From 121d80b5536541efee703125a3bacfd5fde54a1f Mon Sep 17 00:00:00 2001 From: "J.C. Jones" Date: Wed, 13 Nov 2019 19:44:56 +0000 Subject: [PATCH] Bug 1592007 - land NSS 87f35ba4c82f UPGRADE_NSS_RELEASE, r=keeler 2019-11-13 J.C. Jones * lib/softoken/pkcs11c.c: Bug 1591363 - Fixup double-free of params in nsc_SetupPBEKeyGen r=keeler Caused in commit 7ef8d2604494. [87f35ba4c82f] [tip] 2019-11-07 Makoto Kato * lib/freebl/ctr.c: Bug 1592869 - Use NEON for ctr_xor. r=kjacobs Using NEON for ctr_xor, aes_ctr can improve 30%-40%i decode/encode time on Cortex-A72. [d244c7287908] 2019-11-12 Marcus Burghardt * gtests/pk11_gtest/pk11_pbkdf2_unittest.cc, lib/pk11wrap/pk11pbe.c, lib/pk11wrap/pk11skey.c, lib/softoken/pkcs11c.c: Bug 1591363 - PBKDF2 memory leaks in NSC_GenerateKey. r=jcj A memory leak was reported and confirmed in this bug. However, during the "manual" analysis of the flow, another possible leak was found. I created a patch for both leaks, added gtests for unexpected keySizes and adjusted the general syntax of the gtest file. [7ef8d2604494] 2019-11-11 Tom Prince * automation/taskcluster/graph/src/extend.js, automation/taskcluster/windows/setup.sh: Bug 1594891 - Use tc-proxy for nss tooltool; r=dustin,jcj [c33b214b2ec8] 2019-11-08 Daiki Ueno * gtests/ssl_gtest/ssl_dhe_unittest.cc, gtests/ssl_gtest/ssl_ecdh_unittest.cc, gtests/ssl_gtest/tls_connect.h, lib/ssl/ssl3con.c: Bug 1566131, check policy against hash algorithms used for ServerKeyExchange, r=mt Summary: This adds necessary policy checks in `ssl3_ComputeCommonKeyHash()`, right before calculating hashes. Note that it currently doesn't check MD5 as it still needs to be allowed in TLS 1.1 or earlier and many tests fail if we change that. Reviewers: mt Reviewed By: mt Bug #: 1566131 [c08947c6af57] 2019-11-08 Kai Engert * coreconf/coreconf.dep: Dummy change, trigger a build to test latest NSPR commits. [e766899c72a5] * automation/taskcluster/graph/src/extend.js: Bug 1579836 - Execute NSPR tests as part of NSS continuous integration. r=jcj [46bfbabf7e75] 2019-11-08 Dustin J. Mitchell * automation/taskcluster/graph/npm-shrinkwrap.json, automation/taskcluster/graph/package.json, automation/taskcluster/graph/src/image_builder.js, automation/taskcluster/graph/src/queue.js, automation/taskcluster/scripts/tools.sh, automation/taskcluster/windows/gen_certs.sh, automation/taskcluster/windows/run_tests.sh: Bug 1594891 - Updates to run correctly on the new TC deployment r=jcj * Update the Taskcluster client used in the decision task to one that understands Taskcluster rootUrls. * Update scripts that fetch content to use the TASKCLUSTER_ROOT_URL * the absence of this variale signals an "old" worker so we use an "old" URL [67d630e7cb7c] 2019-11-07 Tom Prince * .taskcluster.yml, automation/taskcluster/graph/src/extend.js, automation/taskcluster/graph/src/queue.js: Bug 1591275: Switch workers to use AWS Provder; r=kjacobs [a2bebaad41dd] 2019-11-06 Daiki Ueno * gtests/pk11_gtest/pk11_module_unittest.cc: Bug 1577803, clang-format, a=bustage [c9014b2892d5] * gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/pkcs11testmodule.cpp, lib/pk11wrap/debug_module.c, lib/pk11wrap/pk11obj.c, lib/pk11wrap/pk11slot.c, lib/pk11wrap/secmodti.h, lib/util/pkcs11t.h: Bug 1577803, pk11wrap: set friendly flag if token implements CKP_PUBLIC_CERTIFICATES_TOKEN, r=rrelyea Summary: This makes NSS look for CKO_PROFILE object at token initialization time to check if it implements the [[ https://docs .oasis-open.org/pkcs11/pkcs11-profiles/v3.0/pkcs11-profiles-v3.0.pdf | Public Certificates Token profile ]] as defined in PKCS #11 v3.0. If it is found, the token is automatically marked as friendly so no authentication attempts will be made when accessing certificates. Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [b39c8eeabe6a] 2019-11-06 Martin Thomson * lib/freebl/blinit.c, lib/freebl/gcm-ppc.c: Bug 1566126 - clang-format, a=bustage [6125200fbc88] 2019-11-06 Lauri Kasanen * lib/freebl/Makefile, lib/freebl/altivec-types.h, lib/freebl/blapii.h, lib/freebl/blinit.c, lib/freebl/freebl.gyp, lib/freebl/gcm-ppc.c, lib/freebl/gcm.c, lib/freebl/gcm.h: Bug 1566126 - freebl: POWER GHASH Vector Acceleration, r=mt Implementation for POWER8 adapted from the ARM paper: https://conradoplg.cryptoland.net/files/2010/12/gcm14.pdf Benchmark of `bltest -E -m aes_gcm -i tests/aes_gcm/plaintext10 \ -v tests/aes_gcm/iv10 -k tests/aes_gcm/key10 -5 10` on POWER8 3.3GHz. NSS_DISABLE_HW_CRYPTO=1 mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 309Mb 192 5M 0 0.000 10000.000 10.001 30Mb mode in symmkey opreps cxreps context op time(sec) thrgput aes_gcm_e 829Mb 192 14M 0 0.000 10000.000 10.001 82Mb Notable operf results, sw: samples % image name symbol name 226033 59.3991 libfreeblpriv3.so bmul 80606 21.1824 libfreeblpriv3.so rijndael_encryptBlock128 28851 7.5817 libfreeblpriv3.so gcm_HashMult_sftw hw: 213899 56.2037 libfreeblpriv3.so rijndael_encryptBlock128 45233 11.8853 libfreeblpriv3.so gcm_HashMult_hw So the ghash part is ~5.6x faster. Signed-off-by: Lauri Kasanen [3d7e509d6d20] 2019-11-05 Marcus Burghardt * lib/certdb/certdb.c, lib/util/secport.h: Bug 1589073 - Use of new PR_ASSERT_ARG in certdb.c. r=mt Bug 1588015 introduced in NSPR a new way to ASSERT values where the arguments are always used avoiding "unused variable" errors. This was implemented in NSS, at certdb.c. [73c28cad3dbb] 2019-11-05 Daiki Ueno * cpputil/nss_scoped_ptrs.h, gtests/manifest.mn, gtests/pk11_gtest/manifest.mn, gtests/pk11_gtest/pk11_gtest.gyp, gtests/pk11_gtest/pk11_module_unittest.cc, gtests/pkcs11testmodule/Makefile, gtests/pkcs11testmodule/config.mk, gtests/pkcs11testmodule/manifest.mn, gtests/pkcs11testmodule/pkcs11testmodule.cpp, gtests/pkcs11testmodule/pkcs11testmodule.def, gtests/pkcs11testmodule/pkcs11testmodule.gyp, gtests/pkcs11testmodule/pkcs11testmodule.rc, nss.gyp: Bug 1577803, gtests: import pkcs11testmodule from Firefox, r=rrelyea Summary: This adds a mock PKCS #11 module from Firefox and add basic tests around it. This is needed for proper testing of PKCS #11 v3.0 profile objects (D45669). Reviewers: rrelyea Reviewed By: rrelyea Subscribers: reviewbot Bug #: 1577803 [0a86945adf74] Differential Revision: https://phabricator.services.mozilla.com/D52779 --HG-- extra : moz-landing-system : lando --- security/nss/.taskcluster.yml | 5 +- security/nss/TAG-INFO | 2 +- .../taskcluster/graph/npm-shrinkwrap.json | 1486 ++++++++--------- .../automation/taskcluster/graph/package.json | 2 +- .../taskcluster/graph/src/extend.js | 15 +- .../taskcluster/graph/src/image_builder.js | 4 +- .../automation/taskcluster/graph/src/queue.js | 6 +- .../automation/taskcluster/scripts/tools.sh | 6 +- .../taskcluster/windows/gen_certs.sh | 8 +- .../taskcluster/windows/run_tests.sh | 8 +- .../automation/taskcluster/windows/setup.sh | 4 +- security/nss/coreconf/coreconf.dep | 1 - security/nss/cpputil/nss_scoped_ptrs.h | 2 + security/nss/gtests/manifest.mn | 1 + security/nss/gtests/pk11_gtest/manifest.mn | 3 + security/nss/gtests/pk11_gtest/pk11_gtest.gyp | 7 + .../gtests/pk11_gtest/pk11_module_unittest.cc | 84 + .../gtests/pk11_gtest/pk11_pbkdf2_unittest.cc | 94 +- security/nss/gtests/pkcs11testmodule/Makefile | 45 + .../nss/gtests/pkcs11testmodule/config.mk | 16 + .../nss/gtests/pkcs11testmodule/manifest.mn | 22 + .../pkcs11testmodule/pkcs11testmodule.cpp | 658 ++++++++ .../pkcs11testmodule/pkcs11testmodule.def | 8 + .../pkcs11testmodule/pkcs11testmodule.gyp | 25 + .../pkcs11testmodule/pkcs11testmodule.rc | 60 + .../nss/gtests/ssl_gtest/ssl_dhe_unittest.cc | 96 ++ .../nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc | 74 + security/nss/gtests/ssl_gtest/tls_connect.h | 2 +- security/nss/lib/certdb/certdb.c | 12 +- security/nss/lib/freebl/Makefile | 5 + security/nss/lib/freebl/altivec-types.h | 23 + security/nss/lib/freebl/blapii.h | 1 + security/nss/lib/freebl/blinit.c | 29 + security/nss/lib/freebl/ctr.c | 13 + security/nss/lib/freebl/freebl.gyp | 28 + security/nss/lib/freebl/gcm-ppc.c | 109 ++ security/nss/lib/freebl/gcm.c | 6 +- security/nss/lib/freebl/gcm.h | 24 + security/nss/lib/pk11wrap/debug_module.c | 31 + security/nss/lib/pk11wrap/pk11obj.c | 26 +- security/nss/lib/pk11wrap/pk11pbe.c | 6 +- security/nss/lib/pk11wrap/pk11skey.c | 7 +- security/nss/lib/pk11wrap/pk11slot.c | 81 + security/nss/lib/pk11wrap/secmodti.h | 2 + security/nss/lib/softoken/pkcs11c.c | 9 +- security/nss/lib/ssl/ssl3con.c | 11 + security/nss/lib/util/pkcs11t.h | 15 + security/nss/lib/util/secport.h | 5 + security/nss/nss.gyp | 1 + 49 files changed, 2332 insertions(+), 856 deletions(-) create mode 100644 security/nss/gtests/pk11_gtest/pk11_module_unittest.cc create mode 100644 security/nss/gtests/pkcs11testmodule/Makefile create mode 100644 security/nss/gtests/pkcs11testmodule/config.mk create mode 100644 security/nss/gtests/pkcs11testmodule/manifest.mn create mode 100644 security/nss/gtests/pkcs11testmodule/pkcs11testmodule.cpp create mode 100644 security/nss/gtests/pkcs11testmodule/pkcs11testmodule.def create mode 100644 security/nss/gtests/pkcs11testmodule/pkcs11testmodule.gyp create mode 100644 security/nss/gtests/pkcs11testmodule/pkcs11testmodule.rc create mode 100644 security/nss/lib/freebl/altivec-types.h create mode 100644 security/nss/lib/freebl/gcm-ppc.c diff --git a/security/nss/.taskcluster.yml b/security/nss/.taskcluster.yml index 05bade9656e8a..0cc9e363e61df 100644 --- a/security/nss/.taskcluster.yml +++ b/security/nss/.taskcluster.yml @@ -38,8 +38,8 @@ tasks: description: | The task that creates all of the other tasks in the task graph - workerType: "hg-worker" - provisionerId: "aws-provisioner-v1" + workerType: "linux" + provisionerId: "nss-${repository.level}" scopes: - 'assume:repo:${repoUrl[8:]}:branch:default' @@ -59,6 +59,7 @@ tasks: TC_SOURCE: "${repository.url}" TC_PROJECT: ${repository.project} TC_SCHEDULER_ID: "${schedulerId}" + MOZ_SCM_LEVEL: "${repository.level}" NSS_PUSHLOG_ID: '${push.pushlog_id}' NSS_HEAD_REPOSITORY: '${repository.url}' NSS_HEAD_REVISION: '${push.revision}' diff --git a/security/nss/TAG-INFO b/security/nss/TAG-INFO index 93ea4feba740f..b5e7b76dcbc9b 100644 --- a/security/nss/TAG-INFO +++ b/security/nss/TAG-INFO @@ -1 +1 @@ -dc9552c2aa77 \ No newline at end of file +87f35ba4c82f \ No newline at end of file diff --git a/security/nss/automation/taskcluster/graph/npm-shrinkwrap.json b/security/nss/automation/taskcluster/graph/npm-shrinkwrap.json index b5d4ddc53eb76..70718432bc37e 100644 --- a/security/nss/automation/taskcluster/graph/npm-shrinkwrap.json +++ b/security/nss/automation/taskcluster/graph/npm-shrinkwrap.json @@ -4,35 +4,6 @@ "lockfileVersion": 1, "requires": true, "dependencies": { - "amqplib": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/amqplib/-/amqplib-0.4.2.tgz", - "integrity": "sha1-XkoqkUzLMSX5y5H22gfJeqTLE6Y=", - "requires": { - "bitsyntax": "~0.0.4", - "buffer-more-ints": "0.0.2", - "readable-stream": "1.x >=1.1.9", - "when": "~3.6.2" - }, - "dependencies": { - "isarray": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" - }, - "readable-stream": { - "version": "1.1.14", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz", - "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "0.0.1", - "string_decoder": "~0.10.x" - } - } - } - }, "ansi-regex": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", @@ -49,8 +20,8 @@ "integrity": "sha1-o+Uvo5FoyCX/V7AkgSbOWo/5VQc=", "optional": true, "requires": { - "arrify": "^1.0.0", - "micromatch": "^2.1.5" + "arrify": "1.0.1", + "micromatch": "2.3.11" } }, "argparse": { @@ -58,7 +29,7 @@ "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.9.tgz", "integrity": "sha1-c9g7wmP4bpf4zE9rrhsOkKfSLIY=", "requires": { - "sprintf-js": "~1.0.2" + "sprintf-js": "1.0.3" } }, "arr-diff": { @@ -67,7 +38,7 @@ "integrity": "sha1-jzuCf5Vai9ZpaX5KQlasPOrjVs8=", "optional": true, "requires": { - "arr-flatten": "^1.0.1" + "arr-flatten": "1.0.1" } }, "arr-flatten": { @@ -98,11 +69,6 @@ "integrity": "sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0=", "optional": true }, - "asap": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/asap/-/asap-1.0.0.tgz", - "integrity": "sha1-sqRdpf36ILBJb8N2jMJ8EvqRan0=" - }, "asn1": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz", @@ -118,7 +84,7 @@ "resolved": "https://registry.npmjs.org/async/-/async-2.1.1.tgz", "integrity": "sha1-4RttEAQ/IlTvthohFj2EDM3bjSg=", "requires": { - "lodash": "^4.14.0" + "lodash": "4.16.4" } }, "async-each": { @@ -142,31 +108,46 @@ "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.5.0.tgz", "integrity": "sha1-Cin/t5wxyecS7rCH6OemS0pW11U=" }, + "b64": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/b64/-/b64-4.1.2.tgz", + "integrity": "sha512-+GUspBxlH3CJaxMUGUE1EBoWM6RKgWiYwUDal0qdf8m3ArnXNN1KzKVo5HOnE/FSq4HHyWf3TlHLsZI8PKQgrQ==", + "requires": { + "hoek": "6.1.3" + }, + "dependencies": { + "hoek": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/hoek/-/hoek-6.1.3.tgz", + "integrity": "sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ==" + } + } + }, "babel-cli": { "version": "6.16.0", "resolved": "https://registry.npmjs.org/babel-cli/-/babel-cli-6.16.0.tgz", "integrity": "sha1-Tg0c9ARC73gzD3/viOs6ChsWvTc=", "requires": { - "babel-core": "^6.16.0", - "babel-polyfill": "^6.16.0", - "babel-register": "^6.16.0", - "babel-runtime": "^6.9.0", - "bin-version-check": "^2.1.0", + "babel-core": "6.17.0", + "babel-polyfill": "6.16.0", + "babel-register": "6.16.3", + "babel-runtime": "6.11.6", + "bin-version-check": "2.1.0", "chalk": "1.1.1", - "chokidar": "^1.0.0", - "commander": "^2.8.1", - "convert-source-map": "^1.1.0", - "fs-readdir-recursive": "^0.1.0", - "glob": "^5.0.5", - "lodash": "^4.2.0", - "log-symbols": "^1.0.2", - "output-file-sync": "^1.1.0", - "path-exists": "^1.0.0", - "path-is-absolute": "^1.0.0", - "request": "^2.65.0", - "slash": "^1.0.0", - "source-map": "^0.5.0", - "v8flags": "^2.0.10" + "chokidar": "1.6.0", + "commander": "2.9.0", + "convert-source-map": "1.3.0", + "fs-readdir-recursive": "0.1.2", + "glob": "5.0.15", + "lodash": "4.16.4", + "log-symbols": "1.0.2", + "output-file-sync": "1.1.2", + "path-exists": "1.0.0", + "path-is-absolute": "1.0.1", + "request": "2.75.0", + "slash": "1.0.0", + "source-map": "0.5.6", + "v8flags": "2.0.11" } }, "babel-code-frame": { @@ -174,9 +155,9 @@ "resolved": "https://registry.npmjs.org/babel-code-frame/-/babel-code-frame-6.16.0.tgz", "integrity": "sha1-+Q5g2ghikJ084JhzO105h8l8uN4=", "requires": { - "chalk": "^1.1.0", - "esutils": "^2.0.2", - "js-tokens": "^2.0.0" + "chalk": "1.1.1", + "esutils": "2.0.2", + "js-tokens": "2.0.0" } }, "babel-compile": { @@ -184,12 +165,12 @@ "resolved": "https://registry.npmjs.org/babel-compile/-/babel-compile-2.0.0.tgz", "integrity": "sha1-JwRg2Fzah1iqXGMWWzZaa8RMmXY=", "requires": { - "babel-core": "^6.7.0", - "commander": "^2.8.1", + "babel-core": "6.17.0", + "commander": "2.9.0", "fs-walk": "0.0.1", - "lodash": "^4.11.1", - "mkdirp": "^0.5.1", - "rimraf": "^2.4.3" + "lodash": "4.16.4", + "mkdirp": "0.5.1", + "rimraf": "2.5.4" } }, "babel-core": { @@ -197,27 +178,27 @@ "resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.17.0.tgz", "integrity": "sha1-bEV2RH30eeJB5YyAfkvH2k239CU=", "requires": { - "babel-code-frame": "^6.16.0", - "babel-generator": "^6.17.0", - "babel-helpers": "^6.16.0", - "babel-messages": "^6.8.0", - "babel-register": "^6.16.0", - "babel-runtime": "^6.9.1", - "babel-template": "^6.16.0", - "babel-traverse": "^6.16.0", - "babel-types": "^6.16.0", - "babylon": "^6.11.0", - "convert-source-map": "^1.1.0", - "debug": "^2.1.1", - "json5": "^0.4.0", - "lodash": "^4.2.0", - "minimatch": "^3.0.2", - "path-exists": "^1.0.0", - "path-is-absolute": "^1.0.0", - "private": "^0.1.6", - "shebang-regex": "^1.0.0", - "slash": "^1.0.0", - "source-map": "^0.5.0" + "babel-code-frame": "6.16.0", + "babel-generator": "6.17.0", + "babel-helpers": "6.16.0", + "babel-messages": "6.8.0", + "babel-register": "6.16.3", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0", + "babylon": "6.11.6", + "convert-source-map": "1.3.0", + "debug": "2.2.0", + "json5": "0.4.0", + "lodash": "4.16.4", + "minimatch": "3.0.3", + "path-exists": "1.0.0", + "path-is-absolute": "1.0.1", + "private": "0.1.6", + "shebang-regex": "1.0.0", + "slash": "1.0.0", + "source-map": "0.5.6" } }, "babel-generator": { @@ -225,13 +206,13 @@ "resolved": "https://registry.npmjs.org/babel-generator/-/babel-generator-6.17.0.tgz", "integrity": "sha1-uJTjgIvu94APJVBjW/4CS2ImzzM=", "requires": { - "babel-messages": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-types": "^6.16.0", - "detect-indent": "^3.0.1", - "jsesc": "^1.3.0", - "lodash": "^4.2.0", - "source-map": "^0.5.0" + "babel-messages": "6.8.0", + "babel-runtime": "6.11.6", + "babel-types": "6.16.0", + "detect-indent": "3.0.1", + "jsesc": "1.3.0", + "lodash": "4.16.4", + "source-map": "0.5.6" } }, "babel-helper-call-delegate": { @@ -239,10 +220,10 @@ "resolved": "https://registry.npmjs.org/babel-helper-call-delegate/-/babel-helper-call-delegate-6.8.0.tgz", "integrity": "sha1-nSg+dIZ3m2sEgYZKEbNx6lwB+mQ=", "requires": { - "babel-helper-hoist-variables": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-traverse": "^6.8.0", - "babel-types": "^6.8.0" + "babel-helper-hoist-variables": "6.8.0", + "babel-runtime": "6.11.6", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-helper-define-map": { @@ -250,10 +231,10 @@ "resolved": "https://registry.npmjs.org/babel-helper-define-map/-/babel-helper-define-map-6.9.0.tgz", "integrity": "sha1-Zin5sqfljhjoN5pX0eb7spaZAvs=", "requires": { - "babel-helper-function-name": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-types": "^6.9.0", - "lodash": "^4.2.0" + "babel-helper-function-name": "6.8.0", + "babel-runtime": "6.11.6", + "babel-types": "6.16.0", + "lodash": "4.16.4" } }, "babel-helper-function-name": { @@ -261,11 +242,11 @@ "resolved": "https://registry.npmjs.org/babel-helper-function-name/-/babel-helper-function-name-6.8.0.tgz", "integrity": "sha1-oDNroUUmoHXN9QL8UtP+hLEvejQ=", "requires": { - "babel-helper-get-function-arity": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.8.0", - "babel-traverse": "^6.8.0", - "babel-types": "^6.8.0" + "babel-helper-get-function-arity": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-helper-get-function-arity": { @@ -273,8 +254,8 @@ "resolved": "https://registry.npmjs.org/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.8.0.tgz", "integrity": "sha1-iCdsJL0lHN9vYbb4n3RfSGztkq8=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-helper-hoist-variables": { @@ -282,8 +263,8 @@ "resolved": "https://registry.npmjs.org/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.8.0.tgz", "integrity": "sha1-iwdm3AJuqepCO8KzTmZaTac3Oq8=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-helper-optimise-call-expression": { @@ -291,8 +272,8 @@ "resolved": "https://registry.npmjs.org/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.8.0.tgz", "integrity": "sha1-QXVijpyJ/DYXSQTycHDynThWfwY=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-helper-regex": { @@ -300,9 +281,9 @@ "resolved": "https://registry.npmjs.org/babel-helper-regex/-/babel-helper-regex-6.9.0.tgz", "integrity": "sha1-x0Jl/eGA/5oWc1/uBeY8rbngsFc=", "requires": { - "babel-runtime": "^6.9.0", - "babel-types": "^6.9.0", - "lodash": "^4.2.