Related: RHEL-33511
Fix chacha timing issue
This commit is contained in:
parent
d64f3bacce
commit
3ca8e4f728
59
nss-3.101-chacha-timing-fix.patch
Normal file
59
nss-3.101-chacha-timing-fix.patch
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
diff --git a/lib/freebl/chacha20poly1305.c b/lib/freebl/chacha20poly1305.c
|
||||||
|
--- a/lib/freebl/chacha20poly1305.c
|
||||||
|
+++ b/lib/freebl/chacha20poly1305.c
|
||||||
|
@@ -213,27 +213,31 @@
|
||||||
|
{
|
||||||
|
#ifdef NSS_X64
|
||||||
|
#ifndef NSS_DISABLE_AVX2
|
||||||
|
if (avx2_support()) {
|
||||||
|
Hacl_Chacha20_Vec256_chacha20_encrypt_256(len, output, block, k, nonce, ctr);
|
||||||
|
+ return;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef NSS_DISABLE_SSE3
|
||||||
|
if (ssse3_support() && sse4_1_support() && avx_support()) {
|
||||||
|
Hacl_Chacha20_Vec128_chacha20_encrypt_128(len, output, block, k, nonce, ctr);
|
||||||
|
+ return;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#elif defined(__powerpc64__) && defined(__LITTLE_ENDIAN__) && \
|
||||||
|
!defined(NSS_DISABLE_ALTIVEC) && !defined(NSS_DISABLE_CRYPTO_VSX)
|
||||||
|
if (ppc_crypto_support()) {
|
||||||
|
chacha20vsx(len, output, block, k, nonce, ctr);
|
||||||
|
- } else
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
Hacl_Chacha20_chacha20_encrypt(len, output, block, k, nonce, ctr);
|
||||||
|
+ return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif /* NSS_DISABLE_CHACHAPOLY */
|
||||||
|
|
||||||
|
SECStatus
|
||||||
|
@@ -449,20 +453,18 @@
|
||||||
|
(uint8_t *)ctx->key, (uint8_t *)nonce, adLen, (uint8_t *)ad, inputLen,
|
||||||
|
(uint8_t *)input, output, outTag);
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
-
|
||||||
|
- else
|
||||||
|
#elif defined(__powerpc64__) && defined(__LITTLE_ENDIAN__) && \
|
||||||
|
!defined(NSS_DISABLE_ALTIVEC) && !defined(NSS_DISABLE_CRYPTO_VSX)
|
||||||
|
if (ppc_crypto_support()) {
|
||||||
|
Chacha20Poly1305_vsx_aead_encrypt(
|
||||||
|
(uint8_t *)ctx->key, (uint8_t *)nonce, adLen, (uint8_t *)ad, inputLen,
|
||||||
|
(uint8_t *)input, output, outTag);
|
||||||
|
goto finish;
|
||||||
|
- } else
|
||||||
|
+ }
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
Hacl_Chacha20Poly1305_32_aead_encrypt(
|
||||||
|
(uint8_t *)ctx->key, (uint8_t *)nonce, adLen, (uint8_t *)ad, inputLen,
|
||||||
|
(uint8_t *)input, output, outTag);
|
||||||
|
|
3
nss.spec
3
nss.spec
@ -184,6 +184,8 @@ Patch76: nss-3.101-enable-kyber-policy.patch
|
|||||||
Patch77: nss-3.101-fix-rsa-policy-test.patch
|
Patch77: nss-3.101-fix-rsa-policy-test.patch
|
||||||
Patch78: nss-3.101-fix-pkcs12-md5-decode.patch
|
Patch78: nss-3.101-fix-pkcs12-md5-decode.patch
|
||||||
Patch81: nss-3.101-fix-missing-size-checks.patch
|
Patch81: nss-3.101-fix-missing-size-checks.patch
|
||||||
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=1905691
|
||||||
|
Patch82: nss-3.101-chacha-timing-fix.patch
|
||||||
|
|
||||||
# RHEL-10 specific
|
# RHEL-10 specific
|
||||||
Patch90: nss-3.101-disable_dsa.patch
|
Patch90: nss-3.101-disable_dsa.patch
|
||||||
@ -1172,6 +1174,7 @@ update-crypto-policies &> /dev/null || :
|
|||||||
%changelog
|
%changelog
|
||||||
* Wed Jul 24 2024 Bob Relyea <rrelyea@redhat.com> - 3.101.0-5
|
* Wed Jul 24 2024 Bob Relyea <rrelyea@redhat.com> - 3.101.0-5
|
||||||
- Fix missing and inaccurate key length checks
|
- Fix missing and inaccurate key length checks
|
||||||
|
- Fix chacha timing issue
|
||||||
|
|
||||||
* Thu Jul 18 2024 Bob Relyea <rrelyea@redhat.com> - 3.101.0-4
|
* Thu Jul 18 2024 Bob Relyea <rrelyea@redhat.com> - 3.101.0-4
|
||||||
- Fix MD-5 decode issue in pkcs #12
|
- Fix MD-5 decode issue in pkcs #12
|
||||||
|
Loading…
Reference in New Issue
Block a user