rpms/jss/F-9 jss-javadocs-param.patch, NONE, 1.1 jss-key_pair_usage_with_op_flags.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 jss.spec, 1.4, 1.5 sources, 1.3, 1.4 jss-useragent.patch, 1.1, NONE

Robert Crittenden rcritten at fedoraproject.org
Fri Jun 5 18:26:32 UTC 2009


Author: rcritten

Update of /cvs/extras/rpms/jss/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9811

Modified Files:
	.cvsignore jss.spec sources 
Added Files:
	jss-javadocs-param.patch 
	jss-key_pair_usage_with_op_flags.patch 
Removed Files:
	jss-useragent.patch 
Log Message:
- Update to 4.2.6
- Include patch to add jss interface to PK11_GenerateKeyPairWithOpFlags()
- Add javadocs subpackage
- Update License string to be more specific on versions
- Include patch to fix missing @param so javadocs will build


jss-javadocs-param.patch:

--- NEW FILE jss-javadocs-param.patch ---
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java.orig	2008-01-18 16:39:46.000000000 -0500
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java	2009-06-05 11:08:54.000000000 -0400
@@ -116,7 +116,9 @@
     }
     /**
      * 
-     * @param  
+     * @param key
+     * @param kg
+     * @return
      */
     public javax.crypto.SecretKey genSecretKey(String keyType, String provider){
         javax.crypto.SecretKey key = null;

jss-key_pair_usage_with_op_flags.patch:

--- NEW FILE jss-key_pair_usage_with_op_flags.patch ---
diff -rupN jss-4.2.5/mozilla/security/jss/lib/jss.def jss-4.2.6/mozilla/security/jss/lib/jss.def
--- jss-4.2.5/mozilla/security/jss/lib/jss.def	2007-05-08 18:40:14.000000000 -0700
+++ jss-4.2.6/mozilla/security/jss/lib/jss.def	2009-05-30 01:57:48.000000000 -0700
@@ -316,3 +316,12 @@ Java_org_mozilla_jss_ssl_SSLSocket_isFip
 ;+    local:
 ;+       *;
 ;+};
+;+JSS_4.2.6 {     # JSS 4.2.6 release
+;+    global:
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateECKeyPairWithOpFlags;
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateRSAKeyPairWithOpFlags;
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateDSAKeyPairWithOpFlags;
+;+    local:
+;+       *;
+;+};
+
diff -rupN jss-4.2.5/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGenerator.java jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGenerator.java
--- jss-4.2.5/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGenerator.java	2005-11-14 14:15:06.000000000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGenerator.java	2009-05-22 07:40:14.000000000 -0700
@@ -81,7 +81,6 @@ public class KeyPairGenerator {
 	genKeyPair() throws TokenException {
 		return engine.generateKeyPair();
 	}
-
     /**
      * @return The type of key that this generator generates.
      */
@@ -192,6 +191,15 @@ public class KeyPairGenerator {
         engine.extractablePairs(extractable);
     }
 
+    public void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, 
+                                 KeyPairGeneratorSpi.Usage[] usages_mask) {
+        engine.setKeyPairUsages(usages,usages_mask);
+    }
+   
+
+
+
+
 	protected KeyPairAlgorithm algorithm;
 	protected KeyPairGeneratorSpi engine;
 }
diff -rupN jss-4.2.5/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGeneratorSpi.java jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGeneratorSpi.java
--- jss-4.2.5/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGeneratorSpi.java	2005-11-14 14:15:06.000000000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/KeyPairGeneratorSpi.java	2009-05-30 03:24:31.000000000 -0700
@@ -60,4 +60,38 @@ public abstract class KeyPairGeneratorSp
     public abstract void extractablePairs(boolean extractable);
 
