import nss-3.44.0-8.el8
This commit is contained in:
commit
a09480012a
14
.gitignore
vendored
Normal file
14
.gitignore
vendored
Normal file
@ -0,0 +1,14 @@
|
||||
SOURCES/blank-cert8.db
|
||||
SOURCES/blank-cert9.db
|
||||
SOURCES/blank-key3.db
|
||||
SOURCES/blank-key4.db
|
||||
SOURCES/blank-secmod.db
|
||||
SOURCES/cert8.db.xml
|
||||
SOURCES/cert9.db.xml
|
||||
SOURCES/key3.db.xml
|
||||
SOURCES/key4.db.xml
|
||||
SOURCES/nss-3.44.tar.gz
|
||||
SOURCES/nss-config.xml
|
||||
SOURCES/nss-softokn-cavs-1.0.tar.gz
|
||||
SOURCES/secmod.db.xml
|
||||
SOURCES/setup-nsssysinit.xml
|
14
.nss.metadata
Normal file
14
.nss.metadata
Normal file
@ -0,0 +1,14 @@
|
||||
d272a7b58364862613d44261c5744f7a336bf177 SOURCES/blank-cert8.db
|
||||
b5570125fbf6bfb410705706af48217a0817c03a SOURCES/blank-cert9.db
|
||||
7f78b5bcecdb5005e7b803604b2ec9d1a9df2fb5 SOURCES/blank-key3.db
|
||||
f9c9568442386da370193474de1b25c3f68cdaf6 SOURCES/blank-key4.db
|
||||
bd748cf6e1465a1bbe6e751b72ffc0076aff0b50 SOURCES/blank-secmod.db
|
||||
6a43a6788fff0f2a967051209adbd354fad4c346 SOURCES/cert8.db.xml
|
||||
ea6705e15999bdc6365f05b3d66f9c1d49677f84 SOURCES/cert9.db.xml
|
||||
24c123810543ff0f6848647d6d910744e275fb01 SOURCES/key3.db.xml
|
||||
af51b16a56fda1f7525a0eed3ecbdcbb4133be0c SOURCES/key4.db.xml
|
||||
44a83b1bf4efd27605177ecdbf217e579ae8c8ae SOURCES/nss-3.44.tar.gz
|
||||
2905c9b06e7e686c9e3c0b5736a218766d4ae4c2 SOURCES/nss-config.xml
|
||||
d8a7f044570732caf4ed06fd44a63b3e86ea2a16 SOURCES/nss-softokn-cavs-1.0.tar.gz
|
||||
ca9ebf79c1437169a02527c18b1e3909943c4be9 SOURCES/secmod.db.xml
|
||||
bcbe05281b38d843273f91ae3f9f19f70c7d97b3 SOURCES/setup-nsssysinit.xml
|
13
SOURCES/iquote.patch
Normal file
13
SOURCES/iquote.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff -up nss/coreconf/location.mk.iquote nss/coreconf/location.mk
|
||||
--- nss/coreconf/location.mk.iquote 2017-07-27 16:09:32.000000000 +0200
|
||||
+++ nss/coreconf/location.mk 2017-09-06 13:23:14.633611555 +0200
|
||||
@@ -75,4 +75,9 @@ ifndef SQLITE_LIB_NAME
|
||||
SQLITE_LIB_NAME = sqlite3
|
||||
endif
|
||||
|
||||
+# Prefer in-tree headers over system headers
|
||||
+ifdef IN_TREE_FREEBL_HEADERS_FIRST
|
||||
+ INCLUDES += -iquote $(DIST)/../public/nss -iquote $(DIST)/../private/nss
|
||||
+endif
|
||||
+
|
||||
MK_LOCATION = included
|
560
SOURCES/nss-3.44-missing-softokn-kdf.patch
Normal file
560
SOURCES/nss-3.44-missing-softokn-kdf.patch
Normal file
@ -0,0 +1,560 @@
|
||||
diff -up ./gtests/pk11_gtest/manifest.mn.missing_kdf ./gtests/pk11_gtest/manifest.mn
|
||||
--- ./gtests/pk11_gtest/manifest.mn.missing_kdf 2019-08-08 10:22:53.072100034 -0700
|
||||
+++ ./gtests/pk11_gtest/manifest.mn 2019-08-08 10:23:33.424061237 -0700
|
||||
@@ -14,6 +14,7 @@ CPPSRCS = \
|
||||
pk11_encrypt_derive_unittest.cc \
|
||||
pk11_export_unittest.cc \
|
||||
pk11_import_unittest.cc \
|
||||
+ pk11_kdf_unittest.cc \
|
||||
pk11_pbkdf2_unittest.cc \
|
||||
pk11_prf_unittest.cc \
|
||||
pk11_prng_unittest.cc \
|
||||
diff -up ./gtests/pk11_gtest/pk11_gtest.gyp.missing_kdf ./gtests/pk11_gtest/pk11_gtest.gyp
|
||||
--- ./gtests/pk11_gtest/pk11_gtest.gyp.missing_kdf 2019-08-08 10:23:13.298080588 -0700
|
||||
+++ ./gtests/pk11_gtest/pk11_gtest.gyp 2019-08-08 10:23:49.728045561 -0700
|
||||
@@ -19,6 +19,7 @@
|
||||
'pk11_ecdsa_unittest.cc',
|
||||
'pk11_encrypt_derive_unittest.cc',
|
||||
'pk11_import_unittest.cc',
|
||||
+ 'pk11_kdf_unittest.cc',
|
||||
'pk11_pbkdf2_unittest.cc',
|
||||
'pk11_prf_unittest.cc',
|
||||
'pk11_prng_unittest.cc',
|
||||
diff -up ./gtests/pk11_gtest/pk11_kdf_unittest.cc.missing_kdf ./gtests/pk11_gtest/pk11_kdf_unittest.cc
|
||||
--- ./gtests/pk11_gtest/pk11_kdf_unittest.cc.missing_kdf 2019-08-07 14:23:28.657960569 -0700
|
||||
+++ ./gtests/pk11_gtest/pk11_kdf_unittest.cc 2019-08-08 10:22:38.015114511 -0700
|
||||
@@ -0,0 +1,509 @@
|
||||
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
+/* vim: set ts=2 et sw=2 tw=80: */
|
||||
+/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
+
|
||||
+#include <memory>
|
||||
+#include "nss.h"
|
||||
+#include "pk11pub.h"
|
||||
+
|
||||
+#include "cpputil.h"
|
||||
+
|
||||
+#include "gtest/gtest.h"
|
||||
+
|
||||
+namespace nss_test {
|
||||
+
|
||||
+const size_t kGxySize = 256;
|
||||
+const size_t kSeedSize = 8;
|
||||
+const size_t kKeySize = 64;
|
||||
+const size_t kLongKeySize = 1056;
|
||||
+const size_t kAesXcbcLen = 16;
|
||||
+const size_t kSha1Len = 20;
|
||||
+const size_t kSha224Len = 28;
|
||||
+const size_t kSha256Len = 32;
|
||||
+const size_t kSha384Len = 48;
|
||||
+const size_t kSha512Len = 64;
|
||||
+
|
||||
+// This is not the right size for anything
|
||||
+const size_t kIncorrectSize = 17;
|
||||
+
|
||||
+const uint8_t kGxyData[] = {
|
||||
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
||||
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
|
||||
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
|
||||
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
||||
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
|
||||
+ 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
|
||||
+ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
|
||||
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
|
||||
+ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
|
||||
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
|
||||
+ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x21, 0x22, 0x23,
|
||||
+ 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
|
||||
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
|
||||
+ 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
|
||||
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
|
||||
+ 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
|
||||
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
|
||||
+ 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
|
||||
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
|
||||
+ 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
|
||||
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
|
||||
+ 0xfc, 0xfd, 0xfe, 0xff};
|
||||
+
|
||||
+const uint8_t kKeyData[] = {
|
||||
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
|
||||
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
|
||||
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
|
||||
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
|
||||
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
|
||||
+ 0x3c, 0x3d, 0x3e, 0x3f};
|
||||
+
|
||||
+const uint8_t kSeed[] = {
|
||||
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
|
||||
+ 0xfc, 0xfd, 0xfe, 0xff, 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
|
||||
+ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xd0, 0xd1, 0xd2, 0xd3};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkeSha256[] = {
|
||||
+ 0xd3, 0x9d, 0xb2, 0x77, 0x4b, 0x7f, 0xea, 0x81, 0xfc, 0xe5, 0x22, 0xb7,
|
||||
+ 0xdf, 0xa5, 0x65, 0x15, 0xc9, 0x8f, 0x89, 0x45, 0xda, 0xd9, 0x5d, 0x12,
|
||||
+ 0xbb, 0x52, 0xb6, 0x3b, 0xf4, 0x4d, 0xaf, 0x16};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIke1Sha256[] = {
|
||||
+ 0x25, 0x45, 0x68, 0xd2, 0x98, 0x96, 0xa3, 0xda, 0x89, 0x76, 0x06, 0x01,
|
||||
+ 0xd0, 0xce, 0xf8, 0x05, 0x26, 0x3f, 0xaf, 0x95, 0x92, 0x48, 0x02, 0x0e,
|
||||
+ 0x39, 0x75, 0x94, 0x00, 0x22, 0xd8, 0x5a, 0x50};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkePlusSha256[] = {
|
||||
+ 0x03, 0x1e, 0xe7, 0x13, 0x6e, 0x58, 0x11, 0xc4, 0x81, 0x56, 0x42, 0x3c,
|
||||
+ 0x3c, 0xaa, 0xdb, 0xad, 0x8a, 0x84, 0xdc, 0xa3, 0x0f, 0xe7, 0x67, 0x55,
|
||||
+ 0x9c, 0x9f, 0xb8, 0x57, 0xa9, 0x5b, 0x41, 0x53, 0x86, 0xe0, 0xb3, 0x21,
|
||||
+ 0x08, 0x1b, 0x38, 0x24, 0xce, 0xef, 0x7c, 0x89, 0x0d, 0xa7, 0xae, 0x14,
|
||||
+ 0x58, 0xbd, 0x79, 0x9c, 0x32, 0x25, 0x7f, 0x3e, 0xbd, 0xe1, 0xfb, 0x3a,
|
||||
+ 0x38, 0x51, 0x05, 0xaa, 0xc8, 0x37, 0x3e, 0x4e, 0x9b, 0x70, 0xb8, 0xe2,
|
||||
+ 0x21, 0xe7, 0x12, 0xb3, 0xf7, 0x64, 0x21, 0x9d, 0x52, 0x38, 0x41, 0xfb,
|
||||
+ 0x54, 0xaf, 0x59, 0xc3, 0xab, 0xf3, 0x7f, 0x64, 0xee, 0x17, 0xf5, 0xa8,
|
||||
+ 0x2b, 0xdf, 0x2d, 0xd3, 0x29, 0x0e, 0x4f, 0x31, 0x54, 0x25, 0x4e, 0x65,
|
||||
+ 0x52, 0xdf, 0x66, 0xfd, 0x49, 0x85, 0x1f, 0x87, 0x71, 0xa1, 0x5c, 0xfa,
|
||||
+ 0x99, 0xf5, 0x21, 0x9a, 0xbc, 0x55, 0x5b, 0x1c, 0x19, 0xd9, 0x4b, 0x42,
|
||||
+ 0xc5, 0xa0, 0xed, 0x1a, 0x1e, 0xf0, 0x04, 0x52, 0xb3, 0xd0, 0x0f, 0x48,
|
||||
+ 0x45, 0x00, 0xdc, 0x94, 0xae, 0xd8, 0x70, 0x2e, 0xdd, 0x12, 0xe1, 0x66,
|
||||
+ 0x72, 0xc2, 0x39, 0xd2, 0xc6, 0xfa, 0xdd, 0x8c, 0x11, 0x9c, 0x9d, 0x60,
|
||||
+ 0xd1, 0x08, 0x79, 0x62, 0xbb, 0x97, 0x45, 0x38, 0x2d, 0x83, 0x9c, 0x2e,
|
||||
+ 0x8f, 0x88, 0xa3, 0xad, 0x5b, 0x8e, 0x4e, 0x0e, 0xdb, 0xee, 0xaf, 0x1d,
|
||||
+ 0xf6, 0xe7, 0x7e, 0x28, 0xc5, 0xcf, 0x0c, 0xd9, 0xee, 0xde, 0xc8, 0x87,
|
||||
+ 0x00, 0xfe, 0x02, 0xd8, 0x30, 0xa6, 0x68, 0xec, 0x51, 0x22, 0xac, 0x4c,
|
||||
+ 0x38, 0x0f, 0xbb, 0x5c, 0xcb, 0xd5, 0x93, 0xda, 0xea, 0xd0, 0x1b, 0x41,
|
||||
+ 0x85, 0x8d, 0x12, 0x56, 0xbb, 0x90, 0x62, 0xc9, 0x91, 0x62, 0xf8, 0x29,
|
||||
+ 0x9a, 0x4f, 0xd8, 0x5e, 0x7d, 0x1f, 0x69, 0xe8, 0x23, 0x53, 0x26, 0x98,
|
||||
+ 0x98, 0x88, 0xfa, 0x14, 0xdc, 0xa3, 0x0f, 0xc7, 0x58, 0xb2, 0x6d, 0xa5,
|
||||
+ 0x34, 0x53, 0xb5, 0xc3, 0xcc, 0xbb, 0xd7, 0xd4, 0x80, 0xf3, 0x8c, 0x79,
|
||||
+ 0xd2, 0xac, 0x12, 0xa5, 0xf9, 0x99, 0xe7, 0x1b, 0x46, 0x16, 0x02, 0x6a,
|
||||
+ 0xa3, 0xc5, 0x20, 0xb5, 0x5a, 0x55, 0xbd, 0xac, 0x70, 0xf1, 0x5b, 0xe4,
|
||||
+ 0x45, 0x12, 0x7e, 0xcf, 0x12, 0xbf, 0x53, 0x7e, 0x3d, 0xbe, 0x53, 0x77,
|
||||
+ 0xc4, 0x2c, 0x17, 0x5f, 0xe5, 0xb9, 0x73, 0x01, 0x5d, 0x9b, 0x34, 0x3c,
|
||||
+ 0x45, 0xf0, 0xa4, 0x91, 0xaf, 0x34, 0xa2, 0xd6, 0x0a, 0x14, 0x98, 0x2c,
|
||||
+ 0x91, 0xd5, 0x8f, 0x12, 0xde, 0x7c, 0x61, 0xd8, 0x42, 0x07, 0x42, 0x1a,
|
||||
+ 0x01, 0x2b, 0xf6, 0x54, 0xd1, 0xde, 0x6d, 0x9c, 0x8b, 0x51, 0x81, 0x3e,
|
||||
+ 0x01, 0xd1, 0xfb, 0x5a, 0xcd, 0xf0, 0xeb, 0xcc, 0x03, 0xe2, 0xc1, 0x31,
|
||||
+ 0x92, 0x11, 0x88, 0x1f, 0xec, 0x81, 0x07, 0x78, 0x89, 0x89, 0x29, 0x19,
|
||||
+ 0x3f, 0x75, 0x01, 0x0e, 0x73, 0xbc, 0x1e, 0x76, 0x23, 0x80, 0x36, 0xaa,
|
||||
+ 0x2a, 0xd0, 0x77, 0x57, 0x6a, 0xea, 0xe2, 0xdb, 0xed, 0x17, 0x79, 0x3d,
|
||||
+ 0x8b, 0x8a, 0xbe, 0x32, 0x90, 0x2e, 0x1c, 0x00, 0xc2, 0x27, 0xb5, 0x64,
|
||||
+ 0x7c, 0xc3, 0xca, 0xb8, 0xaf, 0xcb, 0x17, 0x29, 0xec, 0x00, 0x5b, 0x83,
|
||||
+ 0x9f, 0xfe, 0x8b, 0xb6, 0x6f, 0x01, 0x23, 0x6b, 0xb3, 0xaa, 0x34, 0x3f,
|
||||
+ 0x5c, 0x66, 0x7c, 0xec, 0x15, 0x5a, 0xa9, 0x3c, 0xe2, 0xef, 0xcb, 0xe5,
|
||||
+ 0x79, 0xfa, 0xf2, 0x7c, 0x4e, 0x0f, 0x70, 0x41, 0xa4, 0x09, 0x07, 0x30,
|
||||
+ 0xbd, 0x28, 0x3f, 0x30, 0xd3, 0xc2, 0xbd, 0x06, 0x5e, 0x21, 0xbd, 0x20,
|
||||
+ 0xae, 0xa4, 0xa9, 0x7d, 0x91, 0xe8, 0x9d, 0x0a, 0x81, 0x02, 0xf7, 0xd6,
|
||||
+ 0x7c, 0x1f, 0xb6, 0xa5, 0x40, 0xb6, 0x25, 0xac, 0xce, 0x77, 0x20, 0xfa,
|
||||
+ 0x71, 0x79, 0x21, 0x94, 0xcd, 0x63, 0xcf, 0x62, 0xd4, 0xda, 0xc6, 0xe8,
|
||||
+ 0x3c, 0xdb, 0x86, 0x1e, 0x8d, 0x2d, 0x12, 0xf6, 0xea, 0xb0, 0xed, 0xf8,
|
||||
+ 0xfa, 0xc6, 0x37, 0xee, 0xca, 0x11, 0x1a, 0xac, 0x95, 0xf6, 0xe3, 0x02,
|
||||
+ 0x97, 0xba, 0xb2, 0xb2, 0x02, 0x82, 0xbe, 0x32, 0xa3, 0xe8, 0xf4, 0xae,
|
||||
+ 0x4e, 0xaf, 0x47, 0xb9, 0xe7, 0x91, 0x18, 0x90, 0xd8, 0xcb, 0x59, 0xed,
|
||||
+ 0xc2, 0x47, 0x6d, 0xe1, 0x9d, 0x74, 0xe6, 0xc7, 0xc0, 0xdc, 0x82, 0x5b,
|
||||
+ 0x6a, 0x7d, 0x1c, 0x58, 0xc8, 0x3d, 0x7d, 0xed, 0xdd, 0x60, 0x91, 0x9e,
|
||||
+ 0x68, 0x6e, 0x56, 0x33, 0x8b, 0xca, 0x35, 0xf8, 0x96, 0x67, 0x22, 0x3a,
|
||||
+ 0xb9, 0x02, 0xe9, 0x7c, 0xb1, 0xca, 0x25, 0xc2, 0xc8, 0xc7, 0xd8, 0x71,
|
||||
+ 0xfa, 0xfa, 0x76, 0xeb, 0x1d, 0x52, 0x75, 0xc6, 0x56, 0xf3, 0x1a, 0xd3,
|
||||
+ 0xda, 0xe4, 0x49, 0x7b, 0xd0, 0x77, 0x72, 0x06, 0xe7, 0xb9, 0xd9, 0x06,
|
||||
+ 0x87, 0x43, 0x6a, 0x52, 0xee, 0x3a, 0x71, 0x6e, 0x51, 0x8d, 0x55, 0x7a,
|
||||
+ 0xb1, 0x62, 0x75, 0xac, 0xa9, 0x89, 0x77, 0x93, 0x40, 0xef, 0x66, 0x44,
|
||||
+ 0x08, 0x49, 0xbb, 0xdb, 0x85, 0x0b, 0xd3, 0xfa, 0x37, 0x27, 0x41, 0xd1,
|
||||
+ 0x57, 0xc3, 0x95, 0xaa, 0x85, 0x5a, 0x43, 0x74, 0x39, 0x72, 0x08, 0xdf,
|
||||
+ 0x58, 0xe1, 0xf7, 0x95, 0x6c, 0xc1, 0xb1, 0x9b, 0x21, 0x53, 0xc1, 0xf9,
|
||||
+ 0xcc, 0x74, 0xf9, 0x62, 0xa4, 0xa0, 0x34, 0x22, 0xaa, 0x84, 0x78, 0x49,
|
||||
+ 0x50, 0xa9, 0x8e, 0x7b, 0xfa, 0xaa, 0xc2, 0xe8, 0xae, 0x34, 0x3d, 0xa7,
|
||||
+ 0xe1, 0x5a, 0x14, 0xa6, 0xd7, 0x6c, 0x67, 0xc7, 0x5e, 0xda, 0x79, 0x36,
|
||||
+ 0x57, 0x85, 0x5e, 0x09, 0xa2, 0x1f, 0x96, 0x5a, 0x71, 0xc2, 0xfe, 0x57,
|
||||
+ 0x5c, 0x4c, 0xe8, 0xbf, 0x9b, 0x5c, 0xd7, 0x06, 0x09, 0xb5, 0x63, 0x93,