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0", + "lodash": "4.16.4" } }, "babel-helper-remap-async-to-generator": { @@ -310,11 +291,11 @@ "resolved": "https://registry.npmjs.org/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.16.2.tgz", "integrity": "sha1-JDFb3oMmxgAi3AU8zoTP441yS4I=", "requires": { - "babel-helper-function-name": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.16.0", - "babel-traverse": "^6.16.0", - "babel-types": "^6.16.0" + "babel-helper-function-name": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-helper-replace-supers": { @@ -322,12 +303,12 @@ "resolved": "https://registry.npmjs.org/babel-helper-replace-supers/-/babel-helper-replace-supers-6.16.0.tgz", "integrity": "sha1-Icl2I8x+QwhVdT8lJ0ASJiajnms=", "requires": { - "babel-helper-optimise-call-expression": "^6.8.0", - "babel-messages": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.16.0", - "babel-traverse": "^6.16.0", - "babel-types": "^6.16.0" + "babel-helper-optimise-call-expression": "6.8.0", + "babel-messages": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-helpers": { @@ -335,8 +316,8 @@ "resolved": "https://registry.npmjs.org/babel-helpers/-/babel-helpers-6.16.0.tgz", "integrity": "sha1-EJXsENmSeUYFU+Z+s+7plz04Z+M=", "requires": { - "babel-runtime": "^6.0.0", - "babel-template": "^6.16.0" + "babel-runtime": "6.11.6", + "babel-template": "6.16.0" } }, "babel-messages": { @@ -344,7 +325,7 @@ "resolved": "https://registry.npmjs.org/babel-messages/-/babel-messages-6.8.0.tgz", "integrity": "sha1-v1BHNsqWfm1l7wrbWipflHyODrk=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-check-es2015-constants": { @@ -352,7 +333,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz", "integrity": "sha1-2/Akwy7Te/2o3uHnbaAjhqjSb+c=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-syntax-async-functions": { @@ -365,9 +346,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz", "integrity": "sha1-Gew2yxSGtZ+fRorfpCzhOQjKKZk=", "requires": { - "babel-helper-remap-async-to-generator": "^6.16.0", - "babel-plugin-syntax-async-functions": "^6.8.0", - "babel-runtime": "^6.0.0" + "babel-helper-remap-async-to-generator": "6.16.2", + "babel-plugin-syntax-async-functions": "6.13.0", + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-arrow-functions": { @@ -375,7 +356,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz", "integrity": "sha1-W2Ovwxgb3JqMTUgbWk8/fX/vPZ0=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-block-scoped-functions": { @@ -383,7 +364,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz", "integrity": "sha1-7ZXWKcS1pxriloK5mPcNmDPrNm0=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-block-scoping": { @@ -391,11 +372,11 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.15.0.tgz", "integrity": "sha1-W0Q8oUK+jR22qMKuQvUZWLZrcPY=", "requires": { - "babel-runtime": "^6.9.0", - "babel-template": "^6.15.0", - "babel-traverse": "^6.15.0", - "babel-types": "^6.15.0", - "lodash": "^4.2.0" + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0", + "lodash": "4.16.4" } }, "babel-plugin-transform-es2015-classes": { @@ -403,15 +384,15 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.14.0.tgz", "integrity": "sha1-h9UUnukftHWSJAn5r1srpdHjkoc=", "requires": { - "babel-helper-define-map": "^6.9.0", - "babel-helper-function-name": "^6.8.0", - "babel-helper-optimise-call-expression": "^6.8.0", - "babel-helper-replace-supers": "^6.14.0", - "babel-messages": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-template": "^6.14.0", - "babel-traverse": "^6.14.0", - "babel-types": "^6.14.0" + "babel-helper-define-map": "6.9.0", + "babel-helper-function-name": "6.8.0", + "babel-helper-optimise-call-expression": "6.8.0", + "babel-helper-replace-supers": "6.16.0", + "babel-messages": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-computed-properties": { @@ -419,9 +400,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz", "integrity": "sha1-9RAQ/WGzvXtrYKX9/TB7t6UnmHA=", "requires": { - "babel-helper-define-map": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.8.0" + "babel-helper-define-map": "6.9.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0" } }, "babel-plugin-transform-es2015-destructuring": { @@ -429,7 +410,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.16.0.tgz", "integrity": "sha1-BQ/ghm9dU7NgYu4QzfW/5k+Slic=", "requires": { - "babel-runtime": "^6.9.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-duplicate-keys": { @@ -437,8 +418,8 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz", "integrity": "sha1-/Y9/cXH8EIzBxwwxZLnxWoHCX30=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-for-of": { @@ -446,7 +427,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.8.0.tgz", "integrity": "sha1-gu2hObpCcN2hNcPsGx8oE/pi8jw=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-function-name": { @@ -454,9 +435,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz", "integrity": "sha1-jBNbF9vQZOW7pW7FEbqu4vyoJxk=", "requires": { - "babel-helper-function-name": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-types": "^6.9.0" + "babel-helper-function-name": "6.8.0", + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-literals": { @@ -464,7 +445,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz", "integrity": "sha1-UKouXHlY/CqyXXTsEX4MyY8EZGg=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-modules-amd": { @@ -472,9 +453,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.8.0.tgz", "integrity": "sha1-JdlUqgvwQDH8RtKo5iMLsau95KM=", "requires": { - "babel-plugin-transform-es2015-modules-commonjs": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.8.0" + "babel-plugin-transform-es2015-modules-commonjs": "6.16.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0" } }, "babel-plugin-transform-es2015-modules-commonjs": { @@ -482,10 +463,10 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.16.0.tgz", "integrity": "sha1-CjS0R7yIrRpwmIttGZzKbQuWyJI=", "requires": { - "babel-plugin-transform-strict-mode": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.16.0", - "babel-types": "^6.16.0" + "babel-plugin-transform-strict-mode": "6.11.3", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-modules-systemjs": { @@ -493,9 +474,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.14.0.tgz", "integrity": "sha1-xRm1xz4yOI5nnJse30Gy/CPcMwM=", "requires": { - "babel-helper-hoist-variables": "^6.8.0", - "babel-runtime": "^6.11.6", - "babel-template": "^6.14.0" + "babel-helper-hoist-variables": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0" } }, "babel-plugin-transform-es2015-modules-umd": { @@ -503,9 +484,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.12.0.tgz", "integrity": "sha1-XXNVnrSSZnde0oHEC+iKQhvTcaM=", "requires": { - "babel-plugin-transform-es2015-modules-amd": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-template": "^6.8.0" + "babel-plugin-transform-es2015-modules-amd": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0" } }, "babel-plugin-transform-es2015-object-super": { @@ -513,8 +494,8 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz", "integrity": "sha1-G4WHQKWkQAiHwj3P9vTVbupKJMU=", "requires": { - "babel-helper-replace-supers": "^6.8.0", - "babel-runtime": "^6.0.0" + "babel-helper-replace-supers": "6.16.0", + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-parameters": { @@ -522,12 +503,12 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.17.0.tgz", "integrity": "sha1-4G0wzviX9GrbRzRwe74Sig1CfVg=", "requires": { - "babel-helper-call-delegate": "^6.8.0", - "babel-helper-get-function-arity": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-template": "^6.16.0", - "babel-traverse": "^6.16.0", - "babel-types": "^6.16.0" + "babel-helper-call-delegate": "6.8.0", + "babel-helper-get-function-arity": "6.8.0", + "babel-runtime": "6.11.6", + "babel-template": "6.16.0", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-shorthand-properties": { @@ -535,8 +516,8 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.8.0.tgz", "integrity": "sha1-8KTF/UcWMKzzM8LZnD1ne/CVIUk=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-spread": { @@ -544,7 +525,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz", "integrity": "sha1-Ahf3N+O4IfpaZp8YfG7VkgXwXpw=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-sticky-regex": { @@ -552,9 +533,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz", "integrity": "sha1-5z0wCkQKNdXGT1wqNE3CNuPfR74=", "requires": { - "babel-helper-regex": "^6.8.0", - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-helper-regex": "6.9.0", + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-plugin-transform-es2015-template-literals": { @@ -562,7 +543,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz", "integrity": "sha1-huuHbQosY12k7ASLT33p38iX5ms=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-typeof-symbol": { @@ -570,7 +551,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.8.0.tgz", "integrity": "sha1-hMKesSGTckgJVaAg/vemXETzBTM=", "requires": { - "babel-runtime": "^6.0.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-es2015-unicode-regex": { @@ -578,9 +559,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz", "integrity": "sha1-YpjOq6rYjVCj9POS2N6ZcmD27yw=", "requires": { - "babel-helper-regex": "^6.8.0", - "babel-runtime": "^6.0.0", - "regexpu-core": "^2.0.0" + "babel-helper-regex": "6.9.0", + "babel-runtime": "6.11.6", + "regexpu-core": "2.0.0" } }, "babel-plugin-transform-regenerator": { @@ -588,9 +569,9 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz", "integrity": "sha1-p13msEihQVSq4UsBInVsW+05L1k=", "requires": { - "babel-runtime": "^6.9.0", - "babel-types": "^6.16.0", - "private": "~0.1.5" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0", + "private": "0.1.6" } }, "babel-plugin-transform-runtime": { @@ -598,7 +579,7 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-runtime/-/babel-plugin-transform-runtime-6.15.0.tgz", "integrity": "sha1-PXW02Umtga8VdXAnOEb7Wa6w1Xw=", "requires": { - "babel-runtime": "^6.9.0" + "babel-runtime": "6.11.6" } }, "babel-plugin-transform-strict-mode": { @@ -606,8 +587,8 @@ "resolved": "https://registry.npmjs.org/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.11.3.tgz", "integrity": "sha1-GDdBMlEmvH7Jz0wPwlfT58pa/UA=", "requires": { - "babel-runtime": "^6.0.0", - "babel-types": "^6.8.0" + "babel-runtime": "6.11.6", + "babel-types": "6.16.0" } }, "babel-polyfill": { @@ -615,9 +596,9 @@ "resolved": "https://registry.npmjs.org/babel-polyfill/-/babel-polyfill-6.16.0.tgz", "integrity": "sha1-LUUCHfh+JqN0ttTRqcZZZNF/JCI=", "requires": { - "babel-runtime": "^6.9.1", - "core-js": "^2.4.0", - "regenerator-runtime": "^0.9.5" + "babel-runtime": "6.11.6", + "core-js": "2.4.1", + "regenerator-runtime": "0.9.5" } }, "babel-preset-es2015": { @@ -625,30 +606,30 @@ "resolved": "https://registry.npmjs.org/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz", "integrity": "sha1-Wazs0e++uvSPiUBIQPL+eMTSrVw=", "requires": { - "babel-plugin-check-es2015-constants": "^6.3.13", - "babel-plugin-transform-es2015-arrow-functions": "^6.3.13", - "babel-plugin-transform-es2015-block-scoped-functions": "^6.3.13", - "babel-plugin-transform-es2015-block-scoping": "^6.14.0", - "babel-plugin-transform-es2015-classes": "^6.14.0", - "babel-plugin-transform-es2015-computed-properties": "^6.3.13", - "babel-plugin-transform-es2015-destructuring": "^6.16.0", - "babel-plugin-transform-es2015-duplicate-keys": "^6.6.0", - "babel-plugin-transform-es2015-for-of": "^6.6.0", - "babel-plugin-transform-es2015-function-name": "^6.9.0", - "babel-plugin-transform-es2015-literals": "^6.3.13", - "babel-plugin-transform-es2015-modules-amd": "^6.8.0", - "babel-plugin-transform-es2015-modules-commonjs": "^6.16.0", - "babel-plugin-transform-es2015-modules-systemjs": "^6.14.0", - "babel-plugin-transform-es2015-modules-umd": "^6.12.0", - "babel-plugin-transform-es2015-object-super": "^6.3.13", - "babel-plugin-transform-es2015-parameters": "^6.16.0", - "babel-plugin-transform-es2015-shorthand-properties": "^6.3.13", - "babel-plugin-transform-es2015-spread": "^6.3.13", - "babel-plugin-transform-es2015-sticky-regex": "^6.3.13", - "babel-plugin-transform-es2015-template-literals": "^6.6.0", - "babel-plugin-transform-es2015-typeof-symbol": "^6.6.0", - "babel-plugin-transform-es2015-unicode-regex": "^6.3.13", - "babel-plugin-transform-regenerator": "^6.16.0" + "babel-plugin-check-es2015-constants": "6.8.0", + "babel-plugin-transform-es2015-arrow-functions": "6.8.0", + "babel-plugin-transform-es2015-block-scoped-functions": "6.8.0", + "babel-plugin-transform-es2015-block-scoping": "6.15.0", + "babel-plugin-transform-es2015-classes": "6.14.0", + "babel-plugin-transform-es2015-computed-properties": "6.8.0", + "babel-plugin-transform-es2015-destructuring": "6.16.0", + "babel-plugin-transform-es2015-duplicate-keys": "6.8.0", + "babel-plugin-transform-es2015-for-of": "6.8.0", + "babel-plugin-transform-es2015-function-name": "6.9.0", + "babel-plugin-transform-es2015-literals": "6.8.0", + "babel-plugin-transform-es2015-modules-amd": "6.8.0", + "babel-plugin-transform-es2015-modules-commonjs": "6.16.0", + "babel-plugin-transform-es2015-modules-systemjs": "6.14.0", + "babel-plugin-transform-es2015-modules-umd": "6.12.0", + "babel-plugin-transform-es2015-object-super": "6.8.0", + "babel-plugin-transform-es2015-parameters": "6.17.0", + "babel-plugin-transform-es2015-shorthand-properties": "6.8.0", + "babel-plugin-transform-es2015-spread": "6.8.0", + "babel-plugin-transform-es2015-sticky-regex": "6.8.0", + "babel-plugin-transform-es2015-template-literals": "6.8.0", + "babel-plugin-transform-es2015-typeof-symbol": "6.8.0", + "babel-plugin-transform-es2015-unicode-regex": "6.11.0", + "babel-plugin-transform-regenerator": "6.16.1" } }, "babel-preset-taskcluster": { @@ -656,12 +637,12 @@ "resolved": "https://registry.npmjs.org/babel-preset-taskcluster/-/babel-preset-taskcluster-3.0.0.tgz", "integrity": "sha1-QEfdaJJzFmGkjgRVHMBazTp3TFc=", "requires": { - "babel-plugin-syntax-async-functions": "^6.8.0", - "babel-plugin-transform-async-to-generator": "^6.8.0", - "babel-plugin-transform-runtime": "^6.9.0", - "babel-plugin-transform-strict-mode": "^6.8.0", - "babel-preset-es2015": "^6.9.0", - "babel-runtime": "^6.9.2" + "babel-plugin-syntax-async-functions": "6.13.0", + "babel-plugin-transform-async-to-generator": "6.16.0", + "babel-plugin-transform-runtime": "6.15.0", + "babel-plugin-transform-strict-mode": "6.11.3", + "babel-preset-es2015": "6.16.0", + "babel-runtime": "6.11.6" } }, "babel-register": { @@ -669,14 +650,14 @@ "resolved": "https://registry.npmjs.org/babel-register/-/babel-register-6.16.3.tgz", "integrity": "sha1-ewwMp7/euRiLpMJ+X8t1maSXxiQ=", "requires": { - "babel-core": "^6.16.0", - "babel-runtime": "^6.11.6", - "core-js": "^2.4.0", - "home-or-tmp": "^1.0.0", - "lodash": "^4.2.0", - "mkdirp": "^0.5.1", - "path-exists": "^1.0.0", - "source-map-support": "^0.4.2" + "babel-core": "6.17.0", + "babel-runtime": "6.11.6", + "core-js": "2.4.1", + "home-or-tmp": "1.0.0", + "lodash": "4.16.4", + "mkdirp": "0.5.1", + "path-exists": "1.0.0", + "source-map-support": "0.4.3" } }, "babel-runtime": { @@ -684,8 +665,8 @@ "resolved": "https://registry.npmjs.org/babel-runtime/-/babel-runtime-6.11.6.tgz", "integrity": "sha1-bbcH/vLUnEm/o8tk79tDa1GLgiI=", "requires": { - "core-js": "^2.4.0", - "regenerator-runtime": "^0.9.5" + "core-js": "2.4.1", + "regenerator-runtime": "0.9.5" } }, "babel-template": { @@ -693,11 +674,11 @@ "resolved": "https://registry.npmjs.org/babel-template/-/babel-template-6.16.0.tgz", "integrity": "sha1-4UndGp8Do1+BfdvE0EgZiOfryMo=", "requires": { - "babel-runtime": "^6.9.0", - "babel-traverse": "^6.16.0", - "babel-types": "^6.16.0", - "babylon": "^6.11.0", - "lodash": "^4.2.0" + "babel-runtime": "6.11.6", + "babel-traverse": "6.16.0", + "babel-types": "6.16.0", + "babylon": "6.11.6", + "lodash": "4.16.4" } }, "babel-traverse": { @@ -705,15 +686,15 @@ "resolved": "https://registry.npmjs.org/babel-traverse/-/babel-traverse-6.16.0.tgz", "integrity": "sha1-+6ha4f1NEH3pzgAxScxX9TvvDE8=", "requires": { - "babel-code-frame": "^6.16.0", - "babel-messages": "^6.8.0", - "babel-runtime": "^6.9.0", - "babel-types": "^6.16.0", - "babylon": "^6.11.0", - "debug": "^2.2.0", - "globals": "^8.3.0", - "invariant": "^2.2.0", - "lodash": "^4.2.0" + "babel-code-frame": "6.16.0", + "babel-messages": "6.8.0", + "babel-runtime": "6.11.6", + "babel-types": "6.16.0", + "babylon": "6.11.6", + "debug": "2.2.0", + "globals": "8.18.0", + "invariant": "2.2.1", + "lodash": "4.16.4" } }, "babel-types": { @@ -721,10 +702,10 @@ "resolved": "https://registry.npmjs.org/babel-types/-/babel-types-6.16.0.tgz", "integrity": "sha1-ccyh2+Uzd2YiXFwZMHHo68vP/P4=", "requires": { - "babel-runtime": "^6.9.1", - "esutils": "^2.0.2", - "lodash": "^4.2.0", - "to-fast-properties": "^1.0.1" + "babel-runtime": "6.11.6", + "esutils": "2.0.2", + "lodash": "4.16.4", + "to-fast-properties": "1.0.2" } }, "babylon": { @@ -743,7 +724,7 @@ "integrity": "sha1-PKdrhSQccXC/fZcD57mqdGMAQNQ=", "optional": true, "requires": { - "tweetnacl": "^0.14.3" + "tweetnacl": "0.14.3" } }, "bin-version": { @@ -751,7 +732,7 @@ "resolved": "https://registry.npmjs.org/bin-version/-/bin-version-1.0.4.tgz", "integrity": "sha1-nrSY7m/Xb3q5p8FgQ2+JV5Q1144=", "requires": { - "find-versions": "^1.0.0" + "find-versions": "1.2.1" } }, "bin-version-check": { @@ -759,10 +740,10 @@ "resolved": "https://registry.npmjs.org/bin-version-check/-/bin-version-check-2.1.0.tgz", "integrity": "sha1-5OXfKQuQaffRETJAMe/BP90RpbA=", "requires": { - "bin-version": "^1.0.0", - "minimist": "^1.1.0", - "semver": "^4.0.3", - "semver-truncate": "^1.0.0" + "bin-version": "1.0.4", + "minimist": "1.2.0", + "semver": "4.3.6", + "semver-truncate": "1.1.2" } }, "binary-extensions": { @@ -771,20 +752,12 @@ "integrity": "sha1-bBYQ2xY6v7NO3+QvpCM0Oh4BGF0=", "optional": true }, - "bitsyntax": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/bitsyntax/-/bitsyntax-0.0.4.tgz", - "integrity": "sha1-6xDMb4K4xJDj6FaY8H6D1G4MuoI=", - "requires": { - "buffer-more-ints": "0.0.2" - } - }, "bl": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/bl/-/bl-1.1.2.tgz", "integrity": "sha1-/cqHGplxOqANGeO7ukHER4emU5g=", "requires": { - "readable-stream": "~2.0.5" + "readable-stream": "2.0.6" }, "dependencies": { "readable-stream": { @@ -792,12 +765,12 @@ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.0.6.tgz", "integrity": "sha1-j5A0HmilPMySh4jaz80Rs265t44=", "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "~1.0.0", - "process-nextick-args": "~1.0.6", - "string_decoder": "~0.10.x", - "util-deprecate": "~1.0.1" + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "1.0.0", + "process-nextick-args": "1.0.7", + "string_decoder": "0.10.31", + "util-deprecate": "1.0.2" } } } @@ -807,7 +780,31 @@ "resolved": "https://registry.npmjs.org/boom/-/boom-2.10.1.tgz", "integrity": "sha1-OciRjO/1eZ+D+UkqhI9iWt0Mdm8=", "requires": { - "hoek": "2.x.x" + "hoek": "2.16.3" + } + }, + "bounce": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/bounce/-/bounce-1.2.3.tgz", + "integrity": "sha512-3G7B8CyBnip5EahCZJjnvQ1HLyArC6P5e+xcolo13BVI9ogFaDOsNMAE7FIWliHtIkYI8/nTRCvCY9tZa3Mu4g==", + "requires": { + "boom": "7.3.0", + "hoek": "6.1.3" + }, + "dependencies": { + "boom": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/boom/-/boom-7.3.0.tgz", + "integrity": "sha512-Swpoyi2t5+GhOEGw8rEsKvTxFLIDiiKoUc2gsoV6Lyr43LHBIzch3k2MvYUs8RTROrIkVJ3Al0TkaOGjnb+B6A==", + "requires": { + "hoek": "6.1.3" + } + }, + "hoek": { + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/hoek/-/hoek-6.1.3.tgz", + "integrity": "sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ==" + } } }, "brace-expansion": { @@ -815,7 +812,7 @@ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.6.tgz", "integrity": "sha1-cZfX6qm4fmSDkOph/GbIRCdCDfk=", "requires": { - "balanced-match": "^0.4.1", + "balanced-match": "0.4.2", "concat-map": "0.0.1" } }, @@ -825,16 +822,11 @@ "integrity": "sha1-uneWLhLf+WnWt2cR6RS3N4V79qc=", "optional": true, "requires": { - "expand-range": "^1.8.1", - "preserve": "^0.2.0", - "repeat-element": "^1.1.2" + "expand-range": "1.8.2", + "preserve": "0.2.0", + "repeat-element": "1.1.2" } }, - "buffer-more-ints": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/buffer-more-ints/-/buffer-more-ints-0.0.2.tgz", - "integrity": "sha1-JrOIXRD6E9t/wBquOquHAZngEkw=" - }, "buffer-shims": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz", @@ -856,8 +848,8 @@ "resolved": "https://registry.npmjs.org/camelcase-keys/-/camelcase-keys-2.1.0.tgz", "integrity": "sha1-MIvur/3ygRkFHvodkyITyRuPkuc=", "requires": { - "camelcase": "^2.0.0", - "map-obj": "^1.0.0" + "camelcase": "2.1.1", + "map-obj": "1.0.1" } }, "caseless": { @@ -870,11 +862,11 @@ "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.1.tgz", "integrity": "sha1-UJr7ZwZudJn36zU1x3RFdyri0Bk=", "requires": { - "ansi-styles": "^2.1.0", - "escape-string-regexp": "^1.0.2", - "has-ansi": "^2.0.0", - "strip-ansi": "^3.0.0", - "supports-color": "^2.0.0" + "ansi-styles": "2.2.1", + "escape-string-regexp": "1.0.5", + "has-ansi": "2.0.0", + "strip-ansi": "3.0.1", + "supports-color": "2.0.0" } }, "chokidar": { @@ -883,15 +875,15 @@ "integrity": "sha1-kMMq1IApAddxPeUy3ChOlqY60Fg=", "optional": true, "requires": { - "anymatch": "^1.3.0", - "async-each": "^1.0.0", - "fsevents": "^1.0.0", - "glob-parent": "^2.0.0", - "inherits": "^2.0.1", - "is-binary-path": "^1.0.0", - "is-glob": "^2.0.0", - "path-is-absolute": "^1.0.0", - "readdirp": "^2.0.0" + "anymatch": "1.3.0", + "async-each": "1.0.1", + "fsevents": "1.2.7", + "glob-parent": "2.0.0", + "inherits": "2.0.3", + "is-binary-path": "1.0.1", + "is-glob": "2.0.1", + "path-is-absolute": "1.0.1", + "readdirp": "2.1.0" } }, "combined-stream": { @@ -899,7 +891,7 @@ "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.5.tgz", "integrity": "sha1-k4NwpXtKUd6ix3wV1cX9+JUWQAk=", "requires": { - "delayed-stream": "~1.0.0" + "delayed-stream": "1.0.0" } }, "commander": { @@ -907,13 +899,13 @@ "resolved": "https://registry.npmjs.org/commander/-/commander-2.9.0.tgz", "integrity": "sha1-nJkJQXbhIkDLItbFFGCYQA/g99Q=", "requires": { - "graceful-readlink": ">= 1.0.0" + "graceful-readlink": "1.0.1" } }, "component-emitter": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.2.1.tgz", - "integrity": "sha1-E3kY1teCg/ffemt8WmPhQOaUJeY=" + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==" }, "concat-map": { "version": "0.0.1", @@ -926,9 +918,9 @@ "integrity": "sha1-6fPpxuJyjvwmdmlqcOs4L3MQamc=" }, "cookiejar": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.0.6.tgz", - "integrity": "sha1-Cr81atANHFohnYjURRgEbdAmrP4=" + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.2.tgz", + "integrity": "sha512-Mw+adcfzPxcPeI+0WlvRrr/3lGVO0bD75SxX6811cxSh1Wbxx7xZBGK1eVtDf6si8rg2lhnUjsVLMFMfbRIuwA==" }, "core-js": { "version": "2.4.1", @@ -945,7 +937,7 @@ "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-2.0.5.tgz", "integrity": "sha1-O9/s3GCBR8HGcgL6KR59ylnqo7g=", "requires": { - "boom": "2.x.x" + "boom": "2.10.1" } }, "currently-unhandled": { @@ -953,7 +945,7 @@ "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz", "integrity": "sha1-mI3zP+qxke95mmE2nddsF635V+o=", "requires": { - "array-find-index": "^1.0.1" + "array-find-index": "1.0.2" } }, "dashdash": { @@ -961,7 +953,7 @@ "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.0.tgz", "integrity": "sha1-KeSGxUGL8PNWA0qZPVFoajPoQUE=", "requires": { - "assert-plus": "^1.0.0" + "assert-plus": "1.0.0" }, "dependencies": { "assert-plus": { @@ -994,9 +986,9 @@ "resolved": "https://registry.npmjs.org/detect-indent/-/detect-indent-3.0.1.tgz", "integrity": "sha1-ncXl3bzu+DJXZLlFGwK8bVQIT3U=", "requires": { - "get-stdin": "^4.0.1", - "minimist": "^1.1.0", - "repeating": "^1.1.0" + "get-stdin": "4.0.1", + "minimist": "1.2.0", + "repeating": "1.1.3" } }, "ecc-jsbn": { @@ -1005,7 +997,7 @@ "integrity": "sha1-D8c6ntXw1Tw4GTOYUj735UN3dQU=", "optional": true, "requires": { - "jsbn": "~0.1.0" + "jsbn": "0.1.0" } }, "error-ex": { @@ -1013,7 +1005,7 @@ "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", "integrity": "sha1-5ntD8+gsluo6WE/+4Ln8MyXYAtk=", "requires": { - "is-arrayish": "^0.2.1" + "is-arrayish": "0.2.1" } }, "escape-string-regexp": { @@ -1031,22 +1023,13 @@ "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.2.tgz", "integrity": "sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs=" }, - "eventsource": { - "version": "0.1.6", - "resolved": "https://registry.npmjs.org/eventsource/-/eventsource-0.1.6.tgz", - "integrity": "sha1-Cs7ehJ7X3RzMMsgRuxG5RNTykjI=", - "optional": true, - "requires": { - "original": ">=0.0.5" - } - }, "expand-brackets": { "version": "0.1.5", "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-0.1.5.tgz", "integrity": "sha1-3wcoTjQqgHzXM6xa9yQR5YHRF3s=", "optional": true, "requires": { - "is-posix-bracket": "^0.1.0" + "is-posix-bracket": "0.1.1" } }, "expand-range": { @@ -1055,7 +1038,7 @@ "integrity": "sha1-opnv/TNf4nIeuujiV+x5ZE/IUzc=", "optional": true, "requires": { - "fill-range": "^2.1.0" + "fill-range": "2.2.3" } }, "extend": { @@ -1069,7 +1052,7 @@ "integrity": "sha1-Lhj/PS9JqydlzskCPwEdqo2DSaE=", "optional": true, "requires": { - "is-extglob": "^1.0.0" + "is-extglob": "1.0.0" } }, "extsprintf": { @@ -1077,14 +1060,10 @@ "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.0.2.tgz", "integrity": "sha1-4QgOBljjALBilJkMxw4VAiNf1VA=" }, - "faye-websocket": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.11.0.tgz", - "integrity": "sha1-2czw54nn23JddLxId9I6pClyrFA=", - "optional": true, - "requires": { - "websocket-driver": ">=0.5.1" - } + "fast-safe-stringify": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.0.7.tgz", + "integrity": "sha512-Utm6CdzT+6xsDk2m8S6uL8VHxNwI6Jub+e9NYTcAms28T84pTa25GJQV9j0CY0N1rM8hK4x6grpF2BQf+2qwVA==" }, "filename-regex": { "version": "2.0.0", @@ -1098,11 +1077,11 @@ "integrity": "sha1-ULd9/X5Gm8dJJHCWNpn+eoSFpyM=", "optional": true, "requires": { - "is-number": "^2.1.0", - "isobject": "^2.0.0", - "randomatic": "^1.1.3", - "repeat-element": "^1.1.2", - "repeat-string": "^1.5.2" + "is-number": "2.1.0", + "isobject": "2.1.0", + "randomatic": "1.1.5", + "repeat-element": "1.1.2", + "repeat-string": "1.5.4" } }, "find-up": { @@ -1110,8 +1089,8 @@ "resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz", "integrity": "sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=", "requires": { - "path-exists": "^2.0.0", - "pinkie-promise": "^2.0.0" + "path-exists": "2.1.0", + "pinkie-promise": "2.0.1" }, "dependencies": { "path-exists": { @@ -1119,7 +1098,7 @@ "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", "integrity": "sha1-D+tsZPD8UY2adU3V77YscCJ2H0s=", "requires": { - "pinkie-promise": "^2.0.0" + "pinkie-promise": "2.0.1" } } } @@ -1129,10 +1108,10 @@ "resolved": "https://registry.npmjs.org/find-versions/-/find-versions-1.2.1.tgz", "integrity": "sha1-y96fEuOFdaCvG+G5osXV/Y8Ya2I=", "requires": { - "array-uniq": "^1.0.0", - "get-stdin": "^4.0.1", - "meow": "^3.5.0", - "semver-regex": "^1.0.0" + "array-uniq": "1.0.3", + "get-stdin": "4.0.1", + "meow": "3.7.0", + "semver-regex": "1.0.0" } }, "flatmap": { @@ -1152,7 +1131,7 @@ "integrity": "sha1-AUm0GjkIjHUV9R6+HBOG1F+TUHI=", "optional": true, "requires": { - "for-in": "^0.1.5" + "for-in": "0.1.6" } }, "forever-agent": { @@ -1165,15 +1144,15 @@ "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.0.0.tgz", "integrity": "sha1-bwrrrcxdoWwT4ezBETfYX5uIOyU=", "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.5", - "mime-types": "^2.1.11" + "asynckit": "0.4.0", + "combined-stream": "1.0.5", + "mime-types": "2.1.12" } }, "formidable": { - "version": "1.0.17", - "resolved": "https://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz", - "integrity": "sha1-71SRSQ+UM7cF+qdyScmQKa40hVk=" + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz", + "integrity": "sha512-Fs9VRguL0gqGHkXS5GQiMCr1VhZBxz0JnJs4JmMp/2jL18Fmbzvv7vOFRU+U8TBkHEE/CX1qDXzJplVULgsLeg==" }, "fs-readdir-recursive": { "version": "0.1.2", @@ -1185,7 +1164,7 @@ "resolved": "https://registry.npmjs.org/fs-walk/-/fs-walk-0.0.1.tgz", "integrity": "sha1-9/yRw64e6tB8mYvF0N1B8tvr0zU=", "requires": { - "async": "*" + "async": "2.1.1" } }, "fs.realpath": { @@ -1199,8 +1178,8 @@ "integrity": "sha512-Pxm6sI2MeBD7RdD12RYsqaP0nMiwx8eZBXCa6z2L+mRHm2DYrOYwihmhjpkdjUHwQhslWQjRpEgNq4XvBmaAuw==", "optional": true, "requires": { - "nan": "^2.9.2", - "node-pre-gyp": "^0.10.0" + "nan": "2.12.1", + "node-pre-gyp": "0.10.3" }, "dependencies": { "abbrev": { @@ -1210,7 +1189,8 @@ }, "ansi-regex": { "version": "2.1.1", - "bundled": true + "bundled": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -1228,11 +1208,13 @@ }, "balanced-match": { "version": "1.0.0", - "bundled": true + "bundled": true, + "optional": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, + "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -1245,15 +1227,18 @@ }, "code-point-at": { "version": "1.1.0", - "bundled": true + "bundled": true, + "optional": true }, "concat-map": { "version": "0.0.1", - "bundled": true + "bundled": true, + "optional": true }, "console-control-strings": { "version": "1.1.0", - "bundled": true + "bundled": true, + "optional": true }, "core-util-is": { "version": "1.0.2", @@ -1356,7 +1341,8 @@ }, "inherits": { "version": "2.0.3", - "bundled": true + "bundled": true, + "optional": true }, "ini": { "version": "1.3.5", @@ -1366,6 +1352,7 @@ "is-fullwidth-code-point": { "version": "1.0.0", "bundled": true, + "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -1378,17 +1365,20 @@ "minimatch": { "version": "3.0.4", "bundled": true, + "optional": true, "requires": { "brace-expansion": "^1.1.7" } }, "minimist": { "version": "0.0.8", - "bundled": true + "bundled": true, + "optional": true }, "minipass": { "version": "2.3.5", "bundled": true, + "optional": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -1405,6 +1395,7 @@ "mkdirp": { "version": "0.5.1", "bundled": true, + "optional": true, "requires": { "minimist": "0.0.8" } @@ -1477,7 +1468,8 @@ }, "number-is-nan": { "version": "1.0.1", - "bundled": true + "bundled": true, + "optional": true }, "object-assign": { "version": "4.1.1", @@ -1487,6 +1479,7 @@ "once": { "version": "1.4.0", "bundled": true, + "optional": true, "requires": { "wrappy": "1" } @@ -1562,7 +1555,8 @@ }, "safe-buffer": { "version": "5.1.2", - "bundled": true + "bundled": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -1592,6 +1586,7 @@ "string-width": { "version": "1.0.2", "bundled": true, + "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -1609,6 +1604,7 @@ "strip-ansi": { "version": "3.0.1", "bundled": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -1647,11 +1643,13 @@ }, "wrappy": { "version": "1.0.2", - "bundled": true + "bundled": true, + "optional": true }, "yallist": { "version": "3.0.3", - "bundled": true + "bundled": true, + "optional": true } } }, @@ -1665,7 +1663,7 @@ "resolved": "https://registry.npmjs.org/generate-object-property/-/generate-object-property-1.2.0.tgz", "integrity": "sha1-nA4cQDCM6AT0eDYYuTf6iPmdUNA=", "requires": { - "is-property": "^1.0.0" + "is-property": "1.0.2" } }, "get-stdin": { @@ -1678,7 +1676,7 @@ "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.6.tgz", "integrity": "sha1-KD/9n8ElaECHUxHBtg6MQBhxEOY=", "requires": { - "assert-plus": "^1.0.0" + "assert-plus": "1.0.0" }, "dependencies": { "assert-plus": { @@ -1693,11 +1691,11 @@ "resolved": "https://registry.npmjs.org/glob/-/glob-5.0.15.tgz", "integrity": "sha1-G8k2ueAvSmA/zCIuz3Yz0wuLk7E=", "requires": { - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "2 || 3", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" + "inflight": "1.0.6", + "inherits": "2.0.3", + "minimatch": "3.0.3", + "once": "1.4.0", + "path-is-absolute": "1.0.1" } }, "glob-base": { @@ -1706,8 +1704,8 @@ "integrity": "sha1-27Fk9iIbHAscz4Kuoyi0l98Oo8Q=", "optional": true, "requires": { - "glob-parent": "^2.0.0", - "is-glob": "^2.0.0" + "glob-parent": "2.0.0", + "is-glob": "2.0.1" } }, "glob-parent": { @@ -1715,7 +1713,7 @@ "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz", "integrity": "sha1-gTg9ctsFT8zPUzbaqQLxgvbtuyg=", "requires": { - "is-glob": "^2.0.0" + "is-glob": "2.0.1" } }, "globals": { @@ -1738,10 +1736,10 @@ "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-2.0.6.tgz", "integrity": "sha1-zcvAgYgmWtEZtqWnyKtw7s+10n0=", "requires": { - "chalk": "^1.1.1", - "commander": "^2.9.0", - "is-my-json-valid": "^2.12.4", - "pinkie-promise": "^2.0.0" + "chalk": "1.1.1", + "commander": "2.9.0", + "is-my-json-valid": "2.15.0", + "pinkie-promise": "2.0.1" } }, "has-ansi": { @@ -1749,7 +1747,7 @@ "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", "integrity": "sha1-NPUEnOHs3ysGSa8+8k5F7TVBbZE=", "requires": { - "ansi-regex": "^2.0.0" + "ansi-regex": "2.0.0" } }, "hawk": { @@ -1757,10 +1755,10 @@ "resolved": "https://registry.npmjs.org/hawk/-/hawk-3.1.3.tgz", "integrity": "sha1-B4REvXwWQLD+VA0sm3PVlnjo4cQ=", "requires": { - "boom": "2.x.x", - "cryptiles": "2.x.x", - "hoek": "2.x.x", - "sntp": "1.x.x" + "boom": "2.10.1", + "cryptiles": "2.0.5", + "hoek": "2.16.3", + "sntp": "1.0.9" } }, "hoek": { @@ -1773,8 +1771,8 @@ "resolved": "https://registry.npmjs.org/home-or-tmp/-/home-or-tmp-1.0.0.tgz", "integrity": "sha1-S58eQIAMPlDGwn94FnavzOcfOYU=", "requires": { - "os-tmpdir": "^1.0.1", - "user-home": "^1.1.1" + "os-tmpdir": "1.0.2", + "user-home": "1.1.1" } }, "hosted-git-info": { @@ -1787,9 +1785,9 @@ "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.1.1.tgz", "integrity": "sha1-33LiZwZs0Kxn+3at+OE0qPvPkb8=", "requires": { - "assert-plus": "^0.2.0", - "jsprim": "^1.2.2", - "sshpk": "^1.7.0" + "assert-plus": "0.2.0", + "jsprim": "1.3.1", + "sshpk": "1.10.1" } }, "indent-string": { @@ -1797,7 +1795,7 @@ "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-2.1.0.tgz", "integrity": "sha1-ji1INIdCEhtKghi3oTfppSBJ3IA=", "requires": { - "repeating": "^2.0.0" + "repeating": "2.0.1" }, "dependencies": { "repeating": { @@ -1805,7 +1803,7 @@ "resolved": "https://registry.npmjs.org/repeating/-/repeating-2.0.1.tgz", "integrity": "sha1-UhTFOpJtNVJwdSf7q0FdvAjQbdo=", "requires": { - "is-finite": "^1.0.0" + "is-finite": "1.0.2" } } } @@ -1815,8 +1813,8 @@ "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", "requires": { - "once": "^1.3.0", - "wrappy": "1" + "once": "1.4.0", + "wrappy": "1.0.2" } }, "inherits": { @@ -1834,7 +1832,7 @@ "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.1.tgz", "integrity": "sha1-sJcBBUdmjH4zcCjr6Bbr42yKjVQ=", "requires": { - "loose-envify": "^1.0.0" + "loose-envify": "1.2.0" } }, "is-arrayish": { @@ -1848,7 +1846,7 @@ "integrity": "sha1-dfFmQrSA8YenEcgUFh/TpKdlWJg=", "optional": true, "requires": { - "binary-extensions": "^1.0.0" + "binary-extensions": "1.7.0" } }, "is-buffer": { @@ -1861,7 +1859,7 @@ "resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", "integrity": "sha1-VAVy0096wxGfj3bDDLwbHgN6/74=", "requires": { - "builtin-modules": "^1.0.0" + "builtin-modules": "1.1.1" } }, "is-dotfile": { @@ -1876,7 +1874,7 @@ "integrity": "sha1-IjgJj8Ih3gvPpdnqxMRdY4qhxTQ=", "optional": true, "requires": { - "is-primitive": "^2.0.0" + "is-primitive": "2.0.0" } }, "is-extendable": { @@ -1895,7 +1893,7 @@ "resolved": "https://registry.npmjs.org/is-finite/-/is-finite-1.0.2.tgz", "integrity": "sha1-zGZ3aVYCvlUO8R6LSqYwU0K20Ko=", "requires": { - "number-is-nan": "^1.0.0" + "number-is-nan": "1.0.1" } }, "is-glob": { @@ -1903,7 +1901,7 @@ "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz", "integrity": "sha1-0Jb5JqPe1WAPP9/ZEZjLCIjC2GM=", "requires": { - "is-extglob": "^1.0.0" + "is-extglob": "1.0.0" } }, "is-my-json-valid": { @@ -1911,10 +1909,10 @@ "resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz", "integrity": "sha1-k27do8o8IR/ZjzstPgjaQ/eykVs=", "requires": { - "generate-function": "^2.0.0", - "generate-object-property": "^1.1.0", - "jsonpointer": "^4.0.0", - "xtend": "^4.0.0" + "generate-function": "2.0.0", + "generate-object-property": "1.2.0", + "jsonpointer": "4.0.0", + "xtend": "4.0.1" } }, "is-number": { @@ -1922,7 +1920,7 @@ "resolved": "https://registry.npmjs.org/is-number/-/is-number-2.1.0.tgz", "integrity": "sha1-Afy7s5NGOlSPL0ZszhbezknbkI8=", "requires": { - "kind-of": "^3.0.2" + "kind-of": "3.0.4" } }, "is-posix-bracket": { @@ -1976,7 +1974,7 @@ "integrity": "sha1-BtSRIlUJNBlHfUJWM2BuDpB4KWc=", "optional": true, "requires": { - "jsbn": "~0.1.0" + "jsbn": "0.1.0" } }, "js-tokens": { @@ -1989,8 +1987,8 @@ "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.6.1.tgz", "integrity": "sha1-bl/mfYsgXOTSL60Ft3geja3MSzA=", "requires": { - "argparse": "^1.0.7", - "esprima": "^2.6.0" + "argparse": "1.0.9", + "esprima": "2.7.3" } }, "jsbn": { @@ -2014,12 +2012,6 @@ "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" }, - "json3": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/json3/-/json3-3.3.2.tgz", - "integrity": "sha1-PAQ0dD35Pi9cQq7nsZvLSDV19OE=", - "optional": true - }, "json5": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/json5/-/json5-0.4.0.tgz", @@ -2045,7 +2037,7 @@ "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.4.tgz", "integrity": "sha1-e47PGKThf4Jp1ztQHJ8jLJaIenQ=", "requires": { - "is-buffer": "^1.0.2" + "is-buffer": "1.1.4" } }, "load-json-file": { @@ -2053,11 +2045,11 @@ "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", "integrity": "sha1-lWkFcI1YtLq0wiYbBPWfMcmTdMA=", "requires": { - "graceful-fs": "^4.1.2", - "parse-json": "^2.2.0", - "pify": "^2.0.0", - "pinkie-promise": "^2.0.0", - "strip-bom": "^2.0.0" + "graceful-fs": "4.1.9", + "parse-json": "2.2.0", + "pify": "2.3.0", + "pinkie-promise": "2.0.1", + "strip-bom": "2.0.0" } }, "lodash": { @@ -2070,7 +2062,7 @@ "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", "integrity": "sha1-N2/3tY6jCGoPCfrMdGF+ylAeGhg=", "requires": { - "chalk": "^1.0.0" + "chalk": "1.1.1" } }, "loose-envify": { @@ -2078,7 +2070,7 @@ "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.2.0.tgz", "integrity": "sha1-aaZarT3lQs9O4PT+dOjjPHCcyw8=", "requires": { - "js-tokens": "^1.0.1" + "js-tokens": "1.0.3" }, "dependencies": { "js-tokens": { @@ -2093,8 +2085,8 @@ "resolved": "https://registry.npmjs.org/loud-rejection/-/loud-rejection-1.6.0.tgz", "integrity": "sha1-W0b4AUft7leIcPCG0Eghz5mOVR8=", "requires": { - "currently-unhandled": "^0.4.1", - "signal-exit": "^3.0.0" + "currently-unhandled": "0.4.1", + "signal-exit": "3.0.1" } }, "map-obj": { @@ -2107,16 +2099,16 @@ "resolved": "https://registry.npmjs.org/meow/-/meow-3.7.0.tgz", "integrity": "sha1-cstmi0JSKCkKu/qFaJJYcwioAfs=", "requires": { - "camelcase-keys": "^2.0.0", - "decamelize": "^1.1.2", - "loud-rejection": "^1.0.0", - "map-obj": "^1.0.1", - "minimist": "^1.1.3", - "normalize-package-data": "^2.3.4", - "object-assign": "^4.0.1", - "read-pkg-up": "^1.0.1", - "redent": "^1.0.0", - "trim-newlines": "^1.0.0" + "camelcase-keys": "2.1.0", + "decamelize": "1.2.0", + "loud-rejection": "1.6.0", + "map-obj": "1.0.1", + "minimist": "1.2.0", + "normalize-package-data": "2.3.5", + "object-assign": "4.1.0", + "read-pkg-up": "1.0.1", + "redent": "1.0.0", + "trim-newlines": "1.0.0" } }, "merge": { @@ -2135,25 +2127,25 @@ "integrity": "sha1-hmd8l9FyCzY0MdBNDRUpO9OMFWU=", "optional": true, "requires": { - "arr-diff": "^2.0.0", - "array-unique": "^0.2.1", - "braces": "^1.8.2", - "expand-brackets": "^0.1.4", - "extglob": "^0.3.1", - "filename-regex": "^2.0.0", - "is-extglob": "^1.0.0", - "is-glob": "^2.0.1", - "kind-of": "^3.0.2", - "normalize-path": "^2.0.1", - "object.omit": "^2.0.0", - "parse-glob": "^3.0.4", - "regex-cache": "^0.4.2" + "arr-diff": "2.0.0", + "array-unique": "0.2.1", + "braces": "1.8.5", + "expand-brackets": "0.1.5", + "extglob": "0.3.2", + "filename-regex": "2.0.0", + "is-extglob": "1.0.0", + "is-glob": "2.0.1", + "kind-of": "3.0.4", + "normalize-path": "2.0.1", + "object.omit": "2.0.0", + "parse-glob": "3.0.4", + "regex-cache": "0.4.3" } }, "mime": { - "version": "1.3.4", - "resolved": "https://registry.npmjs.org/mime/-/mime-1.3.4.tgz", - "integrity": "sha1-EV+eO2s9rylZmDyzjxSaLUDrXVM=" + "version": "2.4.4", + "resolved": "https://registry.npmjs.org/mime/-/mime-2.4.4.tgz", + "integrity": "sha512-LRxmNwziLPT828z+4YkNzloCFC2YM4wrB99k+AV5ZbEyfGNWfG8SO1FUXLmLDBSo89NrJZ4DIWeLjy1CHGhMGA==" }, "mime-db": { "version": "1.24.0", @@ -2165,7 +2157,7 @@ "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.12.tgz", "integrity": "sha1-FSuiVndwIN1GY/VMLnvCY4HnFyk=", "requires": { - "mime-db": "~1.24.0" + "mime-db": "1.24.0" } }, "minimatch": { @@ -2173,7 +2165,7 @@ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.3.tgz", "integrity": "sha1-Kk5AkLlrLbBqnX3wEFWmKnfJt3Q=", "requires": { - "brace-expansion": "^1.0.0" + "brace-expansion": "1.1.6" } }, "minimist": { @@ -2217,10 +2209,10 @@ "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", "integrity": "sha1-jZJPFClg4Xd+f/4XBUNjHMfLAt8=", "requires": { - "hosted-git-info": "^2.1.4", - "is-builtin-module": "^1.0.0", - "semver": "2 || 3 || 4 || 5", - "validate-npm-package-license": "^3.0.1" + "hosted-git-info": "2.1.5", + "is-builtin-module": "1.0.0", + "semver": "4.3.6", + "validate-npm-package-license": "3.0.1" } }, "normalize-path": { @@ -2250,8 +2242,8 @@ "integrity": "sha1-hoWXMz1U5gZilAu0WGBd1q4S/pQ=", "optional": true, "requires": { - "for-own": "^0.1.3", - "is-extendable": "^0.1.1" + "for-own": "0.1.4", + "is-extendable": "0.1.1" } }, "once": { @@ -2259,28 +2251,7 @@ "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", "requires": { - "wrappy": "1" - } - }, - "original": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/original/-/original-1.0.0.tgz", - "integrity": "sha1-kUf5P6FpbQS+YeAb1QuurKZWvTs=", - "optional": true, - "requires": { - "url-parse": "1.0.x" - }, - "dependencies": { - "url-parse": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.0.5.tgz", - "integrity": "sha1-CFSGBCKv3P7+tsllxmLUgAFpkns=", - "optional": true, - "requires": { - "querystringify": "0.0.x", - "requires-port": "1.0.x" - } - } + "wrappy": "1.0.2" } }, "os-tmpdir": { @@ -2293,9 +2264,9 @@ "resolved": "https://registry.npmjs.org/output-file-sync/-/output-file-sync-1.1.2.tgz", "integrity": "sha1-0KM+7+YaIF+suQCS6CZZjVJFznY=", "requires": { - "graceful-fs": "^4.1.4", - "mkdirp": "^0.5.1", - "object-assign": "^4.1.0" + "graceful-fs": "4.1.9", + "mkdirp": "0.5.1", + "object-assign": "4.1.0" } }, "parse-glob": { @@ -2304,10 +2275,10 @@ "integrity": "sha1-ssN2z7EfNVE7rdFz7wu246OIORw=", "optional": true, "requires": { - "glob-base": "^0.3.0", - "is-dotfile": "^1.0.0", - "is-extglob": "^1.0.0", - "is-glob": "^2.0.0" + "glob-base": "0.3.0", + "is-dotfile": "1.0.2", + "is-extglob": "1.0.0", + "is-glob": "2.0.1" } }, "parse-json": { @@ -2315,7 +2286,7 @@ "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", "integrity": "sha1-9ID0BDTvgHQfhGkJn43qGPVaTck=", "requires": { - "error-ex": "^1.2.0" + "error-ex": "1.3.0" } }, "path-exists": { @@ -2333,9 +2304,9 @@ "resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", "integrity": "sha1-WcRPfuSR2nBNpBXaWkBwuk+P5EE=", "requires": { - "graceful-fs": "^4.1.2", - "pify": "^2.0.0", - "pinkie-promise": "^2.0.0" + "graceful-fs": "4.1.9", + "pify": "2.3.0", + "pinkie-promise": "2.0.1" } }, "pify": { @@ -2353,7 +2324,7 @@ "resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz", "integrity": "sha1-ITXW36ejWMBprJsXh3YogihFD/o=", "requires": { - "pinkie": "^2.0.0" + "pinkie": "2.0.4" } }, "preserve": { @@ -2372,32 +2343,19 @@ "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz", "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=" }, - "promise": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/promise/-/promise-6.1.0.tgz", - "integrity": "sha1-LOcp9rlLRcJoka0GAsXJDgTG7vY=", - "requires": { - "asap": "~1.0.0" - } - }, "qs": { "version": "6.2.1", "resolved": "https://registry.npmjs.org/qs/-/qs-6.2.1.tgz", "integrity": "sha1-zgPF/wk1vB2daanxTL0Y5WjWdiU=" }, - "querystringify": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-0.0.4.tgz", - "integrity": "sha1-DPf4T5Rj/wrlHExLFC2VvjdyTZw=" - }, "randomatic": { "version": "1.1.5", "resolved": "https://registry.npmjs.org/randomatic/-/randomatic-1.1.5.tgz", "integrity": "sha1-Xp718tVzxnvSuBJK6QtRVuRXhAs=", "optional": true, "requires": { - "is-number": "^2.0.2", - "kind-of": "^3.0.2" + "is-number": "2.1.0", + "kind-of": "3.0.4" } }, "read-pkg": { @@ -2405,9 +2363,9 @@ "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", "integrity": "sha1-9f+qXs0pyzHAR0vKfXVra7KePyg=", "requires": { - "load-json-file": "^1.0.0", - "normalize-package-data": "^2.3.2", - "path-type": "^1.0.0" + "load-json-file": "1.1.0", + "normalize-package-data": "2.3.5", + "path-type": "1.1.0" } }, "read-pkg-up": { @@ -2415,8 +2373,8 @@ "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", "integrity": "sha1-nWPBMnbAZZGNV/ACpX9AobZD+wI=", "requires": { - "find-up": "^1.0.0", - "read-pkg": "^1.0.0" + "find-up": "1.1.2", + "read-pkg": "1.1.0" } }, "readable-stream": { @@ -2425,13 +2383,13 @@ "integrity": "sha1-ZvqLcg4UOLNkaB8q0aY8YYRIydA=", "optional": true, "requires": { - "buffer-shims": "^1.0.0", - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "~1.0.0", - "process-nextick-args": "~1.0.6", - "string_decoder": "~0.10.x", - "util-deprecate": "~1.0.1" + "buffer-shims": "1.0.0", + "core-util-is": "1.0.2", + "inherits": "2.0.3", + "isarray": "1.0.0", + "process-nextick-args": "1.0.7", + "string_decoder": "0.10.31", + "util-deprecate": "1.0.2" } }, "readdirp": { @@ -2440,10 +2398,10 @@ "integrity": "sha1-TtCtBg3zBzMAxIRANz9y0cxkLXg=", "optional": true, "requires": { - "graceful-fs": "^4.1.2", - "minimatch": "^3.0.2", - "readable-stream": "^2.0.2", - "set-immediate-shim": "^1.0.1" + "graceful-fs": "4.1.9", + "minimatch": "3.0.3", + "readable-stream": "2.1.5", + "set-immediate-shim": "1.0.1" } }, "redent": { @@ -2451,15 +2409,10 @@ "resolved": "https://registry.npmjs.org/redent/-/redent-1.0.0.tgz", "integrity": "sha1-z5Fqsf1fHxbfsggi3W7H9zDCr94=", "requires": { - "indent-string": "^2.1.0", - "strip-indent": "^1.0.1" + "indent-string": "2.1.0", + "strip-indent": "1.0.1" } }, - "reduce-component": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/reduce-component/-/reduce-component-1.0.1.tgz", - "integrity": "sha1-4Mk1QsV0UhvqE98PlIjtgqt3xdo=" - }, "regenerate": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/regenerate/-/regenerate-1.3.1.tgz", @@ -2476,8 +2429,8 @@ "integrity": "sha1-mxpsNdTQ3871cRrmUejp09cRQUU=", "optional": true, "requires": { - "is-equal-shallow": "^0.1.3", - "is-primitive": "^2.0.0" + "is-equal-shallow": "0.1.3", + "is-primitive": "2.0.0" } }, "regexpu-core": { @@ -2485,9 +2438,9 @@ "resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-2.0.0.tgz", "integrity": "sha1-SdA4g3uNz4v6W5pCE5k45uoq4kA=", "requires": { - "regenerate": "^1.2.1", - "regjsgen": "^0.2.0", - "regjsparser": "^0.1.4" + "regenerate": "1.3.1", + "regjsgen": "0.2.0", + "regjsparser": "0.1.5" } }, "regjsgen": { @@ -2500,7 +2453,7 @@ "resolved": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.1.5.tgz", "integrity": "sha1-fuj4Tcb6eS0/0K4ijSS9lJ6tIFw=", "requires": { - "jsesc": "~0.5.0" + "jsesc": "0.5.0" }, "dependencies": { "jsesc": { @@ -2526,7 +2479,7 @@ "resolved": "https://registry.npmjs.org/repeating/-/repeating-1.1.3.tgz", "integrity": "sha1-PUEUIYh3U3SU+X93+Xhfq4EPpKw=", "requires": { - "is-finite": "^1.0.0" + "is-finite": "1.0.2" } }, "request": { @@ -2534,40 +2487,35 @@ "resolved": "https://registry.npmjs.org/request/-/request-2.75.0.tgz", "integrity": "sha1-0rgmiihtoT6qXQGt9dGMyQ9lfZM=", "requires": { - "aws-sign2": "~0.6.0", - "aws4": "^1.2.1", - "bl": "~1.1.2", - "caseless": "~0.11.0", - "combined-stream": "~1.0.5", - "extend": "~3.0.0", - "forever-agent": "~0.6.1", - "form-data": "~2.0.0", - "har-validator": "~2.0.6", - "hawk": "~3.1.3", - "http-signature": "~1.1.0", - "is-typedarray": "~1.0.0", - "isstream": "~0.1.2", - "json-stringify-safe": "~5.0.1", - "mime-types": "~2.1.7", - "node-uuid": "~1.4.7", - "oauth-sign": "~0.8.1", - "qs": "~6.2.0", - "stringstream": "~0.0.4", - "tough-cookie": "~2.3.0", - "tunnel-agent": "~0.4.1" - } - }, - "requires-port": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz", - "integrity": "sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8=" + "aws-sign2": "0.6.0", + "aws4": "1.5.0", + "bl": "1.1.2", + "caseless": "0.11.0", + "combined-stream": "1.0.5", + "extend": "3.0.0", + "forever-agent": "0.6.1", + "form-data": "2.0.0", + "har-validator": "2.0.6", + "hawk": "3.1.3", + "http-signature": "1.1.1", + "is-typedarray": "1.0.0", + "isstream": "0.1.2", + "json-stringify-safe": "5.0.1", + "mime-types": "2.1.12", + "node-uuid": "1.4.7", + "oauth-sign": "0.8.2", + "qs": "6.2.1", + "stringstream": "0.0.5", + "tough-cookie": "2.3.1", + "tunnel-agent": "0.4.3" + } }, "rimraf": { "version": "2.5.4", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.5.4.tgz", "integrity": "sha1-loAAk8vxoMhr2VtGJUZ1NcKd+gQ=", "requires": { - "glob": "^7.0.5" + "glob": "7.1.1" }, "dependencies": { "glob": { @@ -2575,16 +2523,21 @@ "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.1.tgz", "integrity": "sha1-gFIR3wT6rxxjo2ADBs31reULLsg=", "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.2", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" + "fs.realpath": "1.0.0", + "inflight": "1.0.6", + "inherits": "2.0.3", + "minimatch": "3.0.3", + "once": "1.4.0", + "path-is-absolute": "1.0.1" } } } }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + }, "semver": { "version": "4.3.6", "resolved": "https://registry.npmjs.org/semver/-/semver-4.3.6.tgz", @@ -2600,7 +2553,7 @@ "resolved": "https://registry.npmjs.org/semver-truncate/-/semver-truncate-1.1.2.tgz", "integrity": "sha1-V/Qd5pcHpicJp+AQS6IRcQnqR+g=", "requires": { - "semver": "^5.3.0" + "semver": "5.3.0" }, "dependencies": { "semver": { @@ -2636,7 +2589,7 @@ "resolved": "https://registry.npmjs.org/slugid/-/slugid-1.1.0.tgz", "integrity": "sha1-4J8AiZwJ9acFjtw23UnwRv1QqCo=", "requires": { - "uuid": "^2.0.1" + "uuid": "2.0.3" } }, "sntp": { @@ -2644,21 +2597,7 @@ "resolved": "https://registry.npmjs.org/sntp/-/sntp-1.0.9.tgz", "integrity": "sha1-ZUEYTMkK7qbG57NeJlkIJEPGYZg=", "requires": { - "hoek": "2.x.x" - } - }, - "sockjs-client": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/sockjs-client/-/sockjs-client-1.1.1.tgz", - "integrity": "sha1-KEhD6al4TXxHSxVxsyQPyp3aS7A=", - "optional": true, - "requires": { - "debug": "^2.2.0", - "eventsource": "~0.1.6", - "faye-websocket": "~0.11.0", - "inherits": "^2.0.1", - "json3": "^3.3.2", - "url-parse": "^1.1.1" + "hoek": "2.16.3" } }, "source-map": { @@ -2671,7 +2610,7 @@ "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.4.3.tgz", "integrity": "sha1-aTyDg9Q4mkVpSGmHwhl0TfxgFoU=", "requires": { - "source-map": "^0.5.3" + "source-map": "0.5.6" } }, "spdx-correct": { @@ -2679,7 +2618,7 @@ "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", "integrity": "sha1-SzBz2TP/UfORLwOsVRlJikFQ20A=", "requires": { - "spdx-license-ids": "^1.0.2" + "spdx-license-ids": "1.2.2" } }, "spdx-expression-parse": { @@ -2702,15 +2641,15 @@ "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.10.1.tgz", "integrity": "sha1-MOGl0ykkSXShr2FREznVla9mOLA=", "requires": { - "asn1": "~0.2.3", - "assert-plus": "^1.0.0", - "bcrypt-pbkdf": "^1.0.0", - "dashdash": "^1.12.0", - "ecc-jsbn": "~0.1.1", - "getpass": "^0.1.1", - "jodid25519": "^1.0.0", - "jsbn": "~0.1.0", - "tweetnacl": "~0.14.0" + "asn1": "0.2.3", + "assert-plus": "1.0.0", + "bcrypt-pbkdf": "1.0.0", + "dashdash": "1.14.0", + "ecc-jsbn": "0.1.1", + "getpass": "0.1.6", + "jodid25519": "1.0.2", + "jsbn": "0.1.0", + "tweetnacl": "0.14.3" }, "dependencies": { "assert-plus": { @@ -2735,7 +2674,7 @@ "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=", "requires": { - "ansi-regex": "^2.0.0" + "ansi-regex": "2.0.0" } }, "strip-bom": { @@ -2743,7 +2682,7 @@ "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", "integrity": "sha1-YhmoVhZSBJHzV4i9vxRHqZx+aw4=", "requires": { - "is-utf8": "^0.2.0" + "is-utf8": "0.2.1" } }, "strip-indent": { @@ -2751,193 +2690,194 @@ "resolved": "https://registry.npmjs.org/strip-indent/-/strip-indent-1.0.1.tgz", "integrity": "sha1-DHlipq3vp7vUrDZkYKY4VSrhoKI=", "requires": { - "get-stdin": "^4.0.1" + "get-stdin": "4.0.1" } }, "superagent": { - "version": "1.7.2", - "resolved": "https://registry.npmjs.org/superagent/-/superagent-1.7.2.tgz", - "integrity": "sha1-Zfnu1PU2EyDJ2HRBKrd7666ktXI=", - "requires": { - "component-emitter": "~1.2.0", - "cookiejar": "2.0.6", - "debug": "2", - "extend": "3.0.0", - "form-data": "0.2.0", - "formidable": "~1.0.14", - "methods": "~1.1.1", - "mime": "1.3.4", - "qs": "2.3.3", - "readable-stream": "1.0.27-1", - "reduce-component": "1.0.1" + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/superagent/-/superagent-5.1.0.tgz", + "integrity": "sha512-7V6JVx5N+eTL1MMqRBX0v0bG04UjrjAvvZJTF/VDH/SH2GjSLqlrcYepFlpTrXpm37aSY6h3GGVWGxXl/98TKA==", + "requires": { + "component-emitter": "1.3.0", + "cookiejar": "2.1.2", + "debug": "4.1.1", + "fast-safe-stringify": "2.0.7", + "form-data": "2.5.1", + "formidable": "1.2.1", + "methods": "1.1.2", + "mime": "2.4.4", + "qs": "6.9.0", + "readable-stream": "3.4.0", + "semver": "6.3.0" }, "dependencies": { - "async": { - "version": "0.9.2", - "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz", - "integrity": "sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0=" - }, "combined-stream": { - "version": "0.0.7", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-0.0.7.tgz", - "integrity": "sha1-ATfmV7qlp1QcV6w3rF/AfXO03B8=", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", "requires": { - "delayed-stream": "0.0.5" + "delayed-stream": "1.0.0" } }, - "delayed-stream": { - "version": "0.0.5", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-0.0.5.tgz", - "integrity": "sha1-1LH0OpPoKW3+AmlPRoC8N6MTxz8=" - }, - "form-data": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-0.2.0.tgz", - "integrity": "sha1-Jvi8JtpkQOKZy9z7aQNcT3em5GY=", + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", "requires": { - "async": "~0.9.0", - "combined-stream": "~0.0.4", - "mime-types": "~2.0.3" + "ms": "2.1.2" } }, - "isarray": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" - }, - "mime-db": { - "version": "1.12.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.12.0.tgz", - "integrity": "sha1-PQxjGA9FjrENMlqqN9fFiuMS6dc=" - }, - "mime-types": { - "version": "2.0.14", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.0.14.tgz", - "integrity": "sha1-MQ4VnbI+B3+Lsit0jav6SVcUCqY=", + "form-data": { + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", + "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", "requires": { - "mime-db": "~1.12.0" + "asynckit": "0.4.0", + "combined-stream": "1.0.8", + "mime-types": "2.1.12" } }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, "qs": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/qs/-/qs-2.3.3.tgz", - "integrity": "sha1-6eha2+ddoLvkyOBHaghikPhjtAQ=" + "version": "6.9.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.0.tgz", + "integrity": "sha512-27RP4UotQORTpmNQDX8BHPukOnBP3p1uUJY5UnDhaJB+rMt9iMsok724XL+UHU23bEFOHRMQ2ZhI99qOWUMGFA==" }, "readable-stream": { - "version": "1.0.27-1", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.27-1.tgz", - "integrity": "sha1-a2eYPCA1fO/QfwFlABoW1xDZEHg=", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.4.0.tgz", + "integrity": "sha512-jItXPLmrSR8jmTRmRWJXCnGJsfy85mB3Wd/uINMXA65yrnFo0cPClFIUWzo2najVNSl+mx7/4W8ttlLWJe99pQ==", "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "0.0.1", - "string_decoder": "~0.10.x" + "inherits": "2.0.3", + "string_decoder": "1.3.0", + "util-deprecate": "1.0.2" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" + }, + "string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "requires": { + "safe-buffer": "5.2.0" } } } }, - "superagent-hawk": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/superagent-hawk/-/superagent-hawk-0.0.6.tgz", - "integrity": "sha1-DPtw4hVG46PpAtogiijt2WX4Las=", - "requires": { - "hawk": "~1.0.0", - "qs": "^0.6.6" + "supports-color": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=" + }, + "taskcluster-client": { + "version": "22.0.0", + "resolved": "https://registry.npmjs.org/taskcluster-client/-/taskcluster-client-22.0.0.tgz", + "integrity": "sha512-L9Z84WXWVLkCYlcxNl6TAXBqoERyB0iavNgsymQqu9TGMLh3Acl7J55PzthZr/o1F3sVfHwRgDnxM1CidaYbEQ==", + "requires": { + "debug": "4.1.1", + "hawk": "7.0.10", + "lodash": "4.17.15", + "slugid": "2.0.0", + "superagent": "5.1.0", + "taskcluster-lib-urls": "12.0.0" }, "dependencies": { "boom": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/boom/-/boom-0.4.2.tgz", - "integrity": "sha1-emNune1O/O+xnO9JR6PGffrukRs=", + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/boom/-/boom-7.3.0.tgz", + "integrity": "sha512-Swpoyi2t5+GhOEGw8rEsKvTxFLIDiiKoUc2gsoV6Lyr43LHBIzch3k2MvYUs8RTROrIkVJ3Al0TkaOGjnb+B6A==", "requires": { - "hoek": "0.9.x" + "hoek": "6.1.3" } }, "cryptiles": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-0.2.2.tgz", - "integrity": "sha1-7ZH/HxetE9N0gohZT4pIoNJvMlw=", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-4.1.3.tgz", + "integrity": "sha512-gT9nyTMSUC1JnziQpPbxKGBbUg8VL7Zn2NB4E1cJYvuXdElHrwxrV9bmltZGDzet45zSDGyYceueke1TjynGzw==", "requires": { - "boom": "0.4.x" + "boom": "7.3.