test. */ | |
504 | diff -up ./mozilla/security/nss/lib/softoken/pkcs11c.c.nosha224 ./mozilla/security/nss/lib/softoken/pkcs11c.c | |
505 | --- ./mozilla/security/nss/lib/softoken/pkcs11c.c.nosha224 2011-09-21 11:49:16.000000000 -0700 | |
506 | +++ ./mozilla/security/nss/lib/softoken/pkcs11c.c 2011-12-04 22:03:47.313609956 -0800 | |
507 | @@ -1316,7 +1316,9 @@ CK_RV NSC_DigestInit(CK_SESSION_HANDLE h | |
508 | INIT_MECH(CKM_MD2, MD2) | |
509 | INIT_MECH(CKM_MD5, MD5) | |
510 | INIT_MECH(CKM_SHA_1, SHA1) | |
511 | +#ifndef NO_SHA224_AVAILABLE | |
512 | INIT_MECH(CKM_SHA224, SHA224) | |
513 | +#endif | |
514 | INIT_MECH(CKM_SHA256, SHA256) | |
515 | INIT_MECH(CKM_SHA384, SHA384) | |
516 | INIT_MECH(CKM_SHA512, SHA512) | |
517 | @@ -1440,7 +1442,9 @@ sftk_doSub ## mmm(SFTKSessionContext *co | |
518 | DOSUB(MD2) | |
519 | DOSUB(MD5) | |
520 | DOSUB(SHA1) | |
521 | +#ifndef NO_SHA224_AVAILABLE | |
522 | DOSUB(SHA224) | |
523 | +#endif | |
524 | DOSUB(SHA256) | |
525 | DOSUB(SHA384) | |
526 | DOSUB(SHA512) | |
527 | @@ -2013,7 +2017,9 @@ CK_RV NSC_SignInit(CK_SESSION_HANDLE hSe | |
528 | INIT_RSA_SIGN_MECH(MD5) | |
529 | INIT_RSA_SIGN_MECH(MD2) | |
530 | INIT_RSA_SIGN_MECH(SHA1) | |
531 | +#ifndef NO_SHA224_AVAILABLE | |
532 | INIT_RSA_SIGN_MECH(SHA224) | |
533 | +#endif | |
534 | INIT_RSA_SIGN_MECH(SHA256) | |
535 | INIT_RSA_SIGN_MECH(SHA384) | |
536 | INIT_RSA_SIGN_MECH(SHA512) | |
537 | @@ -2131,7 +2137,9 @@ finish_rsa: | |
538 | ||
539 | INIT_HMAC_MECH(MD2) | |
540 | INIT_HMAC_MECH(MD5) | |
541 | +#ifndef NO_SHA224_AVAILABLE | |
542 | INIT_HMAC_MECH(SHA224) | |
543 | +#endif | |
544 | INIT_HMAC_MECH(SHA256) | |
545 | INIT_HMAC_MECH(SHA384) | |
546 | INIT_HMAC_MECH(SHA512) | |
547 | @@ -2529,7 +2537,9 @@ CK_RV NSC_VerifyInit(CK_SESSION_HANDLE h | |
548 | INIT_RSA_VFY_MECH(MD5) | |
549 | INIT_RSA_VFY_MECH(MD2) | |
550 | INIT_RSA_VFY_MECH(SHA1) | |
551 | +#ifndef NO_SHA224_AVAILABLE | |
552 | INIT_RSA_VFY_MECH(SHA224) | |
553 | +#endif | |
554 | INIT_RSA_VFY_MECH(SHA256) | |
555 | INIT_RSA_VFY_MECH(SHA384) | |
556 | INIT_RSA_VFY_MECH(SHA512) | |
557 | @@ -2626,7 +2636,9 @@ finish_rsa: | |
558 | ||
559 | INIT_HMAC_MECH(MD2) | |
560 | INIT_HMAC_MECH(MD5) | |
561 | +#ifndef NO_SHA224_AVAILABLE | |
562 | INIT_HMAC_MECH(SHA224) | |
563 | +#endif | |
564 | INIT_HMAC_MECH(SHA256) | |
565 | INIT_HMAC_MECH(SHA384) | |
566 | INIT_HMAC_MECH(SHA512) | |
567 | diff -up ./mozilla/security/nss/lib/softoken/pkcs11.c.nosha224 ./mozilla/security/nss/lib/softoken/pkcs11.c | |
568 | --- ./mozilla/security/nss/lib/softoken/pkcs11.c.nosha224 2011-01-21 16:12:04.000000000 -0800 | |