|
||||
+ 0x7e, 0xee, 0x65, 0xef, 0x88, 0xe1, 0x60, 0x3e, 0x50, 0x84, 0x39, 0xb9,
|
||||
+ 0xae, 0xab, 0xad, 0xee, 0x31, 0x04, 0x7f, 0xed, 0x78, 0x35, 0xc0, 0x14,
|
||||
+ 0xa6, 0xc3, 0xeb, 0x3c, 0xd7, 0xc3, 0xb3, 0x6b, 0x58, 0x63, 0x7e, 0xa8,
|
||||
+ 0xc9, 0xb9, 0x23, 0xd3, 0xe5, 0xe7, 0xcc, 0x84, 0x63, 0xc8, 0xbd, 0x31,
|
||||
+ 0x9f, 0x02, 0x4e, 0x74, 0x98, 0xba, 0x8a, 0x0c, 0x80, 0xab, 0x10, 0xc4,
|
||||
+ 0xb2, 0x61, 0xad, 0x3d, 0x93, 0x9d, 0xdc, 0x76, 0xe5, 0x0e, 0x2e, 0x4b,
|
||||
+ 0x81, 0x3b, 0x1f, 0xd3, 0x54, 0xc0, 0x2a, 0xde, 0x0e, 0x1d, 0x59, 0x31,
|
||||
+ 0x5c, 0x28, 0xf8, 0x75, 0xfc, 0x71, 0x2e, 0xc1, 0x85, 0x90, 0x23, 0xfd,
|
||||
+ 0x2e, 0x8b, 0xb9, 0x52, 0x1a, 0xdf, 0x61, 0x54, 0x9b, 0x43, 0xa6, 0x8d,
|
||||
+ 0x5f, 0xd0, 0x52, 0x0b, 0x66, 0xbc, 0xf5, 0x1a, 0xce, 0x58, 0xef, 0xb3,
|
||||
+ 0x1d, 0x8d, 0x4b, 0x1b, 0xf3, 0x8e, 0xe6, 0x68, 0xc3, 0xd5, 0x95, 0x42,
|
||||
+ 0xf5, 0xb0, 0x73, 0x2c, 0x31, 0x71, 0x20, 0xf5, 0xdc, 0xbf, 0x56, 0x72,
|
||||
+ 0x53, 0xf9, 0xfe, 0xfa, 0x19, 0xdc, 0x46, 0xd1, 0x2b, 0xe3, 0xdb, 0x50,
|
||||
+ 0xec, 0x14, 0xee, 0x70, 0xcc, 0xe6, 0x11, 0x75, 0xb4, 0x63, 0xfc, 0xd1,
|
||||
+ 0x8f, 0x54, 0xfa, 0xcc, 0x99, 0xcc, 0xb8, 0x61, 0xa7, 0x33, 0x18, 0xa2,
|
||||
+ 0x17, 0xee, 0xb1, 0x82, 0x3d, 0x6a, 0x8d, 0x63, 0xe0, 0x15, 0x1b, 0x5c,
|
||||
+ 0x20, 0x53, 0x33, 0xa7, 0x85, 0x17, 0x81, 0xba, 0x18, 0x2a, 0x73, 0x00,
|
||||
+ 0x1e, 0x3e, 0x2c, 0xb5, 0x5f, 0x4e, 0x82, 0xa8, 0x09, 0xa0, 0x22, 0xdc,
|
||||
+ 0xc4, 0x76, 0x7c, 0x66, 0xf4, 0x78, 0xa1, 0x0a, 0xf7, 0x39, 0x06, 0x0a,
|
||||
+ 0xd7, 0x43, 0x72, 0x12, 0x3b, 0x8e, 0x7e, 0x62, 0x4f, 0x5a, 0x03, 0xe5,
|
||||
+ 0x22, 0x97, 0xdc, 0xbb, 0xaa, 0xa2, 0xc0, 0x03, 0x8e, 0x60, 0xd1, 0x61,
|
||||
+ 0xc7, 0xef, 0x0f, 0x54, 0x43, 0x4e, 0x38, 0xda, 0xb6, 0xe2, 0x5b, 0x0e,
|
||||
+ 0x45, 0xae, 0x39, 0x86, 0x85, 0x25, 0x30, 0xb1, 0x9d, 0xda, 0xdb, 0x70,
|
||||
+ 0xa7, 0xe5, 0x77, 0xb8, 0x47, 0xaa, 0xe7, 0x3e, 0xe8, 0x5a, 0x96, 0xc6,
|
||||
+ 0x0a, 0x0b, 0x07, 0x8d, 0x6d, 0xeb, 0x80, 0x0c, 0xd9, 0x80, 0x2d, 0x4d};
|
||||
+
|
||||
+const uint8_t kExpectedOutputIkeAppBSha256[] = {
|
||||
+ 0xe7, 0x11, 0x54, 0x6e, 0x3f, 0xaa, 0xd4, 0xc7, 0xc4, 0xaa, 0x75, 0x6b,
|
||||
+ 0xc2, 0x6c, 0xad, 0x6a, 0xbe, 0xa8, 0x24, 0x19, 0x84, 0xa0, 0xf6, 0xb0,
|
||||
+ 0x83, 0x9c, 0x70, 0xca, 0x61, 0xc4, 0xef, 0x88, 0xd7, 0xd5, 0xb7, 0x2e,
|
||||
+ 0x45, 0x32, 0xe1, 0x1d, 0x12, 0x38, 0xfb, 0xcb, 0x08, 0x54, 0xc7, 0xdb,
|
||||
+ 0xc4, 0x80, 0x2d, 0xd4, 0xf3, 0xbf, 0x51, 0x80, 0xf3, 0xa6, 0xdf, 0x77,
|
||||
+ 0x51, 0x61, 0xd8, 0xdb, 0x98, 0x2c, 0xc2, 0xe6, 0x72, 0x36, 0x90, 0xf9,
|
||||
+ 0xd2, 0x2a, 0x6d, 0x6c, 0xeb, 0x10, 0x3f, 0xa0, 0xa3, 0xff, 0xe4, 0x8b,
|
||||
+ 0x5a, 0x4a, 0x1b, 0xec, 0xb0, 0x48, 0xb0, 0xed, 0x16, 0x8a, 0x89, 0x31,
|
||||
+ 0x96, 0x5e, 0xa9, 0x11, 0x1f, 0x28, 0x68, 0x07, 0xf1, 0xa3, 0x2b, 0x01,
|
||||
+ 0x4f, 0x0b, 0x73, 0x78, 0x3b, 0xca, 0x4f, 0x8f, 0x34, 0xc0, 0x21, 0x14,
|
||||
+ 0xe3, 0xdf, 0xa1, 0xf7, 0x05, 0x63, 0xcb, 0x74, 0x7a, 0x90, 0x59, 0x19,
|
||||
+ 0xc9, 0xa9, 0x47, 0xcf, 0xe7, 0xbe, 0x04, 0xa7, 0x0c, 0x32, 0xdd, 0x34,
|
||||
+ 0x07, 0x8f, 0x4f, 0xb5, 0x75, 0xfb, 0xb9, 0x06, 0xd2, 0x55, 0x08, 0xce,
|
||||
+ 0x0a, 0x47, 0xc2, 0x64, 0x5f, 0xd5, 0xab, 0x55, 0x2a, 0x1a, 0x7e, 0xbd,
|
||||
+ 0xd5, 0x6d, 0x43, 0x89, 0x3c, 0x53, 0xde, 0x01, 0xfe, 0x19, 0x19, 0xc3,
|
||||
+ 0xaf, 0xa0, 0x64, 0x2d, 0x7e, 0xe1, 0x7e, 0x31, 0x61, 0xf9, 0xe6, 0x4f,
|
||||
+ 0x56, 0xc3, 0xc9, 0x7e, 0x92, 0xd7, 0x88, 0x58, 0x1a, 0x7f, 0x3c, 0x3e,
|
||||
+ 0xae, 0x3f, 0x86, 0xec, 0xb2, 0xaa, 0x8b, 0xaf, 0x22, 0x49, 0xa5, 0x3d,
|
||||
+ 0xc2, 0xb1, 0x94, 0x0f, 0x5b, 0x08, 0x49, 0xac, 0x23, 0xa4, 0x79, 0x33,
|
||||
+ 0xde, 0xfb, 0x8b, 0xd3, 0xe6, 0x6c, 0x83, 0xce, 0x01, 0xc7, 0xb4, 0x23,
|
||||
+ 0x5c, 0x6d, 0x81, 0xda, 0x70, 0x71, 0x43, 0x9c, 0x94, 0x6a, 0x9e, 0x03,
|
||||
+ 0x6d, 0xc3, 0x71, 0x69, 0x53, 0x83, 0x89, 0x08, 0x1b, 0x2b, 0x4b, 0xa8,
|
||||
+ 0x4a, 0x2a, 0xdf, 0x26, 0xaf, 0xc3, 0x8e, 0x59, 0x15, 0xa7, 0x24, 0x8f,
|
||||
+ 0x3c, 0xad, 0x08, 0xf2, 0x12, 0xe1, 0x42, 0x41, 0x0c, 0xcb, 0x3e, 0xf4,
|
||||
+ 0x71, 0xab, 0xb1, 0x16, 0x2c, 0xb7, 0xe1, 0x3f, 0x94, 0x03, 0x01, 0x78,
|
||||
+ 0xd7, 0x84, 0x1d, 0x63, 0x03, 0xfe, 0x4b, 0x3f, 0x40, 0xce, 0x30, 0x75,
|
||||
+ 0x10, 0xd1, 0xa4, 0xd3, 0x3c, 0x68, 0x9b, 0xc0, 0x6b, 0xdc, 0xe1, 0xda,
|
||||
+ 0x06, 0x41, 0x71, 0x20, 0x88, 0x82, 0x60, 0x2e, 0x48, 0x93, 0x78, 0x30,
|
||||
+ 0xb4, 0xb9, 0xe3, 0x88, 0x79, 0xf7, 0x0d, 0x0b, 0xa4, 0xae, 0x2e, 0x7b,
|
||||
+ 0x00, 0x82, 0x49, 0xbf, 0xe8, 0x07, 0xb4, 0x51, 0xd9, 0xa0, 0xf7, 0x8f,
|
||||
+ 0xe6, 0x24, 0x17, 0xd0, 0xa5, 0x58, 0xcc, 0x37, 0xf2, 0x86, 0x6e, 0xc2,
|
||||
+ 0xf0, 0xf0, 0x87, 0x64, 0xfa, 0x6e, 0x94, 0x99, 0x1a, 0xbc, 0xd9, 0xea,
|
||||
+ 0x48, 0x07, 0x38, 0x2e, 0x79, 0x61, 0x82, 0x69, 0x09, 0x6f, 0xbc, 0x8e,
|
||||
+ 0x44, 0x38, 0x0e, 0xc9, 0x6f, 0xcd, 0xb7, 0x39, 0x92, 0x02, 0x27, 0x23,
|
||||
+ 0x35, 0xcf, 0x4f, 0xf7, 0x52, 0x7b, 0x33, 0x93, 0xbd, 0x6c, 0x7c, 0xef,
|
||||
+ 0x39, 0x4b, 0x1a, 0x9f, 0xdf, 0x8f, 0x5c, 0x5b, 0x7b, 0xdb, 0x6b, 0xfd,
|
||||
+ 0x72, 0xe0, 0xb0, 0xc5, 0x97, 0x5b, 0x08, 0x6b, 0x17, 0x2f, 0x38, 0xd7,
|
||||
+ 0xbe, 0xf8, 0xd7, 0x20, 0xf5, 0x33, 0x68, 0x69, 0x16, 0xe5, 0x08, 0x05,
|
||||
+ 0x6c, 0x1b, 0xfa, 0xa8, 0x63, 0x55, 0xb4, 0x03, 0xb9, 0x89, 0xd7, 0x61,
|
||||
+ 0xf3, 0x9a, 0xf6, 0x45, 0xb4, 0xb2, 0x16, 0x5d, 0xf3, 0x09, 0x7b, 0x09,
|
||||
+ 0x09, 0x75, 0x0a, 0xbd, 0xdf, 0x7d, 0xe6, 0x1e, 0x07, 0xec, 0x7c, 0x14,
|
||||
+ 0xac, 0x4b, 0x68, 0xa8, 0x44, 0x5f, 0x77, 0x36, 0xb8, 0x1d, 0x7c, 0x73,
|
||||
+ 0x82, 0x80, 0xc2, 0x52, 0x55, 0x2c, 0x5d, 0xba, 0x53, 0x79, 0x45, 0xad,
|
||||
+ 0x51, 0x98, 0xbb, 0x8a, 0xea, 0x4f, 0x19, 0x22, 0x22, 0x69, 0xd3, 0x3a,
|
||||
+ 0x72, 0xd8, 0xe3, 0x37, 0xf4, 0x3b, 0xf3, 0xf1, 0x52, 0x48, 0x4d, 0xbf,
|
||||
+ 0xa5, 0x7a, 0xef, 0x44, 0x53, 0x7b, 0x6e, 0x6c, 0xb7, 0x1a, 0xa8, 0x75,
|
||||
+ 0xaf, 0xdb, 0x15, 0x05, 0x53, 0xc8, 0xb9, 0x9c, 0xea, 0x1a, 0xf7, 0x9d,
|
||||
+ 0x9b, 0xb6, 0xa6, 0x5e, 0x0f, 0xf7, 0x49, 0x7e, 0xc9, 0x12, 0x38, 0x3d,
|
||||
+ 0x78, 0xaf, 0x80, 0x3d, 0x76, 0x6d, 0x96, 0x4f, 0x06, 0xff, 0xdf, 0xc5,
|
||||
+ 0x9c, 0x47, 0xbe, 0x3e, 0x3d, 0xc2, 0x2a, 0x41, 0x15, 0x7e, 0xbd, 0xab,
|
||||
+ 0x12, 0x02, 0xfe, 0xa5, 0x4f, 0xb4, 0x1a, 0xf5, 0x6a, 0xed, 0xff, 0x50,
|
||||
+ 0x5a, 0x56, 0x7b, 0x2f, 0xff, 0xff, 0x29, 0xb5, 0x77, 0xf4, 0x38, 0xb3,
|
||||
+ 0x40, 0xd9, 0x17, 0x89, 0x43, 0x3f, 0x86, 0x29, 0x50, 0xce, 0x72, 0xde,
|
||||
+ 0x55, 0x63, 0x06, 0x14, 0x50, 0xae, 0xc1, 0x49, 0x10, 0x55, 0x21, 0xeb,
|
||||
+ 0x68, 0xe7, 0xfc, 0xc7, 0xf5, 0x92, 0xc5, 0xf2, 0xe2, 0xc9, 0xdb, 0x42,
|
||||
+ 0x59, 0x44, 0x0e, 0xda, 0x23, 0x50, 0x62, 0xef, 0x6e, 0xae, 0x1c, 0x0e,
|
||||
+ 0x93, 0x74, 0xa6, 0xdb, 0x4c, 0xc7, 0x4b, 0xa6, 0xe2, 0x3a, 0xe3, 0x03,
|
||||
+ 0x22, 0xd1, 0xe4, 0x21, 0x13, 0x98, 0x6a, 0xeb, 0x43, 0xbf, 0xe6, 0x8a,
|
||||
+ 0xfb, 0x28, 0x15, 0x47, 0x7e, 0xaa, 0x12, 0x60, 0x08, 0x23, 0xc6, 0x59,
|
||||
+ 0xeb, 0xc1, 0x71, 0x18, 0x03, 0x16, 0x7f, 0x75, 0x5f, 0x65, 0x8a, 0x7f,
|
||||
+ 0x1d, 0xae, 0x98, 0x94, 0xa4, 0xb1, 0xf5, 0xcc, 0x0a, 0x6f, 0x62, 0x79,
|
||||
+ 0x27, 0x38, 0x32, 0x73, 0x90, 0xc8, 0x3f, 0x70, 0xf7, 0x44, 0xcf, 0xfd,
|
||||
+ 0xc8, 0xfa, 0xcb, 0x3e, 0x73, 0x5f, 0x1d, 0xde, 0xb5, 0x73, 0x4d, 0x00,
|
||||
+ 0x2a, 0xce, 0x77, 0x92, 0x17, 0x0f, 0xcf, 0xbf, 0x87, 0x78, 0xdc, 0xbc,
|
||||
+ 0x83, 0xb3, 0x86, 0xd5, 0x32, 0xf5, 0x17, 0x73, 0xba, 0x90, 0xae, 0xc4,
|
||||
+ 0x40, 0x25, 0x26, 0xde, 0x8c, 0x5e, 0xbb, 0x83, 0x0e, 0x27, 0xd5, 0x0a,
|
||||
+ 0x4d, 0x89, 0xf0, 0xf3, 0x0f, 0xb5, 0x7d, 0xe3, 0x04, 0x6b, 0x5a, 0x59,
|
||||
+ 0xf4, 0x0a, 0x23, 0xc9, 0xe9, 0xe5, 0x1c, 0x20, 0x43, 0xac, 0xe2, 0x61,
|
||||
+ 0x10, 0x8d, 0x20, 0x83, 0xe7, 0x60, 0x28, 0x32, 0xd0, 0x15, 0x67, 0xf1,
|
||||
+ 0xaf, 0xd4, 0xcb, 0x2a, 0xec, 0xc5, 0xe2, 0xe7, 0xa2, 0x57, 0x18, 0x3d,
|
||||
+ 0x5e, 0xdd, 0x14, 0x88, 0x39, 0x59, 0x10, 0x9c, 0xa9, 0xf9, 0xd9, 0xb9,
|
||||
+ 0xdd, 0x09, 0xb0, 0x2f, 0x5a, 0x30, 0x0f, 0xbf, 0x34, 0x8a, 0xf1, 0x62,
|
||||
+ 0x40, 0x15, 0x4e, 0xe9, 0x69, 0x2f, 0x94, 0x87, 0x07, 0xf0, 0x01, 0xa2,
|
||||
+ 0x8f, 0x11, 0xb9, 0x31, 0x4c, 0x2b, 0x7d, 0x7f, 0x6c, 0x04, 0xd6, 0x91,
|
||||
+ 0x4d, 0x71, 0x6b, 0x8c, 0xa7, 0x47, 0xb1, 0x34, 0x34, 0x08, 0xda, 0x5b,
|
||||
+ 0xcb, 0x82, 0xbb, 0x5b, 0x14, 0x27, 0x2a, 0x20, 0x25, 0xda, 0xbe, 0x1d,
|
||||
+ 0x21, 0xa8, 0x68, 0x77, 0xf4, 0x17, 0xaf, 0x7f, 0x22, 0xda, 0xd4, 0xc6,
|
||||
+ 0x38, 0x0c, 0xbe, 0xf1, 0xa5, 0x0b, 0x17, 0x83, 0x22, 0xb3, 0x5b, 0x12,
|
||||
+ 0x1f, 0x0a, 0x18, 0x14, 0x46, 0xbf, 0x9b, 0xc0, 0x53, 0x7a, 0x83, 0x40,
|
||||
+ 0xde, 0x1a, 0x9d, 0xf0, 0x3b, 0x66, 0x74, 0x01, 0xa1, 0xfc, 0x29, 0xde,
|
||||
+ 0x08, 0x66, 0x85, 0x56, 0x2c, 0xc8, 0x30, 0xb7, 0x42, 0x1f, 0xa2, 0x32,
|
||||
+ 0x28, 0xc4, 0xc5, 0xfe, 0xea, 0xb0, 0x4e, 0x81, 0x59, 0x74, 0x90, 0x93,
|
||||
+ 0xb1, 0x1c, 0x5c, 0x4f, 0x54, 0x5e, 0xcc, 0xd7, 0x1d, 0x75, 0xd2, 0x3d,
|
||||
+ 0x77, 0xff, 0x72, 0xa8, 0x74, 0x31, 0xec, 0x74, 0xe8, 0xcc, 0x69, 0xce,
|
||||
+ 0xde, 0xe5, 0x05, 0x1e, 0xc2, 0x99, 0x90, 0x22, 0xe5, 0x10, 0xd4, 0xaf,
|
||||
+ 0x52, 0xe3, 0x47, 0xf4, 0x38, 0xeb, 0xa3, 0xd2, 0x72, 0x64, 0xb2, 0xd3,
|
||||
+ 0x0c, 0x0c, 0xaa, 0xae, 0x29, 0xb5, 0x38, 0xd4, 0x52, 0xfa, 0x96, 0x17,
|
||||
+ 0x7a, 0x18, 0xe8, 0x89, 0xd2, 0xd5, 0xd9, 0xae, 0x5a, 0x0e, 0x25, 0x8d};
|
||||
+
|
||||
+class IkeKdfTest : public ::testing::Test {
|
||||
+ public:
|
||||
+ IkeKdfTest()
|
||||
+ : params_({siBuffer, nullptr, 0}),
|
||||
+ gxy_item_({siBuffer, toUcharPtr(kGxyData), kGxySize}),
|
||||
+ skey_item_({siBuffer, toUcharPtr(kKeyData), kKeySize}),
|
||||
+ key_mech_(0),
|
||||
+ slot_(nullptr),
|
||||
+ gxy_(nullptr),
|
||||
+ skey_(nullptr),
|
||||
+ okey_(nullptr) {}
|
||||
+
|
||||
+ ~IkeKdfTest() {
|
||||
+ if (slot_) {
|
||||
+ PK11_FreeSlot(slot_);
|
||||
+ }
|
||||
+ if (gxy_) {
|
||||
+ PK11_FreeSymKey(gxy_);
|
||||
+ }
|
||||
+ ClearTempVars();
|
||||
+ }
|
||||
+
|
||||
+ void ClearTempVars() {
|
||||
+ if (skey_) {
|
||||
+ PK11_FreeSymKey(skey_);
|
||||
+ skey_ = nullptr;
|
||||
+ }
|
||||
+ if (okey_) {
|
||||
+ PK11_FreeSymKey(okey_);
|
||||
+ okey_ = nullptr;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ void Init() {
|
||||
+ params_.type = siBuffer;
|
||||
+
|
||||
+ gxy_item_.type = siBuffer;
|
||||
+ gxy_item_.data =
|
||||
+ const_cast<unsigned char*>(static_cast<const unsigned char*>(kGxyData));
|
||||
+ gxy_item_.len = sizeof(kGxyData);
|
||||
+ skey_item_.type = siBuffer;
|
||||
+ skey_item_.data =
|
||||
+ const_cast<unsigned char*>(static_cast<const unsigned char*>(kKeyData));
|
||||
+
|
||||
+ slot_ = PK11_GetInternalSlot();
|
||||
+ ASSERT_NE(nullptr, slot_);
|
||||
+ gxy_ = PK11_ImportSymKey(slot_, CKM_NSS_IKE_PRF_DERIVE, PK11_OriginUnwrap,
|
||||
+ CKA_DERIVE, &gxy_item_, NULL);
|
||||
+ ASSERT_NE(nullptr, gxy_);
|
||||
+ }
|
||||
+
|
||||
+ void ComputeAndVerifyKey(CK_MECHANISM_TYPE derive_mech,
|
||||
+ CK_MECHANISM_TYPE hash_mech, const uint8_t* expected) {
|
||||
+ // Infer prf length from mechanism
|
||||
+ int prf_len = 0;
|
||||
+ std::string mac = "unknown";
|
||||
+
|
||||
+ switch (hash_mech) {
|
||||
+ case CKM_AES_XCBC_MAC:
|
||||
+ prf_len = kAesXcbcLen;
|
||||
+ mac = "CKM_AES_XCBC_MAC";
|
||||
+ break;
|
||||
+ case CKM_SHA_1_HMAC:
|
||||
+ prf_len = kSha1Len;
|
||||
+ mac = "CKM_SHA_1_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA224_HMAC:
|
||||
+ prf_len = kSha224Len;
|
||||
+ mac = "CKM_SHA224_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA256_HMAC:
|
||||
+ prf_len = kSha256Len;
|
||||
+ mac = "CKM_SHA256_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA384_HMAC:
|
||||
+ prf_len = kSha384Len;
|
||||
+ mac = "CKM_SHA384_HMAC";
|
||||
+ break;
|
||||
+ case CKM_SHA512_HMAC:
|
||||
+ prf_len = kSha512Len;
|
||||
+ mac = "CKM_SHA512_HMAC";
|
||||
+ break;
|
||||
+ default:
|
||||
+ ASSERT_TRUE(false) << "Invalid PRF Mechanism";
|
||||
+ }
|
||||
+
|
||||
+ Inner(derive_mech, hash_mech, mac, prf_len, expected);
|
||||
+ }
|
||||
+
|
||||
+ // Set output == nullptr to test when errors occur
|
||||
+ void Inner(CK_MECHANISM_TYPE derive_mech, CK_MECHANISM_TYPE hash_mech,
|
||||
+ std::string mac, size_t prf_len, const uint8_t* expected) {
|
||||
+ PRBool use_skey = PR_FALSE;
|
||||
+ size_t output_len = 0;
|
||||
+ PK11SymKey *derive_key = nullptr;
|
||||
+ std::stringstream s;
|
||||
+ s << "Derive:";
|
||||
+ std::string msg;
|
||||
+
|
||||
+ ClearTempVars();
|
||||
+
|
||||
+ // Import the params
|
||||
+ CK_NSS_IKE_PRF_DERIVE_PARAMS ike_prf;
|
||||
+ CK_NSS_IKE1_PRF_DERIVE_PARAMS ike1_prf;
|
||||
