summaryrefslogtreecommitdiffstats
path: root/security/nss
Commit message (Collapse)AuthorAgeLines
* Add length checks for cryptographic primitivesKevin Jacobs2019-10-24-9/+56
| | | | | This rollup patch adds additional length checks around cryptographic primitives.
* Support longer (up to RFC maximum) HKDF outputswolfbeast2019-10-24-8/+25
| | | | | | HKDF-Expand enforces a maximum output length much shorter than stated in the RFC. This patch aligns the implementation with the RFC by allocating more output space when necessary.
* Update NSS version.wolfbeast2019-07-17-7/+6
|
* Prohibit the use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3wolfbeast2019-07-17-0/+20
| | | | This is a spec compliance issue.
* Don't unnecessarily strip leading 0's from key material during PKCS11 import.wolfbeast2019-07-17-18/+30
|
* Apply better input checking discipline.wolfbeast2019-07-17-7/+22
|
* Change softoken password rounds to a more conservative number stillwolfbeast2019-07-03-2/+2
| | | | | within industry standard security, considering our db hashing is more CPU intensive than anticipated.
* Update NSS to 3.41.1 (custom)wolfbeast2019-06-27-49/+218
| | | | This resolves #82
* Revert "Update NSS to 3.41.1 (custom)"wolfbeast2019-06-26-213/+45
| | | | This reverts commit fbc2eaacd679f0c484993ffe23d786fd06da22c3.
* Update NSS to 3.41.1 (custom)wolfbeast2019-06-26-45/+213
| | | | This resolves #82
* Update NSS to 3.41wolfbeast2018-12-15-8328/+47108
|
* Update NSS to 3.38wolfbeast2018-08-14-7139/+4861
| | | | | | | | | | | | | - Added HACL*Poly1305 32-bit (INRIA/Microsoft) - Updated to final TLS 1.3 draft version (28) - Removed TLS 1.3 prerelease draft limit check - Removed NPN code - Enabled dev/urandom-only RNG on Linux with NSS_SEED_ONLY_DEV_URANDOM for non-standard environments - Fixed several bugs with TLS 1.3 negotiation - Updated internal certificate store - Added support for the TLS Record Size Limit Extension. - Fixed CVE-2018-0495 - Various security fixes in the ASN.1 code.
* Don't leak newTemplate in pk11_copyAttributes()wolfbeast2018-07-01-2/+3
| | | | Cherry-pick of NSS fix from 3.37
* Update NSS to 3.36.4-RTMJustOff2018-06-11-5825/+5550
|
* Revert "Restore NSS default storage file format to DBM when no prefix is given."wolfbeast2018-06-06-7/+4
| | | | This reverts commit b2c78bbf83f75bf034028814329fdd43b6bfe885.
* Restore NSS default storage file format to DBM when no prefix is given.NSS_3.35_TESTwolfbeast2018-06-05-4/+7
|
* Update NSS to 3.35-RTMwolfbeast2018-06-05-15971/+34294
|
* Partially revert 1ef526f0f - sftkpwd.cMatt A. Tobin2018-04-26-2/+2
| | | | #82 #265
* Revert "Update NSS to 3.35-RTM"wolfbeast2018-04-25-34294/+15971
| | | | This reverts commit f1a0f0a56fdd0fc39f255174ce08c06b91c66c94.
* Strengthen the use of the Master Password.wolfbeast2018-04-18-2/+2
| | | | | | | | - Use 30k iterations instead of 1. - Enforce minimum password length of 8 characters. - Adjust strength meter accordingly. This resolves #82.
* Update NSS to 3.35-RTMwolfbeast2018-02-23-15971/+34294
|
* Update NSS to 3.32.1-RTMwolfbeast2018-02-06-16821/+83185
|
* Use UTC where appropriate in python filesMatt A. Tobin2018-02-02-1/+1
|
* Add m-esr52 at 52.6.0Matt A. Tobin2018-02-02-0/+1049886