     public abstract boolean keygenOnInternalToken();
+
+    /**
+     * In PKCS #11, each keypair can be marked with the operations it will
+     * be used to perform. Some tokens require that a key be marked for
+     * an operation before the key can be used to perform that operation;
+     * other tokens don't care. NSS provides a way to specify a set of
+     * flags and a corresponding mask for these flags.  If a specific usage
+     * is desired set the value for that usage. If it is not set, let NSS
+     * behave in it's default fashion.  If a behavior is desired, also set
+     * that behavior in the mask as well as the flags.
+     * 
+     */
+    public final static class Usage {
+        private Usage() { }
+        private Usage(int val) { this.val = val;}
+        private int val;
+
+        public int getVal() { return val; }
+
+        // these enums must match the 
+        // and the opFlagForUsage list in PK11KeyPairGenerator.java
+        public static final Usage ENCRYPT = new Usage(0);
+        public static final Usage DECRYPT = new Usage(1);
+        public static final Usage SIGN = new Usage(2);
+        public static final Usage SIGN_RECOVER = new Usage(3);
+        public static final Usage VERIFY = new Usage(4);
+        public static final Usage VERIFY_RECOVER = new Usage(5);
+        public static final Usage WRAP = new Usage(6);
+        public static final Usage UNWRAP = new Usage(7);
+        public static final Usage DERIVE = new Usage(8);
+    }
+
+    public abstract void setKeyPairUsages(KeyPairGeneratorSpi.Usage[] usages, 
+                                          KeyPairGeneratorSpi.Usage[] usages_mask);
 }
diff -rupN jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c
--- jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c	2006-02-22 17:21:42.000000000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c	2009-06-02 10:36:46.819581000 -0700
@@ -120,13 +120,11 @@ finish:
 
 int PK11_NumberObjectsFor(PK11SlotInfo*, CK_ATTRIBUTE*, int);
 
-/*
- * make a common key gen function for both this file and PK11Token.c
- */
 SECStatus
-JSS_PK11_generateKeyPair(JNIEnv *env, CK_MECHANISM_TYPE mechanism, 
+JSS_PK11_generateKeyPairWithOpFlags(JNIEnv *env, CK_MECHANISM_TYPE mechanism, 
     PK11SlotInfo *slot, SECKEYPublicKey **pubk, SECKEYPrivateKey **privk,
-    void *params, PRBool temporary, jint sensitive, jint extractable)
+    void *params, PRBool temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask)
 {
     PK11AttrFlags attrFlags = 0;
     *privk=NULL;
@@ -173,12 +171,16 @@ JSS_PK11_generateKeyPair(JNIEnv *env, CK
     } else {
         attrFlags |= (PK11_ATTR_INSENSITIVE | PK11_ATTR_PUBLIC);
     }
-    *privk = PK11_GenerateKeyPairWithFlags(slot,
+
+    *privk = PK11_GenerateKeyPairWithOpFlags(slot,
                                           mechanism,
                                           params, 
                                           pubk,
                                           attrFlags,
+                                          (CK_FLAGS) op_flags,
+                                          (CK_FLAGS) op_flags_mask/* the ones we don't want*/,
                                           NULL /* default PW callback */ );
+
     if( *privk == NULL ) {
         int errLength;
         char *errBuf;
@@ -217,13 +219,28 @@ finish:
     return SECFailure;
 }
 
+/*
+ * make a common key gen function for both this file and PK11Token.c
+ */
+SECStatus
+JSS_PK11_generateKeyPair(JNIEnv *env, CK_MECHANISM_TYPE mechanism,
+    PK11SlotInfo *slot, SECKEYPublicKey **pubk, SECKEYPrivateKey **privk,
+    void *params, PRBool temporary, jint sensitive, jint extractable)
+{
+
+    return JSS_PK11_generateKeyPairWithOpFlags(env, mechanism, slot, pubk, privk, params, temporary, sensitive, extractable, 0, 0);
+}
+
+
 /**********************************************************************
- * Local generic helper
+ * Local generic helpers
  */
+
 static jobject 
-PK11KeyPairGenerator(JNIEnv *env, jobject this, jobject token, 
+PK11KeyPairGeneratorWithOpFlags(JNIEnv *env, jobject this, jobject token, 
     CK_MECHANISM_TYPE mechanism, void *params, 
-    jboolean temporary, jint sensitive, jint extractable)
+    jboolean temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask)
 {
     PK11SlotInfo* slot;
     SECKEYPrivateKey *privk=NULL;
@@ -242,8 +259,8 @@ PK11KeyPairGenerator(JNIEnv *env, jobjec
     }
     PR_ASSERT(slot != NULL);
 