+ CK_NSS_IKE_PRF_PLUS_DERIVE_PARAMS ikep_prf;
|
||||
+ CK_MECHANISM_TYPE ike1_app_b;
|
||||
+
|
||||
+ switch (derive_mech) {
|
||||
+ case CKM_NSS_IKE_PRF_DERIVE:
|
||||
+ ike_prf.prfMechanism = hash_mech;
|
||||
+ ike_prf.bDataAsKey = PR_TRUE;
|
||||
+ ike_prf.bRekey = PR_FALSE;
|
||||
+ ike_prf.pNi = toUcharPtr(kSeed);
|
||||
+ ike_prf.ulNiLen = kSeedSize;
|
||||
+ ike_prf.pNr = toUcharPtr(kSeed);
|
||||
+ ike_prf.ulNrLen = kSeedSize;
|
||||
+ ike_prf.hNewKey = CK_INVALID_HANDLE;
|
||||
+ output_len = 0;
|
||||
+ use_skey = PR_FALSE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike_prf);
|
||||
+ params_.len = sizeof(ike_prf);
|
||||
+ s << "CKM_NSS_IKE_PRF_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE_PRF_PLUS_DERIVE:
|
||||
+ ikep_prf.prfMechanism = hash_mech;
|
||||
+ ikep_prf.bHasSeedKey = PR_FALSE;
|
||||
+ ikep_prf.pSeedData= toUcharPtr(kSeed);
|
||||
+ ikep_prf.ulSeedDataLen = kSeedSize*4;
|
||||
+ output_len = kLongKeySize;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ikep_prf);
|
||||
+ params_.len = sizeof(ikep_prf);
|
||||
+ s << "CKM_NSS_IKE_PRF_PLUS_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE1_PRF_DERIVE:
|
||||
+ ike1_prf.prfMechanism = hash_mech;
|
||||
+ ike1_prf.bHasPrevKey = PR_FALSE;
|
||||
+ ike1_prf.hKeygxy = PK11_GetSymKeyHandle(gxy_);
|
||||
+ ike1_prf.hPrevKey = CK_INVALID_HANDLE;
|
||||
+ ike1_prf.pCKYi = toUcharPtr(kSeed);
|
||||
+ ike1_prf.ulCKYiLen = kSeedSize;
|
||||
+ ike1_prf.pCKYr = toUcharPtr(kSeed);
|
||||
+ ike1_prf.ulCKYrLen = kSeedSize;
|
||||
+ ike1_prf.keyNumber = 0;
|
||||
+ output_len = prf_len;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike1_prf);
|
||||
+ params_.len = sizeof(ike1_prf);
|
||||
+ s << "CKM_NSS_IKE1_PRF_DERIVE";
|
||||
+ break;
|
||||
+ case CKM_NSS_IKE1_APP_B_PRF_DERIVE:
|
||||
+ ike1_app_b = hash_mech;
|
||||
+ output_len = kLongKeySize;
|
||||
+ use_skey = PR_TRUE;
|
||||
+ params_.data = reinterpret_cast<unsigned char*>(&ike1_app_b);
|
||||
+ params_.len = sizeof(ike1_app_b);
|
||||
+ s << "CKM_NSS_IKE1_APP_B_DERIVE";
|
||||
+ break;
|
||||
+ default:
|
||||
+ ASSERT_TRUE(false) << "Invalid IKE DERIVE mechanism";
|
||||
+ }
|
||||
+
|
||||
+ s << " Mac/Prf:" << mac;
|
||||
+ msg = s.str();
|
||||
+
|
||||
+
|
||||
+ // Import the PMS
|
||||
+ derive_key = gxy_;
|
||||
+ if (use_skey) {
|
||||
+ skey_item_.len = prf_len;
|
||||
+ skey_ = PK11_ImportSymKey(slot_, derive_mech, PK11_OriginUnwrap,
|
||||
+ CKA_DERIVE, &skey_item_, NULL);
|
||||
+ ASSERT_NE(nullptr, skey_) << msg;
|
||||
+ derive_key = skey_;
|
||||
+ }
|
||||
+
|
||||
+ // Compute the result key
|
||||
+ okey_ = PK11_DeriveWithFlags(derive_key, derive_mech, ¶ms_, key_mech_,
|
||||
+ CKA_DERIVE, output_len, CKF_SIGN | CKF_VERIFY);
|
||||
+
|
||||
+ // Verify the result has the expected value (null or otherwise)
|
||||
+ int error = PORT_GetError();
|
||||
+ s << " Error=" << error;
|
||||
+ msg = s.str();
|
||||
+ if (!expected) {
|
||||
+ EXPECT_EQ(nullptr, okey_) << msg;
|
||||
+ } else {
|
||||
+ ASSERT_NE(nullptr, okey_) << msg;
|
||||
+
|
||||
+ SECStatus rv = PK11_ExtractKeyValue(okey_);
|
||||
+ ASSERT_EQ(SECSuccess, rv) << "PK11_ExtractKeyValue";
|
||||
+
|
||||
+ SECItem* oData = PK11_GetKeyData(okey_);
|
||||
+ ASSERT_NE(nullptr, oData) << "PK11_GetKeyData";
|
||||
+
|
||||
+ if (output_len == 0) {
|
||||
+ output_len = prf_len;
|
||||
+ }
|
||||
+ s << "\n" << "output_len=" << output_len << " oData->len=" << oData->len << ".\n";
|
||||
+ for (unsigned int i=0; i < oData->len; i++) {
|
||||
+ if (i % 12 == 0) s << "\n ";
|
||||
+ s << " 0x" << std::setfill('0')
|
||||
+ << std::setw(2) << std::hex << (int) oData->data[i] << ",";
|
||||
+ }
|
||||
+ s << "};\n";
|
||||
+ msg = s.str();
|
||||
+ ASSERT_EQ(output_len, oData->len) << msg ;
|
||||
+
|
||||
+ EXPECT_EQ(0, memcmp(oData->data, expected, output_len)) << msg;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ protected:
|
||||
+ SECItem params_;
|
||||
+ SECItem gxy_item_;
|
||||
+ SECItem skey_item_;
|
||||
+ CK_MECHANISM_TYPE key_mech_;
|
||||
+ PK11SlotInfo* slot_;
|
||||
+ PK11SymKey* gxy_;
|
||||
+ PK11SymKey* skey_;
|
||||
+ PK11SymKey* okey_;
|
||||
+};
|
||||
+
|
||||
+//
|
||||
+// The full range is tested with the FIPS vectors in the cavs tests.
|
||||
+// just make sure the NSS Derive iterfaces are working for everything.
|
||||
+//
|
||||
+TEST_F(IkeKdfTest, IkePrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkeSha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, Ike1PrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE1_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIke1Sha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, IkePlusPrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE_PRF_PLUS_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkePlusSha256);
|
||||
+}
|
||||
+
|
||||
+TEST_F(IkeKdfTest, Ike1AppBPrfSha256) {
|
||||
+ Init();
|
||||
+ ComputeAndVerifyKey(CKM_NSS_IKE1_APP_B_PRF_DERIVE, CKM_SHA256_HMAC,
|
||||
+ kExpectedOutputIkeAppBSha256);
|
||||
+}
|
||||
+
|
||||
+} // namespace nss_test
|
||||
diff -up ./lib/softoken/pkcs11.c.missing_kdf ./lib/softoken/pkcs11.c
|
||||
--- ./lib/softoken/pkcs11.c.missing_kdf 2019-08-07 14:18:55.039435109 -0700
|
||||
+++ ./lib/softoken/pkcs11.c 2019-08-08 10:28:12.449792962 -0700
|
||||
@@ -516,7 +516,8 @@ static const struct mechanismList mechan
|
||||
/* --------------------IPSEC ----------------------- */
|
||||
{ CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE },
|
||||
{ CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
|
||||
- { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE }
|
||||
+ { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
|
||||
+ { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE }
|
||||
};
|
||||
static const CK_ULONG mechanismCount = sizeof(mechanisms) / sizeof(mechanisms[0]);
|
||||
|
||||
diff -up ./lib/softoken/sftkike.c.missing_kdf ./lib/softoken/sftkike.c
|
||||
--- ./lib/softoken/sftkike.c.missing_kdf 2019-08-08 10:24:27.872008887 -0700
|
||||
+++ ./lib/softoken/sftkike.c 2019-08-08 10:27:34.416829530 -0700
|
||||
@@ -744,7 +744,7 @@ sftk_ike1_appendix_b_prf(CK_SESSION_HAND
|
||||
* key is inKey
|
||||
*/
|
||||
thisKey = outKeyData;
|
||||
- for (genKeySize = 0; genKeySize <= keySize; genKeySize += macSize) {
|
||||
+ for (genKeySize = 0; genKeySize < keySize; genKeySize += macSize) {
|
||||
crv = prf_init(&context, inKey->attrib.pValue, inKey->attrib.ulValueLen);
|
||||
if (crv != CKR_OK) {
|
||||
goto fail;
|
62
SOURCES/nss-539183.patch
Normal file
62
SOURCES/nss-539183.patch
Normal file
@ -0,0 +1,62 @@
|
||||
--- nss/cmd/httpserv/httpserv.c.539183 2016-05-21 18:31:39.879585420 -0700
|
||||
+++ nss/cmd/httpserv/httpserv.c 2016-05-21 18:37:22.374464057 -0700
|
||||
@@ -953,23 +953,23 @@
|
||||
getBoundListenSocket(unsigned short port)
|
||||
{
|
||||
PRFileDesc *listen_sock;
|
||||
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
PRSocketOptionData opt;
|
||||
|
||||
- addr.inet.family = PR_AF_INET;
|
||||
- addr.inet.ip = PR_INADDR_ANY;
|
||||
- addr.inet.port = PR_htons(port);
|
||||
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||
+ errExit("PR_SetNetAddr");
|
||||
+ }
|
||||
|
||||
- listen_sock = PR_NewTCPSocket();
|
||||
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||
if (listen_sock == NULL) {
|
||||
- errExit("PR_NewTCPSocket");
|
||||
+ errExit("PR_OpenTCPSockett");
|
||||
}
|
||||
|
||||
opt.option = PR_SockOpt_Nonblocking;
|
||||
opt.value.non_blocking = PR_FALSE;
|
||||
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||
if (prStatus < 0) {
|
||||
PR_Close(listen_sock);
|
||||
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
||||
--- nss/cmd/selfserv/selfserv.c.539183 2016-05-21 18:31:39.882585367 -0700
|
||||
+++ nss/cmd/selfserv/selfserv.c 2016-05-21 18:41:43.092801174 -0700
|
||||
@@ -1711,23 +1711,23 @@
|
||||
getBoundListenSocket(unsigned short port)
|
||||
{
|
||||
PRFileDesc *listen_sock;
|
||||
int listenQueueDepth = 5 + (2 * maxThreads);
|
||||
PRStatus prStatus;
|
||||
PRNetAddr addr;
|
||||
PRSocketOptionData opt;
|
||||
|
||||
- addr.inet.family = PR_AF_INET;
|
||||
- addr.inet.ip = PR_INADDR_ANY;
|
||||
- addr.inet.port = PR_htons(port);
|
||||
+ if (PR_SetNetAddr(PR_IpAddrAny, PR_AF_INET6, port, &addr) != PR_SUCCESS) {
|
||||
+ errExit("PR_SetNetAddr");
|
||||
+ }
|
||||
|
||||
- listen_sock = PR_NewTCPSocket();
|
||||
+ listen_sock = PR_OpenTCPSocket(PR_AF_INET6);
|
||||
if (listen_sock == NULL) {
|
||||
- errExit("PR_NewTCPSocket");
|
||||
+ errExit("PR_OpenTCPSocket error");
|
||||
}
|
||||
|
||||
opt.option = PR_SockOpt_Nonblocking;
|
||||
opt.value.non_blocking = PR_FALSE;
|
||||
prStatus = PR_SetSocketOption(listen_sock, &opt);
|
||||
if (prStatus < 0) {
|
||||
PR_Close(listen_sock);
|
||||
errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
|
13
SOURCES/nss-8-add-ipsec-usage-to-manpage.patch
Normal file
13
SOURCES/nss-8-add-ipsec-usage-to-manpage.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff -up ./doc/certutil.xml.ipsec_doc ./doc/certutil.xml
|
||||
--- ./doc/certutil.xml.ipsec_doc 2019-05-10 14:14:18.000000000 -0700
|
||||
+++ ./doc/certutil.xml 2019-06-05 16:49:44.229301383 -0700
|
||||
@@ -428,6 +428,9 @@ of the attribute codes:
|
||||
<listitem>
|
||||
<para><command>J</command> (as an object signer)</para>
|
||||
</listitem>
|
||||
+ <listitem>
|
||||
+<para><command>I</command> (as an IPSEC user)</para>
|
||||
+ </listitem>
|
||||
</itemizedlist></listitem>
|
||||
</varlistentry>
|
||||
|
571
SOURCES/nss-8-fix-public-key-from-priv.patch
Normal file
571
SOURCES/nss-8-fix-public-key-from-priv.patch
Normal file
@ -0,0 +1,571 @@
|
||||
diff -up ./gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mech ./gtests/pk11_gtest/pk11_import_unittest.cc
|
||||
--- ./gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mech 2019-05-10 14:14:18.000000000 -0700
|
||||
+++ ./gtests/pk11_gtest/pk11_import_unittest.cc 2019-06-05 16:43:42.276498676 -0700
|
||||
@@ -78,17 +78,40 @@ class Pk11KeyImportTestBase : public ::t
|
||||
CK_MECHANISM_TYPE mech_;
|
||||
|
||||
private:
|
||||
+ SECItem GetPublicComponent(ScopedSECKEYPublicKey& pub_key) {
|
||||
+ SECItem null = { siBuffer, NULL, 0};
|
||||
+ switch(SECKEY_GetPublicKeyType(pub_key.get())) {
|
||||
+ case rsaKey:
|
||||
+ case rsaPssKey:
|
||||
+ case rsaOaepKey:
|
||||
+ return pub_key->u.rsa.modulus;
|
||||
+ case keaKey:
|
||||
+ return pub_key->u.kea.publicValue;
|
||||
+ case dsaKey:
|
||||
+ return pub_key->u.dsa.publicValue;
|
||||
+ case dhKey:
|
||||
+ return pub_key->u.dh.publicValue;
|
||||
+ case ecKey:
|
||||
+ return pub_key->u.ec.publicValue;
|
||||
+ case fortezzaKey: /* depricated */
|
||||
+ case nullKey:
|
||||
+ /* didn't use default here so we can catch new key types at compile time */
|
||||
+ break;
|
||||
+ }
|
||||
+ return null;
|
||||
+ }
|
||||
void CheckForPublicKey(const ScopedSECKEYPrivateKey& priv_key,
|
||||
const SECItem* expected_public) {
|
||||
// Verify the public key exists.
|
||||
StackSECItem priv_id;
|
||||
+ KeyType type = SECKEY_GetPrivateKeyType(priv_key.get());
|
||||
SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, priv_key.get(),
|
||||
CKA_ID, &priv_id);
|
||||
ASSERT_EQ(SECSuccess, rv) << "Couldn't read CKA_ID from private key: "
|
||||
<< PORT_ErrorToName(PORT_GetError());
|
||||
|
||||
CK_ATTRIBUTE_TYPE value_type = CKA_VALUE;
|
||||
- switch (SECKEY_GetPrivateKeyType(priv_key.get())) {
|
||||
+ switch (type) {
|
||||
case rsaKey:
|
||||
value_type = CKA_MODULUS;
|
||||
break;
|
||||
@@ -106,6 +129,8 @@ class Pk11KeyImportTestBase : public ::t
|
||||
FAIL() << "unknown key type";
|
||||
}
|
||||
|
||||
+ // Scan public key objects until we find one with the same CKA_ID as
|
||||
+ // priv_key
|
||||
std::unique_ptr<PK11GenericObject, PK11GenericObjectsDeleter> objs(
|
||||
PK11_FindGenericObjects(slot_.get(), CKO_PUBLIC_KEY));
|
||||
ASSERT_NE(nullptr, objs);
|
||||
@@ -128,20 +153,46 @@ class Pk11KeyImportTestBase : public ::t
|
||||
ASSERT_EQ(1U, token.len);
|
||||
ASSERT_NE(0, token.data[0]);
|
||||
|
||||
- StackSECItem value;
|
||||
- rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &value);
|
||||
+ StackSECItem raw_value;
|
||||
+ SECItem decoded_value;
|
||||
+ rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &raw_value);
|
||||
ASSERT_EQ(SECSuccess, rv);
|
||||
+ SECItem value = raw_value;
|
||||
|
||||
+ // Decode the EC_POINT and check the output against expected.
