/hg/icedtea8-forest/jdk: 4 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Wed Jan 27 04:22:16 UTC 2016
changeset afd392dfaed5 in /hg/icedtea8-forest/jdk
details: http://icedtea.classpath.org/hg/icedtea8-forest/jdk?cmd=changeset;node=afd392dfaed5
author: andrew
date: Tue Jan 26 22:26:26 2016 +0000
PR2321: Checksum of policy JAR files changes on every build
Summary: Build policy files with zip instead of jar, using a static manifest.
changeset 48c15869ecd5 in /hg/icedtea8-forest/jdk
details: http://icedtea.classpath.org/hg/icedtea8-forest/jdk?cmd=changeset;node=48c15869ecd5
author: andrew
date: Wed Jan 27 02:54:06 2016 +0000
PR1983: Support using the system installation of NSS with the SunEC provider
Summary: Apply code changes from PR1699 & PR1742 & forward-port Makefile changes to the new build.
changeset 0ff7720931e8 in /hg/icedtea8-forest/jdk
details: http://icedtea.classpath.org/hg/icedtea8-forest/jdk?cmd=changeset;node=0ff7720931e8
author: andrew
date: Wed Jan 27 03:45:06 2016 +0000
PR2127: SunEC provider crashes when built using system NSS
Summary: Use NSS memory management functions
changeset 26e2e029ee25 in /hg/icedtea8-forest/jdk
details: http://icedtea.classpath.org/hg/icedtea8-forest/jdk?cmd=changeset;node=26e2e029ee25
author: andrew
date: Wed Jan 27 04:02:27 2016 +0000
PR2815: Race condition in SunEC provider with system NSS
Summary: Perform initialisation and shutdown only when library is loaded or SunEC is finalized respectively
diffstat:
make/CreateSecurityJars.gmk | 65 +++-
make/lib/SecurityLibraries.gmk | 19 +-
make/mapfiles/libsunec/mapfile-vers | 2 +
src/share/classes/sun/security/ec/SunEC.java | 19 +
src/share/native/sun/security/ec/ECC_JNI.cpp | 58 +++-
src/share/native/sun/security/ec/ecc_impl.h | 298 +++++++++++++++++++++++
src/share/native/sun/security/ec/impl/ecc_impl.h | 271 --------------------
src/solaris/javavm/export/jni_md.h | 5 +
8 files changed, 431 insertions(+), 306 deletions(-)
diffs (truncated from 937 to 500 lines):
diff -r fc14d405b69c -r 26e2e029ee25 make/CreateSecurityJars.gmk
--- a/make/CreateSecurityJars.gmk Mon Jan 11 17:16:44 2016 +0000
+++ b/make/CreateSecurityJars.gmk Wed Jan 27 04:02:27 2016 +0000
@@ -1,5 +1,6 @@
#
# Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2016, Red Hat Inc.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -198,18 +199,24 @@
US_EXPORT_POLICY_JAR_SRC_DIR := $(JDK_TOPDIR)/make/data/cryptopolicy/unlimited
US_EXPORT_POLICY_JAR_TMP := \
$(JDK_OUTPUTDIR)/jce/unsigned/policy/unlimited/US_export_policy_jar.tmp
+ US_EXPORT_POLICY_JAR_MANIFEST_FILE := \
+ $(US_EXPORT_POLICY_JAR_TMP)/META-INF/MANIFEST.MF
$(US_EXPORT_POLICY_JAR_TMP)/%: $(US_EXPORT_POLICY_JAR_SRC_DIR)/%
$(install-file)
- US_EXPORT_POLICY_JAR_DEPS := $(US_EXPORT_POLICY_JAR_TMP)/default_US_export.policy
+ $(US_EXPORT_POLICY_JAR_MANIFEST_FILE):
+ $(MKDIR) -p $(US_EXPORT_POLICY_JAR_TMP)/META-INF
+ $(ECHO) "Manifest-Version: 1.0" > $(US_EXPORT_POLICY_JAR_MANIFEST_FILE)
+ $(ECHO) "Crypto-Strength: unlimited" >> $(US_EXPORT_POLICY_JAR_MANIFEST_FILE)