-    rv = JSS_PK11_generateKeyPair(env, mechanism, slot, &pubk, &privk,
-    	params, temporary, sensitive, extractable);
+    rv = JSS_PK11_generateKeyPairWithOpFlags(env, mechanism, slot, &pubk, &privk,
+    	params, temporary, sensitive, extractable, op_flags, op_flags_mask);
     if (rv != SECSuccess) {
         goto finish;
     }
@@ -267,6 +284,16 @@ finish:
     return keyPair;
 }
 
+static jobject
+PK11KeyPairGenerator(JNIEnv *env, jobject this, jobject token,
+    CK_MECHANISM_TYPE mechanism, void *params,
+    jboolean temporary, jint sensitive, jint extractable)
+{
+    return PK11KeyPairGeneratorWithOpFlags(env, this, token, mechanism, params, temporary, sensitive, extractable, 0, 0);
+}
+
+
+
 /**********************************************************************
  * PK11KeyPairGenerator.generateRSAKeyPair
  */
@@ -289,6 +316,30 @@ Java_org_mozilla_jss_pkcs11_PK11KeyPairG
      &params, temporary, sensitive, extractable);
 }
 
+/**********************************************************************
+ * PK11KeyPairGenerator.generateRSAKeyPairWithOpFlags
+ */
+JNIEXPORT jobject JNICALL
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateRSAKeyPairWithOpFlags
+  (JNIEnv *env, jobject this, jobject token, jint keySize, jlong publicExponent,
+    jboolean temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask)
+{
+    PK11RSAGenParams params;
+
+    PR_ASSERT(env!=NULL && this!=NULL && token!=NULL);
+
+    /**************************************************
+     * setup parameters
+     *************************************************/
+    params.keySizeInBits = keySize;
+    params.pe = publicExponent;
+
+    return PK11KeyPairGeneratorWithOpFlags(env, this, token, CKM_RSA_PKCS_KEY_PAIR_GEN,
+     &params, temporary, sensitive, extractable, op_flags, op_flags_mask);
+}
+
+
 #define ZERO_SECITEM(item) {(item).len=0; (item).data=NULL;}
 
 /**********************************************************************
@@ -339,6 +390,57 @@ finish:
     return keyPair;
 }
 
+/**********************************************************************
+ *
+ * PK11KeyPairGenerator.generateDSAKeyPair
+ *
+ */
+JNIEXPORT jobject JNICALL
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateDSAKeyPairWithOpFlags
+  (JNIEnv *env, jobject this, jobject token, jbyteArray P, jbyteArray Q,
+    jbyteArray G, jboolean temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask)
+{
+    SECItem p, q, g;
+    PQGParams *params=NULL;
+    jobject keyPair=NULL;
+
+    PR_ASSERT(env!=NULL && this!=NULL && token!=NULL && P!=NULL && Q!=NULL
+                && G!=NULL);
+
+    /* zero these so we can free them indiscriminately later */
+    ZERO_SECITEM(p);
+    ZERO_SECITEM(q);
+    ZERO_SECITEM(g);
+
+    /**************************************************
+     * Setup the parameters
+     *************************************************/
+    if( JSS_ByteArrayToOctetString(env, P, &p) ||
+        JSS_ByteArrayToOctetString(env, Q, &q) ||
+        JSS_ByteArrayToOctetString(env, G, &g) )
+    {
+        PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
+        goto finish;
+    }
+    params = PK11_PQG_NewParams(&p, &q, &g);
+    if(params == NULL) {
+        JSS_throw(env, OUT_OF_MEMORY_ERROR);
+        goto finish;
+    }
+    keyPair = PK11KeyPairGeneratorWithOpFlags(env, this, token, CKM_DSA_KEY_PAIR_GEN,
+                        params, temporary, sensitive, extractable,
+                        op_flags, op_flags_mask);
+
+finish:
+    SECITEM_FreeItem(&p, PR_FALSE);
+    SECITEM_FreeItem(&q, PR_FALSE);
+    SECITEM_FreeItem(&g, PR_FALSE);
+    PK11_PQG_DestroyParams(params);
+    return keyPair;
+}
+
+
 void
 DumpItem(SECItem *item)
 {
@@ -361,6 +463,7 @@ Java_org_mozilla_jss_pkcs11_PK11KeyPairG
   (JNIEnv *env, jobject this, jobject token, jbyteArray Curve, 
     jboolean temporary, jint sensitive, jint extractable)
 {
+
     SECItem curve;
     jobject keyPair=NULL;
 
