82 lines
3.8 KiB
Diff
82 lines
3.8 KiB
Diff
|
diff -up ./lib/softoken/sftkpwd.c.orig ./lib/softoken/sftkpwd.c
|
||
|
|
--- ./lib/softoken/sftkpwd.c.orig 2021-06-10 05:33:12.000000000 -0700
|
||
|
|
+++ ./lib/softoken/sftkpwd.c 2021-07-01 14:04:34.068596942 -0700
|
||
|
|
@@ -287,9 +287,12 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||
|
|
}
|
||
|
|
|
||
|
|
/* If we are using aes 256, we need to check authentication as well.*/
|
||
|
|
- if ((type != CKT_INVALID_TYPE) && (cipherValue.alg == SEC_OID_AES_256_CBC)) {
|
||
|
|
+ if ((type != CKT_INVALID_TYPE) &&
|
||
|
|
+ (cipherValue.alg == SEC_OID_PKCS5_PBES2) &&
|
||
|
|
+ (cipherValue.param->encAlg == SEC_OID_AES_256_CBC)) {
|
||
|
|
SECItem signature;
|
||
|
|
unsigned char signData[SDB_MAX_META_DATA_LEN];
|
||
|
|
+ CK_RV crv;
|
||
|
|
|
||
|
|
/* if we get here from the old legacy db, there is clearly an
|
||
|
|
* error, don't return the plaintext */
|
||
|
|
@@ -301,15 +304,28 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||
|
|
|
||
|
|
signature.data = signData;
|
||
|
|
signature.len = sizeof(signData);
|
||
|
|
- rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||
|
|
+ rv = SECFailure;
|
||
|
|
+ /* sign sftkdb_GetAttriibuteSignature returns a crv, not an rv */
|
||
|
|
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||
|
|
&signature);
|
||
|
|
- if (rv != SECSuccess) {
|
||
|
|
- goto loser;
|
||
|
|
+ if (crv == CKR_OK) {
|
||
|
|
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||
|
|
+ type, *plain, &signature);
|
||
|
|
}
|
||
|
|
- rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type,
|
||
|
|
- *plain, &signature);
|
||
|
|
if (rv != SECSuccess) {
|
||
|
|
- goto loser;
|
||
|
|
+ /* handle a bug where old versions of NSS misfiled the signature
|
||
|
|
+ * attribute on password update */
|
||
|
|
+ id |= SFTK_KEYDB_TYPE|SFTK_TOKEN_TYPE;
|
||
|
|
+ signature.len = sizeof(signData);
|
||
|
|
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||
|
|
+ &signature);
|
||
|
|
+ if (crv != CKR_OK) {
|
||
|
|
+ rv = SECFailure;
|
||
|
|
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||
|
|
+ goto loser;
|
||
|
|
+ }
|
||
|
|
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||
|
|
+ type, *plain, &signature);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
@@ -1198,6 +1214,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||
|
|
unsigned int i;
|
||
|
|
for (i = 0; i < privAttrCount; i++) {
|
||
|
|
// Read the old attribute in the clear.
|
||
|
|
+ CK_OBJECT_HANDLE sdbId = id & SFTK_OBJ_ID_MASK;
|
||
|
|
CK_ATTRIBUTE privAttr = { privAttrTypes[i], NULL, 0 };
|
||
|
|
CK_RV crv = sftkdb_GetAttributeValue(keydb, id, &privAttr, 1);
|
||
|
|
if (crv != CKR_OK) {
|
||
|
|
@@ -1222,7 +1239,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||
|
|
plainText.data = privAttr.pValue;
|
||
|
|
plainText.len = privAttr.ulValueLen;
|
||
|
|
if (sftkdb_EncryptAttribute(arena, keydb, keydb->db, newKey,
|
||
|
|
- iterationCount, id, privAttr.type,
|
||
|
|
+ iterationCount, sdbId, privAttr.type,
|
||
|
|
&plainText, &result) != SECSuccess) {
|
||
|
|
return CKR_GENERAL_ERROR;
|
||
|
|
}
|
||
|
|
@@ -1232,10 +1249,9 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||
|
|
PORT_Memset(plainText.data, 0, plainText.len);
|
||
|
|
|
||
|
|
// Write the newly encrypted attributes out directly.
|
||
|
|
- CK_OBJECT_HANDLE newId = id & SFTK_OBJ_ID_MASK;
|
||
|
|
keydb->newKey = newKey;
|
||
|
|
keydb->newDefaultIterationCount = iterationCount;
|
||
|
|
- crv = (*keydb->db->sdb_SetAttributeValue)(keydb->db, newId, &privAttr, 1);
|
||
|
|
+ crv = (*keydb->db->sdb_SetAttributeValue)(keydb->db, sdbId, &privAttr, 1);
|
||
|
|
keydb->newKey = NULL;
|
||
|
|
if (crv != CKR_OK) {
|
||
|
|
return crv;
|