+ $(TOUCH) -t 198001010000 $(US_EXPORT_POLICY_JAR_TMP)/META-INF
+ $(TOUCH) -r $(US_EXPORT_POLICY_JAR_TMP)/META-INF $(US_EXPORT_POLICY_JAR_MANIFEST_FILE)
+
+ US_EXPORT_POLICY_JAR_DEPS := $(US_EXPORT_POLICY_JAR_TMP)/default_US_export.policy \
+ $(US_EXPORT_POLICY_JAR_MANIFEST_FILE)
- $(eval $(call SetupArchive,BUILD_US_EXPORT_POLICY_JAR, $(US_EXPORT_POLICY_JAR_DEPS), \
- SRCS := $(US_EXPORT_POLICY_JAR_TMP), \
- SUFFIXES := .policy, \
- JAR := $(US_EXPORT_POLICY_JAR_UNLIMITED_UNSIGNED), \
- EXTRA_MANIFEST_ATTR := Crypto-Strength: unlimited, \
- SKIP_METAINF := true))
+ $(US_EXPORT_POLICY_JAR_UNLIMITED_UNSIGNED): $(US_EXPORT_POLICY_JAR_DEPS)
+ ( $(CD) $(US_EXPORT_POLICY_JAR_TMP) && $(ZIP) -Xr $@ META-INF *.policy )
$(US_EXPORT_POLICY_JAR_LIMITED_UNSIGNED): $(US_EXPORT_POLICY_JAR_UNLIMITED_UNSIGNED)
$(ECHO) $(LOG_INFO) Copying unlimited $(patsubst $(OUTPUT_ROOT)/%,%,$@)
@@ -255,31 +262,45 @@
#
LOCAL_POLICY_JAR_LIMITED_TMP := \
$(JDK_OUTPUTDIR)/jce/unsigned/policy/limited/local_policy_jar.tmp
+ LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE := \
+ $(LOCAL_POLICY_JAR_LIMITED_TMP)/META-INF/MANIFEST.MF
LOCAL_POLICY_JAR_UNLIMITED_TMP := \
$(JDK_OUTPUTDIR)/jce/unsigned/policy/unlimited/local_policy_jar.tmp
+ LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE := \
+ $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/META-INF/MANIFEST.MF
$(LOCAL_POLICY_JAR_LIMITED_TMP)/%: $(JDK_TOPDIR)/make/data/cryptopolicy/limited/%
$(install-file)
+ $(LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE):
+ $(MKDIR) -p $(LOCAL_POLICY_JAR_LIMITED_TMP)/META-INF
+ $(ECHO) "Manifest-Version: 1.0" > $(LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE)
+ $(ECHO) "Crypto-Strength: limited" >> $(LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE)
+ $(TOUCH) -t 198001010000 $(LOCAL_POLICY_JAR_LIMITED_TMP)/META-INF
+ $(TOUCH) -r $(LOCAL_POLICY_JAR_LIMITED_TMP)/META-INF $(LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE)
+
+ LOCAL_POLICY_JAR_LIMITED_DEPS := $(LOCAL_POLICY_JAR_LIMITED_TMP)/exempt_local.policy \
+ $(LOCAL_POLICY_JAR_LIMITED_TMP)/default_local.policy \
+ $(LOCAL_POLICY_JAR_LIMITED_MANIFEST_FILE)
+
+ $(LOCAL_POLICY_JAR_LIMITED_UNSIGNED): $(LOCAL_POLICY_JAR_LIMITED_DEPS)
+ ( $(CD) $(LOCAL_POLICY_JAR_LIMITED_TMP) && $(ZIP) -Xr $@ META-INF *.policy )
+
$(LOCAL_POLICY_JAR_UNLIMITED_TMP)/%: $(JDK_TOPDIR)/make/data/cryptopolicy/unlimited/%
$(install-file)
- $(eval $(call SetupArchive,BUILD_LOCAL_POLICY_JAR_LIMITED, \
- $(LOCAL_POLICY_JAR_LIMITED_TMP)/exempt_local.policy \
- $(LOCAL_POLICY_JAR_LIMITED_TMP)/default_local.policy, \
- SRCS := $(LOCAL_POLICY_JAR_LIMITED_TMP), \
- SUFFIXES := .policy, \
- JAR := $(LOCAL_POLICY_JAR_LIMITED_UNSIGNED), \
- EXTRA_MANIFEST_ATTR := Crypto-Strength: limited, \
- SKIP_METAINF := true))
+ $(LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE):
+ $(MKDIR) -p $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/META-INF
+ $(ECHO) "Manifest-Version: 1.0" > $(LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE)