@@ -385,3 +488,39 @@ finish:
     SECITEM_FreeItem(&curve, PR_FALSE);
     return keyPair;
 }
+
+/**********************************************************************
+ *
+ * PK11KeyPairGenerator.generateECKeyPairWithOpFlags
+ *
+ */
+JNIEXPORT jobject JNICALL
+Java_org_mozilla_jss_pkcs11_PK11KeyPairGenerator_generateECKeyPairWithOpFlags
+  (JNIEnv *env, jobject this, jobject token, jbyteArray Curve, 
+    jboolean temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask)
+{
+    SECItem curve;
+    jobject keyPair=NULL;
+
+    PR_ASSERT(env!=NULL && this!=NULL && token!=NULL && Curve!=NULL );
+
+    /* zero these so we can free them indiscriminately later */
+    ZERO_SECITEM(curve);
+
+    /**************************************************
+     * Setup the parameters
+     *************************************************/
+    if( JSS_ByteArrayToOctetString(env, Curve, &curve))
+    {
+        PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
+        goto finish;
+    }
+    keyPair = PK11KeyPairGeneratorWithOpFlags(env, this, token, CKM_EC_KEY_PAIR_GEN,
+     			&curve, temporary, sensitive, extractable,
+                op_flags, op_flags_mask);
+
+finish:
+    SECITEM_FreeItem(&curve, PR_FALSE);
+    return keyPair;
+}
diff -rupN jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.java jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.java
--- jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.java	2006-02-22 17:21:42.000000000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.java	2009-05-30 05:30:25.000000000 -0700
@@ -55,6 +55,39 @@ public final class PK11KeyPairGenerator
     extends org.mozilla.jss.crypto.KeyPairGeneratorSpi
 {
 