|
||||
// CKA_EC_POINT isn't stable, see Bug 1520649.
|
||||
+ ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
|
||||
+ ASSERT_TRUE(arena);
|
||||
if (value_type == CKA_EC_POINT) {
|
||||
- continue;
|
||||
- }
|
||||
|
||||
+ // If this fails due to the noted inconsistency, we may need to
|
||||
+ // check the whole raw_value, or remove a leading UNCOMPRESSED_POINT tag
|
||||
+ rv = SEC_QuickDERDecodeItem(arena.get(), &decoded_value,
|
||||
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
|
||||
+ &raw_value);
|
||||
+ ASSERT_EQ(SECSuccess, rv);
|
||||
+ value = decoded_value;
|
||||
+ }
|
||||
ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &value))
|
||||
<< "expected: "
|
||||
<< DataBuffer(expected_public->data, expected_public->len)
|
||||
<< std::endl
|
||||
<< "actual: " << DataBuffer(value.data, value.len) << std::endl;
|
||||
+
|
||||
+ // Finally, convert the private to public and ensure it matches.
|
||||
+ ScopedSECKEYPublicKey pub_key(
|
||||
+ SECKEY_ConvertToPublicKey(priv_key.get()));
|
||||
+ ASSERT_TRUE(pub_key);
|
||||
+ SECItem converted_public = GetPublicComponent(pub_key);
|
||||
+ ASSERT_TRUE(converted_public.len != 0);
|
||||
+
|
||||
+ ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &converted_public))
|
||||
+ << "expected: "
|
||||
+ << DataBuffer(expected_public->data, expected_public->len)
|
||||
+ << std::endl
|
||||
+ << "actual: "
|
||||
+ << DataBuffer(converted_public.data, converted_public.len)
|
||||
+ << std::endl;
|
||||
}
|
||||
}
|
||||
|
||||
diff -up ./lib/cryptohi/seckey.c.pub-priv-mech ./lib/cryptohi/seckey.c
|
||||
--- ./lib/cryptohi/seckey.c.pub-priv-mech 2019-05-10 14:14:18.000000000 -0700
|
||||
+++ ./lib/cryptohi/seckey.c 2019-06-05 16:43:42.277498676 -0700
|
||||
@@ -1206,6 +1206,37 @@ SECKEY_CopyPublicKey(const SECKEYPublicK
|
||||
return NULL;
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Use the private key to find a public key handle. The handle will be on
|
||||
+ * the same slot as the private key.
|
||||
+ */
|
||||
+static CK_OBJECT_HANDLE
|
||||
+seckey_FindPublicKeyHandle(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk)
|
||||
+{
|
||||
+ CK_OBJECT_HANDLE keyID;
|
||||
+
|
||||
+ /* this helper function is only used below. If we want to make this more
|
||||
+ * general, we would need to free up any already cached handles if the
|
||||
+ * slot doesn't match up with the private key slot */
|
||||
+ PORT_Assert(pubk->pkcs11ID == CK_INVALID_HANDLE);
|
||||
+
|
||||
+ /* first look for a matching public key */
|
||||
+ keyID = PK11_MatchItem(privk->pkcs11Slot, privk->pkcs11ID, CKO_PUBLIC_KEY);
|
||||
+ if (keyID != CK_INVALID_HANDLE) {
|
||||
+ return keyID;
|
||||
+ }
|
||||
+
|
||||
+ /* none found, create a temp one, make the pubk the owner */
|
||||
+ pubk->pkcs11ID = PK11_DerivePubKeyFromPrivKey(privk);
|
||||
+ if (pubk->pkcs11ID == CK_INVALID_HANDLE) {
|
||||
+ /* end of the road. Token doesn't have matching public key, nor can
|
||||
+ * token regenerate a new public key from and existing private key. */
|
||||
+ return CK_INVALID_HANDLE;
|
||||
+ }
|
||||
+ pubk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
|
||||
+ return pubk->pkcs11ID;
|
||||
+}
|
||||
+
|
||||
SECKEYPublicKey *
|
||||
SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
|
||||
{
|
||||
@@ -1213,6 +1244,8 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
||||
PLArenaPool *arena;
|
||||
CERTCertificate *cert;
|
||||
SECStatus rv;
|
||||
+ CK_OBJECT_HANDLE pubKeyHandle;
|
||||
+ SECItem decodedPoint;
|
||||
|
||||
/*
|
||||
* First try to look up the cert.
|
||||
@@ -1243,11 +1276,47 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
||||
|
||||
switch (privk->keyType) {
|
||||
case nullKey:
|
||||
- case dhKey:
|
||||
- case dsaKey:
|
||||
/* Nothing to query, if the cert isn't there, we're done -- no way
|
||||
* to get the public key */
|
||||
break;
|
||||
+ case dsaKey:
|
||||
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
||||
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_BASE, arena, &pubk->u.dsa.params.base);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_PRIME, arena, &pubk->u.dsa.params.prime);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_SUBPRIME, arena, &pubk->u.dsa.params.subPrime);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_VALUE, arena, &pubk->u.dsa.publicValue);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ return pubk;
|
||||
+ case dhKey:
|
||||
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
||||
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_BASE, arena, &pubk->u.dh.base);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_PRIME, arena, &pubk->u.dh.prime);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_VALUE, arena, &pubk->u.dh.publicValue);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ return pubk;
|
||||
case rsaKey:
|
||||
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
||||
CKA_MODULUS, arena, &pubk->u.rsa.modulus);
|
||||
@@ -1258,7 +1327,6 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
||||
if (rv != SECSuccess)
|
||||
break;
|
||||
return pubk;
|
||||
- break;
|
||||
case ecKey:
|
||||
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
||||
CKA_EC_PARAMS, arena, &pubk->u.ec.DEREncodedParams);
|
||||
@@ -1268,7 +1336,23 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
||||
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
||||
CKA_EC_POINT, arena, &pubk->u.ec.publicValue);
|
||||
if (rv != SECSuccess || pubk->u.ec.publicValue.len == 0) {
|
||||
- break;
|
||||
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
||||
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
||||
+ break;
|
||||
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
||||
+ CKA_EC_POINT, arena, &pubk->u.ec.publicValue);
|
||||
+ if (rv != SECSuccess)
|
||||
+ break;
|
||||
+ }
|
||||
+ /* ec.publicValue should be decoded, PKCS #11 defines CKA_EC_POINT
|
||||
+ * as encoded, but it's not always. try do decoded it and if it
|
||||
+ * succeeds store the decoded value */
|
||||
+ rv = SEC_QuickDERDecodeItem(arena, &decodedPoint,
|
||||
+ SEC_ASN1_GET(SEC_OctetStringTemplate), &pubk->u.ec.publicValue);
|
||||
+ if (rv == SECSuccess) {
|
||||
+ /* both values are in the public key arena, so it's safe to
|
||||
+ * overwrite the old value */
|
||||
+ pubk->u.ec.publicValue = decodedPoint;
|
||||
}
|
||||
pubk->u.ec.encoding = ECPoint_Undefined;
|
||||
return pubk;
|
||||
@@ -1276,7 +1360,9 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
||||
break;
|
||||
}
|
||||
|
||||
- PORT_FreeArena(arena, PR_FALSE);
|
||||
+ /* must use Destroy public key here, because some paths create temporary
|
||||
+ * PKCS #11 objects which need to be freed */
|
||||
+ SECKEY_DestroyPublicKey(pubk);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
diff -up ./lib/pk11wrap/pk11priv.h.pub-priv-mech ./lib/pk11wrap/pk11priv.h
|
||||
--- ./lib/pk11wrap/pk11priv.h.pub-priv-mech 2019-05-10 14:14:18.000000000 -0700
|
||||
+++ ./lib/pk11wrap/pk11priv.h 2019-06-05 16:43:42.277498676 -0700
|
||||
@@ -111,6 +111,7 @@ CK_OBJECT_HANDLE PK11_FindObjectForCert(
|
||||
PK11SymKey *pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
|
||||
CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
|
||||
unsigned int pk11_GetPredefinedKeyLength(CK_KEY_TYPE keyType);
|
||||
+CK_OBJECT_HANDLE PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey);
|
||||
|
||||
/**********************************************************************
|
||||
* Certs
|
||||
diff -up ./lib/pk11wrap/pk11skey.c.pub-priv-mech ./lib/pk11wrap/pk11skey.c
|
||||
--- ./lib/pk11wrap/pk11skey.c.pub-priv-mech 2019-06-05 16:37:38.726685789 -0700
|
||||
+++ ./lib/pk11wrap/pk11skey.c 2019-06-05 16:43:42.278498675 -0700
|
||||
@@ -1841,6 +1841,35 @@ loser:
|
||||
}
|
||||
|
||||
/*
|
||||
+ * This regenerate a public key from a private key. This function is currently
|
||||
+ * NSS private. If we want to make it public, we need to add and optional
|
||||
+ * template or at least flags (a.la. PK11_DeriveWithFlags).
|
||||
+ */
|
||||
+CK_OBJECT_HANDLE
|
||||
+PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey)
|
||||
+{
|
||||
+ PK11SlotInfo *slot = privKey->pkcs11Slot;
|
||||
+ CK_MECHANISM mechanism;
|
||||
+ CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE;
|
||||
+ CK_RV crv;
|
||||
+
|
||||
+ mechanism.mechanism = CKM_NSS_PUB_FROM_PRIV;
|
||||
+ mechanism.pParameter = NULL;
|
||||
+ mechanism.ulParameterLen = 0;
|
||||
+
|
||||
+ PK11_EnterSlotMonitor(slot);
|
||||
+ crv = PK11_GETTAB(slot)->C_DeriveKey(slot->session, &mechanism,
|
||||
+ privKey->pkcs11ID, NULL, 0,
|
||||
+ &objectID);
|
||||
+ PK11_ExitSlotMonitor(slot);
|
||||
+ if (crv != CKR_OK) {
|
||||
+ PORT_SetError(PK11_MapError(crv));
|
||||
+ return CK_INVALID_HANDLE;
|
||||
+ }
|
||||
+ return objectID;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
* This Generates a wrapping key based on a privateKey, publicKey, and two
|
||||
* random numbers. For Mail usage RandomB should be NULL. In the Sender's
|
||||
* case RandomA is generate, outherwize it is passed.
|
||||
diff -up ./lib/softoken/lowkey.c.pub-priv-mech ./lib/softoken/lowkey.c
|
||||
--- ./lib/softoken/lowkey.c.pub-priv-mech 2019-05-10 14:14:18.000000000 -0700
|
||||
+++ ./lib/softoken/lowkey.c 2019-06-05 16:44:20.469479019 -0700
|
||||
@@ -261,6 +261,7 @@ NSSLOWKEYPublicKey *
|
||||
nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
|
||||
{
|
||||
NSSLOWKEYPublicKey *pubk;
|
||||
+ SECItem publicValue;
|
||||
PLArenaPool *arena;
|
||||
|
||||
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
||||
@@ -301,6 +302,19 @@ nsslowkey_ConvertToPublicKey(NSSLOWKEYPr
|
||||
|
||||
pubk->arena = arena;
|
||||
pubk->keyType = privk->keyType;
|
||||
+ /* if the public key value doesn't exist, calculate it */
|
||||
+ if (privk->u.dsa.publicValue.len == 0) {
|
||||
+ rv = DH_Derive(&privk->u.dsa.params.base, &privk->u.dsa.params.prime,
|
||||
+ &privk->u.dsa.privateValue, &publicValue, 0);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ break;
|
||||
+ }
|
||||
+ rv = SECITEM_CopyItem(privk->arena, &privk->u.dsa.publicValue, &publicValue);
|
||||
+ SECITEM_FreeItem(&publicValue, PR_FALSE);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
|
||||
&privk->u.dsa.publicValue);
|
||||
if (rv != SECSuccess)
|
||||
@@ -327,6 +341,19 @@ nsslowkey_ConvertToPublicKey(NSSLOWKEYPr
|
||||
|
||||
pubk->arena = arena;
|
||||
pubk->keyType = privk->keyType;
|
||||
+ /* if the public key value doesn't exist, calculate it */
|
||||
+ if (privk->u.dh.publicValue.len == 0) {
|
||||
+ rv = DH_Derive(&privk->u.dh.base, &privk->u.dh.prime,
|
||||
+ &privk->u.dh.privateValue, &publicValue, 0);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ break;
|
||||
+ }
|
||||
+ rv = SECITEM_CopyItem(privk->arena, &privk->u.dh.publicValue, &publicValue);
|
||||
+ SECITEM_FreeItem(&publicValue, PR_FALSE);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
|
||||
&privk->u.dh.publicValue);
|
||||
if (rv != SECSuccess)
|
||||
diff -up ./lib/softoken/pkcs11c.c.pub-priv-mech ./lib/softoken/pkcs11c.c
|
||||
--- ./lib/softoken/pkcs11c.c.pub-priv-mech 2019-06-05 16:37:38.743685780 -0700
|
||||
+++ ./lib/softoken/pkcs11c.c 2019-06-05 16:44:20.472479017 -0700
|
||||
@@ -6569,6 +6569,10 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
||||
extractValue = PR_FALSE;
|
||||
classType = CKO_PRIVATE_KEY;
|
||||
break;
|
||||
+ case CKM_NSS_PUB_FROM_PRIV:
|
||||
+ extractValue = PR_FALSE;
|
||||
+ classType = CKO_PUBLIC_KEY;
|
||||
+ break;
|
||||
case CKM_NSS_JPAKE_FINAL_SHA1: /* fall through */
|
||||
case CKM_NSS_JPAKE_FINAL_SHA256: /* fall through */
|
||||
case CKM_NSS_JPAKE_FINAL_SHA384: /* fall through */
|
||||
@@ -6610,6 +6614,35 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
||||
}
|
||||
|
||||
switch (mechanism) {
|
||||
+ /* get a public key from a private key. nsslowkey_ConvertToPublickey()
|
||||
+ * will generate the public portion if it doesn't already exist. */
|
||||
+ case CKM_NSS_PUB_FROM_PRIV: {
|
||||
+ NSSLOWKEYPrivateKey *privKey;
|
||||
+ NSSLOWKEYPublicKey *pubKey;
|
||||
+ int error;
|
||||
+
|
||||
+ crv = sftk_GetULongAttribute(sourceKey, CKA_KEY_TYPE, &keyType);
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ /* privKey is stored in sourceKey and will be destroyed when
|
||||
+ * the sourceKey is freed. */
|
||||
+ privKey = sftk_GetPrivKey(sourceKey, keyType, &crv);
|
||||
+ if (privKey == NULL) {
|
||||
+ break;
|
||||
+ }
|
||||
+ pubKey = nsslowkey_ConvertToPublicKey(privKey);
|
||||
+ if (pubKey == NULL) {
|
||||
+ error = PORT_GetError();
|
||||
+ crv = sftk_MapCryptError(error);
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_PutPubKey(key, sourceKey, keyType, pubKey);
|
||||
+ nsslowkey_DestroyPublicKey(pubKey);
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
case CKM_NSS_IKE_PRF_DERIVE:
|
||||
if (pMechanism->ulParameterLen !=
|
||||
sizeof(CK_NSS_IKE_PRF_DERIVE_PARAMS)) {
|
||||
diff -up ./lib/softoken/pkcs11.c.pub-priv-mech ./lib/softoken/pkcs11.c
|
||||
--- ./lib/softoken/pkcs11.c.pub-priv-mech 2019-06-05 16:37:38.728685788 -0700
|
||||
+++ ./lib/softoken/pkcs11.c 2019-06-05 16:44:20.473479017 -0700
|
||||
@@ -2206,6 +2206,123 @@ sftk_GetPrivKey(SFTKObject *object, CK_K
|
||||
return priv;
|
||||
}
|
||||
|
||||
+/* populate a public key object from a lowpublic keys structure */
|
||||
+CK_RV
|
||||
+sftk_PutPubKey(SFTKObject *publicKey, SFTKObject *privateKey, CK_KEY_TYPE keyType, NSSLOWKEYPublicKey *pubKey)
|
||||
+{
|
||||
+ CK_OBJECT_CLASS classType = CKO_PUBLIC_KEY;
|
||||
+ CK_BBOOL cktrue = CK_TRUE;
|
||||
+ CK_RV crv = CKR_OK;
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_CLASS);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_KEY_TYPE);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_VALUE);
|
||||
+
|
||||
+ switch (keyType) {
|
||||
+ case CKK_RSA:
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_MODULUS);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_PUBLIC_EXPONENT);
|
||||
+ /* format the keys */
|
||||
+ /* fill in the RSA dependent paramenters in the public key */
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_MODULUS,
|
||||
+ sftk_item_expand(&pubKey->u.rsa.modulus));
|
||||
+ if (crv != CKR_OK)
|
||||
+ break;
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_PUBLIC_EXPONENT,
|
||||
+ sftk_item_expand(&pubKey->u.rsa.publicExponent));
|
||||
+ break;
|
||||
+ case CKK_DSA:
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_PRIME);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_SUBPRIME);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_BASE);
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_PRIME,
|
||||
+ sftk_item_expand(&pubKey->u.dsa.params.prime));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_SUBPRIME,
|
||||
+ sftk_item_expand(&pubKey->u.dsa.params.subPrime));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_BASE,
|
||||
+ sftk_item_expand(&pubKey->u.dsa.params.base));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
|
||||
+ sftk_item_expand(&pubKey->u.dsa.publicValue));
|
||||
+ break;
|
||||
+
|
||||
+ case CKK_DH:
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_PRIME);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_BASE);
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_PRIME,
|
||||
+ sftk_item_expand(&pubKey->u.dh.prime));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_BASE,
|
||||
+ sftk_item_expand(&pubKey->u.dh.base));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
|
||||
+ sftk_item_expand(&pubKey->u.dh.publicValue));
|
||||
+ break;
|
||||
+
|
||||
+ case CKK_EC:
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_EC_PARAMS);
|
||||
+ sftk_DeleteAttributeType(publicKey, CKA_EC_POINT);
|
||||
+
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_PARAMS,
|
||||
+ sftk_item_expand(&pubKey->u.ec.ecParams.DEREncoding));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
|
||||
+ sftk_item_expand(&pubKey->u.ec.publicValue));
|
||||
+ break;
|
||||
+
|
||||
+ default:
|
||||
+ return CKR_KEY_TYPE_INCONSISTENT;
|
||||
+ }
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_CLASS, &classType,
|
||||
+ sizeof(CK_OBJECT_CLASS));
|
||||
+ if (crv != CKR_OK)
|
||||
+ return crv;
|
||||
+ crv = sftk_AddAttributeType(publicKey, CKA_KEY_TYPE, &keyType,
|
||||
+ sizeof(CK_KEY_TYPE));
|
||||
+ if (crv != CKR_OK)
|
||||
+ return crv;
|
||||
+ /* now handle the operator attributes */
|
||||
+ if (sftk_isTrue(privateKey, CKA_DECRYPT)) {
|
||||
+ crv = sftk_forceAttribute(publicKey, CKA_ENCRYPT, &cktrue, sizeof(CK_BBOOL));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ return crv;
|
||||
+ }
|
||||
+ }
|
||||
+ if (sftk_isTrue(privateKey, CKA_SIGN)) {
|
||||
+ crv = sftk_forceAttribute(publicKey, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ return crv;
|
||||
+ }
|
||||
+ }
|
||||
+ if (sftk_isTrue(privateKey, CKA_SIGN_RECOVER)) {
|
||||
+ crv = sftk_forceAttribute(publicKey, CKA_VERIFY_RECOVER, &cktrue, sizeof(CK_BBOOL));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ return crv;
|
||||
+ }
|
||||
+ }
|
||||
+ if (sftk_isTrue(privateKey, CKA_DERIVE)) {
|
||||
+ crv = sftk_forceAttribute(publicKey, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
|
||||
+ if (crv != CKR_OK) {
|
||||
+ return crv;
|
||||
+ }
|
||||
+ }
|
||||
+ return crv;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
**************************** Symetric Key utils ************************
|
||||
*/
|
||||
diff -up ./lib/softoken/pkcs11i.h.pub-priv-mech ./lib/softoken/pkcs11i.h
|
||||
--- ./lib/softoken/pkcs11i.h.pub-priv-mech 2019-06-05 16:37:38.730685787 -0700
|
||||
+++ ./lib/softoken/pkcs11i.h 2019-06-05 16:44:20.473479017 -0700
|
||||
@@ -695,6 +695,9 @@ extern NSSLOWKEYPublicKey *sftk_GetPubKe
|
||||
CK_KEY_TYPE key_type, CK_RV *crvp);
|
||||
extern NSSLOWKEYPrivateKey *sftk_GetPrivKey(SFTKObject *object,
|
||||
CK_KEY_TYPE key_type, CK_RV *crvp);
|
||||
+extern CK_RV sftk_PutPubKey(SFTKObject *publicKey, SFTKObject *privKey,
|
||||
+ CK_KEY_TYPE keyType,
|
||||
+ NSSLOWKEYPublicKey *pubKey);
|
||||
extern void sftk_FormatDESKey(unsigned char *key, int length);
|
||||
extern PRBool sftk_CheckDESKey(unsigned char *key);
|
||||
extern PRBool sftk_IsWeakKey(unsigned char *key, CK_KEY_TYPE key_type);
|
||||
diff -up ./lib/util/pkcs11n.h.pub-priv-mech ./lib/util/pkcs11n.h
|
||||
--- ./lib/util/pkcs11n.h.pub-priv-mech 2019-06-05 16:37:38.733685785 -0700
|
||||
+++ ./lib/util/pkcs11n.h 2019-06-05 16:44:54.389461561 -0700
|
||||
@@ -152,11 +152,6 @@
|
||||
#define CKM_NSS_HKDF_SHA384 (CKM_NSS + 5)
|
||||
#define CKM_NSS_HKDF_SHA512 (CKM_NSS + 6)
|
||||
|
||||
-/* IKE mechanism (to be proposed to PKCS #11 */
|
||||
-#define CKM_NSS_IKE_PRF_PLUS_DERIVE (CKM_NSS + 7)
|
||||
-#define CKM_NSS_IKE_PRF_DERIVE (CKM_NSS + 8)
|
||||
-#define CKM_NSS_IKE1_PRF_DERIVE (CKM_NSS + 9)
|
||||
-#define CKM_NSS_IKE1_APP_B_PRF_DERIVE (CKM_NSS + 10)
|
||||
|
||||
/* J-PAKE round 1 key generation mechanisms.