+ $(ECHO) "Crypto-Strength: unlimited" >> $(LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE)
+ $(TOUCH) -t 198001010000 $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/META-INF
+ $(TOUCH) -r $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/META-INF $(LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE)
- $(eval $(call SetupArchive,BUILD_LOCAL_POLICY_JAR_UNLIMITED, \
- $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/default_local.policy, \
- SRCS := $(LOCAL_POLICY_JAR_UNLIMITED_TMP), \
- SUFFIXES := .policy, \
- JAR := $(LOCAL_POLICY_JAR_UNLIMITED_UNSIGNED), \
- EXTRA_MANIFEST_ATTR := Crypto-Strength: unlimited, \
- SKIP_METAINF := true))
+ LOCAL_POLICY_JAR_UNLIMITED_DEPS := $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/default_local.policy \
+ $(LOCAL_POLICY_JAR_UNLIMITED_MANIFEST_FILE)
+
+ $(LOCAL_POLICY_JAR_UNLIMITED_UNSIGNED): $(LOCAL_POLICY_JAR_UNLIMITED_DEPS)
+ ( $(CD) $(LOCAL_POLICY_JAR_UNLIMITED_TMP) && $(ZIP) -Xr $@ META-INF *.policy )
TARGETS += $(LOCAL_POLICY_JAR_LIMITED_UNSIGNED) $(LOCAL_POLICY_JAR_UNLIMITED_UNSIGNED)
diff -r fc14d405b69c -r 26e2e029ee25 make/lib/SecurityLibraries.gmk
--- a/make/lib/SecurityLibraries.gmk Mon Jan 11 17:16:44 2016 +0000
+++ b/make/lib/SecurityLibraries.gmk Wed Jan 27 04:02:27 2016 +0000
@@ -218,8 +218,17 @@
ifeq ($(ENABLE_INTREE_EC), yes)
- BUILD_LIBSUNEC_FLAGS := -I$(JDK_TOPDIR)/src/share/native/sun/security/ec \
+ BUILD_LIBSUNEC_FLAGS := -I$(JDK_TOPDIR)/src/share/native/sun/security/ec
+
+ ifeq ($(USE_EXTERNAL_NSS), true)
+ BUILD_LIBSUNEC_IMPL_DIR :=
+ BUILD_LIBSUNEC_FLAGS += $(NSS_CFLAGS) -DSYSTEM_NSS -DNSS_ENABLE_ECC
+ else
+ BUILD_LIBSUNEC_IMPL_DIR := \
+ $(JDK_TOPDIR)/src/share/native/sun/security/ec/impl
+ BUILD_LIBSUNEC_FLAGS += \
-I$(JDK_TOPDIR)/src/share/native/sun/security/ec/impl
+ endif
#
# On sol-sparc...all libraries are compiled with -xregs=no%appl
@@ -235,8 +244,8 @@
$(eval $(call SetupNativeCompilation,BUILD_LIBSUNEC, \
LIBRARY := sunec, \
OUTPUT_DIR := $(INSTALL_LIBRARIES_HERE), \
- SRC := $(JDK_TOPDIR)/src/share/native/sun/security/ec \
- $(JDK_TOPDIR)/src/share/native/sun/security/ec/impl, \
+ SRC := $(JDK_TOPDIR)/src/share/native/sun/security/ec/ECC_JNI.cpp \
+ $(BUILD_LIBSUNEC_IMPL_DIR), \
LANG := C++, \
OPTIMIZATION := LOW, \
CFLAGS := $(filter-out $(ECC_JNI_SOLSPARC_FILTER), $(CFLAGS_JDKLIB)) \
@@ -248,8 +257,8 @@
LDFLAGS := $(LDFLAGS_JDKLIB) $(LDFLAGS_CXX_JDK), \
LDFLAGS_macosx := $(call SET_SHARED_LIBRARY_ORIGIN), \
LDFLAGS_SUFFIX := $(LIBCXX), \
- LDFLAGS_SUFFIX_linux := -lc, \
- LDFLAGS_SUFFIX_solaris := -lc, \
+ LDFLAGS_SUFFIX_linux := -lc $(NSS_LIBS), \
+ LDFLAGS_SUFFIX_solaris := -lc $(NSS_LIBS), \
VERSIONINFO_RESOURCE := $(JDK_TOPDIR)/src/windows/resource/version.rc, \
RC_FLAGS := $(RC_FLAGS) \
-D "JDK_FNAME=sunec.dll" \
diff -r fc14d405b69c -r 26e2e029ee25 make/mapfiles/libsunec/mapfile-vers
--- a/make/mapfiles/libsunec/mapfile-vers Mon Jan 11 17:16:44 2016 +0000
+++ b/make/mapfiles/libsunec/mapfile-vers Wed Jan 27 04:02:27 2016 +0000
@@ -31,6 +31,8 @@
