| Commit message (Collapse) | Author | Age | Lines |
| |
|
|
|
|
|
| |
Basically, NSC_GetTokenInfo doesn't lock slot->slotLock before accessing slot
after obtaining it, even though slotLock is defined as its lock.
|
| |
|
| |
|
|
|
|
| |
This rewrites the caching mechanism to apply to both PBKDF1 and PBKDF2
|
|
|
|
|
|
|
| |
Our NSS version is closer to the currently-released .1, so bump version
to that.
Note: we still have some additional patches to the in-tree version in
place so this isn't a 100% match to the RTM one.
|
|
|
|
|
|
| |
to speed up repeated SDR operations.
Landed on NSS-3.48 for Bug 1606992
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
SFTKSession objects are only ever actually destroyed at PK11 session
closure, as the session is always the final holder -- and asserting
refCount == 1 shows that to be true. Because of that, NSC_CloseSession
can just call `sftk_DestroySession` directly and leave
`sftk_FreeSession` as a no-op to be removed in the future.
|
| |
|
|
|
|
|
|
| |
HKDF-Expand enforces a maximum output length much shorter than stated in
the RFC. This patch aligns the implementation with the RFC by allocating
more output space when necessary.
|
| |
|
| |
|
|
|
|
|
| |
within industry standard security, considering our db hashing is more
CPU intensive than anticipated.
|
|
|
|
| |
This resolves #82
|
|
|
|
| |
This reverts commit fbc2eaacd679f0c484993ffe23d786fd06da22c3.
|
|
|
|
| |
This resolves #82
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Added HACL*Poly1305 32-bit (INRIA/Microsoft)
- Updated to final TLS 1.3 draft version (28)
- Removed TLS 1.3 prerelease draft limit check
- Removed NPN code
- Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments
- Fixed several bugs with TLS 1.3 negotiation
- Updated internal certificate store
- Added support for the TLS Record Size Limit Extension.
- Fixed CVE-2018-0495
- Various security fixes in the ASN.1 code.
|
| |
|
| |
|
|
|
|
| |
#82 #265
|
|
|
|
| |
This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.
|
|
|
|
|
|
|
|
| |
- Use 30k iterations instead of 1.
- Enforce minimum password length of 8 characters.
- Adjust strength meter accordingly.
This resolves #82.
|
| |
|
| |
|
|
|