+    // opFlag constants: each of these flags specifies a crypto operation
+    // the key will support.  Their values must match the same-named C
+    // preprocessor macros defined in the PKCS #11 header pkcs11t.h.
+    private static final int CKF_ENCRYPT = 0x00000100;
+    private static final int CKF_DECRYPT = 0x00000200;
+    private static final int CKF_SIGN = 0x00000800;
+    private static final int CKF_SIGN_RECOVER = 0x00001000;
+    private static final int CKF_VERIFY = 0x00002000;
+    private static final int CKF_VERIFY_RECOVER = 0x00004000;
+    private static final int CKF_WRAP = 0x00020000;
+    private static final int CKF_UNWRAP = 0x00040000;
+    private static final int CKF_DERIVE = 0x00080000;
+
+    // A table for mapping SymmetricKey.Usage to opFlag.  This must be
+    // synchronized with SymmetricKey.Usage.
+    private static final int opFlagForUsage[] = {
+        CKF_ENCRYPT,        /* 0 */
+        CKF_DECRYPT,        /* 1 */
+        CKF_SIGN,           /* 2 */
+        CKF_SIGN_RECOVER,   /* 3 */
+        CKF_VERIFY,         /* 4 */
+        CKF_VERIFY_RECOVER, /* 5 */
+        CKF_WRAP,           /* 6 */
+        CKF_UNWRAP,         /* 7 */
+        CKF_DERIVE          /* 8 */
+    };
+
+    // The crypto operations the key will support.  It is the logical OR
+    // of the opFlag constants, each specifying a supported operation.
+    private int opFlags = 0;
+    private int opFlagsMask = 0;
+
+
     ///////////////////////////////////////////////////////////////////////
     ///////////////////////////////////////////////////////////////////////
     // Constructors
@@ -189,41 +222,45 @@ public final class PK11KeyPairGenerator
      * Generates a key pair on a token. Uses parameters if they were passed
      * in through a call to <code>initialize</code>, otherwise uses defaults.
      */
+
     public KeyPair generateKeyPair()
         throws TokenException
     {
         if(algorithm == KeyPairAlgorithm.RSA) {
             if(params != null) {
                 RSAParameterSpec rsaparams = (RSAParameterSpec)params;
-                return generateRSAKeyPair(
+                return generateRSAKeyPairWithOpFlags(
                                     token,
                                     rsaparams.getKeySize(),
                                     rsaparams.getPublicExponent().longValue(),
                                     temporaryPairMode,
                                     sensitivePairMode,
-                                    extractablePairMode);
+                                    extractablePairMode,
+                                    opFlags, opFlagsMask);
             } else {
-                return generateRSAKeyPair(
+                return generateRSAKeyPairWithOpFlags(
                                     token,
                                     DEFAULT_RSA_KEY_SIZE,
                                     DEFAULT_RSA_PUBLIC_EXPONENT.longValue(),
                                     temporaryPairMode,
                                     sensitivePairMode,
-                                    extractablePairMode);
+                                    extractablePairMode,
+                                    opFlags, opFlagsMask);
             }
         } else if(algorithm == KeyPairAlgorithm.DSA ) {
             if(params==null) {
                 params = PQG1024;
             }
             DSAParameterSpec dsaParams = (DSAParameterSpec)params;
-            return generateDSAKeyPair(
+            return generateDSAKeyPairWithOpFlags(
                 token,
                 PQGParams.BigIntegerToUnsignedByteArray(dsaParams.getP()),
                 PQGParams.BigIntegerToUnsignedByteArray(dsaParams.getQ()),
                 PQGParams.BigIntegerToUnsignedByteArray(dsaParams.getG()),
                 temporaryPairMode,
                 sensitivePairMode,
-                extractablePairMode);
+                extractablePairMode,
+                opFlags, opFlagsMask);
         } else {
             Assert._assert( algorithm == KeyPairAlgorithm.EC );
             // requires JAVA 1.5 for ECParameters.
@@ -233,12 +270,14 @@ public final class PK11KeyPairGenerator
 	    // ecParams.init(params);
             PK11ParameterSpec ecParams = (PK11ParameterSpec) params;
 
-            return generateECKeyPair(
+            return generateECKeyPairWithOpFlags(
                 token,
 		ecParams.getEncoded(), /* curve */
                 temporaryPairMode,
                 sensitivePairMode,
-                extractablePairMode);
+                extractablePairMode,
+                opFlags,
+                opFlagsMask);
         } 
     }
 
@@ -266,6 +305,17 @@ public final class PK11KeyPairGenerator
         throws TokenException;
 
     /**
+     * Generates an RSA key pair with the given size and public exponent.
+     * Adds the ability to specify a set of flags and masks
+     * to control how NSS generates the key pair.
+     */
+    private native KeyPair
+    generateRSAKeyPairWithOpFlags(PK11Token token, int keySize, long publicExponent,
+            boolean temporary, int sensitive, int extractable,
+            int op_flags, int op_flags_mask)
+        throws TokenException;
+
+    /**
      * Generates a DSA key pair with the given P, Q, and G values.
      * P, Q, and G are stored as big-endian twos-complement octet strings.
      */
@@ -275,6 +325,19 @@ public final class PK11KeyPairGenerator
         throws TokenException;
 
     /**
+     * Generates a DSA key pair with the given P, Q, and G values.
+     * P, Q, and G are stored as big-endian twos-complement octet strings.
+     * Adds the ability to specify a set of flags and masks
+     * to control how NSS generates the key pair.
+     */
+    private native KeyPair
+    generateDSAKeyPairWithOpFlags(PK11Token token, byte[] P, byte[] Q, byte[] G,
+            boolean temporary, int sensitive, int extractable,
+            int op_flags, int op_flags_mask)
+        throws TokenException;
+
+
+    /**
      * Generates a EC key pair with the given a curve.
      * Curves are stored as DER Encoded Parameters.
      */
@@ -282,6 +345,18 @@ public final class PK11KeyPairGenerator
     generateECKeyPair(PK11Token token, byte[] Curve, 
             boolean temporary, int sensitive, int extractable)
         throws TokenException;
+    /**
+     * Generates a EC key pair with the given a curve.
+     * Curves are stored as DER Encoded Parameters.
+     * Adds the ability to specify a set of flags and masks
+     * to control how NSS generates the key pair.
+     */
+
+    private native KeyPair
+    generateECKeyPairWithOpFlags(PK11Token token, byte[] Curve, 
+            boolean temporary, int sensitive, int extractable,
+            int op_flags, int op_flags_mask)
+        throws TokenException;
 