|
||||
*
|
||||
@@ -238,6 +233,15 @@
|
||||
|
||||
#define CKM_NSS_CHACHA20_CTR (CKM_NSS + 33)
|
||||
|
||||
+/* IKE mechanism (to be proposed to PKCS #11 */
|
||||
+#define CKM_NSS_IKE_PRF_PLUS_DERIVE (CKM_NSS + 34)
|
||||
+#define CKM_NSS_IKE_PRF_DERIVE (CKM_NSS + 35)
|
||||
+#define CKM_NSS_IKE1_PRF_DERIVE (CKM_NSS + 36)
|
||||
+#define CKM_NSS_IKE1_APP_B_PRF_DERIVE (CKM_NSS + 37)
|
||||
+
|
||||
+/* Derive a public key from a bare private key */
|
||||
+#define CKM_NSS_PUB_FROM_PRIV (CKM_NSS + 40)
|
||||
+
|
||||
/*
|
||||
* HISTORICAL:
|
||||
* Do not attempt to use these. They are only used by NETSCAPE's internal
|
145
SOURCES/nss-config.in
Normal file
145
SOURCES/nss-config.in
Normal file
@ -0,0 +1,145 @@
|
||||
#!/bin/sh
|
||||
|
||||
prefix=@prefix@
|
||||
|
||||
major_version=@MOD_MAJOR_VERSION@
|
||||
minor_version=@MOD_MINOR_VERSION@
|
||||
patch_version=@MOD_PATCH_VERSION@
|
||||
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: nss-config [OPTIONS] [LIBRARIES]
|
||||
Options:
|
||||
[--prefix[=DIR]]
|
||||
[--exec-prefix[=DIR]]
|
||||
[--includedir[=DIR]]
|
||||
[--libdir[=DIR]]
|
||||
[--version]
|
||||
[--libs]
|
||||
[--cflags]
|
||||
Dynamic Libraries:
|
||||
nss
|
||||
nssutil
|
||||
ssl
|
||||
smime
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
if test $# -eq 0; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
lib_ssl=yes
|
||||
lib_smime=yes
|
||||
lib_nss=yes
|
||||
lib_nssutil=yes
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||
*) optarg= ;;
|
||||
esac
|
||||
|
||||
case $1 in
|
||||
--prefix=*)
|
||||
prefix=$optarg
|
||||
;;
|
||||
--prefix)
|
||||
echo_prefix=yes
|
||||
;;
|
||||
--exec-prefix=*)
|
||||
exec_prefix=$optarg
|
||||
;;
|
||||
--exec-prefix)
|
||||
echo_exec_prefix=yes
|
||||
;;
|
||||
--includedir=*)
|
||||
includedir=$optarg
|
||||
;;
|
||||
--includedir)
|
||||
echo_includedir=yes
|
||||
;;
|
||||
--libdir=*)
|
||||
libdir=$optarg
|
||||
;;
|
||||
--libdir)
|
||||
echo_libdir=yes
|
||||
;;
|
||||
--version)
|
||||
echo ${major_version}.${minor_version}.${patch_version}
|
||||
;;
|
||||
--cflags)
|
||||
echo_cflags=yes
|
||||
;;
|
||||
--libs)
|
||||
echo_libs=yes
|
||||
;;
|
||||
ssl)
|
||||
lib_ssl=yes
|
||||
;;
|
||||
smime)
|
||||
lib_smime=yes
|
||||
;;
|
||||
nss)
|
||||
lib_nss=yes
|
||||
;;
|
||||
nssutil)
|
||||
lib_nssutil=yes
|
||||
;;
|
||||
*)
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# Set variables that may be dependent upon other variables
|
||||
if test -z "$exec_prefix"; then
|
||||
exec_prefix=`pkg-config --variable=exec_prefix nss`
|
||||
fi
|
||||
if test -z "$includedir"; then
|
||||
includedir=`pkg-config --variable=includedir nss`
|
||||
fi
|
||||
if test -z "$libdir"; then
|
||||
libdir=`pkg-config --variable=libdir nss`
|
||||
fi
|
||||
|
||||
if test "$echo_prefix" = "yes"; then
|
||||
echo $prefix
|
||||
fi
|
||||
|
||||
if test "$echo_exec_prefix" = "yes"; then
|
||||
echo $exec_prefix
|
||||
fi
|
||||
|
||||
if test "$echo_includedir" = "yes"; then
|
||||
echo $includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libdir" = "yes"; then
|
||||
echo $libdir
|
||||
fi
|
||||
|
||||
if test "$echo_cflags" = "yes"; then
|
||||
echo -I$includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libs" = "yes"; then
|
||||
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||
if test -n "$lib_ssl"; then
|
||||
libdirs="$libdirs -lssl${major_version}"
|
||||
fi
|
||||
if test -n "$lib_smime"; then
|
||||
libdirs="$libdirs -lsmime${major_version}"
|
||||
fi
|
||||
if test -n "$lib_nss"; then
|
||||
libdirs="$libdirs -lnss${major_version}"
|
||||
fi
|
||||
if test -n "$lib_nssutil"; then
|
||||
libdirs="$libdirs -lnssutil${major_version}"
|
||||
fi
|
||||
echo $libdirs
|
||||
fi
|
||||
|
202
SOURCES/nss-disable-pkcs1-sigalgs-tls13.patch
Normal file
202
SOURCES/nss-disable-pkcs1-sigalgs-tls13.patch
Normal file
@ -0,0 +1,202 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1559031046 -7200
|
||||
# Tue May 28 10:10:46 2019 +0200
|
||||
# Node ID 0a4e8b72a92e144663c2f35d3836f7828cfc97f2
|
||||
# Parent 370a9e85f216f5f4ff277995a997c5c9b23a819f
|
||||
Bug 1552208, prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3, r=mt
|
||||
|
||||
Reviewers: mt
|
||||
|
||||
Reviewed By: mt
|
||||
|
||||
Subscribers: mt, jcj, ueno, rrelyea, HubertKario, KevinJacobs
|
||||
|
||||
Tags: #secure-revision, #bmo-crypto-core-security
|
||||
|
||||
Bug #: 1552208
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D32454
|
||||
|
||||
diff --git a/gtests/ssl_gtest/ssl_auth_unittest.cc b/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
--- a/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
+++ b/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
@@ -701,6 +701,44 @@ TEST_P(TlsConnectTls12, ClientAuthIncons
|
||||
ConnectExpectAlert(server_, kTlsAlertIllegalParameter);
|
||||
}
|
||||
|
||||
+TEST_P(TlsConnectTls13, ClientAuthPkcs1SignatureScheme) {
|
||||
+ static const SSLSignatureScheme kSignatureScheme[] = {
|
||||
+ ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pss_rsae_sha256};
|
||||
+
|
||||
+ Reset(TlsAgent::kServerRsa, "rsa");
|
||||
+ client_->SetSignatureSchemes(kSignatureScheme,
|
||||
+ PR_ARRAY_SIZE(kSignatureScheme));
|
||||
+ server_->SetSignatureSchemes(kSignatureScheme,
|
||||
+ PR_ARRAY_SIZE(kSignatureScheme));
|
||||
+ client_->SetupClientAuth();
|
||||
+ server_->RequestClientAuth(true);
|
||||
+
|
||||
+ auto capture_cert_verify = MakeTlsFilter<TlsHandshakeRecorder>(
|
||||
+ client_, kTlsHandshakeCertificateVerify);
|
||||
+ capture_cert_verify->EnableDecryption();
|
||||
+
|
||||
+ Connect();
|
||||
+ CheckSigScheme(capture_cert_verify, 0, server_, ssl_sig_rsa_pss_rsae_sha256,
|
||||
+ 1024);
|
||||
+}
|
||||
+
|
||||
+TEST_P(TlsConnectTls13, ClientAuthPkcs1SignatureSchemeOnly) {
|
||||
+ static const SSLSignatureScheme kSignatureScheme[] = {
|
||||
+ ssl_sig_rsa_pkcs1_sha256};
|
||||
+
|
||||
+ Reset(TlsAgent::kServerRsa, "rsa");
|
||||
+ client_->SetSignatureSchemes(kSignatureScheme,
|
||||
+ PR_ARRAY_SIZE(kSignatureScheme));
|
||||
+ server_->SetSignatureSchemes(kSignatureScheme,
|
||||
+ PR_ARRAY_SIZE(kSignatureScheme));
|
||||
+ client_->SetupClientAuth();
|
||||
+ server_->RequestClientAuth(true);
|
||||
+
|
||||
+ ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
|
||||
+ server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
|
||||
+ client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
|
||||
+}
|
||||
+
|
||||
class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter {
|
||||
public:
|
||||
TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& a)
|
||||
@@ -933,7 +971,7 @@ TEST_P(TlsConnectTls13, InconsistentSign
|
||||
client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
|
||||
}
|
||||
|
||||
-TEST_P(TlsConnectTls12Plus, RequestClientAuthWithSha384) {
|
||||
+TEST_P(TlsConnectTls12, RequestClientAuthWithSha384) {
|
||||
server_->SetSignatureSchemes(kSignatureSchemeRsaSha384,
|
||||
PR_ARRAY_SIZE(kSignatureSchemeRsaSha384));
|
||||
server_->RequestClientAuth(false);
|
||||
@@ -1395,12 +1433,21 @@ TEST_P(TlsSignatureSchemeConfiguration,
|
||||
INSTANTIATE_TEST_CASE_P(
|
||||
SignatureSchemeRsa, TlsSignatureSchemeConfiguration,
|
||||
::testing::Combine(
|
||||
- TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV12Plus,
|
||||
+ TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV12,
|
||||
::testing::Values(TlsAgent::kServerRsaSign),
|
||||
::testing::Values(ssl_auth_rsa_sign),
|
||||
::testing::Values(ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pkcs1_sha384,
|
||||
ssl_sig_rsa_pkcs1_sha512, ssl_sig_rsa_pss_rsae_sha256,
|
||||
ssl_sig_rsa_pss_rsae_sha384)));
|
||||
+// RSASSA-PKCS1-v1_5 is not allowed to be used in TLS 1.3
|
||||
+INSTANTIATE_TEST_CASE_P(
|
||||
+ SignatureSchemeRsaTls13, TlsSignatureSchemeConfiguration,
|
||||
+ ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll,
|
||||
+ TlsConnectTestBase::kTlsV13,
|
||||
+ ::testing::Values(TlsAgent::kServerRsaSign),
|
||||
+ ::testing::Values(ssl_auth_rsa_sign),
|
||||
+ ::testing::Values(ssl_sig_rsa_pss_rsae_sha256,
|
||||
+ ssl_sig_rsa_pss_rsae_sha384)));
|
||||
// PSS with SHA-512 needs a bigger key to work.
|
||||
INSTANTIATE_TEST_CASE_P(
|
||||
SignatureSchemeBigRsa, TlsSignatureSchemeConfiguration,
|
||||
diff --git a/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc b/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
|
||||
--- a/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
|
||||
+++ b/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
|
||||
@@ -68,12 +68,6 @@ class TlsCipherSuiteTestBase : public Tl
|
||||
virtual void SetupCertificate() {
|
||||
if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
switch (sig_scheme_) {
|
||||
- case ssl_sig_rsa_pkcs1_sha256:
|
||||
- case ssl_sig_rsa_pkcs1_sha384:
|
||||
- case ssl_sig_rsa_pkcs1_sha512:
|
||||
- Reset(TlsAgent::kServerRsaSign);
|
||||
- auth_type_ = ssl_auth_rsa_sign;
|
||||
- break;
|
||||
case ssl_sig_rsa_pss_rsae_sha256:
|
||||
case ssl_sig_rsa_pss_rsae_sha384:
|
||||
Reset(TlsAgent::kServerRsaSign);
|
||||
@@ -330,6 +324,12 @@ static SSLSignatureScheme kSignatureSche
|
||||
ssl_sig_rsa_pss_pss_sha256, ssl_sig_rsa_pss_pss_sha384,
|
||||
ssl_sig_rsa_pss_pss_sha512};
|
||||
|
||||
+static SSLSignatureScheme kSignatureSchemesParamsArrTls13[] = {
|
||||
+ ssl_sig_ecdsa_secp256r1_sha256, ssl_sig_ecdsa_secp384r1_sha384,
|
||||
+ ssl_sig_rsa_pss_rsae_sha256, ssl_sig_rsa_pss_rsae_sha384,
|
||||
+ ssl_sig_rsa_pss_rsae_sha512, ssl_sig_rsa_pss_pss_sha256,
|
||||
+ ssl_sig_rsa_pss_pss_sha384, ssl_sig_rsa_pss_pss_sha512};
|
||||
+
|
||||
INSTANTIATE_CIPHER_TEST_P(RC4, Stream, V10ToV12, kDummyNamedGroupParams,
|
||||
kDummySignatureSchemesParams,
|
||||
TLS_RSA_WITH_RC4_128_SHA,
|
||||
@@ -394,7 +394,7 @@ INSTANTIATE_CIPHER_TEST_P(
|
||||
#ifndef NSS_DISABLE_TLS_1_3
|
||||
INSTANTIATE_CIPHER_TEST_P(TLS13, All, V13,
|
||||
::testing::ValuesIn(kFasterDHEGroups),
|
||||
- ::testing::ValuesIn(kSignatureSchemesParamsArr),
|
||||
+ ::testing::ValuesIn(kSignatureSchemesParamsArrTls13),
|
||||
TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256,
|
||||
TLS_AES_256_GCM_SHA384);
|
||||
INSTANTIATE_CIPHER_TEST_P(TLS13AllGroups, All, V13,
|
||||
diff --git a/gtests/ssl_gtest/ssl_extension_unittest.cc b/gtests/ssl_gtest/ssl_extension_unittest.cc
|
||||
--- a/gtests/ssl_gtest/ssl_extension_unittest.cc
|
||||
+++ b/gtests/ssl_gtest/ssl_extension_unittest.cc
|
||||
@@ -436,14 +436,14 @@ TEST_P(TlsExtensionTest12Plus, Signature
|
||||
}
|
||||
|
||||
TEST_F(TlsExtensionTest13Stream, SignatureAlgorithmsPrecedingGarbage) {
|
||||
- // 31 unknown signature algorithms followed by sha-256, rsa
|
||||
+ // 31 unknown signature algorithms followed by sha-256, rsa-pss
|
||||
const uint8_t val[] = {
|
||||
0x00, 0x40, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x04, 0x01};
|
||||
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x08, 0x04};
|
||||
DataBuffer extension(val, sizeof(val));
|
||||
MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_signature_algorithms_xtn,
|
||||
extension);
|
||||
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
|
||||
--- a/lib/ssl/ssl3con.c
|
||||
+++ b/lib/ssl/ssl3con.c
|
||||
@@ -64,6 +64,7 @@ static SECStatus ssl3_FlushHandshakeMess
|
||||
static CK_MECHANISM_TYPE ssl3_GetHashMechanismByHashType(SSLHashType hashType);
|
||||
static CK_MECHANISM_TYPE ssl3_GetMgfMechanismByHashType(SSLHashType hash);
|
||||
PRBool ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme);
|
||||
+PRBool ssl_IsRsaPkcs1SignatureScheme(SSLSignatureScheme scheme);
|
||||
PRBool ssl_IsDsaSignatureScheme(SSLSignatureScheme scheme);
|
||||
|
||||
const PRUint8 ssl_hello_retry_random[] = {
|
||||
@@ -4101,6 +4102,9 @@ ssl_SignatureSchemeValid(SSLSignatureSch
|
||||
if (ssl_SignatureSchemeToHashType(scheme) == ssl_hash_sha1) {
|
||||
return PR_FALSE;
|
||||
}
|
||||
+ if (ssl_IsRsaPkcs1SignatureScheme(scheme)) {
|
||||
+ return PR_FALSE;
|
||||
+ }
|
||||
/* With TLS 1.3, EC keys should have been selected based on calling
|
||||
* ssl_SignatureSchemeFromSpki(), reject them otherwise. */
|
||||
return spkiOid != SEC_OID_ANSIX962_EC_PUBLIC_KEY;
|
||||
@@ -4351,6 +4355,22 @@ ssl_IsRsaPssSignatureScheme(SSLSignature
|
||||
}
|
||||
|
||||
PRBool
|
||||
+ssl_IsRsaPkcs1SignatureScheme(SSLSignatureScheme scheme)
|
||||
+{
|
||||
+ switch (scheme) {
|
||||
+ case ssl_sig_rsa_pkcs1_sha256:
|
||||
+ case ssl_sig_rsa_pkcs1_sha384:
|
||||
+ case ssl_sig_rsa_pkcs1_sha512:
|
||||
+ case ssl_sig_rsa_pkcs1_sha1:
|
||||
+ return PR_TRUE;
|
||||
+
|
||||
+ default:
|
||||
+ return PR_FALSE;
|
||||
+ }
|
||||
+ return PR_FALSE;
|
||||
+}
|
||||
+
|
||||
+PRBool
|
||||
ssl_IsDsaSignatureScheme(SSLSignatureScheme scheme)
|
||||
{
|
||||
switch (scheme) {
|
169
SOURCES/nss-drbg-continuous.patch
Normal file
169
SOURCES/nss-drbg-continuous.patch
Normal file
@ -0,0 +1,169 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1561465415 -7200
|
||||
# Tue Jun 25 14:23:35 2019 +0200
|
||||
# Node ID a0114e3d8b22d4c6ee77504c483a0fe0037f4c71
|
||||
# Parent 313dfef345bd93bc67982249bffa2cfdd5a9d1b5
|
||||
Bug 1560329, drbg: perform continuous test on entropy source
|
||||
|
||||
Summary: FIPS 140-2 section 4.9.2 requires a conditional self test to check that consecutive entropy blocks from the system are different. As neither getentropy() nor /dev/urandom provides that check on the output, this adds the self test at caller side.
