Resolves: rhbz#2229399

- add indicator for pbkdf - fix ems policy bug
2023-08-05 10:43:46 -07:00 · 2023-08-05 10:43:46 -07:00 · 2fef3aa45f
parent ac0b8ce8dd
commit 2fef3aa45f
4 changed files with 56 additions and 7 deletions
--- a/fips_algorithms.h
+++ b/fips_algorithms.h
@ -14,9 +14,13 @@ typedef enum {
    SFTKFIPSDH,  /* allow only specific primes */
    SFTKFIPSECC, /* not just keys but specific curves */
    SFTKFIPSAEAD, /* single shot AEAD functions not allowed in FIPS mode */
-    SFTKFIPSRSAPSS
+    SFTKFIPSRSAPSS, /* make sure salt isn't too big */
+    SFTKFIPSPBKDF2  /* handle pbkdf2 FIPS restrictions */
 } SFTKFIPSSpecialClass;

+/* set according to your security policy */
+#define SFTKFIPS_PBKDF2_MIN_PW_LEN  7
+
 typedef struct SFTKFIPSAlgorithmListStr SFTKFIPSAlgorithmList;
 struct SFTKFIPSAlgorithmListStr {
    CK_MECHANISM_TYPE type;
@ -163,6 +167,6 @@ SFTKFIPSAlgorithmList sftk_fips_mechs[] = {
    { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 112, 255 * 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
    { CKM_NSS_IKE_PRF_DERIVE, { 112, 64 * 8, CKF_KDF }, 1, SFTKFIPSNone },
    /* ------------------ PBE Key Derivations  ------------------- */
-    { CKM_PKCS5_PBKD2, { 112, 256, CKF_GEN }, 1, SFTKFIPSNone },
+    { CKM_PKCS5_PBKD2, { 112, 256, CKF_GEN }, 1, SFTKFIPSPBKDF2 },
 };
 const int SFTK_NUMBER_FIPS_ALGORITHMS = PR_ARRAY_SIZE(sftk_fips_mechs);
--- a/nss-3.90-add-ems-policy.patch
+++ b/nss-3.90-add-ems-policy.patch
@ -53,7 +53,7 @@ diff -up ./lib/ssl/ssl3con.c.add_ems_policy ./lib/ssl/ssl3con.c
 +        rv = NSS_GetAlgorithmPolicy(SEC_OID_TLS_REQUIRE_EMS, &policy);
 +        /* we only look at the policy if we can fetch it. */
 +        if (rv == SECSuccess) {
-+            if (policy & NSS_USE_POLICY_IN_SSL) {
+            if (policy & NSS_USE_ALG_IN_SSL_KX) {
 +                /* just set the error, we don't want to map any errors
 +                 * set by NSS_GetAlgorithmPolicy here */
 +                PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
--- a/nss-3.90-pbkdf2-indicator.patch
+++ b/nss-3.90-pbkdf2-indicator.patch
@ -0,0 +1,42 @@
+diff -up ./lib/softoken/pkcs11u.c.pkcs12_indicator ./lib/softoken/pkcs11u.c
+--- ./lib/softoken/pkcs11u.c.pkcs12_indicator	2023-08-03 10:50:37.067109367 -0700
+++ ./lib/softoken/pkcs11u.c	2023-08-03 11:41:55.641541953 -0700
+@@ -2429,7 +2429,7 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+             return PR_FALSE;
+         case SFTKFIPSECC:
+             /* we've already handled the curve selection in the 'getlength'
+-          * function */
+             * function */
+             return PR_TRUE;
+         case SFTKFIPSAEAD: {
+             if (mech->ulParameterLen == 0) {
+@@ -2463,6 +2463,29 @@ sftk_handleSpecial(SFTKSlot *slot, CK_ME
+             }
+             return PR_TRUE;
+         }
+        case SFTKFIPSPBKDF2: {
+            /* PBKDF2 must have the following addition restrictions
+             * (independent of keysize).
+             *    1. iteration count must be at least 1000.
+             *    2. salt must be at least 128 bits (16 bytes).
+             *    3. password must match the length specified in the SP
+             */
+             CK_PKCS5_PBKD2_PARAMS *pbkdf2 = (CK_PKCS5_PBKD2_PARAMS *)
+                                                    mech->pParameter;
+             if (mech->ulParameterLen != sizeof(*pbkdf2)) {
+                 return PR_FALSE;
+             }
+             if (pbkdf2->iterations < 1000) {
+                 return PR_FALSE;
+             }
+             if (pbkdf2->ulSaltSourceDataLen < 16) {
+                 return PR_FALSE;
+             }
+             if (*(pbkdf2->ulPasswordLen) < SFTKFIPS_PBKDF2_MIN_PW_LEN) {
+                 return PR_FALSE;
+             }
+             return PR_TRUE;
+        }
+         default:
+             break;
+     }
--- a/nss.spec
+++ b/nss.spec
@ -1,6 +1,6 @@
 %global nss_version 3.90.0
 %global nspr_version 4.35.0
-%global baserelease 2
+%global baserelease 3
 %global nss_release %baserelease
 # NOTE: To avoid NVR clashes of nspr* packages:
 # use "%%global nspr_release %%[%%baserelease+n]" to handle offsets when
@ -171,6 +171,7 @@ Patch51:          nss-3.79-dbtool.patch
 # https://bugzilla.mozilla.org/show_bug.cgi?id=1767883
 Patch58:          nss-3.79-fips.patch
 Patch61:          nss-3.79-fips-review.patches
+Patch63:          nss-3.90-pbkdf2-indicator.patch

 # ems policy. needs to upstream
 Patch70:          nss-3.90-add-ems-policy.patch
@ -186,8 +187,6 @@ Patch120:         nspr-4.34-server-passive.patch
 Patch60:          nss-3.90-DisablingASM.patch


-
-
 # NSS reverse patches
 Patch300:         nss-3.79-distrusted-certs.patch

@ -1170,7 +1169,11 @@ update-crypto-policies &> /dev/null || :


 %changelog
-* Thu Jun 29 2023 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.90.0-2
+* Fri Aug 4 2023 Bob Relyea <rrelyea@redhat.com> - 3.90.0-3
+- add indicator for pbkdf
+- fix ems policy bug
+
+* Thu Jun 29 2023 frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.90.0-2
 - fix release number

 * Wed Jun 28 2023 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.90.0-1