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "2.1.2" } }, "hawk": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/hawk/-/hawk-1.0.0.tgz", - "integrity": "sha1-uQuxaYByhUEdp//LjdJZhQLTtS0=", + "version": "7.0.10", + "resolved": "https://registry.npmjs.org/hawk/-/hawk-7.0.10.tgz", + "integrity": "sha512-3RWF4SXN9CdZ1VDAe6Pn3Rd0tC3Lw+GV+esX5oKCrXoScZK3Ri6dl5Wt986M/hlzU+GuapTGiB0rBhGeRIBQsw==", "requires": { - "boom": "0.4.x", - "cryptiles": "0.2.x", - "hoek": "0.9.x", - "sntp": "0.2.x" + "b64": "4.1.2", + "boom": "7.3.0", + "cryptiles": "4.1.3", + "hoek": "6.1.3", + "sntp": "3.0.2" } }, "hoek": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/hoek/-/hoek-0.9.1.tgz", - "integrity": "sha1-PTIkYrrfB3Fup+uFuviAec3c5QU=" + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/hoek/-/hoek-6.1.3.tgz", + "integrity": "sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ==" }, - "qs": { - "version": "0.6.6", - "resolved": "https://registry.npmjs.org/qs/-/qs-0.6.6.tgz", - "integrity": "sha1-bgFQmP9RlouKPIGQAdXyyJvEsQc=" + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" }, - "sntp": { - "version": "0.2.4", - "resolved": "https://registry.npmjs.org/sntp/-/sntp-0.2.4.tgz", - "integrity": "sha1-+4hfGLDzqtGJ+CSGJTa87ux1CQA=", + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "slugid": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/slugid/-/slugid-2.0.0.tgz", + "integrity": "sha512-zTCivUfTk2GC6MU4Fjcz0iXwAjhe0NweMJqpfWcGrBbrm2dWtVAUupAonfsc7ysw4M0kZ934Nle5ljwM2dR+/g==", "requires": { - "hoek": "0.9.x" + "uuid": "3.3.3", + "uuid-parse": "1.1.0" } - } - } - }, - "superagent-promise": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/superagent-promise/-/superagent-promise-0.2.0.tgz", - "integrity": "sha1-kcd/TLDJz0G+65F9it1pf20Vyuo=" - }, - "supports-color": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", - "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=" - }, - "taskcluster-client": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/taskcluster-client/-/taskcluster-client-1.4.0.tgz", - "integrity": "sha1-Q4xjfIe0ZK52JxBHs7wgFmFjJkg=", - "requires": { - "amqplib": "^0.4.1", - "debug": "^2.1.3", - "hawk": "^2.3.1", - "lodash": "^3.6.0", - "promise": "^6.1.0", - "slugid": "^1.1.0", - "sockjs-client": "^1.0.3", - "superagent": "~1.7.0", - "superagent-hawk": "^0.0.6", - "superagent-promise": "^0.2.0", - "url-join": "^0.0.1" - }, - "dependencies": { - "hawk": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/hawk/-/hawk-2.3.1.tgz", - "integrity": "sha1-HnMc45RH+h0PbXB/e87r7A/R7B8=", + }, + "sntp": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/sntp/-/sntp-3.0.2.tgz", + "integrity": "sha512-MCAPpBPFjNp1fwDVCLSRuWuH9gONtb2R+lS1esC6Mp8lP6jy60FVUtP/Qr0jBvcWAVbhzx06y1b6ptXiy32dug==", "requires": { - "boom": "2.x.x", - "cryptiles": "2.x.x", - "hoek": "2.x.x", - "sntp": "1.x.x" + "boom": "7.3.0", + "bounce": "1.2.3", + "hoek": "6.1.3", + "teamwork": "3.2.0" } }, - "lodash": { - "version": "3.10.1", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz", - "integrity": "sha1-W/Rejkm6QYnhfUgnid/RW9FAt7Y=" + "uuid": { + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz", + "integrity": "sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ==" } } }, + "taskcluster-lib-urls": { + "version": "12.0.0", + "resolved": "https://registry.npmjs.org/taskcluster-lib-urls/-/taskcluster-lib-urls-12.0.0.tgz", + "integrity": "sha512-OrEFE0m3p/+mGsmIwjttLhSKg3io6MpJLhYtPNjVSZA9Ix8Y5tprN3vM6a3MjWt5asPF6AKZsfT43cgpGwJB0g==" + }, + "teamwork": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/teamwork/-/teamwork-3.2.0.tgz", + "integrity": "sha512-xAmJ8PIVjRZMXAHgUuOP8ITsv0SedyWAit2UWiNImXgg/F+BxrsG46ZegElNBM0Dwp+iMfbigg/Ll/M2oDRYww==" + }, "to-fast-properties": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-1.0.2.tgz", @@ -2964,21 +2904,6 @@ "integrity": "sha1-PaOC9nDyXe1417PReSEZvKC3Ey0=", "optional": true }, - "url-join": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/url-join/-/url-join-0.0.1.tgz", - "integrity": "sha1-HbSK1CLTQCRpqH99l73r/k+x48g=" - }, - "url-parse": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.1.6.tgz", - "integrity": "sha1-q4/1rqE4gHGWElXiI2FHxSyl/Eg=", - "optional": true, - "requires": { - "querystringify": "0.0.x", - "requires-port": "1.0.x" - } - }, "user-home": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/user-home/-/user-home-1.1.1.tgz", @@ -2994,12 +2919,17 @@ "resolved": "https://registry.npmjs.org/uuid/-/uuid-2.0.3.tgz", "integrity": "sha1-Z+LoY3lyFVMN/zGOW/nc6/1Hsho=" }, + "uuid-parse": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/uuid-parse/-/uuid-parse-1.1.0.tgz", + "integrity": "sha512-OdmXxA8rDsQ7YpNVbKSJkNzTw2I+S5WsbMDnCtIWSQaosNAcWtFuI/YK1TjzUI6nbkgiqEyh8gWngfcv8Asd9A==" + }, "v8flags": { "version": "2.0.11", "resolved": "https://registry.npmjs.org/v8flags/-/v8flags-2.0.11.tgz", "integrity": "sha1-vKjzDw1tYGEswsAGQeaWLUKuaIE=", "requires": { - "user-home": "^1.1.1" + "user-home": "1.1.1" } }, "validate-npm-package-license": { @@ -3007,8 +2937,8 @@ "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", "integrity": "sha1-KAS6vnEq0zeUWaz74kdGqywwP7w=", "requires": { - "spdx-correct": "~1.0.0", - "spdx-expression-parse": "~1.0.0" + "spdx-correct": "1.0.2", + "spdx-expression-parse": "1.0.4" } }, "verror": { @@ -3019,26 +2949,6 @@ "extsprintf": "1.0.2" } }, - "websocket-driver": { - "version": "0.6.5", - "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.6.5.tgz", - "integrity": "sha1-XLJVbOuF9Dc8bYI4qmkchFThOjY=", - "optional": true, - "requires": { - "websocket-extensions": ">=0.1.1" - } - }, - "websocket-extensions": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.1.tgz", - "integrity": "sha1-domUmcGEtu91Q3fC27DNbLVdKec=", - "optional": true - }, - "when": { - "version": "3.6.4", - "resolved": "https://registry.npmjs.org/when/-/when-3.6.4.tgz", - "integrity": "sha1-RztRfsFZ4rhQBUl6E5g/CVQS404=" - }, "wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", diff --git a/security/nss/automation/taskcluster/graph/package.json b/security/nss/automation/taskcluster/graph/package.json index d866adebc965e..7bf52b9a5b5ef 100644 --- a/security/nss/automation/taskcluster/graph/package.json +++ b/security/nss/automation/taskcluster/graph/package.json @@ -19,6 +19,6 @@ "merge": "^1.2.0", "minimist": "^1.2.0", "slugid": "^1.1.0", - "taskcluster-client": "^1.2.1" + "taskcluster-client": "^22.0.0" } } diff --git a/security/nss/automation/taskcluster/graph/src/extend.js b/security/nss/automation/taskcluster/graph/src/extend.js index 5b22ef80532a1..2a1a138353acb 100644 --- a/security/nss/automation/taskcluster/graph/src/extend.js +++ b/security/nss/automation/taskcluster/graph/src/extend.js @@ -354,8 +354,7 @@ async function scheduleMac(name, base, args = "") { base.collection != "asan" && base.collection != "fips" && base.collection != "fuzz")) { - let nspr_gyp = gyp_cmd + "--nspr-only --nspr-test-build "; - // TODO (bug 1385039): nspr_gyp += "--nspr-test-run "; + let nspr_gyp = gyp_cmd + "--nspr-only --nspr-test-build --nspr-test-run "; let nspr_build = merge(build_base_without_command_symbol, { command: [ MAC_CHECKOUT_CMD, @@ -424,8 +423,7 @@ async function scheduleLinux(name, overrides, args = "") { overrides.collection != "asan" && overrides.collection != "fips" && overrides.collection != "fuzz")) { - let nspr_gyp = checkout_and_gyp + "--nspr-only --nspr-test-build "; - // TODO (bug 1385039): nspr_gyp += "--nspr-test-run "; + let nspr_gyp = checkout_and_gyp + "--nspr-only --nspr-test-build --nspr-test-run "; let nspr_base = merge({ command: [ @@ -829,7 +827,7 @@ async function scheduleFuzzing32() { async function scheduleWindows(name, base, build_script) { base = merge(base, { - workerType: "nss-win2012r2", + workerType: "win2012r2", env: { PATH: "c:\\mozilla-build\\bin;c:\\mozilla-build\\python;" + "c:\\mozilla-build\\msys\\local\\bin;c:\\mozilla-build\\7zip;" + @@ -839,7 +837,9 @@ async function scheduleWindows(name, base, build_script) { "c:\\mozilla-build\\moztools-x64\\bin;c:\\mozilla-build\\wget", DOMSUF: "localdomain", HOST: "localhost", - } + }, + features: ["taskclusterProxy"], + scopes: ["project:releng:services/tooltool/api/download/internal"], }); let artifacts_and_kind = { @@ -868,8 +868,7 @@ async function scheduleWindows(name, base, build_script) { base.collection != "fips" && base.collection != "fuzz")) { let nspr_gyp = - `bash -c 'nss/automation/taskcluster/windows/${build_script} --nspr-only --nspr-test-build'`; - // TODO (bug 1385039): add --nspr-test-run + `bash -c 'nss/automation/taskcluster/windows/${build_script} --nspr-only --nspr-test-build --nspr-test-run'`; let nspr_build = merge(build_without_command_symbol, { command: [ WINDOWS_CHECKOUT_CMD, diff --git a/security/nss/automation/taskcluster/graph/src/image_builder.js b/security/nss/automation/taskcluster/graph/src/image_builder.js index d9d7755dcdfd5..b69b31602726e 100644 --- a/security/nss/automation/taskcluster/graph/src/image_builder.js +++ b/security/nss/automation/taskcluster/graph/src/image_builder.js @@ -7,13 +7,13 @@ import context_hash from "./context_hash"; import taskcluster from "taskcluster-client"; async function taskHasImageArtifact(taskId) { - let queue = new taskcluster.Queue(); + let queue = new taskcluster.Queue(taskcluster.fromEnvVars()); let {artifacts} = await queue.listLatestArtifacts(taskId); return artifacts.some(artifact => artifact.name == "public/image.tar"); } async function findTaskWithImageArtifact(ns) { - let index = new taskcluster.Index(); + let index = new taskcluster.Index(taskcluster.fromEnvVars()); let {taskId} = await index.findTask(ns); let has_image = await taskHasImageArtifact(taskId); return has_image ? taskId : null; diff --git a/security/nss/automation/taskcluster/graph/src/queue.js b/security/nss/automation/taskcluster/graph/src/queue.js index 874947af5b858..fd5be2050e0a8 100644 --- a/security/nss/automation/taskcluster/graph/src/queue.js +++ b/security/nss/automation/taskcluster/graph/src/queue.js @@ -17,7 +17,7 @@ let image_tasks = new Map(); let parameters = {}; let queue = new taskcluster.Queue({ - baseUrl: "http://taskcluster/queue/v1" + rootUrl: process.env.TASKCLUSTER_PROXY_URL, }); function fromNow(hours) { @@ -156,8 +156,8 @@ function convertTask(def) { }, parameters); return { - provisionerId: def.provisioner || "aws-provisioner-v1", - workerType: def.workerType || "hg-worker", + provisionerId: def.provisioner || `nss-${process.env.MOZ_SCM_LEVEL}`, + workerType: def.workerType || "linux", schedulerId: process.env.TC_SCHEDULER_ID, taskGroupId: process.env.TASK_ID, diff --git a/security/nss/automation/taskcluster/scripts/tools.sh b/security/nss/automation/taskcluster/scripts/tools.sh index 63a6ee8de3d1c..81563f5066d93 100644 --- a/security/nss/automation/taskcluster/scripts/tools.sh +++ b/security/nss/automation/taskcluster/scripts/tools.sh @@ -30,7 +30,11 @@ hg_clone() { } fetch_dist() { - url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + if [ "$TASKCLUSTER_ROOT_URL" = "https://taskcluster.net" ] || [ -z "$TASKCLUSTER_ROOT_URL" ]; then + url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + else + url=$TASKCLUSTER_ROOT_URL/api/queue/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 + fi if [ ! -d "dist" ]; then for i in 0 2 5; do sleep $i diff --git a/security/nss/automation/taskcluster/windows/gen_certs.sh b/security/nss/automation/taskcluster/windows/gen_certs.sh index ead16bbc384e9..594112b98f4ff 100644 --- a/security/nss/automation/taskcluster/windows/gen_certs.sh +++ b/security/nss/automation/taskcluster/windows/gen_certs.sh @@ -6,7 +6,13 @@ set -v -e -x source $(dirname $0)/setup.sh # Fetch artifact. -wget -t 3 --retry-connrefused -w 5 --random-wait https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z -O dist.7z +if [ "$TASKCLUSTER_ROOT_URL" = "https://taskcluster.net" ] || [ -z "$TASKCLUSTER_ROOT_URL" ]; then + url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z +else + url=$TASKCLUSTER_ROOT_URL/api/queue/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z +fi + +wget -t 3 --retry-connrefused -w 5 --random-wait $url -O dist.7z 7z x dist.7z # Generate certificates. diff --git a/security/nss/automation/taskcluster/windows/run_tests.sh b/security/nss/automation/taskcluster/windows/run_tests.sh index f64a78e306d28..2392559d98729 100644 --- a/security/nss/automation/taskcluster/windows/run_tests.sh +++ b/security/nss/automation/taskcluster/windows/run_tests.sh @@ -6,7 +6,13 @@ set -v -e -x source $(dirname $0)/setup.sh # Fetch artifact. -wget -t 3 --retry-connrefused -w 5 --random-wait https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z -O dist.7z +if [ "$TASKCLUSTER_ROOT_URL" = "https://taskcluster.net" ] || [ -z "$TASKCLUSTER_ROOT_URL" ]; then + url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z +else + url=$TASKCLUSTER_ROOT_URL/api/queue/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z +fi + +wget -t 3 --retry-connrefused -w 5 --random-wait $url -O dist.7z 7z x dist.7z # Run tests. diff --git a/security/nss/automation/taskcluster/windows/setup.sh b/security/nss/automation/taskcluster/windows/setup.sh index 93c0cdbd5a72b..d5bed3b81740b 100644 --- a/security/nss/automation/taskcluster/windows/setup.sh +++ b/security/nss/automation/taskcluster/windows/setup.sh @@ -17,9 +17,9 @@ hg_clone() { hg_clone https://hg.mozilla.org/build/tools tools b8d7c263dfc3 tools/scripts/tooltool/tooltool_wrapper.sh \ - $(dirname $0)/releng.manifest https://tooltool.mozilla-releng.net/ \ + $(dirname $0)/releng.manifest http://taskcluster/tooltool.mozilla-releng.net/ \ non-existant-file.sh /c/mozilla-build/python/python.exe \ - /c/builds/tooltool.py --authentication-file /c/builds/relengapi.tok \ + /c/builds/tooltool.py \ -c /c/builds/tooltool_cache # This needs $m to be set. diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 590d1bfaeee3f..5182f75552c81 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,4 +10,3 @@ */ #error "Do not include this header file." - diff --git a/security/nss/cpputil/nss_scoped_ptrs.h b/security/nss/cpputil/nss_scoped_ptrs.h index 3ee7c9e1ec601..501f9dfe878a6 100644 --- a/security/nss/cpputil/nss_scoped_ptrs.h +++ b/security/nss/cpputil/nss_scoped_ptrs.h @@ -30,6 +30,7 @@ struct ScopedDelete { void operator()(PK11Context* context) { PK11_DestroyContext(context, true); } void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); } void operator()(PK11SlotInfo* slot) { PK11_FreeSlot(slot); } + void operator()(PK11SlotList* slots) { PK11_FreeSlotList(slots); } void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); } void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); } void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); } @@ -72,6 +73,7 @@ SCOPED(CERTSubjectPublicKeyInfo); SCOPED(PK11Context); SCOPED(PK11GenericObject); SCOPED(PK11SlotInfo); +SCOPED(PK11SlotList); SCOPED(PK11SymKey); SCOPED(PK11URI); SCOPED(PLArenaPool); diff --git a/security/nss/gtests/manifest.mn b/security/nss/gtests/manifest.mn index 24d4ce14fbf98..1d97da3ddb747 100644 --- a/security/nss/gtests/manifest.mn +++ b/security/nss/gtests/manifest.mn @@ -29,6 +29,7 @@ NSS_SRCDIRS = \ ssl_gtest \ $(SYSINIT_GTEST) \ nss_bogo_shim \ + pkcs11testmodule \ $(NULL) endif endif diff --git a/security/nss/gtests/pk11_gtest/manifest.mn b/security/nss/gtests/pk11_gtest/manifest.mn index 09e12047a3bcd..1c0ae6921b580 100644 --- a/security/nss/gtests/pk11_gtest/manifest.mn +++ b/security/nss/gtests/pk11_gtest/manifest.mn @@ -22,6 +22,7 @@ CPPSRCS = \ pk11_import_unittest.cc \ pk11_keygen.cc \ pk11_key_unittest.cc \ + pk11_module_unittest.cc \ pk11_pbkdf2_unittest.cc \ pk11_prf_unittest.cc \ pk11_prng_unittest.cc \ @@ -30,6 +31,8 @@ CPPSRCS = \ pk11_seed_cbc_unittest.cc \ $(NULL) +DEFINES += -DDLL_PREFIX=\"$(DLL_PREFIX)\" -DDLL_SUFFIX=\"$(DLL_SUFFIX)\" + INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \ -I$(CORE_DEPTH)/gtests/common \ -I$(CORE_DEPTH)/cpputil diff --git a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp index fb8ea8dd977a6..b521687fb6802 100644 --- a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp +++ b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp @@ -27,6 +27,7 @@ 'pk11_import_unittest.cc', 'pk11_keygen.cc', 'pk11_key_unittest.cc', + 'pk11_module_unittest.cc', 'pk11_pbkdf2_unittest.cc', 'pk11_prf_unittest.cc', 'pk11_prng_unittest.cc', @@ -64,6 +65,12 @@ ], } ], + 'target_defaults': { + 'defines': [ + 'DLL_PREFIX=\"<(dll_prefix)\"', + 'DLL_SUFFIX=\"<(dll_suffix)\"' + ] + }, 'variables': { 'module': 'nss' } diff --git a/security/nss/gtests/pk11_gtest/pk11_module_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_module_unittest.cc new file mode 100644 index 0000000000000..9627c823e9c7b --- /dev/null +++ b/security/nss/gtests/pk11_gtest/pk11_module_unittest.cc @@ -0,0 +1,84 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include "nss.h" +#include "pk11pub.h" +#include "prerror.h" +#include "prsystem.h" +#include "secoid.h" + +#include "nss_scoped_ptrs.h" +#include "gtest/gtest.h" +#include "databuffer.h" + +namespace nss_test { + +class Pkcs11ModuleTest : public ::testing::Test { + public: + Pkcs11ModuleTest() {} + + void SetUp() override { + ASSERT_EQ(SECSuccess, SECMOD_AddNewModule("Pkcs11ModuleTest", DLL_PREFIX + "pkcs11testmodule." DLL_SUFFIX, + 0, 0)) + << PORT_ErrorToName(PORT_GetError()); + } + + void TearDown() override { + int type; + ASSERT_EQ(SECSuccess, SECMOD_DeleteModule("Pkcs11ModuleTest", &type)); + ASSERT_EQ(SECMOD_EXTERNAL, type); + } +}; + +TEST_F(Pkcs11ModuleTest, LoadUnload) { + ScopedSECMODModule module(SECMOD_FindModule("Pkcs11ModuleTest")); + EXPECT_NE(nullptr, module); +} + +TEST_F(Pkcs11ModuleTest, ListSlots) { + ScopedPK11SlotList slots( + PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, nullptr)); + EXPECT_NE(nullptr, slots); + + PK11SlotListElement* element = PK11_GetFirstSafe(slots.get()); + EXPECT_NE(nullptr, element); + + // These tokens are always present. + const std::vector kSlotsWithToken = { + "NSS Internal Cryptographic Services", + "NSS User Private Key and Certificate Services", + "Test PKCS11 Public Certs Slot", "Test PKCS11 Slot 二"}; + std::vector foundSlots; + + do { + std::string name = PK11_GetSlotName(element->slot); + foundSlots.push_back(name); + std::cerr << "loaded slot: " << name << std::endl; + } while ((element = PK11_GetNextSafe(slots.get(), element, PR_FALSE)) != + nullptr); + + std::sort(foundSlots.begin(), foundSlots.end()); + EXPECT_TRUE(std::equal(kSlotsWithToken.begin(), kSlotsWithToken.end(), + foundSlots.begin())); +} + +TEST_F(Pkcs11ModuleTest, PublicCertificatesToken) { + const std::string kRegularToken = "Test PKCS11 Tokeñ 2 Label"; + const std::string kPublicCertificatesToken = "Test PKCS11 Public Certs Token"; + + ScopedPK11SlotInfo slot1(PK11_FindSlotByName(kRegularToken.c_str())); + EXPECT_NE(nullptr, slot1); + EXPECT_FALSE(PK11_IsFriendly(slot1.get())); + + ScopedPK11SlotInfo slot2( + PK11_FindSlotByName(kPublicCertificatesToken.c_str())); + EXPECT_NE(nullptr, slot2); + EXPECT_TRUE(PK11_IsFriendly(slot2.get())); +} + +} // namespace nss_test diff --git a/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc index fc055f4009538..58684fc77e975 100644 --- a/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc +++ b/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc @@ -22,53 +22,102 @@ class Pkcs11Pbkdf2Test : public ::testing::Test { public: void Derive(std::vector& derived, SECOidTag hash_alg) { // Shared between test vectors. - const unsigned int iterations = 4096; + const unsigned int kIterations = 4096; std::string pass("passwordPASSWORDpassword"); std::string salt("saltSALTsaltSALTsaltSALTsaltSALTsalt"); // Derivation must succeed with the right values. - EXPECT_TRUE(DeriveBytes(pass, salt, derived, hash_alg, iterations)); + EXPECT_TRUE(DeriveBytes(pass, salt, derived, hash_alg, kIterations)); // Derivation must fail when the password is bogus. - std::string bogusPass("PasswordPASSWORDpassword"); - EXPECT_FALSE(DeriveBytes(bogusPass, salt, derived, hash_alg, iterations)); + std::string bogus_pass("PasswordPASSWORDpassword"); + EXPECT_FALSE(DeriveBytes(bogus_pass, salt, derived, hash_alg, kIterations)); // Derivation must fail when the salt is bogus. - std::string bogusSalt("SaltSALTsaltSALTsaltSALTsaltSALTsalt"); - EXPECT_FALSE(DeriveBytes(pass, bogusSalt, derived, hash_alg, iterations)); + std::string bogus_salt("SaltSALTsaltSALTsaltSALTsaltSALTsalt"); + EXPECT_FALSE(DeriveBytes(pass, bogus_salt, derived, hash_alg, kIterations)); // Derivation must fail when using the wrong hash function. SECOidTag next_hash_alg = static_cast(hash_alg + 1); - EXPECT_FALSE(DeriveBytes(pass, salt, derived, next_hash_alg, iterations)); + EXPECT_FALSE(DeriveBytes(pass, salt, derived, next_hash_alg, kIterations)); - // Derivation must fail when using the wrong number of iterations. - EXPECT_FALSE(DeriveBytes(pass, salt, derived, hash_alg, iterations + 1)); + // Derivation must fail when using the wrong number of kIterations. + EXPECT_FALSE(DeriveBytes(pass, salt, derived, hash_alg, kIterations + 1)); + } + + void KeySizes(SECOidTag hash_alg) { + // These tests will only validate the controls around the key sizes. + // The resulting key is tested above, with valid key sizes. + const unsigned int kIterations = 10; + std::string pass("passwordPASSWORDpassword"); + std::string salt("saltSALTsaltSALTsaltSALTsaltSALTsalt"); + + // Derivation must fail when using key sizes bigger than MAX_KEY_LEN. + const int big_key_size = 768; + EXPECT_FALSE(KeySizeParam(pass, salt, big_key_size, hash_alg, kIterations)); + + // Zero is acceptable as key size and will be managed internally. + const int zero_key_size = 0; + EXPECT_TRUE(KeySizeParam(pass, salt, zero_key_size, hash_alg, kIterations)); + + // -1 will be set to 0 internally and this means that the key size will be + // obtained from the template. If the template doesn't have this defined, + // it must fail. + const int minus_key_size = -1; + EXPECT_FALSE( + KeySizeParam(pass, salt, minus_key_size, hash_alg, kIterations)); + + // Lower than -1 is not allowed, as -1 means no keyLen defined. + const int negative_key_size = -10; + EXPECT_FALSE( + KeySizeParam(pass, salt, negative_key_size, hash_alg, kIterations)); } private: bool DeriveBytes(std::string& pass, std::string& salt, std::vector& derived, SECOidTag hash_alg, - unsigned int iterations) { - SECItem passItem = {siBuffer, ToUcharPtr(pass), - static_cast(pass.length())}; - SECItem saltItem = {siBuffer, ToUcharPtr(salt), - static_cast(salt.length())}; + unsigned int kIterations) { + SECItem pass_item = {siBuffer, ToUcharPtr(pass), + static_cast(pass.length())}; + SECItem salt_item = {siBuffer, ToUcharPtr(salt), + static_cast(salt.length())}; // Set up PBKDF2 params. ScopedSECAlgorithmID alg_id( PK11_CreatePBEV2AlgorithmID(SEC_OID_PKCS5_PBKDF2, hash_alg, hash_alg, - derived.size(), iterations, &saltItem)); + derived.size(), kIterations, &salt_item)); // Derive. ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); - ScopedPK11SymKey symKey( - PK11_PBEKeyGen(slot.get(), alg_id.get(), &passItem, false, nullptr)); + ScopedPK11SymKey sym_key( + PK11_PBEKeyGen(slot.get(), alg_id.get(), &pass_item, false, nullptr)); - SECStatus rv = PK11_ExtractKeyValue(symKey.get()); + SECStatus rv = PK11_ExtractKeyValue(sym_key.get()); EXPECT_EQ(rv, SECSuccess); - SECItem* keyData = PK11_GetKeyData(symKey.get()); - return !memcmp(&derived[0], keyData->data, keyData->len); + SECItem* key_data = PK11_GetKeyData(sym_key.get()); + return !memcmp(&derived[0], key_data->data, key_data->len); + } + + bool KeySizeParam(std::string& pass, std::string& salt, const int key_size, + SECOidTag hash_alg, unsigned int kIterations) { + SECItem pass_item = {siBuffer, ToUcharPtr(pass), + static_cast(pass.length())}; + SECItem salt_item = {siBuffer, ToUcharPtr(salt), + static_cast(salt.length())}; + + // Set up PBKDF2 params. + ScopedSECAlgorithmID alg_id( + PK11_CreatePBEV2AlgorithmID(SEC_OID_PKCS5_PBKDF2, hash_alg, hash_alg, + key_size, kIterations, &salt_item)); + + // Try to generate a key with the defined params. + ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); + ScopedPK11SymKey sym_key( + PK11_PBEKeyGen(slot.get(), alg_id.get(), &pass_item, false, nullptr)); + + // Should be nullptr if fail. + return sym_key.get(); } }; @@ -93,4 +142,9 @@ TEST_F(Pkcs11Pbkdf2Test, DeriveKnown2) { Derive(derived, SEC_OID_HMAC_SHA256); } +TEST_F(Pkcs11Pbkdf2Test, KeyLenSizes) { + // The size controls are regardless of the algorithms. + KeySizes(SEC_OID_HMAC_SHA256); +} + } // namespace nss_test diff --git a/security/nss/gtests/pkcs11testmodule/Makefile b/security/nss/gtests/pkcs11testmodule/Makefile new file mode 100644 index 0000000000000..6635aabc3e507 --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include config.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +export:: private_export diff --git a/security/nss/gtests/pkcs11testmodule/config.mk b/security/nss/gtests/pkcs11testmodule/config.mk new file mode 100644 index 0000000000000..a1e2df79dbfe5 --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/config.mk @@ -0,0 +1,16 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# can't do this in manifest.mn because OS_TARGET isn't defined there. +ifeq (,$(filter-out WIN%,$(OS_TARGET))) + +# don't want the 32 in the shared library name +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) + +RES = $(OBJDIR)/$(LIBRARY_NAME).res +RESNAME = $(LIBRARY_NAME).rc + +endif diff --git a/security/nss/gtests/pkcs11testmodule/manifest.mn b/security/nss/gtests/pkcs11testmodule/manifest.mn new file mode 100644 index 0000000000000..3c0e40778b3d5 --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/manifest.mn @@ -0,0 +1,22 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +CORE_DEPTH = ../.. +DEPTH = ../.. +MODULE = nss + +CPPSRCS = \ + pkcs11testmodule.cpp \ + $(NULL) + +INCLUDES += -I$(CORE_DEPTH)/cpputil + +REQUIRES = cpputil + +MAPFILE = $(OBJDIR)/pkcs11testmodule.def + +LIBRARY_NAME = pkcs11testmodule + +EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)cpputil.$(LIB_SUFFIX) \ + $(NULL) diff --git a/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.cpp b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.cpp new file mode 100644 index 0000000000000..dbb574442c34a --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.cpp @@ -0,0 +1,658 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a testing PKCS #11 module that simulates a token being inserted and +// removed from a slot every 50ms. This is achieved mainly in +// Test_C_WaitForSlotEvent. If the application that loaded this module calls +// C_WaitForSlotEvent, this module waits for 50ms and returns, having changed +// its internal state to report that the token has either been inserted or +// removed, as appropriate. +// This module also provides an alternate token that is always present for tests +// that don't want the cyclic behavior described above. + +#include +#include + +#ifdef _WIN32 +# include // for Sleep +#else +# include // for usleep +#endif + +#include "pkcs11t.h" + +#undef CK_DECLARE_FUNCTION + +#ifdef _WIN32 +#define CK_DECLARE_FUNCTION(rtype, func) extern rtype __declspec(dllexport) func +#else +#define CK_DECLARE_FUNCTION(rtype, func) extern rtype func +#endif + +#include "pkcs11.h" + +#if __cplusplus < 201103L +# include +# define static_assert(condition, message) PR_STATIC_ASSERT(condition) +#endif + +CK_RV Test_C_Initialize(CK_VOID_PTR) { return CKR_OK; } + +CK_RV Test_C_Finalize(CK_VOID_PTR) { return CKR_OK; } + +static const CK_VERSION CryptokiVersion = {2, 2}; +static const CK_VERSION TestLibraryVersion = {0, 0}; +static const char TestLibraryDescription[] = "Test PKCS11 Library"; +static const char TestManufacturerID[] = "Test PKCS11 Manufacturer ID"; + +/* The dest buffer is one in the CK_INFO or CK_TOKEN_INFO structs. + * Those buffers are padded with spaces. DestSize corresponds to the declared + * size for those buffers (e.g. 32 for `char foo[32]`). + * The src buffer is a string literal. SrcSize includes the string + * termination character (e.g. 4 for `const char foo[] = "foo"` */ +template +void CopyString(unsigned char (&dest)[DestSize], const char (&src)[SrcSize]) { + static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1"); + memcpy(dest, src, SrcSize - 1); + memset(dest + SrcSize - 1, ' ', DestSize - SrcSize + 1); +} + +CK_RV Test_C_GetInfo(CK_INFO_PTR pInfo) { + if (!pInfo) { + return CKR_ARGUMENTS_BAD; + } + + pInfo->cryptokiVersion = CryptokiVersion; + CopyString(pInfo->manufacturerID, TestManufacturerID); + pInfo->flags = 0; // must be 0 + CopyString(pInfo->libraryDescription, TestLibraryDescription); + pInfo->libraryVersion = TestLibraryVersion; + return CKR_OK; +} + +CK_RV Test_C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR) { return CKR_OK; } + +static int tokenPresent = 0; + +// The token in slot 4 has 2 objects. Both of them are profile object +// and identified by object ID 1 or 2. +static bool readingProfile = false; +static const CK_PROFILE_ID profiles[] = {CKP_PUBLIC_CERTIFICATES_TOKEN, + CKP_BASELINE_PROVIDER}; +static int profileIndex = 0; + +CK_RV Test_C_GetSlotList(CK_BBOOL limitToTokensPresent, + CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) { + if (!pulCount) { + return CKR_ARGUMENTS_BAD; + } + + CK_SLOT_ID slots[4]; + CK_ULONG slotCount = 0; + + // We always return slot 2 and 4. + slots[slotCount++] = 2; + slots[slotCount++] = 4; + + // Slot 1 is a removable slot where a token is present if + // tokenPresent = CK_TRUE. + if (tokenPresent || !limitToTokensPresent) { + slots[slotCount++] = 1; + } + + // Slot 3 is a removable slot which never has a token. + if (!limitToTokensPresent) { + slots[slotCount++] = 3; + } + + if (pSlotList) { + if (*pulCount < slotCount) { + return CKR_BUFFER_TOO_SMALL; + } + memcpy(pSlotList, slots, sizeof(CK_SLOT_ID) * slotCount); + } + + *pulCount = slotCount; + return CKR_OK; +} + +static const char TestSlotDescription[] = "Test PKCS11 Slot"; +static const char TestSlot2Description[] = "Test PKCS11 Slot 二"; +static const char TestSlot3Description[] = "Empty PKCS11 Slot"; +static const char TestSlot4Description[] = "Test PKCS11 Public Certs Slot"; + +CK_RV Test_C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) { + if (!pInfo) { + return CKR_ARGUMENTS_BAD; + } + + switch (slotID) { + case 1: + CopyString(pInfo->slotDescription, TestSlotDescription); + pInfo->flags = + (tokenPresent ? CKF_TOKEN_PRESENT : 0) | CKF_REMOVABLE_DEVICE; + break; + case 2: + CopyString(pInfo->slotDescription, TestSlot2Description); + pInfo->flags = CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE; + break; + case 3: + CopyString(pInfo->slotDescription, TestSlot3Description); + pInfo->flags = CKF_REMOVABLE_DEVICE; + break; + case 4: + CopyString(pInfo->slotDescription, TestSlot4Description); + pInfo->flags = CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE; + break; + default: + return CKR_ARGUMENTS_BAD; + } + + CopyString(pInfo->manufacturerID, TestManufacturerID); + pInfo->hardwareVersion = TestLibraryVersion; + pInfo->firmwareVersion = TestLibraryVersion; + return CKR_OK; +} + +// Deliberately include énye to ensure we're handling encoding correctly. +// The PKCS #11 base specification v2.20 specifies that strings be encoded +// as UTF-8. +static const char TestTokenLabel[] = "Test PKCS11 Tokeñ Label"; +static const char TestToken2Label[] = "Test PKCS11 Tokeñ 2 Label"; +static const char TestToken4Label[] = "Test PKCS11 Public Certs Token"; +static const char TestTokenModel[] = "Test Model"; + +CK_RV Test_C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) { + if (!pInfo) { + return CKR_ARGUMENTS_BAD; + } + + switch (slotID) { + case 1: + CopyString(pInfo->label, TestTokenLabel); + break; + case 2: + CopyString(pInfo->label, TestToken2Label); + break; + case 4: + CopyString(pInfo->label, TestToken4Label); + break; + default: + return CKR_ARGUMENTS_BAD; + } + + CopyString(pInfo->manufacturerID, TestManufacturerID); + CopyString(pInfo->model, TestTokenModel); + memset(pInfo->serialNumber, 0, sizeof(pInfo->serialNumber)); + pInfo->flags = CKF_TOKEN_INITIALIZED; + pInfo->ulMaxSessionCount = 1; + pInfo->ulSessionCount = 0; + pInfo->ulMaxRwSessionCount = 1; + pInfo->ulRwSessionCount = 0; + pInfo->ulMaxPinLen = 4; + pInfo->ulMinPinLen = 4; + pInfo->ulTotalPublicMemory = 1024; + pInfo->ulFreePublicMemory = 1024; + pInfo->ulTotalPrivateMemory = 1024; + pInfo->ulFreePrivateMemory = 1024; + pInfo->hardwareVersion = TestLibraryVersion; + pInfo->firmwareVersion = TestLibraryVersion; + memset(pInfo->utcTime, 0, sizeof(pInfo->utcTime)); + return CKR_OK; +} + +CK_RV Test_C_GetMechanismList(CK_SLOT_ID, CK_MECHANISM_TYPE_PTR, + CK_ULONG_PTR pulCount) { + if (!pulCount) { + return CKR_ARGUMENTS_BAD; + } + + *pulCount = 0; + return CKR_OK; +} + +CK_RV Test_C_GetMechanismInfo(CK_SLOT_ID, CK_MECHANISM_TYPE, + CK_MECHANISM_INFO_PTR) { + return CKR_OK; +} + +CK_RV Test_C_InitToken(CK_SLOT_ID, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR) { + return CKR_OK; +} + +CK_RV Test_C_InitPIN(CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SetPIN(CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG, + CK_UTF8CHAR_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS, CK_VOID_PTR, CK_NOTIFY, + CK_SESSION_HANDLE_PTR phSession) { + switch (slotID) { + case 1: + *phSession = 1; + break; + case 2: + *phSession = 2; + break; + case 4: + *phSession = 4; + break; + default: + return CKR_ARGUMENTS_BAD; + } + + return CKR_OK; +} + +CK_RV Test_C_CloseSession(CK_SESSION_HANDLE) { return CKR_OK; } + +CK_RV Test_C_CloseAllSessions(CK_SLOT_ID) { return CKR_OK; } + +CK_RV Test_C_GetSessionInfo(CK_SESSION_HANDLE hSession, + CK_SESSION_INFO_PTR pInfo) { + if (!pInfo) { + return CKR_ARGUMENTS_BAD; + } + + switch (hSession) { + case 1: + pInfo->slotID = 1; + break; + case 2: + pInfo->slotID = 2; + break; + case 4: + pInfo->slotID = 4; + break; + default: + return CKR_ARGUMENTS_BAD; + } + + pInfo->state = CKS_RO_PUBLIC_SESSION; + pInfo->flags = CKF_SERIAL_SESSION; + return CKR_OK; +} + +CK_RV Test_C_GetOperationState(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SetOperationState(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_OBJECT_HANDLE, CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Login(CK_SESSION_HANDLE, CK_USER_TYPE, CK_UTF8CHAR_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Logout(CK_SESSION_HANDLE) { return CKR_FUNCTION_NOT_SUPPORTED; } + +CK_RV Test_C_CreateObject(CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG, + CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_CopyObject(CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, + CK_ULONG, CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DestroyObject(CK_SESSION_HANDLE, CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GetObjectSize(CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GetAttributeValue(CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { + if (hSession == 4) { + assert(hObject >= 1 && + hObject - 1 < sizeof(profiles) / sizeof(profiles[0])); + for (CK_ULONG count = 0; count < ulCount; count++) { + if (pTemplate[count].type == CKA_PROFILE_ID) { + if (pTemplate[count].pValue) { + assert(pTemplate[count].ulValueLen == sizeof(CK_ULONG)); + CK_ULONG value = profiles[hObject - 1]; + memcpy(pTemplate[count].pValue, &value, sizeof(value)); + } else { + pTemplate[count].ulValueLen = sizeof(CK_ULONG); + } + } else { + pTemplate[count].ulValueLen = (CK_ULONG)-1; + } + } + return CKR_OK; + } + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SetAttributeValue(CK_SESSION_HANDLE, CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_FindObjectsInit(CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { + // Slot 4 + if (hSession == 4) { + for (CK_ULONG count = 0; count < ulCount; count++) { + CK_ATTRIBUTE attribute = pTemplate[count]; + if (attribute.type == CKA_CLASS) { + assert(attribute.ulValueLen == sizeof(CK_ULONG)); + + CK_ULONG value; + memcpy(&value, attribute.pValue, attribute.ulValueLen); + if (value == CKO_PROFILE) { + readingProfile = true; + profileIndex = 0; + break; + } + } + } + } + return CKR_OK; +} + +CK_RV Test_C_FindObjects(CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE_PTR phObject, + CK_ULONG ulMaxObjectCount, + CK_ULONG_PTR pulObjectCount) { + if (readingProfile) { + assert(hSession == 4); + CK_ULONG count = ulMaxObjectCount; + size_t remaining = sizeof(profiles) / sizeof(profiles[0]) - profileIndex; + if (count > remaining) { + count = remaining; + } + for (CK_ULONG i = 0; i < count; i++) { + phObject[i] = i + 1; + } + profileIndex += count; + *pulObjectCount = count; + } else { + *pulObjectCount = 0; + } + return CKR_OK; +} + +CK_RV Test_C_FindObjectsFinal(CK_SESSION_HANDLE hSession) { + readingProfile = false; + return CKR_OK; +} + +CK_RV