import nss-3.67.0-6.el8_4
This commit is contained in:
parent
64511750df
commit
73a17031dc
@ -1,12 +1,7 @@
|
||||
diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
--- a/lib/softoken/sftkpwd.c
|
||||
+++ b/lib/softoken/sftkpwd.c
|
||||
@@ -277,17 +277,19 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
*plain = nsspkcs5_CipherData(cipherValue.param, passKey, &cipherValue.value,
|
||||
PR_FALSE, NULL);
|
||||
if (*plain == NULL) {
|
||||
rv = SECFailure;
|
||||
goto loser;
|
||||
diff -up ./lib/softoken/sftkpwd.c.orig ./lib/softoken/sftkpwd.c
|
||||
--- ./lib/softoken/sftkpwd.c.orig 2021-06-10 05:33:12.000000000 -0700
|
||||
+++ ./lib/softoken/sftkpwd.c 2021-07-01 14:04:34.068596942 -0700
|
||||
@@ -287,9 +287,12 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
}
|
||||
|
||||
/* If we are using aes 256, we need to check authentication as well.*/
|
||||
@ -16,29 +11,38 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
+ (cipherValue.param->encAlg == SEC_OID_AES_256_CBC)) {
|
||||
SECItem signature;
|
||||
unsigned char signData[SDB_MAX_META_DATA_LEN];
|
||||
+ CK_RV crv;
|
||||
|
||||
/* if we get here from the old legacy db, there is clearly an
|
||||
* error, don't return the plaintext */
|
||||
if (handle == NULL) {
|
||||
rv = SECFailure;
|
||||
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
@@ -299,17 +301,27 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
@@ -301,15 +304,28 @@ sftkdb_DecryptAttribute(SFTKDBHandle *ha
|
||||
|
||||
signature.data = signData;
|
||||
signature.len = sizeof(signData);
|
||||
- rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ rv = SECFailure;
|
||||
+ /* sign sftkdb_GetAttriibuteSignature returns a crv, not an rv */
|
||||
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
&signature);
|
||||
if (rv != SECSuccess) {
|
||||
goto loser;
|
||||
- if (rv != SECSuccess) {
|
||||
- goto loser;
|
||||
+ if (crv == CKR_OK) {
|
||||
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||||
+ type, *plain, &signature);
|
||||
}
|
||||
rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type,
|
||||
*plain, &signature);
|
||||
- rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE, type,
|
||||
- *plain, &signature);
|
||||
if (rv != SECSuccess) {
|
||||
- goto loser;
|
||||
+ /* handle a bug where old versions of NSS misfiled the signature
|
||||
+ * attribute on password update */
|
||||
+ id |= SFTK_KEYDB_TYPE|SFTK_TOKEN_TYPE;
|
||||
+ signature.len = sizeof(signData);
|
||||
+ rv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ crv = sftkdb_GetAttributeSignature(handle, handle, id, type,
|
||||
+ &signature);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ if (crv != CKR_OK) {
|
||||
+ rv = SECFailure;
|
||||
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ rv = sftkdb_VerifyAttribute(handle, passKey, CK_INVALID_HANDLE,
|
||||
@ -46,17 +50,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
}
|
||||
}
|
||||
|
||||
loser:
|
||||
if (cipherValue.param) {
|
||||
nsspkcs5_DestroyPBEParameter(cipherValue.param);
|
||||
}
|
||||
if (cipherValue.arena) {
|
||||
@@ -1186,16 +1198,17 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
};
|
||||
const CK_ULONG privAttrCount = sizeof(privAttrTypes) / sizeof(privAttrTypes[0]);
|
||||
|
||||
// We don't know what attributes this object has, so we update them one at a
|
||||
// time.
|
||||
@@ -1198,6 +1214,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
unsigned int i;
|
||||
for (i = 0; i < privAttrCount; i++) {
|
||||
// Read the old attribute in the clear.
|
||||
@ -64,17 +58,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
CK_ATTRIBUTE privAttr = { privAttrTypes[i], NULL, 0 };
|
||||
CK_RV crv = sftkdb_GetAttributeValue(keydb, id, &privAttr, 1);
|
||||
if (crv != CKR_OK) {
|
||||
continue;
|
||||
}
|
||||
if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) {
|
||||
continue;
|
||||
}
|
||||
@@ -1210,30 +1223,29 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
if ((privAttr.ulValueLen == -1) || (privAttr.ulValueLen == 0)) {
|
||||
return CKR_GENERAL_ERROR;
|
||||
}
|
||||
SECItem plainText;
|
||||
SECItem *result;
|
||||
@@ -1222,7 +1239,7 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
plainText.data = privAttr.pValue;
|
||||
plainText.len = privAttr.ulValueLen;
|
||||
if (sftkdb_EncryptAttribute(arena, keydb, keydb->db, newKey,
|
||||
@ -83,9 +67,7 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
&plainText, &result) != SECSuccess) {
|
||||
return CKR_GENERAL_ERROR;
|
||||
}
|
||||
privAttr.pValue = result->data;
|
||||
privAttr.ulValueLen = result->len;
|
||||
// Clear sensitive data.