     ///////////////////////////////////////////////////////////////////////
     ///////////////////////////////////////////////////////////////////////
@@ -397,6 +472,38 @@ public final class PK11KeyPairGenerator
         extractablePairMode = extractable ? 1 : 0;
     }
 
+    /**
+     * Sets the requested key usages desired for the 
+     * generated key pair. 
+     * This allows the caller to suggest how NSS generates the key pair.
+     * @param usages List of desired key usages. 
+     * @param usages_mask Corresponding mask for the key usages.
+     * if a usages is desired, make sure it is in the mask as well.
+     */
+
+    public void setKeyPairUsages(org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages, 
+                                 org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usages_mask) {
+
+        this.opFlags = 0;
+        this.opFlagsMask = 0;
+
+        if(usages != null) {
+            for( int i = 0; i < usages.length; i++ ) {
+                if( usages[i] != null ) {
+                    this.opFlags |= opFlagForUsage[usages[i].getVal()];
+                }
+            }
+        }
+
+        if(usages_mask != null) {
+            for( int i = 0; i < usages_mask.length; i++ ) {
+                if( usages_mask[i] != null ) {
+                    this.opFlagsMask |= opFlagForUsage[usages_mask[i].getVal()];
+                }
+            }
+        }
+    }
+
     //
     // requires JAVA 1.5
     //
diff -rupN jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/pk11util.h jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/pk11util.h
--- jss-4.2.5/mozilla/security/jss/org/mozilla/jss/pkcs11/pk11util.h	2006-02-22 17:21:42.000000000 -0800
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/pk11util.h	2009-05-29 08:34:24.000000000 -0700
@@ -157,6 +157,12 @@ JSS_PK11_generateKeyPair(JNIEnv *env, CK
     PK11SlotInfo *slot, SECKEYPublicKey **pubk, SECKEYPrivateKey **privK,
     void *params, PRBool temporary, jint senstive, jint extractable);
 
+SECStatus
+JSS_PK11_generateKeyPair_withOpFlags(JNIEnv *env, CK_MECHANISM_TYPE mechanism,
+    PK11SlotInfo *slot, SECKEYPublicKey **pubk, SECKEYPrivateKey **privk,
+    void *params, PRBool temporary, jint sensitive, jint extractable,
+    jint op_flags, jint op_flags_mask);
+
 /*=====================================================================
                        C E R T I F I C A T E S
 =====================================================================*/


Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/jss/F-9/.cvsignore,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- .cvsignore	3 Aug 2007 13:57:49 -0000	1.3
+++ .cvsignore	5 Jun 2009 18:26:01 -0000	1.4
@@ -1 +1 @@
-jss-4.2.5.tar.gz
+jss-4.2.6.tar.gz


Index: jss.spec
===================================================================
RCS file: /cvs/extras/rpms/jss/F-9/jss.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- jss.spec	19 Feb 2008 21:02:24 -0000	1.4
+++ jss.spec	5 Jun 2009 18:26:01 -0000	1.5
@@ -1,38 +1,46 @@
 Name:           jss
-Version:        4.2.5
-Release:        2%{?dist}
+Version:        4.2.6
+Release:        1%{?dist}
 Summary:        Java Security Services (JSS)
 
