Related: rhbz#2174613
Fix regression issue in FIPS mode. We need to return a non-locking return code if the user supplied DH parameters are invalid, rather than a blocking code we return if the underlying NSS math engine blows up.
This commit is contained in:
parent
fe16df6b41
commit
2ed3d453e9
@ -1,6 +1,6 @@
|
||||
diff -up ./lib/freebl/dh.c.fips-review ./lib/freebl/dh.c
|
||||
--- ./lib/freebl/dh.c.fips-review 2022-05-26 02:54:33.000000000 -0700
|
||||
+++ ./lib/freebl/dh.c 2023-03-07 16:54:47.920359716 -0800
|
||||
+++ ./lib/freebl/dh.c 2023-03-16 11:54:37.839935303 -0700
|
||||
@@ -445,7 +445,7 @@ cleanup:
|
||||
PRBool
|
||||
KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
|
||||
@ -50,8 +50,8 @@ diff -up ./lib/freebl/dh.c.fips-review ./lib/freebl/dh.c
|
||||
MP_TO_SEC_ERROR(err);
|
||||
return PR_FALSE;
|
||||
diff -up ./lib/softoken/pkcs11c.c.fips-review ./lib/softoken/pkcs11c.c
|
||||
--- ./lib/softoken/pkcs11c.c.fips-review 2023-03-07 16:54:36.251359761 -0800
|
||||
+++ ./lib/softoken/pkcs11c.c 2023-03-07 16:55:25.367359573 -0800
|
||||
--- ./lib/softoken/pkcs11c.c.fips-review 2023-03-16 11:53:04.703068972 -0700
|
||||
+++ ./lib/softoken/pkcs11c.c 2023-03-16 11:55:23.498360007 -0700
|
||||
@@ -4780,6 +4780,10 @@ NSC_GenerateKey(CK_SESSION_HANDLE hSessi
|
||||
* handle the base object stuff
|
||||
*/
|
||||
@ -189,7 +189,7 @@ diff -up ./lib/softoken/pkcs11c.c.fips-review ./lib/softoken/pkcs11c.c
|
||||
/* FIPS requires full validation, but in fipx mode NSC_Derive
|
||||
* only does partial validation with approved primes, now handle
|
||||
* full validation */
|
||||
@@ -5166,15 +5174,38 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
||||
@@ -5166,18 +5174,41 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
||||
}
|
||||
crv = sftk_Attribute2SecItem(NULL, &prime, privateKey, CKA_PRIME);
|
||||
/* we ignore the return code an only look at the length */
|
||||
@ -199,22 +199,23 @@ diff -up ./lib/softoken/pkcs11c.c.fips-review ./lib/softoken/pkcs11c.c
|
||||
- * that's the only kine of prime that will get here */
|
||||
- subPrimePtr = sftk_VerifyDH_Prime(&prime, isFIPS);
|
||||
- if (subPrimePtr == NULL) {
|
||||
- crv = CKR_GENERAL_ERROR;
|
||||
+ /* do we have a known prime ? */
|
||||
+ subPrimePtr = sftk_VerifyDH_Prime(&prime, isFIPS);
|
||||
+ if (subPrimePtr == NULL) {
|
||||
+ if (subPrime.len == 0) {
|
||||
+ /* if not a known prime, subprime must be supplied */
|
||||
crv = CKR_GENERAL_ERROR;
|
||||
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||||
goto done;
|
||||
+ } else {
|
||||
+ /* not a known prime, check for primality of prime
|
||||
+ * and subPrime */
|
||||
+ if (!KEA_PrimeCheck(&prime)) {
|
||||
+ crv = CKR_GENERAL_ERROR;
|
||||
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||||
+ goto done;
|
||||
+ }
|
||||
+ if (!KEA_PrimeCheck(&subPrime)) {
|
||||
+ crv = CKR_GENERAL_ERROR;