|
||||
@@ -1232,10 +1249,9 @@ sftk_updateEncrypted(PLArenaPool *arena,
|
||||
PORT_Memset(plainText.data, 0, plainText.len);
|
||||
|
||||
// Write the newly encrypted attributes out directly.
|
||||
@ -97,8 +79,3 @@ diff --git a/lib/softoken/sftkpwd.c b/lib/softoken/sftkpwd.c
|
||||
keydb->newKey = NULL;
|
||||
if (crv != CKR_OK) {
|
||||
return crv;
|
||||
}
|
||||
}
|
||||
|
||||
return CKR_OK;
|
||||
}
|
122
SOURCES/nss-3.67-fix-ssl-alerts.patch
Normal file
122
SOURCES/nss-3.67-fix-ssl-alerts.patch
Normal file
@ -0,0 +1,122 @@
|
||||
diff -up ./lib/ssl/ssl3con.c.alert-fix ./lib/ssl/ssl3con.c
|
||||
--- ./lib/ssl/ssl3con.c.alert-fix 2021-06-10 05:33:12.000000000 -0700
|
||||
+++ ./lib/ssl/ssl3con.c 2021-07-06 17:08:25.894018521 -0700
|
||||
@@ -4319,7 +4319,11 @@ ssl_SignatureSchemeValid(SSLSignatureSch
|
||||
if (!ssl_IsSupportedSignatureScheme(scheme)) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
- if (!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
|
||||
+ /* if we are purposefully passed SEC_OID_UNKOWN, it means
|
||||
+ * we not checking the scheme against a potential key, so skip
|
||||
+ * the call */
|
||||
+ if ((spkiOid != SEC_OID_UNKNOWN) &&
|
||||
+ !ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
if (isTls13) {
|
||||
@@ -4517,7 +4521,8 @@ ssl_CheckSignatureSchemeConsistency(sslS
|
||||
}
|
||||
|
||||
/* Verify that the signature scheme matches the signing key. */
|
||||
- if (!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
|
||||
+ if ((spkiOid == SEC_OID_UNKNOWN) ||
|
||||
+ !ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
|
||||
PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -4533,6 +4538,7 @@ ssl_CheckSignatureSchemeConsistency(sslS
|
||||
PRBool
|
||||
ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
|
||||
{
|
||||
+ PRBool isSupported = PR_FALSE;
|
||||
switch (scheme) {
|
||||
case ssl_sig_rsa_pkcs1_sha1:
|
||||
case ssl_sig_rsa_pkcs1_sha256:
|
||||
@@ -4552,7 +4558,8 @@ ssl_IsSupportedSignatureScheme(SSLSignat
|
||||
case ssl_sig_dsa_sha384:
|
||||
case ssl_sig_dsa_sha512:
|
||||
case ssl_sig_ecdsa_sha1:
|
||||
- return PR_TRUE;
|
||||
+ isSupported = PR_TRUE;
|
||||
+ break;
|
||||
|
||||
case ssl_sig_rsa_pkcs1_sha1md5:
|
||||
case ssl_sig_none:
|
||||
@@ -4560,7 +4567,19 @@ ssl_IsSupportedSignatureScheme(SSLSignat
|
||||
case ssl_sig_ed448:
|
||||
return PR_FALSE;
|
||||
}
|
||||
- return PR_FALSE;
|
||||
+ if (isSupported) {
|
||||
+ SECOidTag hashOID = ssl3_HashTypeToOID(ssl_SignatureSchemeToHashType(scheme));
|
||||
+ PRUint32 policy;
|
||||
+ const PRUint32 sigSchemePolicy=
|
||||
+ NSS_USE_ALG_IN_SSL_KX|NSS_USE_ALG_IN_SIGNATURE;
|
||||
+ /* check hash policy */
|
||||
+ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
|
||||
+ ((policy & sigSchemePolicy) != sigSchemePolicy)) {
|
||||
+ return PR_FALSE;
|
||||
+ }
|
||||
+ /* check algorithm policy */
|
||||
+ }
|
||||
+ return isSupported;
|
||||
}
|
||||
|
||||
PRBool
|
||||
@@ -6533,6 +6552,9 @@ ssl_PickSignatureScheme(sslSocket *ss,
|
||||
}
|
||||
|
||||
spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
|
||||
+ if (spkiOid == SEC_OID_UNKNOWN) {
|
||||
+ goto loser;
|
||||
+ }
|
||||
|
||||
/* Now we have to search based on the key type. Go through our preferred
|
||||
* schemes in order and find the first that can be used. */
|
||||
@@ -6547,6 +6569,7 @@ ssl_PickSignatureScheme(sslSocket *ss,
|
||||
}
|
||||
}
|
||||
|
||||
+loser:
|
||||
PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -7700,7 +7723,8 @@ ssl_ParseSignatureSchemes(const sslSocke
|
||||
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
return SECFailure;
|
||||
}
|
||||