Test_C_EncryptInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, + CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Encrypt(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_EncryptUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_EncryptFinal(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DecryptInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, + CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Decrypt(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DecryptUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DecryptFinal(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DigestInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Digest(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DigestUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DigestKey(CK_SESSION_HANDLE, CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DigestFinal(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Sign(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignFinal(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignRecoverInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, + CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignRecover(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_VerifyInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_Verify(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, + CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_VerifyUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_VerifyFinal(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_VerifyRecoverInit(CK_SESSION_HANDLE, CK_MECHANISM_PTR, + CK_OBJECT_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_VerifyRecover(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DigestEncryptUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DecryptDigestUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SignEncryptUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DecryptVerifyUpdate(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, + CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GenerateKey(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, + CK_ULONG, CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GenerateKeyPair(CK_SESSION_HANDLE, CK_MECHANISM_PTR, + CK_ATTRIBUTE_PTR, CK_ULONG, CK_ATTRIBUTE_PTR, + CK_ULONG, CK_OBJECT_HANDLE_PTR, + CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_WrapKey(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, + CK_OBJECT_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_UnwrapKey(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, + CK_BYTE_PTR, CK_ULONG, CK_ATTRIBUTE_PTR, CK_ULONG, + CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_DeriveKey(CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_SeedRandom(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GenerateRandom(CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_GetFunctionStatus(CK_SESSION_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_CancelFunction(CK_SESSION_HANDLE) { + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV Test_C_WaitForSlotEvent(CK_FLAGS, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR) { +#ifdef _WIN32 + Sleep(50); // Sleep takes the duration argument as milliseconds +#else + usleep(50000); // usleep takes the duration argument as microseconds +#endif + *pSlot = 1; + tokenPresent = !tokenPresent; + return CKR_OK; +} + +static CK_FUNCTION_LIST FunctionList = {{2, 2}, + Test_C_Initialize, + Test_C_Finalize, + Test_C_GetInfo, + Test_C_GetFunctionList, + Test_C_GetSlotList, + Test_C_GetSlotInfo, + Test_C_GetTokenInfo, + Test_C_GetMechanismList, + Test_C_GetMechanismInfo, + Test_C_InitToken, + Test_C_InitPIN, + Test_C_SetPIN, + Test_C_OpenSession, + Test_C_CloseSession, + Test_C_CloseAllSessions, + Test_C_GetSessionInfo, + Test_C_GetOperationState, + Test_C_SetOperationState, + Test_C_Login, + Test_C_Logout, + Test_C_CreateObject, + Test_C_CopyObject, + Test_C_DestroyObject, + Test_C_GetObjectSize, + Test_C_GetAttributeValue, + Test_C_SetAttributeValue, + Test_C_FindObjectsInit, + Test_C_FindObjects, + Test_C_FindObjectsFinal, + Test_C_EncryptInit, + Test_C_Encrypt, + Test_C_EncryptUpdate, + Test_C_EncryptFinal, + Test_C_DecryptInit, + Test_C_Decrypt, + Test_C_DecryptUpdate, + Test_C_DecryptFinal, + Test_C_DigestInit, + Test_C_Digest, + Test_C_DigestUpdate, + Test_C_DigestKey, + Test_C_DigestFinal, + Test_C_SignInit, + Test_C_Sign, + Test_C_SignUpdate, + Test_C_SignFinal, + Test_C_SignRecoverInit, + Test_C_SignRecover, + Test_C_VerifyInit, + Test_C_Verify, + Test_C_VerifyUpdate, + Test_C_VerifyFinal, + Test_C_VerifyRecoverInit, + Test_C_VerifyRecover, + Test_C_DigestEncryptUpdate, + Test_C_DecryptDigestUpdate, + Test_C_SignEncryptUpdate, + Test_C_DecryptVerifyUpdate, + Test_C_GenerateKey, + Test_C_GenerateKeyPair, + Test_C_WrapKey, + Test_C_UnwrapKey, + Test_C_DeriveKey, + Test_C_SeedRandom, + Test_C_GenerateRandom, + Test_C_GetFunctionStatus, + Test_C_CancelFunction, + Test_C_WaitForSlotEvent}; + +#ifdef _WIN32 +__declspec(dllexport) +#endif + +CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) { + *ppFunctionList = &FunctionList; + return CKR_OK; +} diff --git a/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.def b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.def new file mode 100644 index 0000000000000..e03b39e5fe74e --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.def @@ -0,0 +1,8 @@ +;+NSS_3.48 { # NSS 3.48 release +;+ global: +LIBRARY pkcs11testmodule ;- +EXPORTS ;- +C_GetFunctionList; +;+ local: +;+ *; +;+}; diff --git a/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.gyp b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.gyp new file mode 100644 index 0000000000000..00e449186f036 --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.gyp @@ -0,0 +1,25 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi', + '../common/gtest.gypi', + ], + 'targets': [ + { + 'target_name': 'pkcs11testmodule', + 'type': 'shared_library', + 'sources': [ + 'pkcs11testmodule.cpp', + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports', + '<(DEPTH)/cpputil/cpputil.gyp:cpputil', + ], + } + ], + 'variables': { + 'module': 'nss' + } +} diff --git a/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.rc b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.rc new file mode 100644 index 0000000000000..5baaa1d8476ab --- /dev/null +++ b/security/nss/gtests/pkcs11testmodule/pkcs11testmodule.rc @@ -0,0 +1,60 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include + +#define MY_LIBNAME "pkcs11testmodule" +#define MY_FILEDESCRIPTION "NSS PKCS #11 Test Module" + +#ifdef _DEBUG +#define MY_DEBUG_STR " (debug)" +#define MY_FILEFLAGS_1 VS_FF_DEBUG +#else +#define MY_DEBUG_STR "" +#define MY_FILEFLAGS_1 0x0L +#endif +#define MY_FILEFLAGS_2 MY_FILEFLAGS_1 + +#ifdef WINNT +#define MY_FILEOS VOS_NT_WINDOWS32 +#else +#define MY_FILEOS VOS__WINDOWS32 +#endif + +#define MY_INTERNAL_NAME MY_LIBNAME +#define MY_VERSION "0" + +///////////////////////////////////////////////////////////////////////////// +// +// Version-information resource +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 0,0,0,0 + PRODUCTVERSION 0,0,0,0 + FILEFLAGSMASK VS_FFI_FILEFLAGSMASK + FILEFLAGS MY_FILEFLAGS_2 + FILEOS MY_FILEOS + FILETYPE VFT_DLL + FILESUBTYPE 0x0L // not used + +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904B0" // Lang=US English, CharSet=Unicode + BEGIN + VALUE "CompanyName", "Mozilla Foundation\0" + VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0" + VALUE "FileVersion", MY_VERSION "\0" + VALUE "InternalName", MY_INTERNAL_NAME "\0" + VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0" + VALUE "ProductName", "Network Security Services\0" + VALUE "ProductVersion", MY_VERSION "\0" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END diff --git a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc index f1ccc286449fe..0fe88ea886d84 100644 --- a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc @@ -682,4 +682,100 @@ TEST_P(TlsConnectTls12, ConnectInconsistentSigAlgDHE) { ConnectExpectAlert(client_, kTlsAlertIllegalParameter); } +static void CheckSkeSigScheme( + std::shared_ptr& capture_ske, + uint16_t expected_scheme) { + TlsParser parser(capture_ske->buffer()); + EXPECT_TRUE(parser.SkipVariable(2)) << " read dh_p"; + EXPECT_TRUE(parser.SkipVariable(2)) << " read dh_q"; + EXPECT_TRUE(parser.SkipVariable(2)) << " read dh_Ys"; + + uint32_t tmp; + EXPECT_TRUE(parser.Read(&tmp, 2)) << " read sig_scheme"; + EXPECT_EQ(expected_scheme, static_cast(tmp)); +} + +TEST_P(TlsConnectTls12, ConnectSigAlgEnabledByPolicyDhe) { + EnableOnlyDheCiphers(); + + const std::vector schemes = {ssl_sig_rsa_pkcs1_sha1, + ssl_sig_rsa_pkcs1_sha384}; + + EnsureTlsSetup(); + client_->SetSignatureSchemes(schemes.data(), schemes.size()); + server_->SetSignatureSchemes(schemes.data(), schemes.size()); + auto capture_ske = MakeTlsFilter( + server_, kTlsHandshakeServerKeyExchange); + + StartConnect(); + client_->Handshake(); // Send ClientHello + + // Enable SHA-1 by policy. + SECStatus rv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_SSL_KX, 0); + ASSERT_EQ(SECSuccess, rv); + rv = NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, + 0); + ASSERT_EQ(SECSuccess, rv); + + Handshake(); // Remainder of handshake + // The server should now report that it is connected + EXPECT_EQ(TlsAgent::STATE_CONNECTED, server_->state()); + + CheckSkeSigScheme(capture_ske, ssl_sig_rsa_pkcs1_sha1); +} + +TEST_P(TlsConnectTls12, ConnectSigAlgDisabledByPolicyDhe) { + EnableOnlyDheCiphers(); + + const std::vector schemes = {ssl_sig_rsa_pkcs1_sha1, + ssl_sig_rsa_pkcs1_sha384}; + + EnsureTlsSetup(); + client_->SetSignatureSchemes(schemes.data(), schemes.size()); + server_->SetSignatureSchemes(schemes.data(), schemes.size()); + auto capture_ske = MakeTlsFilter( + server_, kTlsHandshakeServerKeyExchange); + + StartConnect(); + client_->Handshake(); // Send ClientHello + + // Disable SHA-1 by policy after sending ClientHello so that CH + // includes SHA-1 signature scheme. + SECStatus rv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, 0, NSS_USE_ALG_IN_SSL_KX); + ASSERT_EQ(SECSuccess, rv); + rv = NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, + 0); + ASSERT_EQ(SECSuccess, rv); + + Handshake(); // Remainder of handshake + // The server should now report that it is connected + EXPECT_EQ(TlsAgent::STATE_CONNECTED, server_->state()); + + CheckSkeSigScheme(capture_ske, ssl_sig_rsa_pkcs1_sha384); +} + +TEST_P(TlsConnectPre12, ConnectSigAlgDisabledByPolicyDhePre12) { + EnableOnlyDheCiphers(); + + EnsureTlsSetup(); + StartConnect(); + client_->Handshake(); // Send ClientHello + + // Disable SHA-1 by policy. This will cause the connection fail as + // TLS 1.1 or earlier uses combined SHA-1 + MD5 signature. + SECStatus rv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, 0, NSS_USE_ALG_IN_SSL_KX); + ASSERT_EQ(SECSuccess, rv); + rv = NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, + 0); + ASSERT_EQ(SECSuccess, rv); + + server_->ExpectSendAlert(kTlsAlertHandshakeFailure); + client_->ExpectReceiveAlert(kTlsAlertHandshakeFailure); + + // Remainder of handshake + Handshake(); + + server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM); +} + } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc index f1cf1fabca29c..e62e002f3ba07 100644 --- a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc @@ -666,6 +666,80 @@ TEST_P(TlsConnectTls12, ConnectIncorrectSigAlg) { client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); } +static void CheckSkeSigScheme( + std::shared_ptr &capture_ske, + uint16_t expected_scheme) { + TlsParser parser(capture_ske->buffer()); + uint32_t tmp = 0; + EXPECT_TRUE(parser.Read(&tmp, 1)) << " read curve_type"; + EXPECT_EQ(3U, tmp) << "curve type has to be 3"; + EXPECT_TRUE(parser.Skip(2)) << " read namedcurve"; + EXPECT_TRUE(parser.SkipVariable(1)) << " read public"; + + EXPECT_TRUE(parser.Read(&tmp, 2)) << " read sig_scheme"; + EXPECT_EQ(expected_scheme, static_cast(tmp)); +} + +TEST_P(TlsConnectTls12, ConnectSigAlgEnabledByPolicy) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + const std::vector schemes = {ssl_sig_rsa_pkcs1_sha1, + ssl_sig_rsa_pkcs1_sha384}; + + client_->SetSignatureSchemes(schemes.data(), schemes.size()); + server_->SetSignatureSchemes(schemes.data(), schemes.size()); + auto capture_ske = MakeTlsFilter( + server_, kTlsHandshakeServerKeyExchange); + + StartConnect(); + client_->Handshake(); // Send ClientHello + + // Enable SHA-1 by policy. + SECStatus rv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_SSL_KX, 0); + ASSERT_EQ(SECSuccess, rv); + rv = NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, + 0); + ASSERT_EQ(SECSuccess, rv); + + Handshake(); // Remainder of handshake + // The server should now report that it is connected + EXPECT_EQ(TlsAgent::STATE_CONNECTED, server_->state()); + + CheckSkeSigScheme(capture_ske, ssl_sig_rsa_pkcs1_sha1); +} + +TEST_P(TlsConnectTls12, ConnectSigAlgDisabledByPolicy) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + const std::vector schemes = {ssl_sig_rsa_pkcs1_sha1, + ssl_sig_rsa_pkcs1_sha384}; + + client_->SetSignatureSchemes(schemes.data(), schemes.size()); + server_->SetSignatureSchemes(schemes.data(), schemes.size()); + auto capture_ske = MakeTlsFilter( + server_, kTlsHandshakeServerKeyExchange); + + StartConnect(); + client_->Handshake(); // Send ClientHello + + // Disable SHA-1 by policy. + SECStatus rv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, 0, NSS_USE_ALG_IN_SSL_KX); + ASSERT_EQ(SECSuccess, rv); + rv = NSS_SetAlgorithmPolicy(SEC_OID_APPLY_SSL_POLICY, NSS_USE_POLICY_IN_SSL, + 0); + ASSERT_EQ(SECSuccess, rv); + + Handshake(); // Remainder of handshake + // The server should now report that it is connected + EXPECT_EQ(TlsAgent::STATE_CONNECTED, server_->state()); + + CheckSkeSigScheme(capture_ske, ssl_sig_rsa_pkcs1_sha384); +} + INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV11Plus)); diff --git a/security/nss/gtests/ssl_gtest/tls_connect.h b/security/nss/gtests/ssl_gtest/tls_connect.h index 4321828f0f555..23c60bf4f84ea 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.h +++ b/security/nss/gtests/ssl_gtest/tls_connect.h @@ -164,7 +164,7 @@ class TlsConnectTestBase : public ::testing::Test { // ssl_extension_unittest.cc. const std::vector algorithms_ = {SEC_OID_APPLY_SSL_POLICY, SEC_OID_ANSIX9_DSA_SIGNATURE, - SEC_OID_CURVE25519}; + SEC_OID_CURVE25519, SEC_OID_SHA1}; std::vector> saved_policies_; private: diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index 4eb6e89ec49eb..0796fe5d75f57 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -2890,9 +2890,7 @@ CERT_UnlockCertRefCount(CERTCertificate *cert) { PORT_Assert(certRefCountLock != NULL); PRStatus prstat = PZ_Unlock(certRefCountLock); - if (prstat != PR_SUCCESS) { - PORT_Assert(prstat == PR_SUCCESS); - } + PORT_AssertArg(prstat == PR_SUCCESS); } static PZLock *certTrustLock = NULL; @@ -2997,9 +2995,7 @@ CERT_UnlockCertTrust(const CERTCertificate *cert) { PORT_Assert(certTrustLock != NULL); PRStatus prstat = PZ_Unlock(certTrustLock); - if (prstat != PR_SUCCESS) { - PORT_Assert(prstat == PR_SUCCESS); - } + PORT_AssertArg(prstat == PR_SUCCESS); } /* @@ -3010,9 +3006,7 @@ CERT_UnlockCertTempPerm(const CERTCertificate *cert) { PORT_Assert(certTempPermLock != NULL); PRStatus prstat = PZ_Unlock(certTempPermLock); - if (prstat != PR_SUCCESS) { - PORT_Assert(prstat == PR_SUCCESS); - } + PORT_AssertArg(prstat == PR_SUCCESS); } /* diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index 5943fb3778945..98a7c5d5c313b 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -263,6 +263,7 @@ ifeq ($(CPU_ARCH),arm) MPI_SRCS += mpi_arm.c endif ifeq ($(CPU_ARCH),ppc) + EXTRA_SRCS += gcm-ppc.c ifdef USE_64 DEFINES += -DNSS_NO_INIT_SUPPORT endif # USE_64 @@ -785,3 +786,7 @@ ifeq ($(CPU_ARCH),aarch64) $(OBJDIR)/$(PROG_PREFIX)aes-armv8$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto $(OBJDIR)/$(PROG_PREFIX)gcm-aarch64$(OBJ_SUFFIX): CFLAGS += -march=armv8-a+crypto endif + +ifeq ($(CPU_ARCH),ppc) +$(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec +endif diff --git a/security/nss/lib/freebl/altivec-types.h b/security/nss/lib/freebl/altivec-types.h new file mode 100644 index 0000000000000..807a44db416f0 --- /dev/null +++ b/security/nss/lib/freebl/altivec-types.h @@ -0,0 +1,23 @@ +/* + * altivec-types.h - shorter vector typedefs + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef _ALTIVEC_TYPES_H_ +#define _ALTIVEC_TYPES_H_ 1 + +#include + +typedef __vector unsigned char vec_u8; +typedef __vector signed char vec_s8; +typedef __vector unsigned short vec_u16; +typedef __vector signed short vec_s16; +typedef __vector unsigned int vec_u32; +typedef __vector signed int vec_s32; +typedef __vector unsigned long long vec_u64; +typedef __vector signed long long vec_s64; +typedef __vector float vec_f; + +#endif diff --git a/security/nss/lib/freebl/blapii.h b/security/nss/lib/freebl/blapii.h index 743a1168b9320..006c269777f77 100644 --- a/security/nss/lib/freebl/blapii.h +++ b/security/nss/lib/freebl/blapii.h @@ -86,5 +86,6 @@ PRBool arm_aes_support(); PRBool arm_pmull_support(); PRBool arm_sha1_support(); PRBool arm_sha2_support(); +PRBool ppc_crypto_support(); #endif /* _BLAPII_H_ */ diff --git a/security/nss/lib/freebl/blinit.c b/security/nss/lib/freebl/blinit.c index 543206c1280a1..959109b60d1b2 100644 --- a/security/nss/lib/freebl/blinit.c +++ b/security/nss/lib/freebl/blinit.c @@ -29,6 +29,7 @@ static PRBool arm_aes_support_ = PR_FALSE; static PRBool arm_sha1_support_ = PR_FALSE; static PRBool arm_sha2_support_ = PR_FALSE; static PRBool arm_pmull_support_ = PR_FALSE; +static PRBool ppc_crypto_support_ = PR_FALSE; #ifdef NSS_X86_OR_X64 /* @@ -348,6 +349,32 @@ arm_sha2_support() { return arm_sha2_support_; } +PRBool +ppc_crypto_support() +{ + return ppc_crypto_support_; +} + +#if defined(__powerpc__) + +#include + +// Defines from cputable.h in Linux kernel - PPC, letting us build on older kernels +#ifndef PPC_FEATURE2_VEC_CRYPTO +#define PPC_FEATURE2_VEC_CRYPTO 0x02000000 +#endif + +static void +CheckPPCSupport() +{ + char *disable_hw_crypto = PR_GetEnvSecure("NSS_DISABLE_PPC_GHASH"); + + long hwcaps = getauxval(AT_HWCAP2); + + ppc_crypto_support_ = hwcaps & PPC_FEATURE2_VEC_CRYPTO && disable_hw_crypto == NULL; +} + +#endif /* __powerpc__ */ static PRStatus FreeblInit(void) @@ -356,6 +383,8 @@ FreeblInit(void) CheckX86CPUSupport(); #elif (defined(__aarch64__) || defined(__arm__)) CheckARMSupport(); +#elif (defined(__powerpc__)) + CheckPPCSupport(); #endif return PR_SUCCESS; } diff --git a/security/nss/lib/freebl/ctr.c b/security/nss/lib/freebl/ctr.c index 4d26a5b06a2c8..67ee72c0ca453 100644 --- a/security/nss/lib/freebl/ctr.c +++ b/security/nss/lib/freebl/ctr.c @@ -17,6 +17,10 @@ #include "rijndael.h" #endif +#if defined(__ARM_NEON) || defined(__ARM_NEON__) +#include +#endif + SECStatus CTR_InitContext(CTRContext *ctr, void *context, freeblCipherFunc cipher, const unsigned char *param) @@ -114,6 +118,15 @@ ctr_xor(unsigned char *target, const unsigned char *x, const unsigned char *y, unsigned int count) { unsigned int i; +#if defined(__ARM_NEON) || defined(__ARM_NEON__) + while (count >= 16) { + vst1q_u8(target, veorq_u8(vld1q_u8(x), vld1q_u8(y))); + target += 16; + x += 16; + y += 16; + count -= 16; + } +#endif for (i = 0; i < count; i++) { *target++ = *x++ ^ *y++; } diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp index f12508136b8a5..7ea5c375075f5 100644 --- a/security/nss/lib/freebl/freebl.gyp +++ b/security/nss/lib/freebl/freebl.gyp @@ -132,6 +132,24 @@ '-march=armv8-a+crypto' ] }, + { + 'target_name': 'gcm-aes-ppc_c_lib', + 'type': 'static_library', + 'sources': [ + 'gcm-ppc.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ], + 'cflags': [ + '-mcrypto', + '-maltivec' + ], + 'cflags_mozilla': [ + '-mcrypto', + '-maltivec' + ] + }, { 'target_name': 'armv8_c_lib', 'type': 'static_library', @@ -199,6 +217,11 @@ 'gcm-aes-aarch64_c_lib', ], }], + [ 'target_arch=="ppc64le"', { + 'dependencies': [ + 'gcm-aes-ppc_c_lib', + ], + }], [ 'OS=="linux"', { 'defines!': [ 'FREEBL_NO_DEPEND', @@ -245,6 +268,11 @@ 'gcm-aes-aarch64_c_lib', ], }], + [ 'target_arch=="ppc64" or target_arch=="ppc64le"', { + 'dependencies': [ + 'gcm-aes-ppc_c_lib', + ], + }], [ 'OS!