On 11/18/2010 03:08 PM, Brian Smith wrote: > (Note that this is to: dev-tech-crypto) > > Short Version: We are looking at taking a private patch for one Firefox beta > cycle in mozilla-central to export the MPI functions from FreeBL on all > platforms in our private copy of NSS. Then, we could push the next NSS 3.12 > release to the week after American Thanksgiving instead of the week of > American Thanksgiving. Please let me know if you know of a reason why this > wouldn't work. > > Long Version: I spoke with the Sync team and we don't think there is enough > time to get the NSS J-PAKE implementation completed and reviewed and have the > Sync team redo their prototype on top of it before Fennec code freeze on > Monday. > The Sync team already has a J-PAKE implementation in JavaScript that uses > JS-ctypes to call into MPI, which they have already written and tested on Mac > OS X. Somehow it worked on Mac OS X even though the MPI symbols aren't > supposed to be exported from FreeBL. So, basically the patch is just > exporting those same symbols from FreeBL on other platforms. That's not acceptable. If they don't have anything that works that's deployable if they are still trying to call the NSS mpi library directly.
I'm willing to go way beyond to get the correct solution in, but hacking the freebl .def file is not acceptable. > We wouldn't expect J-PAKE to work on any platforms that repackage Firefox to > use system NSS. And, in Firefox B9 / Fennec B4, we would switch to the > NSS-based implementations and we would back out the patch. Obviously, it is > far from ideal but it seems better than trying to rush a whole new J-PAKE > system over the weekend. > > Based on what the Sync team said, the patch would consist purely of these > additions to the FreeBL .def file: That's not really going to fly upstsream.....;(.. If you need a hack it might be better to statically link with mpi. If you need the .def file to 'get it done in time', you can't really 'get it done in time' because it's not really deployable. We do not support a binary compatible big num library interface, and that's what adding the symbols to freebl is saying. bob > mp_init > mp_clear > mp_set > mp_sub_d > mp_sub > mp_cmp > mp_cmp_d > mp_mod > mp_addmod > mp_submod > mp_mulmod > mp_exptmod > mp_read_raw > mp_raw_size > mp_toraw > mp_read_radix > mp_radix_size > mp_toradix > > and maybe, but hopefully not: > > SHA256_Hash > SHA256_HashBuf > SHA256_NewContext > SHA256_DestroyContext > SHA256_Begin > SHA256_Update > SHA256_End > > Thanks, > Brian
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