569 | +++ ./mozilla/security/nss/lib/softoken/pkcs11.c 2011-12-04 22:03:47.316609956 -0800 | |
570 | @@ -311,8 +311,10 @@ static const struct mechanismList mechan | |
571 | CKF_SN_VR}, PR_TRUE}, | |
572 | {CKM_SHA1_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, | |
573 | CKF_SN_VR}, PR_TRUE}, | |
574 | +#ifndef NO_SHA224_AVAILABLE | |
575 | {CKM_SHA224_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, | |
576 | CKF_SN_VR}, PR_TRUE}, | |
577 | +#endif | |
578 | {CKM_SHA256_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, | |
579 | CKF_SN_VR}, PR_TRUE}, | |
580 | {CKM_SHA384_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX, | |
581 | @@ -401,9 +403,11 @@ static const struct mechanismList mechan | |
582 | {CKM_SHA_1, {0, 0, CKF_DIGEST}, PR_FALSE}, | |
583 | {CKM_SHA_1_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
584 | {CKM_SHA_1_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
585 | +#ifndef NO_SHA224_AVAILABLE | |
586 | {CKM_SHA224, {0, 0, CKF_DIGEST}, PR_FALSE}, | |
587 | {CKM_SHA224_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
588 | {CKM_SHA224_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
589 | +#endif | |
590 | {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE}, | |
591 | {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
592 | {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE}, | |
593 | diff -up ./mozilla/security/nss/lib/softoken/rsawrapr.c.nosha224 ./mozilla/security/nss/lib/softoken/rsawrapr.c | |
594 | --- ./mozilla/security/nss/lib/softoken/rsawrapr.c.nosha224 2011-10-22 07:35:43.000000000 -0700 | |
595 | +++ ./mozilla/security/nss/lib/softoken/rsawrapr.c 2011-12-04 22:03:47.316609956 -0800 | |
596 | @@ -1173,9 +1173,11 @@ GetHashTypeFromMechanism(CK_MECHANISM_TY | |
597 | case CKM_SHA_1: | |
598 | case CKG_MGF1_SHA1: | |
599 | return HASH_AlgSHA1; | |
600 | +#ifndef NO_SHA224_AVAILABLE | |
601 | case CKM_SHA224: | |
602 | case CKG_MGF1_SHA224: | |
603 | return HASH_AlgSHA224; | |
604 | +#endif | |
605 | case CKM_SHA256: | |
606 | case CKG_MGF1_SHA256: | |
607 | return HASH_AlgSHA256; | |
608 | diff -up ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224 ./mozilla/security/nss/tests/cipher/cipher.txt | |
609 | --- ./mozilla/security/nss/tests/cipher/cipher.txt.nosha224 2010-08-17 22:57:05.000000000 -0700 | |
610 | +++ ./mozilla/security/nss/tests/cipher/cipher.txt 2011-12-04 22:03:47.317609956 -0800 | |
611 | @@ -73,7 +73,6 @@ | |
612 | 0 md2_-H MD2_Hash | |
613 | 0 md5_-H MD5_Hash | |
614 | 0 sha1_-H SHA1_Hash | |
615 | - 0 sha224_-H SHA224_Hash | |
616 | 0 sha256_-H SHA256_Hash | |
617 | 0 sha384_-H SHA384_Hash | |
618 | 0 sha512_-H SHA512_Hash |