Java_sun_security_ec_ECDSASignature_signDigest;
Java_sun_security_ec_ECDSASignature_verifySignedDigest;
Java_sun_security_ec_ECDHKeyAgreement_deriveKey;
+ Java_sun_security_ec_SunEC_initialize;
+ Java_sun_security_ec_SunEC_cleanup;
local:
*;
};
diff -r fc14d405b69c -r 26e2e029ee25 src/share/classes/sun/security/ec/SunEC.java
--- a/src/share/classes/sun/security/ec/SunEC.java Mon Jan 11 17:16:44 2016 +0000
+++ b/src/share/classes/sun/security/ec/SunEC.java Wed Jan 27 04:02:27 2016 +0000
@@ -58,6 +58,7 @@
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary("sunec"); // check for native library
+ initialize();
return null;
}
});
@@ -81,4 +82,22 @@
}
}
+ /**
+ * Cleanup native resources during finalisation.
+ */
+ @Override
+ protected void finalize() {
+ cleanup();
+ }
+
+ /**
+ * Initialize the native code.
+ */
+ private static native void initialize();
+
+ /**
+ * Cleanup in the native layer.
+ */
+ private static native void cleanup();
+
}
diff -r fc14d405b69c -r 26e2e029ee25 src/share/native/sun/security/ec/ECC_JNI.cpp
--- a/src/share/native/sun/security/ec/ECC_JNI.cpp Mon Jan 11 17:16:44 2016 +0000
+++ b/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jan 27 04:02:27 2016 +0000
@@ -24,7 +24,7 @@
*/
#include <jni.h>
-#include "impl/ecc_impl.h"
+#include "ecc_impl.h"
#define ILLEGAL_STATE_EXCEPTION "java/lang/IllegalStateException"
#define INVALID_ALGORITHM_PARAMETER_EXCEPTION \
@@ -32,6 +32,13 @@
#define INVALID_PARAMETER_EXCEPTION \
"java/security/InvalidParameterException"
#define KEY_EXCEPTION "java/security/KeyException"
+#define INTERNAL_ERROR "java/lang/InternalError"
+
+#ifdef SYSTEM_NSS
+#define SYSTEM_UNUSED(x) UNUSED(x)
+#else
+#define SYSTEM_UNUSED(x) x
+#endif
extern "C" {
@@ -49,8 +56,13 @@
/*
* Deep free of the ECParams struct
*/
-void FreeECParams(ECParams *ecparams, jboolean freeStruct)
+void FreeECParams(ECParams *ecparams, jboolean SYSTEM_UNUSED(freeStruct))
{
+#ifdef SYSTEM_NSS
+ // Needs to be freed using the matching method to the one
+ // that allocated it. PR_TRUE means the memory is zeroed.
+ PORT_FreeArena(ecparams->arena, PR_TRUE);
+#else
// Use B_FALSE to free the SECItem->data element, but not the SECItem itself
// Use B_TRUE to free both
@@ -64,6 +76,7 @@
SECITEM_FreeItem(&ecparams->curveOID, B_FALSE);
if (freeStruct)
free(ecparams);
+#endif
}
jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
@@ -89,7 +102,7 @@
*/
JNIEXPORT jobjectArray
JNICALL Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair
- (JNIEnv *env, jclass clazz, jint keySize, jbyteArray encodedParams, jbyteArray seed)
+ (JNIEnv *env, jclass UNUSED(clazz), jint UNUSED(keySize), jbyteArray encodedParams, jbyteArray seed)
{
ECPrivateKey *privKey = NULL; // contains both public and private values
ECParams *ecparams = NULL;
@@ -169,10 +182,15 @@
}
if (privKey) {
FreeECParams(&privKey->ecParams, false);
+#ifndef SYSTEM_NSS
+ // The entire ECPrivateKey is allocated in the arena
+ // when using system NSS, so only the in-tree version
+ // needs to clear these manually.