|
||||
|
||||
Reviewers: rrelyea
|
||||
|
||||
Bug #: 1560329
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D35636
|
||||
|
||||
diff --git a/lib/freebl/drbg.c b/lib/freebl/drbg.c
|
||||
--- a/lib/freebl/drbg.c
|
||||
+++ b/lib/freebl/drbg.c
|
||||
@@ -30,6 +30,7 @@
|
||||
#define PRNG_ADDITONAL_DATA_CACHE_SIZE (8 * 1024) /* must be less than \
|
||||
* PRNG_MAX_ADDITIONAL_BYTES \
|
||||
*/
|
||||
+#define PRNG_ENTROPY_BLOCK_SIZE SHA256_LENGTH
|
||||
|
||||
/* RESEED_COUNT is how many calls to the prng before we need to reseed
|
||||
* under normal NIST rules, you must return an error. In the NSS case, we
|
||||
@@ -96,6 +97,8 @@ struct RNGContextStr {
|
||||
PRUint32 additionalAvail;
|
||||
PRBool isValid; /* false if RNG reaches an invalid state */
|
||||
PRBool isKatTest; /* true if running NIST PRNG KAT tests */
|
||||
+ /* for continuous entropy check */
|
||||
+ PRUint8 previousEntropyHash[SHA256_LENGTH];
|
||||
};
|
||||
|
||||
typedef struct RNGContextStr RNGContext;
|
||||
@@ -169,6 +172,82 @@ prng_instantiate(RNGContext *rng, const
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
+static PRCallOnceType coRNGInitEntropy;
|
||||
+
|
||||
+static PRStatus
|
||||
+prng_initEntropy(void)
|
||||
+{
|
||||
+ size_t length;
|
||||
+ PRUint8 block[PRNG_ENTROPY_BLOCK_SIZE];
|
||||
+ SHA256Context ctx;
|
||||
+
|
||||
+ /* For FIPS 140-2 4.9.2 continuous random number generator test,
|
||||
+ * fetch the initial entropy from the system RNG and keep it for
|
||||
+ * later comparison. */
|
||||
+ length = RNG_SystemRNG(block, sizeof(block));
|
||||
+ if (length == 0) {
|
||||
+ return PR_FAILURE; /* error is already set */
|
||||
+ }
|
||||
+ PORT_Assert(length == sizeof(block));
|
||||
+
|
||||
+ /* Store the hash of the entropy block rather than the block
|
||||
+ * itself for backward secrecy. */
|
||||
+ SHA256_Begin(&ctx);
|
||||
+ SHA256_Update(&ctx, block, sizeof(block));
|
||||
+ SHA256_End(&ctx, globalrng->previousEntropyHash, NULL,
|
||||
+ sizeof(globalrng->previousEntropyHash));
|
||||
+ PORT_Memset(block, 0, sizeof(block));
|
||||
+ return PR_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static SECStatus
|
||||
+prng_getEntropy(PRUint8 *buffer, size_t requestLength)
|
||||
+{
|
||||
+ size_t total = 0;
|
||||
+ PRUint8 block[PRNG_ENTROPY_BLOCK_SIZE];
|
||||
+ PRUint8 hash[SHA256_LENGTH];
|
||||
+ SHA256Context ctx;
|
||||
+ SECStatus rv = SECSuccess;
|
||||
+
|
||||
+ if (PR_CallOnce(&coRNGInitEntropy, prng_initEntropy) != PR_SUCCESS) {
|
||||
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+
|
||||
+ /* For FIPS 140-2 4.9.2 continuous random generator test,
|
||||
+ * iteratively fetch fixed sized blocks from the system and
|
||||
+ * compare consecutive blocks. */
|
||||
+ while (total < requestLength) {
|
||||
+ size_t length = RNG_SystemRNG(block, sizeof(block));
|
||||
+ if (length == 0) {
|
||||
+ rv = SECFailure; /* error is already set */
|
||||
+ goto out;
|
||||
+ }
|
||||
+ PORT_Assert(length == sizeof(block));
|
||||
+
|
||||
+ /* Store the hash of the entropy block rather than the block
|
||||
+ * itself for backward secrecy. */
|
||||
+ SHA256_Begin(&ctx);
|
||||
+ SHA256_Update(&ctx, block, sizeof(block));
|
||||
+ SHA256_End(&ctx, hash, NULL, sizeof(hash));
|
||||
+
|
||||
+ if (PORT_Memcmp(globalrng->previousEntropyHash, hash, sizeof(hash)) == 0) {
|
||||
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
|
||||
+ rv = SECFailure;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ PORT_Memcpy(globalrng->previousEntropyHash, hash, sizeof(hash));
|
||||
+ length = PR_MIN(requestLength - total, sizeof(block));
|
||||
+ PORT_Memcpy(buffer, block, length);
|
||||
+ total += length;
|
||||
+ buffer += length;
|
||||
+ }
|
||||
+
|
||||
+ out:
|
||||
+ PORT_Memset(block, 0, sizeof block);
|
||||
+ return rv;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* Update the global random number generator with more seeding
|
||||
* material. Use the Hash_DRBG reseed algorithm from NIST SP-800-90
|
||||
@@ -182,11 +261,15 @@ prng_reseed(RNGContext *rng, const PRUin
|
||||
{
|
||||
PRUint8 noiseData[(sizeof rng->V_Data) + PRNG_SEEDLEN];
|
||||
PRUint8 *noise = &noiseData[0];
|
||||
+ SECStatus rv;
|
||||
|
||||
/* if entropy wasn't supplied, fetch it. (normal operation case) */
|
||||
if (entropy == NULL) {
|
||||
- entropy_len = (unsigned int)RNG_SystemRNG(
|
||||
- &noiseData[sizeof rng->V_Data], PRNG_SEEDLEN);
|
||||
+ entropy_len = PRNG_SEEDLEN;
|
||||
+ rv = prng_getEntropy(&noiseData[sizeof rng->V_Data], entropy_len);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ return SECFailure; /* error is already set */
|
||||
+ }
|
||||
} else {
|
||||
/* NOTE: this code is only available for testing, not to applications */
|
||||
/* if entropy was too big for the stack variable, get it from malloc */
|
||||
@@ -384,7 +467,6 @@ static PRStatus
|
||||
rng_init(void)
|
||||
{
|
||||
PRUint8 bytes[PRNG_SEEDLEN * 2]; /* entropy + nonce */
|
||||
- unsigned int numBytes;
|
||||
SECStatus rv = SECSuccess;
|
||||
|
||||
if (globalrng == NULL) {
|
||||
@@ -403,18 +485,17 @@ rng_init(void)
|
||||
}
|
||||
|
||||
/* Try to get some seed data for the RNG */
|
||||
- numBytes = (unsigned int)RNG_SystemRNG(bytes, sizeof bytes);
|
||||
- PORT_Assert(numBytes == 0 || numBytes == sizeof bytes);
|
||||
- if (numBytes != 0) {
|
||||
+ rv = prng_getEntropy(bytes, sizeof bytes);
|
||||
+ if (rv == SECSuccess) {
|
||||
/* if this is our first call, instantiate, otherwise reseed
|
||||
* prng_instantiate gets a new clean state, we want to mix
|
||||
* any previous entropy we may have collected */
|
||||
if (V(globalrng)[0] == 0) {
|
||||
- rv = prng_instantiate(globalrng, bytes, numBytes);
|
||||
+ rv = prng_instantiate(globalrng, bytes, sizeof bytes);
|
||||
} else {
|
||||
- rv = prng_reseed_test(globalrng, bytes, numBytes, NULL, 0);
|
||||
+ rv = prng_reseed_test(globalrng, bytes, sizeof bytes, NULL, 0);
|
||||
}
|
||||
- memset(bytes, 0, numBytes);
|
||||
+ memset(bytes, 0, sizeof bytes);
|
||||
} else {
|
||||
PZ_DestroyLock(globalrng->lock);
|
||||
globalrng->lock = NULL;
|
13
SOURCES/nss-dso-ldflags.patch
Normal file
13
SOURCES/nss-dso-ldflags.patch
Normal file
@ -0,0 +1,13 @@
|
||||
Index: nss/coreconf/Linux.mk
|
||||
===================================================================
|
||||
--- nss.orig/coreconf/Linux.mk
|
||||
+++ nss/coreconf/Linux.mk
|
||||
@@ -144,7 +144,7 @@ ifdef USE_PTHREADS
|
||||
endif
|
||||
|
||||
DSO_CFLAGS = -fPIC
|
||||
-DSO_LDOPTS = -shared $(ARCHFLAG) -Wl,--gc-sections
|
||||
+DSO_LDOPTS = -shared $(ARCHFLAG) -Wl,--gc-sections $(DSO_LDFLAGS)
|
||||
# The linker on Red Hat Linux 7.2 and RHEL 2.1 (GNU ld version 2.11.90.0.8)
|
||||
# incorrectly reports undefined references in the libraries we link with, so
|
||||
# we don't use -z defs there.
|
30
SOURCES/nss-fips-disable-tls13.patch
Normal file
30
SOURCES/nss-fips-disable-tls13.patch
Normal file
@ -0,0 +1,30 @@
|
||||
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
|
||||
--- a/lib/ssl/sslsock.c
|
||||
+++ b/lib/ssl/sslsock.c
|
||||
@@ -2382,16 +2382,26 @@ ssl3_CreateOverlapWithPolicy(SSLProtocol
|
||||
rv = ssl3_GetEffectiveVersionPolicy(protocolVariant,
|
||||
&effectivePolicyBoundary);
|
||||
if (rv == SECFailure) {
|
||||
/* SECFailure means internal failure or invalid configuration. */
|
||||
overlap->min = overlap->max = SSL_LIBRARY_VERSION_NONE;
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
+ /* TODO: TLSv1.3 doesn't work yet under FIPS mode */
|
||||
+ if (PK11_IsFIPS()) {
|
||||
+ if (effectivePolicyBoundary.min >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
+ effectivePolicyBoundary.min = SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
+ }
|
||||
+ if (effectivePolicyBoundary.max >= SSL_LIBRARY_VERSION_TLS_1_3) {
|
||||
+ effectivePolicyBoundary.max = SSL_LIBRARY_VERSION_TLS_1_2;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
vrange.min = PR_MAX(input->min, effectivePolicyBoundary.min);
|
||||
vrange.max = PR_MIN(input->max, effectivePolicyBoundary.max);
|
||||
|
||||
if (vrange.max < vrange.min) {
|
||||
/* there was no overlap, turn off range altogether */
|
||||
overlap->min = overlap->max = SSL_LIBRARY_VERSION_NONE;
|
||||
return SECFailure;
|
||||
}
|
81
SOURCES/nss-fipstest-tls12-prf.patch
Normal file
81
SOURCES/nss-fipstest-tls12-prf.patch
Normal file
@ -0,0 +1,81 @@
|
||||
# HG changeset patch
|
||||
# User Tomas Mraz <tmraz@fedoraproject.org>
|
||||
# Date 1560861770 -7200
|
||||
# Tue Jun 18 14:42:50 2019 +0200
|
||||
# Node ID 6ef49fe67d6227a1d290da5537ec0dade379a15a
|
||||
# Parent ebc93d6daeaa9001d31fd18b5199779da99ae9aa
|
||||
Bug 1559906, fipstest: use CKM_TLS12_MASTER_KEY_DERIVE in TLS test, r=rrelyea
|
||||
|
||||
This also lets us CAVS tests more than just SHA256.
|
||||
|
||||
diff --git a/cmd/fipstest/fipstest.c b/cmd/fipstest/fipstest.c
|
||||
--- a/cmd/fipstest/fipstest.c
|
||||
+++ b/cmd/fipstest/fipstest.c
|
||||
@@ -6669,12 +6669,13 @@ tls(char *reqfn)
|
||||
|
||||
CK_MECHANISM master_mech = { CKM_TLS_MASTER_KEY_DERIVE, NULL, 0 };
|
||||
CK_MECHANISM key_block_mech = { CKM_TLS_KEY_AND_MAC_DERIVE, NULL, 0 };
|
||||
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params;
|
||||
- CK_SSL3_KEY_MAT_PARAMS key_block_params;
|
||||
+ CK_TLS12_MASTER_KEY_DERIVE_PARAMS master_params;
|
||||
+ CK_TLS12_KEY_MAT_PARAMS key_block_params;
|
||||
CK_SSL3_KEY_MAT_OUT key_material;
|
||||
CK_RV crv;
|
||||
|
||||
/* set up PKCS #11 parameters */
|
||||
+ master_params.prfHashMechanism = CKM_SHA256;
|
||||
master_params.pVersion = NULL;
|
||||
master_params.RandomInfo.pClientRandom = clientHello_random;
|
||||
master_params.RandomInfo.ulClientRandomLen = sizeof(clientHello_random);
|
||||
@@ -6682,6 +6683,7 @@ tls(char *reqfn)
|
||||
master_params.RandomInfo.ulServerRandomLen = sizeof(serverHello_random);
|
||||
master_mech.pParameter = (void *)&master_params;
|
||||
master_mech.ulParameterLen = sizeof(master_params);
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA256;
|
||||
key_block_params.ulMacSizeInBits = 0;
|
||||
key_block_params.ulKeySizeInBits = 0;
|
||||
key_block_params.ulIVSizeInBits = 0;
|
||||
@@ -6724,13 +6726,39 @@ tls(char *reqfn)
|
||||
if (buf[0] == '[') {
|
||||
if (strncmp(buf, "[TLS", 4) == 0) {
|
||||
if (buf[7] == '0') {
|
||||
+ /* CK_SSL3_MASTER_KEY_DERIVE_PARAMS is a subset of
|
||||
+ * CK_TLS12_MASTER_KEY_DERIVE_PARAMS and
|
||||
+ * CK_SSL3_KEY_MAT_PARAMS is a subset of
|
||||
+ * CK_TLS12_KEY_MAT_PARAMS. The latter params have
|
||||
+ * an extra prfHashMechanism field at the end. */
|
||||
master_mech.mechanism = CKM_TLS_MASTER_KEY_DERIVE;
|
||||
key_block_mech.mechanism = CKM_TLS_KEY_AND_MAC_DERIVE;
|
||||
+ master_mech.ulParameterLen = sizeof(CK_SSL3_MASTER_KEY_DERIVE_PARAMS);
|
||||
+ key_block_mech.ulParameterLen = sizeof(CK_SSL3_KEY_MAT_PARAMS);
|
||||
} else if (buf[7] == '2') {
|
||||
- master_mech.mechanism =
|
||||
- CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256;
|
||||
- key_block_mech.mechanism =
|
||||
- CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256;
|
||||
+ if (strncmp(&buf[10], "SHA-1", 5) == 0) {
|
||||
+ master_params.prfHashMechanism = CKM_SHA_1;
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA_1;
|
||||
+ } else if (strncmp(&buf[10], "SHA-224", 7) == 0) {
|
||||
+ master_params.prfHashMechanism = CKM_SHA224;
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA224;
|
||||
+ } else if (strncmp(&buf[10], "SHA-256", 7) == 0) {
|
||||
+ master_params.prfHashMechanism = CKM_SHA256;
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA256;
|
||||
+ } else if (strncmp(&buf[10], "SHA-384", 7) == 0) {
|
||||
+ master_params.prfHashMechanism = CKM_SHA384;
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA384;
|
||||
+ } else if (strncmp(&buf[10], "SHA-512", 7) == 0) {
|
||||
+ master_params.prfHashMechanism = CKM_SHA512;
|
||||
+ key_block_params.prfHashMechanism = CKM_SHA512;
|
||||
+ } else {
|
||||
+ fprintf(tlsresp, "ERROR: Unable to find prf Hash type");
|
||||
+ goto loser;
|
||||
+ }
|
||||
+ master_mech.mechanism = CKM_TLS12_MASTER_KEY_DERIVE;
|
||||
+ key_block_mech.mechanism = CKM_TLS12_KEY_AND_MAC_DERIVE;
|
||||
+ master_mech.ulParameterLen = sizeof(master_params);
|
||||
+ key_block_mech.ulParameterLen = sizeof(key_block_params);
|
||||
} else {
|
||||
fprintf(stderr, "Unknown TLS type %x\n",
|
||||
(unsigned int)buf[0]);
|
4513
SOURCES/nss-ike-patch.patch
Normal file
4513
SOURCES/nss-ike-patch.patch
Normal file
File diff suppressed because it is too large
Load Diff
127
SOURCES/nss-input-check.patch
Normal file
127
SOURCES/nss-input-check.patch
Normal file
@ -0,0 +1,127 @@
|
||||
# HG changeset patch
|
||||
# User Martin Thomson <mt@lowentropy.net>
|
||||
# Date 1560498951 0
|
||||
# Fri Jun 14 07:55:51 2019 +0000
|
||||
# Branch NSS_3_44_BRANCH
|
||||
# Node ID fb9932d6e083322e7b5dfcd3d6e67477e0bb075a
|
||||
# Parent 876bca2723a1f969422edc93e7504420d8331d3c
|
||||
Bug 1515342 - More thorough input checking, r=jcj
|
||||
|
||||
All part of applying better discipline throughout.