="linux"', { 'conditions': [ [ 'moz_fold_libs==0', { diff --git a/security/nss/lib/freebl/gcm-ppc.c b/security/nss/lib/freebl/gcm-ppc.c new file mode 100644 index 0000000000000..9bd4f295695cb --- /dev/null +++ b/security/nss/lib/freebl/gcm-ppc.c @@ -0,0 +1,109 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifdef FREEBL_NO_DEPEND +#include "stubs.h" +#endif +#include "gcm.h" +#include "secerr.h" + +#if defined(USE_PPC_CRYPTO) + +SECStatus +gcm_HashWrite_hw(gcmHashContext *ghash, unsigned char *outbuf) +{ + vec_xst_be((vec_u8)ghash->x, 0, outbuf); + return SECSuccess; +} + +static vec_u64 +vpmsumd(const vec_u64 a, const vec_u64 b) +{ +#if defined(__clang__) + /* Clang uses a different name */ + return __builtin_altivec_crypto_vpmsumd(a, b); +#elif (__GNUC__ >= 10) || (__GNUC__ == 9 && __GNUC_MINOR__ >= 3) || \ + (__GNUC__ == 8 && __GNUC_MINOR__ >= 4) || \ + (__GNUC__ == 7 && __GNUC_MINOR__ >= 5) + /* GCC versions not affected by https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91275 */ + return __builtin_crypto_vpmsumd(a, b); +#else + /* GCC versions where this builtin is buggy */ + vec_u64 vr; + __asm("vpmsumd %0, %1, %2" + : "=v"(vr) + : "v"(a), "v"(b)); + return vr; +#endif +} + +SECStatus +gcm_HashMult_hw(gcmHashContext *ghash, const unsigned char *buf, + unsigned int count) +{ + const vec_u8 leftshift = vec_splat_u8(1); + const vec_u64 onebit = (vec_u64){ 1, 0 }; + const unsigned long long pd = 0xc2LLU << 56; + + vec_u64 ci, v, r0, r1; + vec_u64 hibit; + unsigned i; + + ci = ghash->x; + + for (i = 0; i < count; i++, buf += 16) { + /* clang needs the following cast away from const; maybe a bug in 7.0.0 */ + v = (vec_u64)vec_xl_be(0, (unsigned char *)buf); + ci ^= v; + + /* Do binary mult ghash->X = C * ghash->H (Karatsuba). */ + r0 = vpmsumd((vec_u64){ ci[0], 0 }, (vec_u64){ ghash->h[0], 0 }); + r1 = vpmsumd((vec_u64){ ci[1], 0 }, (vec_u64){ ghash->h[1], 0 }); + v = (vec_u64){ ci[0] ^ ci[1], ghash->h[0] ^ ghash->h[1] }; + v = vpmsumd((vec_u64){ v[0], 0 }, (vec_u64){ v[1], 0 }); + v ^= r0; + v ^= r1; + r0 ^= (vec_u64){ 0, v[0] }; + r1 ^= (vec_u64){ v[1], 0 }; + + /* Shift one (multiply by x) as gcm spec is stupid. */ + hibit = (vec_u64)vec_splat((vec_u8)r0, 15); + hibit = (vec_u64)vec_rl((vec_u8)hibit, leftshift); + hibit &= onebit; + r0 = vec_sll(r0, leftshift); + r1 = vec_sll(r1, leftshift); + r1 |= hibit; + + /* Reduce */ + v = vpmsumd((vec_u64){ r0[0], 0 }, (vec_u64){ pd, 0 }); + r0 ^= (vec_u64){ 0, v[0] }; + r1 ^= (vec_u64){ v[1], 0 }; + v = vpmsumd((vec_u64){ r0[1], 0 }, (vec_u64){ pd, 0 }); + r1 ^= v; + ci = r0 ^ r1; + } + + ghash->x = ci; + + return SECSuccess; +} + +SECStatus +gcm_HashInit_hw(gcmHashContext *ghash) +{ + ghash->x = (vec_u64)vec_splat_u32(0); + ghash->h = (vec_u64){ ghash->h_low, ghash->h_high }; + ghash->ghash_mul = gcm_HashMult_hw; + ghash->hw = PR_TRUE; + return SECSuccess; +} + +SECStatus +gcm_HashZeroX_hw(gcmHashContext *ghash) +{ + ghash->x = (vec_u64)vec_splat_u32(0); + return SECSuccess; +} + +#endif /* defined(USE_PPC_CRYPTO) */ diff --git a/security/nss/lib/freebl/gcm.c b/security/nss/lib/freebl/gcm.c index 6edf0e8f31533..737252eec6c49 100644 --- a/security/nss/lib/freebl/gcm.c +++ b/security/nss/lib/freebl/gcm.c @@ -36,7 +36,7 @@ SECStatus gcm_HashMult_sftw32(gcmHashContext *ghash, const unsigned char *buf, /* Stub definitions for the above *_hw functions, which shouldn't be * used unless NSS_X86_OR_X64 is defined */ -#if !defined(NSS_X86_OR_X64) && !defined(USE_ARM_GCM) +#if !defined(NSS_X86_OR_X64) && !defined(USE_ARM_GCM) && !defined(USE_PPC_CRYPTO) SECStatus gcm_HashWrite_hw(gcmHashContext *ghash, unsigned char *outbuf) { @@ -65,7 +65,7 @@ gcm_HashZeroX_hw(gcmHashContext *ghash) PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } -#endif /* !NSS_X86_OR_X64 && !USE_ARM_GCM */ +#endif /* !NSS_X86_OR_X64 && !USE_ARM_GCM && !USE_PPC_CRYPTO */ uint64_t get64(const unsigned char *bytes) @@ -94,6 +94,8 @@ gcmHash_InitContext(gcmHashContext *ghash, const unsigned char *H, PRBool sw) ghash->h_high = get64(H); #ifdef USE_ARM_GCM if (arm_pmull_support() && !sw) { +#elif defined(USE_PPC_CRYPTO) + if (ppc_crypto_support() && !sw) { #else if (clmul_support() && !sw) { #endif diff --git a/security/nss/lib/freebl/gcm.h b/security/nss/lib/freebl/gcm.h index 49a9ec9faf4b7..571b9ec55e096 100644 --- a/security/nss/lib/freebl/gcm.h +++ b/security/nss/lib/freebl/gcm.h @@ -30,6 +30,28 @@ #include #endif +#ifdef __powerpc64__ +#include "altivec-types.h" + +/* The ghash freebl test tries to use this in C++, and gcc defines conflict. */ +#ifdef __cplusplus +#undef pixel +#undef vector +#undef bool +#endif + +/* + * PPC CRYPTO requires at least gcc 5 or clang. The LE check is purely + * because it's only been tested on LE. If you're interested in BE, + * please send a patch. + */ +#if (defined(__clang__) || (defined(__GNUC__) && __GNUC__ >= 5)) && \ + defined(IS_LITTLE_ENDIAN) +#define USE_PPC_CRYPTO +#endif + +#endif + SEC_BEGIN_PROTOS #ifdef HAVE_INT128_SUPPORT @@ -67,6 +89,8 @@ pre_align struct gcmHashContextStr { __m128i x, h; #elif defined(__aarch64__) uint64x2_t x, h; +#elif defined(USE_PPC_CRYPTO) + vec_u64 x, h; #endif uint64_t x_low, x_high, h_high, h_low; unsigned char buffer[MAX_BLOCK_SIZE]; diff --git a/security/nss/lib/pk11wrap/debug_module.c b/security/nss/lib/pk11wrap/debug_module.c index 59b89c37a55ee..6dddb24b4f499 100644 --- a/security/nss/lib/pk11wrap/debug_module.c +++ b/security/nss/lib/pk11wrap/debug_module.c @@ -134,6 +134,7 @@ get_attr_type_str(CK_ATTRIBUTE_TYPE atype, char *str, int len) CASE(CKA_RESET_ON_INIT); CASE(CKA_HAS_RESET); CASE(CKA_VENDOR_DEFINED); + CASE(CKA_PROFILE_ID); CASE(CKA_NSS_URL); CASE(CKA_NSS_EMAIL); CASE(CKA_NSS_SMIME_INFO); @@ -189,6 +190,7 @@ get_obj_class(CK_OBJECT_CLASS objClass, char *str, int len) CASE(CKO_SECRET_KEY); CASE(CKO_HW_FEATURE); CASE(CKO_DOMAIN_PARAMETERS); + CASE(CKO_PROFILE); CASE(CKO_NSS_CRL); CASE(CKO_NSS_SMIME); CASE(CKO_NSS_TRUST); @@ -202,6 +204,27 @@ get_obj_class(CK_OBJECT_CLASS objClass, char *str, int len) PR_snprintf(str, len, "0x%p", objClass); } +static void +get_profile_val(CK_PROFILE_ID profile, char *str, int len) +{ + + const char *a = NULL; + + switch (profile) { + CASE(CKP_INVALID_ID); + CASE(CKP_BASELINE_PROVIDER); + CASE(CKP_EXTENDED_PROVIDER); + CASE(CKP_AUTHENTICATION_TOKEN); + CASE(CKP_PUBLIC_CERTIFICATES_TOKEN); + default: + break; + } + if (a) + PR_snprintf(str, len, "%s", a); + else + PR_snprintf(str, len, "0x%p", profile); +} + static void get_trust_val(CK_TRUST trust, char *str, int len) { @@ -688,6 +711,14 @@ print_attr_value(CK_ATTRIBUTE_PTR attr) atype, valstr, attr->ulValueLen)); break; } + case CKA_PROFILE_ID: + if (attr->ulValueLen > 0 && attr->pValue) { + CK_PROFILE_ID profile = *((CK_PROFILE_ID *)attr->pValue); + get_profile_val(profile, valstr, sizeof valstr); + PR_LOG(modlog, 4, (fmt_s_s_d, + atype, valstr, attr->ulValueLen)); + break; + } case CKA_ISSUER: case CKA_SUBJECT: if (attr->ulValueLen > 0 && attr->pValue) { diff --git a/security/nss/lib/pk11wrap/pk11obj.c b/security/nss/lib/pk11wrap/pk11obj.c index 16ff15a809caa..bc9e93454e415 100644 --- a/security/nss/lib/pk11wrap/pk11obj.c +++ b/security/nss/lib/pk11wrap/pk11obj.c @@ -1830,15 +1830,24 @@ pk11_FindObjectsByTemplate(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, { CK_OBJECT_HANDLE *objID = NULL; CK_ULONG returned_count = 0; + PRBool owner = PR_TRUE; + CK_SESSION_HANDLE session; + PRBool haslock = PR_FALSE; CK_RV crv = CKR_SESSION_HANDLE_INVALID; - PK11_EnterSlotMonitor(slot); - if (slot->session != CK_INVALID_SESSION) { - crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, + session = pk11_GetNewSession(slot, &owner); + haslock = (!owner || !(slot->isThreadSafe)); + if (haslock) { + PK11_EnterSlotMonitor(slot); + } + if (session != CK_INVALID_SESSION) { + crv = PK11_GETTAB(slot)->C_FindObjectsInit(session, findTemplate, templCount); } if (crv != CKR_OK) { - PK11_ExitSlotMonitor(slot); + if (haslock) + PK11_ExitSlotMonitor(slot); + pk11_CloseSession(slot, session, owner); PORT_SetError(PK11_MapError(crv)); *object_count = -1; return NULL; @@ -1863,7 +1872,7 @@ pk11_FindObjectsByTemplate(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, PORT_Free(oldObjID); break; } - crv = PK11_GETTAB(slot)->C_FindObjects(slot->session, + crv = PK11_GETTAB(slot)->C_FindObjects(session, &objID[*object_count], PK11_SEARCH_CHUNKSIZE, &returned_count); if (crv != CKR_OK) { PORT_SetError(PK11_MapError(crv)); @@ -1874,8 +1883,11 @@ pk11_FindObjectsByTemplate(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, *object_count += returned_count; } while (returned_count == PK11_SEARCH_CHUNKSIZE); - PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session); - PK11_ExitSlotMonitor(slot); + PK11_GETTAB(slot)->C_FindObjectsFinal(session); + if (haslock) { + PK11_ExitSlotMonitor(slot); + } + pk11_CloseSession(slot, session, owner); if (objID && (*object_count == 0)) { PORT_Free(objID); diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c index 4b6645578d4e5..1e2fabd24bd25 100644 --- a/security/nss/lib/pk11wrap/pk11pbe.c +++ b/security/nss/lib/pk11wrap/pk11pbe.c @@ -654,17 +654,17 @@ sec_pkcs5CreateAlgorithmID(SECOidTag algorithm, pbeAlgorithm = SEC_OID_PKCS5_PBKDF2; /* * 'algorithm' is the overall algorithm oid tag used to wrap the - * entire algoithm ID block. For PKCS5v1 and PKCS12, this + * entire algorithm ID block. For PKCS5v1 and PKCS12, this * algorithm OID has encoded in it both the PBE KDF function * and the encryption algorithm. For PKCS 5v2, PBE KDF and * encryption/macing oids are encoded as parameters in * the algorithm ID block. * * Thus in PKCS5 v1 and PKCS12, this algorithm maps to a pkcs #11 - * mechanism, where as in PKCS 5v2, this alogithm tag does not map + * mechanism, where as in PKCS 5v2, this algorithm tag does not map * directly to a PKCS #11 mechanim, instead the 2 oids in the * algorithm ID block map the the actual PKCS #11 mechanism. - * gorithm is). We use choose this algorithm oid based on the + * algorithm is). We use choose this algorithm oid based on the * cipherAlgorithm to determine what this should be (MAC1 or PBES2). */ if (algorithm == SEC_OID_PKCS5_PBKDF2) { diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c index ff66fd8c02294..ad4166017e04a 100644 --- a/security/nss/lib/pk11wrap/pk11skey.c +++ b/security/nss/lib/pk11wrap/pk11skey.c @@ -630,7 +630,7 @@ PK11_GetWindow(PK11SymKey *key) } /* - * extract a symetric key value. NOTE: if the key is sensitive, we will + * extract a symmetric key value. NOTE: if the key is sensitive, we will * not be able to do this operation. This function is used to move * keys from one token to another */ SECStatus @@ -638,6 +638,11 @@ PK11_ExtractKeyValue(PK11SymKey *symKey) { SECStatus rv; + if (symKey == NULL) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + if (symKey->data.data != NULL) { if (symKey->size == 0) { symKey->size = symKey->data.len; diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c index 12aeddc8abba2..072294056fa56 100644 --- a/security/nss/lib/pk11wrap/pk11slot.c +++ b/security/nss/lib/pk11wrap/pk11slot.c @@ -419,6 +419,8 @@ PK11_NewSlotInfo(SECMODModule *mod) slot->hasRootCerts = PR_FALSE; slot->hasRootTrust = PR_FALSE; slot->nssToken = NULL; + slot->profileList = NULL; + slot->profileCount = 0; return slot; } @@ -446,6 +448,9 @@ PK11_DestroySlot(PK11SlotInfo *slot) if (slot->mechanismList) { PORT_Free(slot->mechanismList); } + if (slot->profileList) { + PORT_Free(slot->profileList); + } if (slot->isThreadSafe && slot->sessionLock) { PZ_DestroyLock(slot->sessionLock); } @@ -1170,6 +1175,76 @@ PK11_ReadMechanismList(PK11SlotInfo *slot) return SECSuccess; } +static SECStatus +pk11_ReadProfileList(PK11SlotInfo *slot) +{ + CK_ATTRIBUTE findTemp[2]; + CK_ATTRIBUTE *attrs; + CK_BBOOL cktrue = CK_TRUE; + CK_OBJECT_CLASS oclass = CKO_PROFILE; + int tsize; + int objCount; + CK_OBJECT_HANDLE *handles = NULL; + int i; + + attrs = findTemp; + PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); + attrs++; + PK11_SETATTRS(attrs, CKA_CLASS, &oclass, sizeof(oclass)); + attrs++; + tsize = attrs - findTemp; + PORT_Assert(tsize <= sizeof(findTemp) / sizeof(CK_ATTRIBUTE)); + + if (slot->profileList) { + PORT_Free(slot->profileList); + slot->profileList = NULL; + } + slot->profileCount = 0; + + objCount = 0; + handles = pk11_FindObjectsByTemplate(slot, findTemp, tsize, &objCount); + if (handles == NULL) { + if (objCount < 0) { + return SECFailure; /* error code is set */ + } + PORT_Assert(objCount == 0); + return SECSuccess; + } + + slot->profileList = (CK_PROFILE_ID *) + PORT_Alloc(objCount * sizeof(CK_PROFILE_ID)); + if (slot->profileList == NULL) { + PORT_Free(handles); + return SECFailure; /* error code is set */ + } + + for (i = 0; i < objCount; i++) { + CK_ULONG value; + + value = PK11_ReadULongAttribute(slot, handles[i], CKA_PROFILE_ID); + if (value == CK_UNAVAILABLE_INFORMATION) { + continue; + } + slot->profileList[slot->profileCount++] = value; + } + + PORT_Free(handles); + return SECSuccess; +} + +static PRBool +pk11_HasProfile(PK11SlotInfo *slot, CK_PROFILE_ID id) +{ + int i; + + for (i = 0; i < slot->profileCount; i++) { + if (slot->profileList[i] == id) { + return PR_TRUE; + } + } + return PR_FALSE; +} + /* * initialize a new token * unlike initialize slot, this can be called multiple times in the lifetime @@ -1291,6 +1366,11 @@ PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts) if (status != PR_SUCCESS) return SECFailure; + rv = pk11_ReadProfileList(slot); + if (rv != SECSuccess) { + return SECFailure; + } + if (!(slot->isInternal) && (slot->hasRandom)) { /* if this slot has a random number generater, use it to add entropy * to the internal slot. */ @@ -1695,6 +1775,7 @@ PK11_IsFriendly(PK11SlotInfo *slot) { /* internal slot always has public readable certs */ return (PRBool)(slot->isInternal || + pk11_HasProfile(slot, CKP_PUBLIC_CERTIFICATES_TOKEN) || ((slot->defaultFlags & SECMOD_FRIENDLY_FLAG) == SECMOD_FRIENDLY_FLAG)); } diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h index 260e6387d70fb..4af20100dbe32 100644 --- a/security/nss/lib/pk11wrap/secmodti.h +++ b/security/nss/lib/pk11wrap/secmodti.h @@ -111,6 +111,8 @@ struct PK11SlotInfoStr { CK_TOKEN_INFO tokenInfo; /* fast mechanism lookup */ char mechanismBits[256]; + CK_PROFILE_ID *profileList; + int profileCount; }; /* Symetric Key structure. Reference Counted */ diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index ac6e72fa0b337..04ef64d33ff7c 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -4398,11 +4398,12 @@ nsc_SetupPBEKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe, break; default: crv = CKR_MECHANISM_INVALID; - nsspkcs5_DestroyPBEParameter(params); break; } if (crv == CKR_OK) { *pbe = params; + } else { + nsspkcs5_DestroyPBEParameter(params); } return crv; } @@ -4467,8 +4468,9 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSession, } crv = sftk_AddAttributeType(key, sftk_attr_expand(&pTemplate[i])); - if (crv != CKR_OK) + if (crv != CKR_OK) { break; + } } if (crv != CKR_OK) { goto loser; @@ -4584,6 +4586,9 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSession, } if (crv != CKR_OK) { + if (pbe_param) { + nsspkcs5_DestroyPBEParameter(pbe_param); + } goto loser; } diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 29a34aeb59c09..571368389f4db 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -1454,8 +1454,14 @@ ssl3_ComputeCommonKeyHash(SSLHashType hashAlg, { SECStatus rv; SECOidTag hashOID; + PRUint32 policy; if (hashAlg == ssl_hash_none) { + if ((NSS_GetAlgorithmPolicy(SEC_OID_SHA1, &policy) == SECSuccess) && + !(policy & NSS_USE_ALG_IN_SSL_KX)) { + ssl_MapLowLevelError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM); + return SECFailure; + } rv = PK11_HashBuf(SEC_OID_MD5, hashes->u.s.md5, hashBuf, bufLen); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE); @@ -1469,6 +1475,11 @@ ssl3_ComputeCommonKeyHash(SSLHashType hashAlg, hashes->len = MD5_LENGTH + SHA1_LENGTH; } else { hashOID = ssl3_HashTypeToOID(hashAlg); + if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) && + !(policy & NSS_USE_ALG_IN_SSL_KX)) { + ssl_MapLowLevelError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM); + return SECFailure; + } hashes->len = HASH_ResultLenByOidTag(hashOID); if (hashes->len == 0 || hashes->len > sizeof(hashes->u.raw)) { ssl_MapLowLevelError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM); diff --git a/security/nss/lib/util/pkcs11t.h b/security/nss/lib/util/pkcs11t.h index 6ee6609a93ec2..d57da409a0636 100644 --- a/security/nss/lib/util/pkcs11t.h +++ b/security/nss/lib/util/pkcs11t.h @@ -313,6 +313,7 @@ typedef CK_ULONG CK_OBJECT_CLASS; /* CKO_HW_FEATURE is new for v2.10 */ /* CKO_DOMAIN_PARAMETERS is new for v2.11 */ /* CKO_MECHANISM is new for v2.20 */ +/* CKO_PROFILE is new for v3.00 */ #define CKO_DATA 0x00000000 #define CKO_CERTIFICATE 0x00000001 #define CKO_PUBLIC_KEY 0x00000002 @@ -321,10 +322,23 @@ typedef CK_ULONG CK_OBJECT_CLASS; #define CKO_HW_FEATURE 0x00000005 #define CKO_DOMAIN_PARAMETERS 0x00000006 #define CKO_MECHANISM 0x00000007 +#define CKO_PROFILE 0x00000009 #define CKO_VENDOR_DEFINED 0x80000000 typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; +/* CK_PROFILE_ID is new for v3.00. CK_PROFILE_ID is a value that + * identifies the profile that the token supports. */ +typedef CK_ULONG CK_PROFILE_ID; + +/* Profile ID's */ +#define CKP_INVALID_ID 0x00000000UL +#define CKP_BASELINE_PROVIDER 0x00000001UL +#define CKP_EXTENDED_PROVIDER 0x00000002UL +#define CKP_AUTHENTICATION_TOKEN 0x00000003UL +#define CKP_PUBLIC_CERTIFICATES_TOKEN 0x00000004UL +#define CKP_VENDOR_DEFINED 0x80000000UL + /* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a * value that identifies the hardware feature type of an object * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ @@ -536,6 +550,7 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE; #define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 #define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x00000600) +#define CKA_PROFILE_ID 0x00000601UL #define CKA_VENDOR_DEFINED 0x80000000 diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h index f1665a2f5ebbb..c682f5d11bcce 100644 --- a/security/nss/lib/util/secport.h +++ b/security/nss/lib/util/secport.h @@ -121,6 +121,11 @@ extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str); SEC_END_PROTOS #define PORT_Assert PR_ASSERT +/* This is a variation of PORT_Assert where the arguments will be always + * used either in Debug or not. But, in optimized mode the result will be + * ignored. See more details in Bug 1588015. */ +#define PORT_AssertArg PR_ASSERT_ARG + /* This runs a function that should return SECSuccess. * Intended for NSS internal use only. * The return value is asserted in a debug build, otherwise it is ignored. diff --git a/security/nss/nss.gyp b/security/nss/nss.gyp index 3a92df12d38a0..bf8b4d3665d88 100644 --- a/security/nss/nss.gyp +++ b/security/nss/nss.gyp @@ -213,6 +213,7 @@ 'gtests/freebl_gtest/freebl_gtest.gyp:freebl_gtest', 'gtests/mozpkix_gtest/mozpkix_gtest.gyp:mozpkix_gtest', 'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim', + 'gtests/pkcs11testmodule/pkcs11testmodule.gyp:pkcs11testmodule', 'gtests/pk11_gtest/pk11_gtest.gyp:pk11_gtest', 'gtests/smime_gtest/smime_gtest.gyp:smime_gtest', 'gtests/softoken_gtest/softoken_gtest.gyp:softoken_gtest',