SECITEM_FreeItem(&privKey->version, B_FALSE);
SECITEM_FreeItem(&privKey->privateValue, B_FALSE);
SECITEM_FreeItem(&privKey->publicValue, B_FALSE);
free(privKey);
+#endif
}
if (pSeedBuffer) {
@@ -190,7 +208,7 @@
*/
JNIEXPORT jbyteArray
JNICALL Java_sun_security_ec_ECDSASignature_signDigest
- (JNIEnv *env, jclass clazz, jbyteArray digest, jbyteArray privateKey, jbyteArray encodedParams, jbyteArray seed)
+ (JNIEnv *env, jclass UNUSED(clazz), jbyteArray digest, jbyteArray privateKey, jbyteArray encodedParams, jbyteArray seed)
{
jbyte* pDigestBuffer = NULL;
jint jDigestLength = env->GetArrayLength(digest);
@@ -299,7 +317,7 @@
*/
JNIEXPORT jboolean
JNICALL Java_sun_security_ec_ECDSASignature_verifySignedDigest
- (JNIEnv *env, jclass clazz, jbyteArray signedDigest, jbyteArray digest, jbyteArray publicKey, jbyteArray encodedParams)
+ (JNIEnv *env, jclass UNUSED(clazz), jbyteArray signedDigest, jbyteArray digest, jbyteArray publicKey, jbyteArray encodedParams)
{
jboolean isValid = false;
@@ -356,9 +374,10 @@
cleanup:
{
- if (params_item.data)
+ if (params_item.data) {
env->ReleaseByteArrayElements(encodedParams,
(jbyte *) params_item.data, JNI_ABORT);
+ }
if (pubKey.publicValue.data)
env->ReleaseByteArrayElements(publicKey,
@@ -384,7 +403,7 @@
*/
JNIEXPORT jbyteArray
JNICALL Java_sun_security_ec_ECDHKeyAgreement_deriveKey
- (JNIEnv *env, jclass clazz, jbyteArray privateKey, jbyteArray publicKey, jbyteArray encodedParams)
+ (JNIEnv *env, jclass UNUSED(clazz), jbyteArray privateKey, jbyteArray publicKey, jbyteArray encodedParams)
{
jbyteArray jSecret = NULL;
ECParams *ecparams = NULL;
@@ -460,9 +479,10 @@
env->ReleaseByteArrayElements(publicKey,
(jbyte *) publicValue_item.data, JNI_ABORT);
- if (params_item.data)
+ if (params_item.data) {
env->ReleaseByteArrayElements(encodedParams,
(jbyte *) params_item.data, JNI_ABORT);
+ }
if (ecparams)
FreeECParams(ecparams, true);
@@ -471,4 +491,26 @@
return jSecret;
}
+JNIEXPORT void
+JNICALL Java_sun_security_ec_SunEC_initialize
+ (JNIEnv *env, jclass UNUSED(clazz))
+{
+#ifdef SYSTEM_NSS
+ if (SECOID_Init() != SECSuccess) {
+ ThrowException(env, INTERNAL_ERROR);
+ }
+#endif
+}
+
+JNIEXPORT void
+JNICALL Java_sun_security_ec_SunEC_cleanup
+ (JNIEnv *env, jclass UNUSED(clazz))
+{
+#ifdef SYSTEM_NSS
+ if (SECOID_Shutdown() != SECSuccess) {
+ ThrowException(env, INTERNAL_ERROR);
+ }
+#endif
+}
+
} /* extern "C" */
diff -r fc14d405b69c -r 26e2e029ee25 src/share/native/sun/security/ec/ecc_impl.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/native/sun/security/ec/ecc_impl.h Wed Jan 27 04:02:27 2016 +0000
@@ -0,0 +1,298 @@
+/*
+ * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Use is subject to license terms.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* *********************************************************************
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Dr Vipul Gupta <vipul.gupta at sun.com> and
+ * Douglas Stebila <douglas at stebila.ca>, Sun Microsystems Laboratories
+ *