 Group:          System Environment/Libraries
-License:        MPL/GPL/LGPL
+License:        MPLv1.1 or GPLv2+ or LGPLv2+
 URL:            http://www.mozilla.org/projects/security/pki/jss/
 # The source for this package was pulled from upstream's cvs. Use the
 # following commands to generate the tarball:
-# cvs -d :pserver:anonymous at cvs-mirror.mozilla.org:/cvsroot export -r JSS_4_2_5_RTM -d jss-4.2.5 -N mozilla/security/coreconf mozilla/security/jss
-# tar -czvf jss-4.2.5.tar.gz jss-4.2.5
+# cvs -d :pserver:anonymous at cvs-mirror.mozilla.org:/cvsroot export -r JSS_4_2_6_RTM -d jss-4.2.6 -N mozilla/security/coreconf mozilla/security/jss
+# tar -czvf jss-4.2.6.tar.gz jss-4.2.6
 Source0:        %{name}-%{version}.tar.gz
 Source1:        MPL-1.1.txt
 Source2:        gpl.txt
 Source3:        lgpl.txt
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
-BuildRequires:  nss-devel >= 3.11.4
-BuildRequires:  nspr-devel >= 4.6.4
+BuildRequires:  nss-devel >= 3.12.0
+BuildRequires:  nspr-devel >= 4.6.99
 BuildRequires:  java-devel
 Requires:       java
 
-# don't use sun.net.www.protocol.http.HttpURLConnection.userAgent
-Patch1:         jss-useragent.patch
+Patch1:         jss-key_pair_usage_with_op_flags.patch
+Patch2:         jss-javadocs-param.patch
 
 %description
 Java Security Services (JSS) is a java native interface which provides a bridge
 for java-based applications to use native Network Security Services (NSS).
 This only works with gcj. Other JREs require that JCE providers be signed.
 
+%package javadoc
+Summary:        Java Security Services (JSS) Javadocs
+Group:          Documentation
+Requires:       jss = %{version}-%{release}
+
+%description javadoc
+This package contains the API documentation for JSS.
 
 %prep
 %setup -q
 %patch1 -p1
+%patch2 -p1
 
 %build
 [ -z "$JAVA_HOME" ] && export JAVA_HOME=%{_jvmdir}/java
@@ -70,6 +78,7 @@ export USE_64
 # The Makefile is not thread-safe
 make -C mozilla/security/coreconf
 make -C mozilla/security/jss
+make -C mozilla/security/jss javadoc
 
 %install
 rm -rf $RPM_BUILD_ROOT docdir
@@ -106,6 +115,10 @@ install -m 0755 mozilla/dist/Linux*.OBJ/
 # Behavior of other JVMs is not known but they probably enforce the signature
 # as well.
 
+# javadoc
+install -d -m 0755 $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+cp -rp mozilla/dist/jssdoc/* $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -116,8 +129,20 @@ rm -rf $RPM_BUILD_ROOT
 %{_jnidir}/*
 %{_libdir}/lib*.so
 
+%files javadoc
+%defattr(-,root,root,-)
+%dir %{_javadocdir}/%{name}-%{version}
+%{_javadocdir}/%{name}-%{version}/*
+
 
 %changelog
+* Fri Jun  5 2009 Rob Crittenden <rcritten at redhat.com> 4.2.6-1
+- Update to 4.2.6
+- Include patch to add jss interface to PK11_GenerateKeyPairWithOpFlags()
+- Add javadocs subpackage
+- Update License string to be more specific on versions
+- Include patch to fix missing @param so javadocs will build
+
 * Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 4.2.5-2
 - Autorebuild for GCC 4.3
 
@@ -143,7 +168,7 @@ rm -rf $RPM_BUILD_ROOT
 
 * Thu Mar 15 2007  Rob Crittenden <rcritten at redhat.com> 4.2.4-2
 - Added RPM_OPT_FLAGS to XCFLAGS
-
 - Added link to Sun JCE information
+
 * Mon Feb 27 2007 Rob Crittenden <rcritten at redhat.com> 4.2.4-1
 - Initial build


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/jss/F-9/sources,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- sources	3 Aug 2007 13:57:49 -0000	1.3
+++ sources	5 Jun 2009 18:26:01 -0000	1.4
@@ -1 +1 @@
-efa77dd4dad52d588f85906d88ea4311  jss-4.2.5.tar.gz
+ad1c59a92ddac35cce35f16341d3cd55  jss-4.2.6.tar.gz


--- jss-useragent.patch DELETED ---




More information about the fedora-extras-commits mailing list