- if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
|
||||
+ if (ssl_SignatureSchemeValid((SSLSignatureScheme)tmp, SEC_OID_UNKNOWN,
|
||||
+ (PRBool)ss->version >= SSL_LIBRARY_VERSION_TLS_1_3)) {;
|
||||
schemes[numSupported++] = (SSLSignatureScheme)tmp;
|
||||
}
|
||||
}
|
||||
@@ -10286,7 +10310,12 @@ ssl3_HandleCertificateVerify(sslSocket *
|
||||
PORT_Assert(ss->ssl3.hs.hashType == handshake_hash_record);
|
||||
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
|
||||
if (rv != SECSuccess) {
|
||||
- goto loser; /* malformed or unsupported. */
|
||||
+ errCode = PORT_GetError();
|
||||
+ /* unsupported == illegal_parameter, others == handshake_failure. */
|
||||
+ if (errCode == SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM) {
|
||||
+ desc = illegal_parameter;
|
||||
+ }
|
||||
+ goto alert_loser;
|
||||
}
|
||||
rv = ssl_CheckSignatureSchemeConsistency(
|
||||
ss, sigScheme, &ss->sec.peerCert->subjectPublicKeyInfo);
|
||||
diff -up ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix ./gtests/ssl_gtest/ssl_extension_unittest.cc
|
||||
--- ./gtests/ssl_gtest/ssl_extension_unittest.cc.alert-fix 2021-07-07 11:32:11.634376932 -0700
|
||||
+++ ./gtests/ssl_gtest/ssl_extension_unittest.cc 2021-07-07 11:33:30.595841110 -0700
|
||||
@@ -428,7 +428,10 @@ TEST_P(TlsExtensionTest12Plus, Signature
|
||||
}
|
||||
|
||||
TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsTrailingData) {
|
||||
- const uint8_t val[] = {0x00, 0x02, 0x04, 0x01, 0x00}; // sha-256, rsa
|
||||
+ // make sure the test uses an algorithm that is legal for
|
||||
+ // tls 1.3 (or tls 1.3 will through and illegalParameter
|
||||
+ // instead of a decode error)
|
||||
+ const uint8_t val[] = {0x00, 0x02, 0x08, 0x09, 0x00}; // sha-256, rsa-pss-pss
|
||||
DataBuffer extension(val, sizeof(val));
|
||||
ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>(
|
||||
client_, ssl_signature_algorithms_xtn, extension));
|
@ -47,7 +47,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
|
||||
Summary: Network Security Services
|
||||
Name: nss
|
||||
Version: %{nss_version}
|
||||
Release: 4%{?dist}
|
||||
Release: 6%{?dist}
|
||||
License: MPLv2.0
|
||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||
Requires: nspr >= %{nspr_version}
|
||||
@ -144,7 +144,7 @@ Patch50: nss-3.66-restore-old-pkcs12-default.patch
|
||||
# Need upstream bug
|
||||
Patch219: nss-3.44-kbkdf-coverity.patch
|
||||
# no upsteam bug yet
|
||||
Patch225: nss-3.53-fix-private_key_mac.patch
|
||||
Patch225: nss-3.67-fix-private-key-mac.patch
|
||||
# no upstream bug yet
|
||||
Patch229: nss-3.53.1-measure-fix.patch
|
||||
# no upstream bug yet
|
||||
@ -155,7 +155,8 @@ Patch232: nss-3.66-fix-gtest-parsing.patch
|
||||
Patch233: nss-3.67-fix-coverity-issues.patch
|
||||
# no upstream bug yet
|
||||
Patch234: nss-3.67-fix-sdb-timeout.patch
|
||||
|
||||
# no upstream bug yet
|
||||
Patch235: nss-3.67-fix-ssl-alerts.patch
|
||||
|
||||
%description
|
||||
Network Security Services (NSS) is a set of libraries designed to
|
||||
@ -927,6 +928,13 @@ update-crypto-policies --no-reload &> /dev/null || :
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Jul 6 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-6
|
||||
- Fix ssl alert issue
|
||||
|
||||
* Thu Jul 1 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-5
|
||||
- Fix issue with reading databases that were updated using
|
||||
unpatched versions of nss
|
||||
|
||||
* Tue Jun 29 2021 Bob Relyea <rrelyea@redhat.com> - 3.67.0-4
|
||||
- Better fix for the sdb timeout. The issue wasn't a race, it was
|
||||
the sqlite timeout waiting to begin a transaction under heavy
|
||||
|
Loading…
Reference in New Issue
Block a user