+ * Last Modified Date from the Original Code: November 2013
+ *********************************************************************** */
+
+#ifndef _ECC_IMPL_H
+#define _ECC_IMPL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <sys/types.h>
+
+#ifdef SYSTEM_NSS
+#include <secitem.h>
+#include <secerr.h>
+#include <keythi.h>
+#ifdef LEGACY_NSS
+#include <softoken.h>
+#else
+#include <blapi.h>
+#endif
+#else
+#include "ecl-exp.h"
+#endif
+
+/*
+ * Multi-platform definitions
+ */
+#ifdef __linux__
+#define B_FALSE FALSE
+#define B_TRUE TRUE
+typedef unsigned char uint8_t;
+typedef unsigned long ulong_t;
+typedef enum { B_FALSE, B_TRUE } boolean_t;
+#endif /* __linux__ */
+
+#ifdef _ALLBSD_SOURCE
+#include <stdint.h>
+#define B_FALSE FALSE
+#define B_TRUE TRUE
+typedef unsigned long ulong_t;
+typedef enum boolean { B_FALSE, B_TRUE } boolean_t;
+#endif /* _ALLBSD_SOURCE */
+
+#ifdef AIX
+#define B_FALSE FALSE
+#define B_TRUE TRUE
+typedef unsigned char uint8_t;
+typedef unsigned long ulong_t;
+#endif /* AIX */
+
+#ifdef _WIN32
+typedef unsigned char uint8_t;
+typedef unsigned long ulong_t;
+typedef enum boolean { B_FALSE, B_TRUE } boolean_t;
+#define strdup _strdup /* Replace POSIX name with ISO C++ name */
+#endif /* _WIN32 */
+
+#ifndef _KERNEL
+#include <stdlib.h>
+#endif /* _KERNEL */
+
+#define EC_MAX_DIGEST_LEN 1024 /* max digest that can be signed */
+#define EC_MAX_POINT_LEN 145 /* max len of DER encoded Q */
+#define EC_MAX_VALUE_LEN 72 /* max len of ANSI X9.62 private value d */
+#define EC_MAX_SIG_LEN 144 /* max signature len for supported curves */
+#define EC_MIN_KEY_LEN 112 /* min key length in bits */
+#define EC_MAX_KEY_LEN 571 /* max key length in bits */
+#define EC_MAX_OID_LEN 10 /* max length of OID buffer */
+
+/*
+ * Various structures and definitions from NSS are here.
+ */
+
+#ifndef SYSTEM_NSS
+#ifdef _KERNEL
+#define PORT_ArenaAlloc(a, n, f) kmem_alloc((n), (f))
+#define PORT_ArenaZAlloc(a, n, f) kmem_zalloc((n), (f))
+#define PORT_ArenaGrow(a, b, c, d) NULL
+#define PORT_ZAlloc(n, f) kmem_zalloc((n), (f))
+#define PORT_Alloc(n, f) kmem_alloc((n), (f))
+#else
+#define PORT_ArenaAlloc(a, n, f) malloc((n))
+#define PORT_ArenaZAlloc(a, n, f) calloc(1, (n))
+#define PORT_ArenaGrow(a, b, c, d) NULL
+#define PORT_ZAlloc(n, f) calloc(1, (n))
+#define PORT_Alloc(n, f) malloc((n))
+#endif
+
+#define PORT_NewArena(b) (char *)12345
+#define PORT_ArenaMark(a) NULL
+#define PORT_ArenaUnmark(a, b)
+#define PORT_ArenaRelease(a, m)
+#define PORT_FreeArena(a, b)
+#define PORT_Strlen(s) strlen((s))
+#define PORT_SetError(e)
+
+#define PRBool boolean_t
+#define PR_TRUE B_TRUE
+#define PR_FALSE B_FALSE
+
+#ifdef _KERNEL
+#define PORT_Assert ASSERT
+#define PORT_Memcpy(t, f, l) bcopy((f), (t), (l))
+#else
+#define PORT_Assert assert
+#define PORT_Memcpy(t, f, l) memcpy((t), (f), (l))
+#endif
+
+#endif
+
+#define CHECK_OK(func) if (func == NULL) goto cleanup
+#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup
+
+#ifndef SYSTEM_NSS
More information about the distro-pkg-dev
mailing list