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D33736
|
||||
|
||||
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
|
||||
--- a/lib/cryptohi/seckey.c
|
||||
+++ b/lib/cryptohi/seckey.c
|
||||
@@ -639,6 +639,11 @@ seckey_ExtractPublicKey(const CERTSubjec
|
||||
return pubk;
|
||||
break;
|
||||
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
|
||||
+ /* A basic sanity check on inputs. */
|
||||
+ if (spki->algorithm.parameters.len == 0 || newOs.len == 0) {
|
||||
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
|
||||
+ break;
|
||||
+ }
|
||||
pubk->keyType = ecKey;
|
||||
pubk->u.ec.size = 0;
|
||||
|
||||
diff --git a/lib/freebl/dh.c b/lib/freebl/dh.c
|
||||
--- a/lib/freebl/dh.c
|
||||
+++ b/lib/freebl/dh.c
|
||||
@@ -210,7 +210,8 @@ DH_Derive(SECItem *publicValue,
|
||||
unsigned int len = 0;
|
||||
unsigned int nb;
|
||||
unsigned char *secret = NULL;
|
||||
- if (!publicValue || !prime || !privateValue || !derivedSecret) {
|
||||
+ if (!publicValue || !publicValue->len || !prime || !prime->len ||
|
||||
+ !privateValue || !privateValue->len || !derivedSecret) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
diff --git a/lib/freebl/ec.c b/lib/freebl/ec.c
|
||||
--- a/lib/freebl/ec.c
|
||||
+++ b/lib/freebl/ec.c
|
||||
@@ -202,8 +202,8 @@ ec_NewKey(ECParams *ecParams, ECPrivateK
|
||||
#endif
|
||||
MP_DIGITS(&k) = 0;
|
||||
|
||||
- if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0) ||
|
||||
- !ecParams->name) {
|
||||
+ if (!ecParams || ecParams->name == ECCurve_noName ||
|
||||
+ !privKey || !privKeyBytes || privKeyLen <= 0) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -391,7 +391,7 @@ EC_NewKey(ECParams *ecParams, ECPrivateK
|
||||
int len;
|
||||
unsigned char *privKeyBytes = NULL;
|
||||
|
||||
- if (!ecParams) {
|
||||
+ if (!ecParams || ecParams->name == ECCurve_noName || !privKey) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -430,7 +430,8 @@ EC_ValidatePublicKey(ECParams *ecParams,
|
||||
mp_err err = MP_OKAY;
|
||||
int len;
|
||||
|
||||
- if (!ecParams || !publicValue || !ecParams->name) {
|
||||
+ if (!ecParams || ecParams->name == ECCurve_noName ||
|
||||
+ !publicValue || !publicValue->len) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
@@ -536,8 +537,9 @@ ECDH_Derive(SECItem *publicValue,
|
||||
int i;
|
||||
#endif
|
||||
|
||||
- if (!publicValue || !ecParams || !privateValue || !derivedSecret ||
|
||||
- !ecParams->name) {
|
||||
+ if (!publicValue || !publicValue->len ||
|
||||
+ !ecParams || ecParams->name == ECCurve_noName ||
|
||||
+ !privateValue || !privateValue->len || !derivedSecret) {
|
||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||
return SECFailure;
|
||||
}
|
||||
diff --git a/lib/util/quickder.c b/lib/util/quickder.c
|
||||
--- a/lib/util/quickder.c
|
||||
+++ b/lib/util/quickder.c
|
||||
@@ -757,6 +757,13 @@ DecodeItem(void* dest,
|
||||
}
|
||||
|
||||
case SEC_ASN1_BIT_STRING: {
|
||||
+ /* Can't be 8 or more spare bits, or any spare bits
|
||||
+ * if there are no octets. */
|
||||
+ if (temp.data[0] >= 8 || (temp.data[0] > 0 && temp.len == 1)) {
|
||||
+ PORT_SetError(SEC_ERROR_BAD_DER);
|
||||
+ rv = SECFailure;
|
||||
+ break;
|
||||
+ }
|
||||
/* change the length in the SECItem to be the number
|
||||
of bits */
|
||||
temp.len = (temp.len - 1) * 8 - (temp.data[0] & 0x7);
|
||||
# HG changeset patch
|
||||
# User Kevin Jacobs <kjacobs@mozilla.com>
|
||||
# Date 1561145635 0
|
||||
# Fri Jun 21 19:33:55 2019 +0000
|
||||
# Branch NSS_3_44_BRANCH
|
||||
# Node ID 416a8f7cf8986103b4d74694aac1198edbb08b3e
|
||||
# Parent fb9932d6e083322e7b5dfcd3d6e67477e0bb075a
|
||||
Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D35565
|
||||
|
||||
diff --git a/gtests/pk11_gtest/pk11_curve25519_unittest.cc b/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
||||
--- a/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
||||
+++ b/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
||||
@@ -40,6 +40,9 @@ class Pkcs11Curve25519Test
|
||||
|
||||
ScopedCERTSubjectPublicKeyInfo certSpki(
|
||||
SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem));
|
||||
+ if (!expect_success && !certSpki) {
|
||||
+ return;
|
||||
+ }
|
||||
ASSERT_TRUE(certSpki);
|
||||
|
||||
ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(certSpki.get()));
|
143
SOURCES/nss-leading-zero.patch
Normal file
143
SOURCES/nss-leading-zero.patch
Normal file
@ -0,0 +1,143 @@
|
||||
# HG changeset patch
|
||||
# User Kevin Jacobs <kjacobs@mozilla.com>
|
||||
# Date 1560499074 0
|
||||
# Fri Jun 14 07:57:54 2019 +0000
|
||||
# Branch NSS_3_44_BRANCH
|
||||
# Node ID 876bca2723a1f969422edc93e7504420d8331d3c
|
||||
# Parent 20671f860c2619dc27208d64a84a759fdffc5ed1
|
||||
Bug 1540541 - Don't unnecessarily strip leading 0's from key material during PKCS11 import. r=jcj,mt
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D31671
|
||||
|
||||
diff --git a/lib/freebl/ecl/ecp_25519.c b/lib/freebl/ecl/ecp_25519.c
|
||||
--- a/lib/freebl/ecl/ecp_25519.c
|
||||
+++ b/lib/freebl/ecl/ecp_25519.c
|
||||
@@ -114,6 +114,9 @@ ec_Curve25519_pt_mul(SECItem *X, SECItem
|
||||
}
|
||||
px = P->data;
|
||||
}
|
||||
+ if (k->len != 32) {
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
|
||||
SECStatus rv = ec_Curve25519_mul(X->data, k->data, px);
|
||||
if (NSS_SecureMemcmpZero(X->data, X->len) == 0) {
|
||||
diff --git a/lib/pk11wrap/pk11akey.c b/lib/pk11wrap/pk11akey.c
|
||||
--- a/lib/pk11wrap/pk11akey.c
|
||||
+++ b/lib/pk11wrap/pk11akey.c
|
||||
@@ -190,7 +190,6 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
|
||||
attrs++;
|
||||
PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
|
||||
attrs++;
|
||||
- signedattr = attrs;
|
||||
PK11_SETATTRS(attrs, CKA_EC_PARAMS,
|
||||
pubKey->u.ec.DEREncodedParams.data,
|
||||
pubKey->u.ec.DEREncodedParams.len);
|
||||
@@ -222,12 +221,14 @@ PK11_ImportPublicKey(PK11SlotInfo *slot,
|
||||
PORT_SetError(SEC_ERROR_BAD_KEY);
|
||||
return CK_INVALID_HANDLE;
|
||||
}
|
||||
-
|
||||
templateCount = attrs - theTemplate;
|
||||
- signedcount = attrs - signedattr;
|
||||
PORT_Assert(templateCount <= (sizeof(theTemplate) / sizeof(CK_ATTRIBUTE)));
|
||||
- for (attrs = signedattr; signedcount; attrs++, signedcount--) {
|
||||
- pk11_SignedToUnsigned(attrs);
|
||||
+ if (pubKey->keyType != ecKey) {
|
||||
+ PORT_Assert(signedattr);
|
||||
+ signedcount = attrs - signedattr;
|
||||
+ for (attrs = signedattr; signedcount; attrs++, signedcount--) {
|
||||
+ pk11_SignedToUnsigned(attrs);
|
||||
+ }
|
||||
}
|
||||
rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
|
||||
templateCount, isToken, &objectID);
|
||||
@@ -1074,9 +1075,13 @@ pk11_loadPrivKeyWithFlags(PK11SlotInfo *
|
||||
&cktrue, &ckfalse);
|
||||
|
||||
/* Not everyone can handle zero padded key values, give
|
||||
- * them the raw data as unsigned */
|
||||
- for (ap = attrs; extra_count; ap++, extra_count--) {
|
||||
- pk11_SignedToUnsigned(ap);
|
||||
+ * them the raw data as unsigned. The exception is EC,
|
||||
+ * where the values are encoded or zero-preserving
|
||||
+ * per-RFC5915 */
|
||||
+ if (privKey->keyType != ecKey) {
|
||||
+ for (ap = attrs; extra_count; ap++, extra_count--) {
|
||||
+ pk11_SignedToUnsigned(ap);
|
||||
+ }
|
||||
}
|
||||
|
||||
/* now Store the puppies */
|
||||
diff --git a/lib/pk11wrap/pk11cert.c b/lib/pk11wrap/pk11cert.c
|
||||
--- a/lib/pk11wrap/pk11cert.c
|
||||
+++ b/lib/pk11wrap/pk11cert.c
|
||||
@@ -184,7 +184,9 @@ PK11_IsUserCert(PK11SlotInfo *slot, CERT
|
||||
SECKEY_DestroyPublicKey(pubKey);
|
||||
return PR_FALSE;
|
||||
}
|
||||
- pk11_SignedToUnsigned(&theTemplate);
|
||||
+ if (pubKey->keyType != ecKey) {
|
||||
+ pk11_SignedToUnsigned(&theTemplate);
|
||||
+ }
|
||||
if (pk11_FindObjectByTemplate(slot, &theTemplate, 1) != CK_INVALID_HANDLE) {
|
||||
SECKEY_DestroyPublicKey(pubKey);
|
||||
return PR_TRUE;
|
||||
diff --git a/lib/pk11wrap/pk11pk12.c b/lib/pk11wrap/pk11pk12.c
|
||||
--- a/lib/pk11wrap/pk11pk12.c
|
||||
+++ b/lib/pk11wrap/pk11pk12.c
|
||||
@@ -505,7 +505,7 @@ PK11_ImportAndReturnPrivateKey(PK11SlotI
|
||||
}
|
||||
PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len);
|
||||
attrs++;
|
||||
- signedattr = attrs;
|
||||
+ /* No signed attrs for EC */
|
||||
/* curveOID always is a copy of AlgorithmID.parameters. */
|
||||
PK11_SETATTRS(attrs, CKA_EC_PARAMS, lpk->u.ec.curveOID.data,
|
||||
lpk->u.ec.curveOID.len);
|
||||
@@ -523,11 +523,12 @@ PK11_ImportAndReturnPrivateKey(PK11SlotI
|
||||
}
|
||||
templateCount = attrs - theTemplate;
|
||||
PORT_Assert(templateCount <= sizeof(theTemplate) / sizeof(CK_ATTRIBUTE));
|
||||
- PORT_Assert(signedattr != NULL);
|
||||
- signedcount = attrs - signedattr;
|
||||
-
|
||||
- for (ap = signedattr; signedcount; ap++, signedcount--) {
|
||||
- pk11_SignedToUnsigned(ap);
|
||||
+ if (lpk->keyType != ecKey) {
|
||||
+ PORT_Assert(signedattr);
|
||||
+ signedcount = attrs - signedattr;
|
||||
+ for (ap = signedattr; signedcount; ap++, signedcount--) {
|
||||
+ pk11_SignedToUnsigned(ap);
|
||||
+ }
|
||||
}
|
||||
|
||||
rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
|
||||
diff --git a/lib/softoken/legacydb/lgattr.c b/lib/softoken/legacydb/lgattr.c
|
||||
--- a/lib/softoken/legacydb/lgattr.c
|
||||
+++ b/lib/softoken/legacydb/lgattr.c
|
||||
@@ -950,9 +950,9 @@ lg_FindECPrivateKeyAttribute(NSSLOWKEYPr
|
||||
case CKA_UNWRAP:
|
||||
return LG_CLONE_ATTR(attribute, type, lg_StaticFalseAttr);
|
||||
case CKA_VALUE:
|
||||
- return lg_CopyPrivAttrSigned(attribute, type,
|
||||
- key->u.ec.privateValue.data,
|
||||
- key->u.ec.privateValue.len, sdbpw);
|
||||
+ return lg_CopyPrivAttribute(attribute, type,
|
||||
+ key->u.ec.privateValue.data,
|
||||
+ key->u.ec.privateValue.len, sdbpw);
|
||||
case CKA_EC_PARAMS:
|
||||
return lg_CopyAttributeSigned(attribute, type,
|
||||
key->u.ec.ecParams.DEREncoding.data,
|
||||
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
|
||||
--- a/lib/softoken/pkcs11c.c
|
||||
+++ b/lib/softoken/pkcs11c.c
|
||||
@@ -7747,7 +7747,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession
|
||||
|
||||
rv = ECDH_Derive(&ecPoint, &privKey->u.ec.ecParams, &ecScalar,
|
||||
withCofactor, &tmp);
|
||||
- PORT_Free(ecScalar.data);
|
||||
+ PORT_ZFree(ecScalar.data, ecScalar.len);
|
||||
ecScalar.data = NULL;
|
||||
if (privKey != sourceKey->objectInfo) {
|
||||
nsslowkey_DestroyPrivateKey(privKey);
|
35
SOURCES/nss-module-leak.patch
Normal file
35
SOURCES/nss-module-leak.patch
Normal file
@ -0,0 +1,35 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1557150127 -7200
|
||||
# Mon May 06 15:42:07 2019 +0200
|
||||
# Node ID 438ac983bda9ec7944990d22a37877e9111caa90
|
||||
# Parent b018f3e84d87cce99a1fd81feeecb31123058687
|
||||
pk11slot: reference module from slot for finalization
|
||||
|
||||
diff --git a/lib/pk11wrap/pk11slot.c b/lib/pk11wrap/pk11slot.c
|
||||
--- a/lib/pk11wrap/pk11slot.c
|
||||
+++ b/lib/pk11wrap/pk11slot.c
|
||||
@@ -1439,6 +1439,11 @@ PK11_InitSlot(SECMODModule *mod, CK_SLOT
|
||||
slot->slotID = slotID;
|
||||
slot->isThreadSafe = mod->isThreadSafe;
|
||||
slot->hasRSAInfo = PR_FALSE;
|
||||
+ slot->module = mod; /* NOTE: we don't make a reference here because
|
||||
+ * modules have references to their slots. This
|
||||
+ * works because modules keep implicit references
|
||||
+ * from their slots, and won't unload and disappear
|
||||
+ * until all their slots have been freed */
|
||||
|
||||
if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID, &slotInfo) != CKR_OK) {
|
||||
slot->disabled = PR_TRUE;
|
||||
@@ -1448,11 +1453,6 @@ PK11_InitSlot(SECMODModule *mod, CK_SLOT
|
||||
|
||||
/* test to make sure claimed mechanism work */
|
||||
slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
|
||||
- slot->module = mod; /* NOTE: we don't make a reference here because
|
||||
- * modules have references to their slots. This
|
||||
- * works because modules keep implicit references
|
||||
- * from their slots, and won't unload and disappear
|
||||
- * until all their slots have been freed */
|
||||
(void)PK11_MakeString(NULL, slot->slot_name,
|
||||
(char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
|
||||
slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
|
24
SOURCES/nss-mpi-loop.patch
Normal file
24
SOURCES/nss-mpi-loop.patch
Normal file
@ -0,0 +1,24 @@
|
||||
# HG changeset patch
|
||||
# User Greg Rubin <rubin@amazon.com>
|
||||
# Date 1558464083 25200
|
||||
# Tue May 21 11:41:23 2019 -0700
|
||||
# Branch NSS_3_44_BRANCH
|
||||
# Node ID 1eac9016c021055018389a5cb117678ecc61782a
|
||||
# Parent 416a8f7cf8986103b4d74694aac1198edbb08b3e
|
||||
Bug 1554336 - Optimize away unneeded loop in mpi.c r=kevinjacobs,jcj
|
||||
|
||||
diff --git a/lib/freebl/mpi/mpi.c b/lib/freebl/mpi/mpi.c
|
||||
--- a/lib/freebl/mpi/mpi.c
|
||||
+++ b/lib/freebl/mpi/mpi.c
|
||||
@@ -2063,7 +2063,10 @@ s_mp_almost_inverse(const mp_int *a, con
|
||||
}
|
||||
}
|
||||
if (res >= 0) {
|
||||
- while (MP_SIGN(c) != MP_ZPOS) {
|
||||
+ if (mp_cmp_mag(c, p) >= 0) {
|
||||
+ MP_CHECKOK(mp_div(c, p, NULL, c));
|
||||
+ }
|
||||
+ if (MP_SIGN(c) != MP_ZPOS) {
|
||||
MP_CHECKOK(mp_add(c, p, c));
|
||||
}
|
||||
res = k;
|
4
SOURCES/nss-p11-kit.config
Normal file
4
SOURCES/nss-p11-kit.config
Normal file
@ -0,0 +1,4 @@
|
||||
name=p11-kit-proxy
|
||||
library=p11-kit-proxy.so
|
||||
|
||||
|
96
SOURCES/nss-post-handshake-auth-with-tickets.patch
Normal file
96
SOURCES/nss-post-handshake-auth-with-tickets.patch
Normal file
@ -0,0 +1,96 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1559121620 -7200
|
||||
# Wed May 29 11:20:20 2019 +0200
|
||||
# Node ID 29a48b604602a523defd6f9322a5adeca7e284a5
|
||||
# Parent 43a7fb4f994a31222c308113b0fccdd5480d5b8e
|
||||
Bug 1553443, send session ticket only after handshake is marked as finished
|
||||
|
||||
Reviewers: mt
|
||||
|
||||
Reviewed By: mt
|
||||
|
||||
Bug #: 1553443
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D32128
|
||||
|
||||
diff --git a/gtests/ssl_gtest/ssl_auth_unittest.cc b/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
--- a/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
+++ b/gtests/ssl_gtest/ssl_auth_unittest.cc
|
||||
@@ -537,6 +537,40 @@ TEST_F(TlsConnectStreamTls13, PostHandsh
|
||||
capture_cert_req->buffer().len()));
|
||||
}
|
||||
|
||||
+// Check if post-handshake auth still works when session tickets are enabled:
|
||||
+// https://bugzilla.mozilla.org/show_bug.cgi?id=1553443
|
||||
+TEST_F(TlsConnectStreamTls13, PostHandshakeAuthWithSessionTicketsEnabled) {
|
||||
+ EnsureTlsSetup();
|
||||
+ client_->SetupClientAuth();
|
||||
+ EXPECT_EQ(SECSuccess, SSL_OptionSet(client_->ssl_fd(),
|
||||
+ SSL_ENABLE_POST_HANDSHAKE_AUTH, PR_TRUE));
|
||||
+ EXPECT_EQ(SECSuccess, SSL_OptionSet(client_->ssl_fd(),
|
||||
+ SSL_ENABLE_SESSION_TICKETS, PR_TRUE));
|
||||
+ EXPECT_EQ(SECSuccess, SSL_OptionSet(server_->ssl_fd(),
|
||||
+ SSL_ENABLE_SESSION_TICKETS, PR_TRUE));
|
||||
+ size_t called = 0;
|
||||
+ server_->SetAuthCertificateCallback(
|
||||
+ [&called](TlsAgent*, PRBool, PRBool) -> SECStatus {
|
||||
+ called++;
|
||||
+ return SECSuccess;
|
||||
+ });
|
||||
+ Connect();
|
||||
+ EXPECT_EQ(0U, called);
|
||||
+ // Send CertificateRequest.
|
||||
+ EXPECT_EQ(SECSuccess, SSL_GetClientAuthDataHook(
|
||||
+ client_->ssl_fd(), GetClientAuthDataHook, nullptr));
|
||||
+ EXPECT_EQ(SECSuccess, SSL_SendCertificateRequest(server_->ssl_fd()))
|
||||
+ << "Unexpected error: " << PORT_ErrorToName(PORT_GetError());
|
||||
+ server_->SendData(50);
|
||||
+ client_->ReadBytes(50);
|
||||
+ client_->SendData(50);
|
||||
+ server_->ReadBytes(50);
|
||||
+ EXPECT_EQ(1U, called);
|
||||
+ ScopedCERTCertificate cert1(SSL_PeerCertificate(server_->ssl_fd()));
|
||||
+ ScopedCERTCertificate cert2(SSL_LocalCertificate(client_->ssl_fd()));
|
||||
+ EXPECT_TRUE(SECITEM_ItemsAreEqual(&cert1->derCert, &cert2->derCert));
|
||||
+}
|
||||
+
|
||||
// In TLS 1.3, the client sends its cert rejection on the
|
||||
// second flight, and since it has already received the
|
||||
// server's Finished, it transitions to complete and
|
||||
diff --git a/lib/ssl/tls13con.c b/lib/ssl/tls13con.c
|
||||
--- a/lib/ssl/tls13con.c
|
||||
+++ b/lib/ssl/tls13con.c
|
||||
@@ -4561,6 +4561,11 @@ tls13_ServerHandleFinished(sslSocket *ss
|
||||
return SECFailure;
|
||||
}
|
||||
|
||||
+ rv = tls13_FinishHandshake(ss);
|
||||
+ if (rv != SECSuccess) {
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
+
|
||||
ssl_GetXmitBufLock(ss);
|
||||
if (ss->opt.enableSessionTickets) {
|
||||
rv = tls13_SendNewSessionTicket(ss, NULL, 0);
|
||||
@@ -4573,8 +4578,7 @@ tls13_ServerHandleFinished(sslSocket *ss
|
||||
}
|
||||
}
|
||||
ssl_ReleaseXmitBufLock(ss);
|
||||
-
|
||||
- return tls13_FinishHandshake(ss);
|
||||
+ return SECSuccess;
|
||||
|
||||
loser:
|
||||
ssl_ReleaseXmitBufLock(ss);
|
||||
diff --git a/tests/ssl/sslauth.txt b/tests/ssl/sslauth.txt
|
||||
--- a/tests/ssl/sslauth.txt
|
||||
+++ b/tests/ssl/sslauth.txt
|
||||
@@ -42,6 +42,7 @@
|
||||
noECC 0 -r_-r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Require client auth on post hs (client auth)
|
||||
noECC 0 -r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Request don't require client auth on post hs (client does not provide auth)
|
||||
noECC 1 -r_-r_-r_-r_-E -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Require client auth on post hs (client does not provide auth)
|
||||
+ noECC 0 -r_-r_-r_-E_-u -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Request don't require client auth on post hs with session ticket (client auth)
|
||||
#
|
||||
# Use EC cert for client authentication
|
||||
#
|
11
SOURCES/nss-skip-sysinit-gtests.patch
Normal file
11
SOURCES/nss-skip-sysinit-gtests.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -up nss/gtests/manifest.mn.skip-sysinit-gtests nss/gtests/manifest.mn
|
||||
--- nss/gtests/manifest.mn.skip-sysinit-gtests 2019-04-26 12:55:05.979302035 +0200
|
||||
+++ nss/gtests/manifest.mn 2019-04-26 12:55:09.507228984 +0200
|
||||
@@ -27,7 +27,6 @@ NSS_SRCDIRS = \
|
||||
smime_gtest \
|
||||
softoken_gtest \
|
||||
ssl_gtest \
|
||||
- $(SYSINIT_GTEST) \
|
||||
nss_bogo_shim \
|
||||
$(NULL)
|
||||
endif
|
27
SOURCES/nss-skip-tls13-fips.patch
Normal file
27
SOURCES/nss-skip-tls13-fips.patch
Normal file
@ -0,0 +1,27 @@
|
||||
# HG changeset patch
|
||||
# User Daiki Ueno <dueno@redhat.com>
|
||||
# Date 1558341826 -7200
|
||||
# Mon May 20 10:43:46 2019 +0200
|
||||
# Node ID b447f0046807b718d2928d0e33313620d38a287a
|
||||
# Parent 02ea5f29ac3c1f1c6e6eb4b655afd9b4fc075a9e
|
||||
tests: skip TLS 1.3 tests under FIPS mode
|
||||
|
||||
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh
|
||||
--- a/tests/ssl/ssl.sh
|
||||
+++ b/tests/ssl/ssl.sh
|
||||
@@ -393,6 +393,15 @@ ssl_auth()
|
||||
echo "${testname}" | grep "TLS 1.3" > /dev/null
|
||||
TLS13=$?
|
||||
|
||||
+ # Currently TLS 1.3 tests are known to fail under FIPS mode,
|
||||
+ # because HKDF is implemented using the PKCS #11 functions
|
||||
+ # prohibited under FIPS mode.