|
||||
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||||
+ goto done;
|
||||
+ }
|
||||
}
|
||||
@ -227,13 +228,17 @@ diff -up ./lib/softoken/pkcs11c.c.fips-review ./lib/softoken/pkcs11c.c
|
||||
+ if ((subPrimePtr->len != subPrimeLen) ||
|
||||
+ (PORT_Memcmp(subPrimePtr->data, subPrime.data,
|
||||
+ subPrime.len) != 0)) {
|
||||
+ crv = CKR_GENERAL_ERROR;
|
||||
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||||
+ goto done;
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
if (!KEA_Verify(&pubKey, &prime, (SECItem *)subPrimePtr)) {
|
||||
crv = CKR_GENERAL_ERROR;
|
||||
- crv = CKR_GENERAL_ERROR;
|
||||
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||||
}
|
||||
done:
|
||||
SECITEM_ZfreeItem(&subPrime, PR_FALSE);
|
||||
@@ -5185,13 +5216,9 @@ sftk_PairwiseConsistencyCheck(CK_SESSION
|
||||
}
|
||||
/* clean up before we return */
|
||||
@ -285,7 +290,7 @@ diff -up ./lib/softoken/pkcs11c.c.fips-review ./lib/softoken/pkcs11c.c
|
||||
mechParams->ulSharedDataLen, mechParams->kdf);
|
||||
diff -up ./lib/softoken/pkcs11.c.fips-review ./lib/softoken/pkcs11.c
|
||||
--- ./lib/softoken/pkcs11.c.fips-review 2022-05-26 02:54:33.000000000 -0700
|
||||
+++ ./lib/softoken/pkcs11.c 2023-03-07 16:54:47.921359716 -0800
|
||||
+++ ./lib/softoken/pkcs11.c 2023-03-16 11:54:37.840935312 -0700
|
||||
@@ -4599,7 +4599,10 @@ NSC_CreateObject(CK_SESSION_HANDLE hSess
|
||||
if (object == NULL) {
|
||||
return CKR_HOST_MEMORY;
|
||||
@ -300,7 +305,7 @@ diff -up ./lib/softoken/pkcs11.c.fips-review ./lib/softoken/pkcs11.c
|
||||
/*
|
||||
diff -up ./lib/softoken/sftkike.c.fips-review ./lib/softoken/sftkike.c
|
||||
--- ./lib/softoken/sftkike.c.fips-review 2022-05-26 02:54:33.000000000 -0700
|
||||
+++ ./lib/softoken/sftkike.c 2023-03-07 16:54:47.921359716 -0800
|
||||
+++ ./lib/softoken/sftkike.c 2023-03-16 11:54:37.840935312 -0700
|
||||
@@ -516,6 +516,11 @@ sftk_ike_prf(CK_SESSION_HANDLE hSession,
|
||||
goto fail;
|
||||
}
|
||||
|
7
nss.spec
7
nss.spec
@ -1,6 +1,6 @@
|
||||
%global nss_version 3.79.0
|
||||
%global nspr_version 4.34.0
|
||||
%global baserelease 16
|
||||
%global baserelease 17
|
||||
%global nss_release %baserelease
|
||||
# NOTE: To avoid NVR clashes of nspr* packages:
|
||||
# use "%%global nspr_release %%[%%baserelease+n]" to handle offsets when
|
||||
@ -1171,6 +1171,11 @@ update-crypto-policies &> /dev/null || :
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Mar 16 2023 Bob Relyea <rrelyea@redhat.com> - 3.79.0-17
|
||||
- fix consistency return errors. We shouldn't lock the FIPS
|
||||
token if the application asked for invalid DH parameters on
|
||||
on keygen.
|
||||
|
||||
* Mon Mar 13 2023 Bob Relyea <rrelyea@redhat.com> - 3.79.0-16
|
||||
- Add check for RSA PSS Salt required by FIPS
|
||||
- Update fips_algorithms.sh according to the review.
|
||||
|
Loading…
Reference in New Issue
Block a user