|
||||
+ if [ "${TLS13}" -eq 0 ] && \
|
||||
+ [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then
|
||||
+ echo "$SCRIPTNAME: skipping $testname (non-FIPS only)"
|
||||
+ continue
|
||||
+ fi
|
||||
+
|
||||
if [ "${CLIENT_MODE}" = "fips" -a "${CAUTH}" -eq 0 ] ; then
|
||||
echo "$SCRIPTNAME: skipping $testname (non-FIPS only)"
|
||||
elif [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then
|
116
SOURCES/nss-softokn-config.in
Normal file
116
SOURCES/nss-softokn-config.in
Normal file
@ -0,0 +1,116 @@
|
||||
#!/bin/sh
|
||||
|
||||
prefix=@prefix@
|
||||
|
||||
major_version=@MOD_MAJOR_VERSION@
|
||||
minor_version=@MOD_MINOR_VERSION@
|
||||
patch_version=@MOD_PATCH_VERSION@
|
||||
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: nss-softokn-config [OPTIONS] [LIBRARIES]
|
||||
Options:
|
||||
[--prefix[=DIR]]
|
||||
[--exec-prefix[=DIR]]
|
||||
[--includedir[=DIR]]
|
||||
[--libdir[=DIR]]
|
||||
[--version]
|
||||
[--libs]
|
||||
[--cflags]
|
||||
Dynamic Libraries:
|
||||
softokn3 - Requires full dynamic linking
|
||||
freebl3 - for internal use only (and glibc for self-integrity check)
|
||||
nssdbm3 - for internal use only
|
||||
Dymamically linked
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
if test $# -eq 0; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||
*) optarg= ;;
|
||||
esac
|
||||
|
||||
case $1 in
|
||||
--prefix=*)
|
||||
prefix=$optarg
|
||||
;;
|
||||
--prefix)
|
||||
echo_prefix=yes
|
||||
;;
|
||||
--exec-prefix=*)
|
||||
exec_prefix=$optarg
|
||||
;;
|
||||
--exec-prefix)
|
||||
echo_exec_prefix=yes
|
||||
;;
|
||||
--includedir=*)
|
||||
includedir=$optarg
|
||||
;;
|
||||
--includedir)
|
||||
echo_includedir=yes
|
||||
;;
|
||||
--libdir=*)
|
||||
libdir=$optarg
|
||||
;;
|
||||
--libdir)
|
||||
echo_libdir=yes
|
||||
;;
|
||||
--version)
|
||||
echo ${major_version}.${minor_version}.${patch_version}
|
||||
;;
|
||||
--cflags)
|
||||
echo_cflags=yes
|
||||
;;
|
||||
--libs)
|
||||
echo_libs=yes
|
||||
;;
|
||||
*)
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# Set variables that may be dependent upon other variables
|
||||
if test -z "$exec_prefix"; then
|
||||
exec_prefix=`pkg-config --variable=exec_prefix nss-softokn`
|
||||
fi
|
||||
if test -z "$includedir"; then
|
||||
includedir=`pkg-config --variable=includedir nss-softokn`
|
||||
fi
|
||||
if test -z "$libdir"; then
|
||||
libdir=`pkg-config --variable=libdir nss-softokn`
|
||||
fi
|
||||
|
||||
if test "$echo_prefix" = "yes"; then
|
||||
echo $prefix
|
||||
fi
|
||||
|
||||
if test "$echo_exec_prefix" = "yes"; then
|
||||
echo $exec_prefix
|
||||
fi
|
||||
|
||||
if test "$echo_includedir" = "yes"; then
|
||||
echo $includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libdir" = "yes"; then
|
||||
echo $libdir
|
||||
fi
|
||||
|
||||
if test "$echo_cflags" = "yes"; then
|
||||
echo -I$includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libs" = "yes"; then
|
||||
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||
echo $libdirs
|
||||
fi
|
||||
|
18
SOURCES/nss-softokn-dracut-module-setup.sh
Normal file
18
SOURCES/nss-softokn-dracut-module-setup.sh
Normal file
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
||||
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
||||
|
||||
check() {
|
||||
return 255
|
||||
}
|
||||
|
||||
depends() {
|
||||
return 0
|
||||
}
|
||||
|
||||
install() {
|
||||
local _dir
|
||||
|
||||
inst_libdir_file libfreeblpriv3.so libfreeblpriv3.chk \
|
||||
libfreebl3.so
|
||||
}
|
3
SOURCES/nss-softokn-dracut.conf
Normal file
3
SOURCES/nss-softokn-dracut.conf
Normal file
@ -0,0 +1,3 @@
|
||||
# turn on nss-softokn module
|
||||
|
||||
add_dracutmodules+=" nss-softokn "
|
1148
SOURCES/nss-softokn-fips-update.patch
Normal file
1148
SOURCES/nss-softokn-fips-update.patch
Normal file
File diff suppressed because it is too large
Load Diff
11
SOURCES/nss-softokn.pc.in
Normal file
11
SOURCES/nss-softokn.pc.in
Normal file
@ -0,0 +1,11 @@
|
||||
prefix=%prefix%
|
||||
exec_prefix=%exec_prefix%
|
||||
libdir=%libdir%
|
||||
includedir=%includedir%
|
||||
|
||||
Name: NSS-SOFTOKN
|
||||
Description: Network Security Services Softoken PKCS #11 Module
|
||||
Version: %SOFTOKEN_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||
Libs: -L${libdir} -lfreebl3 -lnssdbm3 -lsoftokn3
|
||||
Cflags: -I${includedir}
|
106
SOURCES/nss-sysinit-userdb.patch
Normal file
106
SOURCES/nss-sysinit-userdb.patch
Normal file
@ -0,0 +1,106 @@
|
||||
Index: nss/lib/sysinit/nsssysinit.c
|
||||
===================================================================
|
||||
--- nss.orig/lib/sysinit/nsssysinit.c
|
||||
+++ nss/lib/sysinit/nsssysinit.c
|
||||
@@ -36,41 +36,9 @@ testdir(char *dir)
|
||||
return S_ISDIR(buf.st_mode);
|
||||
}
|
||||
|
||||
-/**
|
||||
- * Append given @dir to @path and creates the directory with mode @mode.
|
||||
- * Returns 0 if successful, -1 otherwise.
|
||||
- * Assumes that the allocation for @path has sufficient space for @dir
|
||||
- * to be added.
|
||||
- */
|
||||
-static int
|
||||
-appendDirAndCreate(char *path, char *dir, mode_t mode)
|
||||
-{
|
||||
- PORT_Strcat(path, dir);
|
||||
- if (!testdir(path)) {
|
||||
- if (mkdir(path, mode)) {
|
||||
- return -1;
|
||||
- }
|
||||
- }
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-#define XDG_NSS_USER_PATH1 "/.local"
|
||||
-#define XDG_NSS_USER_PATH2 "/share"
|
||||
-#define XDG_NSS_USER_PATH3 "/pki"
|
||||
-
|
||||
#define NSS_USER_PATH1 "/.pki"
|
||||
#define NSS_USER_PATH2 "/nssdb"
|
||||
-
|
||||
-/**
|
||||
- * Return the path to user's NSS database.
|
||||
- * We search in the following dirs in order:
|
||||
- * (1) $HOME/.pki/nssdb;
|
||||
- * (2) $XDG_DATA_HOME/pki/nssdb if XDG_DATA_HOME is set;
|
||||
- * (3) $HOME/.local/share/pki/nssdb (default XDG_DATA_HOME value).
|
||||
- * If (1) does not exist, then the returned dir will be set to either
|
||||
- * (2) or (3), depending if XDG_DATA_HOME is set.
|
||||
- */
|
||||
-char *
|
||||
+static char *
|
||||
getUserDB(void)
|
||||
{
|
||||
char *userdir = PR_GetEnvSecure("HOME");
|
||||
@@ -81,47 +49,22 @@ getUserDB(void)
|
||||
}
|
||||
|
||||
nssdir = PORT_Alloc(strlen(userdir) + sizeof(NSS_USER_PATH1) + sizeof(NSS_USER_PATH2));
|
||||
+ if (nssdir == NULL) {
|
||||
+ return NULL;
|
||||
+ }
|
||||
PORT_Strcpy(nssdir, userdir);
|
||||
- PORT_Strcat(nssdir, NSS_USER_PATH1 NSS_USER_PATH2);
|
||||
- if (testdir(nssdir)) {
|
||||
- /* $HOME/.pki/nssdb exists */
|
||||
- return nssdir;
|
||||
- } else {
|
||||
- /* either $HOME/.pki or $HOME/.pki/nssdb does not exist */
|
||||
+ /* verify it exists */
|
||||
+ if (!testdir(nssdir)) {
|
||||
PORT_Free(nssdir);
|
||||
- }
|
||||
- int size = 0;
|
||||
- char *xdguserdatadir = PR_GetEnvSecure("XDG_DATA_HOME");
|
||||
- if (xdguserdatadir) {
|
||||
- size = strlen(xdguserdatadir);
|
||||
- } else {
|
||||
- size = strlen(userdir) + sizeof(XDG_NSS_USER_PATH1) + sizeof(XDG_NSS_USER_PATH2);
|
||||
- }
|
||||
- size += sizeof(XDG_NSS_USER_PATH3) + sizeof(NSS_USER_PATH2);
|
||||
-
|
||||
- nssdir = PORT_Alloc(size);
|
||||
- if (nssdir == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
-
|
||||
- if (xdguserdatadir) {
|
||||
- PORT_Strcpy(nssdir, xdguserdatadir);
|
||||
- if (!testdir(nssdir)) {
|
||||
- PORT_Free(nssdir);
|
||||
- return NULL;
|
||||
- }
|
||||
-
|
||||
- } else {
|
||||
- PORT_Strcpy(nssdir, userdir);
|
||||
- if (appendDirAndCreate(nssdir, XDG_NSS_USER_PATH1, 0755) ||
|
||||
- appendDirAndCreate(nssdir, XDG_NSS_USER_PATH2, 0755)) {
|
||||
- PORT_Free(nssdir);
|
||||
- return NULL;
|
||||
- }
|
||||
+ PORT_Strcat(nssdir, NSS_USER_PATH1);
|
||||
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
|
||||
+ PORT_Free(nssdir);
|
||||
+ return NULL;
|
||||
}
|
||||
- /* ${XDG_DATA_HOME:-$HOME/.local/share}/pki/nssdb */
|
||||
- if (appendDirAndCreate(nssdir, XDG_NSS_USER_PATH3, 0760) ||
|
||||
- appendDirAndCreate(nssdir, NSS_USER_PATH2, 0760)) {
|
||||
+ PORT_Strcat(nssdir, NSS_USER_PATH2);
|
||||
+ if (!testdir(nssdir) && mkdir(nssdir, 0760)) {
|
||||
PORT_Free(nssdir);
|
||||
return NULL;
|
||||
}
|
118
SOURCES/nss-util-config.in
Normal file
118
SOURCES/nss-util-config.in
Normal file
@ -0,0 +1,118 @@
|
||||
#!/bin/sh
|
||||
|
||||
prefix=@prefix@
|
||||
|
||||
major_version=@MOD_MAJOR_VERSION@
|
||||
minor_version=@MOD_MINOR_VERSION@
|
||||
patch_version=@MOD_PATCH_VERSION@
|
||||
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: nss-util-config [OPTIONS] [LIBRARIES]
|
||||
Options:
|
||||
[--prefix[=DIR]]
|
||||
[--exec-prefix[=DIR]]
|
||||
[--includedir[=DIR]]
|
||||
[--libdir[=DIR]]
|
||||
[--version]
|
||||
[--libs]
|
||||
[--cflags]
|
||||
Dynamic Libraries:
|
||||
nssutil
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
if test $# -eq 0; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
lib_nssutil=yes
|
||||
|
||||
while test $# -gt 0; do
|
||||
case "$1" in
|
||||
-*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
|
||||
*) optarg= ;;
|
||||
esac
|
||||
|
||||
case $1 in
|
||||
--prefix=*)
|
||||
prefix=$optarg
|
||||
;;
|
||||
--prefix)
|
||||
echo_prefix=yes
|
||||
;;
|
||||
--exec-prefix=*)
|
||||
exec_prefix=$optarg
|
||||
;;
|
||||
--exec-prefix)
|
||||
echo_exec_prefix=yes
|
||||
;;
|
||||
--includedir=*)
|
||||
includedir=$optarg
|
||||
;;
|
||||
--includedir)
|
||||
echo_includedir=yes
|
||||
;;
|
||||
--libdir=*)
|
||||
libdir=$optarg
|
||||
;;
|
||||
--libdir)
|
||||
echo_libdir=yes
|
||||
;;
|
||||
--version)
|
||||
echo ${major_version}.${minor_version}.${patch_version}
|
||||
;;
|
||||
--cflags)
|
||||
echo_cflags=yes
|
||||
;;
|
||||
--libs)
|
||||
echo_libs=yes
|
||||
;;
|
||||
*)
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# Set variables that may be dependent upon other variables
|
||||
if test -z "$exec_prefix"; then
|
||||
exec_prefix=`pkg-config --variable=exec_prefix nss-util`
|
||||
fi
|
||||
if test -z "$includedir"; then
|
||||
includedir=`pkg-config --variable=includedir nss-util`
|
||||
fi
|
||||
if test -z "$libdir"; then
|
||||
libdir=`pkg-config --variable=libdir nss-util`
|
||||
fi
|
||||
|
||||
if test "$echo_prefix" = "yes"; then
|
||||
echo $prefix
|
||||
fi
|
||||
|
||||
if test "$echo_exec_prefix" = "yes"; then
|
||||
echo $exec_prefix
|
||||
fi
|
||||
|
||||
if test "$echo_includedir" = "yes"; then
|
||||
echo $includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libdir" = "yes"; then
|
||||
echo $libdir
|
||||
fi
|
||||
|
||||
if test "$echo_cflags" = "yes"; then
|
||||
echo -I$includedir
|
||||
fi
|
||||
|
||||
if test "$echo_libs" = "yes"; then
|
||||
libdirs="-Wl,-rpath-link,$libdir -L$libdir"
|
||||
if test -n "$lib_nssutil"; then
|
||||
libdirs="$libdirs -lnssutil${major_version}"
|
||||
fi
|
||||
echo $libdirs
|
||||
fi
|
||||
|
11
SOURCES/nss-util.pc.in
Normal file
11
SOURCES/nss-util.pc.in
Normal file
@ -0,0 +1,11 @@
|
||||
prefix=%prefix%
|
||||
exec_prefix=%exec_prefix%
|
||||
libdir=%libdir%
|
||||
includedir=%includedir%
|
||||
|
||||
Name: NSS-UTIL
|
||||
Description: Network Security Services Utility Library
|
||||
Version: %NSSUTIL_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%
|
||||
Libs: -L${libdir} -lnssutil3
|
||||
Cflags: -I${includedir}
|
11
SOURCES/nss.pc.in
Normal file
11
SOURCES/nss.pc.in
Normal file
@ -0,0 +1,11 @@
|
||||
prefix=%prefix%
|
||||
exec_prefix=%exec_prefix%
|
||||
libdir=%libdir%
|
||||
includedir=%includedir%
|
||||
|
||||
Name: NSS
|
||||
Description: Network Security Services
|
||||
Version: %NSS_VERSION%
|
||||
Requires: nspr >= %NSPR_VERSION%, nss-util >= %NSSUTIL_VERSION%
|
||||
Libs: -L${libdir} -lssl3 -lsmime3 -lnss3
|
||||
Cflags: -I${includedir}
|
56
SOURCES/pkcs11.txt.xml
Normal file
56
SOURCES/pkcs11.txt.xml
Normal file
@ -0,0 +1,56 @@
|
||||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
||||
<!ENTITY date SYSTEM "date.xml">
|
||||
<!ENTITY version SYSTEM "version.xml">
|
||||
]>
|
||||
|
||||
<refentry id="pkcs11.txt">
|
||||
|
||||
<refentryinfo>
|
||||
<date>&date;</date>
|
||||
<title>Network Security Services</title>
|
||||
<productname>nss</productname>
|
||||
<productnumber>&version;</productnumber>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>pkcs11.txt</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>pkcs11.txt</refname>
|
||||
<refpurpose>NSS PKCS #11 module configuration file</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsection id="description">
|
||||
<title>Description</title>
|
||||
<para>
|
||||
The pkcs11.txt file is used to configure initialization parameters for the nss security module and optionally other pkcs #11 modules.
|
||||
</para>
|
||||
<para>
|
||||
For full documentation visit <ulink url="https://developer.mozilla.org/en-US/docs/PKCS11_Module_Specs">PKCS #11 Module Specs</ulink>.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
<refsection>
|
||||
<title>Files</title>
|
||||
<para><filename>/etc/pki/nssdb/pkcs11.txt</filename></para>
|
||||
</refsection>
|
||||
|
||||
<refsection id="authors">
|
||||
<title>Authors</title>
|
||||
<para>The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.</para>
|
||||
<para>Authors: Elio Maldonado <emaldona@redhat.com>.</para>
|
||||
</refsection>
|
||||
|
||||
<!-- don't change -->
|
||||
<refsection id="license">
|
||||
<title>LICENSE</title>
|
||||
<para>Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
</refentry>
|
||||
|
14
SOURCES/rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
Normal file
14
SOURCES/rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
Normal file
@ -0,0 +1,14 @@
|
||||
diff -up nss/lib/ssl/ssl3con.c.1185708_3des nss/lib/ssl/ssl3con.c
|
||||
--- nss/lib/ssl/ssl3con.c.1185708_3des 2018-12-11 18:28:06.736592552 +0100
|
||||
+++ nss/lib/ssl/ssl3con.c 2018-12-11 18:29:06.273314692 +0100
|
||||
@@ -106,8 +106,8 @@ static ssl3CipherSuiteCfg cipherSuites[s
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
- { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
- { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
+ { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
|
68
SOURCES/setup-nsssysinit.sh
Executable file
68
SOURCES/setup-nsssysinit.sh
Executable file
@ -0,0 +1,68 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Turns on or off the nss-sysinit module db by editing the
|
||||
# global PKCS #11 congiguration file. Displays the status.
|
||||
#
|
||||
# This script can be invoked by the user as super user.
|
||||
# It is invoked at nss-sysinit post install time with argument on.
|
||||
#
|
||||
usage()
|
||||
{
|
||||
cat <<EOF
|
||||
Usage: setup-nsssysinit [on|off]
|
||||
on - turns on nsssysinit
|
||||
off - turns off nsssysinit
|
||||
status - reports whether nsssysinit is turned on or off
|
||||
EOF
|
||||
exit $1
|
||||
}
|
||||
|
||||
# validate
|
||||
if [ $# -eq 0 ]; then
|
||||
usage 1 1>&2
|
||||
fi
|
||||
|
||||
# the system-wide configuration file
|
||||
p11conf="/etc/pki/nssdb/pkcs11.txt"
|
||||
# must exist, otherwise report it and exit with failure
|
||||
if [ ! -f $p11conf ]; then
|
||||
echo "Could not find ${p11conf}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# check if nsssysinit is currently enabled or disabled
|
||||
sysinit_enabled()
|
||||
{
|
||||
grep -q '^library=libnsssysinit' ${p11conf}
|
||||
}
|
||||
|
||||
umask 022
|
||||
case "$1" in
|
||||
on | ON )
|
||||
if sysinit_enabled; then
|
||||
exit 0
|
||||
fi
|
||||
cat ${p11conf} | \
|
||||
sed -e 's/^library=$/library=libnsssysinit.so/' \
|
||||
-e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
|
||||
${p11conf}.on
|
||||
mv ${p11conf}.on ${p11conf}
|
||||
;;
|
||||
off | OFF )
|
||||
if ! sysinit_enabled; then
|
||||
exit 0
|
||||
fi
|
||||
cat ${p11conf} | \
|
||||
sed -e 's/^library=libnsssysinit.so/library=/' \
|
||||
-e '/^NSS/s/Flags=internal,moduleDBOnly/Flags=internal/' > \
|
||||
${p11conf}.off
|
||||
mv ${p11conf}.off ${p11conf}
|
||||
;;
|
||||
status )
|
||||
echo -n 'NSS sysinit is '
|
||||
sysinit_enabled && echo 'enabled' || echo 'disabled'
|
||||
;;
|
||||
* )
|
||||
usage 1 1>&2
|
||||
;;
|
||||
esac
|
5
SOURCES/system-pkcs11.txt
Normal file
5
SOURCES/system-pkcs11.txt
Normal file
@ -0,0 +1,5 @@
|
||||
library=libnsssysinit.so
|
||||
name=NSS Internal PKCS #11 Module
|
||||
parameters=configdir='sql:/etc/pki/nssdb' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription=''
|
||||
NSS=Flags=internal,moduleDBOnly,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
|
||||
|
2334
SPECS/nss.spec
Normal file
2334
SPECS/nss.spec
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user